package org.jahia.bundles.provisioning.rest;

import java.io.IOException;
import javax.annotation.Priority;
import javax.jcr.RepositoryException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.usermanager.JahiaUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Priority(1000)
/* loaded from: input_file:org/jahia/bundles/provisioning/rest/AuthenticationFilter.class */
public class AuthenticationFilter implements ContainerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationFilter.class);
    private static final String REQUIRED_PERMISSION = "systemTools";

    @Context
    HttpServletRequest httpServletRequest;

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        JahiaUser currentUser = JCRSessionFactory.getInstance().getCurrentUser();
        try {
            if (JCRSessionFactory.getInstance().getCurrentUserSession().getRootNode().hasPermission(REQUIRED_PERMISSION)) {
                return;
            }
        } catch (RepositoryException e) {
            log.error("An error occurs while accessing a resource", e);
            Response.ResponseBuilder status = Response.status(Response.Status.INTERNAL_SERVER_ERROR);
            Object[] objArr = new Object[1];
            objArr[0] = e.getMessage() != null ? e.getMessage() : e;
            containerRequestContext.abortWith(status.entity(String.format("an error occured %s (see server log for more detail)", objArr)).build());
        }
        log.warn("Unauthorized access to the resource by user {}", currentUser.getUserKey());
        containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).entity(String.format("User %s is not allowed to access resource %s", currentUser.getUserKey(), this.httpServletRequest.getRequestURI())).build());
    }
}
