package org.apache.sling.jcr.jackrabbit.accessmanager.post;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.jcr.Item;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlList;
import javax.jcr.security.AccessControlManager;
import javax.servlet.Servlet;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.resource.ResourceNotFoundException;
import org.apache.sling.jcr.base.util.AccessControlUtil;
import org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces;
import org.apache.sling.servlets.post.AbstractPostResponse;
import org.apache.sling.servlets.post.Modification;
import org.apache.sling.servlets.post.SlingPostConstants;
import org.apache.sling.servlets.resolver.internal.ServletResolverConstants;

@Service({Servlet.class, DeleteAces.class})
@Component
@Properties({@Property(name = ServletResolverConstants.SLING_SERVLET_RESOURCE_TYPES, value = {ServletResolverConstants.DEFAULT_SERVLET_NAME}), @Property(name = ServletResolverConstants.SLING_SERVLET_METHODS, value = {"POST"}), @Property(name = ServletResolverConstants.SLING_SERVLET_SELECTORS, value = {"deleteAce"})})
/* loaded from: input_file:resources/install.org.apache.sling.jcr.jackrabbit.accessmanager-2.1.2.jar/15/null:org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.class */
public class DeleteAcesServlet extends AbstractAccessPostServlet implements DeleteAces {
    private static final long serialVersionUID = 3784866802938282971L;

    @Override // org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessPostServlet
    protected void handleOperation(SlingHttpServletRequest slingHttpServletRequest, AbstractPostResponse abstractPostResponse, List<Modification> list) throws RepositoryException {
        deleteAces((Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class), slingHttpServletRequest.getResource().getPath(), slingHttpServletRequest.getParameterValues(SlingPostConstants.RP_APPLY_TO));
    }

    @Override // org.apache.sling.jcr.jackrabbit.accessmanager.DeleteAces
    public void deleteAces(Session session, String str, String[] strArr) throws RepositoryException {
        if (strArr == null) {
            throw new RepositoryException("principalIds were not sumitted.");
        }
        if (session == null) {
            throw new RepositoryException("JCR Session not found");
        }
        if (str == null) {
            throw new ResourceNotFoundException("Resource path was not supplied.");
        }
        Item item = session.getItem(str);
        if (item == null) {
            throw new ResourceNotFoundException("Resource is not a JCR Node");
        }
        String path = item.getPath();
        HashSet hashSet = new HashSet();
        hashSet.addAll(Arrays.asList(strArr));
        try {
            AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
            AccessControlList accessControlList = getAccessControlList(accessControlManager, path, false);
            AccessControlEntry[] accessControlEntries = accessControlList.getAccessControlEntries();
            ArrayList arrayList = new ArrayList();
            for (AccessControlEntry accessControlEntry : accessControlEntries) {
                if (hashSet.contains(accessControlEntry.getPrincipal().getName())) {
                    arrayList.add(accessControlEntry);
                }
            }
            if (!arrayList.isEmpty()) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    accessControlList.removeAccessControlEntry((AccessControlEntry) it.next());
                }
            }
            accessControlManager.setPolicy(path, accessControlList);
        } catch (RepositoryException e) {
            throw new RepositoryException("Failed to delete access control.", e);
        }
    }
}
