package org.nuxeo.ecm.core.rest.security;

import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;
import org.nuxeo.ecm.core.api.CoreSession;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.security.ACE;
import org.nuxeo.ecm.core.api.security.ACL;
import org.nuxeo.ecm.core.api.security.ACP;
import org.nuxeo.ecm.core.api.security.impl.ACLImpl;
import org.nuxeo.ecm.core.api.security.impl.ACPImpl;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.ecm.webengine.WebException;
import org.nuxeo.ecm.webengine.model.Resource;
import org.nuxeo.ecm.webengine.model.View;
import org.nuxeo.ecm.webengine.model.WebAdapter;
import org.nuxeo.ecm.webengine.model.impl.DefaultAdapter;
import org.nuxeo.ecm.webengine.util.ACLUtils;
import org.nuxeo.runtime.api.Framework;

@WebAdapter(name = "permissions", type = "PermissionService", targetType = "Document", targetFacets = {"Folderish"})
/* loaded from: input_file:org/nuxeo/ecm/core/rest/security/PermissionService.class */
public class PermissionService extends DefaultAdapter {
    @GET
    public Object doGet() {
        return new View(getTarget(), "permissions").resolve();
    }

    @POST
    @Path("add")
    public Response postPermission() {
        try {
            HttpServletRequest request = this.ctx.getRequest();
            String parameter = request.getParameter("action");
            String parameter2 = request.getParameter("permission");
            String parameter3 = request.getParameter("user");
            UserManager userManager = (UserManager) Framework.getService(UserManager.class);
            if (userManager.getPrincipal(parameter3) == null && userManager.getGroup(parameter3) == null) {
                return Response.status(500).build();
            }
            ACPImpl aCPImpl = new ACPImpl();
            ACLImpl aCLImpl = new ACLImpl("local");
            aCPImpl.addACL(aCLImpl);
            aCLImpl.add(new ACE(parameter3, parameter2, "grant".equals(parameter)));
            CoreSession coreSession = this.ctx.getCoreSession();
            Resource target = getTarget();
            coreSession.setACP(((DocumentModel) target.getAdapter(DocumentModel.class)).getRef(), aCPImpl, false);
            coreSession.save();
            return Response.seeOther(new URI(target.getPath())).build();
        } catch (Exception e) {
            throw WebException.wrap(e);
        }
    }

    @GET
    @POST
    @Path("delete")
    public Response deletePermission() {
        try {
            HttpServletRequest request = this.ctx.getRequest();
            String parameter = request.getParameter("permission");
            String parameter2 = request.getParameter("user");
            CoreSession coreSession = this.ctx.getCoreSession();
            Resource target = getTarget();
            ACLUtils.removePermission(coreSession, ((DocumentModel) target.getAdapter(DocumentModel.class)).getRef(), parameter2, parameter);
            coreSession.save();
            return Response.seeOther(new URI(target.getPath())).build();
        } catch (Exception e) {
            throw WebException.wrap(e);
        }
    }

    public List<Permission> getPermissions() {
        try {
            ACP acp = this.ctx.getCoreSession().getACP(((DocumentModel) getTarget().getAdapter(DocumentModel.class)).getRef());
            ArrayList arrayList = new ArrayList();
            for (ACL acl : acp.getACLs()) {
                for (ACE ace : acl.getACEs()) {
                    arrayList.add(new Permission(ace.getUsername(), ace.getPermission(), ace.isGranted()));
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw WebException.wrap("Faield to get ACLs", e);
        }
    }
}
