package com.atlassian.jira.plugin.webwork;

import com.atlassian.event.api.EventPublisher;
import com.atlassian.jira.bc.whitelist.DefaultWhitelistManager;
import com.atlassian.jira.extension.Startable;
import com.atlassian.plugin.PluginAccessor;
import com.atlassian.plugin.event.PluginEventListener;
import com.atlassian.plugin.event.events.PluginModuleDisabledEvent;
import com.atlassian.plugin.event.events.PluginModuleEnabledEvent;
import com.atlassian.seraph.util.PathMapper;
import electric.xml.Document;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/atlassian/jira/plugin/webwork/WebworkPluginSecurityServiceHelper.class */
public class WebworkPluginSecurityServiceHelper implements Startable {
    private static final String ROLES_REQUIRED_ATTR = "roles-required";
    private static final String extension = "jspa";
    private final Map<String, String> rolesMap = new ConcurrentHashMap();
    private PathMapper actionMapper = new PathMapper();
    private final PluginAccessor pluginAccesor;
    private final EventPublisher eventPublisher;

    public WebworkPluginSecurityServiceHelper(PluginAccessor pluginAccessor, EventPublisher eventPublisher) {
        this.pluginAccesor = pluginAccessor;
        this.eventPublisher = eventPublisher;
    }

    @PluginEventListener
    public void onPluginModuleEnabled(PluginModuleEnabledEvent pluginModuleEnabledEvent) {
        if (pluginModuleEnabledEvent.getModule() instanceof WebworkModuleDescriptor) {
            generatePathMaps();
        }
    }

    @PluginEventListener
    public void onPluginModuleDisabled(PluginModuleDisabledEvent pluginModuleDisabledEvent) {
        if (pluginModuleDisabledEvent.getModule() instanceof WebworkModuleDescriptor) {
            generatePathMaps();
        }
    }

    private void generatePathMaps() {
        this.actionMapper = new PathMapper();
        this.rolesMap.clear();
        Iterator it = this.pluginAccesor.getEnabledModuleDescriptorsByClass(WebworkModuleDescriptor.class).iterator();
        while (it.hasNext()) {
            Document webworkDocument = ((WebworkModuleDescriptor) it.next()).getWebworkDocument();
            NodeList elementsByTagName = webworkDocument.getElementsByTagName("action");
            String overrideRoles = overrideRoles(null, webworkDocument.getDocumentElement());
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Element element = (Element) elementsByTagName.item(i);
                String attribute = element.getAttribute("name");
                String attribute2 = element.getAttribute("alias");
                String overrideRoles2 = overrideRoles(overrideRoles, element);
                if (overrideRoles2 != null) {
                    if (attribute2 != null) {
                        this.actionMapper.put(attribute2, DefaultWhitelistManager.REGEX_PREFIX + attribute2 + "." + extension);
                        this.rolesMap.put(attribute2, overrideRoles2);
                        this.actionMapper.put(attribute2 + "!*", DefaultWhitelistManager.REGEX_PREFIX + attribute2 + "!*." + extension);
                        this.rolesMap.put(attribute2 + "!*", overrideRoles2);
                    }
                    if (attribute != null) {
                        this.actionMapper.put(attribute, DefaultWhitelistManager.REGEX_PREFIX + attribute + "." + extension);
                        this.rolesMap.put(attribute, overrideRoles2);
                        this.actionMapper.put(attribute + "!*", DefaultWhitelistManager.REGEX_PREFIX + attribute + "!*." + extension);
                        this.rolesMap.put(attribute + "!*", overrideRoles2);
                    }
                }
            }
        }
    }

    private String overrideRoles(String str, Element element) {
        return element.hasAttribute(ROLES_REQUIRED_ATTR) ? element.getAttribute(ROLES_REQUIRED_ATTR) : str;
    }

    public Set<String> getRequiredRoles(HttpServletRequest httpServletRequest) {
        HashSet hashSet = new HashSet();
        String requestURI = httpServletRequest.getRequestURI();
        int lastIndexOf = requestURI.lastIndexOf(47);
        String str = this.actionMapper.get(lastIndexOf > -1 ? requestURI.substring(lastIndexOf) : requestURI);
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(this.rolesMap.get(str), ", ");
            while (stringTokenizer.hasMoreTokens()) {
                hashSet.add(stringTokenizer.nextToken());
            }
        }
        return Collections.unmodifiableSet(hashSet);
    }

    @Override // com.atlassian.jira.extension.Startable
    public void start() throws Exception {
        this.eventPublisher.register(this);
        generatePathMaps();
    }
}
