package org.marvelution.jira.plugins.jenkins.rest.filter;

import com.atlassian.jira.permission.GlobalPermissionKey;
import com.atlassian.jira.security.GlobalPermissionManager;
import com.atlassian.jira.security.JiraAuthenticationContext;
import com.atlassian.jira.user.ApplicationUser;
import com.atlassian.plugins.rest.common.security.AuthenticationRequiredException;
import com.atlassian.plugins.rest.common.security.AuthorisationException;
import com.sun.jersey.api.model.AbstractMethod;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerRequestFilter;
import com.sun.jersey.spi.container.ContainerResponseFilter;
import com.sun.jersey.spi.container.ResourceFilter;
import java.util.Objects;
import javax.ws.rs.ext.Provider;
import org.marvelution.jira.plugins.jenkins.rest.security.AdminRequired;

@Provider
/* loaded from: input_file:org/marvelution/jira/plugins/jenkins/rest/filter/AdminRequiredResourceFilter.class */
public class AdminRequiredResourceFilter implements ResourceFilter, ContainerRequestFilter {
    private final AbstractMethod abstractMethod;
    private final JiraAuthenticationContext authenticationContext;
    private final GlobalPermissionManager globalPermissionManager;

    public AdminRequiredResourceFilter(AbstractMethod abstractMethod, JiraAuthenticationContext jiraAuthenticationContext, GlobalPermissionManager globalPermissionManager) {
        this.abstractMethod = (AbstractMethod) Objects.requireNonNull(abstractMethod);
        this.authenticationContext = (JiraAuthenticationContext) Objects.requireNonNull(jiraAuthenticationContext);
        this.globalPermissionManager = (GlobalPermissionManager) Objects.requireNonNull(globalPermissionManager);
    }

    public ContainerRequestFilter getRequestFilter() {
        return this;
    }

    public ContainerResponseFilter getResponseFilter() {
        return null;
    }

    public ContainerRequest filter(ContainerRequest containerRequest) {
        if (isAdminRequired()) {
            ApplicationUser loggedInUser = this.authenticationContext.getLoggedInUser();
            if (loggedInUser == null) {
                throw new AuthenticationRequiredException();
            }
            if (!this.globalPermissionManager.hasPermission(GlobalPermissionKey.ADMINISTER, loggedInUser)) {
                throw new AuthorisationException();
            }
        }
        return containerRequest;
    }

    private boolean isAdminRequired() {
        return this.abstractMethod != null && (this.abstractMethod.isAnnotationPresent(AdminRequired.class) || this.abstractMethod.getResource().isAnnotationPresent(AdminRequired.class));
    }
}
