package com.composum.sling.core.servlet;

import com.composum.sling.core.service.RestrictedService;
import com.composum.sling.core.service.ServiceRestrictions;
import com.composum.sling.core.service.impl.ServiceRestrictionsImpl;
import com.composum.sling.core.util.RequestUtil;
import com.composum.sling.nodes.console.Condition;
import java.io.IOException;
import java.util.Map;
import javax.servlet.Servlet;
import javax.servlet.http.HttpSession;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.tika.parser.external.ExternalParsersConfigReaderMetKeys;
import org.jetbrains.annotations.NotNull;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(service = {Servlet.class, RestrictedService.class}, property = {"service.description=Composum Service Restrictions Servlet", "sling.servlet.paths=/bin/cpm/core/restrictions", "sling.servlet.extensions=json", "sling.servlet.methods=GET"})
/* loaded from: input_file:lib/slingcms.far:com/composum/nodes/composum-nodes-commons/4.2.2/composum-nodes-commons-4.2.2.jar:com/composum/sling/core/servlet/RestrictionsServlet.class */
public class RestrictionsServlet extends SlingAllMethodsServlet implements RestrictedService {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RestrictionsServlet.class);
    public static final String SERVICE_KEY = "core/commons/restrictions";
    public static final String SERVLET_PATH = "/bin/cpm/core/restrictions";

    @Reference
    private ServiceRestrictions restrictions;

    @Override // com.composum.sling.core.service.RestrictedService
    @NotNull
    public ServiceRestrictions.Key getServiceKey() {
        return new ServiceRestrictions.Key(SERVICE_KEY);
    }

    @Override // org.apache.sling.api.servlets.SlingSafeMethodsServlet
    protected void doGet(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        Status status = new Status(slingHttpServletRequest, slingHttpServletResponse);
        ServiceRestrictions.Key key = new ServiceRestrictions.Key(RequestUtil.getParameter(slingHttpServletRequest, "key", slingHttpServletRequest.getRequestPathInfo().getSuffix()));
        ServiceRestrictions.Permission permission = (ServiceRestrictions.Permission) RequestUtil.getParameter(slingHttpServletRequest, ExternalParsersConfigReaderMetKeys.CHECK_TAG, (ServiceRestrictions.Permission) RequestUtil.getSelector(slingHttpServletRequest, ServiceRestrictions.Permission.read));
        Map<String, Object> data = status.data("result");
        data.put("service", key.toString());
        data.put(ExternalParsersConfigReaderMetKeys.CHECK_TAG, permission);
        data.put("permissible", Boolean.valueOf(this.restrictions.isPermissible(slingHttpServletRequest, key, permission)));
        data.put("permission", this.restrictions.getPermission(key));
        data.put(Condition.KEY_RESTRICTIONS, this.restrictions.getRestrictions(key));
        status.sendJson();
    }

    @Override // org.apache.sling.api.servlets.SlingAllMethodsServlet
    protected void doPost(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        ServiceRestrictions.Permission permission;
        Status status = new Status(slingHttpServletRequest, slingHttpServletResponse);
        HttpSession session = slingHttpServletRequest.getSession(true);
        ServiceRestrictions.Permission defaultPermisson = this.restrictions.getDefaultPermisson();
        ServiceRestrictions.Permission permission2 = (ServiceRestrictions.Permission) RequestUtil.getParameter(slingHttpServletRequest, "permission", (ServiceRestrictions.Permission) RequestUtil.getSelector(slingHttpServletRequest, ServiceRestrictions.Permission.none));
        if (permission2 == ServiceRestrictions.Permission.none) {
            try {
                permission = (ServiceRestrictions.Permission) session.getAttribute(ServiceRestrictionsImpl.SA_PERMISSION);
            } catch (ClassCastException e) {
                permission = null;
            }
            if (permission == null) {
                permission2 = defaultPermisson == ServiceRestrictions.Permission.write ? ServiceRestrictions.Permission.read : ServiceRestrictions.Permission.write;
            } else {
                permission2 = permission == ServiceRestrictions.Permission.write ? null : ServiceRestrictions.Permission.write;
            }
            if (permission2 != null && (permission2 == defaultPermisson || !this.restrictions.isUserOptionAllowed(slingHttpServletRequest, permission2))) {
                permission2 = null;
            }
        }
        if (permission2 != null) {
            session.setAttribute(ServiceRestrictionsImpl.SA_PERMISSION, permission2);
        } else {
            session.removeAttribute(ServiceRestrictionsImpl.SA_PERMISSION);
        }
        Map<String, Object> data = status.data("result");
        data.put("user", permission2);
        data.put("system", defaultPermisson);
        status.sendJson();
    }
}
