package biz.netcentric.cq.tools.actool.ui;

import java.io.IOException;
import java.util.Iterator;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.servlets.annotations.SlingServletResourceTypes;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicyOption;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@SlingServletResourceTypes(resourceTypes = {"/apps/netcentric/actool/components/overview"}, methods = {"GET", "POST"})
@Component(service = {Servlet.class})
/* loaded from: input_file:biz/netcentric/cq/tools/actool/ui/AcToolTouchUiServlet.class */
public class AcToolTouchUiServlet extends SlingAllMethodsServlet {
    private static final Logger LOG = LoggerFactory.getLogger(AcToolTouchUiServlet.class);

    @Reference(policyOption = ReferencePolicyOption.GREEDY)
    private WebConsoleConfigTracker webConsoleConfigTracker;

    @Reference(policyOption = ReferencePolicyOption.GREEDY)
    private AcToolUiService acToolUiService;

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        if (!StringUtils.isBlank(slingHttpServletRequest.getRequestPathInfo().getSuffix())) {
            this.acToolUiService.doGet(slingHttpServletRequest, slingHttpServletResponse, slingHttpServletRequest.getRequestPathInfo().getResourcePath(), true);
        } else {
            slingHttpServletResponse.getWriter().println("<script type=\"text/javascript\">location.href='" + (slingHttpServletRequest.getResourceResolver().resolve(slingHttpServletRequest.getPathInfo()).getPath() + ".html/actool") + "'</script>");
        }
    }

    protected void doPost(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        if (!mayApplyConfig((User) slingHttpServletRequest.getResourceResolver().adaptTo(User.class))) {
            slingHttpServletResponse.sendError(403, "You do not have sufficent permissions to apply the configuration");
        } else {
            this.acToolUiService.doPost(slingHttpServletRequest, slingHttpServletResponse);
            LOG.debug("Applied AC tool config via Touch UI by user {}", slingHttpServletRequest.getUserPrincipal());
        }
    }

    private boolean mayApplyConfig(User user) {
        if (user == null) {
            return false;
        }
        try {
            if (StringUtils.equals(user.getID(), "admin")) {
                LOG.debug("Admin user is allowed to apply AC Tool");
                return true;
            }
            if (ArrayUtils.contains(this.webConsoleConfigTracker.getAllowedUsers(), user.getID())) {
                LOG.debug("User {} is allowed to apply AC Tool (allowed users: {})", user.getID(), ArrayUtils.toString(this.webConsoleConfigTracker.getAllowedUsers()));
                return true;
            }
            Iterator memberOf = user.memberOf();
            while (memberOf.hasNext()) {
                Group group = (Group) memberOf.next();
                if (ArrayUtils.contains(this.webConsoleConfigTracker.getAllowedGroups(), group.getID())) {
                    LOG.debug("Group {} is allowed to apply AC Tool (allowed groups: {})", group.getID(), ArrayUtils.toString(this.webConsoleConfigTracker.getAllowedGroups()));
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            throw new IllegalStateException("Could not check if user may apply AC Tool configuration: " + e, e);
        }
    }
}
