package org.jboss.pnc.rest;

import java.io.IOException;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
import javax.ws.rs.ext.Provider;
import org.jboss.pnc.common.Strings;
import org.jboss.pnc.facade.util.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Provider
@Priority(2)
@PreMatching
/* loaded from: input_file:rest.war:WEB-INF/classes/org/jboss/pnc/rest/SecurityConstraintFilter.class */
public class SecurityConstraintFilter implements ContainerRequestFilter {
    private Logger logger = LoggerFactory.getLogger(SecurityConstraintFilter.class);
    private static final String REQUEST_EXECUTION_START = "request-execution-start";

    @Inject
    UserService userService;

    @Override // javax.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        String upperCase = containerRequestContext.getRequest().getMethod().toUpperCase();
        String path = containerRequestContext.getUriInfo().getPath();
        if ((path.matches("/builds/ssh-credentials.*") || path.matches("/users/current.*")) && Strings.anyStringEquals(upperCase, "GET") && !this.userService.isUserLoggedIn()) {
            throw new NotAuthorizedException("Authorization required to access this resource.", new Object[0]);
        }
        if (path.matches("/.*") && Strings.anyStringEquals(upperCase, "POST", "PUT", "DELETE", "PATCH") && !this.userService.isUserLoggedIn()) {
            throw new NotAuthorizedException("Authorization required to access this resource.", new Object[0]);
        }
    }
}
