package com.ibm.tivoli.orchestrator.datamigration.MSAD;

import com.ibm.tivoli.orchestrator.datamigration.Configuration;
import com.ibm.tivoli.orchestrator.datamigration.LDAP.LdapMigrationSystemException;
import com.ibm.tivoli.orchestrator.webui.taglib.StatusBarTag;
import com.thinkdynamics.kanaha.util.exception.ErrorCode;
import com.thinkdynamics.kanaha.util.logging.TIOLogger;
import com.thinkdynamics.users.J2EERole;
import com.thinkdynamics.users.MSADLdapRole;
import com.thinkdynamics.users.MSADLdapUser;
import com.thinkdynamics.users.User;
import com.thinkdynamics.users.UserFactoryException;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import org.jdom.Element;
import org.jdom.JDOMException;
import org.jdom.input.SAXBuilder;

/* loaded from: input_file:installer/IY99249.jar:efixes/IY99249/components/tpm/update.jar:/lib/datamigration.jar:com/ibm/tivoli/orchestrator/datamigration/MSAD/MSADMigration.class */
public class MSADMigration {
    public static final String IBM_COPYRIGHT = "Licensed Materials - Property of IBM\n5724-F75\n(C) Copyright IBM Corp.  2003, 2004, 2005\nAll Rights Reserved\nUS Government Users Restricted Rights -Use, duplication or \ndisclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static TIOLogger log;
    private String homePath;
    private String hostname;
    private String principalDN;
    private String password;
    private String baseDN;
    private Element root = null;
    private int port;
    private boolean ssl;
    private static final String ROLES_ELEMENT = "Roles";
    private static final String ROLE_ELEMENT = "Role";
    private static final String USERS_ELEMENT = "Users";
    private static final String USER_ELEMENT = "User";
    private MSADLdapRole roleManagement;
    private MSADLdapUser userManagement;
    private static final String TIOV21_TCAdamin = "TCAdmin";
    private static final String TIOV21_TCOperatingModeController = "TCOperatingModeController";
    private static final String TIOV21_TCdcmOperator = "TCdcmOperator";
    private static final String TIOV21_TCClusterAndPoolManager = "TCClusterAndPoolManager";
    private static final String TIOV21_TCMonitorAndAdvisor = "TCMonitorAndAdvisor";
    private static final String TIOV21_TCServiceSubscriber = "TCServiceSubscriber";
    private static final String TIOV31_Admin = "Admin";
    private static final String TIOV31_DataCenterOperator = "DCMOperator";
    private static final String TIOV31_OperatingModeController = "OperatingModeController";
    private static final String TIOV31_MonitorAdvisor = "MonitorAdvisor";
    private static final String TIOV31_ClusterPoolManager = "ClusterPoolManager";
    private static final String TIOV31_ServiceSubscriber = "ServiceSubscriber";
    private static final String CN_ATTRIBUTE_OPERAND = "cn";
    private static final String ROLE_ATTRIBUTE_NAME = "role";
    private static final String DATA_FILE = "MSAD_Migration_Roles.xml";
    static Class class$com$ibm$tivoli$orchestrator$datamigration$MSAD$MSADMigration;

    private synchronized Hashtable msadConnectionHelper() {
        Hashtable hashtable = new Hashtable();
        String stringBuffer = new StringBuffer().append("ldap://").append(this.hostname).append(":").append(this.port).append("/").append(this.baseDN).toString();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", stringBuffer);
        if (this.ssl) {
            hashtable.put("java.naming.security.protocol", "ssl");
        }
        hashtable.put("java.naming.security.authentication", StatusBarTag.SIMPLE);
        hashtable.put("java.naming.security.principal", this.principalDN);
        hashtable.put("java.naming.security.credentials", this.password);
        return hashtable;
    }

    private Element getXMLRootElement(String str) {
        try {
            return new SAXBuilder().build(new StringBuffer().append(Configuration.getConfigDir()).append(str).toString()).getRootElement();
        } catch (IOException e) {
            throw new LdapMigrationSystemException(e);
        } catch (JDOMException e2) {
            throw new LdapMigrationSystemException(e2);
        }
    }

    private Element getRolesElement() {
        return this.root.getChild(ROLES_ELEMENT);
    }

    private Element getUsersElement() {
        return this.root.getChild(USERS_ELEMENT);
    }

    private void init() {
        if (this.homePath == null || this.homePath.trim().length() <= 0) {
            return;
        }
        this.homePath = this.homePath.trim();
        if (!this.homePath.endsWith("\\") && !this.homePath.endsWith("/")) {
            this.homePath = new StringBuffer().append(this.homePath).append(File.separator).toString();
        }
        Configuration.setConfigDir(new StringBuffer().append(this.homePath).append("config").append(File.separator).toString());
        this.root = getXMLRootElement(DATA_FILE);
    }

    private void createRole(DirContext dirContext, J2EERole j2EERole) {
        try {
            this.roleManagement.createRole(dirContext, j2EERole);
        } catch (NamingException e) {
            UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e.getMessage(), e);
            log.error(userFactoryException.getMessage(), userFactoryException);
            throw userFactoryException;
        }
    }

    private void updateRole(DirContext dirContext, J2EERole j2EERole, List list) {
        try {
            this.roleManagement.updateRole(dirContext, j2EERole, list);
        } catch (NamingException e) {
            UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e.getMessage(), e);
            log.error(userFactoryException.getMessage(), userFactoryException);
            throw userFactoryException;
        }
    }

    private void removeBACHRoles(DirContext dirContext) {
        try {
            this.roleManagement.deleteRole(dirContext, null, "TCAdmin");
            this.roleManagement.deleteRole(dirContext, null, TIOV21_TCOperatingModeController);
            this.roleManagement.deleteRole(dirContext, null, TIOV21_TCdcmOperator);
            this.roleManagement.deleteRole(dirContext, null, TIOV21_TCClusterAndPoolManager);
            this.roleManagement.deleteRole(dirContext, null, TIOV21_TCMonitorAndAdvisor);
            this.roleManagement.deleteRole(dirContext, null, TIOV21_TCServiceSubscriber);
        } catch (NamingException e) {
            UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e.getMessage(), e);
            log.error(userFactoryException.getMessage(), userFactoryException);
            throw userFactoryException;
        }
    }

    private void removeRoleAttribute(DirContext dirContext, User user) throws NamingException {
        if (dirContext.getAttributes(new StringBuffer().append("cn=").append(user.getName()).toString()).get("role") != null) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new ModificationItem(3, new BasicAttribute("role")));
            dirContext.modifyAttributes(new StringBuffer().append("cn=").append(user.getName()).toString(), (ModificationItem[]) arrayList.toArray(new ModificationItem[arrayList.size()]));
        }
    }

    private void createNewRoles(DirContext dirContext) {
        if (this.root == null || getRolesElement() == null) {
            return;
        }
        List children = getRolesElement().getChildren(ROLE_ELEMENT);
        for (int i = 0; i < children.size(); i++) {
            Element element = (Element) children.get(i);
            String attributeValue = element.getAttributeValue(CN_ATTRIBUTE_OPERAND);
            String attributeValue2 = element.getAttributeValue("update");
            String attributeValue3 = element.getAttributeValue("roleType");
            String childText = element.getChildText("displayName");
            String childText2 = element.getChildText("description");
            List children2 = element.getChildren("memberOf");
            ArrayList arrayList = new ArrayList();
            for (int i2 = 0; i2 < children2.size(); i2++) {
                arrayList.add(((Element) children2.get(i2)).getText());
            }
            J2EERole j2EERole = new J2EERole(attributeValue);
            j2EERole.setDescription(childText2);
            j2EERole.setDisplayname(childText);
            j2EERole.setType(attributeValue3);
            log.info(new StringBuffer().append("Adding role or permission: ").append(attributeValue).toString());
            if (attributeValue2 == null || !attributeValue2.equalsIgnoreCase("true")) {
                createRole(dirContext, j2EERole);
                updateRole(dirContext, j2EERole, arrayList);
            }
        }
    }

    private void updateUsers(DirContext dirContext) {
        try {
            for (User user : this.userManagement.findAllUsers(dirContext, null)) {
                migrateUserRoles(user);
                this.userManagement.updateUser(dirContext, null, user);
                removeRoleAttribute(dirContext, user);
            }
            if (this.root != null && getUsersElement() != null) {
                List children = getUsersElement().getChildren(ROLE_ELEMENT);
                for (int i = 0; i < children.size(); i++) {
                    User findUser = this.userManagement.findUser(dirContext, null, ((Element) children.get(i)).getAttributeValue(CN_ATTRIBUTE_OPERAND));
                    migrateUserRoles(findUser);
                    this.userManagement.updateUser(dirContext, null, findUser);
                    removeRoleAttribute(dirContext, findUser);
                }
            }
        } catch (NamingException e) {
            UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e.getMessage(), e);
            log.error(userFactoryException.getMessage(), userFactoryException);
            throw userFactoryException;
        } catch (UnsupportedEncodingException e2) {
            UserFactoryException userFactoryException2 = new UserFactoryException(ErrorCode.COPCOM132EuiLdapError, e2.getMessage(), e2);
            log.error(userFactoryException2.getMessage(), userFactoryException2);
            throw userFactoryException2;
        }
    }

    private void migrateUserRoles(User user) {
        List roles = user.getRoles();
        if (user.isInRole("TCAdmin")) {
            roles.add(TIOV31_Admin);
            return;
        }
        if (user.isInRole(TIOV21_TCMonitorAndAdvisor)) {
            roles.add(TIOV31_MonitorAdvisor);
        }
        if (user.isInRole(TIOV21_TCOperatingModeController)) {
            roles.add(TIOV31_OperatingModeController);
        }
        if (user.isInRole(TIOV21_TCClusterAndPoolManager)) {
            roles.add(TIOV31_ClusterPoolManager);
        }
        if (user.isInRole(TIOV21_TCServiceSubscriber)) {
            roles.add(TIOV31_ServiceSubscriber);
        }
        if (user.isInRole(TIOV21_TCdcmOperator)) {
            roles.add(TIOV31_DataCenterOperator);
        }
    }

    private synchronized DirContext getConnection() {
        InitialDirContext initialDirContext = null;
        try {
            initialDirContext = new InitialDirContext(msadConnectionHelper());
        } catch (NamingException e) {
            UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM138EuiUserGeneric, (Throwable) e);
            log.error(userFactoryException.getMessage(), userFactoryException);
        }
        return initialDirContext;
    }

    public synchronized void releaseContext(DirContext dirContext) {
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (NamingException e) {
                UserFactoryException userFactoryException = new UserFactoryException(ErrorCode.COPCOM138EuiUserGeneric, (Throwable) e);
                log.error(userFactoryException.getMessage(), userFactoryException);
            }
        }
    }

    public void performMigration() {
        DirContext connection = getConnection();
        try {
            createNewRoles(connection);
            updateUsers(connection);
            removeBACHRoles(connection);
            log.info("MSAD migration finished successfully.");
        } finally {
            releaseContext(connection);
        }
    }

    public MSADMigration(String str, String str2, String str3, String str4, int i, boolean z, String str5) {
        this.homePath = null;
        this.hostname = null;
        this.principalDN = null;
        this.password = null;
        this.baseDN = null;
        this.port = 0;
        this.ssl = false;
        this.roleManagement = null;
        this.userManagement = null;
        this.homePath = str;
        this.hostname = str2;
        this.principalDN = str3;
        this.password = str4;
        this.port = i;
        this.ssl = z;
        this.baseDN = str5;
        this.userManagement = new MSADLdapUser();
        this.userManagement.initialize();
        this.roleManagement = new MSADLdapRole();
        this.roleManagement.initialize();
        init();
    }

    public static void main(String[] strArr) {
        String message = ErrorCode.COPUTL013EUsageForMSADMigration.getMessage();
        if (strArr.length != 7) {
            System.out.println(message);
        } else {
            new MSADMigration(strArr[0], strArr[1], strArr[2], strArr[3], Integer.parseInt(strArr[4]), strArr[5].equalsIgnoreCase("true"), strArr[6]).performMigration();
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$tivoli$orchestrator$datamigration$MSAD$MSADMigration == null) {
            cls = class$("com.ibm.tivoli.orchestrator.datamigration.MSAD.MSADMigration");
            class$com$ibm$tivoli$orchestrator$datamigration$MSAD$MSADMigration = cls;
        } else {
            cls = class$com$ibm$tivoli$orchestrator$datamigration$MSAD$MSADMigration;
        }
        log = TIOLogger.getTIOLogger(cls);
    }
}
