package com.adobe.cq.social.members.endpoints;

import com.adobe.cq.social.members.api.CommunityMemberGroup;
import com.adobe.cq.social.members.api.CommunityMemberGroupProfile;
import com.adobe.cq.social.members.api.MembersUtils;
import com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperationExtension;
import com.adobe.cq.social.scf.ClientUtilities;
import com.adobe.cq.social.scf.ClientUtilityFactory;
import com.adobe.cq.social.scf.Operation;
import com.adobe.cq.social.scf.OperationException;
import com.adobe.cq.social.scf.OperationExtension;
import com.adobe.cq.social.scf.SocialComponent;
import com.adobe.cq.social.scf.SocialComponentFactoryManager;
import com.adobe.cq.social.scf.core.operations.AbstractOperationService;
import com.adobe.cq.social.ugcbase.SocialUtils;
import com.adobe.granite.xss.XSSAPI;
import com.day.cq.commons.jcr.JcrUtil;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import org.apache.commons.lang.StringUtils;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
import org.apache.jackrabbit.value.StringValue;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.request.RequestParameter;
import org.apache.sling.api.request.RequestParameterMap;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.jcr.api.SlingRepository;
import org.apache.sling.jcr.base.util.AccessControlUtil;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(metatype = false, componentAbstract = true)
/* loaded from: input_file:com/adobe/cq/social/members/endpoints/AbstractCommunityMemberGroupProfileOperationService.class */
public abstract class AbstractCommunityMemberGroupProfileOperationService<T extends OperationExtension, U extends Operation> extends AbstractOperationService<T, U, CommunityMemberGroup> implements CommunityMemberGroupProfileOperations {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AbstractCommunityMemberGroupProfileOperationService.class);

    @Reference
    private SocialComponentFactoryManager componentFactoryManager;

    @Reference
    private SlingRepository repository;

    @Reference
    private ResourceResolverFactory rrf;
    protected ComponentContext context;

    @Reference(cardinality = ReferenceCardinality.MANDATORY_UNARY, policy = ReferencePolicy.STATIC)
    private XSSAPI xss;

    @Reference
    private SocialUtils socialUtils;

    @Reference
    private ClientUtilityFactory clientUtilFactory;

    @Reference
    private MembersUtils membersUtils;
    private final String PROFILE_PATH = "./profile/";

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public SocialComponent getSocialComponentForGroup(Resource resource, SlingHttpServletRequest slingHttpServletRequest) {
        return getSocialComponentForGroup(resource, getClientUtils(slingHttpServletRequest));
    }

    public SocialComponent getSocialComponentForGroup(Resource resource, ClientUtilities clientUtilities) {
        return this.membersUtils.getCommunityGroupProfile(resource.getName().equals("profile") ? resource : resource.getChild("profile"), clientUtilities, CommunityMemberGroupProfile.RESOURCE_TYPE);
    }

    private SocialComponent getSocialComponent(Resource resource, ClientUtilities clientUtilities) {
        String name;
        try {
            name = ((Node) resource.adaptTo(Node.class)).getProperty(UserConstants.REP_AUTHORIZABLE_ID).getString();
        } catch (RepositoryException e) {
            LOG.debug("failed to get groupId from resource {}", resource.getName(), e);
            name = resource.getName();
        }
        return this.membersUtils.getCommunityGroup(name, resource.getResourceResolver(), clientUtilities, CommunityMemberGroup.RESOURCE_TYPE);
    }

    protected ClientUtilities getClientUtils(SlingHttpServletRequest slingHttpServletRequest) {
        return this.clientUtilFactory.getClientUtilities(this.xss, slingHttpServletRequest, this.socialUtils);
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource update(SlingHttpServletRequest slingHttpServletRequest) throws OperationException {
        ensurePropertyExists(slingHttpServletRequest, "groupId");
        RequestParameterMap requestParameterMap = slingHttpServletRequest.getRequestParameterMap();
        Session session = (Session) slingHttpServletRequest.getResource().getResourceResolver().adaptTo(Session.class);
        Resource update = update(slingHttpServletRequest.getResource(), getRequestParams(requestParameterMap), getClientUtils(slingHttpServletRequest));
        checkMembers(update, requestParameterMap, session);
        return update;
    }

    private void ensurePropertyExists(SlingHttpServletRequest slingHttpServletRequest, String str) throws OperationException {
        ensurePropertyExists(slingHttpServletRequest.getRequestParameterMap(), str);
    }

    private void ensurePropertyExists(RequestParameterMap requestParameterMap, String str) throws OperationException {
        if (!requestParameterMap.containsKey(str)) {
            throw new OperationException("Undefined " + str + " from the request.", 400);
        }
    }

    private void checkMembers(Resource resource, RequestParameterMap requestParameterMap, Session session) throws OperationException {
        Authorizable authorizable;
        try {
            String string = requestParameterMap.getValue("groupId").getString();
            UserManager userManager = (UserManager) resource.adaptTo(UserManager.class);
            ResourceResolver resourceResolver = resource.getResourceResolver();
            Group group = (Group) userManager.getAuthorizable(string);
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            HashSet hashSet3 = new HashSet();
            boolean z = false;
            if (requestParameterMap.containsKey(CommunityMemberGroupProfileOperations.PROP_MEMBER_ID)) {
                hashSet.addAll(Arrays.asList(toStringArray(requestParameterMap.getValues(CommunityMemberGroupProfileOperations.PROP_MEMBER_ID))));
            }
            if (requestParameterMap.containsKey(CommunityMemberGroupProfileOperations.PROP_ADDED_MEMBER_ID)) {
                z = true;
                hashSet2.addAll(Arrays.asList(toStringArray(requestParameterMap.getValues(CommunityMemberGroupProfileOperations.PROP_ADDED_MEMBER_ID))));
            }
            if (requestParameterMap.containsKey(CommunityMemberGroupProfileOperations.PROP_DELETED_MEMBER_ID)) {
                z = true;
                hashSet3.addAll(Arrays.asList(toStringArray(requestParameterMap.getValues(CommunityMemberGroupProfileOperations.PROP_DELETED_MEMBER_ID))));
            }
            Iterator<Authorizable> declaredMembers = group.getDeclaredMembers();
            HashSet hashSet4 = new HashSet();
            while (declaredMembers.hasNext()) {
                Authorizable next = declaredMembers.next();
                hashSet4.add(next.getID());
                if (z) {
                    if (hashSet3.contains(next.getID()) && !hashSet2.contains(next.getID()) && isValidGroupMember(resourceResolver, next)) {
                        performMemberOperations(group, next, getRemoveMemberOperation());
                    }
                } else if (!hashSet.contains(next.getID()) && isValidGroupMember(resourceResolver, next)) {
                    performMemberOperations(group, next, getRemoveMemberOperation());
                }
            }
            HashSet<String> hashSet5 = hashSet;
            if (z) {
                hashSet5 = hashSet2;
            }
            for (String str : hashSet5) {
                if (!hashSet4.contains(str) && (authorizable = userManager.getAuthorizable(str)) != null) {
                    performMemberOperations(group, authorizable, getAddMemberOperation());
                }
            }
            session.save();
        } catch (RepositoryException e) {
            cleanupFailure(session);
            throw new OperationException(e, 500);
        }
    }

    private boolean isValidGroupMember(ResourceResolver resourceResolver, Authorizable authorizable) {
        Resource resource = null;
        try {
            resource = resourceResolver.getResource(authorizable.getPath());
        } catch (RepositoryException e) {
            LOG.debug("Failed to get child group resource. UserId - {}.", resourceResolver.getUserID());
        }
        return this.membersUtils.isValidGroupMember(resource);
    }

    private void performMemberOperations(Group group, Authorizable authorizable, U u) {
        try {
            String id = group.getID();
            String id2 = authorizable.getID();
            if (this.membersUtils.isEnablementGroup(group)) {
                LOG.warn("Failed to perform operation for enablement group, as it is one of system groups: " + id);
                return;
            }
            if (authorizable.isGroup() && this.membersUtils.isEnablementGroup(authorizable)) {
                LOG.warn("Failed to perform operation for enablement group, as it is one of system groups: " + id2);
                return;
            }
            if (u.equals(CommunityMemberGroupProfileOperationExtension.MemberGroupOperation.REMOVE_MEMBER)) {
                group.removeMember(authorizable);
            } else if (u.equals(CommunityMemberGroupProfileOperationExtension.MemberGroupOperation.ADD_MEMBER)) {
                group.addMember(authorizable);
            } else {
                LOG.debug(String.format("Failed to perform unknown member operation for %s and %s", id, id2));
            }
        } catch (RepositoryException e) {
            LOG.debug(String.format("Failed to perform member operation for %s and %s", "", ""));
        }
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource update(Resource resource, Map<String, Object> map, ClientUtilities clientUtilities) throws OperationException {
        String str = (String) map.get("groupId");
        String str2 = (String) map.get("givenName");
        String str3 = (String) map.get("aboutMe");
        if (StringUtils.isEmpty(str)) {
            throw new OperationException("Missing groupId from the request.", 400);
        }
        Session session = (Session) resource.getResourceResolver().adaptTo(Session.class);
        if (session == null) {
            throw new OperationException("Session is null", 500);
        }
        try {
            Group group = (Group) ((UserManager) resource.adaptTo(UserManager.class)).getAuthorizable(str);
            if (!StringUtils.isEmpty(str2)) {
                group.setProperty("./profile/givenName", new StringValue(str2));
            }
            if (!StringUtils.isEmpty(str3)) {
                group.setProperty("./profile/aboutMe", new StringValue(str3));
            }
            return resource.getResourceResolver().getResource(group.getPath());
        } catch (RepositoryException e) {
            cleanupFailure(session);
            throw new OperationException(e, 500);
        }
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource addMember(SlingHttpServletRequest slingHttpServletRequest) throws OperationException {
        ensurePropertyExists(slingHttpServletRequest, "groupId");
        ensurePropertyExists(slingHttpServletRequest, CommunityMemberGroupProfileOperations.PROP_MEMBER_ID);
        return addMember(slingHttpServletRequest.getResource(), getRequestParams(slingHttpServletRequest.getRequestParameterMap()), getClientUtils(slingHttpServletRequest));
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource addMember(Resource resource, Map<String, Object> map, ClientUtilities clientUtilities) throws OperationException {
        return addOrRemoveMember(resource, map, getAddMemberOperation());
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource removeMember(SlingHttpServletRequest slingHttpServletRequest) throws OperationException {
        ensurePropertyExists(slingHttpServletRequest, "groupId");
        ensurePropertyExists(slingHttpServletRequest, CommunityMemberGroupProfileOperations.PROP_MEMBER_ID);
        return removeMember(slingHttpServletRequest.getResource(), getRequestParams(slingHttpServletRequest.getRequestParameterMap()), getClientUtils(slingHttpServletRequest));
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource removeMember(Resource resource, Map<String, Object> map, ClientUtilities clientUtilities) throws OperationException {
        return addOrRemoveMember(resource, map, getRemoveMemberOperation());
    }

    public Resource addOrRemoveMember(Resource resource, Map<String, Object> map, U u) throws OperationException {
        String str = (String) map.get("groupId");
        Session session = (Session) resource.getResourceResolver().adaptTo(Session.class);
        if (session == null) {
            throw new OperationException("Session is null", 500);
        }
        try {
            Group group = (Group) ((UserManager) resource.adaptTo(UserManager.class)).getAuthorizable(str);
            if (group == null) {
                String str2 = "Failed to get authorizable for " + str;
                LOG.error(str2);
                throw new OperationException(str2, 404);
            }
            if (!this.membersUtils.isValidMember(group)) {
                String str3 = "No permission to modify " + str;
                LOG.error(str3);
                throw new OperationException(str3, 406);
            }
            for (String str4 : map.get(CommunityMemberGroupProfileOperations.PROP_MEMBER_ID) instanceof String ? new String[]{(String) map.get(CommunityMemberGroupProfileOperations.PROP_MEMBER_ID)} : (String[]) map.get(CommunityMemberGroupProfileOperations.PROP_MEMBER_ID)) {
                addOrRemoveMember(group, str4, u, session);
            }
            session.save();
            return resource.getResourceResolver().getResource(group.getPath());
        } catch (RepositoryException e) {
            cleanupFailure(session);
            throw new OperationException(e, 500);
        }
    }

    private void addOrRemoveMember(Group group, String str, U u, Session session) throws OperationException {
        try {
            UserManager userManager = AccessControlUtil.getUserManager(session);
            if (group != null && !StringUtils.isEmpty(str)) {
                if (this.membersUtils.isEnablementGroup(group)) {
                    LOG.warn("Failed to perform operation for enablement group, as it is one of system groups: " + group.getID());
                    return;
                }
                Authorizable authorizable = userManager.getAuthorizable(str);
                if (authorizable == null) {
                    String str2 = "Failed to get authorizable for " + str;
                    LOG.debug(str2);
                    throw new OperationException(str2, 404);
                }
                if (authorizable.isGroup() && this.membersUtils.isEnablementGroup(authorizable)) {
                    LOG.warn("Failed to perform operation for enablement group, as it is one of system groups: " + authorizable.getID());
                    return;
                }
                if (!this.membersUtils.isValidMember(authorizable)) {
                    String str3 = "No permission to get authorizable for " + str;
                    LOG.error(str3);
                    throw new OperationException(str3, 406);
                }
                boolean z = false;
                if (u.equals(getAddMemberOperation()) && !group.isMember(authorizable)) {
                    z = group.addMember(authorizable);
                } else if (u.equals(getRemoveMemberOperation()) && group.isMember(authorizable)) {
                    z = group.removeMember(authorizable);
                }
                if (!z) {
                    String format = String.format(u.equals(getAddMemberOperation()) ? "Failed to add %s to %s" : "Failed to remove %s from %s", str, group.getID());
                    LOG.error(format);
                    throw new OperationException(format, 501);
                }
            }
        } catch (RepositoryException e) {
            String str4 = u.equals(getAddMemberOperation()) ? "Failed to add member to Group" : "Failed to remove member from Group";
            LOG.error(str4, (Throwable) e);
            throw new OperationException(str4, 500);
        }
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource create(SlingHttpServletRequest slingHttpServletRequest) throws OperationException {
        ensurePropertyExists(slingHttpServletRequest, "groupId");
        RequestParameterMap requestParameterMap = slingHttpServletRequest.getRequestParameterMap();
        Session session = (Session) slingHttpServletRequest.getResource().getResourceResolver().adaptTo(Session.class);
        Resource createGroup = createGroup(slingHttpServletRequest.getResource(), getRequestParams(requestParameterMap), getClientUtils(slingHttpServletRequest));
        checkMembers(createGroup, requestParameterMap, session);
        return createGroup;
    }

    private Map<String, Object> getRequestParams(RequestParameterMap requestParameterMap) throws OperationException {
        HashMap hashMap = new HashMap();
        for (String str : requestParameterMap.keySet()) {
            hashMap.put(str, requestParameterMap.getValues(str).length > 1 ? toStringArray(requestParameterMap.getValues(str)) : requestParameterMap.getValue(str).getString());
        }
        return hashMap;
    }

    @Override // com.adobe.cq.social.members.endpoints.CommunityMemberGroupProfileOperations
    public Resource createGroup(Resource resource, Map<String, Object> map, ClientUtilities clientUtilities) throws OperationException {
        final String str = (String) map.get("groupId");
        String str2 = (String) map.get("givenName");
        String str3 = (String) map.get("aboutMe");
        if (StringUtils.isEmpty(str)) {
            throw new OperationException("Missing groupId from the request.", 400);
        }
        try {
            ResourceResolver resourceResolver = resource.getResourceResolver();
            U createOperation = getCreateOperation();
            Session session = (Session) resourceResolver.adaptTo(Session.class);
            performBeforeActions(createOperation, session, resource, map);
            Group createGroup = AccessControlUtil.getUserManager(session).createGroup(new Principal() { // from class: com.adobe.cq.social.members.endpoints.AbstractCommunityMemberGroupProfileOperationService.1
                @Override // java.security.Principal
                public String getName() {
                    return str;
                }
            }, CommunityMemberGroup.COMMUNITY_GROUPS_PATH);
            createGroup.setProperty("./profile/givenName", JcrUtil.createValue(StringUtils.isEmpty(str2) ? str : str2, session));
            if (!StringUtils.isEmpty(str3)) {
                createGroup.setProperty("./profile/aboutMe", JcrUtil.createValue(str3, session));
            }
            performAfterActions(createOperation, session, (CommunityMemberGroup) getSocialComponent(resourceResolver.getResource(createGroup.getPath()), clientUtilities), map);
            return resourceResolver.getResource(createGroup.getPath());
        } catch (RepositoryException e) {
            LOG.error("failed to create new group {}", str2, e);
            throw new OperationException("Failed to create new Group", 500);
        }
    }

    private String[] toStringArray(RequestParameter[] requestParameterArr) {
        String[] strArr = null;
        if (requestParameterArr != null && requestParameterArr.length > 0) {
            strArr = new String[requestParameterArr.length];
            for (int i = 0; i < requestParameterArr.length; i++) {
                strArr[i] = requestParameterArr[i].getString();
            }
        }
        return strArr;
    }

    protected void cleanupFailure(Session session) {
        try {
            session.refresh(false);
        } catch (RepositoryException e) {
            LOG.error("Failed to refresh the session", (Throwable) e);
        }
    }

    protected abstract U getCreateOperation();

    protected abstract U getAddMemberOperation();

    protected abstract U getRemoveMemberOperation();

    protected abstract U getUpdateOperation();

    protected void bindComponentFactoryManager(SocialComponentFactoryManager socialComponentFactoryManager) {
        this.componentFactoryManager = socialComponentFactoryManager;
    }

    protected void unbindComponentFactoryManager(SocialComponentFactoryManager socialComponentFactoryManager) {
        if (this.componentFactoryManager == socialComponentFactoryManager) {
            this.componentFactoryManager = null;
        }
    }

    protected void bindRepository(SlingRepository slingRepository) {
        this.repository = slingRepository;
    }

    protected void unbindRepository(SlingRepository slingRepository) {
        if (this.repository == slingRepository) {
            this.repository = null;
        }
    }

    protected void bindRrf(ResourceResolverFactory resourceResolverFactory) {
        this.rrf = resourceResolverFactory;
    }

    protected void unbindRrf(ResourceResolverFactory resourceResolverFactory) {
        if (this.rrf == resourceResolverFactory) {
            this.rrf = null;
        }
    }

    protected void bindXss(XSSAPI xssapi) {
        this.xss = xssapi;
    }

    protected void unbindXss(XSSAPI xssapi) {
        if (this.xss == xssapi) {
            this.xss = null;
        }
    }

    protected void bindSocialUtils(SocialUtils socialUtils) {
        this.socialUtils = socialUtils;
    }

    protected void unbindSocialUtils(SocialUtils socialUtils) {
        if (this.socialUtils == socialUtils) {
            this.socialUtils = null;
        }
    }

    protected void bindClientUtilFactory(ClientUtilityFactory clientUtilityFactory) {
        this.clientUtilFactory = clientUtilityFactory;
    }

    protected void unbindClientUtilFactory(ClientUtilityFactory clientUtilityFactory) {
        if (this.clientUtilFactory == clientUtilityFactory) {
            this.clientUtilFactory = null;
        }
    }

    protected void bindMembersUtils(MembersUtils membersUtils) {
        this.membersUtils = membersUtils;
    }

    protected void unbindMembersUtils(MembersUtils membersUtils) {
        if (this.membersUtils == membersUtils) {
            this.membersUtils = null;
        }
    }
}
