package com.day.crx.delite.impl.servlets;

import com.day.cq.i18n.I18n;
import com.day.crx.delite.impl.AbstractServlet;
import com.day.crx.delite.impl.support.RequestData;
import java.io.IOException;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import javax.jcr.PathNotFoundException;
import javax.jcr.PropertyType;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.UnsupportedRepositoryOperationException;
import javax.jcr.Value;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlException;
import javax.jcr.security.AccessControlList;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;
import javax.jcr.security.AccessControlPolicyIterator;
import javax.jcr.security.NamedAccessControlPolicy;
import javax.jcr.security.Privilege;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlEntry;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.oak.spi.security.principal.GroupPrincipals;
import org.apache.sling.commons.json.JSONException;
import org.apache.sling.commons.json.io.JSONWriter;
import org.osgi.framework.BundleContext;

/* loaded from: input_file:com/day/crx/delite/impl/servlets/ACEServlet.class */
public class ACEServlet extends AbstractServlet {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/day/crx/delite/impl/servlets/ACEServlet$Printer.class */
    public static class Printer {
        private Printer() {
        }

        public static void print(AccessControlPolicy accessControlPolicy, JSONWriter jSONWriter) throws JSONException, RepositoryException {
            if (accessControlPolicy instanceof NamedAccessControlPolicy) {
                print((NamedAccessControlPolicy) accessControlPolicy, jSONWriter);
            } else if (accessControlPolicy instanceof AccessControlList) {
                print((AccessControlList) accessControlPolicy, jSONWriter);
            }
        }

        public static void print(NamedAccessControlPolicy namedAccessControlPolicy, JSONWriter jSONWriter) throws JSONException, RepositoryException {
            jSONWriter.object();
            jSONWriter.key("type").value(NamedAccessControlPolicy.class.getName());
            jSONWriter.key("name").value(namedAccessControlPolicy.getName());
            jSONWriter.key("className").value(namedAccessControlPolicy.getClass().getName());
            jSONWriter.key("policyId").value(ACEServlet.getPolicyId(namedAccessControlPolicy));
            jSONWriter.endObject();
        }

        public static void print(AccessControlList accessControlList, JSONWriter jSONWriter) throws JSONException, RepositoryException {
            String name = AccessControlList.class.getName();
            jSONWriter.object();
            jSONWriter.key("className").value(accessControlList.getClass().getName());
            jSONWriter.key("policyId").value(ACEServlet.getPolicyId(accessControlList));
            jSONWriter.key("sortable").value(accessControlList instanceof JackrabbitAccessControlList);
            jSONWriter.key("supportAllow").value(accessControlList instanceof JackrabbitAccessControlList);
            jSONWriter.key("entries").array();
            for (AccessControlEntry accessControlEntry : accessControlList.getAccessControlEntries()) {
                print(accessControlEntry, jSONWriter);
            }
            jSONWriter.endArray();
            if (accessControlList instanceof JackrabbitAccessControlList) {
                name = JackrabbitAccessControlList.class.getName();
                JackrabbitAccessControlList jackrabbitAccessControlList = (JackrabbitAccessControlList) accessControlList;
                jSONWriter.key("path").value(jackrabbitAccessControlList.getPath());
                jSONWriter.key("supportedRestrictions").array();
                for (String str : jackrabbitAccessControlList.getRestrictionNames()) {
                    jSONWriter.object();
                    jSONWriter.key("name").value(str);
                    jSONWriter.key("type").value(PropertyType.nameFromValue(jackrabbitAccessControlList.getRestrictionType(str)));
                    jSONWriter.endObject();
                }
                jSONWriter.endArray();
            }
            jSONWriter.key("type").value(name);
            jSONWriter.endObject();
        }

        public static void print(AccessControlEntry accessControlEntry, JSONWriter jSONWriter) throws JSONException, RepositoryException {
            String name = AccessControlEntry.class.getName();
            jSONWriter.object();
            jSONWriter.key("entryId").value(ACEServlet.getEntryId(accessControlEntry));
            jSONWriter.key("principal");
            print(accessControlEntry.getPrincipal(), jSONWriter);
            jSONWriter.key("privileges").array();
            for (Privilege privilege : accessControlEntry.getPrivileges()) {
                print(privilege, jSONWriter);
            }
            jSONWriter.endArray();
            if (accessControlEntry instanceof JackrabbitAccessControlEntry) {
                name = JackrabbitAccessControlEntry.class.getName();
                JackrabbitAccessControlEntry jackrabbitAccessControlEntry = (JackrabbitAccessControlEntry) accessControlEntry;
                jSONWriter.key("allow").value(jackrabbitAccessControlEntry.isAllow());
                jSONWriter.key("restrictions").array();
                for (String str : jackrabbitAccessControlEntry.getRestrictionNames()) {
                    jSONWriter.object();
                    jSONWriter.key("name").value(str);
                    Value[] restrictions = jackrabbitAccessControlEntry.getRestrictions(str);
                    jSONWriter.key("value").array();
                    for (Value value : restrictions) {
                        jSONWriter.value(value.getString());
                    }
                    jSONWriter.endArray();
                    jSONWriter.endObject();
                }
                jSONWriter.endArray();
            }
            jSONWriter.key("type").value(name);
            jSONWriter.endObject();
        }

        public static void print(Privilege privilege, JSONWriter jSONWriter) throws JSONException {
            jSONWriter.object();
            jSONWriter.key("type").value(Privilege.class.getName());
            jSONWriter.key("name").value(privilege.getName());
            jSONWriter.key("aggregate").value(privilege.isAggregate());
            jSONWriter.key("abstract").value(privilege.isAbstract());
            jSONWriter.key("declared").array();
            for (Privilege privilege2 : privilege.getDeclaredAggregatePrivileges()) {
                print(privilege2, jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.endObject();
        }

        public static void print(Principal principal, JSONWriter jSONWriter) throws JSONException {
            jSONWriter.object();
            jSONWriter.key("name").value(principal.getName());
            jSONWriter.key("type").value(ACEServlet.getPrincipalType(principal));
            jSONWriter.endObject();
        }
    }

    public ACEServlet(BundleContext bundleContext) {
        super(bundleContext);
    }

    @Override // com.day.crx.delite.impl.AbstractServlet
    protected void doService(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws ServletException, IOException {
        if ("GET".equals(httpServletRequest.getMethod())) {
            if ("test".equals(httpServletRequest.getParameter("action"))) {
                test(httpServletRequest, httpServletResponse, session);
                return;
            } else {
                doGet(httpServletRequest, httpServletResponse, session);
                return;
            }
        }
        if (!"POST".equals(httpServletRequest.getMethod())) {
            httpServletResponse.sendError(405);
            return;
        }
        if ("addpolicy".equals(httpServletRequest.getParameter("action"))) {
            addPolicy(httpServletRequest, httpServletResponse, session);
            return;
        }
        if ("removepolicy".equals(httpServletRequest.getParameter("action"))) {
            removePolicy(httpServletRequest, httpServletResponse, session);
            return;
        }
        if ("addentry".equals(httpServletRequest.getParameter("action"))) {
            addEntry(httpServletRequest, httpServletResponse, session);
            return;
        }
        if ("removeentry".equals(httpServletRequest.getParameter("action"))) {
            removeEntry(httpServletRequest, httpServletResponse, session);
            return;
        }
        if ("removeentrybyindex".equals(httpServletRequest.getParameter("action"))) {
            removeEntryByIndex(httpServletRequest, httpServletResponse, session);
            return;
        }
        if ("reorderentry".equals(httpServletRequest.getParameter("action"))) {
            reorderEntry(httpServletRequest, httpServletResponse, session);
        } else if ("reorderentrybyindex".equals(httpServletRequest.getParameter("action"))) {
            reorderEntryByIndex(httpServletRequest, httpServletResponse, session);
        } else {
            httpServletResponse.sendError(400, I18n.get(httpServletRequest, "Invalid action"));
        }
    }

    private void test(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        Principal principal;
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONWriter jSONWriter = new JSONWriter(httpServletResponse.getWriter());
        try {
            if (!(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            RequestData requestData = new RequestData(httpServletRequest);
            String adjustPath = adjustPath(requestData.getParameter("path"));
            String parameter = requestData.getParameter("principal");
            JackrabbitSession jackrabbitSession = (JackrabbitSession) session;
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            PrincipalManager principalManager = jackrabbitSession.getPrincipalManager();
            if (StringUtils.isEmpty(parameter)) {
                principal = jackrabbitSession.getUserManager().getAuthorizable(session.getUserID()).getPrincipal();
            } else {
                principal = principalManager.getPrincipal(parameter);
                if (principal == null) {
                    httpServletResponse.setStatus(400);
                    httpServletResponse.getWriter().write(I18n.get(httpServletRequest, "Principal is not found"));
                    return;
                }
            }
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            linkedHashSet.add(principal);
            PrincipalIterator groupMembership = principalManager.getGroupMembership(principal);
            while (groupMembership.hasNext()) {
                linkedHashSet.add(groupMembership.nextPrincipal());
            }
            jSONWriter.object();
            jSONWriter.key("path").value(adjustPath);
            jSONWriter.key("principal").value(parameter);
            jSONWriter.key("userId").value(session.getUserID());
            jSONWriter.key("principals").array();
            Iterator it = linkedHashSet.iterator();
            while (it.hasNext()) {
                Printer.print((Principal) it.next(), jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.key("privileges").array();
            for (Privilege privilege : accessControlManager.getPrivileges(adjustPath, linkedHashSet)) {
                Printer.print(privilege, jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.endObject();
        } catch (RepositoryException e) {
            this.logger.error("Error occur getting access control", e);
            httpServletResponse.sendError(500);
        } catch (PathNotFoundException e2) {
            httpServletResponse.sendError(404);
        } catch (UnsupportedRepositoryOperationException e3) {
            this.logger.info("Unsupported repository operation", e3);
            httpServletResponse.sendError(501);
        } catch (JSONException e4) {
            this.logger.error("Error occur getting access control", e4);
            httpServletResponse.sendError(500);
        }
    }

    private void addPolicy(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        JackrabbitAccessControlPolicy findPolicy;
        RequestData requestData = new RequestData(httpServletRequest);
        String adjustPath = adjustPath(requestData.getParameter("path"));
        String parameter = requestData.getParameter("principal");
        String parameter2 = requestData.getParameter("policyId");
        try {
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            if (isPrincipalBased) {
                findPolicy = findPolicy((AccessControlPolicy[]) accessControlManager.getApplicablePolicies(getPrincipal(session, parameter)), parameter2);
                adjustPath = findPolicy.getPath();
            } else {
                findPolicy = findPolicy(accessControlManager.getApplicablePolicies(adjustPath), parameter2);
            }
            accessControlManager.setPolicy(adjustPath, findPolicy);
            session.save();
        } catch (RepositoryException e) {
            this.logger.error("Error occur adding new policy", e);
            httpServletResponse.sendError(500);
        } catch (UnsupportedRepositoryOperationException e2) {
            this.logger.info("Unsupported repository operation", e2);
            httpServletResponse.sendError(501);
        }
    }

    private void removePolicy(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        JackrabbitAccessControlPolicy findPolicy;
        RequestData requestData = new RequestData(httpServletRequest);
        String adjustPath = adjustPath(requestData.getParameter("path"));
        String parameter = requestData.getParameter("principal");
        String parameter2 = requestData.getParameter("policyId");
        try {
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            if (isPrincipalBased) {
                findPolicy = findPolicy((AccessControlPolicy[]) accessControlManager.getPolicies(getPrincipal(session, parameter)), parameter2);
                adjustPath = findPolicy.getPath();
            } else {
                findPolicy = findPolicy(accessControlManager.getPolicies(adjustPath), parameter2);
            }
            accessControlManager.removePolicy(adjustPath, findPolicy);
            session.save();
        } catch (RepositoryException e) {
            this.logger.error("Error occur adding new policy", e);
            httpServletResponse.sendError(500);
        } catch (UnsupportedRepositoryOperationException e2) {
            this.logger.info("Unsupported repository operation", e2);
            httpServletResponse.sendError(501);
        }
    }

    private void addEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        JackrabbitAccessControlPolicy findPolicy;
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONWriter jSONWriter = new JSONWriter(httpServletResponse.getWriter());
        RequestData requestData = new RequestData(httpServletRequest);
        String adjustPath = adjustPath(requestData.getParameter("path"));
        String parameter = requestData.getParameter("principal");
        String parameter2 = requestData.getParameter("policyId");
        String parameter3 = requestData.getParameter("entryPrincipal");
        String[] parameterValues = requestData.getParameterValues("privileges");
        if (parameterValues == null) {
            parameterValues = new String[0];
        }
        try {
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            if (isPrincipalBased) {
                findPolicy = findPolicy((AccessControlPolicy[]) accessControlManager.getPolicies(getPrincipal(session, parameter)), parameter2);
                adjustPath = findPolicy.getPath();
            } else {
                findPolicy = findPolicy(accessControlManager.getPolicies(adjustPath), parameter2);
            }
            if (!(findPolicy instanceof AccessControlList)) {
                throw new IllegalArgumentException(I18n.get(httpServletRequest, "This action is only applicable for ACL policy"));
            }
            Principal principal = getPrincipal(session, parameter3);
            if (principal == null) {
                throw new IllegalArgumentException(I18n.get(httpServletRequest, "Unknown principal: {0}", (String) null, new Object[]{parameter3}));
            }
            Privilege[] convert = convert(accessControlManager, parameterValues);
            if (findPolicy instanceof JackrabbitAccessControlList) {
                JackrabbitAccessControlList jackrabbitAccessControlList = (JackrabbitAccessControlList) findPolicy;
                boolean equals = "on".equals(requestData.getParameter("allow"));
                HashMap hashMap = new HashMap();
                String parameter4 = requestData.getParameter("restrictionNames");
                if (parameter4 != null) {
                    for (String str : parameter4.split(",")) {
                        if (str != null && str.length() != 0) {
                            String parameter5 = requestData.getParameter(str);
                            if (parameter5 != null && parameter5.length() > 0) {
                                if ("rep:glob".equals(str) && "\"\"".equals(parameter5)) {
                                    parameter5 = "";
                                }
                                hashMap.put(str, session.getValueFactory().createValue(parameter5, jackrabbitAccessControlList.getRestrictionType(str)));
                            }
                        }
                    }
                }
                if (jackrabbitAccessControlList.addEntry(principal, convert, equals, hashMap)) {
                    accessControlManager.setPolicy(adjustPath, findPolicy);
                    session.save();
                    Printer.print((AccessControlList) jackrabbitAccessControlList, jSONWriter);
                }
            } else {
                AccessControlList accessControlList = (AccessControlList) findPolicy;
                if (accessControlList.addAccessControlEntry(principal, convert)) {
                    accessControlManager.setPolicy(adjustPath, findPolicy);
                    session.save();
                    Printer.print(accessControlList, jSONWriter);
                }
            }
        } catch (RepositoryException e) {
            this.logger.error("Error occur adding new acl entry", e);
            httpServletResponse.sendError(500);
        } catch (JSONException e2) {
            this.logger.error("Error occur adding new acl entry", e2);
            httpServletResponse.sendError(500);
        } catch (IllegalArgumentException e3) {
            httpServletResponse.sendError(400);
        } catch (UnsupportedRepositoryOperationException e4) {
            this.logger.info("Unsupported repository operation", e4);
            httpServletResponse.sendError(501);
        }
    }

    private void removeEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        performRemoveEntry(httpServletRequest, httpServletResponse, session, false);
    }

    private void removeEntryByIndex(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        performRemoveEntry(httpServletRequest, httpServletResponse, session, true);
    }

    private void performRemoveEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session, boolean z) throws IOException {
        JackrabbitAccessControlPolicy findPolicy;
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONWriter jSONWriter = new JSONWriter(httpServletResponse.getWriter());
        RequestData requestData = new RequestData(httpServletRequest);
        String adjustPath = adjustPath(requestData.getParameter("path"));
        String parameter = requestData.getParameter("principal");
        String parameter2 = requestData.getParameter("policyId");
        String parameter3 = requestData.getParameter("entryId");
        try {
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            if (isPrincipalBased) {
                findPolicy = findPolicy((AccessControlPolicy[]) accessControlManager.getPolicies(getPrincipal(session, parameter)), parameter2);
                adjustPath = findPolicy.getPath();
            } else {
                findPolicy = findPolicy(accessControlManager.getPolicies(adjustPath), parameter2);
            }
            if (!(findPolicy instanceof AccessControlList)) {
                throw new IllegalArgumentException(I18n.get(httpServletRequest, "This action is only applicable for ACL policy"));
            }
            AccessControlList accessControlList = (AccessControlList) findPolicy;
            accessControlList.removeAccessControlEntry(findEntryWrapper(accessControlList.getAccessControlEntries(), parameter3, z));
            accessControlManager.setPolicy(adjustPath, findPolicy);
            session.save();
            Printer.print(accessControlList, jSONWriter);
        } catch (UnsupportedRepositoryOperationException e) {
            this.logger.info("Unsupported repository operation", e);
            httpServletResponse.sendError(501);
        } catch (JSONException e2) {
            this.logger.error("Error occur removing acl entry", e2);
            httpServletResponse.sendError(500);
        } catch (IllegalArgumentException e3) {
            httpServletResponse.sendError(400);
        } catch (RepositoryException e4) {
            this.logger.error("Error occur removing acl entry", e4);
            httpServletResponse.sendError(500);
        }
    }

    private void reorderEntryByIndex(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        performReorderEntry(httpServletRequest, httpServletResponse, session, true);
    }

    private void reorderEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws IOException {
        performReorderEntry(httpServletRequest, httpServletResponse, session, false);
    }

    private void performReorderEntry(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session, boolean z) throws IOException {
        JackrabbitAccessControlPolicy findPolicy;
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONWriter jSONWriter = new JSONWriter(httpServletResponse.getWriter());
        RequestData requestData = new RequestData(httpServletRequest);
        String adjustPath = adjustPath(requestData.getParameter("path"));
        String parameter = requestData.getParameter("principal");
        String parameter2 = requestData.getParameter("policyId");
        String parameter3 = requestData.getParameter("srcEntryId");
        String parameter4 = requestData.getParameter("destEntryId");
        try {
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            if (isPrincipalBased) {
                findPolicy = findPolicy((AccessControlPolicy[]) accessControlManager.getPolicies(getPrincipal(session, parameter)), parameter2);
                adjustPath = findPolicy.getPath();
            } else {
                findPolicy = findPolicy(accessControlManager.getPolicies(adjustPath), parameter2);
            }
            if (!(findPolicy instanceof JackrabbitAccessControlList)) {
                throw new IllegalArgumentException(I18n.get(httpServletRequest, "The policy does not support reordering entry"));
            }
            JackrabbitAccessControlList jackrabbitAccessControlList = (JackrabbitAccessControlList) findPolicy;
            jackrabbitAccessControlList.orderBefore(findEntryWrapper(jackrabbitAccessControlList.getAccessControlEntries(), parameter3, z), parameter4 != null ? findEntryWrapper(jackrabbitAccessControlList.getAccessControlEntries(), parameter4, z) : null);
            accessControlManager.setPolicy(adjustPath, findPolicy);
            session.save();
            Printer.print((AccessControlList) jackrabbitAccessControlList, jSONWriter);
        } catch (JSONException e) {
            this.logger.error("Error occurred while reordering acl entry", e);
            httpServletResponse.sendError(500);
        } catch (IllegalArgumentException e2) {
            httpServletResponse.sendError(400);
        } catch (UnsupportedRepositoryOperationException e3) {
            this.logger.info("Unsupported repository operation", e3);
            httpServletResponse.sendError(501);
        } catch (RepositoryException e4) {
            this.logger.error("Error occurred while reordering acl entry", e4);
            httpServletResponse.sendError(500);
        }
    }

    private void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) throws ServletException, IOException {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONWriter jSONWriter = new JSONWriter(httpServletResponse.getWriter());
        try {
            JackrabbitAccessControlManager accessControlManager = session.getAccessControlManager();
            RequestData requestData = new RequestData(httpServletRequest);
            String adjustPath = adjustPath(requestData.getParameter("path"));
            String parameter = requestData.getParameter("principal");
            boolean isPrincipalBased = isPrincipalBased(adjustPath, parameter);
            if (isPrincipalBased && !(session instanceof JackrabbitSession)) {
                throw new UnsupportedRepositoryOperationException(I18n.get(httpServletRequest, "The repository does not support principal"));
            }
            JackrabbitAccessControlManager jackrabbitAccessControlManager = null;
            Principal principal = null;
            if (isPrincipalBased) {
                jackrabbitAccessControlManager = accessControlManager;
                principal = getPrincipal(session, parameter);
            }
            jSONWriter.object();
            jSONWriter.key("supportedPrivs").array();
            for (Privilege privilege : accessControlManager.getSupportedPrivileges(adjustPath)) {
                Printer.print(privilege, jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.key("applicable").array();
            Iterator it = isPrincipalBased ? Arrays.asList(jackrabbitAccessControlManager.getApplicablePolicies(principal)).iterator() : accessControlManager.getApplicablePolicies(adjustPath);
            while (it.hasNext()) {
                Printer.print((AccessControlPolicy) it.next(), jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.key("local").array();
            for (JackrabbitAccessControlPolicy jackrabbitAccessControlPolicy : isPrincipalBased ? jackrabbitAccessControlManager.getPolicies(principal) : accessControlManager.getPolicies(adjustPath)) {
                Printer.print((AccessControlPolicy) jackrabbitAccessControlPolicy, jSONWriter);
            }
            jSONWriter.endArray();
            jSONWriter.endObject();
        } catch (JSONException e) {
            this.logger.error("Error occur getting access control", e);
            httpServletResponse.sendError(500);
        } catch (UnsupportedRepositoryOperationException e2) {
            this.logger.info("Unsupported repository operation", e2);
            httpServletResponse.sendError(501);
        } catch (AccessControlException e3) {
            httpServletResponse.sendError(403);
        } catch (RepositoryException e4) {
            this.logger.error("Error occur getting access control", e4);
            httpServletResponse.sendError(500);
        } catch (PathNotFoundException e5) {
            httpServletResponse.sendError(404);
        }
    }

    private static AccessControlPolicy findPolicy(AccessControlPolicy[] accessControlPolicyArr, String str) throws RepositoryException {
        for (AccessControlPolicy accessControlPolicy : accessControlPolicyArr) {
            if (str.equals(getPolicyId(accessControlPolicy))) {
                return accessControlPolicy;
            }
        }
        return null;
    }

    private static AccessControlPolicy findPolicy(AccessControlPolicyIterator accessControlPolicyIterator, String str) throws RepositoryException {
        while (accessControlPolicyIterator.hasNext()) {
            AccessControlPolicy nextAccessControlPolicy = accessControlPolicyIterator.nextAccessControlPolicy();
            if (str.equals(getPolicyId(nextAccessControlPolicy))) {
                return nextAccessControlPolicy;
            }
        }
        return null;
    }

    private static AccessControlEntry findEntryByIndexString(AccessControlEntry[] accessControlEntryArr, String str) throws RepositoryException {
        if (str == null) {
            return null;
        }
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt < 0 || parseInt >= accessControlEntryArr.length) {
                return null;
            }
            return accessControlEntryArr[parseInt];
        } catch (Exception e) {
            return null;
        }
    }

    private static AccessControlEntry findEntryWrapper(AccessControlEntry[] accessControlEntryArr, String str, boolean z) throws RepositoryException {
        return z ? findEntryByIndexString(accessControlEntryArr, str) : findEntry(accessControlEntryArr, str);
    }

    private static AccessControlEntry findEntry(AccessControlEntry[] accessControlEntryArr, String str) throws RepositoryException {
        for (AccessControlEntry accessControlEntry : accessControlEntryArr) {
            if (str.equals(getEntryId(accessControlEntry))) {
                return accessControlEntry;
            }
        }
        return null;
    }

    private static Privilege[] convert(AccessControlManager accessControlManager, String[] strArr) throws RepositoryException {
        Privilege[] privilegeArr = new Privilege[strArr.length];
        int i = 0;
        for (String str : strArr) {
            int i2 = i;
            i++;
            privilegeArr[i2] = accessControlManager.privilegeFromName(str);
        }
        return privilegeArr;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getPrincipalType(Principal principal) {
        return GroupPrincipals.isGroup(principal) ? "group" : "user";
    }

    private static Principal getPrincipal(Session session, String str) throws RepositoryException {
        return ((JackrabbitSession) session).getPrincipalManager().getPrincipal(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getPolicyId(AccessControlPolicy accessControlPolicy) throws RepositoryException {
        if (accessControlPolicy instanceof NamedAccessControlPolicy) {
            return ((NamedAccessControlPolicy) accessControlPolicy).getName();
        }
        if (!(accessControlPolicy instanceof AccessControlList)) {
            return accessControlPolicy.getClass().getName();
        }
        StringBuilder sb = new StringBuilder();
        sb.append(accessControlPolicy.getClass().getName()).append("_");
        for (AccessControlEntry accessControlEntry : ((AccessControlList) accessControlPolicy).getAccessControlEntries()) {
            sb.append(getEntryId(accessControlEntry)).append("_");
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getEntryId(AccessControlEntry accessControlEntry) {
        return accessControlEntry.hashCode() + "";
    }

    private static String adjustPath(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return str;
    }

    private static boolean isPrincipalBased(String str, String str2) {
        return !StringUtils.isEmpty(str2) && StringUtils.isEmpty(str);
    }
}
