package biz.netcentric.cq.tools.actool.authorizableinstaller.impl;

import biz.netcentric.cq.tools.actool.configmodel.AuthorizableConfigBean;
import biz.netcentric.cq.tools.actool.configmodel.AuthorizablesConfig;
import biz.netcentric.cq.tools.actool.dumpservice.MapKey;
import biz.netcentric.cq.tools.actool.history.InstallationLogger;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.jcr.RepositoryException;
import org.apache.commons.lang3.StringUtils;
import org.apache.jackrabbit.api.security.principal.PrincipalIterator;
import org.apache.jackrabbit.api.security.user.Impersonation;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
import org.osgi.service.component.annotations.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {ImpersonationInstallerServiceImpl.class})
/* loaded from: input_file:biz/netcentric/cq/tools/actool/authorizableinstaller/impl/ImpersonationInstallerServiceImpl.class */
public class ImpersonationInstallerServiceImpl {
    private static final Logger LOG = LoggerFactory.getLogger(ImpersonationInstallerServiceImpl.class);

    public void setupImpersonation(User user, List<String> list, AuthorizablesConfig authorizablesConfig, InstallationLogger installationLogger) {
        try {
            List<String> expandImpersonatorsList = expandImpersonatorsList(user.getID(), list, authorizablesConfig);
            Impersonation impersonation = user.getImpersonation();
            applyChanges(user, installationLogger, expandImpersonatorsList, impersonation, collectCurrentImpersonators(impersonation));
        } catch (RepositoryException e) {
            throw new IllegalStateException("Could not setup impersonation for user " + user + ": " + e, e);
        }
    }

    private void applyChanges(User user, InstallationLogger installationLogger, List<String> list, Impersonation impersonation, List<String> list2) throws RepositoryException {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(list);
        arrayList.removeAll(list2);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (!impersonation.grantImpersonation(new PrincipalImpl(str))) {
                it.remove();
                installationLogger.addWarning(LOG, "Impersonator '" + str + "' can not be added to user " + user);
            }
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.addAll(list2);
        arrayList2.removeAll(list);
        Iterator it2 = arrayList2.iterator();
        while (it2.hasNext()) {
            String str2 = (String) it2.next();
            if (!impersonation.revokeImpersonation(new PrincipalImpl(str2))) {
                it2.remove();
                installationLogger.addWarning(LOG, "Impersonator '" + str2 + "' can not be removed from user " + user);
            }
        }
        if (arrayList.isEmpty() && arrayList2.isEmpty()) {
            return;
        }
        installationLogger.addVerboseMessage(LOG, "Adjusted impersonation for user " + user.getID() + MapKey.YAML_MAP_KEY_SUFFIX);
        if (!arrayList.isEmpty()) {
            installationLogger.addVerboseMessage(LOG, " Added impersonators=" + arrayList);
        }
        if (arrayList2.isEmpty()) {
            return;
        }
        installationLogger.addVerboseMessage(LOG, " Removed impersonators=" + arrayList2);
    }

    private List<String> collectCurrentImpersonators(Impersonation impersonation) throws RepositoryException {
        PrincipalIterator impersonators = impersonation.getImpersonators();
        ArrayList arrayList = new ArrayList();
        while (impersonators.hasNext()) {
            arrayList.add(impersonators.nextPrincipal().getName());
        }
        return arrayList;
    }

    private List<String> expandImpersonatorsList(String str, List<String> list, AuthorizablesConfig authorizablesConfig) {
        ArrayList arrayList = new ArrayList();
        for (String str2 : list) {
            if (StringUtils.indexOfAny(str2, new char[]{'*', '?', '(', '|'}) > -1) {
                Iterator it = authorizablesConfig.iterator();
                while (it.hasNext()) {
                    AuthorizableConfigBean authorizableConfigBean = (AuthorizableConfigBean) it.next();
                    if (!authorizableConfigBean.isGroup() && authorizableConfigBean.getPrincipalName().matches(str2) && !authorizableConfigBean.getAuthorizableId().equals(str)) {
                        arrayList.add(authorizableConfigBean.getPrincipalName());
                    }
                }
            } else {
                arrayList.add(str2);
            }
        }
        return arrayList;
    }
}
