package com.adobe.granite.conf.ui.core.internal.servlets;

import com.adobe.granite.conf.impl.CapabilityManager;
import com.adobe.granite.conf.ui.core.internal.ConfigurationUtils;
import com.day.cq.commons.jcr.JcrUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.servlet.ServletException;
import org.apache.commons.lang3.StringUtils;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.sling.SlingServlet;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.ModifiableValueMap;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceUtil;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.xss.XSSAPI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@SlingServlet(resourceTypes = {"sling:Folder", "sling:OrderedFolder"}, selectors = {ConfigurationManagementServlet.SELECTOR_CREATE, ConfigurationManagementServlet.SELECTOR_UPDATE, ConfigurationManagementServlet.SELECTOR_DELETE}, extensions = {"json"}, methods = {"POST"})
/* loaded from: input_file:com/adobe/granite/conf/ui/core/internal/servlets/ConfigurationManagementServlet.class */
public class ConfigurationManagementServlet extends SlingAllMethodsServlet {
    public static final String SELECTOR_CREATE = "createconf";
    public static final String SELECTOR_UPDATE = "updateconf";
    public static final String SELECTOR_DELETE = "deleteconf";
    private static final Logger LOG = LoggerFactory.getLogger(ConfigurationManagementServlet.class);
    private static final String PARAM_CONFIGURATION_TITLE = "configTitle";
    private static final String PARAM_CONFIGURATION_NAME = "configName";
    private static final String PARAM_CONFIGURATION_PARENT = "configParent";
    private static final String PARAM_CONFIGURATION_CAPABILITIES = "configCapabilities";
    private static final String PARAM_APPLY_TO = ":applyTo";

    @Reference
    private CapabilityManager capabilityManager;

    @Reference
    private XSSAPI xssAPI;

    protected void doPost(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        List<String> requestSelectors = getRequestSelectors(slingHttpServletRequest);
        try {
            if (requestSelectors.contains(SELECTOR_UPDATE)) {
                executeUpdate(slingHttpServletRequest);
            } else if (requestSelectors.contains(SELECTOR_DELETE)) {
                executeDelete(slingHttpServletRequest);
            } else {
                executeCreate(slingHttpServletRequest);
            }
            slingHttpServletRequest.getResourceResolver().commit();
            slingHttpServletResponse.setStatus(200);
        } catch (Exception e) {
            slingHttpServletResponse.sendError(500);
        }
    }

    private void executeDelete(SlingHttpServletRequest slingHttpServletRequest) throws Exception {
        ResourceResolver resourceResolver = slingHttpServletRequest.getResourceResolver();
        String[] parameterValues = slingHttpServletRequest.getParameterValues(PARAM_APPLY_TO);
        if (parameterValues != null) {
            for (String str : parameterValues) {
                Resource resource = resourceResolver.getResource(str);
                if (resource != null && ConfigurationUtils.isConfiguration(str)) {
                    disableCapabilities(resource);
                    resourceResolver.delete(resource);
                }
            }
        }
    }

    private void executeUpdate(SlingHttpServletRequest slingHttpServletRequest) throws Exception {
        Resource resource = slingHttpServletRequest.getResource();
        createOrUpdateConf(slingHttpServletRequest.getResourceResolver(), sanitizeString(slingHttpServletRequest.getParameter("./jcr:title")), resource.getPath(), slingHttpServletRequest.getParameterValues(PARAM_CONFIGURATION_CAPABILITIES));
    }

    private void executeCreate(SlingHttpServletRequest slingHttpServletRequest) throws Exception {
        ResourceResolver resourceResolver = slingHttpServletRequest.getResourceResolver();
        String parameter = slingHttpServletRequest.getParameter(PARAM_CONFIGURATION_PARENT);
        if (!ConfigurationUtils.isConfiguration(parameter)) {
            LOG.error("Attempt to create configuration that is not under /conf");
            throw new Exception("Attempt to create configuration that is not under /conf");
        }
        String sanitizeString = sanitizeString(slingHttpServletRequest.getParameter(PARAM_CONFIGURATION_TITLE));
        String parameter2 = slingHttpServletRequest.getParameter(PARAM_CONFIGURATION_NAME);
        if (StringUtils.isEmpty(parameter2)) {
            parameter2 = JcrUtil.createValidName(sanitizeString);
        }
        String[] parameterValues = slingHttpServletRequest.getParameterValues(PARAM_CONFIGURATION_CAPABILITIES);
        if (resourceResolver.getResource(parameter) == null) {
            LOG.error("No resource found at " + parameter);
            throw new Exception("No resource found at " + parameter);
        }
        createOrUpdateConf(resourceResolver, sanitizeString, parameter + "/" + parameter2, parameterValues);
    }

    private void createOrUpdateConf(ResourceResolver resourceResolver, String str, String str2, String[] strArr) throws Exception {
        if (StringUtils.isEmpty(str)) {
            LOG.error("Configuration title is mandatory!");
            throw new Exception("Configuration title is mandatory!");
        }
        ((ModifiableValueMap) ResourceUtil.getOrCreateResource(resourceResolver, str2, "sling:Folder", "sling:Folder", false).adaptTo(ModifiableValueMap.class)).put("jcr:title", str);
        Resource orCreateResource = ResourceUtil.getOrCreateResource(resourceResolver, str2 + "/" + ConfigurationUtils.CONFIGURATION_DELIMITER_NAME, "sling:Folder", "sling:Folder", false);
        if (strArr != null) {
            for (String str3 : strArr) {
                this.capabilityManager.enableCapability(orCreateResource, str3);
            }
        }
    }

    private List<String> getRequestSelectors(SlingHttpServletRequest slingHttpServletRequest) {
        try {
            return Arrays.asList(slingHttpServletRequest.getRequestPathInfo().getSelectors());
        } catch (Exception e) {
            LOG.debug("No selector information found on the request!", e);
            return new ArrayList();
        }
    }

    private String sanitizeString(String str) {
        return this.xssAPI.encodeForHTML(str);
    }

    private void disableCapabilities(Resource resource) {
        for (String str : this.capabilityManager.getCapabilityNames()) {
            if (this.capabilityManager.isCapabilityEnabled(resource, str) && !this.capabilityManager.disableCapability(resource, str)) {
                LOG.error("Could not disable capability " + str + " for configuration " + resource.getPath());
            }
        }
    }

    protected void bindCapabilityManager(CapabilityManager capabilityManager) {
        this.capabilityManager = capabilityManager;
    }

    protected void unbindCapabilityManager(CapabilityManager capabilityManager) {
        if (this.capabilityManager == capabilityManager) {
            this.capabilityManager = null;
        }
    }

    protected void bindXssAPI(XSSAPI xssapi) {
        this.xssAPI = xssapi;
    }

    protected void unbindXssAPI(XSSAPI xssapi) {
        if (this.xssAPI == xssapi) {
            this.xssAPI = null;
        }
    }
}
