package com.ibm.tivoli.orchestrator.datamigration.IDS;

import com.ibm.tivoli.orchestrator.datamigration.Configuration;
import com.ibm.tivoli.orchestrator.datamigration.LDAP.LdapMigrationSystemException;
import com.thinkdynamics.kanaha.util.exception.ErrorCode;
import com.thinkdynamics.kanaha.util.logging.TIOLogger;
import com.thinkdynamics.users.IbmDSLdapContext;
import com.thinkdynamics.users.J2EEPermission;
import com.thinkdynamics.users.J2EERole;
import com.thinkdynamics.users.User;
import com.thinkdynamics.users.UserFactoryException;
import com.tivoli.framework.TMF_Administrator.name;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import org.jdom.Element;

/* loaded from: input_file:installer/IY99249.jar:efixes/IY99249/components/tpm/update.jar:/lib/datamigration.jar:com/ibm/tivoli/orchestrator/datamigration/IDS/IDSCoexistMigration.class */
public class IDSCoexistMigration extends IDSMigrationV31 {
    public static final String IBM_COPYRIGHT = "Licensed Materials - Property of IBM\n5724-F75\n(C) Copyright IBM Corp.  2003, 2004, 2005\nAll Rights Reserved\nUS Government Users Restricted Rights -Use, duplication or \ndisclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static TIOLogger log;
    private static String PWD_POLICY;
    private static String PWD_POLICY_ATTRIBUTE;
    private LdapConnectionMetadata sourceLdapConnectionMetadata;
    private LdapConnectionMetadata targetLdapConnectionMetadata;
    private String pwdPloicyEnabled;
    static Class class$com$ibm$tivoli$orchestrator$datamigration$IDS$IDSCoexistMigration;

    @Override // com.ibm.tivoli.orchestrator.datamigration.IDS.IDSMigrationV31
    protected void checkStateOfMigration() {
        J2EERole tIOV31Role = getTIOV31Role();
        if (tIOV31Role != null) {
            String displayname = tIOV31Role.getDisplayname();
            if (displayname.equalsIgnoreCase("TIOVersion31_COEXIST_DONE")) {
                throw new LDAPAlreadyMigratedException("V31");
            }
            if (!displayname.equalsIgnoreCase("TIOVersion31_MIGRATION_REQUIRED") && !displayname.equalsIgnoreCase("TIOVersion31_COEXIST_INPROGRESS")) {
                throw new CoexistMigrationCannotBeRun();
            }
        }
    }

    private void updateUserHelper(User user) {
        List roles = user.getRoles();
        int i = 0;
        while (i < roles.size()) {
            String str = (String) roles.get(i);
            if (str.startsWith("cn=") || str.startsWith("cn=".toUpperCase())) {
                roles.remove(i);
                i--;
            }
            i++;
        }
        if (user.isInRole(J2EEPermission.TCADMIN)) {
            roles.add(name.value);
            return;
        }
        if (user.isInRole("TCMonitorAndAdvisor")) {
            roles.add("MonitorAdvisor");
        }
        if (user.isInRole("TCOperatingModeController")) {
            roles.add("OperatingModeController");
        }
        if (user.isInRole("TCClusterAndPoolManager")) {
            roles.add("ClusterPoolManager");
        }
        if (user.isInRole("TCServiceSubscriber")) {
            roles.add("ServiceSubscriber");
        }
        if (user.isInRole("TCdcmOperator")) {
            roles.add("DCMOperator");
        }
    }

    private void checkSuffixConsistency() {
        IbmDSLdapContext.initialize();
        if (!this.targetLdapConnectionMetadata.getDomain().equalsIgnoreCase(IbmDSLdapContext.getRoot())) {
            throw new CoexistMigrationCannotBeRun();
        }
    }

    @Override // com.ibm.tivoli.orchestrator.datamigration.IDS.IDSMigrationV31
    protected void checkLDAPHealth(DirContext dirContext, DirContext dirContext2) {
        if (dirContext == null || dirContext2 == null) {
            throw new CoexistMigrationCannotBeRun();
        }
        if (((IDSCustRoleAndUserFactoryForMigration) this.sourceUserFactory).findUser("wasadmin") == null || ((IDSCustRoleAndUserFactoryForMigration) this.sourceUserFactory).findUser("tiointernal") == null) {
            throw new CoexistMigrationCannotBeRun();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.tivoli.orchestrator.datamigration.IDS.IDSMigrationV31
    public void addNewRoles() {
        if (this.sourceLdapConnectionMetadata.getDomain().equalsIgnoreCase(this.targetLdapConnectionMetadata.getDomain())) {
            updateAndAddNewRoles();
        } else {
            super.addNewRoles();
        }
    }

    private void updateAndAddNewRoles() {
        if (this.root == null || getRolesElement() == null) {
            return;
        }
        List children = getRolesElement().getChildren("Role");
        IDSCustRoleAndUserFactoryForMigration iDSCustRoleAndUserFactoryForMigration = (IDSCustRoleAndUserFactoryForMigration) this.targetUserFactory;
        for (int i = 0; i < children.size(); i++) {
            Element element = (Element) children.get(i);
            String attributeValue = element.getAttributeValue("cn");
            String attributeValue2 = element.getAttributeValue("update");
            String attributeValue3 = element.getAttributeValue("roleType");
            String childText = element.getChildText("displayName");
            String childText2 = element.getChildText("description");
            List children2 = element.getChildren("ibm-memberGroup");
            ArrayList arrayList = new ArrayList();
            for (int i2 = 0; i2 < children2.size(); i2++) {
                arrayList.add(((Element) children2.get(i2)).getText());
            }
            J2EERole j2EERole = new J2EERole(attributeValue);
            j2EERole.setDescription(childText2);
            j2EERole.setDisplayname(childText);
            j2EERole.setType(attributeValue3);
            log.info(new StringBuffer().append("Adding role or permission: ").append(attributeValue).toString());
            if (attributeValue2 == null || !attributeValue2.equalsIgnoreCase("true")) {
                iDSCustRoleAndUserFactoryForMigration.createRole(j2EERole);
                iDSCustRoleAndUserFactoryForMigration.updateRole(j2EERole, arrayList);
            }
        }
    }

    private void updateExistingUsers(DirContext dirContext, DirContext dirContext2) {
        if (this.sourceLdapConnectionMetadata.getDomain().equalsIgnoreCase(this.targetLdapConnectionMetadata.getDomain())) {
            updateUserOnly(dirContext2);
        } else {
            moveUsers(dirContext, dirContext2);
        }
    }

    private void moveUsers(DirContext dirContext, DirContext dirContext2) {
        IDSCustRoleAndUserFactoryForMigration iDSCustRoleAndUserFactoryForMigration = (IDSCustRoleAndUserFactoryForMigration) this.sourceUserFactory;
        IDSCustRoleAndUserFactoryForMigration iDSCustRoleAndUserFactoryForMigration2 = (IDSCustRoleAndUserFactoryForMigration) this.targetUserFactory;
        for (User user : iDSCustRoleAndUserFactoryForMigration.findAllUsers()) {
            updateUserHelper(user);
            getPassword(dirContext, user);
            removeBachRole(user);
            iDSCustRoleAndUserFactoryForMigration2.createNewUser(user);
            fixRoleCase(dirContext2, user);
        }
        User findUser = iDSCustRoleAndUserFactoryForMigration.findUser("wasadmin");
        updateUserHelper(findUser);
        getPassword(dirContext, findUser);
        removeBachRole(findUser);
        iDSCustRoleAndUserFactoryForMigration2.createNewUser(findUser);
        fixRoleCase(dirContext2, findUser);
        User findUser2 = iDSCustRoleAndUserFactoryForMigration.findUser("tiointernal");
        updateUserHelper(findUser2);
        getPassword(dirContext, findUser2);
        removeBachRole(findUser2);
        iDSCustRoleAndUserFactoryForMigration2.createNewUser(findUser2);
        fixRoleCase(dirContext2, findUser2);
        User findUser3 = iDSCustRoleAndUserFactoryForMigration.findUser("tioldap");
        updateUserHelper(findUser3);
        getPassword(dirContext, findUser3);
        removeBachRole(findUser3);
        iDSCustRoleAndUserFactoryForMigration2.createNewUser(findUser3);
        fixRoleCase(dirContext2, findUser3);
        updatePasswordForHiddenUser();
    }

    private void updateUserOnly(DirContext dirContext) {
        IDSCustRoleAndUserFactoryForMigration iDSCustRoleAndUserFactoryForMigration = (IDSCustRoleAndUserFactoryForMigration) this.targetUserFactory;
        for (User user : iDSCustRoleAndUserFactoryForMigration.findAllUsers()) {
            updateUserHelper(user);
            iDSCustRoleAndUserFactoryForMigration.updateUser(user);
            fixRoleCase(dirContext, user);
        }
        User findUser = iDSCustRoleAndUserFactoryForMigration.findUser("wasadmin");
        updateUserHelper(findUser);
        iDSCustRoleAndUserFactoryForMigration.updateUser(findUser);
        fixRoleCase(dirContext, findUser);
        User findUser2 = iDSCustRoleAndUserFactoryForMigration.findUser("tiointernal");
        updateUserHelper(findUser2);
        iDSCustRoleAndUserFactoryForMigration.updateUser(findUser2);
        fixRoleCase(dirContext, findUser2);
        User findUser3 = iDSCustRoleAndUserFactoryForMigration.findUser("tioldap");
        updateUserHelper(findUser3);
        iDSCustRoleAndUserFactoryForMigration.updateUser(findUser3);
        fixRoleCase(dirContext, findUser3);
    }

    private void fixRoleCase(DirContext dirContext, User user) throws UserFactoryException {
        try {
            Attributes attributes = dirContext.getAttributes(new StringBuffer().append("cn=").append(user.getName()).toString(), new String[]{"cn", "roleA"});
            BasicAttribute basicAttribute = new BasicAttribute("roleA");
            Attribute attribute = attributes.get("roleA");
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMoreElements()) {
                    String str = (String) all.nextElement();
                    if (str.equalsIgnoreCase(J2EEPermission.TCADMIN)) {
                        basicAttribute.add(J2EEPermission.TCADMIN);
                    } else if (str.equalsIgnoreCase("TCOperatingModeController")) {
                        basicAttribute.add("TCOperatingModeController");
                    } else if (str.equalsIgnoreCase("TCdcmOperator")) {
                        basicAttribute.add("TCdcmOperator");
                    } else if (str.equalsIgnoreCase("TCClusterAndPoolManager")) {
                        basicAttribute.add("TCClusterAndPoolManager");
                    } else if (str.equalsIgnoreCase("TCMonitorAndAdvisor")) {
                        basicAttribute.add("TCMonitorAndAdvisor");
                    } else if (str.equalsIgnoreCase("TCsubsystem")) {
                        basicAttribute.add("TCsubsystem");
                    } else {
                        basicAttribute.add(str);
                    }
                }
                ArrayList arrayList = new ArrayList();
                arrayList.add(new ModificationItem(2, basicAttribute));
                dirContext.modifyAttributes(new StringBuffer().append("cn=").append(user.getName()).toString(), (ModificationItem[]) arrayList.toArray(new ModificationItem[arrayList.size()]));
            }
        } catch (NamingException e) {
            throw new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e.getMessage(), e);
        }
    }

    @Override // com.ibm.tivoli.orchestrator.datamigration.IDS.IDSMigrationV31
    public void performUpdate() {
        DirContext dirContext = null;
        DirContext dirContext2 = null;
        DirContext dirContext3 = null;
        DirContext dirContext4 = null;
        try {
            try {
                dirContext = IDSLdapConnection.getRootContext(this.targetLdapConnectionMetadata);
                dirContext2 = IDSLdapConnection.getContext(this.targetLdapConnectionMetadata);
                dirContext3 = IDSLdapConnection.getRootContext(this.sourceLdapConnectionMetadata);
                dirContext4 = IDSLdapConnection.getContext(this.sourceLdapConnectionMetadata);
                log.info("Co-existing migration started ....");
                checkTIOVersion();
                checkLDAPHealth(dirContext3, dirContext4);
                log.info("Co-existing migration: check suffix consistency");
                checkSuffixConsistency();
                log.info("Co-existing migration: check state of migration");
                checkStateOfMigration();
                log.info("Co-existing migration: disable password policy");
                checkAndChangePasswordPolicy(dirContext);
                log.info("Co-existing migration: add schema");
                addSchema(dirContext);
                addSuffixForCoexist(dirContext, this.targetLdapConnectionMetadata.getDomain());
                updateStatus("TIOVersion31_COEXIST_INPROGRESS");
                updateSharedRole();
                log.info("Co-existing migration: creating new roles");
                addNewRoles();
                log.info("Co-existing migration: updating existing users");
                updateExistingUsers(dirContext4, dirContext2);
                log.info("Co-existing migration: restore password policy");
                restorePasswordPolicy(dirContext);
                updateStatus("TIOVersion31_COEXIST_DONE");
                log.info("Co-existing migration finished");
                IDSLdapConnection.releaseContext(dirContext);
                IDSLdapConnection.releaseContext(dirContext2);
                IDSLdapConnection.releaseContext(dirContext3);
                IDSLdapConnection.releaseContext(dirContext4);
            } catch (NamingException e) {
                throw new LdapMigrationSystemException(e);
            }
        } catch (Throwable th) {
            IDSLdapConnection.releaseContext(dirContext);
            IDSLdapConnection.releaseContext(dirContext2);
            IDSLdapConnection.releaseContext(dirContext3);
            IDSLdapConnection.releaseContext(dirContext4);
            throw th;
        }
    }

    private void setChangePasswordPolicy(DirContext dirContext, Attribute attribute, String str) throws NamingException {
        attribute.set(0, str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ModificationItem(2, attribute));
        dirContext.modifyAttributes(new StringBuffer().append("cn=").append(PWD_POLICY).toString(), (ModificationItem[]) arrayList.toArray(new ModificationItem[arrayList.size()]));
    }

    private void checkAndChangePasswordPolicy(DirContext dirContext) throws NamingException {
        Attribute attribute = dirContext.getAttributes(new StringBuffer().append("cn=").append(PWD_POLICY).toString(), new String[]{"cn", PWD_POLICY_ATTRIBUTE}).get(PWD_POLICY_ATTRIBUTE);
        this.pwdPloicyEnabled = (String) attribute.get(0);
        if (this.pwdPloicyEnabled.equalsIgnoreCase("true")) {
            setChangePasswordPolicy(dirContext, attribute, "false");
        }
    }

    private void restorePasswordPolicy(DirContext dirContext) throws NamingException {
        Attribute attribute = dirContext.getAttributes(new StringBuffer().append("cn=").append(PWD_POLICY).toString(), new String[]{"cn", PWD_POLICY_ATTRIBUTE}).get(PWD_POLICY_ATTRIBUTE);
        if (this.pwdPloicyEnabled.equalsIgnoreCase((String) attribute.get(0))) {
            return;
        }
        setChangePasswordPolicy(dirContext, attribute, this.pwdPloicyEnabled);
    }

    private void addSuffixForCoexist(DirContext dirContext, String str) {
        if (this.sourceLdapConnectionMetadata.getDomain().equalsIgnoreCase(str)) {
            return;
        }
        addSuffix(dirContext, str);
    }

    private void updateSharedRole() {
        if (!this.sourceLdapConnectionMetadata.getDomain().equalsIgnoreCase(this.targetLdapConnectionMetadata.getDomain()) || this.root == null || getRolesElement() == null) {
            return;
        }
        List children = getRolesElement().getChildren("Role");
        IDSCustRoleAndUserFactoryForMigration iDSCustRoleAndUserFactoryForMigration = (IDSCustRoleAndUserFactoryForMigration) this.targetUserFactory;
        for (int i = 0; i < children.size(); i++) {
            Element element = (Element) children.get(i);
            String attributeValue = element.getAttributeValue("update");
            if (attributeValue != null && attributeValue.equalsIgnoreCase("true")) {
                iDSCustRoleAndUserFactoryForMigration.updateSharedRole(element);
            }
        }
    }

    private void init() {
        String str = this.homeLocation;
        if (str == null || str.trim().length() <= 0) {
            return;
        }
        String trim = str.trim();
        if (!trim.endsWith("\\") && !trim.endsWith("/")) {
            trim = new StringBuffer().append(trim).append(File.separator).toString();
        }
        Configuration.setConfigDir(new StringBuffer().append(trim).append("config").append(File.separator).toString());
        this.root = getXMLRootElement("IDS_Migration_NewRoles.xml");
    }

    public IDSCoexistMigration(String str, String str2, String str3, String str4, int i, boolean z, String str5, String str6) {
        super(str, str2, str3, str4, i, z, str5, str6);
        this.sourceLdapConnectionMetadata = null;
        this.targetLdapConnectionMetadata = null;
        this.pwdPloicyEnabled = "false";
        this.sourceLdapConnectionMetadata = new LdapConnectionMetadata(str, str2, str3, str4, i, z, str5);
        this.targetLdapConnectionMetadata = new LdapConnectionMetadata(str, str2, str3, str4, i, z, str6);
        init();
    }

    public static void main(String[] strArr) {
        String message = ErrorCode.COPUTL009EUsageForCoexistMigration.getMessage();
        if (strArr.length != 8) {
            System.out.println(message);
            return;
        }
        new IDSCoexistMigration(strArr[0], strArr[3], strArr[1], strArr[2], Integer.parseInt(strArr[4]), strArr[5].equalsIgnoreCase("true"), strArr[6], strArr[7]).performUpdate();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$tivoli$orchestrator$datamigration$IDS$IDSCoexistMigration == null) {
            cls = class$("com.ibm.tivoli.orchestrator.datamigration.IDS.IDSCoexistMigration");
            class$com$ibm$tivoli$orchestrator$datamigration$IDS$IDSCoexistMigration = cls;
        } else {
            cls = class$com$ibm$tivoli$orchestrator$datamigration$IDS$IDSCoexistMigration;
        }
        log = TIOLogger.getTIOLogger(cls);
        PWD_POLICY = "pwdpolicy";
        PWD_POLICY_ATTRIBUTE = "ibm-pwdpolicy";
    }
}
