package org.exist.xquery.functions.xmldb;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.EXistException;
import org.exist.dom.QName;
import org.exist.security.Account;
import org.exist.security.PermissionDeniedException;
import org.exist.security.SecurityManager;
import org.exist.security.Subject;
import org.exist.security.internal.aider.GroupAider;
import org.exist.storage.DBBroker;
import org.exist.xquery.BasicFunction;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.functions.securitymanager.GroupManagementFunction;
import org.exist.xquery.value.BooleanValue;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.FunctionReturnSequenceType;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceIterator;
import org.exist.xquery.value.SequenceType;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/exist-core-3.0.RC1.jar:org/exist/xquery/functions/xmldb/XMLDBCreateGroup.class */
public class XMLDBCreateGroup extends BasicFunction {
    protected static final Logger logger = LogManager.getLogger((Class<?>) XMLDBCreateUser.class);
    public static final FunctionSignature[] signatures = {new FunctionSignature(new QName("create-group", XMLDBModule.NAMESPACE_URI, "xmldb"), "Create a new user group. $group is the group name. The current user will be the groups manager.", new SequenceType[]{new FunctionParameterSequenceType("group", 22, 2, "The group name")}, new FunctionReturnSequenceType(23, 2, "true() or false() indicating the outcome of the operation"), GroupManagementFunction.FNS_CREATE_GROUP), new FunctionSignature(new QName("create-group", XMLDBModule.NAMESPACE_URI, "xmldb"), "Create a new user group, with an initial member. $group is the group name, $group-manager-username are the groups managers in addition to the current user.", new SequenceType[]{new FunctionParameterSequenceType("group", 22, 2, "The group name"), new FunctionParameterSequenceType("group-manager-username", 22, 6, "The name of the user(s) who will be the groups manager")}, new FunctionReturnSequenceType(23, 2, "true() or false() indicating the outcome of the operation"), GroupManagementFunction.FNS_CREATE_GROUP_WITH_MANAGERS_WITH_METADATA)};

    public XMLDBCreateGroup(XQueryContext xQueryContext, FunctionSignature functionSignature) {
        super(xQueryContext, functionSignature);
    }

    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v27, types: [org.exist.security.Group] */
    @Override // org.exist.xquery.BasicFunction
    public Sequence eval(Sequence[] sequenceArr, Sequence sequence) throws XPathException {
        String stringValue = sequenceArr[0].getStringValue();
        if ("guest".equals(this.context.getSubject().getName()) || SecurityManager.DBA_GROUP.equals(stringValue)) {
            XPathException xPathException = new XPathException(this, "Permission denied, calling account '" + this.context.getSubject().getName() + "' must be an authenticated account to call this function.");
            logger.error("Invalid user", (Throwable) xPathException);
            throw xPathException;
        }
        logger.info("Attempting to create group " + stringValue);
        GroupAider groupAider = new GroupAider(stringValue);
        DBBroker broker = this.context.getBroker();
        Subject subject = broker.getSubject();
        try {
            SecurityManager securityManager = broker.getBrokerPool().getSecurityManager();
            groupAider.addManager(subject);
            if (sequenceArr.length == 2) {
                SequenceIterator iterate = sequenceArr[1].iterate();
                while (iterate.hasNext()) {
                    String stringValue2 = iterate.nextItem().getStringValue();
                    Account account = securityManager.getAccount(stringValue2);
                    if (account == null) {
                        logger.error("Could not find the user: " + stringValue2);
                        return BooleanValue.FALSE;
                    }
                    groupAider.addManager(account);
                }
            }
            groupAider = securityManager.addGroup(groupAider);
            Subject subject2 = this.context.getBroker().getSubject();
            try {
                this.context.getBroker().setSubject(securityManager.getSystemSubject());
                for (Account account2 : groupAider.getManagers()) {
                    account2.addGroup(groupAider);
                    securityManager.updateAccount(account2);
                }
                this.context.getBroker().setSubject(subject2);
                return BooleanValue.TRUE;
            } catch (Throwable th) {
                this.context.getBroker().setSubject(subject2);
                throw th;
            }
        } catch (EXistException e) {
            logger.error("Failed to create group: " + groupAider, (Throwable) e);
            return BooleanValue.FALSE;
        } catch (PermissionDeniedException e2) {
            throw new XPathException(this, "Permission denied, calling account '" + this.context.getSubject().getName() + "' do not authorize to call this function.");
        }
    }
}
