package com.day.crx.core;

import com.day.crx.CRXSession;
import com.day.crx.security.ACL;
import com.day.crx.security.ACLManager;
import com.day.crx.security.ActionSet;
import com.day.crx.security.EditableACL;
import com.day.crx.security.authorization.ActionSetImpl;
import com.day.crx.security.authorization.CRXAccessManager;
import com.day.crx.security.spi.ACLEditor;
import com.day.crx.security.spi.ACLProvider;
import com.day.crx.security.spi.AbstractACL;
import java.util.HashMap;
import java.util.Map;
import javax.jcr.AccessDeniedException;
import javax.jcr.ItemNotFoundException;
import javax.jcr.RepositoryException;
import javax.jcr.UnsupportedRepositoryOperationException;
import org.apache.jackrabbit.core.ItemId;
import org.apache.jackrabbit.core.ItemImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/day/crx/core/ACLManagerImpl.class */
public class ACLManagerImpl implements ACLManager {
    static final String CVS_ID = "$URL: http://svn.day.com/repos/crx/tags/crx-1.4.2-load5/repository/crx-core/src/main/java/com/day/crx/core/ACLManagerImpl.java $ $Rev: 25818 $ $Date: 2007-03-23 12:25:29 +0100 (Fri, 23 Mar 2007) $";
    private final boolean isAdmin;
    private ACLProvider provider;
    private ACLEditor editor;
    private final CRXSessionImpl userSession;
    private final Map editedAcls = new HashMap();
    private static final ActionSet ACTIONSET_READ = ActionSetImpl.create(16);
    private static final ActionSet ACTIONSET_MODIFY = ActionSetImpl.create(32);
    private static final Logger logger;
    static Class class$com$day$crx$core$ACLManagerImpl;

    /* JADX INFO: Access modifiers changed from: protected */
    public ACLManagerImpl(CRXSessionImpl cRXSessionImpl) {
        this.userSession = cRXSessionImpl;
        this.isAdmin = (cRXSessionImpl instanceof CRXSystemSession) || ((cRXSessionImpl.getAccessManager() instanceof CRXAccessManager) && ((CRXAccessManager) cRXSessionImpl.getAccessManager()).isSystem());
    }

    public CRXSession getSession() {
        return this.userSession;
    }

    public ACL getAcl(String str) throws RepositoryException {
        return getProvider().getAcl(getACLId(str, ACTIONSET_READ));
    }

    public ACL getWorkspaceAcl() throws RepositoryException {
        return this.userSession.getCompiledACLProvider().getWorkspaceAcl().getSource();
    }

    public EditableACL editAcl(String str) throws RepositoryException, AccessDeniedException {
        AbstractACL abstractACL = null;
        try {
            ACLEditor editor = getEditor();
            synchronized (this.editedAcls) {
                if (this.editedAcls.containsKey(str)) {
                    abstractACL = (EditableACL) this.editedAcls.get(str);
                    if ((abstractACL instanceof AbstractACL) && !abstractACL.isValid()) {
                        abstractACL = null;
                    }
                }
                if (abstractACL == null) {
                    abstractACL = editor.editAcl(getACLId(str, ACTIONSET_MODIFY));
                    if (abstractACL != null) {
                        this.editedAcls.put(str, abstractACL);
                    }
                }
            }
        } catch (UnsupportedRepositoryOperationException e) {
        }
        return abstractACL;
    }

    public void setAcl(String str, EditableACL editableACL) throws RepositoryException, AccessDeniedException {
        try {
            try {
                getEditor().setAcl(getACLId(str, ACTIONSET_MODIFY), editableACL);
                synchronized (this.editedAcls) {
                    this.editedAcls.remove(str);
                }
            } catch (ItemNotFoundException e) {
                throw new ItemNotFoundException(new StringBuffer().append("Can not set ACL to unsaved / unexistant Item at ").append(str).toString());
            }
        } catch (Throwable th) {
            synchronized (this.editedAcls) {
                this.editedAcls.remove(str);
                throw th;
            }
        }
    }

    public void removeAcl(String str) throws RepositoryException, AccessDeniedException {
        try {
            getEditor().removeAcl(getACLId(str, ACTIONSET_MODIFY));
            this.editedAcls.remove(str);
        } catch (Throwable th) {
            this.editedAcls.remove(str);
            throw th;
        }
    }

    public void revertAcl(String str) {
        synchronized (this.editedAcls) {
            if (this.editedAcls.containsKey(str)) {
                this.editedAcls.remove(str);
            }
        }
    }

    private ACLProvider getProvider() throws RepositoryException {
        if (this.provider == null) {
            this.provider = this.userSession.getRepository().getSecurityManager().createACLProvider(this.userSession.getWorkspace().getName());
        }
        return this.provider;
    }

    private ACLEditor getEditor() throws RepositoryException {
        if (this.editor == null) {
            this.editor = getProvider().getEditor();
            if (this.editor == null) {
                throw new UnsupportedRepositoryOperationException("ACLProvider for Workspace does not define an Editor");
            }
        }
        return this.editor;
    }

    private boolean isAdmin() {
        return this.isAdmin;
    }

    private ItemId getACLId(String str, ActionSet actionSet) throws RepositoryException {
        ItemImpl item = this.userSession.getItem(str);
        if (!item.getId().denotesNode()) {
            item = (ItemImpl) item.getParent();
        }
        ItemId id = item.getId();
        if (isAdmin()) {
            return id;
        }
        AbstractACL acl = getProvider().getAcl(id);
        if (acl == null) {
            logger.debug("getACLId: Item at {} not Protected: grant all access to {}", str, this.userSession.getUserID());
        } else if (!acl.grants(this.userSession.getSubject().getPrincipals(), actionSet)) {
            throw new AccessDeniedException(new StringBuffer().append("User ").append(this.userSession.getUserID()).append("is not allowed to modify ACL on ").append(str).toString());
        }
        return id;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$day$crx$core$ACLManagerImpl == null) {
            cls = class$("com.day.crx.core.ACLManagerImpl");
            class$com$day$crx$core$ACLManagerImpl = cls;
        } else {
            cls = class$com$day$crx$core$ACLManagerImpl;
        }
        logger = LoggerFactory.getLogger(cls);
    }
}
