package biz.netcentric.cq.tools.actool.aceservice.impl;

import biz.netcentric.cq.tools.actool.aceservice.AceService;
import biz.netcentric.cq.tools.actool.acls.AceBeanInstaller;
import biz.netcentric.cq.tools.actool.authorizableutils.AuthorizableCreatorException;
import biz.netcentric.cq.tools.actool.authorizableutils.AuthorizableCreatorService;
import biz.netcentric.cq.tools.actool.authorizableutils.AuthorizableInstallationHistory;
import biz.netcentric.cq.tools.actool.configmodel.AcConfiguration;
import biz.netcentric.cq.tools.actool.configmodel.AceBean;
import biz.netcentric.cq.tools.actool.configmodel.AuthorizableConfigBean;
import biz.netcentric.cq.tools.actool.configreader.ConfigFilesRetriever;
import biz.netcentric.cq.tools.actool.configreader.ConfigReader;
import biz.netcentric.cq.tools.actool.configreader.ConfigurationMerger;
import biz.netcentric.cq.tools.actool.dumpservice.Dumpservice;
import biz.netcentric.cq.tools.actool.helper.AcHelper;
import biz.netcentric.cq.tools.actool.helper.AccessControlUtils;
import biz.netcentric.cq.tools.actool.helper.PurgeHelper;
import biz.netcentric.cq.tools.actool.helper.QueryHelper;
import biz.netcentric.cq.tools.actool.installationhistory.AcHistoryService;
import biz.netcentric.cq.tools.actool.installationhistory.AcInstallationHistoryPojo;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.UnsupportedRepositoryOperationException;
import javax.jcr.ValueFormatException;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.StopWatch;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.commons.osgi.PropertiesUtil;
import org.apache.sling.jcr.api.SlingRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service
@Component(metatype = true, label = "AC Installation Service", description = "Service that installs groups & ACEs according to textual configuration files")
/* loaded from: input_file:biz/netcentric/cq/tools/actool/aceservice/impl/AceServiceImpl.class */
public class AceServiceImpl implements AceService {
    private static final Logger LOG = LoggerFactory.getLogger(AceServiceImpl.class);
    static final String PROPERTY_CONFIGURATION_PATH = "AceService.configurationPath";
    static final String PROPERTY_INTERMEDIATE_SAVES = "intermediateSaves";

    @Reference
    AuthorizableCreatorService authorizableCreatorService;

    @Reference
    AceBeanInstaller aceBeanInstaller;

    @Reference
    private SlingRepository repository;

    @Reference
    AcHistoryService acHistoryService;

    @Reference
    private Dumpservice dumpservice;

    @Reference
    private ConfigReader configReader;

    @Reference
    private ConfigurationMerger configurationMerger;

    @Reference
    private ConfigFilesRetriever configFilesRetriever;
    private boolean isExecuting = false;

    @Property(label = "Configuration storage path", description = "enter CRX path where ACE configuration gets stored", name = PROPERTY_CONFIGURATION_PATH, value = {""})
    private String configurationPath;

    @Property(label = "Use intermedate saves", description = "Saves ACLs for each path individually - this can be used to avoid problems with large changesets and MongoDB (OAK-5557), however the rollback is disabled then.", name = PROPERTY_INTERMEDIATE_SAVES, value = {""})
    private boolean intermediateSaves;

    @Activate
    public void activate(Map<?, ?> map) throws Exception {
        LOG.debug("Activated AceService!");
        this.configurationPath = PropertiesUtil.toString(map.get(PROPERTY_CONFIGURATION_PATH), "");
        LOG.info("Conifg AceService.configurationPath=" + this.configurationPath);
        this.intermediateSaves = PropertiesUtil.toBoolean(map.get(PROPERTY_INTERMEDIATE_SAVES), false);
        LOG.info("Conifg intermediateSaves=" + this.intermediateSaves);
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public AcInstallationHistoryPojo execute() {
        return execute(null);
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public AcInstallationHistoryPojo execute(String[] strArr) {
        AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
        if (this.isExecuting) {
            acInstallationHistoryPojo.addError("AC Tool is already executing.");
            return acInstallationHistoryPojo;
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        try {
            installConfigurationFiles(acInstallationHistoryPojo, this.configFilesRetriever.getConfigFileContentFromNode(getConfigurationRootPath()), linkedHashSet, strArr);
        } catch (AuthorizableCreatorException e) {
            acInstallationHistoryPojo.addError(e.toString());
            LOG.warn("Exception during installation of authorizables (no rollback), e=" + e, e);
        } catch (Exception e2) {
            LOG.error("Exception in AceServiceImpl: {}", e2);
            acInstallationHistoryPojo.addError(e2.toString());
            if (this.intermediateSaves) {
                LOG.info("Rollback is disabled due to configuration option intermediateSaves=true");
                acInstallationHistoryPojo.addMessage("Rollback is disabled due to configuration option intermediateSaves=true");
            } else {
                for (AuthorizableInstallationHistory authorizableInstallationHistory : linkedHashSet) {
                    try {
                        LOG.info("performing authorizable installation rollback(s)");
                        acInstallationHistoryPojo.addMessage("performing authorizable installation rollback(s)");
                        this.authorizableCreatorService.performRollback(this.repository, authorizableInstallationHistory, acInstallationHistoryPojo);
                    } catch (RepositoryException e3) {
                        LOG.error("Exception: ", e3);
                    }
                }
            }
        }
        return acInstallationHistoryPojo;
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public void installConfigurationFiles(AcInstallationHistoryPojo acInstallationHistoryPojo, Map<String, String> map, Set<AuthorizableInstallationHistory> set, String[] strArr) throws Exception {
        String name = Thread.currentThread().getName();
        try {
            try {
                Thread.currentThread().setName(name + "-ACTool-Config-Worker");
                StopWatch stopWatch = new StopWatch();
                stopWatch.start();
                this.isExecuting = true;
                LOG.info("*** Applying AC Tool Configuration...");
                acInstallationHistoryPojo.addMessage("*** Applying AC Tool Configuration...");
                if (map != null) {
                    acInstallationHistoryPojo.setConfigFileContentsByName(map);
                    AcConfiguration mergedConfigurations = this.configurationMerger.getMergedConfigurations(map, acInstallationHistoryPojo, this.configReader);
                    acInstallationHistoryPojo.setAcConfiguration(mergedConfigurations);
                    installMergedConfigurations(acInstallationHistoryPojo, set, mergedConfigurations, strArr);
                    removeObsoleteAuthorizables(acInstallationHistoryPojo, mergedConfigurations.getObsoleteAuthorizables());
                }
                stopWatch.stop();
                long time = stopWatch.getTime();
                LOG.info("Successfully applied AC Tool configuration in " + AcInstallationHistoryPojo.msHumanReadable(time));
                acInstallationHistoryPojo.setExecutionTime(time);
            } catch (Exception e) {
                acInstallationHistoryPojo.addError(e.toString());
                throw e;
            }
        } finally {
            try {
                this.acHistoryService.persistHistory(acInstallationHistoryPojo);
            } catch (Exception e2) {
                LOG.warn("Could not persist history, e=" + e2, e2);
            }
            Thread.currentThread().setName(name);
            this.isExecuting = false;
        }
    }

    private void installAcConfiguration(AcConfiguration acConfiguration, AcInstallationHistoryPojo acInstallationHistoryPojo, Set<AuthorizableInstallationHistory> set, Map<String, Set<AceBean>> map, String[] strArr) throws Exception {
        if (acConfiguration.getAceConfig() == null) {
            LOG.error("ACE config not found in YAML file! installation aborted!");
            throw new IllegalArgumentException("ACE config not found in YAML file! installation aborted!");
        }
        installAuthorizables(acInstallationHistoryPojo, set, acConfiguration.getAuthorizablesConfig());
        installAces(acInstallationHistoryPojo, acConfiguration, map, strArr);
    }

    private void removeAcesForPathsNotInConfig(AcInstallationHistoryPojo acInstallationHistoryPojo, Session session, Set<String> set, Map<String, Set<AceBean>> map, Set<String> set2) throws UnsupportedRepositoryOperationException, RepositoryException {
        int i = 0;
        int i2 = 0;
        for (String str : getRelevantPathsForAceCleanup(set, map, set2)) {
            int deleteAllEntriesForPrincipalsFromACL = AccessControlUtils.deleteAllEntriesForPrincipalsFromACL(session, str, (String[]) set.toArray(new String[set.size()]));
            String str2 = "Cleaned (deleted) " + deleteAllEntriesForPrincipalsFromACL + " ACEs of path " + str + " from all ACEs for configured authorizables";
            LOG.info(str2);
            acInstallationHistoryPojo.addMessage(str2);
            if (deleteAllEntriesForPrincipalsFromACL > 0) {
                i2++;
            }
            i += deleteAllEntriesForPrincipalsFromACL;
        }
        if (i > 0) {
            String str3 = "Cleaned " + i + " ACEs from " + i2 + " paths in repository (ACEs that belong to users in the AC Config, but resided at paths that are not contained in AC Config)";
            LOG.info(str3);
            acInstallationHistoryPojo.addMessage(str3);
        }
    }

    private Set<String> getRelevantPathsForAceCleanup(Set<String> set, Map<String, Set<AceBean>> map, Set<String> set2) {
        HashSet hashSet = new HashSet();
        Iterator<Map.Entry<String, Set<AceBean>>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            for (AceBean aceBean : it.next().getValue()) {
                String jcrPath = aceBean.getJcrPath();
                String principalName = aceBean.getPrincipalName();
                if (set2.contains(jcrPath)) {
                    LOG.debug("Path {} is explicitly listed in config and hence that ACL is handled later, not preceding cleanup needed here", jcrPath);
                } else if (set.contains(principalName)) {
                    hashSet.add(jcrPath);
                } else {
                    LOG.debug("Principal {} is not contained in config, hence not cleaning its ACE from non-config-contained path {}", principalName, jcrPath);
                }
            }
        }
        return hashSet;
    }

    private Set<String> collectJcrPaths(Map<String, Set<AceBean>> map) {
        HashSet hashSet = new HashSet();
        Iterator<Set<AceBean>> it = map.values().iterator();
        while (it.hasNext()) {
            Iterator<AceBean> it2 = it.next().iterator();
            while (it2.hasNext()) {
                hashSet.add(it2.next().getJcrPath());
            }
        }
        return hashSet;
    }

    boolean isRelevantPath(String str, String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            return true;
        }
        boolean z = false;
        for (String str2 : strArr) {
            if (str.matches("^" + str2 + "(/.*|$)")) {
                z = true;
            }
        }
        return z;
    }

    private Set<String> getPrincipalNamesToRemoveAcesFor(Map<String, Set<AuthorizableConfigBean>> map) {
        Set<String> collectPrincipals = collectPrincipals(map);
        Set<String> collectPrincipalsToBeMigrated = collectPrincipalsToBeMigrated(map);
        Collection intersection = CollectionUtils.intersection(collectPrincipals, collectPrincipalsToBeMigrated);
        if (intersection.isEmpty()) {
            collectPrincipals.addAll(collectPrincipalsToBeMigrated);
            return collectPrincipals;
        }
        String str = "If migrateFrom feature is used, groups that shall be migrated from must not be present in regular configuration (offending groups: " + intersection + ")";
        LOG.error(str);
        throw new IllegalArgumentException(str);
    }

    private Set<String> collectPrincipalsToBeMigrated(Map<String, Set<AuthorizableConfigBean>> map) {
        HashSet hashSet = new HashSet();
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext()) {
            Iterator<AuthorizableConfigBean> it2 = map.get(it.next()).iterator();
            while (it2.hasNext()) {
                String migrateFrom = it2.next().getMigrateFrom();
                if (StringUtils.isNotBlank(migrateFrom)) {
                    hashSet.add(migrateFrom);
                }
            }
        }
        return hashSet;
    }

    private Set<String> collectPrincipals(Map<String, Set<AuthorizableConfigBean>> map) {
        HashSet hashSet = new HashSet();
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext()) {
            Iterator<AuthorizableConfigBean> it2 = map.get(it.next()).iterator();
            while (it2.hasNext()) {
                hashSet.add(it2.next().getPrincipalName());
            }
        }
        return hashSet;
    }

    private void installAces(AcInstallationHistoryPojo acInstallationHistoryPojo, AcConfiguration acConfiguration, Map<String, Set<AceBean>> map, String[] strArr) throws Exception {
        Map<String, Set<AceBean>> aceConfig = acConfiguration.getAceConfig();
        Map<String, Set<AceBean>> pathBasedAceMap = AcHelper.getPathBasedAceMap(aceConfig, AcHelper.ACE_ORDER_ACTOOL_BEST_PRACTICE);
        Session session = null;
        try {
            session = this.repository.loginAdministrative((String) null);
            Set<String> principalNamesToRemoveAcesFor = getPrincipalNamesToRemoveAcesFor(acConfiguration.getAuthorizablesConfig());
            removeAcesForPathsNotInConfig(acInstallationHistoryPojo, session, principalNamesToRemoveAcesFor, map, collectJcrPaths(aceConfig));
            Map<String, Set<AceBean>> filterForRestrictedPaths = filterForRestrictedPaths(pathBasedAceMap, strArr, acInstallationHistoryPojo);
            String str = "*** Starting installation of " + collectAceCount(filterForRestrictedPaths) + " ACLs for " + filterForRestrictedPaths.size() + " paths in content nodes...";
            LOG.info(str);
            acInstallationHistoryPojo.addMessage(str);
            this.aceBeanInstaller.installPathBasedACEs(filterForRestrictedPaths, session, acInstallationHistoryPojo, principalNamesToRemoveAcesFor, this.intermediateSaves);
            acInstallationHistoryPojo.addVerboseMessage("Finished (transient) installation of access control configuration without errors, saving now...");
            session.save();
            acInstallationHistoryPojo.addMessage("Persisted changes of ACLs");
            if (session != null) {
                session.logout();
            }
        } catch (Throwable th) {
            if (session != null) {
                session.logout();
            }
            throw th;
        }
    }

    private Map<String, Set<AceBean>> filterForRestrictedPaths(Map<String, Set<AceBean>> map, String[] strArr, AcInstallationHistoryPojo acInstallationHistoryPojo) {
        if (strArr == null || strArr.length == 0) {
            return map;
        }
        HashMap hashMap = new HashMap();
        for (String str : map.keySet()) {
            if (isRelevantPath(str, strArr)) {
                hashMap.put(str, map.get(str));
            }
        }
        String str2 = "Will install AC Config at " + hashMap.keySet().size() + " paths (skipping " + (map.keySet().size() - hashMap.keySet().size()) + " due to paths restriction " + Arrays.toString(strArr) + ")";
        acInstallationHistoryPojo.addMessage(str2);
        LOG.info(str2);
        return hashMap;
    }

    private int collectAceCount(Map<String, Set<AceBean>> map) {
        int i = 0;
        Iterator<Set<AceBean>> it = map.values().iterator();
        while (it.hasNext()) {
            i += it.next().size();
        }
        return i;
    }

    private void installAuthorizables(AcInstallationHistoryPojo acInstallationHistoryPojo, Set<AuthorizableInstallationHistory> set, Map<String, Set<AuthorizableConfigBean>> map) throws RepositoryException, Exception {
        StopWatch stopWatch = new StopWatch();
        stopWatch.start();
        String str = "*** Starting installation of " + map.size() + " authorizables...";
        LOG.info(str);
        acInstallationHistoryPojo.addMessage(str);
        Session loginAdministrative = this.repository.loginAdministrative((String) null);
        try {
            try {
                AuthorizableInstallationHistory authorizableInstallationHistory = new AuthorizableInstallationHistory();
                set.add(authorizableInstallationHistory);
                this.authorizableCreatorService.createNewAuthorizables(map, loginAdministrative, acInstallationHistoryPojo, authorizableInstallationHistory);
                loginAdministrative.save();
                if (loginAdministrative != null) {
                    loginAdministrative.logout();
                }
                String str2 = "Finished installation of authorizables without errors in " + AcInstallationHistoryPojo.msHumanReadable(stopWatch.getTime());
                acInstallationHistoryPojo.addMessage(str2);
                LOG.info(str2);
            } catch (Exception e) {
                throw new AuthorizableCreatorException(e);
            }
        } catch (Throwable th) {
            if (loginAdministrative != null) {
                loginAdministrative.logout();
            }
            throw th;
        }
    }

    private void removeObsoleteAuthorizables(AcInstallationHistoryPojo acInstallationHistoryPojo, Set<String> set) {
        Session session = null;
        try {
            try {
                Session loginAdministrative = this.repository.loginAdministrative((String) null);
                if (set.isEmpty()) {
                    acInstallationHistoryPojo.addVerboseMessage("No obsolete authorizables configured");
                    if (loginAdministrative != null) {
                        loginAdministrative.logout();
                        return;
                    }
                    return;
                }
                UserManager userManagerAutoSaveDisabled = AccessControlUtils.getUserManagerAutoSaveDisabled(loginAdministrative);
                HashSet hashSet = new HashSet();
                Iterator<String> it = set.iterator();
                while (it.hasNext()) {
                    String next = it.next();
                    if (userManagerAutoSaveDisabled.getAuthorizable(next) == null) {
                        hashSet.add(next);
                        it.remove();
                    }
                }
                if (set.isEmpty()) {
                    acInstallationHistoryPojo.addMessage("All configured " + hashSet.size() + " obsolete authorizables have already been purged.");
                    if (loginAdministrative != null) {
                        loginAdministrative.logout();
                        return;
                    }
                    return;
                }
                String str = "*** Purging " + set.size() + " obsolete authorizables...  ";
                LOG.info(str);
                acInstallationHistoryPojo.addMessage(str);
                if (!hashSet.isEmpty()) {
                    acInstallationHistoryPojo.addMessage("(" + hashSet.size() + " have been purged already)");
                }
                String purgeAuthorizables = purgeAuthorizables(set, loginAdministrative);
                LOG.info(purgeAuthorizables);
                acInstallationHistoryPojo.addVerboseMessage(purgeAuthorizables);
                acInstallationHistoryPojo.addMessage("Successfully purged " + set);
                if (loginAdministrative != null) {
                    loginAdministrative.logout();
                }
            } catch (Exception e) {
                String str2 = "Could not purge obsolete authorizables " + set + ": " + e;
                acInstallationHistoryPojo.addError(str2);
                LOG.error(str2, e);
                if (0 != 0) {
                    session.logout();
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                session.logout();
            }
            throw th;
        }
    }

    private void installMergedConfigurations(AcInstallationHistoryPojo acInstallationHistoryPojo, Set<AuthorizableInstallationHistory> set, AcConfiguration acConfiguration, String[] strArr) throws ValueFormatException, RepositoryException, Exception {
        LOG.debug("Starting installation of merged configurations...");
        acInstallationHistoryPojo.addVerboseMessage("Starting installation of merged configurations...");
        LOG.debug("Building dump from repository (to compare delta with config to be installed)");
        installAcConfiguration(acConfiguration, acInstallationHistoryPojo, set, this.dumpservice.createAclDumpMap(AcHelper.PATH_BASED_ORDER, AcHelper.ACE_ORDER_NONE, new String[0], true).getAceDump(), strArr);
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public boolean isReadyToStart() {
        try {
            return !this.configFilesRetriever.getConfigFileContentFromNode(getConfigurationRootPath()).isEmpty();
        } catch (Exception e) {
            LOG.warn("Could not retrieve config file content for root path " + this.configurationPath);
            return false;
        }
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public String purgeACL(String str) {
        Session session = null;
        String str2 = "";
        boolean z = true;
        try {
            try {
                session = this.repository.loginAdministrative((String) null);
                PurgeHelper.purgeAcl(session, str);
                session.save();
                if (session != null) {
                    session.logout();
                }
            } catch (Exception e) {
                z = false;
                str2 = e.toString();
                LOG.error("Exception: ", e);
                if (session != null) {
                    session.logout();
                }
            }
            if (!z) {
                return "Deletion of ACL failed! Reason:" + str2;
            }
            String str3 = "Deleted AccessControlList of node: " + str;
            AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
            acInstallationHistoryPojo.addMessage("purge method: purgeACL()");
            acInstallationHistoryPojo.addMessage(str3);
            this.acHistoryService.persistAcePurgeHistory(acInstallationHistoryPojo);
            return str3;
        } catch (Throwable th) {
            if (session != null) {
                session.logout();
            }
            throw th;
        }
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public String purgeACLs(String str) {
        String exc;
        Session session = null;
        boolean z = true;
        try {
            try {
                session = this.repository.loginAdministrative((String) null);
                exc = PurgeHelper.purgeACLs(session, str);
                AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
                acInstallationHistoryPojo.addMessage("purge method: purgeACLs()");
                acInstallationHistoryPojo.addMessage(exc);
                this.acHistoryService.persistAcePurgeHistory(acInstallationHistoryPojo);
                session.save();
                if (session != null) {
                    session.logout();
                }
            } catch (Exception e) {
                LOG.error("Exception: ", e);
                z = false;
                exc = e.toString();
                if (session != null) {
                    session.logout();
                }
            }
            return z ? exc : "Deletion of ACL failed! Reason:" + exc;
        } catch (Throwable th) {
            if (session != null) {
                session.logout();
            }
            throw th;
        }
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public String purgeAuthorizablesFromConfig() {
        Session session = null;
        String str = "";
        try {
            try {
                session = this.repository.loginAdministrative((String) null);
                str = purgeAuthorizables(getAllAuthorizablesFromConfig(session), session);
                AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
                acInstallationHistoryPojo.addMessage("purge method: purgAuthorizablesFromConfig()");
                acInstallationHistoryPojo.addMessage(str);
                this.acHistoryService.persistAcePurgeHistory(acInstallationHistoryPojo);
                if (session != null) {
                    session.logout();
                }
            } catch (Exception e) {
                LOG.error("Exception: ", e);
                if (session != null) {
                    session.logout();
                }
            } catch (RepositoryException e2) {
                LOG.error("RepositoryException: ", e2);
                if (session != null) {
                    session.logout();
                }
            }
            return str;
        } catch (Throwable th) {
            if (session != null) {
                session.logout();
            }
            throw th;
        }
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public String purgeAuthorizables(String str) {
        Session session = null;
        String str2 = "";
        try {
            try {
                session = this.repository.loginAdministrative((String) null);
                str2 = purgeAuthorizables(new HashSet(new ArrayList(Arrays.asList(str.trim().split(",")))), session);
                AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
                acInstallationHistoryPojo.addMessage("purge method: purgeAuthorizables()");
                acInstallationHistoryPojo.addMessage(str2);
                this.acHistoryService.persistAcePurgeHistory(acInstallationHistoryPojo);
            } catch (RepositoryException e) {
                LOG.error("Exception: ", e);
            }
            if (session != null) {
                session.logout();
            }
            return str2;
        } finally {
            if (session != null) {
                session.logout();
            }
        }
    }

    private String purgeAuthorizables(Set<String> set, Session session) {
        StringBuilder sb = new StringBuilder();
        String str = "";
        try {
            UserManager userManagerAutoSaveDisabled = AccessControlUtils.getUserManagerAutoSaveDisabled(session);
            PrincipalManager principalManager = ((JackrabbitSession) session).getPrincipalManager();
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                sb.append(deleteAuthorizableFromHome(it.next(), userManagerAutoSaveDisabled, principalManager));
            }
            sb.append(PurgeHelper.deleteAcesFromAuthorizables(session, set, QueryHelper.getAuthorizablesAcls(session, set)));
            session.save();
        } catch (Exception e) {
            LOG.error("Exception: ", e);
        } catch (RepositoryException e2) {
            str = str + " deletion of ACEs failed! reason: RepositoryException: " + e2.toString();
            LOG.error("RepositoryException: ", e2);
        }
        return ((Object) sb) + str;
    }

    private String deleteAuthorizableFromHome(String str, UserManager userManager, PrincipalManager principalManager) {
        String str2;
        if (principalManager.hasPrincipal(str)) {
            try {
                userManager.getAuthorizable(str).remove();
            } catch (RepositoryException e) {
                LOG.error("RepositoryException: ", e);
            }
            str2 = "removed authorizable: " + str + " from /home\n";
        } else {
            str2 = "deletion of authorizable: " + str + " from home failed! Reason: authorizable doesn't exist\n";
        }
        return str2;
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public boolean isExecuting() {
        return this.isExecuting;
    }

    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public String getConfigurationRootPath() {
        return this.configurationPath;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // biz.netcentric.cq.tools.actool.aceservice.AceService
    public Set<String> getCurrentConfigurationPaths() {
        Set linkedHashSet = new LinkedHashSet();
        try {
            linkedHashSet = this.configFilesRetriever.getConfigFileContentFromNode(this.configurationPath).keySet();
        } catch (Exception e) {
            LOG.warn("Could not retrieve config file content for root path " + this.configurationPath);
        }
        return linkedHashSet;
    }

    public Set<String> getAllAuthorizablesFromConfig(Session session) throws Exception {
        AcInstallationHistoryPojo acInstallationHistoryPojo = new AcInstallationHistoryPojo();
        return this.configurationMerger.getMergedConfigurations(this.configFilesRetriever.getConfigFileContentFromNode(this.configurationPath), acInstallationHistoryPojo, this.configReader).getAceConfig().keySet();
    }

    protected void bindAuthorizableCreatorService(AuthorizableCreatorService authorizableCreatorService) {
        this.authorizableCreatorService = authorizableCreatorService;
    }

    protected void unbindAuthorizableCreatorService(AuthorizableCreatorService authorizableCreatorService) {
        if (this.authorizableCreatorService == authorizableCreatorService) {
            this.authorizableCreatorService = null;
        }
    }

    protected void bindAceBeanInstaller(AceBeanInstaller aceBeanInstaller) {
        this.aceBeanInstaller = aceBeanInstaller;
    }

    protected void unbindAceBeanInstaller(AceBeanInstaller aceBeanInstaller) {
        if (this.aceBeanInstaller == aceBeanInstaller) {
            this.aceBeanInstaller = null;
        }
    }

    protected void bindRepository(SlingRepository slingRepository) {
        this.repository = slingRepository;
    }

    protected void unbindRepository(SlingRepository slingRepository) {
        if (this.repository == slingRepository) {
            this.repository = null;
        }
    }

    protected void bindAcHistoryService(AcHistoryService acHistoryService) {
        this.acHistoryService = acHistoryService;
    }

    protected void unbindAcHistoryService(AcHistoryService acHistoryService) {
        if (this.acHistoryService == acHistoryService) {
            this.acHistoryService = null;
        }
    }

    protected void bindDumpservice(Dumpservice dumpservice) {
        this.dumpservice = dumpservice;
    }

    protected void unbindDumpservice(Dumpservice dumpservice) {
        if (this.dumpservice == dumpservice) {
            this.dumpservice = null;
        }
    }

    protected void bindConfigReader(ConfigReader configReader) {
        this.configReader = configReader;
    }

    protected void unbindConfigReader(ConfigReader configReader) {
        if (this.configReader == configReader) {
            this.configReader = null;
        }
    }

    protected void bindConfigurationMerger(ConfigurationMerger configurationMerger) {
        this.configurationMerger = configurationMerger;
    }

    protected void unbindConfigurationMerger(ConfigurationMerger configurationMerger) {
        if (this.configurationMerger == configurationMerger) {
            this.configurationMerger = null;
        }
    }

    protected void bindConfigFilesRetriever(ConfigFilesRetriever configFilesRetriever) {
        this.configFilesRetriever = configFilesRetriever;
    }

    protected void unbindConfigFilesRetriever(ConfigFilesRetriever configFilesRetriever) {
        if (this.configFilesRetriever == configFilesRetriever) {
            this.configFilesRetriever = null;
        }
    }
}
