package com.googlecode.s2hibernate.struts2.plugin.interceptors;

import com.googlecode.s2hibernate.struts2.plugin.actions.HibernateManagementAction;
import com.googlecode.s2hibernate.struts2.plugin.util.Constants;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.inject.Inject;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.log4j.lf5.util.StreamUtils;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.views.jsp.iterator.IteratorGeneratorTag;
import org.hsqldb.Token;

/* loaded from: input_file:WEB-INF/lib/struts2-fullhibernatecore-plugin-1.4-GA.jar:com/googlecode/s2hibernate/struts2/plugin/interceptors/HibernateManagementInterceptor.class */
public class HibernateManagementInterceptor extends AbstractInterceptor {
    String httpAuthRoles;
    static boolean jspFileRecreated = false;
    boolean publicAccessEnabled = false;
    String validIpsHosts = "127.0.0.1";

    @Override // com.opensymphony.xwork2.interceptor.AbstractInterceptor, com.opensymphony.xwork2.interceptor.Interceptor
    public String intercept(ActionInvocation actionInvocation) throws Exception {
        createTempJSPFile(actionInvocation);
        String str = null;
        HibernateManagementAction hibernateManagementAction = (HibernateManagementAction) actionInvocation.getAction();
        if (this.publicAccessEnabled) {
            hibernateManagementAction.setPublicAccessEnabled(true);
            return actionInvocation.invoke();
        }
        if (this.httpAuthRoles == null && this.validIpsHosts == null) {
            str = hibernateManagementAction.getText("hibernateplugin.public_access_disabled");
        } else {
            if (this.httpAuthRoles != null) {
                HttpServletRequest request = ServletActionContext.getRequest();
                String[] split = this.httpAuthRoles.split(IteratorGeneratorTag.DEFAULT_SEPARATOR);
                Boolean bool = false;
                int length = split.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (request.isUserInRole(split[i])) {
                        bool = true;
                        break;
                    }
                    i++;
                }
                if (!bool.booleanValue()) {
                    str = hibernateManagementAction.getText("hibernateplugin.httpauth_error");
                }
            }
            if (this.validIpsHosts != null) {
                String remoteAddr = ServletActionContext.getRequest().getRemoteAddr();
                if (ServletActionContext.getRequest().getHeader("X-Forwarded-For") != null) {
                    remoteAddr = ServletActionContext.getRequest().getHeader("X-Forwarded-For");
                }
                String remoteHost = ServletActionContext.getRequest().getRemoteHost();
                if (remoteHost.equals(remoteAddr)) {
                    remoteHost = InetAddress.getByAddress(new byte[]{Byte.MAX_VALUE, 0, 0, 1}).getHostName();
                }
                String[] split2 = this.validIpsHosts.split(IteratorGeneratorTag.DEFAULT_SEPARATOR);
                Boolean valueOf = Boolean.valueOf(ArrayUtils.contains(split2, remoteAddr));
                Boolean valueOf2 = Boolean.valueOf(ArrayUtils.contains(split2, remoteHost));
                if (!valueOf.booleanValue() && !valueOf2.booleanValue()) {
                    str = hibernateManagementAction.getText("hibernateplugin.iphost_error");
                }
            }
        }
        if (str != null) {
            throw new SecurityException(str);
        }
        return actionInvocation.invoke();
    }

    private void createTempJSPFile(ActionInvocation actionInvocation) throws IOException {
        try {
            if (jspFileRecreated) {
                return;
            }
            FileUtils.writeByteArrayToFile(new File(String.valueOf(ServletActionContext.getRequest().getSession().getServletContext().getRealPath(Token.T_DIVIDE)) + "/WEB-INF/temp/hibernatePlugin/management.jsp"), StreamUtils.getBytes(getClass().getResourceAsStream("/com/googlecode/s2hibernate/struts2/plugin/pages/management.jsp")));
            jspFileRecreated = true;
        } catch (IOException e) {
            e.printStackTrace();
            throw new IOException("Unable to create Plugin Management JSP file. " + e.getMessage());
        }
    }

    @Inject(value = Constants.HIBERNATEPLUGIN_MANAGER_PUBLICACCESSENABLED, required = false)
    public void setPublicAccessEnabled(String str) {
        this.publicAccessEnabled = new Boolean(str).booleanValue();
    }

    public String getHttpAuthRoles() {
        return this.httpAuthRoles;
    }

    @Inject(value = Constants.HIBERNATEPLUGIN_MANAGER_HTTPAUTHROLES, required = false)
    public void setHttpAuthRoles(String str) {
        this.httpAuthRoles = str;
    }

    public String getValidIpsHosts() {
        return this.validIpsHosts;
    }

    @Inject(value = Constants.HIBERNATEPLUGIN_MANAGER_VALIDIPSHOSTS, required = false)
    public void setValidIpsHosts(String str) {
        this.validIpsHosts = str;
    }
}
