package org.eclipse.orion.internal.server.servlets.useradmin;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.core.runtime.CoreException;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.Status;
import org.eclipse.orion.internal.server.servlets.Activator;
import org.eclipse.orion.internal.server.servlets.ServletResourceHandler;
import org.eclipse.orion.internal.server.servlets.workspace.authorization.AuthorizationService;
import org.eclipse.orion.server.core.LogHelper;
import org.eclipse.orion.server.core.OrionConfiguration;
import org.eclipse.orion.server.core.PreferenceHelper;
import org.eclipse.orion.server.core.ServerStatus;
import org.eclipse.orion.server.servlets.OrionServlet;
import org.eclipse.osgi.util.NLS;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:org/eclipse/orion/internal/server/servlets/useradmin/UserServlet.class */
public class UserServlet extends OrionServlet {
    private static final long serialVersionUID = -6809742538472682623L;
    private List<String> authorizedAccountCreators;
    private ServletResourceHandler<String> userSerializer;

    private boolean canAccess(String str, HttpServletRequest httpServletRequest) {
        try {
            return AuthorizationService.checkRights(str, new StringBuilder(String.valueOf(httpServletRequest.getServletPath())).append(httpServletRequest.getPathInfo() == null ? "" : httpServletRequest.getPathInfo()).toString(), httpServletRequest.getMethod());
        } catch (CoreException unused) {
            return false;
        }
    }

    public void init() throws ServletException {
        this.userSerializer = new ServletUserHandler(getStatusHandler());
        String string = PreferenceHelper.getString("orion.auth.user.creation", (String) null);
        if (string != null) {
            this.authorizedAccountCreators = new ArrayList();
            this.authorizedAccountCreators.addAll(Arrays.asList(string.split(",")));
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String remoteUser = httpServletRequest.getRemoteUser();
        JSONObject jSONObject = null;
        try {
            jSONObject = OrionServlet.readJSONRequest(httpServletRequest);
        } catch (JSONException unused) {
        }
        if ("POST".equals(httpServletRequest.getMethod())) {
            if (jSONObject == null || jSONObject.has("Reset")) {
                if (remoteUser == null || !canAccess(remoteUser, httpServletRequest)) {
                    handleException(httpServletResponse, (IStatus) new Status(4, Activator.PI_SERVER_SERVLETS, "Forbidden access"), 403);
                    return;
                }
            } else if (this.authorizedAccountCreators != null && !this.authorizedAccountCreators.contains(remoteUser)) {
                handleException(httpServletResponse, (IStatus) new Status(4, Activator.PI_SERVER_SERVLETS, "Forbidden access"), 403);
                return;
            }
        } else if (remoteUser == null) {
            handleException(httpServletResponse, (IStatus) new Status(4, Activator.PI_SERVER_SERVLETS, "Forbidden access"), 403);
            return;
        } else if (!canAccess(remoteUser, httpServletRequest)) {
            handleException(httpServletResponse, (IStatus) new Status(4, Activator.PI_SERVER_SERVLETS, "Forbidden access"), 403);
            return;
        }
        traceRequest(httpServletRequest);
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo != null && !pathInfo.equals("/")) {
            String str = pathInfo.split("\\/")[1];
            try {
                if (OrionConfiguration.getMetaStore().readUserByProperty("UserName", str, false, false) == null) {
                    handleException(httpServletResponse, new ServerStatus(4, 404, NLS.bind("User not found: {0}", str), (Throwable) null));
                    return;
                }
            } catch (CoreException e) {
                LogHelper.log(e);
                httpServletResponse.sendError(500, e.getMessage());
                return;
            }
        }
        if (this.userSerializer.handleRequest(httpServletRequest, httpServletResponse, pathInfo)) {
            return;
        }
        super.service(httpServletRequest, httpServletResponse);
    }
}
