package com.thinkdynamics.users;

import com.thinkdynamics.kanaha.util.XmlSetting;
import com.thinkdynamics.kanaha.util.exception.CryptoException;
import com.thinkdynamics.kanaha.util.exception.ErrorCode;
import com.thinkdynamics.kanaha.util.exception.KanahaSystemException;
import com.thinkdynamics.kanaha.util.logging.TIOLogger;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.jdom.Element;

/* loaded from: input_file:installer/IY99249.jar:efixes/IY99249/components/tio/update.jar:/apps/tcje.ear:lib/plumbing.jar:com/thinkdynamics/users/IbmDSLdapRole.class */
public class IbmDSLdapRole extends LdapRole {
    public static final String IBM_COPYRIGHT = "Licensed Materials - Property of IBM\n5724-F75\n(C) Copyright IBM Corp.  2003, 2004, 2005\nAll Rights Reserved\nUS Government Users Restricted Rights -Use, duplication or \ndisclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static TIOLogger log;
    private static final String ROLE_CLASS = "tioRole";
    private static final String FILTERING_GROUP_CLASS = "groupOfURLs";
    private static final String NESTING_GROUP_CLASS = "ibm-nestedGroup";
    private static final String GROUP_ATTRIBUTE = "memberURL";
    private static final String IBM_GROUP_ATTRIBUTE = "ibm-memberGroup";
    private static final String IBM_ALL_MEMBER = "ibm-allMembers";
    private Enumeration enumOfInterfaceRoles = null;
    private Enumeration enumOfCustomizedRole = null;
    private String root = null;
    static Class class$com$thinkdynamics$users$IbmDSLdapUser;

    private Attribute attachUserToRoles(DirContext dirContext, User user, Attribute attribute) throws NamingException {
        if (attribute == null) {
            attribute = new BasicAttribute(this.roleAttribute);
        }
        List roles = user.getRoles();
        Collection internalRole = getInternalRole(dirContext);
        Collection interfaceRole = getInterfaceRole(dirContext);
        for (int i = 0; i < roles.size(); i++) {
            String str = (String) roles.get(i);
            if (!attribute.contains(str)) {
                boolean z = false;
                Iterator it = internalRole.iterator();
                Iterator it2 = interfaceRole.iterator();
                while (it.hasNext()) {
                    z = z || ((J2EERole) it.next()).getCn().equalsIgnoreCase(str);
                }
                while (it2.hasNext()) {
                    z = z || ((J2EERole) it2.next()).getCn().equalsIgnoreCase(str);
                }
                if (!z) {
                    attribute.add(str);
                }
            }
        }
        return attribute;
    }

    public Attribute removeRolesFromUser(User user, Attribute attribute) throws NamingException {
        List roles = user.getRoles();
        Vector vector = new Vector();
        NamingEnumeration all = attribute.getAll();
        while (all.hasMoreElements()) {
            String str = (String) all.nextElement();
            if (!roles.contains(str)) {
                vector.add(str);
            }
        }
        if (vector != null) {
            for (int i = 0; i < vector.size(); i++) {
                attribute.remove((String) vector.get(i));
            }
        }
        return attribute;
    }

    private Attributes getRoleAttributes(J2EERole j2EERole) {
        return updateRoleAttributes(new BasicAttributes(), j2EERole);
    }

    private Attributes updateRoleAttributes(BasicAttributes basicAttributes, J2EERole j2EERole) {
        basicAttributes.put(this.roleCNAttribute, j2EERole.getCn());
        basicAttributes.put(this.roleDescription, j2EERole.getDescription());
        basicAttributes.put(this.roleDisplayName, j2EERole.getDisplayname());
        if (j2EERole.getType() == null) {
            j2EERole.setType("CUSTOMIZED");
        }
        basicAttributes.put(this.roleType, j2EERole.getType());
        BasicAttribute basicAttribute = basicAttributes.get("objectClass");
        if (basicAttribute == null) {
            BasicAttribute basicAttribute2 = new BasicAttribute("objectClass");
            basicAttribute = basicAttribute2;
            basicAttributes.put(basicAttribute2);
        }
        basicAttribute.add(NESTING_GROUP_CLASS);
        basicAttribute.add(FILTERING_GROUP_CLASS);
        basicAttribute.add(ROLE_CLASS);
        if (j2EERole.getType().equalsIgnoreCase("CUSTOMIZED") || j2EERole.getType().equalsIgnoreCase("HIDDEN")) {
            basicAttributes.put(GROUP_ATTRIBUTE, new StringBuffer().append("ldap:///").append(this.root).append("??sub?roleA=").append(j2EERole.getCn()).toString());
        }
        return basicAttributes;
    }

    private void addRoleNesting(DirContext dirContext, String str, List list) throws NamingException {
        String stringBuffer = new StringBuffer().append(this.roleCNAttribute).append("=").append(str).append(",").append(this.root).toString();
        if (list == null || dirContext == null) {
            return;
        }
        for (int i = 0; i < list.size(); i++) {
            String str2 = (String) list.get(i);
            Attribute attribute = dirContext.getAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(str2).toString()).get(IBM_GROUP_ATTRIBUTE);
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                boolean z = false;
                while (all.hasMoreElements()) {
                    if (((String) all.nextElement()).equalsIgnoreCase(stringBuffer)) {
                        z = true;
                    }
                }
                if (!z) {
                    attribute.add(stringBuffer);
                    BasicAttributes basicAttributes = new BasicAttributes();
                    basicAttributes.put(attribute);
                    dirContext.modifyAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(str2).toString(), 2, basicAttributes);
                }
            } else {
                BasicAttribute basicAttribute = new BasicAttribute(IBM_GROUP_ATTRIBUTE, stringBuffer);
                BasicAttributes basicAttributes2 = new BasicAttributes();
                basicAttributes2.put(basicAttribute);
                dirContext.modifyAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(str2).toString(), 1, basicAttributes2);
            }
        }
    }

    private void removeRoleNesting(DirContext dirContext, String str, List list) throws NamingException {
        String stringBuffer = new StringBuffer().append(this.roleCNAttribute).append("=").append(str).append(",").append(this.root).toString();
        Collection interfaceRole = getInterfaceRole(dirContext);
        if (interfaceRole == null || dirContext == null) {
            return;
        }
        Iterator it = interfaceRole.iterator();
        while (it.hasNext()) {
            String cn = ((J2EERole) it.next()).getCn();
            Attribute attribute = dirContext.getAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(cn).toString()).get(IBM_GROUP_ATTRIBUTE);
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (true) {
                    if (all.hasMoreElements()) {
                        if (stringBuffer.equalsIgnoreCase((String) all.nextElement()) && !list.contains(cn)) {
                            attribute.remove(stringBuffer);
                            BasicAttributes basicAttributes = new BasicAttributes();
                            basicAttributes.put(attribute);
                            dirContext.modifyAttributes(new StringBuffer().append(this.nameAttribute).append("=").append(cn).toString(), 2, basicAttributes);
                            break;
                        }
                    }
                }
            }
        }
    }

    private Enumeration getRoleByType(DirContext dirContext, String str) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        return dirContext.search("", new StringBuffer().append("(&(objectclass=ibm-nestedGroup)(roleType=").append(str).append("))").toString(), searchControls);
    }

    private Enumeration getRoleByTypeAndName(DirContext dirContext, String str, String str2) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        return dirContext.search("", new StringBuffer().append("(&(&(objectclass=ibm-nestedGroup)(roleType=").append(str).append("))(cn=").append(str2).append("))").toString(), searchControls);
    }

    private String getCNFromDN(String str, String str2) {
        String stringBuffer = new StringBuffer().append(str2).append("=").toString();
        int indexOf = str.indexOf(stringBuffer.toUpperCase());
        int indexOf2 = str.indexOf(",");
        if (indexOf < 0) {
            indexOf = str.indexOf(stringBuffer.toLowerCase());
        }
        if (indexOf < 0 || indexOf2 <= 0) {
            return null;
        }
        return str.substring(indexOf + stringBuffer.length(), indexOf2);
    }

    public synchronized void initialize() throws KanahaSystemException, CryptoException {
        Element userFactoryConfig = XmlSetting.getUserFactoryConfig();
        if (userFactoryConfig == null) {
            log.fatal("Could not read the user-factory.xml configuration");
            throw new KanahaSystemException(ErrorCode.COPCOM032EccInvalidconfigur_xmlconfiguration);
        }
        this.root = userFactoryConfig.getChildText("root");
        Element child = userFactoryConfig.getChild(UserFactory.USER_OBJECT);
        if (child != null) {
            this.nameAttribute = child.getChildText("name");
        }
    }

    @Override // com.thinkdynamics.users.LdapRole
    public Collection getInterfaceRole(DirContext dirContext) throws NamingException {
        this.enumOfInterfaceRoles = getRoleByType(dirContext, "INTERFACE");
        ArrayList arrayList = new ArrayList();
        while (this.enumOfInterfaceRoles.hasMoreElements()) {
            arrayList.add(this.enumOfInterfaceRoles.nextElement());
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < arrayList.size(); i++) {
            hashSet.add(loadRole(dirContext, ((SearchResult) arrayList.get(i)).getAttributes()));
        }
        this.enumOfInterfaceRoles = null;
        return hashSet;
    }

    public J2EERole loadRole(DirContext dirContext, Attributes attributes) throws NamingException {
        J2EERole loadLDAPRole = super.loadLDAPRole(attributes);
        Attribute attribute = attributes.get(IBM_GROUP_ATTRIBUTE);
        if (attribute != null) {
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                String str = (String) all.nextElement();
                if (str != null) {
                    loadLDAPRole.getImmediateMembers().add(super.loadLDAPRole(dirContext.getAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(getCNFromDN(str, this.roleCNAttribute)).toString())));
                }
            }
        }
        Attribute attribute2 = attributes.get(IBM_ALL_MEMBER);
        if (attribute2 != null) {
            NamingEnumeration all2 = attribute2.getAll();
            while (all2.hasMoreElements()) {
                String str2 = (String) all2.nextElement();
                if (str2 != null) {
                    loadLDAPRole.getImmediateUserMembers().add(new User(getCNFromDN(str2, this.roleCNAttribute)));
                }
            }
        }
        loadLDAPRole.getImmediateInterfaceParent().addAll(getImmediateInterfaceParent(dirContext, getAttribute(attributes, this.roleCNAttribute)));
        loadLDAPRole.getImmediateCustomizableParent().addAll(getImmediateCustomizableParent(dirContext, getAttribute(attributes, this.roleCNAttribute)));
        return loadLDAPRole;
    }

    private Collection getImmediateInterfaceParent(DirContext dirContext, String str) throws NamingException {
        Enumeration roleByType = this.enumOfInterfaceRoles != null ? this.enumOfInterfaceRoles : getRoleByType(dirContext, "INTERFACE");
        HashSet hashSet = new HashSet();
        while (roleByType.hasMoreElements()) {
            Attributes attributes = ((SearchResult) roleByType.nextElement()).getAttributes();
            Attribute attribute = attributes.get(IBM_GROUP_ATTRIBUTE);
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMoreElements()) {
                    String str2 = (String) all.nextElement();
                    if (str2 != null && getCNFromDN(str2, this.roleCNAttribute).equalsIgnoreCase(str)) {
                        hashSet.add(super.loadLDAPRole(attributes));
                    }
                }
            }
        }
        return hashSet;
    }

    private Collection getImmediateCustomizableParent(DirContext dirContext, String str) throws NamingException {
        Enumeration roleByType = this.enumOfCustomizedRole != null ? this.enumOfCustomizedRole : getRoleByType(dirContext, "CUSTOMIZED");
        HashSet hashSet = new HashSet();
        while (roleByType.hasMoreElements()) {
            Attributes attributes = ((SearchResult) roleByType.nextElement()).getAttributes();
            Attribute attribute = attributes.get(IBM_GROUP_ATTRIBUTE);
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMoreElements()) {
                    String str2 = (String) all.nextElement();
                    if (str2 != null && getCNFromDN(str2, this.roleCNAttribute).equalsIgnoreCase(str)) {
                        hashSet.add(super.loadLDAPRole(attributes));
                    }
                }
            }
        }
        return hashSet;
    }

    @Override // com.thinkdynamics.users.LdapRole
    public Collection getInternalRole(DirContext dirContext) throws NamingException {
        if (dirContext == null) {
            return null;
        }
        Enumeration roleByType = getRoleByType(dirContext, "INTERNAL");
        HashSet hashSet = new HashSet();
        while (roleByType.hasMoreElements()) {
            hashSet.add(loadRole(dirContext, ((SearchResult) roleByType.nextElement()).getAttributes()));
        }
        return hashSet;
    }

    @Override // com.thinkdynamics.users.LdapRole
    public void createRole(DirContext dirContext, J2EERole j2EERole) throws NamingException {
        dirContext.bind(new StringBuffer().append(this.nameAttribute).append("=").append(j2EERole.getCn()).toString(), (Object) null, getRoleAttributes(j2EERole));
    }

    public void updateRole(DirContext dirContext, J2EERole j2EERole, List list) throws NamingException {
        Attributes roleAttributes = getRoleAttributes(j2EERole);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ModificationItem(2, roleAttributes.get(this.roleDescription)));
        arrayList.add(new ModificationItem(2, roleAttributes.get(this.roleDisplayName)));
        arrayList.add(new ModificationItem(2, roleAttributes.get(this.roleType)));
        dirContext.modifyAttributes(new StringBuffer().append(this.nameAttribute).append("=").append(j2EERole.getCn()).toString(), (ModificationItem[]) arrayList.toArray(new ModificationItem[arrayList.size()]));
        setRoleToRoles(dirContext, j2EERole.getCn(), list);
    }

    @Override // com.thinkdynamics.users.LdapRole
    public void deleteRole(DirContext dirContext, DirContext dirContext2, String str) throws NamingException {
        removeRoleReference(dirContext, dirContext2, str);
        dirContext.unbind(new StringBuffer().append(this.nameAttribute).append("=").append(str).toString());
    }

    private void removeRoleReference(DirContext dirContext, DirContext dirContext2, String str) throws NamingException {
        IbmDSLdapUser ibmDSLdapUser = new IbmDSLdapUser();
        ibmDSLdapUser.initialize();
        J2EERole findRole = findRole(dirContext, str);
        Attributes findRoleAttrs = findRoleAttrs(dirContext, str);
        if (findRoleAttrs != null) {
            Attribute attribute = findRoleAttrs.get(IBM_GROUP_ATTRIBUTE);
            ArrayList arrayList = new ArrayList();
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMoreElements()) {
                    String str2 = (String) all.nextElement();
                    if (str2 != null) {
                        arrayList.add(getCNFromDN(str2, this.roleCNAttribute));
                    }
                }
            }
            arrayList.add(str);
            Iterator it = findRole.getImmediateUserMembers().iterator();
            while (it.hasNext()) {
                User findUser = ibmDSLdapUser.findUser(dirContext, dirContext2, ((User) it.next()).getName());
                removeRoleInList(findUser.getRoles(), arrayList);
                ibmDSLdapUser.updateUser(dirContext, dirContext2, findUser);
            }
        }
    }

    private void removeRoleInList(List list, ArrayList arrayList) {
        int i = 0;
        while (i < list.size()) {
            String str = (String) list.get(i);
            int i2 = 0;
            while (true) {
                if (i2 < arrayList.size()) {
                    if (str.equalsIgnoreCase((String) arrayList.get(i2))) {
                        list.remove(i);
                        i--;
                        break;
                    }
                    i2++;
                }
            }
            i++;
        }
    }

    private Attributes findRoleAttrs(DirContext dirContext, String str) throws NamingException {
        String[] strArr = {this.roleCNAttribute, this.roleDisplayName, this.roleType, this.roleDescription, GROUP_ATTRIBUTE, IBM_GROUP_ATTRIBUTE, IBM_ALL_MEMBER};
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(strArr);
        NamingEnumeration search = dirContext.search("", new StringBuffer().append("(&(").append(this.roleCNAttribute).append("=").append(str).append("))").toString(), searchControls);
        if (search.hasMoreElements()) {
            return ((SearchResult) search.next()).getAttributes();
        }
        return null;
    }

    @Override // com.thinkdynamics.users.LdapRole
    public J2EERole findRole(DirContext dirContext, String str) throws NamingException {
        Attributes findRoleAttrs = findRoleAttrs(dirContext, str);
        if (findRoleAttrs == null) {
            return null;
        }
        return loadRole(dirContext, findRoleAttrs);
    }

    public void addRoleToRoles(DirContext dirContext, String str, List list) throws NamingException {
        addRoleNesting(dirContext, str, list);
    }

    public void setRoleToRoles(DirContext dirContext, String str, List list) throws NamingException {
        removeRoleNesting(dirContext, str, list);
        addRoleNesting(dirContext, str, list);
    }

    public void removeRoleFromRoles(DirContext dirContext, String str, List list) throws NamingException {
        String stringBuffer = new StringBuffer().append(this.roleCNAttribute).append("=").append(str).append(",").append(this.root).toString();
        if (dirContext != null) {
            for (int i = 0; i < list.size(); i++) {
                String str2 = (String) list.get(i);
                Attribute attribute = dirContext.getAttributes(new StringBuffer().append(this.roleCNAttribute).append("=").append(str2).toString()).get(IBM_GROUP_ATTRIBUTE);
                if (attribute != null) {
                    NamingEnumeration all = attribute.getAll();
                    while (true) {
                        if (all.hasMoreElements()) {
                            if (stringBuffer.equalsIgnoreCase((String) all.nextElement())) {
                                attribute.remove(stringBuffer);
                                BasicAttributes basicAttributes = new BasicAttributes();
                                basicAttributes.put(attribute);
                                dirContext.modifyAttributes(new StringBuffer().append(this.nameAttribute).append("=").append(str2).toString(), 2, basicAttributes);
                                break;
                            }
                        }
                    }
                }
            }
        }
    }

    public Attribute updateUserRoles(DirContext dirContext, User user, Attribute attribute) throws NamingException {
        return attachUserToRoles(dirContext, user, removeRolesFromUser(user, attribute));
    }

    public Collection getCustomizableRole(DirContext dirContext) throws NamingException {
        if (dirContext == null) {
            return null;
        }
        this.enumOfCustomizedRole = getRoleByType(dirContext, "CUSTOMIZED");
        ArrayList arrayList = new ArrayList();
        while (this.enumOfCustomizedRole.hasMoreElements()) {
            arrayList.add(this.enumOfCustomizedRole.nextElement());
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < arrayList.size(); i++) {
            hashSet.add(loadRole(dirContext, ((SearchResult) arrayList.get(i)).getAttributes()));
        }
        this.enumOfCustomizedRole = null;
        return hashSet;
    }

    public J2EERole getCustomizableRoleByName(DirContext dirContext, String str) throws NamingException {
        if (dirContext == null) {
            return null;
        }
        Enumeration roleByTypeAndName = getRoleByTypeAndName(dirContext, "CUSTOMIZED", str);
        if (roleByTypeAndName.hasMoreElements()) {
            return loadRole(dirContext, ((SearchResult) roleByTypeAndName.nextElement()).getAttributes());
        }
        return null;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$thinkdynamics$users$IbmDSLdapUser == null) {
            cls = class$("com.thinkdynamics.users.IbmDSLdapUser");
            class$com$thinkdynamics$users$IbmDSLdapUser = cls;
        } else {
            cls = class$com$thinkdynamics$users$IbmDSLdapUser;
        }
        log = TIOLogger.getTIOLogger(cls);
    }
}
