package io.inkstand.scribble.rules.jcr;

import io.inkstand.scribble.inject.InjectableHolder;
import io.inkstand.scribble.rules.BaseRule;
import io.inkstand.scribble.rules.ExternalResource;
import io.inkstand.scribble.security.SecurityTestHelper;
import java.security.Principal;
import java.util.ArrayList;
import java.util.NoSuchElementException;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlList;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import org.junit.rules.TemporaryFolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/inkstand/scribble/rules/jcr/ContentRepository.class */
public abstract class ContentRepository extends ExternalResource<TemporaryFolder> implements InjectableHolder<Repository> {
    private static final Logger LOG = LoggerFactory.getLogger(ContentRepository.class);
    private static final String ANY_WILDCARD = "*";
    private final TemporaryFolder workingDirectory;
    private transient Repository repository;
    private transient Session adminSession;
    private Session anonSession;

    public ContentRepository(TemporaryFolder temporaryFolder) {
        super(temporaryFolder);
        this.workingDirectory = temporaryFolder;
    }

    @Override // io.inkstand.scribble.rules.ExternalResource
    protected void beforeClass() throws Throwable {
        doBefore();
    }

    @Override // io.inkstand.scribble.rules.ExternalResource
    protected void afterClass() {
        doAfter();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.inkstand.scribble.rules.ExternalResource
    public void before() throws Throwable {
        if (isBeforeState(BaseRule.State.CREATED)) {
            doBefore();
            doStateTransition(BaseRule.State.BEFORE_EXECUTED);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // io.inkstand.scribble.rules.ExternalResource
    public void after() {
        if (isInState(BaseRule.State.BEFORE_EXECUTED)) {
            doAfter();
            doStateTransition(BaseRule.State.AFTER_EXECUTED);
        }
    }

    private void doAfter() {
        if (isActive(this.adminSession)) {
            this.adminSession.logout();
        }
        destroyRepository();
        doStateTransition(BaseRule.State.DESTROYED);
    }

    private boolean isActive(Session session) {
        return session != null && session.isLive();
    }

    protected abstract void destroyRepository();

    private void doBefore() throws Throwable {
        this.repository = mo17createRepository();
        doStateTransition(BaseRule.State.CREATED);
        initialize();
        doStateTransition(BaseRule.State.INITIALIZED);
    }

    /* renamed from: createRepository */
    protected abstract Repository mo17createRepository() throws Exception;

    protected void initialize() {
    }

    public Repository getRepository() {
        assertStateAfterOrEqual(BaseRule.State.CREATED);
        return this.repository;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.inkstand.scribble.inject.InjectableHolder
    public Repository getInjectionValue() {
        assertStateAfterOrEqual(BaseRule.State.CREATED);
        return this.repository;
    }

    public TemporaryFolder getWorkingDirectory() {
        assertStateAfterOrEqual(BaseRule.State.CREATED);
        return this.workingDirectory;
    }

    public Session login(String str, String str2) throws RepositoryException {
        assertStateAfterOrEqual(BaseRule.State.CREATED);
        return this.repository.login(new SimpleCredentials(str, str2.toCharArray()));
    }

    public Principal addUser(String str, String str2) {
        throw new UnsupportedOperationException("add user not supported");
    }

    public boolean deleteUser(String str) {
        throw new UnsupportedOperationException("delete user not supported");
    }

    public void resetUsers() {
        throw new UnsupportedOperationException("reset user not supported");
    }

    public void grant(String str, String str2, String... strArr) throws RepositoryException {
        Session adminSession = getAdminSession();
        AccessControlManager accessControlManager = adminSession.getAccessControlManager();
        Privilege[] privilegeArray = toPrivilegeArray(adminSession, strArr);
        AccessControlList accessControlList = getAccessControlList(adminSession, str2);
        accessControlList.addAccessControlEntry(resolvePrincipal(str), privilegeArray);
        accessControlManager.setPolicy(str2, accessControlList);
        adminSession.save();
    }

    public Session getAdminSession() throws RepositoryException {
        if (isActive(this.adminSession)) {
            this.adminSession.refresh(false);
        } else {
            this.adminSession = this.repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
        }
        return this.adminSession;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Privilege[] toPrivilegeArray(Session session, String... strArr) throws RepositoryException {
        AccessControlManager accessControlManager = session.getAccessControlManager();
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            arrayList.add(accessControlManager.privilegeFromName(str));
        }
        return (Privilege[]) arrayList.toArray(new Privilege[arrayList.size()]);
    }

    protected AccessControlList getAccessControlList(Session session, String str) throws RepositoryException {
        AccessControlList accessControlList;
        AccessControlManager accessControlManager = session.getAccessControlManager();
        try {
            accessControlList = (AccessControlList) accessControlManager.getApplicablePolicies(str).nextAccessControlPolicy();
        } catch (NoSuchElementException e) {
            LOG.debug("no applicable policy found", e);
            accessControlList = accessControlManager.getPolicies(str)[0];
        }
        return accessControlList;
    }

    protected Principal resolvePrincipal(String str) throws RepositoryException {
        return SecurityTestHelper.toPrincipal(str);
    }

    public Session login() throws RepositoryException {
        if (isActive(this.anonSession)) {
            this.anonSession.refresh(false);
        } else {
            this.anonSession = this.repository.login();
        }
        return this.anonSession;
    }

    public void deny(String str, String str2, String... strArr) throws RepositoryException {
        throw new UnsupportedOperationException("deny is not supported by this implementation");
    }

    public void clearACL(String str, String... strArr) throws RepositoryException {
        Session adminSession = getAdminSession();
        AccessControlManager accessControlManager = adminSession.getAccessControlManager();
        AccessControlList accessControlList = getAccessControlList(adminSession, str);
        for (String str2 : strArr.length == 0 ? new String[]{ANY_WILDCARD} : strArr) {
            removeAccessControlEntries(accessControlList, str2);
        }
        accessControlManager.setPolicy(str, accessControlList);
        adminSession.save();
    }

    private void removeAccessControlEntries(AccessControlList accessControlList, String str) throws RepositoryException {
        for (AccessControlEntry accessControlEntry : accessControlList.getAccessControlEntries()) {
            removeAccessControlEntry(accessControlList, accessControlEntry, str);
        }
    }

    private void removeAccessControlEntry(AccessControlList accessControlList, AccessControlEntry accessControlEntry, String str) throws RepositoryException {
        if (ANY_WILDCARD.equals(str) || accessControlEntry.getPrincipal().getName().equals(str)) {
            accessControlList.removeAccessControlEntry(accessControlEntry);
        }
    }
}
