package com.gentics.contentnode.rest.filters;

import com.gentics.contentnode.etc.NodePreferences;
import com.gentics.contentnode.runtime.NodeConfigRuntimeConfiguration;
import com.gentics.contentnode.security.AccessControlService;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.annotation.Priority;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;

@AccessControl("")
@Provider
@Priority(1000)
/* loaded from: input_file:com/gentics/contentnode/rest/filters/AccessControlFilter.class */
public class AccessControlFilter implements ContainerRequestFilter {

    @Context
    ResourceInfo resourceInfo;

    @Context
    private HttpServletRequest httpServletRequest;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        NodePreferences defaultPreferences = NodeConfigRuntimeConfiguration.getDefault().getNodeConfig().getDefaultPreferences();
        HashSet hashSet = new HashSet();
        if (this.resourceInfo.getResourceMethod() != null) {
            hashSet.addAll(getAllowedHosts(defaultPreferences, (AccessControl[]) this.resourceInfo.getResourceMethod().getAnnotationsByType(AccessControl.class)));
        }
        if (this.resourceInfo.getResourceClass() != null) {
            hashSet.addAll(getAllowedHosts(defaultPreferences, (AccessControl[]) this.resourceInfo.getResourceClass().getAnnotationsByType(AccessControl.class)));
        }
        if (hashSet.contains("ALL - YES, I know what I do !!") || this.httpServletRequest == null || AccessControlService.isIpAddressInList(this.httpServletRequest.getRemoteAddr(), hashSet) || AccessControlService.isHostInList(this.httpServletRequest.getRemoteHost(), hashSet)) {
            return;
        }
        containerRequestContext.abortWith(Response.status(Response.Status.FORBIDDEN).entity("").build());
    }

    protected Set<String> getAllowedHosts(NodePreferences nodePreferences, AccessControl[] accessControlArr) {
        HashSet hashSet = new HashSet();
        for (AccessControl accessControl : accessControlArr) {
            String[] properties = nodePreferences.getProperties("" + accessControl.value().toLowerCase());
            if (properties != null) {
                hashSet.addAll(Arrays.asList(properties));
            }
        }
        return hashSet;
    }
}
