package com.dotmarketing.filters;

import com.dotcms.api.web.HttpServletRequestThreadLocal;
import com.dotcms.visitor.business.VisitorAPI;
import com.dotcms.visitor.domain.Visitor;
import com.dotmarketing.beans.Host;
import com.dotmarketing.business.APILocator;
import com.dotmarketing.business.web.WebAPILocator;
import com.dotmarketing.cache.VirtualLinksCache;
import com.dotmarketing.db.DbConnectionFactory;
import com.dotmarketing.db.HibernateUtil;
import com.dotmarketing.exception.DotDataException;
import com.dotmarketing.portlets.contentlet.model.Contentlet;
import com.dotmarketing.portlets.rules.business.RulesEngine;
import com.dotmarketing.portlets.rules.model.Rule;
import com.dotmarketing.util.Config;
import com.dotmarketing.util.Logger;
import com.dotmarketing.util.NumberOfTimeVisitedCounter;
import com.dotmarketing.util.PageRequestModeUtil;
import com.dotmarketing.util.UtilMethods;
import com.dotmarketing.util.WebKeys;
import com.liferay.util.StringPool;
import com.liferay.util.Xss;
import java.io.IOException;
import java.io.StringWriter;
import java.net.URLDecoder;
import java.util.Optional;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/dotmarketing/filters/CMSFilter.class */
public class CMSFilter implements Filter {
    private final HttpServletRequestThreadLocal requestThreadLocal = HttpServletRequestThreadLocal.INSTANCE;
    String ASSET_PATH = null;
    CmsUrlUtil urlUtil = CmsUrlUtil.getInstance();
    public static final String CMS_FILTER_IDENTITY = "CMS_FILTER_IDENTITY";
    public static final String CMS_FILTER_URI_OVERRIDE = "CMS_FILTER_URLMAP_OVERRIDE";
    public static final String CMS_INDEX_PAGE = Config.getStringProperty("CMS_INDEX_PAGE", "index");
    private static VisitorAPI visitorAPI = APILocator.getVisitorAPI();

    @Deprecated
    private static Set<String> excludeList = null;

    @Deprecated
    private static final Integer mutex = new Integer(0);

    /* loaded from: input_file:com/dotmarketing/filters/CMSFilter$IAm.class */
    enum IAm {
        PAGE,
        FOLDER,
        FILE,
        VANITY_URL,
        NOTHING_IN_THE_CMS
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        this.requestThreadLocal.setRequest(httpServletRequest);
        String decode = httpServletRequest.getAttribute(CMS_FILTER_URI_OVERRIDE) != null ? (String) httpServletRequest.getAttribute(CMS_FILTER_URI_OVERRIDE) : URLDecoder.decode(httpServletRequest.getRequestURI(), "UTF-8");
        String xssCheck = xssCheck(decode, httpServletRequest.getQueryString());
        if (xssCheck != null) {
            httpServletResponse.sendRedirect(xssCheck);
            return;
        }
        IAm iAm = IAm.NOTHING_IN_THE_CMS;
        LogFactory.getLog(getClass()).debug("CMS Filter URI = " + decode);
        try {
            Host currentHost = WebAPILocator.getHostWebAPI().getCurrentHost(httpServletRequest);
            httpServletRequest.setAttribute(Contentlet.HOST_KEY, currentHost);
            if (UtilMethods.isSet(this.ASSET_PATH) && decode.startsWith(this.ASSET_PATH)) {
                httpServletResponse.sendError(403, "Forbidden");
                return;
            }
            long id = WebAPILocator.getLanguageWebAPI().getLanguage(httpServletRequest).getId();
            if (this.urlUtil.isFileAsset(decode, currentHost, Long.valueOf(id))) {
                iAm = IAm.FILE;
            } else if (this.urlUtil.isVanityUrl(decode, currentHost)) {
                iAm = IAm.VANITY_URL;
            } else if (this.urlUtil.isPageAsset(decode, currentHost, Long.valueOf(id))) {
                iAm = IAm.PAGE;
            } else if (this.urlUtil.isFolder(decode, currentHost)) {
                iAm = IAm.FOLDER;
            }
            String str = null;
            String queryString = httpServletRequest.getQueryString();
            if (iAm == IAm.VANITY_URL) {
                str = VirtualLinksCache.getPathFromCache(currentHost.getHostname() + ":" + ("/".equals(decode) ? "/cmsHomePage" : decode.endsWith("/") ? decode.substring(0, decode.length() - 1) : decode));
                if (!UtilMethods.isSet(str)) {
                    str = VirtualLinksCache.getPathFromCache("/".equals(decode) ? "/cmsHomePage" : decode.endsWith("/") ? decode.substring(0, decode.length() - 1) : decode);
                }
                if (UtilMethods.isSet(str) && str.contains("//")) {
                    httpServletResponse.sendRedirect(str);
                    closeDbSilently();
                    return;
                }
                if (UtilMethods.isSet(str)) {
                    if (str != null && str.contains(StringPool.QUESTION)) {
                        String[] split = str.split("\\?", 2);
                        str = split[0];
                        if (split.length > 1) {
                            queryString = split[1];
                        }
                    }
                    if (this.urlUtil.isFileAsset(str, currentHost, Long.valueOf(id))) {
                        iAm = IAm.FILE;
                    } else if (this.urlUtil.isPageAsset(str, currentHost, Long.valueOf(id))) {
                        iAm = IAm.PAGE;
                    } else if (this.urlUtil.isFolder(str, currentHost)) {
                        iAm = IAm.FOLDER;
                    }
                }
            }
            if (iAm == IAm.FOLDER) {
                if (!decode.endsWith("/")) {
                    String requestURI = httpServletRequest.getAttribute(CMS_FILTER_URI_OVERRIDE) != null ? (String) httpServletRequest.getAttribute(CMS_FILTER_URI_OVERRIDE) : httpServletRequest.getRequestURI();
                    if (UtilMethods.isSet(queryString)) {
                        httpServletResponse.setHeader("Location", requestURI + "/?" + queryString);
                    } else {
                        httpServletResponse.setHeader("Location", requestURI + "/");
                    }
                    httpServletResponse.setStatus(301);
                    closeDbSilently();
                    return;
                }
                str = UtilMethods.isSet(str) ? str + CMS_INDEX_PAGE : decode + CMS_INDEX_PAGE;
                if (this.urlUtil.isPageAsset(str, currentHost, Long.valueOf(id))) {
                    iAm = IAm.PAGE;
                }
            }
            if (iAm == IAm.PAGE) {
                countPageVisit(httpServletRequest);
                countSiteVisit(httpServletRequest, httpServletResponse);
            }
            String str2 = str == null ? decode : str;
            if (iAm == IAm.PAGE) {
                httpServletRequest.setAttribute(CMS_FILTER_URI_OVERRIDE, str2);
            }
            RulesEngine.fireRules(httpServletRequest, httpServletResponse, Rule.FireOn.EVERY_REQUEST);
            if (httpServletResponse.isCommitted()) {
                return;
            }
            if (iAm == IAm.FILE) {
                try {
                    StringWriter stringWriter = new StringWriter();
                    stringWriter.append((CharSequence) "/dotAsset/");
                    httpServletRequest.setAttribute(CMS_FILTER_IDENTITY, APILocator.getIdentifierAPI().find(currentHost, str2));
                    if (UtilMethods.isSet(Long.valueOf(id))) {
                        stringWriter.append('?');
                        stringWriter.append((CharSequence) ("com.dotmarketing.htmlpage.language=" + id));
                    }
                    httpServletRequest.getRequestDispatcher(stringWriter.toString()).forward(httpServletRequest, httpServletResponse);
                    return;
                } catch (DotDataException e) {
                    Logger.error(CMSFilter.class, e.getMessage(), (Throwable) e);
                    throw new IOException(e.getMessage());
                }
            }
            if (iAm != IAm.PAGE) {
                if (str2.startsWith("/contentAsset/") && httpServletResponse.isCommitted()) {
                    return;
                }
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            StringWriter stringWriter2 = new StringWriter();
            stringWriter2.append((CharSequence) "/servlets/VelocityServlet");
            if (UtilMethods.isSet(queryString)) {
                if (queryString.indexOf(WebKeys.HTMLPAGE_LANGUAGE) == -1) {
                    queryString = queryString + "&" + WebKeys.HTMLPAGE_LANGUAGE + StringPool.EQUAL + id;
                }
                stringWriter2.append('?');
                stringWriter2.append((CharSequence) queryString);
            }
            httpServletRequest.getRequestDispatcher(stringWriter2.toString()).forward(httpServletRequest, httpServletResponse);
        } catch (Exception e2) {
            Logger.error(this, "Unable to retrieve current request host for URI " + decode);
            throw new ServletException(e2.getMessage(), e2);
        }
    }

    private void countSiteVisit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession(false);
        boolean z = true;
        if (session != null) {
            z = PageRequestModeUtil.isPageMode(session);
        }
        if (z) {
            NumberOfTimeVisitedCounter.maybeCount(httpServletRequest, httpServletResponse);
        }
    }

    private void countPageVisit(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        boolean z = true;
        if (session != null) {
            z = PageRequestModeUtil.isPageMode(session);
        }
        if (z) {
            Optional<Visitor> visitor = visitorAPI.getVisitor(httpServletRequest);
            if (visitor.isPresent()) {
                visitor.get().addPagesViewed(httpServletRequest.getRequestURI());
            }
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.ASSET_PATH = APILocator.getFileAssetAPI().getRealAssetsRootPath();
    }

    @Deprecated
    private static void buildExcludeList() {
    }

    @Deprecated
    public static void addExclude(String str) {
    }

    @Deprecated
    public static void removeExclude(String str) {
    }

    public static boolean excludeURI(String str) {
        return true;
    }

    private void closeDbSilently() {
        try {
            HibernateUtil.closeSession();
            try {
                DbConnectionFactory.closeConnection();
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            try {
                DbConnectionFactory.closeConnection();
            } catch (Exception e3) {
            }
        } catch (Throwable th) {
            try {
                DbConnectionFactory.closeConnection();
            } catch (Exception e4) {
            }
            throw th;
        }
    }

    private String xssCheck(String str, String str2) throws ServletException {
        String str3 = null;
        if (Xss.URIHasXSS(str)) {
            Logger.warn(this, "XSS Found in request URI: " + str);
            try {
                str3 = Xss.encodeForURL(str);
            } catch (Exception e) {
                Logger.error(this, "Encoding failure. Unable to encode URI " + str);
                throw new ServletException(e.getMessage(), e);
            }
        } else if (str2 != null && !UtilMethods.decodeURL(str2).equals(null) && Xss.ParamsHaveXSS(str2)) {
            Logger.warn(this, "XSS Found in Query String: " + str2);
            str3 = str;
        }
        return str3;
    }
}
