package info.magnolia.cms.security;

import info.magnolia.cms.core.Access;
import info.magnolia.cms.security.IPSecurityManager;
import info.magnolia.context.MgnlContext;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:info/magnolia/cms/security/URISecurityFilter.class */
public class URISecurityFilter extends BaseSecurityFilter {
    private static final Logger log = LoggerFactory.getLogger(URISecurityFilter.class);
    public static final String URI_REPOSITORY = "uri";
    public static final String URI_WORKSPACE = "default";

    @Override // info.magnolia.cms.security.BaseSecurityFilter
    public boolean isAllowed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (!IPSecurityManager.Factory.getInstance().isAllowed(httpServletRequest)) {
            httpServletResponse.sendError(403);
            return false;
        }
        if (!Lock.isSystemLocked()) {
            return isAuthorized(MgnlContext.getAccessManager(URI_REPOSITORY, "default"), httpServletRequest);
        }
        httpServletResponse.sendError(503);
        return false;
    }

    protected boolean isAuthorized(AccessManager accessManager, HttpServletRequest httpServletRequest) {
        if (null == accessManager) {
            return false;
        }
        try {
            Access.isGranted(accessManager, MgnlContext.getAggregationState().getCurrentURI(), httpServletRequest.getMethod().equalsIgnoreCase("POST") ? 11L : 8L);
            return true;
        } catch (AccessDeniedException e) {
            log.debug(e.getMessage());
            return false;
        }
    }
}
