package com.googlesource.gerrit.plugins.javamelody;

import com.google.gerrit.extensions.annotations.PluginName;
import com.google.gerrit.httpd.AllRequestFilter;
import com.google.gerrit.server.CurrentUser;
import com.google.gerrit.server.account.CapabilityControl;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.bull.javamelody.MonitoringFilter;

@Singleton
/* loaded from: input_file:com/googlesource/gerrit/plugins/javamelody/GerritMonitoringFilter.class */
class GerritMonitoringFilter extends AllRequestFilter {
    private final JavamelodyFilter monitoring;
    private final Provider<CurrentUser> userProvider;
    private final String pluginName;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/googlesource/gerrit/plugins/javamelody/GerritMonitoringFilter$JavamelodyFilter.class */
    public static class JavamelodyFilter extends MonitoringFilter {
        JavamelodyFilter() {
        }

        public String getJavamelodyUrl(HttpServletRequest httpServletRequest) {
            return getMonitoringUrl(httpServletRequest);
        }
    }

    @Inject
    GerritMonitoringFilter(JavamelodyFilter javamelodyFilter, Provider<CurrentUser> provider, @PluginName String str) {
        this.monitoring = javamelodyFilter;
        this.userProvider = provider;
        this.pluginName = str;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (canMonitor((HttpServletRequest) servletRequest)) {
            this.monitoring.doFilter(servletRequest, servletResponse, filterChain);
        } else {
            httpServletResponse.sendError(403, "Forbidden access");
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.monitoring.init(filterConfig);
    }

    public void destroy() {
        this.monitoring.destroy();
    }

    private boolean canMonitor(HttpServletRequest httpServletRequest) {
        if (!httpServletRequest.getRequestURI().equals(this.monitoring.getJavamelodyUrl(httpServletRequest))) {
            return true;
        }
        if (!((CurrentUser) this.userProvider.get()).isIdentifiedUser()) {
            return false;
        }
        CapabilityControl capabilities = ((CurrentUser) this.userProvider.get()).getCapabilities();
        return capabilities.canAdministrateServer() || capabilities.canPerform(String.format("%s-%s", this.pluginName, "monitoring"));
    }
}
