package org.apache.jackrabbit.j2ee.workspacemanager.servlets.rest;

import com.thoughtworks.xstream.XStream;
import com.thoughtworks.xstream.io.xml.DomDriver;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.Principal;
import java.util.HashSet;
import javax.jcr.Node;
import javax.jcr.Repository;
import javax.jcr.Session;
import javax.jcr.security.Privilege;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlManager;
import org.apache.jackrabbit.j2ee.RepositoryAccessServlet;
import org.apache.jackrabbit.j2ee.accessmanager.AccessControlUtil;
import org.apache.jackrabbit.j2ee.workspacemanager.SessionManager;
import org.apache.jackrabbit.j2ee.workspacemanager.storage.GCUBEStorage;
import org.apache.jackrabbit.j2ee.workspacemanager.util.CustomPrivilege;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/apache/jackrabbit/j2ee/workspacemanager/servlets/rest/Delete.class */
public class Delete extends HttpServlet {
    private static Logger logger = LoggerFactory.getLogger(Delete.class);
    private static final long serialVersionUID = 1;
    private static final String PORTAL_LOGIN = "hl:portalLogin";
    private static final String OWNER_NODE = "hl:owner";

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Session newSession;
        boolean hasPrivileges;
        String xml;
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        String parameter = httpServletRequest.getParameter("uuid");
        String parameter2 = httpServletRequest.getParameter("absPath");
        Repository repository = RepositoryAccessServlet.getRepository(getServletContext());
        SessionManager sessionManager = null;
        try {
            try {
                XStream xStream = new XStream(new DomDriver("UTF-8"));
                SessionManager sessionManager2 = SessionManager.getInstance(repository);
                boolean sessionExists = sessionManager2.sessionExists(parameter);
                if (sessionExists) {
                    newSession = sessionManager2.getSession(parameter);
                } else {
                    newSession = sessionManager2.newSession(httpServletRequest);
                    parameter = newSession.toString();
                }
                try {
                    String login = sessionManager2.getLogin(parameter);
                    Node node = newSession.getNode(parameter2);
                    String str = null;
                    if (node.hasProperty("hl:portalLogin")) {
                        str = node.getProperty("hl:portalLogin").getString();
                    } else if (node.hasNode("hl:owner")) {
                        str = node.getNode("hl:owner").getProperty("hl:portalLogin").getString();
                    }
                    if (str.equals(login)) {
                        hasPrivileges = true;
                    } else {
                        Principal principal = AccessControlUtil.getPrincipalManager(newSession).getPrincipal(login);
                        JackrabbitAccessControlManager jackrabbitAccessControlManager = (JackrabbitAccessControlManager) newSession.getAccessControlManager();
                        HashSet hashSet = new HashSet();
                        hashSet.add(principal);
                        logger.info("Check if " + principal.getName() + " can delete node " + parameter2);
                        hasPrivileges = jackrabbitAccessControlManager.hasPrivileges(parameter2, hashSet, new Privilege[]{jackrabbitAccessControlManager.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES), jackrabbitAccessControlManager.privilegeFromName(CustomPrivilege.NO_LIMIT)});
                        logger.info("Can " + principal.getName() + " delete node " + parameter2 + "? " + hasPrivileges);
                    }
                    if (hasPrivileges) {
                        Boolean valueOf = Boolean.valueOf(node.getPrimaryNodeType().getName().equals("nthl:workspaceItem") || node.getPrimaryNodeType().getName().equals("nthl:workspaceSharedItem"));
                        newSession.removeItem(parameter2);
                        newSession.save();
                        GCUBEStorage gCUBEStorage = new GCUBEStorage(sessionManager2.getLogin(httpServletRequest));
                        if (valueOf.booleanValue()) {
                            gCUBEStorage.removeRemoteFolder(parameter2);
                        } else {
                            gCUBEStorage.removeRemoteFile(parameter2);
                        }
                        xml = xStream.toXML(true);
                    } else {
                        xml = xStream.toXML("No privilege to Delete node");
                    }
                    httpServletResponse.setContentLength(xml.length());
                    writer.println(xml);
                } catch (Exception e) {
                    logger.error("Error deleting item: " + parameter2, (Throwable) e);
                    String xml2 = xStream.toXML(e.toString());
                    httpServletResponse.setContentLength(xml2.length());
                    writer.println(xml2);
                }
                if (!sessionExists) {
                    sessionManager2.releaseSession(parameter);
                }
                writer.close();
                writer.flush();
            } catch (Exception e2) {
                e2.printStackTrace();
                if (0 == 0) {
                    sessionManager.releaseSession(parameter);
                }
                writer.close();
                writer.flush();
            }
        } catch (Throwable th) {
            if (0 == 0) {
                sessionManager.releaseSession(parameter);
            }
            writer.close();
            writer.flush();
            throw th;
        }
    }
}
