package org.apache.directory.fortress.core.impl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CreateException;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.UpdateException;
import org.apache.directory.fortress.core.ldap.LdapDataProvider;
import org.apache.directory.fortress.core.model.AdminRole;
import org.apache.directory.fortress.core.model.ConstraintUtil;
import org.apache.directory.fortress.core.model.FortEntity;
import org.apache.directory.fortress.core.model.Graphable;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.ldap.client.api.LdapConnection;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/fortress-core-2.0.6.jar:org/apache/directory/fortress/core/impl/AdminRoleDAO.class */
public final class AdminRoleDAO extends LdapDataProvider implements PropertyProvider<AdminRole> {
    private static final String ROLE_OCCUPANT = "roleOccupant";
    private static final String POOLS_AUX_OBJECT_CLASS_NAME = "ftPools";
    private static final String[] ADMIN_ROLE_OBJ_CLASS = {SchemaConstants.TOP_OC, GlobalIds.ROLE_OBJECT_CLASS_NM, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, POOLS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
    private static final String ROLE_NM = "ftRoleName";
    private static final String[] ROLE_NM_ATR = {ROLE_NM};
    private static final String ROLE_OSP = "ftOSP";
    private static final String ROLE_OSU = "ftOSU";
    private static final String ROLE_RANGE = "ftRange";
    private static final String[] ROLE_ATRS = {GlobalIds.FT_IID, ROLE_NM, "description", GlobalIds.CONSTRAINT, "roleOccupant", ROLE_OSP, ROLE_OSU, ROLE_RANGE, GlobalIds.PARENT_NODES};

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdminRole create(AdminRole adminRole) throws CreateException {
        LdapConnection ldapConnection = null;
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(getDn(adminRole));
                defaultEntry.add(SchemaConstants.OBJECT_CLASS_AT, ADMIN_ROLE_OBJ_CLASS);
                adminRole.setId();
                defaultEntry.add(GlobalIds.FT_IID, adminRole.getId());
                defaultEntry.add(ROLE_NM, adminRole.getName());
                if (StringUtils.isNotEmpty(adminRole.getDescription())) {
                    defaultEntry.add("description", adminRole.getDescription());
                }
                defaultEntry.add(SchemaConstants.CN_AT, adminRole.getName());
                defaultEntry.add(GlobalIds.CONSTRAINT, ConstraintUtil.setConstraint(adminRole));
                loadAttrs(adminRole.getOsPSet(), defaultEntry, ROLE_OSP);
                loadAttrs(adminRole.getOsUSet(), defaultEntry, ROLE_OSU);
                String roleRangeRaw = adminRole.getRoleRangeRaw();
                if (StringUtils.isNotEmpty(roleRangeRaw)) {
                    defaultEntry.add(ROLE_RANGE, roleRangeRaw);
                }
                loadAttrs(adminRole.getParents(), defaultEntry, GlobalIds.PARENT_NODES);
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, adminRole);
                closeAdminConnection(ldapConnection);
                return adminRole;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.ARLE_ADD_FAILED, "create role [" + adminRole.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdminRole update(AdminRole adminRole) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (StringUtils.isNotEmpty(adminRole.getDescription())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", adminRole.getDescription()));
                }
                if (CollectionUtils.isNotEmpty(adminRole.getOccupants())) {
                    Iterator<String> it = adminRole.getOccupants().iterator();
                    while (it.hasNext()) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "roleOccupant", it.next()));
                    }
                }
                if (adminRole.isTemporalSet()) {
                    String constraint = ConstraintUtil.setConstraint(adminRole);
                    if (StringUtils.isNotEmpty(constraint)) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.CONSTRAINT, constraint));
                    }
                }
                loadAttrs(adminRole.getOsUSet(), arrayList, ROLE_OSU);
                loadAttrs(adminRole.getOsPSet(), arrayList, ROLE_OSP);
                String roleRangeRaw = adminRole.getRoleRangeRaw();
                if (StringUtils.isNotEmpty(roleRangeRaw)) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, ROLE_RANGE, roleRangeRaw));
                }
                loadAttrs(adminRole.getParents(), arrayList, GlobalIds.PARENT_NODES);
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, adminRole);
                }
                return adminRole;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ARLE_UPDATE_FAILED, "update name [" + adminRole.getName() + "] caught LdapException=" + e, e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteParent(AdminRole adminRole) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.PARENT_NODES));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, adminRole);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ARLE_REMOVE_PARENT_FAILED, "deleteParent name [" + adminRole.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdminRole assign(AdminRole adminRole, String str) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, "roleOccupant", str));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, adminRole);
                closeAdminConnection(ldapConnection);
                return adminRole;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ARLE_USER_ASSIGN_FAILED, "assign role name [" + adminRole.getName() + "] user dn [" + str + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdminRole deassign(AdminRole adminRole, String str) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, "roleOccupant", str));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, adminRole);
                closeAdminConnection(ldapConnection);
                return adminRole;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ARLE_USER_DEASSIGN_FAILED, "deassign role name [" + adminRole.getName() + "] user dn [" + str + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(AdminRole adminRole) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ldapConnection = getAdminConnection();
                delete(ldapConnection, dn, adminRole);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.ARLE_DELETE_FAILED, "remove role name=" + adminRole.getName() + " LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AdminRole getRole(AdminRole adminRole) throws FinderException {
        AdminRole adminRole2 = null;
        LdapConnection ldapConnection = null;
        String dn = getDn(adminRole);
        try {
            try {
                ldapConnection = getAdminConnection();
                Entry read = read(ldapConnection, dn, ROLE_ATRS);
                if (read != null) {
                    adminRole2 = unloadLdapEntry(read, 0L, adminRole.getContextId());
                }
                if (adminRole2 == null) {
                    throw new FinderException(GlobalErrIds.ARLE_NOT_FOUND, "getRole name [" + adminRole.getName() + "] no entry found dn [" + dn + "]");
                }
                closeAdminConnection(ldapConnection);
                return adminRole2;
            } catch (LdapNoSuchObjectException e) {
                throw new FinderException(GlobalErrIds.ARLE_NOT_FOUND, "getRole name [" + adminRole.getName() + "] Obj COULD NOT FIND ENTRY for dn [" + dn + "]", e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ARLE_READ_FAILED, "getRole dn [" + dn + "] LEXCD=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [org.apache.directory.api.ldap.model.entry.Entry, long] */
    public List<AdminRole> findRoles(AdminRole adminRole) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(adminRole.getContextId(), GlobalIds.ADMIN_ROLE_ROOT);
        try {
            try {
                String str = "(&(objectClass=ftRls)(ftRoleName=" + encodeSafeText(adminRole.getName(), 40) + "*))";
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, str, ROLE_ATRS, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, adminRole.getContextId()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "findRoles name [" + adminRole.getName() + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "findRoles name [" + adminRole.getName() + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> findRoles(AdminRole adminRole, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(adminRole.getContextId(), GlobalIds.ADMIN_ROLE_ROOT);
        String str = null;
        try {
            try {
                str = encodeSafeText(adminRole.getName(), 40);
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, "(&(objectClass=ftRls)(ftRoleName=" + str + "*))", ROLE_NM_ATR, false, i);
                while (search.next()) {
                    arrayList.add(getAttribute(search.getEntry(), ROLE_NM));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "findRoles name [" + str + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "findRoles name [" + str + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> findAssignedRoles(String str, String str2) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(str2, GlobalIds.ADMIN_ROLE_ROOT);
        try {
            try {
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, "(&(objectClass=ftRls)(roleOccupant=" + str + "))", ROLE_NM_ATR, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                while (search.next()) {
                    arrayList.add(getAttribute(search.getEntry(), ROLE_NM));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ARLE_OCCUPANT_SEARCH_FAILED, "findAssignedRoles userDn [" + str + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ARLE_OCCUPANT_SEARCH_FAILED, "findAssignedRoles userDn [" + str + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v5, types: [org.apache.directory.api.ldap.model.entry.Entry, long] */
    public List<Graphable> getAllDescendants(String str) throws FinderException {
        String[] strArr = {ROLE_NM, GlobalIds.PARENT_NODES};
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(str, GlobalIds.ADMIN_ROLE_ROOT);
        String str2 = null;
        try {
            try {
                str2 = "(&(objectClass=ftRls)(ftParents=*))";
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, str2, strArr, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadDescendants(r3, r3));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "getAllDescendants filter [" + str2 + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ARLE_SEARCH_FAILED, "getAllDescendants filter [" + str2 + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private Graphable unloadDescendants(Entry entry, long j) throws LdapInvalidAttributeValueException {
        Role createRole = new ObjectFactory().createRole();
        createRole.setSequenceId(j);
        createRole.setName(getAttribute(entry, ROLE_NM));
        createRole.setParents(getAttributeSet(entry, GlobalIds.PARENT_NODES));
        return createRole;
    }

    private AdminRole unloadLdapEntry(Entry entry, long j, String str) throws LdapInvalidAttributeValueException {
        AdminRole createAdminRole = new ObjectFactory().createAdminRole();
        createAdminRole.setSequenceId(j);
        createAdminRole.setId(getAttribute(entry, GlobalIds.FT_IID));
        createAdminRole.setDescription(getAttribute(entry, "description"));
        createAdminRole.setOccupants(getAttributes(entry, "roleOccupant"));
        createAdminRole.setOsPSet(getAttributeSet(entry, ROLE_OSP));
        createAdminRole.setOsUSet(getAttributeSet(entry, ROLE_OSU));
        createAdminRole.setName(getAttribute(entry, SchemaConstants.CN_AT));
        unloadTemporal(entry, createAdminRole);
        createAdminRole.setRoleRangeRaw(getAttribute(entry, ROLE_RANGE));
        createAdminRole.setParents(getAttributeSet(entry, GlobalIds.PARENT_NODES));
        createAdminRole.setChildren(AdminRoleUtil.getChildren(createAdminRole.getName().toUpperCase(), str));
        return createAdminRole;
    }

    @Override // org.apache.directory.fortress.core.impl.PropertyProvider
    public String getDn(AdminRole adminRole) {
        return "cn=" + adminRole.getName() + "," + getRootDn(adminRole.getContextId(), GlobalIds.ADMIN_ROLE_ROOT);
    }

    @Override // org.apache.directory.fortress.core.impl.PropertyProvider
    public FortEntity getEntity(AdminRole adminRole) throws FinderException {
        return getRole(adminRole);
    }
}
