package org.apache.sling.jcr.jackrabbit.accessmanager.post;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.jcr.Item;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import org.apache.jackrabbit.api.jsr283.security.AccessControlEntry;
import org.apache.jackrabbit.api.jsr283.security.AccessControlList;
import org.apache.jackrabbit.api.jsr283.security.AccessControlManager;
import org.apache.jackrabbit.api.jsr283.security.AccessControlPolicy;
import org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ResourceNotFoundException;
import org.apache.sling.api.servlets.HtmlResponse;
import org.apache.sling.jcr.base.util.AccessControlUtil;
import org.apache.sling.servlets.post.Modification;
import org.apache.sling.servlets.post.SlingPostConstants;

/* loaded from: input_file:WEB-INF/resources/bundles/15/org.apache.sling.jcr.jackrabbit.accessmanager-2.0.2-incubator.jar:org/apache/sling/jcr/jackrabbit/accessmanager/post/DeleteAcesServlet.class */
public class DeleteAcesServlet extends AbstractAccessPostServlet {
    private static final long serialVersionUID = 3784866802938282971L;

    @Override // org.apache.sling.jcr.jackrabbit.accessmanager.post.AbstractAccessPostServlet
    protected void handleOperation(SlingHttpServletRequest slingHttpServletRequest, HtmlResponse htmlResponse, List<Modification> list) throws RepositoryException {
        String[] parameterValues = slingHttpServletRequest.getParameterValues(SlingPostConstants.RP_APPLY_TO);
        if (parameterValues == null) {
            throw new RepositoryException("principalIds were not sumitted.");
        }
        Resource resource = slingHttpServletRequest.getResource();
        if (resource == null) {
            throw new ResourceNotFoundException("Resource not found.");
        }
        Item item = (Item) resource.adaptTo(Item.class);
        if (item == null) {
            throw new ResourceNotFoundException("Resource is not a JCR Node");
        }
        String path = item.getPath();
        Session session = (Session) slingHttpServletRequest.getResourceResolver().adaptTo(Session.class);
        if (session == null) {
            throw new RepositoryException("JCR Session not found");
        }
        HashSet hashSet = new HashSet();
        hashSet.addAll(Arrays.asList(parameterValues));
        try {
            AccessControlManager accessControlManager = AccessControlUtil.getAccessControlManager(session);
            AccessControlList accessControlList = null;
            AccessControlPolicyIterator applicablePolicies = accessControlManager.getApplicablePolicies(path);
            while (true) {
                if (!applicablePolicies.hasNext()) {
                    break;
                }
                AccessControlPolicy nextAccessControlPolicy = applicablePolicies.nextAccessControlPolicy();
                if (nextAccessControlPolicy instanceof AccessControlList) {
                    accessControlList = (AccessControlList) nextAccessControlPolicy;
                    break;
                }
            }
            if (accessControlList == null) {
                throw new RepositoryException("Unable to find an access control policy to update.");
            }
            AccessControlEntry[] accessControlEntries = accessControlList.getAccessControlEntries();
            ArrayList arrayList = new ArrayList();
            for (AccessControlEntry accessControlEntry : accessControlEntries) {
                if (hashSet.contains(accessControlEntry.getPrincipal().getName())) {
                    arrayList.add(accessControlEntry);
                }
            }
            if (!arrayList.isEmpty()) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    accessControlList.removeAccessControlEntry((AccessControlEntry) it.next());
                }
            }
            accessControlManager.setPolicy(path, accessControlList);
        } catch (RepositoryException e) {
            throw new RepositoryException("Failed to delete access control.", e);
        }
    }
}
