package com.greenhat.server.container.server.dispatch;

import com.google.gwt.user.server.rpc.RemoteServiceServlet;
import com.greenhat.server.container.server.audit.AuditService;
import com.greenhat.server.container.server.audit.LoggerName;
import com.greenhat.server.container.server.context.ContextService;
import com.greenhat.server.container.server.domains.EnvironmentLockedException;
import com.greenhat.server.container.server.security.AuthenticationResponse;
import com.greenhat.server.container.server.security.AuthenticationService;
import com.greenhat.server.container.server.security.PermissionsService;
import com.greenhat.server.container.server.security.PermissionsServiceFactory;
import com.greenhat.server.container.server.util.VersionUtils;
import com.greenhat.server.container.shared.action.AuthenticationAction;
import com.greenhat.server.container.shared.action.UserInitiatedAction;
import com.greenhat.server.container.shared.audit.AuditAction;
import com.greenhat.server.container.shared.datamodel.SecurityToken;
import com.greenhat.server.container.shared.datamodel.User;
import com.greenhat.server.container.shared.dispatch.NotAuthenticatedException;
import com.greenhat.server.container.shared.dispatch.NotCapableException;
import com.greenhat.server.container.shared.dispatch.ServerSideException;
import com.greenhat.vie.comms.i18n.LocaleThreadLocal;
import com.ibm.icu.util.ULocale;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import net.customware.gwt.dispatch.client.standard.StandardDispatchService;
import net.customware.gwt.dispatch.server.ActionHandler;
import net.customware.gwt.dispatch.server.DefaultActionHandlerRegistry;
import net.customware.gwt.dispatch.server.Dispatch;
import net.customware.gwt.dispatch.server.InstanceActionHandlerRegistry;
import net.customware.gwt.dispatch.server.SimpleDispatch;
import net.customware.gwt.dispatch.shared.Action;
import net.customware.gwt.dispatch.shared.DispatchException;
import net.customware.gwt.dispatch.shared.Result;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/dispatch/DispatchServlet.class */
public class DispatchServlet extends RemoteServiceServlet implements StandardDispatchService {
    private static final Logger logger = Logger.getLogger(DispatchServlet.class.getName());
    private static final long serialVersionUID = 1;
    private ContextService contextService;
    private AuthenticationService authService;
    private PermissionsServiceFactory permissionServiceFactory;
    private AuditService auditService;
    private final Map<String, Locale> localeCache = new ConcurrentHashMap();
    private final InstanceActionHandlerRegistry registry = new DefaultActionHandlerRegistry();
    private final Dispatch dispatch = new SimpleDispatch(this.registry);

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        WebApplicationContext webApplicationContext = WebApplicationContextUtils.getWebApplicationContext(getServletContext());
        for (String str : webApplicationContext.getBeanDefinitionNames()) {
            if (str.endsWith(".handlers")) {
                for (ActionHandler actionHandler : (List) webApplicationContext.getBean(str)) {
                    if (!(actionHandler instanceof PermissionedActionHandler)) {
                        throw new IllegalArgumentException("Handler must implement PermissionedActionHandler as it must specify the permissions that it requires: " + actionHandler);
                    }
                    this.registry.addHandler(actionHandler);
                }
            }
        }
        this.contextService = (ContextService) webApplicationContext.getBean(ContextService.class);
        this.authService = (AuthenticationService) webApplicationContext.getBean(AuthenticationService.class);
        this.permissionServiceFactory = (PermissionsServiceFactory) webApplicationContext.getBean(PermissionsServiceFactory.class);
        this.auditService = ((AuditService) webApplicationContext.getBean(AuditService.class)).child(LoggerName.Security);
    }

    public Result execute(Action<?> action) throws DispatchException {
        User user;
        logger.finest("Dispatching action: " + action.getClass().getSimpleName());
        LocaleThreadLocal.unset();
        this.contextService.setUpCommandContext(User.getDefaultUser(), null);
        try {
            try {
                try {
                    com.greenhat.server.container.shared.action.Action<? extends Result> action2 = (com.greenhat.server.container.shared.action.Action) action;
                    SecurityToken securityToken = action2.getSecurityToken();
                    applyLocaleFromAction(action2);
                    if (this.authService.isUserSecurityEnabled()) {
                        AuthenticationResponse isAuthenticated = this.authService.isAuthenticated(securityToken, action instanceof UserInitiatedAction);
                        if (!isAuthenticated.isAuthenticated()) {
                            if (!(action instanceof AuthenticationAction)) {
                                throw new NotAuthenticatedException(action2, VersionUtils.getVersion());
                            }
                            Result execute = this.dispatch.execute(action);
                            clearContext();
                            return execute;
                        }
                        user = isAuthenticated.getUser();
                    } else {
                        user = User.DEFAULT_USER;
                    }
                    setContext(action, user);
                    PermissionsService permissionService = this.permissionServiceFactory.getPermissionService(action2);
                    if (!new ActionPermissionsService(permissionService, this.registry).isPermitted(action2, user)) {
                        this.auditService.log(Level.WARNING, "dispatchServlet_actionPermissionDenied", AuditAction.UNAUTHORISED_ACTION, action2.getClass().getSimpleName());
                        throw new NotCapableException(action2, permissionService.getPermissions());
                    }
                    Result execute2 = this.dispatch.execute(action);
                    clearContext();
                    return execute2;
                } catch (RuntimeException e) {
                    logger.log(Level.SEVERE, "Exception running GWT action (" + action.getClass().getName() + ") : " + e.toString(), (Throwable) e);
                    throw e;
                }
            } catch (EnvironmentLockedException e2) {
                throw new ServerSideException("Action failed: " + e2.getMessage());
            }
        } catch (Throwable th) {
            clearContext();
            throw th;
        }
    }

    private void applyLocaleFromAction(com.greenhat.server.container.shared.action.Action<Result> action) {
        String locale = action.getLocale();
        Locale locale2 = this.localeCache.get(locale);
        if (locale2 == null) {
            locale2 = ULocale.createCanonical(locale).toLocale();
            this.localeCache.put(locale, locale2);
        }
        LocaleThreadLocal.set(locale2);
    }

    private void clearContext() {
        this.contextService.clearCommandContext();
    }

    private void setContext(Action<?> action, User user) {
        com.greenhat.server.container.shared.action.Action action2 = (com.greenhat.server.container.shared.action.Action) action;
        this.contextService.setUpCommandContext(user, action2.getSecurityToken());
        action2.setCurrentUser(user);
    }
}
