package org.nuxeo.ecm.automation.core.operations.document;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.nuxeo.ecm.core.api.security.ACE;
import org.nuxeo.ecm.core.api.security.ACL;
import org.nuxeo.ecm.core.api.security.ACP;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.runtime.api.Framework;

/* loaded from: input_file:org/nuxeo/ecm/automation/core/operations/document/DocumentPermissionHelper.class */
public final class DocumentPermissionHelper {
    private DocumentPermissionHelper() {
    }

    public static boolean addPermission(ACP acp, String str, String str2, String str3, boolean z, String str4) {
        boolean z2 = false;
        ACL orCreateACL = acp.getOrCreateACL(str);
        List<ACE> aCEAsList = getACEAsList(orCreateACL.getACEs());
        ACE ace = new ACE(str2, str3, true);
        if (z) {
            if (StringUtils.isEmpty(str4)) {
                throw new IllegalArgumentException("Can't block inheritance without a current principal");
            }
            aCEAsList.clear();
            aCEAsList.add(ace);
            if (!str2.equals(str4)) {
                aCEAsList.add(new ACE(str4, "Everything", true));
            }
            aCEAsList.addAll(getAdminEverythingACES());
            aCEAsList.add(getBlockInheritanceACE());
            z2 = true;
        } else if (shouldAddACEToACL(aCEAsList, ace)) {
            aCEAsList.add(ace);
            z2 = true;
        }
        orCreateACL.setACEs((ACE[]) aCEAsList.toArray(new ACE[aCEAsList.size()]));
        if (z2) {
            acp.addACL(orCreateACL);
        }
        return z2;
    }

    private static boolean shouldAddACEToACL(List<ACE> list, ACE ace) {
        boolean z = true;
        Iterator<ACE> it = list.iterator();
        while (it.hasNext()) {
            if (ace.equals(it.next())) {
                z = false;
            }
        }
        return z;
    }

    private static ACE getBlockInheritanceACE() {
        return new ACE("Everyone", "Everything", false);
    }

    private static List<ACE> getAdminEverythingACES() {
        ArrayList arrayList = new ArrayList();
        Iterator it = ((UserManager) Framework.getLocalService(UserManager.class)).getAdministratorsGroups().iterator();
        while (it.hasNext()) {
            arrayList.add(new ACE((String) it.next(), "Everything", true));
        }
        return arrayList;
    }

    private static List<ACE> getACEAsList(ACE[] aceArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(Arrays.asList(aceArr));
        return arrayList;
    }

    public static boolean removePermission(ACP acp, String str, String str2) {
        boolean z = false;
        ACL acl = acp.getACL(str);
        if (acl != null) {
            ACE[] aCEs = acl.getACEs();
            for (ACE ace : aCEs) {
                if (ace.getUsername().equals(str2)) {
                    aCEs = (ACE[]) ArrayUtils.removeElement(aCEs, ace);
                    z = true;
                }
            }
            acl.setACEs(aCEs);
        }
        if (z) {
            acp.addACL(acl);
        }
        return z;
    }
}
