package com.atlassian.activeobjects.servlet;

import com.atlassian.activeobjects.admin.tables.TablesController;
import com.atlassian.sal.api.auth.LoginUriProvider;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.sal.api.user.UserProfile;
import com.atlassian.sal.api.websudo.WebSudoManager;
import com.atlassian.sal.api.websudo.WebSudoSessionException;
import com.atlassian.templaterenderer.TemplateRenderer;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.net.URI;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.xml.utils.res.XResourceBundle;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/activeobjects-plugin-3.1.7.jar:com/atlassian/activeobjects/servlet/AdminServlet.class */
public class AdminServlet extends HttpServlet {
    private static final String TEMPLATE = "templates/list-tables.vm";
    private final AdminUi adminUi;
    private final TemplateRenderer templateRenderer;
    private final TablesController tablesController;
    private final UserManager userManager;
    private WebSudoManager webSudoManager;
    private final LoginUriProvider loginUriProvider;

    public AdminServlet(AdminUi adminUi, LoginUriProvider loginUriProvider, TablesController tablesController, TemplateRenderer templateRenderer, UserManager userManager, WebSudoManager webSudoManager) {
        this.adminUi = adminUi;
        this.loginUriProvider = loginUriProvider;
        this.tablesController = tablesController;
        this.templateRenderer = templateRenderer;
        this.userManager = userManager;
        this.webSudoManager = webSudoManager;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (Strings.isNullOrEmpty(pathInfo) || !pathInfo.equals("/tables/list")) {
            httpServletResponse.sendError(404);
            return;
        }
        try {
            this.webSudoManager.willExecuteWebSudoRequest(httpServletRequest);
            UserProfile remoteUser = this.userManager.getRemoteUser(httpServletRequest);
            if (remoteUser == null) {
                sendRedirectToLogin(httpServletRequest, httpServletResponse);
                return;
            }
            if (!isUserSysAdmin(remoteUser)) {
                httpServletResponse.sendError(403);
                return;
            }
            if (!this.adminUi.isEnabled()) {
                if (AdminUi.isDevModeEnabled()) {
                    httpServletResponse.sendError(404, "The Active Objects admin UI is disabled, see the logs for more information.");
                } else {
                    httpServletResponse.sendError(404);
                }
            }
            httpServletResponse.setContentType("text/html;charset=UTF-8");
            this.templateRenderer.render(TEMPLATE, ImmutableMap.of(XResourceBundle.LANG_NUM_TABLES, this.tablesController.list()), httpServletResponse.getWriter());
        } catch (WebSudoSessionException e) {
            this.webSudoManager.enforceWebSudoProtection(httpServletRequest, httpServletResponse);
        }
    }

    private boolean isUserSysAdmin(UserProfile userProfile) {
        return userProfile != null && this.userManager.isSystemAdmin(userProfile.getUserKey());
    }

    private void sendRedirectToLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        if (!Strings.isNullOrEmpty(contextPath)) {
            requestURI = requestURI.substring(contextPath.length());
        }
        httpServletResponse.sendRedirect(this.loginUriProvider.getLoginUri(URI.create(requestURI)).toString());
    }
}
