package com.day.cq.security.impl.servlets;

import com.day.cq.commons.servlets.AbstractPredicateServlet;
import com.day.cq.commons.servlets.HtmlStatusResponseHelper;
import com.day.cq.security.util.AuthorizableJSONWriter;
import com.day.cq.security.util.CqActions;
import com.day.cq.security.util.RequestConstants;
import java.io.IOException;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import javax.jcr.AccessDeniedException;
import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.PathNotFoundException;
import javax.jcr.Session;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import org.apache.commons.collections.Predicate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.HtmlResponse;
import org.apache.sling.commons.json.io.JSONWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service({Servlet.class})
@Component(metatype = false)
@Properties({@Property(name = "service.provider", value = {"Day Management AG"}), @Property(name = "sling.servlet.resourceTypes", value = {"rep:User", "rep:Group"}), @Property(name = "sling.servlet.selectors", value = {"permissions"}), @Property(name = "sling.servlet.extensions", value = {RequestConstants.JSON_EXTENSION})})
/* loaded from: input_file:com/day/cq/security/impl/servlets/UserCQActionsServlet.class */
public class UserCQActionsServlet extends AbstractPredicateServlet {
    private static final Logger log = LoggerFactory.getLogger(UserCQActionsServlet.class);
    private static final String PARAM_PATH = "path";
    private static final String PARAM_GET_PARENT_PERMISSION_ONLY = "currentNodeOnly";

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        String parameter = slingHttpServletRequest.getParameter("path");
        String parameter2 = slingHttpServletRequest.getParameter(PARAM_GET_PARENT_PERMISSION_ONLY);
        if (parameter == null || parameter.length() == 0) {
            return;
        }
        Predicate predicate = getPredicate(slingHttpServletRequest);
        HtmlResponse htmlResponse = null;
        try {
            try {
                try {
                    try {
                        Session session = (Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class);
                        if (session.nodeExists(parameter)) {
                            slingHttpServletResponse.setContentType(RequestConstants.JSON_CONTENT_TYPE);
                            slingHttpServletResponse.setCharacterEncoding("UTF-8");
                            JSONWriter jSONWriter = new JSONWriter(slingHttpServletResponse.getWriter());
                            Authorizable authorizable = (Authorizable) slingHttpServletRequest.getResourceResolver().adaptTo(Authorizable.class);
                            CqActions cqActions = new CqActions(session);
                            HashMap hashMap = new HashMap();
                            if ("/".equals(parameter) && predicate.evaluate(session.getRootNode())) {
                                hashMap.put("/", cqActions.getAllowedActions("/", null));
                            }
                            if (parameter2 == null || !parameter2.equals("true")) {
                                NodeIterator nodes = session.getNode(parameter).getNodes();
                                while (nodes.hasNext()) {
                                    Node nextNode = nodes.nextNode();
                                    if (predicate.evaluate(nextNode)) {
                                        String path = nextNode.getPath();
                                        hashMap.put(path, cqActions.getAllowedActions(path, null));
                                    }
                                }
                            } else {
                                hashMap.put(parameter, cqActions.getAllowedActions(parameter, null));
                            }
                            String name = authorizable.getPrincipal().getName();
                            String str = authorizable.isGroup() ? AuthorizableJSONWriter.GROUP : AuthorizableJSONWriter.USER;
                            jSONWriter.object();
                            jSONWriter.key("acl");
                            jSONWriter.array();
                            int i = 0;
                            for (String str2 : hashMap.keySet()) {
                                jSONWriter.object();
                                jSONWriter.key("type").value(str);
                                jSONWriter.key("principal").value(name);
                                jSONWriter.key("path").value(str2);
                                Iterator it = ((Collection) hashMap.get(str2)).iterator();
                                while (it.hasNext()) {
                                    jSONWriter.key((String) it.next()).value(true);
                                }
                                jSONWriter.endObject();
                                i++;
                            }
                            jSONWriter.endArray();
                            jSONWriter.key("aces").value(i);
                            jSONWriter.endObject();
                        }
                    } catch (PathNotFoundException e) {
                        HtmlResponse createStatusResponse = HtmlStatusResponseHelper.createStatusResponse(404, e.getMessage());
                        if (createStatusResponse != null) {
                            createStatusResponse.send(slingHttpServletResponse, true);
                        }
                    }
                } catch (Exception e2) {
                    HtmlResponse createStatusResponse2 = HtmlStatusResponseHelper.createStatusResponse(false, e2.getMessage());
                    if (createStatusResponse2 != null) {
                        createStatusResponse2.send(slingHttpServletResponse, true);
                    }
                }
            } catch (AccessDeniedException e3) {
                HtmlResponse createStatusResponse3 = HtmlStatusResponseHelper.createStatusResponse(401, e3.getMessage());
                if (createStatusResponse3 != null) {
                    createStatusResponse3.send(slingHttpServletResponse, true);
                }
            }
        } finally {
            if (0 != 0) {
                htmlResponse.send(slingHttpServletResponse, true);
            }
        }
    }
}
