package org.craftercms.studio.impl.v1.web.security.access;

import java.io.IOException;
import java.util.Collection;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import net.sf.json.JSONException;
import net.sf.json.JSONObject;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.studio.api.v1.exception.ServiceLayerException;
import org.craftercms.studio.api.v1.exception.security.UserNotFoundException;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.craftercms.studio.api.v2.dal.User;
import org.springframework.http.HttpMethod;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;

/* loaded from: input_file:BOOT-INF/lib/crafter-studio-3.1.11E-classes.jar:org/craftercms/studio/impl/v1/web/security/access/StudioUserAPIAccessDecisionVoter.class */
public class StudioUserAPIAccessDecisionVoter extends StudioAbstractAccessDecisionVoter {
    private static final Logger logger = LoggerFactory.getLogger(StudioUserAPIAccessDecisionVoter.class);
    private static final String CHANGE_PASSWORD = "/api/1/services/api/1/user/change-password.json";
    private static final String CREATE = "/api/1/services/api/1/user/create.json";
    private static final String DELETE = "/api/1/services/api/1/user/delete.json";
    private static final String DISABLE = "/api/1/services/api/1/user/disable.json";
    private static final String ENABLE = "/api/1/services/api/1/user/enable.json";
    private static final String FORGOT_PASSWORD = "/api/1/services/api/1/user/forgot-password.json";
    private static final String GET = "/api/1/services/api/1/user/get.json";
    private static final String GET_ALL = "/api/1/services/api/1/user/get-all.json";
    private static final String GET_PER_SITE = "/api/1/services/api/1/user/get-per-site.json";
    private static final String LOGIN = "/api/1/services/api/1/security/login.json";
    private static final String LOGOUT = "/api/1/services/api/1/security/logout.json";
    private static final String RESET_PASSWORD = "/api/1/services/api/1/user/reset-password.json";
    private static final String SET_PASSWORD = "/api/1/services/api/1/user/set-password.json";
    private static final String STATUS = "/api/1/services/api/1/user/status.json";
    private static final String UPDATE = "/api/1/services/api/1/user/update.json";
    private static final String VALIDATE_TOKEN = "/api/1/services/api/1/user/validate-token.json";

    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    public int vote(Authentication authentication, Object obj, Collection collection) {
        int i = 0;
        String str = "";
        if (obj instanceof FilterInvocation) {
            HttpServletRequest request = ((FilterInvocation) obj).getRequest();
            str = request.getRequestURI().replace(request.getContextPath(), "");
            String parameter = request.getParameter("username");
            request.getParameter("site_id");
            if (StringUtils.isEmpty(parameter) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
                try {
                    ServletInputStream inputStream = request.getInputStream();
                    inputStream.mark(0);
                    String iOUtils = IOUtils.toString(inputStream);
                    if (StringUtils.isNoneEmpty(new CharSequence[]{iOUtils})) {
                        JSONObject fromObject = JSONObject.fromObject(iOUtils);
                        if (fromObject.has("username")) {
                            parameter = fromObject.getString("username");
                        }
                        if (fromObject.has("site_id")) {
                            fromObject.getString("site_id");
                        }
                    }
                    inputStream.reset();
                } catch (IOException | JSONException e) {
                    logger.debug("Failed to extract username from POST request", new Object[0]);
                }
            }
            User user = null;
            try {
                user = this.userServiceInternal.getUserByIdOrUsername(-1L, authentication.getPrincipal().toString());
            } catch (ClassCastException | ServiceLayerException | UserNotFoundException e2) {
                if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                    logger.info("Error getting current user", e2);
                    return 0;
                }
            }
            boolean z = -1;
            switch (str.hashCode()) {
                case -2138056654:
                    if (str.equals(VALIDATE_TOKEN)) {
                        z = 4;
                        break;
                    }
                    break;
                case -2004033367:
                    if (str.equals(DELETE)) {
                        z = 7;
                        break;
                    }
                    break;
                case -1863672901:
                    if (str.equals(RESET_PASSWORD)) {
                        z = 10;
                        break;
                    }
                    break;
                case -1773409598:
                    if (str.equals(STATUS)) {
                        z = 11;
                        break;
                    }
                    break;
                case -1455656885:
                    if (str.equals(UPDATE)) {
                        z = 15;
                        break;
                    }
                    break;
                case -1375784968:
                    if (str.equals(CREATE)) {
                        z = 6;
                        break;
                    }
                    break;
                case -1198402928:
                    if (str.equals(DISABLE)) {
                        z = 8;
                        break;
                    }
                    break;
                case -1038340314:
                    if (str.equals(GET_PER_SITE)) {
                        z = 14;
                        break;
                    }
                    break;
                case -1021058720:
                    if (str.equals(CHANGE_PASSWORD)) {
                        z = 5;
                        break;
                    }
                    break;
                case -158884850:
                    if (str.equals(GET_ALL)) {
                        z = 12;
                        break;
                    }
                    break;
                case -72431841:
                    if (str.equals(LOGOUT)) {
                        z = 2;
                        break;
                    }
                    break;
                case 366922138:
                    if (str.equals(LOGIN)) {
                        z = true;
                        break;
                    }
                    break;
                case 523860962:
                    if (str.equals(GET)) {
                        z = 13;
                        break;
                    }
                    break;
                case 555556110:
                    if (str.equals(SET_PASSWORD)) {
                        z = 3;
                        break;
                    }
                    break;
                case 1126640531:
                    if (str.equals(FORGOT_PASSWORD)) {
                        z = false;
                        break;
                    }
                    break;
                case 1983932369:
                    if (str.equals(ENABLE)) {
                        z = 9;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                case true:
                case true:
                case true:
                case true:
                    i = 1;
                    break;
                case true:
                    if (user != null && isSelf(user, parameter)) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                    break;
                case true:
                case true:
                case true:
                case true:
                case true:
                case true:
                    if (user != null && isAdmin(user)) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                    break;
                case true:
                    if (user == null) {
                        i = -1;
                        break;
                    } else {
                        i = 1;
                        break;
                    }
                case true:
                    if (user != null && (isAdmin(user) || isSelf(user, parameter) || isSiteMember(user, parameter))) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                    break;
                case true:
                    if (user != null && (isAdmin(user) || isSiteMember(user, parameter))) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                case true:
                    if (user != null && (isAdmin(user) || isSelf(user, parameter))) {
                        i = 1;
                        break;
                    } else {
                        i = -1;
                        break;
                    }
                    break;
                default:
                    i = 0;
                    break;
            }
        }
        logger.debug("Request: " + str + " - Access: " + i, new Object[0]);
        return i;
    }

    public boolean supports(Class cls) {
        return true;
    }
}
