package com.ibm.bscape.rest.handler.action;

import com.ibm.bscape.exception.DocumentAccessException;
import com.ibm.bscape.exception.InvalidDataFormatException;
import com.ibm.bscape.objects.util.JSON2JavaBeanHelper;
import com.ibm.bscape.objects.util.JSONPropertyConstants;
import com.ibm.bscape.repository.db.DocumentACLAccessBean;
import com.ibm.bscape.resource.BScapeMessageKeys;
import com.ibm.bscape.resource.Messages;
import com.ibm.bscape.rest.handler.RestHandler;
import com.ibm.bscape.rest.handler.action.util.DocumentSecurityHelper;
import com.ibm.bscape.rest.util.ResponseStatusHelper;
import com.ibm.bscape.transaction.TransactionHandle;
import com.ibm.bscape.transaction.TransactionManager;
import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONObject;
import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:lib/BusinessLeaderRuntime.jar:com/ibm/bscape/rest/handler/action/AssignDocumentACLsAction.class */
public class AssignDocumentACLsAction extends AbstractAction {
    private static final String CLASSNAME = AssignDocumentACLsAction.class.getName();
    protected static Logger logger = Logger.getLogger(CLASSNAME, null);

    public AssignDocumentACLsAction(RestHandler restHandler) {
        super(restHandler);
    }

    @Override // com.ibm.bscape.rest.handler.action.AbstractAction, com.ibm.bscape.rest.handler.action.Action
    public JSONObject execute(JSONObject jSONObject) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "execute");
        }
        JSONObject jSONObject2 = new JSONObject();
        String str = (String) jSONObject.get("userdn");
        JSONObject jSONObject3 = null;
        JSONObject jSONObject4 = (JSONObject) jSONObject.get("payload");
        if (jSONObject4 != null) {
            jSONObject3 = (JSONObject) jSONObject4.get(JSONPropertyConstants.PROPERTIES);
        }
        if (jSONObject3 == null) {
            ResponseStatusHelper.setErrorCode(jSONObject2, Messages.getMessage(BScapeMessageKeys.MISSING_PARAM_IN_PAYLOAD, new Object[]{JSONPropertyConstants.PROPERTIES}, getLocale()), 400);
        } else {
            try {
                if (JSON2JavaBeanHelper.getMandatoryProperty(jSONObject3, JSONPropertyConstants.ACCESS_CONTROL) instanceof JSONArray) {
                    jSONObject2 = addACLs((JSONArray) jSONObject3.get(JSONPropertyConstants.ACCESS_CONTROL), str);
                } else {
                    ResponseStatusHelper.setErrorCode(jSONObject2, Messages.getMessage(BScapeMessageKeys.BAD_REQUEST_DATA, getLocale()), 400);
                }
            } catch (InvalidDataFormatException e) {
                ResponseStatusHelper.setErrorCode(jSONObject2, e.getMessage(), 400);
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "execute", "return: " + jSONObject2.toString());
        }
        return jSONObject2;
    }

    private JSONObject addACLs(JSONArray jSONArray, String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "addACLs", "acls=" + jSONArray.toString() + "  docId=" + getDocId());
        }
        JSONObject jSONObject = new JSONObject();
        TransactionHandle transactionHandle = null;
        try {
            try {
                try {
                    TransactionHandle begin = TransactionManager.begin();
                    validateRequest(jSONArray, str);
                    for (int i = 0; i < jSONArray.size(); i++) {
                        JSONObject jSONObject2 = (JSONObject) jSONArray.get(i);
                        new DocumentACLAccessBean().create(getDocId(), (String) JSON2JavaBeanHelper.getMandatoryProperty(jSONObject2, "spaceId"), "edit".equals((String) JSON2JavaBeanHelper.getMandatoryProperty(jSONObject2, JSONPropertyConstants.ACCESS_CONTROL_LEVEL)) ? 1 : 0);
                    }
                    TransactionManager.commit(begin);
                    transactionHandle = null;
                    ResponseStatusHelper.setOkResultStatus(jSONObject, 200, Messages.getMessage(BScapeMessageKeys.ACL_ASSIGN_OK, getLocale()));
                } catch (InvalidDataFormatException e) {
                    ResponseStatusHelper.setErrorCode(jSONObject, e.getMessage(), 400);
                }
            } catch (DocumentAccessException e2) {
                ResponseStatusHelper.setErrorCode(jSONObject, e2.getMessage(), 401);
            } catch (Exception e3) {
                if (logger.isLoggable(Level.SEVERE)) {
                    logger.logp(Level.SEVERE, CLASSNAME, "addACLs", e3.getMessage(), (Throwable) e3);
                }
                ResponseStatusHelper.setGeneralThrowableStatus(jSONObject, e3);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "addACLs", " return: " + jSONObject.toString());
            }
            return jSONObject;
        } finally {
            if (transactionHandle != null) {
                TransactionManager.rollback(transactionHandle);
            }
        }
    }

    private void validateRequest(JSONArray jSONArray, String str) throws SQLException, InvalidDataFormatException, DocumentAccessException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "validateRequest", "acls=" + jSONArray.toString() + "  strUserDN=" + str);
        }
        boolean z = false;
        for (int i = 0; i < jSONArray.size(); i++) {
            JSONObject jSONObject = (JSONObject) jSONArray.get(i);
            JSON2JavaBeanHelper.getMandatoryProperty(jSONObject, "spaceId");
            if ("edit".equals((String) JSON2JavaBeanHelper.getMandatoryProperty(jSONObject, JSONPropertyConstants.ACCESS_CONTROL_LEVEL))) {
                z = true;
            }
        }
        if (z) {
            DocumentSecurityHelper.canAssignEditACL(getDocId(), str, getLocale());
        } else {
            DocumentSecurityHelper.canAssignReadACL(getDocId(), str, getLocale());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASSNAME, "validateRequest");
        }
    }
}
