package org.ametys.plugins.workspaces.members;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.ametys.core.observation.Event;
import org.ametys.core.observation.ObservationManager;
import org.ametys.core.right.Profile;
import org.ametys.core.right.ProfileAssignmentStorageExtensionPoint;
import org.ametys.core.right.RightManager;
import org.ametys.core.right.RightProfilesDAO;
import org.ametys.core.ui.Callable;
import org.ametys.core.user.CurrentUserProvider;
import org.ametys.core.user.User;
import org.ametys.core.user.UserIdentity;
import org.ametys.core.user.UserManager;
import org.ametys.plugins.core.user.UserHelper;
import org.ametys.plugins.explorer.resources.ModifiableResourceCollection;
import org.ametys.plugins.repository.AmetysObject;
import org.ametys.plugins.repository.AmetysObjectIterator;
import org.ametys.plugins.repository.AmetysObjectResolver;
import org.ametys.plugins.repository.AmetysRepositoryException;
import org.ametys.plugins.repository.ModifiableAmetysObject;
import org.ametys.plugins.repository.ModifiableTraversableAmetysObject;
import org.ametys.plugins.workspaces.ObservationConstants;
import org.ametys.plugins.workspaces.project.ProjectManager;
import org.ametys.plugins.workspaces.project.modules.WorkspaceModule;
import org.ametys.plugins.workspaces.project.modules.WorkspaceModuleExtensionPoint;
import org.ametys.plugins.workspaces.project.objects.Project;
import org.ametys.plugins.workspaces.project.rights.ProjectRightHelper;
import org.ametys.runtime.plugin.component.AbstractLogEnabled;
import org.ametys.web.repository.page.ModifiablePage;
import org.ametys.web.repository.page.Page;
import org.ametys.web.repository.site.Site;
import org.ametys.web.repository.sitemap.Sitemap;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.context.Contextualizable;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.cocoon.components.ContextHelper;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/ametys/plugins/workspaces/members/ProjectMemberManager.class */
public class ProjectMemberManager extends AbstractLogEnabled implements Serviceable, Component, Contextualizable {
    public static final String ROLE = ProjectMemberManager.class.getName();
    private static final String __PROJECT_MEMBERS_NODE = "ametys-internal:members";
    private static final String __PROJECT_MEMBERS_NODE_TYPE = "ametys:unstructured";
    private static final String __PROJECT_MEMBER_NODE_TYPE = "ametys:project-member";
    private static final String __RIGHTS_ADD_MEMBER_TO_PROJECT = "Plugins_Workspaces_Rights_Service_Module_Members_Add";
    private static final String __RIGHTS_REMOVE_MEMBER_TO_PROJECT = "Plugins_Workspaces_Rights_Service_Module_Members_Remove";
    private static final String __PROJECT_RIGHT_PROFILE = "PROJECT";
    protected Context _context;
    protected ProjectManager _projectManager;
    protected ProjectRightHelper _projectRightHelper;
    protected RightProfilesDAO _rightProfilesDAO;
    protected ProfileAssignmentStorageExtensionPoint _profileAssignmentStorageExtensionPoint;
    protected AmetysObjectResolver _resolver;
    protected RightManager _rightManager;
    protected CurrentUserProvider _currentUserProvider;
    protected UserManager _userManager;
    protected ObservationManager _observationManager;
    protected WorkspaceModuleExtensionPoint _moduleManagerEP;
    protected UserHelper _userHelper;

    public void contextualize(Context context) throws ContextException {
        this._context = context;
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._resolver = (AmetysObjectResolver) serviceManager.lookup(AmetysObjectResolver.ROLE);
        this._projectManager = (ProjectManager) serviceManager.lookup(ProjectManager.ROLE);
        this._projectRightHelper = (ProjectRightHelper) serviceManager.lookup(ProjectRightHelper.ROLE);
        this._rightProfilesDAO = (RightProfilesDAO) serviceManager.lookup(RightProfilesDAO.ROLE);
        this._profileAssignmentStorageExtensionPoint = (ProfileAssignmentStorageExtensionPoint) serviceManager.lookup(ProfileAssignmentStorageExtensionPoint.ROLE);
        this._rightManager = (RightManager) serviceManager.lookup(RightManager.ROLE);
        this._currentUserProvider = (CurrentUserProvider) serviceManager.lookup(CurrentUserProvider.ROLE);
        this._userManager = (UserManager) serviceManager.lookup(UserManager.ROLE);
        this._userHelper = (UserHelper) serviceManager.lookup(UserHelper.ROLE);
        this._observationManager = (ObservationManager) serviceManager.lookup(ObservationManager.ROLE);
        this._moduleManagerEP = (WorkspaceModuleExtensionPoint) serviceManager.lookup(WorkspaceModuleExtensionPoint.ROLE);
    }

    @Callable
    public Map<String, Object> getProjectMemberData(String str, String str2) throws IllegalAccessException {
        HashMap hashMap = new HashMap();
        UserIdentity userIdentity = null;
        if (str2 != null) {
            userIdentity = UserIdentity.stringToUserIdentity(str2);
            if (userIdentity == null) {
                hashMap.put("message", "unknow-user");
                return hashMap;
            }
        }
        Project project = this._projectManager.getProject(str);
        if (project == null) {
            hashMap.put("message", "unknow-project");
            return hashMap;
        }
        if (!this._projectRightHelper.hasRight(__RIGHTS_ADD_MEMBER_TO_PROJECT, project)) {
            throw new IllegalAccessException("User '" + this._currentUserProvider.getUser() + "' tried to access a privilege feature without convenient right [" + __RIGHTS_ADD_MEMBER_TO_PROJECT + ", /projects" + project.getPath() + "]");
        }
        boolean z = true;
        if (userIdentity != null) {
            JCRProjectMember orCreateProjectMember = getOrCreateProjectMember(project, userIdentity);
            z = orCreateProjectMember.needsSave();
            String role = orCreateProjectMember.getRole();
            if (role != null) {
                hashMap.put("role", role);
            }
        }
        hashMap.put("profiles", _getMemberProfiles(userIdentity, project));
        hashMap.put("status", z ? "new" : "edit");
        return hashMap;
    }

    private Map<String, String> _getMemberProfiles(UserIdentity userIdentity, Project project) {
        HashMap hashMap = new HashMap();
        List list = (List) this._projectRightHelper.getProfileList().stream().map(profile -> {
            return profile.getId();
        }).collect(Collectors.toList());
        for (WorkspaceModule workspaceModule : this._projectManager.getModules(project)) {
            Iterator it = this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(workspaceModule.getModuleRoot(project, false), userIdentity).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String str = (String) it.next();
                if (list.contains(str)) {
                    hashMap.put(workspaceModule.getId(), str);
                    break;
                }
            }
            if (!hashMap.containsKey(workspaceModule.getId())) {
                hashMap.put(workspaceModule.getId(), null);
            }
        }
        Iterator it2 = this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(project, userIdentity).iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            String str2 = (String) it2.next();
            if (list.contains(str2)) {
                hashMap.put(__PROJECT_RIGHT_PROFILE, str2);
                break;
            }
        }
        if (!hashMap.containsKey(__PROJECT_RIGHT_PROFILE)) {
            hashMap.put(__PROJECT_RIGHT_PROFILE, null);
        }
        return hashMap;
    }

    @Callable
    public Map<String, Object> setProjectMemberData(String str, String str2, Map<String, String> map, String str3) throws IllegalAccessException {
        HashMap hashMap = new HashMap();
        UserIdentity stringToUserIdentity = UserIdentity.stringToUserIdentity(str2);
        if (stringToUserIdentity == null) {
            hashMap.put("message", "unknow-user");
            return hashMap;
        }
        Project project = this._projectManager.getProject(str);
        if (project == null) {
            hashMap.put("message", "unknow-project");
            return hashMap;
        }
        if (!this._projectRightHelper.hasRight(__RIGHTS_ADD_MEMBER_TO_PROJECT, project)) {
            throw new IllegalAccessException("User '" + this._currentUserProvider.getUser() + "' tried to access a privilege feature without convenient right [" + __RIGHTS_ADD_MEMBER_TO_PROJECT + ", /projects" + project.getPath() + "]");
        }
        JCRProjectMember orCreateProjectMember = getOrCreateProjectMember(project, stringToUserIdentity);
        boolean needsSave = orCreateProjectMember.needsSave();
        if (str3 != null) {
            orCreateProjectMember.setRole(str3);
        }
        _setMemberProfiles(map, stringToUserIdentity, project, needsSave);
        project.saveChanges();
        if (needsSave) {
            HashMap hashMap2 = new HashMap();
            hashMap2.put(ObservationConstants.ARGS_MEMBER, orCreateProjectMember);
            hashMap2.put(ObservationConstants.ARGS_MEMBER_ID, orCreateProjectMember.getId());
            hashMap2.put("project", project);
            hashMap2.put(ObservationConstants.ARGS_PROJECT_ID, project.getId());
            this._observationManager.notify(new Event(ObservationConstants.EVENT_MEMBER_ADDED, this._currentUserProvider.getUser(), hashMap2));
        }
        return hashMap;
    }

    private void _setMemberProfiles(Map<String, String> map, UserIdentity userIdentity, Project project, boolean z) {
        _allowReadAccessOnProjectSite(userIdentity, project);
        List<Profile> profileList = this._projectRightHelper.getProfileList();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            ArrayList arrayList = new ArrayList();
            if (entry.getValue() != null) {
                arrayList.add(entry.getValue());
            }
            String key = entry.getKey();
            if (__PROJECT_RIGHT_PROFILE.equals(key)) {
                if (z) {
                    arrayList.add("READER");
                }
                _setMemberProfiles(userIdentity, profileList, (List<String>) arrayList, (AmetysObject) project);
            } else {
                WorkspaceModule module = this._moduleManagerEP.getModule(key);
                if (module != null && this._projectManager.isModuleActivated(project, key)) {
                    _setMemberProfiles(userIdentity, profileList, (List<String>) arrayList, (AmetysObject) module.getModuleRoot(project, false));
                    AmetysObjectIterator it = module.getModulePages(project, null).iterator();
                    while (it.hasNext()) {
                        _updateReadAccessOnModulePage(userIdentity, (Page) it.next(), arrayList.size() > 0);
                    }
                }
            }
        }
    }

    private void _setMemberProfiles(UserIdentity userIdentity, List<Profile> list, List<String> list2, AmetysObject ametysObject) {
        HashSet hashSet = new HashSet();
        Set allowedProfilesForUser = this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(ametysObject, userIdentity);
        if (list2.size() == 0) {
            for (Profile profile : list) {
                if (allowedProfilesForUser.contains(profile.getId())) {
                    this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, profile.getId(), ametysObject);
                    hashSet.add(profile.getId());
                }
            }
            if (allowedProfilesForUser.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, "READER", ametysObject);
                hashSet.add("READER");
            }
        } else {
            for (Profile profile2 : list) {
                if (allowedProfilesForUser.contains(profile2.getId()) && !list2.contains(profile2.getId())) {
                    this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, profile2.getId(), ametysObject);
                    hashSet.add(profile2.getId());
                }
            }
            for (String str : list2) {
                if (!allowedProfilesForUser.contains(str)) {
                    this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, str, ametysObject);
                    hashSet.add(str);
                }
            }
            if (!allowedProfilesForUser.contains("READER") && !list2.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, "READER", ametysObject);
                hashSet.add("READER");
            }
        }
        if (hashSet.size() > 0) {
            HashMap hashMap = new HashMap();
            hashMap.put("acl-context", ametysObject);
            hashMap.put("acl-context-identifier", ametysObject.getId());
            hashMap.put("acl-profiles", hashSet);
            this._observationManager.notify(new Event("acl.update", this._currentUserProvider.getUser(), hashMap));
        }
    }

    private void _allowReadAccessOnProjectSite(UserIdentity userIdentity, Project project) {
        Collection<Site> sites = project.getSites();
        if (sites.isEmpty()) {
            return;
        }
        AmetysObjectIterator it = sites.iterator().next().getSitemaps().iterator();
        while (it.hasNext()) {
            Sitemap sitemap = (Sitemap) it.next();
            if (!this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(sitemap, userIdentity).contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, "READER", sitemap);
                sitemap.saveChanges();
                HashMap hashMap = new HashMap();
                hashMap.put("acl-context", sitemap);
                hashMap.put("acl-context-identifier", sitemap.getId());
                hashMap.put("acl-profiles", Collections.singleton("READER"));
                this._observationManager.notify(new Event("acl.update", userIdentity, hashMap));
            }
        }
    }

    private void _removeReadAccessOnProjectSite(UserIdentity userIdentity, Project project) {
        Collection<Site> sites = project.getSites();
        if (sites.isEmpty()) {
            return;
        }
        AmetysObjectIterator it = sites.iterator().next().getSitemaps().iterator();
        while (it.hasNext()) {
            Sitemap sitemap = (Sitemap) it.next();
            if (this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(sitemap, userIdentity).contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, "READER", sitemap);
                sitemap.saveChanges();
                HashMap hashMap = new HashMap();
                hashMap.put("acl-context", sitemap);
                hashMap.put("acl-context-identifier", sitemap.getId());
                hashMap.put("acl-profiles", Collections.singleton("READER"));
                this._observationManager.notify(new Event("acl.update", this._currentUserProvider.getUser(), hashMap));
            }
        }
    }

    private void _updateReadAccessOnModulePage(UserIdentity userIdentity, Page page, boolean z) {
        Set allowedProfilesForUser = this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(page, userIdentity);
        Set deniedProfilesForUser = this._profileAssignmentStorageExtensionPoint.getDeniedProfilesForUser(page, userIdentity);
        boolean z2 = false;
        if (z) {
            if (!allowedProfilesForUser.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, "READER", page);
                z2 = true;
            }
            if (deniedProfilesForUser.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.removeDeniedProfileFromUser(userIdentity, "READER", page);
                z2 = true;
            }
        } else {
            if (allowedProfilesForUser.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, "READER", page);
                z2 = true;
            }
            if (!deniedProfilesForUser.contains("READER")) {
                this._profileAssignmentStorageExtensionPoint.denyProfileToUser(userIdentity, "READER", page);
                z2 = true;
            }
        }
        if (z2) {
            ((ModifiablePage) page).saveChanges();
            HashMap hashMap = new HashMap();
            hashMap.put("acl-context", page);
            hashMap.put("acl-context-identifier", page.getId());
            hashMap.put("acl-profiles", Collections.singleton("READER"));
            this._observationManager.notify(new Event("acl.update", this._currentUserProvider.getUser(), hashMap));
        }
    }

    private void _removeMemberProfiles(UserIdentity userIdentity, AmetysObject ametysObject) {
        Set<String> allowedProfilesForUser = this._profileAssignmentStorageExtensionPoint.getAllowedProfilesForUser(ametysObject, userIdentity);
        Set<String> deniedProfilesForUser = this._profileAssignmentStorageExtensionPoint.getDeniedProfilesForUser(ametysObject, userIdentity);
        HashSet hashSet = new HashSet();
        if (allowedProfilesForUser.size() > 0) {
            for (String str : allowedProfilesForUser) {
                this._profileAssignmentStorageExtensionPoint.removeAllowedProfileFromUser(userIdentity, str, ametysObject);
                hashSet.add(str);
            }
        }
        if (deniedProfilesForUser.size() > 0) {
            for (String str2 : deniedProfilesForUser) {
                this._profileAssignmentStorageExtensionPoint.removeDeniedProfileFromUser(userIdentity, str2, ametysObject);
                hashSet.add(str2);
            }
        }
        if (hashSet.size() > 0) {
            ((ModifiableAmetysObject) ametysObject).saveChanges();
            HashMap hashMap = new HashMap();
            hashMap.put("acl-context", ametysObject);
            hashMap.put("acl-context-identifier", ametysObject.getId());
            hashMap.put("acl-profiles", hashSet);
            this._observationManager.notify(new Event("acl.update", this._currentUserProvider.getUser(), hashMap));
        }
    }

    @Callable
    public Map<String, Object> getCurrentUser() {
        HashMap hashMap = new HashMap();
        hashMap.put("user", this._userHelper.user2json(this._currentUserProvider.getUser()));
        return hashMap;
    }

    @Callable
    public Map<String, Object> getProjectMembers() {
        HashMap hashMap = new HashMap();
        String str = (String) ContextHelper.getRequest(this._context).getAttribute("projectName");
        hashMap.put("users", (StringUtils.isNotEmpty(str) ? (List) getProjectMembers(this._projectManager.getProject(str)).stream().map((v0) -> {
            return v0.getUser();
        }).collect(Collectors.toList()) : (List) this._projectManager.getProjects().stream().map(project -> {
            return getProjectMembers(project);
        }).flatMap((v0) -> {
            return v0.stream();
        }).map((v0) -> {
            return v0.getUser();
        }).collect(Collectors.toList())).stream().map(userIdentity -> {
            return this._userHelper.getUser(userIdentity);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).map(user -> {
            return this._userHelper.user2json(user, true);
        }).collect(Collectors.toList()));
        return hashMap;
    }

    @Callable
    public Map<String, Object> getProjectMembers(String str) throws IllegalAccessException, AmetysRepositoryException {
        Project project = this._projectManager.getProject(str);
        Set<JCRProjectMember> projectMembers = getProjectMembers(project);
        ArrayList arrayList = new ArrayList();
        if (!this._projectRightHelper.hasReadAccess(project)) {
            throw new IllegalAccessException("User '" + this._currentUserProvider.getUser() + "' tried to access a privilege feature without reader right in the project " + project.getPath());
        }
        for (JCRProjectMember jCRProjectMember : projectMembers) {
            UserIdentity user = jCRProjectMember.getUser();
            User user2 = this._userManager.getUser(user);
            if (user2 != null) {
                HashMap hashMap = new HashMap();
                hashMap.putAll(this._userHelper.user2json(user2));
                hashMap.put("id", UserIdentity.userIdentityToString(user));
                String role = jCRProjectMember.getRole();
                if (role != null) {
                    hashMap.put("role", role);
                }
                HashMap hashMap2 = new HashMap();
                hashMap2.put("edit", Boolean.valueOf(this._projectRightHelper.hasRight(__RIGHTS_ADD_MEMBER_TO_PROJECT, project)));
                hashMap2.put("delete", Boolean.valueOf(this._projectRightHelper.hasRight(__RIGHTS_REMOVE_MEMBER_TO_PROJECT, project)));
                hashMap.put("rights", hashMap2);
                arrayList.add(hashMap);
            }
        }
        HashMap hashMap3 = new HashMap();
        hashMap3.put("members", arrayList);
        return hashMap3;
    }

    @Callable
    public Map<String, Object> getMemberModuleRights(String str) {
        HashMap hashMap = new HashMap();
        Project project = this._projectManager.getProject(str);
        if (project == null) {
            hashMap.put("message", "unknow-project");
            return hashMap;
        }
        hashMap.put("view", Boolean.valueOf(this._projectRightHelper.hasReadAccess(project)));
        hashMap.put("add", Boolean.valueOf(this._projectRightHelper.hasRight(__RIGHTS_ADD_MEMBER_TO_PROJECT, project)));
        return hashMap;
    }

    public Set<JCRProjectMember> getProjectMembers(Project project) {
        HashSet hashSet = new HashSet();
        if (project != null) {
            AmetysObjectIterator it = _getProjectMembersNode(project).getChildren().iterator();
            while (it.hasNext()) {
                JCRProjectMember jCRProjectMember = (AmetysObject) it.next();
                if (jCRProjectMember instanceof JCRProjectMember) {
                    hashSet.add(jCRProjectMember);
                }
            }
        }
        return hashSet;
    }

    public boolean isProjectMember(Project project, UserIdentity userIdentity) {
        if (userIdentity == null) {
            return false;
        }
        return getProjectMembers(project).stream().anyMatch(jCRProjectMember -> {
            return userIdentity.equals(jCRProjectMember.getUser());
        });
    }

    public void setProjectManager(String str, String str2, UserIdentity userIdentity) {
        Project project = this._projectManager.getProject(str);
        if (project != null) {
            getOrCreateProjectMember(project, userIdentity);
            project.setManager(userIdentity);
            this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, "READER", project);
            this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, str2, project);
            _notifyAclUpdated(userIdentity, project, Arrays.asList("READER", str2));
            Iterator<WorkspaceModule> it = this._projectManager.getModules(project).iterator();
            while (it.hasNext()) {
                ModifiableResourceCollection moduleRoot = it.next().getModuleRoot(project, false);
                this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, "READER", moduleRoot);
                this._profileAssignmentStorageExtensionPoint.allowProfileToUser(userIdentity, str2, moduleRoot);
                _notifyAclUpdated(userIdentity, moduleRoot, Arrays.asList("READER", str2));
            }
            _allowReadAccessOnProjectSite(userIdentity, project);
            project.saveChanges();
        }
    }

    private void _notifyAclUpdated(UserIdentity userIdentity, AmetysObject ametysObject, Collection<String> collection) {
        HashMap hashMap = new HashMap();
        hashMap.put("acl-context", ametysObject);
        hashMap.put("acl-context-identifier", ametysObject.getId());
        hashMap.put("acl-profiles", collection);
        this._observationManager.notify(new Event("acl.update", userIdentity, hashMap));
    }

    public JCRProjectMember getOrCreateProjectMember(Project project, UserIdentity userIdentity) {
        ModifiableTraversableAmetysObject _getProjectMembersNode = _getProjectMembersNode(project);
        AmetysObjectIterator it = _getProjectMembersNode.getChildren().iterator();
        while (it.hasNext()) {
            JCRProjectMember jCRProjectMember = (AmetysObject) it.next();
            if ((jCRProjectMember instanceof JCRProjectMember) && userIdentity.equals(jCRProjectMember.getUser())) {
                return jCRProjectMember;
            }
        }
        String str = "member";
        int i = 1;
        while (_getProjectMembersNode.hasChild(str)) {
            i++;
            str = "member-" + i;
        }
        JCRProjectMember createChild = _getProjectMembersNode.createChild(str, __PROJECT_MEMBER_NODE_TYPE);
        createChild.setUser(userIdentity);
        return createChild;
    }

    @Callable
    public Map<String, Object> removeMember(String str, String str2) throws IllegalAccessException {
        HashMap hashMap = new HashMap();
        UserIdentity stringToUserIdentity = UserIdentity.stringToUserIdentity(str2);
        if (stringToUserIdentity == null) {
            hashMap.put("message", "unknow-user");
            return hashMap;
        }
        Project project = this._projectManager.getProject(str);
        if (project == null) {
            hashMap.put("message", "unknow-project");
            return hashMap;
        }
        if (!this._projectRightHelper.hasRight(__RIGHTS_REMOVE_MEMBER_TO_PROJECT, project)) {
            throw new IllegalAccessException("User '" + this._currentUserProvider.getUser() + "' tried to access a privilege feature without convenient right [" + __RIGHTS_REMOVE_MEMBER_TO_PROJECT + ", /projects" + project.getPath() + "]");
        }
        JCRProjectMember jCRProjectMember = null;
        AmetysObjectIterator it = _getProjectMembersNode(project).getChildren().iterator();
        while (it.hasNext()) {
            JCRProjectMember jCRProjectMember2 = (AmetysObject) it.next();
            if ((jCRProjectMember2 instanceof JCRProjectMember) && stringToUserIdentity.equals(jCRProjectMember2.getUser())) {
                jCRProjectMember = jCRProjectMember2;
            }
        }
        if (jCRProjectMember == null) {
            hashMap.put("message", "unknow-member");
            return hashMap;
        }
        _removeReadAccessOnProjectSite(stringToUserIdentity, project);
        for (WorkspaceModule workspaceModule : this._projectManager.getModules(project)) {
            _removeMemberProfiles(stringToUserIdentity, workspaceModule.getModuleRoot(project, false));
            AmetysObjectIterator it2 = workspaceModule.getModulePages(project, null).iterator();
            while (it2.hasNext()) {
                _removeMemberProfiles(stringToUserIdentity, (Page) it2.next());
            }
        }
        _removeMemberProfiles(stringToUserIdentity, project);
        jCRProjectMember.remove();
        project.saveChanges();
        HashMap hashMap2 = new HashMap();
        hashMap2.put(ObservationConstants.ARGS_MEMBER_IDENTITY, stringToUserIdentity);
        hashMap2.put("project", project);
        this._observationManager.notify(new Event(ObservationConstants.EVENT_MEMBER_DELETED, this._currentUserProvider.getUser(), hashMap2));
        return hashMap;
    }

    protected ModifiableTraversableAmetysObject _getProjectMembersNode(Project project) {
        if (project == null) {
            throw new AmetysRepositoryException("Error getting the project users node, project is null");
        }
        try {
            return project.hasChild(__PROJECT_MEMBERS_NODE) ? (ModifiableTraversableAmetysObject) project.getChild(__PROJECT_MEMBERS_NODE) : project.createChild(__PROJECT_MEMBERS_NODE, __PROJECT_MEMBERS_NODE_TYPE);
        } catch (AmetysRepositoryException e) {
            throw new AmetysRepositoryException("Error getting the project users node", e);
        }
    }
}
