package org.egov.lib.rrbac.filter;

import java.io.IOException;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.egov.infra.admin.master.entity.Action;
import org.egov.infra.admin.master.entity.User;
import org.egov.infra.admin.master.service.ActionService;
import org.egov.infra.admin.master.service.UserService;
import org.egov.infra.exception.ApplicationRuntimeException;
import org.egov.infra.exception.AuthorizationException;
import org.egov.infra.script.entity.Script;
import org.egov.infra.script.service.ScriptService;
import org.egov.infra.utils.EgovThreadLocals;
import org.egov.infstr.services.PersistenceService;
import org.egov.lib.rrbac.model.AuthorizationRule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:org/egov/lib/rrbac/filter/RuleInterceptorFilter.class */
public class RuleInterceptorFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(RuleInterceptorFilter.class);
    private transient PersistenceService daoService;
    private transient PersistenceService<AuthorizationRule, Long> authRuleService;
    private transient UserService userService;

    @Autowired
    private ActionService actionService;

    @Autowired
    private ScriptService scriptExecuter;

    public void init(FilterConfig filterConfig) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.info("In RuleInterceptorFilter init");
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest.getParameter("AUTHRULE_OBJECT_ID") != null) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            for (AuthorizationRule authorizationRule : this.authRuleService.findAllByNamedQuery("authRulesByAction", new Object[]{getAction(httpServletRequest)})) {
                List ruleAuthentication = getRuleAuthentication(getCurrentUser(Long.valueOf(EgovThreadLocals.getUserId().longValue())), authorizationRule, getEntity(httpServletRequest, authorizationRule));
                if (!Boolean.valueOf(ruleAuthentication.get(0).toString()).booleanValue()) {
                    servletRequest.setAttribute("AuthRuleErrMsgKey", ruleAuthentication.get(1).toString());
                    throw new AuthorizationException(ruleAuthentication.get(1).toString());
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private List getRuleAuthentication(User user, AuthorizationRule authorizationRule, Object obj) {
        return (List) this.scriptExecuter.executeScript(authorizationRule.getScript().getName(), ScriptService.createContext(new Object[]{"object", obj, "user", user}));
    }

    public void destroy() {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.info("In RuleInterceptorFilter Destroy");
        }
    }

    public User getCurrentUser(Long l) {
        return this.userService.getUserById(l);
    }

    private Action getAction(HttpServletRequest httpServletRequest) {
        Action actionByUrlAndContextRoot;
        String parameter = httpServletRequest.getParameter("actionid");
        if (parameter == null || parameter.length() == 0) {
            String contextPath = httpServletRequest.getContextPath();
            actionByUrlAndContextRoot = this.actionService.getActionByUrlAndContextRoot(StringUtils.remove(httpServletRequest.getRequestURI(), contextPath), StringUtils.remove(contextPath, '/'));
        } else {
            actionByUrlAndContextRoot = this.actionService.getActionById(Long.valueOf(parameter));
        }
        return actionByUrlAndContextRoot;
    }

    private Object getEntity(HttpServletRequest httpServletRequest, AuthorizationRule authorizationRule) {
        List findAllBy = this.daoService.findAllBy("from " + authorizationRule.getObjectType() + " where id=?", new Object[]{Long.valueOf(httpServletRequest.getParameter("AUTHRULE_OBJECT_ID"))});
        if (findAllBy.isEmpty()) {
            throw new ApplicationRuntimeException("Object id is null to get AuthorizationRule");
        }
        return findAllBy.get(0);
    }

    public void setDaoService(PersistenceService<Script, Long> persistenceService) {
        this.daoService = persistenceService;
    }

    public void setScriptExecuter(ScriptService scriptService) {
        this.scriptExecuter = scriptService;
    }

    public void setAuthRuleService(PersistenceService<AuthorizationRule, Long> persistenceService) {
        this.authRuleService = persistenceService;
    }
}
