package com.gentics.contentnode.servlets;

import com.gentics.api.lib.etc.ObjectTransformer;
import com.gentics.contentnode.etc.NodePreferences;
import com.gentics.contentnode.runtime.NodeConfigRuntimeConfiguration;
import com.gentics.lib.etc.StringUtils;
import com.gentics.lib.log.NodeLogger;
import java.io.IOException;
import java.util.List;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/classes/com/gentics/contentnode/servlets/AccessControl.class */
public class AccessControl {
    protected String servletConfigKey;
    protected boolean commandsSecured;
    protected List allowedHosts = new Vector();
    protected NodeLogger logger = NodeLogger.getNodeLogger(getClass());
    private NodePreferences prefs = NodeConfigRuntimeConfiguration.getDefault().getNodeConfig().getDefaultPreferences();

    public AccessControl(String str) {
        this.servletConfigKey = str;
        String property = this.prefs.getProperty("contentnode.config.accesscontrol." + str + ".secured");
        String property2 = this.prefs.getProperty("contentnode.config.accesscontrol." + str + ".allowedfrom");
        property = property == null ? this.prefs.getProperty("contentnode.config.accesscontrol.default.secured") : property;
        property2 = property2 == null ? this.prefs.getProperty("contentnode.config.accesscontrol.default.allowedfrom") : property2;
        property2 = property2 == null ? "" : property2;
        this.commandsSecured = ObjectTransformer.getBoolean(property, this.commandsSecured);
        for (String str2 : StringUtils.splitString(property2, ',')) {
            this.allowedHosts.add(str2.trim());
        }
    }

    public boolean verifyAccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!this.commandsSecured) {
            return true;
        }
        this.prefs.getProperties("accesscontrol." + this.servletConfigKey + ".allowedfrom");
        if (this.allowedHosts.contains(httpServletRequest.getRemoteAddr()) || this.allowedHosts.contains(httpServletRequest.getRemoteHost())) {
            return true;
        }
        this.logger.error("Access from remote address {" + httpServletRequest.getRemoteAddr() + "} (host {" + httpServletRequest.getRemoteHost() + "}) forbidden - Allowed hosts: {" + this.allowedHosts + "} - Configuration: accesscontrol." + this.servletConfigKey + ".allowedfrom");
        try {
            httpServletResponse.sendError(403, "Access denied");
            return false;
        } catch (IOException e) {
            this.logger.error("could not add error code to response", e);
            return false;
        }
    }
}
