package org.broadleafcommerce.openadmin.security;

import java.io.IOException;
import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.broadleafcommerce.openadmin.server.domain.SandBox;
import org.broadleafcommerce.openadmin.server.security.domain.AdminUser;
import org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote;
import org.broadleafcommerce.openadmin.server.service.SandBoxContext;
import org.broadleafcommerce.openadmin.server.service.SandBoxMode;
import org.broadleafcommerce.openadmin.server.service.persistence.SandBoxService;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component("blAdminSandBoxFilter")
/* loaded from: input_file:WEB-INF/lib/broadleaf-open-admin-platform-1.5.0-RC1.jar:org/broadleafcommerce/openadmin/security/AdminSandBoxFilter.class */
public class AdminSandBoxFilter extends OncePerRequestFilter {
    private static final String SANDBOX_ADMIN_ID_VAR = "blAdminCurrentSandboxId";
    private static String SANDBOX_ID_VAR = "blSandboxId";

    @Resource(name = "blSandBoxService")
    protected SandBoxService sandBoxService;

    @Resource(name = "blAdminSecurityRemoteService")
    protected AdminSecurityServiceRemote adminRemoteSecurityService;

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession();
        AdminUser persistentAdminUser = this.adminRemoteSecurityService.getPersistentAdminUser();
        if (persistentAdminUser == null) {
            session.removeAttribute(SANDBOX_ADMIN_ID_VAR);
            SandBoxContext.setSandBoxContext(null);
        } else {
            SandBox retrieveUserSandBox = this.sandBoxService.retrieveUserSandBox(null, persistentAdminUser);
            session.setAttribute(SANDBOX_ADMIN_ID_VAR, retrieveUserSandBox.getId());
            session.removeAttribute(SANDBOX_ID_VAR);
            SandBoxContext sandBoxContext = new SandBoxContext();
            sandBoxContext.setSandBoxId(retrieveUserSandBox.getId());
            sandBoxContext.setSandBoxMode(SandBoxMode.IMMEDIATE_COMMIT);
            sandBoxContext.setAdminUser(persistentAdminUser);
            SandBoxContext.setSandBoxContext(sandBoxContext);
        }
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            SandBoxContext.setSandBoxContext(null);
        } catch (Throwable th) {
            SandBoxContext.setSandBoxContext(null);
            throw th;
        }
    }
}
