package org.cricketmsf.microsite.in.cms;

import ch.qos.logback.core.CoreConstants;
import ch.qos.logback.core.joran.util.beans.BeanUtil;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.cricketmsf.RequestObject;
import org.cricketmsf.api.ResponseCode;
import org.cricketmsf.event.ProcedureCall;
import org.cricketmsf.in.http.HttpPortedAdapter;
import org.cricketmsf.microsite.event.CmsEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/cricketmsf/microsite/in/cms/ContentManagerApiHttp.class */
public class ContentManagerApiHttp extends HttpPortedAdapter {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ContentManagerApiHttp.class);
    private static final String ADMIN = "admin";
    private static final String REDACTOR = "redactor";
    private static final String LANG_REDACTOR = "redactor.";
    private String defaultLanguage;

    @Override // org.cricketmsf.in.http.HttpPortedAdapter, org.cricketmsf.in.InboundAdapter, org.cricketmsf.Adapter
    public void loadProperties(HashMap<String, String> hashMap, String str) {
        super.loadProperties(hashMap, str);
        setContext(hashMap.get(CoreConstants.CONTEXT_SCOPE_VALUE));
        this.defaultLanguage = hashMap.getOrDefault("default-language", "en");
        logger.info("\tdefault-language: {}", this.defaultLanguage);
        logger.info("\tcontext: " + getContext());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.cricketmsf.in.http.HttpPortedAdapter
    public ProcedureCall preprocess(RequestObject requestObject) {
        return "options".equalsIgnoreCase(requestObject.method) ? ProcedureCall.toRespond(200, CoreConstants.EMPTY_STRING) : BeanUtil.PREFIX_GETTER_GET.equalsIgnoreCase(requestObject.method) ? preprocessGet(requestObject) : "post".equalsIgnoreCase(requestObject.method) ? preprocessPost(requestObject) : "put".equalsIgnoreCase(requestObject.method) ? preprocessPut(requestObject) : "delete".equalsIgnoreCase(requestObject.method) ? preprocessDelete(requestObject) : ProcedureCall.toRespond(ResponseCode.METHOD_NOT_ALLOWED, CoreConstants.EMPTY_STRING);
    }

    private ProcedureCall preprocessGet(RequestObject requestObject) {
        String str = requestObject.pathExt;
        String str2 = (String) requestObject.parameters.get("pathsonly");
        String str3 = (String) requestObject.parameters.get("tagsonly");
        String str4 = (String) requestObject.parameters.get("path");
        String str5 = (String) requestObject.parameters.get("tag");
        String first = requestObject.headers.getFirst("X-user-id");
        List list = requestObject.headers.get("X-user-role");
        String str6 = (String) requestObject.parameters.get("status");
        String str7 = (String) requestObject.parameters.getOrDefault("language", this.defaultLanguage);
        HashMap hashMap = new HashMap();
        hashMap.put("pathext", str);
        hashMap.put("path", str4);
        hashMap.put("tag", str5);
        hashMap.put("userid", first);
        hashMap.put("userroles", list);
        hashMap.put("status", str6);
        hashMap.put("language", str7);
        hashMap.put("pathsonly", str2);
        hashMap.put("tagsonly", str3);
        return ProcedureCall.toForward(new CmsEvent(hashMap), 50);
    }

    private ProcedureCall preprocessPost(RequestObject requestObject) {
        String first = requestObject.headers.getFirst("X-user-id");
        List<String> list = requestObject.headers.get("X-user-role");
        return !hasAccessRights(first, list, (String) requestObject.parameters.getOrDefault("language", this.defaultLanguage)) ? ProcedureCall.toRespond(ResponseCode.FORBIDDEN, "access denied") : ProcedureCall.toForward(new CmsEvent(requestObject), 51);
    }

    private ProcedureCall preprocessPut(RequestObject requestObject) {
        String first = requestObject.headers.getFirst("X-user-id");
        List<String> list = requestObject.headers.get("X-user-role");
        return !hasAccessRights(first, list, (String) requestObject.parameters.getOrDefault("language", this.defaultLanguage)) ? ProcedureCall.toRespond(ResponseCode.FORBIDDEN, "access denied") : ProcedureCall.toForward(new CmsEvent(requestObject), 52);
    }

    private ProcedureCall preprocessDelete(RequestObject requestObject) {
        String first = requestObject.headers.getFirst("X-user-id");
        List<String> list = requestObject.headers.get("X-user-role");
        return !hasAccessRights(first, list, (String) requestObject.parameters.getOrDefault("language", this.defaultLanguage)) ? ProcedureCall.toRespond(ResponseCode.FORBIDDEN, "access denied") : ProcedureCall.toForward(new CmsEvent(requestObject), 53);
    }

    private boolean hasAccessRights(String str, List<String> list, String str2) {
        if (str == null || str.isEmpty()) {
            return false;
        }
        if (list.contains(ADMIN) || list.contains(REDACTOR)) {
            return true;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().equals("redactor." + str2)) {
                return true;
            }
        }
        return false;
    }
}
