package com.composum.sling.core.service.impl;

import com.composum.sling.core.service.PermissionsService;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.Privilege;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
import org.osgi.service.component.annotations.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(property = {"service.description=Composum Nodes Permissions Service"})
/* loaded from: input_file:com/composum/sling/core/service/impl/CorePermissionsService.class */
public class CorePermissionsService implements PermissionsService {
    private static final Logger LOG = LoggerFactory.getLogger(CorePermissionsService.class);

    @Override // com.composum.sling.core.service.PermissionsService
    public String isMemberOfOne(Session session, String... strArr) {
        try {
            UserManager userManager = ((JackrabbitSession) session).getUserManager();
            User authorizable = userManager.getAuthorizable(session.getUserID());
            for (String str : strArr) {
                Group authorizable2 = userManager.getAuthorizable(str);
                if ((authorizable2 instanceof Group) && authorizable2.isMember(authorizable)) {
                    return str;
                }
            }
            if (!(authorizable instanceof User)) {
                return null;
            }
            if (authorizable.isAdmin()) {
                return "";
            }
            return null;
        } catch (RepositoryException e) {
            LOG.error(e.getMessage(), e);
            return null;
        }
    }

    @Override // com.composum.sling.core.service.PermissionsService
    public boolean isMemberOfAll(Session session, String... strArr) {
        try {
            UserManager userManager = ((JackrabbitSession) session).getUserManager();
            User authorizable = userManager.getAuthorizable(session.getUserID());
            if ((authorizable instanceof User) && authorizable.isAdmin()) {
                return true;
            }
            for (String str : strArr) {
                Group authorizable2 = userManager.getAuthorizable(str);
                if (!(authorizable2 instanceof Group) || !authorizable2.isMember(authorizable)) {
                    return false;
                }
            }
            return true;
        } catch (RepositoryException e) {
            LOG.error(e.getMessage(), e);
            return false;
        }
    }

    @Override // com.composum.sling.core.service.PermissionsService
    public String hasOneOfPrivileges(Session session, String str, String... strArr) {
        try {
            AccessControlManager accessControlManager = session.getAccessControlManager();
            for (Privilege privilege : AccessControlUtils.privilegesFromNames(accessControlManager, strArr)) {
                if (accessControlManager.hasPrivileges(str, new Privilege[]{privilege})) {
                    return privilege.getName();
                }
            }
            return null;
        } catch (RepositoryException e) {
            LOG.error(e.getMessage(), e);
            return null;
        }
    }

    @Override // com.composum.sling.core.service.PermissionsService
    public boolean hasAllPrivileges(Session session, String str, String... strArr) {
        try {
            AccessControlManager accessControlManager = session.getAccessControlManager();
            return accessControlManager.hasPrivileges(str, AccessControlUtils.privilegesFromNames(accessControlManager, strArr));
        } catch (RepositoryException e) {
            LOG.error(e.getMessage(), e);
            return false;
        }
    }
}
