package net.bull.javamelody;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:net/bull/javamelody/JiraMonitoringFilter.class */
public class JiraMonitoringFilter extends MonitoringFilter {
    private static final int SYSTEM_ADMIN = 44;
    private static final String LOGGED_IN_KEY = "seraph_defaultauthenticator_user";
    private final boolean jira = isJira();
    private final boolean confluence = isConfluence();
    private final boolean bamboo = isBamboo();

    @Override // net.bull.javamelody.MonitoringFilter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest)) {
            super.doFilter(servletRequest, servletResponse, filterChain);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (httpServletRequest.getRequestURI().equals(getMonitoringUrl(httpServletRequest))) {
            if (this.jira && !checkJiraAdminPermission(httpServletRequest, httpServletResponse)) {
                return;
            }
            if (this.confluence && !checkConfluenceAdminPermission(httpServletRequest, httpServletResponse)) {
                return;
            }
            if (this.bamboo && !checkBambooAdminPermission(httpServletRequest, httpServletResponse)) {
                return;
            }
        }
        super.doFilter(servletRequest, servletResponse, filterChain);
    }

    private boolean checkJiraAdminPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Object user = getUser(httpServletRequest);
        if (user == null) {
            httpServletResponse.sendRedirect("login.jsp?os_destination=" + getMonitoringUrl(httpServletRequest).substring(httpServletRequest.getContextPath().length()));
            return false;
        }
        if (hasJiraSystemAdminPermission(user)) {
            return true;
        }
        httpServletResponse.sendError(403, "Forbidden access");
        return false;
    }

    private boolean checkConfluenceAdminPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Object user = getUser(httpServletRequest);
        if (user == null) {
            httpServletResponse.sendRedirect("login.action?os_destination=" + getMonitoringUrl(httpServletRequest).substring(httpServletRequest.getContextPath().length()));
            return false;
        }
        if (hasConfluenceAdminPermission(user)) {
            return true;
        }
        httpServletResponse.sendError(403, "Forbidden access");
        return false;
    }

    private boolean checkBambooAdminPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Object user = getUser(httpServletRequest);
        if (user == null) {
            httpServletResponse.sendRedirect("userlogin!default.action?os_destination=" + getMonitoringUrl(httpServletRequest).substring(httpServletRequest.getContextPath().length()));
            return false;
        }
        if (hasBambooAdminPermission(user)) {
            return true;
        }
        httpServletResponse.sendError(403, "Forbidden access");
        return false;
    }

    private static boolean hasJiraSystemAdminPermission(Object obj) {
        try {
            Class<?> cls = Class.forName("com.atlassian.jira.ManagerFactory");
            Class<?> cls2 = Class.forName("com.opensymphony.user.User");
            Object invoke = cls.getMethod("getPermissionManager", new Class[0]).invoke(null, new Object[0]);
            return ((Boolean) invoke.getClass().getMethod("hasPermission", Integer.TYPE, cls2).invoke(invoke, Integer.valueOf(SYSTEM_ADMIN), obj)).booleanValue();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    private static boolean hasConfluenceAdminPermission(Object obj) {
        try {
            Class<?> cls = Class.forName("com.atlassian.spring.container.ContainerManager");
            Class<?> cls2 = Class.forName("com.atlassian.user.User");
            Object invoke = cls.getMethod("getComponent", String.class).invoke(null, "permissionManager");
            return ((Boolean) invoke.getClass().getMethod("isConfluenceAdministrator", cls2).invoke(invoke, obj)).booleanValue();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    private static boolean hasBambooAdminPermission(Object obj) {
        try {
            Object invoke = Class.forName("com.atlassian.spring.container.ContainerManager").getMethod("getComponent", String.class).invoke(null, "bambooPermissionManager");
            return ((Boolean) invoke.getClass().getMethod("hasPermission", String.class, String.class, Object.class).invoke(invoke, obj.toString(), "ADMIN", Class.forName("com.atlassian.bamboo.security.GlobalApplicationSecureObject").getField("INSTANCE").get(null))).booleanValue();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    private static Object getUser(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return session.getAttribute(LOGGED_IN_KEY);
    }

    private static boolean isJira() {
        try {
            Class.forName("com.atlassian.jira.ManagerFactory");
            return true;
        } catch (ClassNotFoundException e) {
            return false;
        }
    }

    private static boolean isConfluence() {
        try {
            Class.forName("com.atlassian.confluence.security.PermissionManager");
            return true;
        } catch (ClassNotFoundException e) {
            return false;
        }
    }

    private static boolean isBamboo() {
        try {
            Class.forName("com.atlassian.bamboo.security.BambooPermissionManager");
            return true;
        } catch (ClassNotFoundException e) {
            return false;
        }
    }
}
