package com.day.cq.dam.core.impl.assetlinkshare;

import com.adobe.granite.security.user.UserPropertiesManager;
import com.adobe.granite.xss.XSSAPI;
import com.day.cq.commons.Externalizer;
import com.day.cq.dam.asset.api.AdhocAssetShareDefinition;
import com.day.cq.dam.asset.api.AdhocAssetShareEmail;
import com.day.cq.dam.asset.api.AdhocAssetShareException;
import com.day.cq.dam.commons.util.DamUtil;
import com.day.cq.mailer.MessageGatewayService;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import javax.annotation.Nullable;
import javax.jcr.AccessDeniedException;
import javax.jcr.ItemNotFoundException;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import javax.mail.Header;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.InternetHeaders;
import org.apache.commons.httpclient.URI;
import org.apache.commons.httpclient.URIException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.text.StrSubstitutor;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.mail.EmailException;
import org.apache.commons.mail.HtmlEmail;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.caconfig.resource.ConfigurationResourceResolver;
import org.apache.sling.tenant.Tenant;
import org.apache.tika.io.CountingInputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/day/cq/dam/core/impl/assetlinkshare/AdhocAssetShareHelper.class */
public class AdhocAssetShareHelper {
    private static Logger log = LoggerFactory.getLogger(AdhocAssetShareHelper.class);
    private static final String DEFAULT_EMAIL_MESSAGE_HEADER = "Personal Message:";
    private static final String DEFAULT_EMAIL_MESSAGE = "";
    private static final String LINK_SHARE_SUBSERVICE = "linkshareservice";
    private static final String EMAIL_TEMPLATE_PATH = "dam/adhocassetshare/en.txt";
    private static final String DEFAULT_CHARSET = "utf-8";
    private static final String EMAIL_TEMPLATE_LEGACY_BUCKET = "/etc";
    private static final String EMAIL_TEMPLATE_CACONFIG_BUCKET = "settings";

    public Pair<ResourceResolver, Session> getServiceResolver(ResourceResolverFactory resourceResolverFactory) throws AdhocAssetShareException {
        try {
            ResourceResolver serviceResourceResolver = resourceResolverFactory.getServiceResourceResolver(Collections.singletonMap("sling.service.subservice", "linkshareservice"));
            Session session = (Session) serviceResourceResolver.adaptTo(Session.class);
            if (null == session) {
                throw new AdhocAssetShareException("Failed to adapt Service Resource Resolver to JCR session", AdhocAssetShareException.ReasonCode.UNEXPECTED);
            }
            return Pair.of(serviceResourceResolver, session);
        } catch (LoginException e) {
            log.error("Unexpected login exception while retrieving service resolver for adhoc asset share creation", e);
            throw new AdhocAssetShareException("Unable to retrieve service resolver for asset share creation", AdhocAssetShareException.ReasonCode.UNEXPECTED);
        }
    }

    public AdhocAssetShareException fromRepositoryException(RepositoryException repositoryException, int i) {
        return repositoryException instanceof AccessDeniedException ? new AdhocAssetShareException("Insufficient access for user to perform repository operation", AdhocAssetShareException.ReasonCode.ACCESS_DENIED, repositoryException) : ((repositoryException instanceof ItemNotFoundException) || (repositoryException instanceof PathNotFoundException)) ? new AdhocAssetShareException("An item could not be found in the repository", AdhocAssetShareException.ReasonCode.NOT_FOUND, repositoryException) : (i >= 5 || !(repositoryException.getCause() instanceof RepositoryException)) ? new AdhocAssetShareException("Unhandled repository exception", AdhocAssetShareException.ReasonCode.UNEXPECTED, repositoryException) : fromRepositoryException((RepositoryException) repositoryException.getCause(), i + 1);
    }

    public String getMessageHeader(AdhocAssetShareDefinition adhocAssetShareDefinition) {
        return (adhocAssetShareDefinition.getEmailInformation().isPresent() && ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getMessageHeader().isPresent()) ? (String) ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getMessageHeader().get() : DEFAULT_EMAIL_MESSAGE_HEADER;
    }

    public String getMessage(AdhocAssetShareDefinition adhocAssetShareDefinition) {
        return (adhocAssetShareDefinition.getEmailInformation().isPresent() && ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getMessage().isPresent()) ? (String) ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getMessage().get() : DEFAULT_EMAIL_MESSAGE;
    }

    @Nullable
    public String getEmailSubject(AdhocAssetShareDefinition adhocAssetShareDefinition) {
        return (String) adhocAssetShareDefinition.getEmailInformation().map((v0) -> {
            return v0.getSubject();
        }).orElse(null);
    }

    public String[] getEmailAddresses(Session session, AdhocAssetShareDefinition adhocAssetShareDefinition, UserPropertiesManager userPropertiesManager) throws RepositoryException {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (adhocAssetShareDefinition.getEmailInformation().isPresent()) {
            for (String str : ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getToAddresses()) {
                linkedHashSet.add(str);
            }
            linkedHashSet.addAll(Arrays.asList(getPrincipalEmailAddresses(userPropertiesManager, session, getPrincipalNames(adhocAssetShareDefinition))));
        }
        return (String[]) linkedHashSet.toArray(new String[linkedHashSet.size()]);
    }

    public String[] getPrincipalNames(AdhocAssetShareDefinition adhocAssetShareDefinition) {
        return adhocAssetShareDefinition.getEmailInformation().isPresent() ? ((AdhocAssetShareEmail) adhocAssetShareDefinition.getEmailInformation().get()).getToPrincipals() : new String[0];
    }

    public String[] getPrincipalEmailAddresses(UserPropertiesManager userPropertiesManager, Session session, String[] strArr) throws RepositoryException {
        UserManager userManager = ((JackrabbitSession) session).getUserManager();
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            Group authorizable = userManager.getAuthorizable(str);
            if (authorizable != null && authorizable.isGroup()) {
                Iterator declaredMembers = authorizable.getDeclaredMembers();
                while (declaredMembers.hasNext()) {
                    Authorizable authorizable2 = (Authorizable) declaredMembers.next();
                    if (!authorizable2.isGroup()) {
                        String str2 = (String) userPropertiesManager.getUserProperties(authorizable2, "profile").getProperty("email", DEFAULT_EMAIL_MESSAGE, String.class);
                        if (!str2.isEmpty()) {
                            arrayList.add(str2);
                        }
                    }
                }
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public String getPrivilegeToCheck(Node node) {
        String str;
        str = "{http://www.jcp.org/jcr/1.0}modifyAccessControl";
        try {
            str = node.getProperty("checkModifyAcl").getBoolean() ? "{http://www.jcp.org/jcr/1.0}modifyAccessControl" : "{http://www.jcp.org/jcr/1.0}read";
        } catch (RepositoryException e) {
            log.info("Error checking which privilege to check, defaulting to modifyAccessControls");
        }
        return str;
    }

    public boolean canShareAsset(AccessControlManager accessControlManager, String str, String str2) {
        try {
            return accessControlManager.hasPrivileges(str, new Privilege[]{accessControlManager.privilegeFromName(str2)});
        } catch (RepositoryException e) {
            log.warn("unable to determine if user can share this asset: {}", e);
            return false;
        }
    }

    public boolean canShareAsset(AccessControlManager accessControlManager, String str, boolean z) {
        try {
            Privilege[] privilegeArr = new Privilege[1];
            privilegeArr[0] = z ? accessControlManager.privilegeFromName("{http://www.jcp.org/jcr/1.0}modifyAccessControl") : accessControlManager.privilegeFromName("{http://www.jcp.org/jcr/1.0}read");
            return accessControlManager.hasPrivileges(str, privilegeArr);
        } catch (RepositoryException e) {
            log.warn("unable to determine if user can share this asset: {}", e);
            return false;
        }
    }

    public void setACL(String str, Session session, Session session2, boolean z, String[] strArr, String str2) throws RepositoryException {
        AccessControlManager accessControlManager = session.getAccessControlManager();
        JackrabbitAccessControlList acl = getACL(accessControlManager, str);
        UserManager userManager = ((JackrabbitSession) session2).getUserManager();
        if (acl != null) {
            acl.addEntry(userManager.getAuthorizable(str2).getPrincipal(), getPrivilegesByName(session, strArr), z, (Map) null);
            accessControlManager.setPolicy(str, acl);
        }
    }

    protected JackrabbitAccessControlList getACL(AccessControlManager accessControlManager, String str) throws RepositoryException {
        return AccessControlUtils.getAccessControlList(accessControlManager, str);
    }

    protected Privilege[] getPrivilegesByName(Session session, String... strArr) throws RepositoryException {
        return AccessControlUtils.privilegesFromNames(session, strArr);
    }

    protected HtmlEmail createEmailInstance() {
        return new HtmlEmail();
    }

    public String getHostPrefix(Externalizer externalizer, ResourceResolver resourceResolver, boolean z) {
        String externalLink = getExternalLink(externalizer, resourceResolver, "author");
        if (StringUtils.isNotBlank(externalLink) && externalLink.endsWith("/")) {
            externalLink = externalLink.substring(0, externalLink.length() - 1);
        }
        log.info("Using externalized host {} for share link", externalLink);
        if (z) {
            log.info("Prepending tenant ID to adhoc asset share url");
            Tenant tenant = (Tenant) resourceResolver.adaptTo(Tenant.class);
            if (null != tenant) {
                String id = tenant.getId();
                log.info("Found a tenant ID to prepend to url: {}", id);
                try {
                    URI uri = new URI(externalLink, false);
                    URI uri2 = new URI(uri.getScheme(), uri.getUserinfo(), !StringUtils.isEmpty(id) ? id + "." + uri.getHost() : uri.getHost(), uri.getPort(), uri.getPath());
                    if (StringUtils.isNotBlank(uri2.getURI())) {
                        log.info("Using tenant host URI: {}", uri2);
                        externalLink = uri2.getURI();
                    }
                } catch (URIException e) {
                    log.error("Failed to build the tenant uri for host uri {} and tenant id {}.", new String[]{externalLink, id}, e);
                }
            }
        }
        return externalLink;
    }

    public String getExternalLink(Externalizer externalizer, ResourceResolver resourceResolver, String str) {
        String str2 = DEFAULT_EMAIL_MESSAGE;
        try {
            str2 = externalizer.externalLink(resourceResolver, str, DEFAULT_EMAIL_MESSAGE);
            log.info("Received '{}' from externalizer for domain {}", str2, str);
        } catch (IllegalArgumentException e) {
            log.warn("Configuraion not present for domain : " + str, e.getMessage());
        } catch (Exception e2) {
            log.warn("Failed to get external link for domain : " + str, e2.getMessage());
        }
        return str2;
    }

    public void sendShareEmail(ResourceResolver resourceResolver, XSSAPI xssapi, MessageGatewayService messageGatewayService, ConfigurationResourceResolver configurationResourceResolver, String str, String str2, String str3, String str4, String[] strArr, String str5, String str6, String str7, String str8, String str9, String str10) {
        String loadTemplate;
        if (strArr == null || strArr.length <= 0 || null == (loadTemplate = loadTemplate(configurationResourceResolver, resourceResolver, EMAIL_TEMPLATE_PATH))) {
            return;
        }
        HashMap hashMap = new HashMap();
        String str11 = "<i style=\"color:#999999\">" + xssapi.encodeForHTML(str3) + "</i><br/>";
        hashMap.put("host.prefix", str10);
        hashMap.put("pagePath", xssapi.encodeForHTML(str10 + str));
        hashMap.put("emailInitiator", xssapi.encodeForHTML(str8));
        hashMap.put("emailSubject", str2);
        if (StringUtils.isNotEmpty(str4)) {
            hashMap.put("emailMessage", str11 + xssapi.encodeForHTML(str4));
        } else {
            hashMap.put("emailMessage", DEFAULT_EMAIL_MESSAGE);
        }
        hashMap.put("linkExpiry", xssapi.encodeForHTML(str7));
        List<String> asList = Arrays.asList(strArr);
        ArrayList arrayList = new ArrayList();
        try {
            for (String str12 : asList) {
                if (!StringUtils.isEmpty(str12)) {
                    arrayList.add(new InternetAddress(str12));
                }
            }
        } catch (AddressException e) {
            log.error("Cannot get the recipient email address: " + e.getMessage());
        }
        HtmlEmail createEmail = createEmail(loadTemplate, new StrSubstitutor(hashMap));
        try {
            createEmail.setBcc(arrayList);
            if (StringUtils.isNotEmpty(str5)) {
                createEmail.addReplyTo(str5, str6);
            }
            if (StringUtils.isNotEmpty(str9)) {
                createEmail.setFrom(str9, str6);
            }
            messageGatewayService.getGateway(HtmlEmail.class).send(createEmail);
            log.info("Email share message sent.");
        } catch (EmailException e2) {
            log.error("Error in sending email " + e2.getMessage());
        }
    }

    public HtmlEmail createEmail(String str, StrSubstitutor strSubstitutor) {
        HtmlEmail createEmailInstance = createEmailInstance();
        try {
            CountingInputStream countingInputStream = new CountingInputStream(new ByteArrayInputStream(str.getBytes(DEFAULT_CHARSET)));
            try {
                InternetHeaders internetHeaders = new InternetHeaders(countingInputStream);
                HashMap hashMap = new HashMap();
                Enumeration allHeaders = internetHeaders.getAllHeaders();
                while (allHeaders.hasMoreElements()) {
                    Header header = (Header) allHeaders.nextElement();
                    String name = header.getName();
                    log.debug("Header: {} = {}", name, header.getValue());
                    hashMap.put(name, internetHeaders.getHeader(name));
                }
                String substring = str.substring(countingInputStream.getCount());
                createEmailInstance.setCharset(DEFAULT_CHARSET);
                String[] strArr = (String[]) hashMap.remove("subject");
                String str2 = strArr == null ? DEFAULT_EMAIL_MESSAGE : strArr[0];
                log.debug("Email subject: " + str2);
                if (!StringUtils.isEmpty(str2)) {
                    createEmailInstance.setSubject(strSubstitutor.replace(str2));
                }
                String replace = strSubstitutor.replace(substring);
                log.debug("Substituted mail body: {}", replace);
                createEmailInstance.setMsg(replace);
                countingInputStream.close();
            } finally {
            }
        } catch (Exception e) {
            log.error("Error creating adhoc asset share email from template", e);
        }
        return createEmailInstance;
    }

    public String loadTemplate(ConfigurationResourceResolver configurationResourceResolver, ResourceResolver resourceResolver, String str) {
        try {
            Resource resource = resourceResolver.getResource("/etc/" + str);
            if (null == resource) {
                resource = configurationResourceResolver.getResource(resourceResolver.getResource(DamUtil.getTenantAssetsRoot(resourceResolver)), EMAIL_TEMPLATE_CACONFIG_BUCKET, str);
            }
            InputStream stream = ((Node) resource.adaptTo(Node.class)).getNode("jcr:content").getProperty("jcr:data").getBinary().getStream();
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(stream, DEFAULT_CHARSET);
                StringWriter stringWriter = new StringWriter();
                IOUtils.copy(inputStreamReader, stringWriter);
                String stringWriter2 = stringWriter.toString();
                if (stream != null) {
                    stream.close();
                }
                return stringWriter2;
            } finally {
            }
        } catch (Exception e) {
            log.error("Error while loading mail template {}:{}", str, e.toString());
            return null;
        }
    }
}
