package org.gcube.common.homelibrary.jcr.workspace.accessmanager;

import com.thoughtworks.xstream.XStream;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.jcr.RepositoryException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.methods.GetMethod;
import org.gcube.common.homelibrary.home.exceptions.InternalErrorException;
import org.gcube.common.homelibrary.home.workspace.accessmanager.ACLType;
import org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager;
import org.gcube.common.homelibrary.jcr.repository.JCRRepository;
import org.gcube.common.homelibrary.jcr.repository.ServletName;
import org.gcube.common.homelibrary.jcr.workspace.util.TokenUtility;
import org.gcube.common.homelibrary.util.WorkspaceUtil;
import org.gcube.common.resources.gcore.GCoreEndpoint;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/home-library-jcr-2.11.1-4.8.0-158817.jar:org/gcube/common/homelibrary/jcr/workspace/accessmanager/JCRAccessManager.class */
public class JCRAccessManager implements AccessManager {
    private Logger logger = LoggerFactory.getLogger(JCRAccessManager.class);
    Map<String, GCoreEndpoint.Profile.Endpoint> servlets = JCRRepository.servlets;

    public ACLType getACLByUser(String str, String str2) {
        this.logger.debug("Get ACL for resource " + str2 + " for user: " + str);
        GetMethod getMethod = null;
        ACLType aCLType = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.GET_ACL_BY_USER).uri().toString() + "?login=" + str + "&absPath=" + URLEncoder.encode(str2, "UTF-8"));
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                arrayList.add((String) new XStream().fromXML(getMethod.getResponseBodyAsString()));
                aCLType = WorkspaceUtil.getACLTypeByKey(arrayList);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error deleting Permissions in AccessManager", e);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return aCLType;
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public Map<String, List<String>> getACL(String str, String str2) throws InternalErrorException {
        this.logger.debug("Get ACL for resource " + str);
        Map<String, List<String>> map = null;
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.GET_ACL).uri().toString() + "?absPath=" + URLEncoder.encode(str, "UTF-8") + "&login=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response " + getMethod.getResponseBodyAsString());
                map = (Map) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error reatriving ACL", e);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return map;
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean modifyAce(List<String> list, String str, List<String> list2, String str2, String str3) throws InternalErrorException {
        Boolean bool;
        this.logger.debug("Modify ACL on resource " + str + " for users: " + list.toString());
        try {
            if (getACL(str, str3).containsKey(list.get(0))) {
                deleteAces(str, list);
            }
            GetMethod getMethod = null;
            try {
                try {
                    HttpClient httpClient = new HttpClient();
                    StringBuilder sb = new StringBuilder();
                    Iterator<String> it = list2.iterator();
                    while (it.hasNext()) {
                        sb.append("&privilege@" + it.next());
                    }
                    if (str2 == null) {
                        str2 = "first";
                    }
                    Iterator<String> it2 = list.iterator();
                    while (it2.hasNext()) {
                        try {
                            getMethod = new GetMethod(this.servlets.get(ServletName.MODIFY_ACL).uri().toString() + "?principalId=" + it2.next() + "&resourcePath=" + URLEncoder.encode(str, "UTF-8") + sb.toString() + "&order=" + str2);
                            TokenUtility.setHeader(getMethod);
                            httpClient.executeMethod(getMethod);
                            this.logger.debug("Response " + getMethod.getResponseBodyAsString());
                            if (getMethod != null) {
                                getMethod.releaseConnection();
                            }
                        } catch (Exception e) {
                            this.logger.error("Error modifing ACLs: " + e);
                            throw new InternalErrorException(e);
                        }
                    }
                    try {
                        bool = getMethod.getResponseBodyAsString() == null ? false : (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                    } catch (Exception e2) {
                        bool = false;
                        this.logger.error("Error in Modify ace", e2);
                    }
                    if (getMethod != null) {
                        getMethod.releaseConnection();
                    }
                } catch (Exception e3) {
                    this.logger.error("Error in Add or Modify Permissions in AccessManager", e3);
                    bool = false;
                    if (0 != 0) {
                        getMethod.releaseConnection();
                    }
                }
                return bool.booleanValue();
            } catch (Throwable th) {
                if (0 != 0) {
                    getMethod.releaseConnection();
                }
                throw th;
            }
        } catch (Exception e4) {
            this.logger.error("Error deleting old ACLs: " + e4);
            throw new InternalErrorException(e4);
        }
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public Map<String, List<String>> getEACL(String str) throws InternalErrorException {
        this.logger.debug("GET ACL of resource " + str);
        Map<String, List<String>> map = null;
        HttpMethod httpMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                GetMethod getMethod = new GetMethod(this.servlets.get(ServletName.GET_EACL).uri().toString() + "?absPath=" + URLEncoder.encode(str, "UTF-8"));
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                try {
                    map = getMethod.getResponseBodyAsString() == null ? new HashMap() : (Map) new XStream().fromXML(getMethod.getResponseBodyAsString());
                } catch (Exception e) {
                    this.logger.error("Error retrieving EACL", e);
                }
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                return map;
            } catch (Exception e2) {
                this.logger.error("Error modifing ACLs: " + e2);
                throw new InternalErrorException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                httpMethod.releaseConnection();
            }
            throw th;
        }
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public boolean setReadOnlyACL(List<String> list, String str) throws InternalErrorException {
        this.logger.debug("Set READ ONLY ACL on resource " + str + " for users: " + list.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add("jcr:read=granted");
        try {
            return modifyAce(list, str, arrayList, null, null);
        } catch (Exception e) {
            this.logger.error("Error setting WriteOwner to users " + list.toString() + " to path " + str);
            throw new InternalErrorException(e);
        }
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public boolean setWriteOwnerACL(List<String> list, String str) throws InternalErrorException {
        this.logger.debug("Set WRITE OWN ACL on resource " + str + " for users: " + list.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add("jcr:write=granted");
        try {
            boolean modifyAce = modifyAce(list, str, arrayList, null, null);
            this.logger.debug("Ace modified");
            return modifyAce;
        } catch (Exception e) {
            this.logger.error("Error setting WriteOwner to users " + list.toString() + " to path " + str);
            throw new InternalErrorException(e);
        }
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public boolean setWriteAllACL(List<String> list, String str) throws InternalErrorException {
        this.logger.debug("Set WRITE ALL ACL on resource " + str + " for users: " + list.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add("hl:writeAll=granted");
        try {
            return modifyAce(list, str, arrayList, null, null);
        } catch (Exception e) {
            this.logger.error("Error setting Write All to users " + list.toString() + " to path " + str);
            throw new InternalErrorException(e);
        }
    }

    public boolean setAccessDenied(List<String> list, String str) throws InternalErrorException {
        boolean z;
        this.logger.debug("Set Access Denide on resource " + str + " for users: " + list.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add("jcr:read=denied");
        try {
            z = modifyAce(list, str, arrayList, null, null);
        } catch (Exception e) {
            this.logger.error("Error removing Read privilege to users " + list.toString() + " to path " + str);
            z = false;
        }
        return z;
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public boolean setAdminACL(List<String> list, String str) throws InternalErrorException {
        this.logger.debug("Set ADMIN ACL on resource " + str + " for users: " + list.toString());
        ArrayList arrayList = new ArrayList();
        arrayList.add("jcr:all=granted");
        try {
            return modifyAce(list, str, arrayList, null, null);
        } catch (Exception e) {
            this.logger.error("Error setting Admin to users " + list.toString() + " to path " + str);
            throw new InternalErrorException(e);
        }
    }

    @Override // org.gcube.common.homelibrary.home.workspace.accessmanager.AccessManager
    public boolean deleteAces(String str, List<String> list) throws InternalErrorException {
        this.logger.debug("Delete ACES on resource " + str + " for users: " + list.toString());
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                StringBuilder sb = new StringBuilder();
                Iterator<String> it = list.iterator();
                while (it.hasNext()) {
                    sb.append("&applyTo=" + it.next());
                }
                getMethod = new GetMethod(this.servlets.get(ServletName.DELETE_ACL).uri().toString() + "?absPath=" + URLEncoder.encode(str, "UTF-8") + ((Object) sb));
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response DeleteAcesServlet: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                Boolean bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                return bool.booleanValue();
            } catch (Exception e) {
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                this.logger.error("Error deleting Permissions in AccessManager", e);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                return false;
            }
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public Map<String, List<String>> getDeniedMap(String str) throws RepositoryException, InternalErrorException {
        this.logger.debug("Get Denide map for resource " + str);
        Map<String, List<String>> map = null;
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                XStream xStream = new XStream();
                getMethod = new GetMethod(this.servlets.get(ServletName.GET_DENIED_MAP).uri().toString() + "?absPath=" + URLEncoder.encode(str, "UTF-8"));
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                map = (Map) xStream.fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error GET_DENIED_MAP ", e);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return map;
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean canAddChildren(String str, String str2) {
        Boolean bool;
        this.logger.debug("Check if " + str + " can add children on resource " + str2);
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.CAN_ADD_CHILDREN).uri().toString() + "?login=" + str + "&id=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response DeleteAcesServlet: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error adding children in AccessManager", e);
                bool = false;
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return bool.booleanValue();
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean canDeleteChildren(String str, String str2) {
        Boolean bool;
        this.logger.debug("Check if " + str + " can delete children of resource " + str2);
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.CAN_DELETE_CHILDREN).uri().toString() + "?login=" + str + "&id=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response DeleteAcesServlet: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error deleting children Permissions in AccessManager", e);
                bool = false;
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return bool.booleanValue();
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean canDelete(String str, String str2, boolean z) {
        Boolean bool;
        this.logger.debug("Check if " + str + " can delete resource " + str2);
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.CAN_DELETE).uri().toString() + "?login=" + str + "&isRoot=" + z + "&id=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response DeleteAcesServlet: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error deleting Permissions in AccessManager", e);
                bool = false;
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return bool.booleanValue();
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean canModifyProperties(String str, String str2, boolean z) {
        Boolean bool;
        this.logger.debug("Check if " + str + " can modify resource " + str2);
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.CAN_MODIFY).uri().toString() + "?login=" + str + "&isRoot=" + z + "&id=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response DeleteAcesServlet: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            } catch (Exception e) {
                this.logger.error("Error modifying privileges in AccessManager", e);
                bool = false;
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
            }
            return bool.booleanValue();
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }

    public boolean canReadNode(String str, String str2) throws InternalErrorException {
        this.logger.debug("Check if " + str + " can read resource " + str2);
        GetMethod getMethod = null;
        try {
            try {
                HttpClient httpClient = new HttpClient();
                getMethod = new GetMethod(this.servlets.get(ServletName.CAN_READ).uri().toString() + "?login=" + str + "&id=" + str2);
                TokenUtility.setHeader(getMethod);
                httpClient.executeMethod(getMethod);
                this.logger.debug("Response canReadNode: " + getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                Boolean bool = (Boolean) new XStream().fromXML(getMethod.getResponseBodyAsString());
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                return bool.booleanValue();
            } catch (Exception e) {
                this.logger.error("Error reading privileges in AccessManager", e);
                if (getMethod != null) {
                    getMethod.releaseConnection();
                }
                throw new InternalErrorException(e);
            }
        } catch (Throwable th) {
            if (getMethod != null) {
                getMethod.releaseConnection();
            }
            throw th;
        }
    }
}
