package com.ibm.wps.command.xml.items;

import com.ibm.portal.ResourceType;
import com.ibm.wps.ac.ACManager;
import com.ibm.wps.ac.ACPrincipal;
import com.ibm.wps.ac.ActionSet;
import com.ibm.wps.ac.AuthorizationDataException;
import com.ibm.wps.command.CommandException;
import com.ibm.wps.command.ac.ExternalizeResourceCommand;
import com.ibm.wps.command.ac.ModifyOwnerCommand;
import com.ibm.wps.command.ac.ModifyResourceStateCommand;
import com.ibm.wps.command.ac.ModifyRoleBlocksCommand;
import com.ibm.wps.command.ac.QueryProtectedResourceCommand;
import com.ibm.wps.command.xml.ConfigItem;
import com.ibm.wps.command.xml.XmlCommandException;
import com.ibm.wps.command.xml.XmlCommandMessages;
import com.ibm.wps.command.xml.XmlFormatException;
import com.ibm.wps.command.xml.XmlUtils;
import com.ibm.wps.logging.LogManager;
import com.ibm.wps.logging.Logger;
import com.ibm.wps.puma.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.w3c.dom.Element;

/* loaded from: input_file:wps.jar:com/ibm/wps/command/xml/items/AccessControlData.class */
class AccessControlData {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-E76 and 5724-E77, (C) Copyright IBM Corp. 2001, 2003 - All Rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static final Logger logger;
    private static final ActionSet[] NO_ACTION_SETS;
    ConfigItem item;
    Boolean privateFlag;
    Boolean externalized;
    Boolean makeExternal;
    String ownerName;
    RoleInstanceData[] roles;
    ActionSet[] inheritanceBlocks;
    ActionSet[] propagationBlocks;
    boolean noBlocks;
    static Class class$com$ibm$wps$command$xml$items$AccessControlData;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AccessControlData(ConfigItem configItem) throws CommandException, XmlCommandException {
        this.item = configItem;
        if (logger.isLogging(Logger.TRACE_HIGH)) {
            logger.text(Logger.TRACE_HIGH, "<init>", new StringBuffer().append("retrieving acess control for ").append(configItem.shortString()).toString());
        }
        QueryProtectedResourceCommand queryProtectedResourceCommand = new QueryProtectedResourceCommand();
        queryProtectedResourceCommand.setUser(((AbstractConfigItem) configItem).configData.getUser());
        queryProtectedResourceCommand.setResource(configItem.objectID);
        queryProtectedResourceCommand.execute();
        if (queryProtectedResourceCommand.exists()) {
            this.privateFlag = new Boolean(queryProtectedResourceCommand.isPrivate());
            this.externalized = new Boolean(queryProtectedResourceCommand.isExternalized());
            if (queryProtectedResourceCommand.getOwnerID() == null) {
                this.ownerName = "undefined";
            } else {
                try {
                    this.ownerName = ACManager.getAccessControl().createPrincipal(queryProtectedResourceCommand.getOwnerID()).getName();
                } catch (AuthorizationDataException e) {
                    throw new XmlCommandException(XmlCommandMessages.AUTH_DATA_EXCEPTION_1, new Object[]{Attributes.OWNER}, configItem, e);
                }
            }
            this.inheritanceBlocks = queryProtectedResourceCommand.getNonInheritingActionSets();
            this.propagationBlocks = queryProtectedResourceCommand.getNonPropagatingActionSets();
            if ((this.inheritanceBlocks == null || this.inheritanceBlocks.length == 0) && (this.propagationBlocks == null || this.propagationBlocks.length == 0)) {
                this.noBlocks = true;
            }
            this.roles = RoleInstanceData.loadRoleInstanceData(configItem);
        }
    }

    private AccessControlData(Element element, ConfigItem configItem) throws XmlFormatException {
        this.item = configItem;
        this.privateFlag = AbstractConfigItem.getAttributeBoolean(element, Attributes.ACCESSCONTROLDATA_PRIVATE);
        this.makeExternal = AbstractConfigItem.getAttributeBoolean(element, Attributes.ACCESSCONTROLDATA_EXTERNALIZED);
        this.ownerName = AbstractConfigItem.getAttributeString(element, Attributes.OWNER);
        this.roles = RoleInstanceData.initRoleInstanceData(element, configItem);
        if (this.privateFlag != null && this.privateFlag.booleanValue()) {
            if (!canBePrivate()) {
                throw new XmlFormatException(XmlCommandMessages.TYPE_CANNOT_BE_PRIVATE_1, new Object[]{configItem.xmlName()}, configItem, null);
            }
            if (this.ownerName == null) {
                throw new XmlFormatException(XmlCommandMessages.ATTR_MANDATORY_FOR_ATTR_VALUE_3, new Object[]{Attributes.OWNER, Attributes.ACCESSCONTROLDATA_PRIVATE, "true"}, configItem, null);
            }
        }
        List<Element> childrenByTagName = XmlUtils.getChildrenByTagName(element, Attributes.ROLEBLOCKDATA);
        if (childrenByTagName.isEmpty()) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (Element element2 : childrenByTagName) {
            String attributeString = AbstractConfigItem.getAttributeString(element2, "type");
            String attributeString2 = AbstractConfigItem.getAttributeString(element2, "actionset");
            if (attributeString == null || (!"none".equals(attributeString) && attributeString2 == null)) {
                throw new XmlFormatException(XmlCommandMessages.NEED_ATTRS_IN_TAG_2, new Object[]{Attributes.ROLEBLOCKDATA, "type, actionset"}, configItem, null);
            }
            if ("none".equals(attributeString)) {
                this.noBlocks = true;
            } else {
                ActionSet actionSetFromName = ACManager.getAccessControl().getActionFactory().getActionSetFromName(attributeString2.toUpperCase());
                if (actionSetFromName == null) {
                    throw new XmlFormatException(XmlCommandMessages.INVALID_VALUE_FOR_ATTR_2, new Object[]{attributeString2, "actionset"}, configItem, null);
                }
                if (attributeString.equals(Attributes.BLOCKTYPES_INHERITANCE)) {
                    arrayList.add(actionSetFromName);
                } else {
                    if (!attributeString.equals(Attributes.BLOCKTYPES_PROPAGATION)) {
                        throw new XmlFormatException(XmlCommandMessages.INVALID_VALUE_FOR_ATTR_2, new Object[]{attributeString, "type"}, configItem, null);
                    }
                    arrayList2.add(actionSetFromName);
                }
            }
        }
        if (!arrayList.isEmpty()) {
            this.inheritanceBlocks = (ActionSet[]) arrayList.toArray(new ActionSet[0]);
        }
        if (arrayList2.isEmpty()) {
            return;
        }
        this.propagationBlocks = (ActionSet[]) arrayList2.toArray(new ActionSet[0]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AccessControlData initAccessControlData(Element element, ConfigItem configItem) throws XmlFormatException {
        List childrenByTagName = XmlUtils.getChildrenByTagName(element, Attributes.ACCESSCONTROLDATA);
        if (childrenByTagName.isEmpty()) {
            return null;
        }
        return new AccessControlData((Element) childrenByTagName.get(0), configItem);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Element export() {
        Element createElement = this.item.configData.outputDocument.createElement(Attributes.ACCESSCONTROLDATA);
        if (this.privateFlag != null) {
            createElement.setAttribute(Attributes.ACCESSCONTROLDATA_PRIVATE, this.privateFlag.toString());
        }
        if (this.externalized != null) {
            createElement.setAttribute(Attributes.ACCESSCONTROLDATA_EXTERNALIZED, this.externalized.toString());
        }
        if (this.ownerName != null) {
            createElement.setAttribute(Attributes.OWNER, this.ownerName);
        }
        if (this.noBlocks) {
            this.item.configData.outputDocument.createElement(Attributes.ROLEBLOCKDATA).setAttribute("type", "none");
        } else {
            if (this.inheritanceBlocks != null) {
                for (int i = 0; i < this.inheritanceBlocks.length; i++) {
                    Element createElement2 = this.item.configData.outputDocument.createElement(Attributes.ROLEBLOCKDATA);
                    createElement2.setAttribute("type", Attributes.BLOCKTYPES_INHERITANCE);
                    createElement2.setAttribute("actionset", this.inheritanceBlocks[i].getName());
                    createElement.appendChild(createElement2);
                }
            }
            if (this.propagationBlocks != null) {
                for (int i2 = 0; i2 < this.propagationBlocks.length; i2++) {
                    Element createElement3 = this.item.configData.outputDocument.createElement(Attributes.ROLEBLOCKDATA);
                    createElement3.setAttribute("type", Attributes.BLOCKTYPES_PROPAGATION);
                    createElement3.setAttribute("actionset", this.propagationBlocks[i2].getName());
                    createElement.appendChild(createElement3);
                }
            }
        }
        if (this.roles != null) {
            for (int i3 = 0; i3 < this.roles.length; i3++) {
                createElement.appendChild(this.roles[i3].export());
            }
        }
        return createElement;
    }

    private boolean canBePrivate() {
        return this.item.xmlName() != Attributes.VIRTUALRESOURCEITEM;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void update() throws XmlCommandException, CommandException {
        if (this.item.objectID == null) {
            return;
        }
        if (logger.isLogging(Logger.TRACE_HIGH)) {
            logger.text(Logger.TRACE_HIGH, "update", new StringBuffer().append("updating access control for ").append(this.item.shortString()).toString());
        }
        ACPrincipal aCPrincipal = null;
        if (this.ownerName != null && !this.ownerName.equals("undefined")) {
            aCPrincipal = getPrincipal(this.ownerName, null, this.item);
        }
        QueryProtectedResourceCommand queryProtectedResourceCommand = new QueryProtectedResourceCommand();
        queryProtectedResourceCommand.setUser(((AbstractConfigItem) this.item).configData.getUser());
        queryProtectedResourceCommand.setResource(this.item.objectID);
        queryProtectedResourceCommand.execute();
        if (queryProtectedResourceCommand.exists()) {
            this.externalized = new Boolean(queryProtectedResourceCommand.isExternalized());
            if (this.privateFlag != null && this.privateFlag.booleanValue() != queryProtectedResourceCommand.isPrivate() && (!this.privateFlag.booleanValue() || aCPrincipal != null)) {
                ModifyResourceStateCommand modifyResourceStateCommand = new ModifyResourceStateCommand();
                modifyResourceStateCommand.setUser(this.item.configData.getUser());
                modifyResourceStateCommand.setResource(this.item.objectID);
                modifyResourceStateCommand.setPrivate(this.privateFlag.booleanValue());
                modifyResourceStateCommand.setModifyTree(true);
                modifyResourceStateCommand.execute();
            }
            if (this.ownerName != null && ((aCPrincipal == null && queryProtectedResourceCommand.getOwnerID() != null) || (aCPrincipal != null && !aCPrincipal.getObjectID().equals(queryProtectedResourceCommand.getOwnerID())))) {
                ModifyOwnerCommand modifyOwnerCommand = new ModifyOwnerCommand();
                modifyOwnerCommand.setUser(this.item.configData.getUser());
                modifyOwnerCommand.setResource(this.item.objectID);
                modifyOwnerCommand.setOwner(aCPrincipal);
                modifyOwnerCommand.execute();
            }
            if (this.noBlocks || this.inheritanceBlocks != null || this.propagationBlocks != null) {
                if (logger.isLogging(Logger.TRACE_HIGH)) {
                    logger.text(Logger.TRACE_HIGH, "update", "setting role blocks");
                    if (this.inheritanceBlocks != null) {
                        logger.text(Logger.TRACE_HIGH, "update", new StringBuffer().append("inheritance: ").append(Arrays.asList(this.inheritanceBlocks)).toString());
                    }
                    if (this.propagationBlocks != null) {
                        logger.text(Logger.TRACE_HIGH, "update", new StringBuffer().append("propagation: ").append(Arrays.asList(this.propagationBlocks)).toString());
                    }
                }
                ModifyRoleBlocksCommand modifyRoleBlocksCommand = new ModifyRoleBlocksCommand();
                modifyRoleBlocksCommand.setUser(this.item.configData.getUser());
                modifyRoleBlocksCommand.setResource(this.item.objectID);
                if (this.noBlocks) {
                    modifyRoleBlocksCommand.setNonInheritingActionSets(NO_ACTION_SETS);
                    modifyRoleBlocksCommand.setNonPropagatingActionSets(NO_ACTION_SETS);
                } else {
                    if (this.inheritanceBlocks != null) {
                        modifyRoleBlocksCommand.setNonInheritingActionSets(this.inheritanceBlocks);
                    } else {
                        modifyRoleBlocksCommand.setNonInheritingActionSets(NO_ACTION_SETS);
                    }
                    if (this.propagationBlocks != null) {
                        modifyRoleBlocksCommand.setNonPropagatingActionSets(this.propagationBlocks);
                    } else {
                        modifyRoleBlocksCommand.setNonPropagatingActionSets(NO_ACTION_SETS);
                    }
                }
                if (!modifyRoleBlocksCommand.isBlockConfigurationValid()) {
                    this.item.outputWarning(XmlCommandMessages.INVALID_ROLE_BLOCKS_1, new Object[]{this.item.shortString()});
                }
                modifyRoleBlocksCommand.execute();
            }
            if ((this.makeExternal == null && this.externalized.equals(Boolean.FALSE)) || (this.externalized.equals(Boolean.FALSE) && this.makeExternal.equals(Boolean.FALSE))) {
                if (logger.isLogging(Logger.TRACE_HIGH)) {
                    logger.text(Logger.TRACE_HIGH, "update", "updating roles only");
                }
                if (this.roles != null) {
                    for (int i = 0; i < this.roles.length; i++) {
                        this.roles[i].update();
                    }
                    return;
                }
                return;
            }
            if (this.makeExternal != null && this.externalized.equals(Boolean.TRUE) && this.makeExternal.equals(Boolean.FALSE)) {
                if (logger.isLogging(Logger.TRACE_HIGH)) {
                    logger.text(Logger.TRACE_HIGH, "update", "internalizing resource and then updating roles");
                }
                ExternalizeResourceCommand externalizeResourceCommand = new ExternalizeResourceCommand();
                externalizeResourceCommand.setUser(this.item.configData.getUser());
                externalizeResourceCommand.setResource(this.item.objectID);
                externalizeResourceCommand.setExternalize(this.makeExternal.booleanValue());
                externalizeResourceCommand.execute();
                if (this.roles != null) {
                    for (int i2 = 0; i2 < this.roles.length; i2++) {
                        this.roles[i2].update();
                    }
                    return;
                }
                return;
            }
            if (this.makeExternal == null || !this.externalized.equals(Boolean.FALSE) || !this.makeExternal.equals(Boolean.TRUE)) {
                if (this.makeExternal != null && this.externalized.equals(Boolean.TRUE) && this.makeExternal.equals(Boolean.TRUE) && logger.isLogging(Logger.TRACE_HIGH)) {
                    logger.text(Logger.TRACE_HIGH, "update", "unable to update roles as resource is externalized");
                    return;
                }
                return;
            }
            if (logger.isLogging(Logger.TRACE_HIGH)) {
                logger.text(Logger.TRACE_HIGH, "update", "updating roles and then externalizing resource");
            }
            if (this.roles != null) {
                for (int i3 = 0; i3 < this.roles.length; i3++) {
                    this.roles[i3].update();
                }
            }
            ExternalizeResourceCommand externalizeResourceCommand2 = new ExternalizeResourceCommand();
            externalizeResourceCommand2.setUser(this.item.configData.getUser());
            externalizeResourceCommand2.setResource(this.item.objectID);
            externalizeResourceCommand2.setExternalize(this.makeExternal.booleanValue());
            externalizeResourceCommand2.execute();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ACPrincipal getPrincipal(String str, ResourceType resourceType, ConfigItem configItem) throws XmlCommandException {
        ACPrincipal internalGetPrincipal;
        if (resourceType != null) {
            internalGetPrincipal = internalGetPrincipal(str, resourceType, configItem);
        } else {
            internalGetPrincipal = internalGetPrincipal(str, ResourceType.USER, configItem);
            if (internalGetPrincipal == null) {
                internalGetPrincipal = internalGetPrincipal(str, ResourceType.USER_GROUP, configItem);
            }
        }
        if (internalGetPrincipal == null) {
            if (logger.isLogging(102)) {
                logger.message(102, "getPrincipal", XmlCommandMessages.PRINCIPAL_NOT_FOUND_1, new Object[]{str});
            }
            configItem.outputWarning(XmlCommandMessages.USER_NOT_FOUND_NOUPDATE_2, new Object[]{str, Attributes.ACCESSCONTROLDATA});
        }
        if (logger.isLogging(Logger.TRACE_HIGH)) {
            logger.text(Logger.TRACE_HIGH, "getPrincipal", new StringBuffer().append("found principal: ").append(internalGetPrincipal).toString());
        }
        return internalGetPrincipal;
    }

    private static ACPrincipal internalGetPrincipal(String str, ResourceType resourceType, ConfigItem configItem) throws XmlCommandException {
        ACPrincipal aCPrincipal = null;
        try {
            if (logger.isLogging(Logger.TRACE_HIGH)) {
                logger.text(Logger.TRACE_HIGH, "getPrincipal", new StringBuffer().append("loading principal for ").append(str).append(", ").append(resourceType).toString());
            }
            aCPrincipal = ACManager.getAccessControl().createPrincipal(str, resourceType);
        } catch (AuthorizationDataException e) {
            if (logger.isLogging(Logger.TRACE_HIGH)) {
                logger.text(Logger.TRACE_HIGH, "getPrincipal", "User not found in PAC", e);
            }
        } catch (RuntimeException e2) {
            if (logger.isLogging(Logger.TRACE_HIGH)) {
                logger.text(Logger.TRACE_HIGH, "getPrincipal", "User not found in PAC", e2);
            }
        }
        if (aCPrincipal == null) {
            if (logger.isLogging(Logger.TRACE_HIGH)) {
                logger.text(Logger.TRACE_HIGH, "getPrincipal", "query user management");
            }
            Principal principal = null;
            if (resourceType == ResourceType.USER) {
                principal = AbstractConfigItem.stringToUser(str, configItem.configData);
            } else if (resourceType == ResourceType.USER_GROUP) {
                principal = AbstractConfigItem.stringToGroup(str, configItem.configData);
            }
            if (principal != null) {
                if (logger.isLogging(Logger.TRACE_HIGH)) {
                    logger.text(Logger.TRACE_HIGH, "getPrincipal", new StringBuffer().append("found principal: ").append(principal).toString());
                }
                aCPrincipal = ACManager.getAccessControl().createPrincipal(principal);
            }
        }
        return aCPrincipal;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(super.toString());
        stringBuffer.append("\towner: ").append(this.ownerName).append("\n");
        stringBuffer.append("\tprivate: ").append(this.privateFlag).append("\n");
        stringBuffer.append("\texternalized: ").append(this.externalized).append("\n");
        stringBuffer.append("\tmakeexternal: ").append(this.makeExternal).append("\n");
        if (this.inheritanceBlocks != null) {
            stringBuffer.append("\tinheritance blocks: ").append(Arrays.asList(this.inheritanceBlocks)).append("\n");
        }
        if (this.propagationBlocks != null) {
            stringBuffer.append("\tpropagation blocks: ").append(Arrays.asList(this.propagationBlocks)).append("\n");
        }
        if (this.roles != null) {
            stringBuffer.append("\troles: [");
            for (int i = 0; i < this.roles.length; i++) {
                stringBuffer.append(this.roles[i]).append("\n");
            }
            stringBuffer.append("\t]\n");
        }
        return stringBuffer.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        LogManager logManager = LogManager.getLogManager();
        if (class$com$ibm$wps$command$xml$items$AccessControlData == null) {
            cls = class$("com.ibm.wps.command.xml.items.AccessControlData");
            class$com$ibm$wps$command$xml$items$AccessControlData = cls;
        } else {
            cls = class$com$ibm$wps$command$xml$items$AccessControlData;
        }
        logger = logManager.getLogger(cls);
        NO_ACTION_SETS = new ActionSet[0];
    }
}
