package info.magnolia.cms.security;

import info.magnolia.cms.security.auth.ACL;
import info.magnolia.cms.security.auth.PrincipalCollection;
import info.magnolia.cms.security.auth.PrincipalCollectionImpl;
import info.magnolia.cms.util.ObservationUtil;
import info.magnolia.context.MgnlContext;
import info.magnolia.importexport.DataTransporter;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.observation.EventIterator;
import javax.jcr.observation.EventListener;
import javax.security.auth.Subject;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:info/magnolia/cms/security/SystemUserManager.class */
public class SystemUserManager extends MgnlUserManager {
    private static Logger log = LoggerFactory.getLogger(SystemUserManager.class);
    private User anonymousUser;
    private PrincipalCollection anonymousPermissions;

    public SystemUserManager() {
        EventListener eventListener = new EventListener() { // from class: info.magnolia.cms.security.SystemUserManager.1
            public void onEvent(EventIterator eventIterator) {
                SystemUserManager.this.anonymousUser = null;
                SystemUserManager.this.anonymousPermissions = null;
                SystemUserManager.log.debug("Anonymous user reloaded");
            }
        };
        ObservationUtil.registerChangeListener("users", DataTransporter.SLASH + Realm.REALM_SYSTEM.getName() + DataTransporter.SLASH + UserManager.ANONYMOUS_USER, true, "mgnl:user", eventListener);
        ObservationUtil.registerChangeListener("usergroups", DataTransporter.SLASH, true, "mgnl:group", eventListener);
        ObservationUtil.registerDeferredChangeListener("userroles", DataTransporter.SLASH, true, new String[]{"mgnl:role", "mgnl:contentNode"}, eventListener, 1000L, 5000L);
    }

    @Override // info.magnolia.cms.security.MgnlUserManager
    public String getRealmName() {
        String realmName = super.getRealmName();
        if (!StringUtils.isEmpty(realmName)) {
            return realmName;
        }
        log.error("realm of system user manager is not set!");
        return Realm.REALM_SYSTEM.getName();
    }

    @Override // info.magnolia.cms.security.MgnlUserManager, info.magnolia.cms.security.UserManager
    public User getSystemUser() {
        return getOrCreateUser("superuser", "superuser");
    }

    @Override // info.magnolia.cms.security.MgnlUserManager, info.magnolia.cms.security.UserManager
    public User getAnonymousUser() {
        if (this.anonymousUser == null) {
            this.anonymousUser = getRequiredSystemUser(UserManager.ANONYMOUS_USER, UserManager.ANONYMOUS_USER);
        }
        return this.anonymousUser;
    }

    public Subject getAnonymousSubject() {
        if (this.anonymousPermissions == null) {
            Subject createSubjectAndPopulate = SecurityUtil.createSubjectAndPopulate(getAnonymousUser());
            this.anonymousPermissions = (PrincipalCollection) PrincipalUtil.findPrincipal(createSubjectAndPopulate, PrincipalCollection.class);
            return createSubjectAndPopulate;
        }
        Subject subject = new Subject();
        subject.getPrincipals().add(getAnonymousUser());
        ArrayList arrayList = new ArrayList();
        Iterator<Principal> it = this.anonymousPermissions.getCollection().iterator();
        while (it.hasNext()) {
            ACL acl = (ACL) it.next();
            arrayList.add(new ACLImpl(acl.getName(), new ArrayList(acl.getList())));
        }
        subject.getPrincipals().add(new PrincipalCollectionImpl(Collections.unmodifiableCollection(arrayList)));
        return subject;
    }

    private User getRequiredSystemUser(final String str, String str2) {
        return (User) MgnlContext.doInSystemContext(new SilentSessionOp<User>(getRepositoryName()) { // from class: info.magnolia.cms.security.SystemUserManager.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // info.magnolia.cms.security.SilentSessionOp
            public User doExec(Session session) throws RepositoryException {
                try {
                    Node node = session.getNode(DataTransporter.SLASH + Realm.REALM_SYSTEM.getName() + DataTransporter.SLASH + str);
                    if (node != null) {
                        return SystemUserManager.this.newUserInstance(node);
                    }
                    log.error("User not found: {}.", str);
                    return null;
                } catch (RepositoryException e) {
                    log.error("Error caught while loading the system user {}: {}: {}", new Object[]{str, e.getClass().getName(), e.getMessage(), e});
                    return null;
                }
            }
        });
    }

    protected User getOrCreateUser(String str, String str2) {
        User user = getUser(str);
        if (user == null) {
            log.error("Failed to get system user [{}], will try to create new system user with default password", str);
            user = createUser(str, str2);
        }
        return user;
    }
}
