package jrds.webapp;

import java.util.Collections;
import java.util.Objects;
import java.util.Set;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jrds.Configuration;
import jrds.HostsList;
import jrds.PropertiesManager;
import jrds.Util;
import org.apache.http.HttpStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/jrds-core-2023.1-webapp.jar:jrds/webapp/JrdsServlet.class */
public abstract class JrdsServlet extends HttpServlet {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) JrdsServlet.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public HostsList getHostsList() {
        return Configuration.get().getHostsList();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PropertiesManager getPropertiesManager() {
        return Configuration.get().getPropertiesManager();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ParamsBean getParamsBean(HttpServletRequest httpServletRequest, String... strArr) {
        return new ParamsBean(httpServletRequest, getHostsList(), strArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean allowed(ParamsBean paramsBean, Set<String> set) {
        if (!getPropertiesManager().security || paramsBean.getRoles().contains(getPropertiesManager().adminrole) || set.contains("ANONYMOUS")) {
            return true;
        }
        Logger logger2 = logger;
        Objects.requireNonNull(paramsBean);
        logger2.trace("Checking if roles {} in roles {}", Util.delayedFormatString(paramsBean::getRoles), set);
        logger.trace("Disjoint: {}", Util.delayedFormatString(() -> {
            return Boolean.valueOf(Collections.disjoint(set, paramsBean.getRoles()));
        }));
        return !Collections.disjoint(set, paramsBean.getRoles());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean allowed(ParamsBean paramsBean, ACL acl, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!getPropertiesManager().security) {
            return true;
        }
        Logger logger2 = logger;
        Objects.requireNonNull(httpServletRequest);
        logger2.trace("Looking if ACL {} allow access to {}", acl, Util.delayedFormatString(httpServletRequest::getServletPath));
        if (acl.check(paramsBean)) {
            return true;
        }
        httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
        return false;
    }
}
