/*
    WebBox - Dein Server.
    Copyright (C) 2017 Ulrich Hilger, http://uhilger.de

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU Affero General Public License as
    published by the Free Software Foundation, either version 3 of the
    License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package de.uhilger.wbx.web;

import java.io.IOException;
import java.security.Principal;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/**
 *
 * @author ulrich
 */
public class HomeFilter implements Filter {

  private static final Logger logger = Logger.getLogger(HomeFilter.class.getName());

  private static final String HOME_CTX = "/home";

  @Override
  public void init(FilterConfig filterConfig) throws ServletException {
    // ...
    logger.fine("   initialisiert.");
  }

  /*
    Dieser Filter laesst nur Anfragen durch, die in username 
    denselben Eintrag haben wie der Name des angemeldeten Benutzers.
  
    http]://example.com/home/username/test.txt
   */
  @Override
  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

    if (request instanceof HttpServletRequest) {
      HttpServletRequest hr = (HttpServletRequest) request;

      logger.fine("requestURL: " + hr.getRequestURL().toString());
      logger.fine("ContextPath: " + hr.getContextPath());
      logger.fine("ServletPath: " + hr.getServletPath());
      logger.fine("PathInfo: " + hr.getPathInfo());

      String userName = getUserName(hr);
      if (userName != null) {
        String servletPath = hr.getServletPath();
        if (servletPath != null && servletPath.length() > 0) {
          String urlStr = servletPath.substring(1);
          logger.fine("urlStr: " + urlStr);
          if (urlStr.startsWith(userName)) {
            logger.fine("User " + userName + " matches URL and may pass.");
            chain.doFilter(request, response);
          } else {
            logger.fine("You may not see that content.");
          }
        }
      } else {
        logger.fine("You need to log in to see this content.");
      }
    }
  }

  private String getUserName(HttpServletRequest hr) {
    String userName = null;
    Object p = hr.getUserPrincipal();
    if (p instanceof Principal) {
      userName = ((Principal) p).getName();
    }
    return userName;
  }

  @Override
  public void destroy() {
    // ...
  }
}