package com.enonic.xp.lib.content;

import com.enonic.xp.content.ApplyContentPermissionsParams;
import com.enonic.xp.content.Content;
import com.enonic.xp.content.ContentId;
import com.enonic.xp.content.ContentNotFoundException;
import com.enonic.xp.content.ContentPath;
import com.enonic.xp.content.ContentService;
import com.enonic.xp.content.UpdateContentParams;
import com.enonic.xp.context.ContextAccessor;
import com.enonic.xp.context.ContextBuilder;
import com.enonic.xp.script.ScriptValue;
import com.enonic.xp.script.bean.BeanContext;
import com.enonic.xp.script.bean.ScriptBean;
import com.enonic.xp.security.PrincipalKey;
import com.enonic.xp.security.SecurityService;
import com.enonic.xp.security.acl.AccessControlEntry;
import com.enonic.xp.security.acl.AccessControlList;
import com.enonic.xp.security.acl.Permission;
import com.enonic.xp.security.auth.AuthenticationInfo;
import com.google.common.base.Strings;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:OSGI-INF/lib/lib-content-6.9.0.jar:com/enonic/xp/lib/content/SetPermissionsHandler.class */
public final class SetPermissionsHandler implements ScriptBean {
    private static final Logger LOG = LoggerFactory.getLogger(SetPermissionsHandler.class);
    private ContentService contentService;
    private SecurityService securityService;
    private String key;
    private boolean inheritPermissions;
    private boolean overwriteChildPermissions;
    private AccessControlList permissions;
    private String branch;

    public void setKey(String str) {
        this.key = str;
    }

    public void setInheritPermissions(boolean z) {
        this.inheritPermissions = z;
    }

    public void setOverwriteChildPermissions(boolean z) {
        this.overwriteChildPermissions = z;
    }

    public void setPermissions(ScriptValue scriptValue) {
        if (scriptValue != null) {
            this.permissions = AccessControlList.create().addAll((List) scriptValue.getArray().stream().map(this::convertToAccessControlEntry).collect(Collectors.toList())).build();
        }
    }

    public void setBranch(String str) {
        this.branch = str;
    }

    private AccessControlEntry convertToAccessControlEntry(ScriptValue scriptValue) {
        String str = (String) scriptValue.getMember("principal").getValue(String.class);
        List list = (List) scriptValue.getMember("allow").getArray(String.class).stream().map(Permission::valueOf).collect(Collectors.toList());
        return AccessControlEntry.create().principal(PrincipalKey.from(str)).allow(list).deny((List) scriptValue.getMember("deny").getArray(String.class).stream().map(Permission::valueOf).collect(Collectors.toList())).build();
    }

    public boolean execute() {
        return Strings.isNullOrEmpty(this.branch) ? doExecute() : ((Boolean) ContextBuilder.from(ContextAccessor.current()).branch(this.branch).build().callWith(this::doExecute)).booleanValue();
    }

    private boolean doExecute() {
        ContentId contentId = getContentId();
        if (!validPrincipals() || contentId == null) {
            return false;
        }
        AuthenticationInfo authInfo = ContextAccessor.current().getAuthInfo();
        this.contentService.update(new UpdateContentParams().contentId(contentId).modifier((authInfo == null || !authInfo.isAuthenticated()) ? PrincipalKey.ofAnonymous() : authInfo.getUser().getKey()).editor(editableContent -> {
            editableContent.inheritPermissions = this.inheritPermissions;
            editableContent.permissions = this.permissions;
        }));
        try {
            this.contentService.applyPermissions(ApplyContentPermissionsParams.create().contentId(contentId).overwriteChildPermissions(this.overwriteChildPermissions).build()).get();
            return true;
        } catch (InterruptedException | ExecutionException e) {
            throw new RuntimeException("Error applying content permissions", e);
        }
    }

    private ContentId getContentId() {
        try {
            if (!this.key.startsWith("/")) {
                return ContentId.from(this.key);
            }
            Content byPath = this.contentService.getByPath(ContentPath.from(this.key));
            if (byPath != null) {
                return byPath.getId();
            }
            return null;
        } catch (ContentNotFoundException e) {
            LOG.warn("Content not found: " + this.key);
            return null;
        }
    }

    private boolean validPrincipals() {
        boolean z = true;
        Iterator it = this.permissions.getAllPrincipals().iterator();
        while (it.hasNext()) {
            PrincipalKey principalKey = (PrincipalKey) it.next();
            if (!principalExists(principalKey)) {
                LOG.warn("Principal not found: " + principalKey);
                z = false;
            }
        }
        return z;
    }

    private boolean principalExists(PrincipalKey principalKey) {
        return this.securityService.getPrincipal(principalKey).isPresent();
    }

    public void initialize(BeanContext beanContext) {
        this.contentService = (ContentService) beanContext.getService(ContentService.class).get();
        this.securityService = (SecurityService) beanContext.getService(SecurityService.class).get();
    }
}
