package org.apache.directory.fortress.core.impl;

import java.util.ArrayList;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CfgException;
import org.apache.directory.fortress.core.CreateException;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.UpdateException;
import org.apache.directory.fortress.core.ldap.LdapDataProvider;
import org.apache.directory.fortress.core.model.ConstraintUtil;
import org.apache.directory.fortress.core.model.Graphable;
import org.apache.directory.fortress.core.model.Group;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.core.util.PropUpdater;
import org.apache.directory.fortress.core.util.PropUtil;
import org.apache.directory.ldap.client.api.LdapConnection;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/directory/fortress/core/impl/RoleDAO.class */
public final class RoleDAO extends LdapDataProvider implements PropertyProvider<Role>, PropUpdater {
    private static final String ROLE_NM = "ftRoleName";
    private static final String[] ROLE_NM_ATR = {ROLE_NM};
    private static final String POSIX_GROUP = "posixGroup";
    static final boolean IS_RFC2307;
    private static final String[] ROLE_ATRS;
    private static String[] ROLE_OBJ_CLASS;

    @Override // org.apache.directory.fortress.core.util.PropUpdater
    public String newValue(String str) {
        return Integer.valueOf(new Integer(str).intValue() + 1).toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role create(Role role) throws CreateException {
        LdapConnection ldapConnection = null;
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(getDn(role.getName(), role.getContextId()));
                defaultEntry.add("objectClass", ROLE_OBJ_CLASS);
                role.setId();
                defaultEntry.add(GlobalIds.FT_IID, new String[]{role.getId()});
                defaultEntry.add(ROLE_NM, new String[]{role.getName()});
                if (StringUtils.isNotEmpty(role.getDescription())) {
                    defaultEntry.add("description", new String[]{role.getDescription()});
                }
                defaultEntry.add("cn", new String[]{role.getName()});
                defaultEntry.add(GlobalIds.CONSTRAINT, new String[]{ConstraintUtil.setConstraint(role)});
                loadAttrs(role.getParents(), (Entry) defaultEntry, GlobalIds.PARENT_NODES);
                if (IS_RFC2307) {
                    loadGidNumber(role);
                    defaultEntry.add(GlobalIds.GID_NUMBER, new String[]{role.getGidNumber()});
                }
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, role);
                closeAdminConnection(ldapConnection);
                return role;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.ROLE_ADD_FAILED, "create role [" + role.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role update(Role role) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                try {
                    ArrayList arrayList = new ArrayList();
                    if (StringUtils.isNotEmpty(role.getDescription())) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", new String[]{role.getDescription()}));
                    }
                    if (role.isTemporalSet()) {
                        String constraint = ConstraintUtil.setConstraint(role);
                        if (StringUtils.isNotEmpty(constraint)) {
                            arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.CONSTRAINT, new String[]{constraint}));
                        }
                    }
                    loadAttrs(role.getParents(), arrayList, GlobalIds.PARENT_NODES);
                    if (IS_RFC2307 && StringUtils.isNotEmpty(role.getGidNumber())) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.GID_NUMBER, new String[]{role.getGidNumber()}));
                    }
                    if (arrayList.size() > 0) {
                        ldapConnection = getAdminConnection();
                        modify(ldapConnection, dn, arrayList, role);
                    }
                    try {
                        closeAdminConnection(ldapConnection);
                        return role;
                    } catch (Exception e) {
                        throw new UpdateException(GlobalErrIds.ROLE_UPDATE_FAILED, "update name [" + role.getName() + "] caught LdapException=" + e, e);
                    }
                } catch (Throwable th) {
                    try {
                        closeAdminConnection(ldapConnection);
                        throw th;
                    } catch (Exception e2) {
                        throw new UpdateException(GlobalErrIds.ROLE_UPDATE_FAILED, "update name [" + role.getName() + "] caught LdapException=" + e2, e2);
                    }
                }
            } catch (Exception e3) {
                throw new UpdateException(GlobalErrIds.ROLE_UPDATE_FAILED, "update name [" + role.getName() + "] caught LdapException=" + e3.getMessage(), e3);
            }
        } catch (LdapException e4) {
            throw new UpdateException(GlobalErrIds.ROLE_UPDATE_FAILED, "update name [" + role.getName() + "] caught LdapException=" + e4, e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteParent(Role role) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.PARENT_NODES));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, role);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ROLE_REMOVE_PARENT_FAILED, "deleteParent name [" + role.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role assign(Role role, String str) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, "roleOccupant", new String[]{str}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, role);
                closeAdminConnection(ldapConnection);
                return role;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ROLE_USER_ASSIGN_FAILED, "assign role name [" + role.getName() + "] user dn [" + str + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role deassign(Role role, String str) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, "roleOccupant", new String[]{str}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, role);
                closeAdminConnection(ldapConnection);
                return role;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ROLE_USER_DEASSIGN_FAILED, "deassign role name [" + role.getName() + "] user dn [" + str + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(Role role) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                ldapConnection = getAdminConnection();
                delete(ldapConnection, dn, role);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.ROLE_DELETE_FAILED, "remove role name=" + role.getName() + " LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Role getRole(Role role) throws FinderException {
        Role role2 = null;
        LdapConnection ldapConnection = null;
        String dn = getDn(role.getName(), role.getContextId());
        try {
            try {
                try {
                    ldapConnection = getAdminConnection();
                    Entry read = read(ldapConnection, dn, ROLE_ATRS);
                    if (read != null) {
                        role2 = unloadLdapEntry(read, 0L, role.getContextId());
                    }
                    if (role2 == null) {
                        throw new FinderException(GlobalErrIds.ROLE_NOT_FOUND, "getRole no entry found dn [" + dn + "]");
                    }
                    closeAdminConnection(ldapConnection);
                    return role2;
                } catch (LdapNoSuchObjectException e) {
                    throw new FinderException(GlobalErrIds.ROLE_NOT_FOUND, "getRole Obj COULD NOT FIND ENTRY for dn [" + dn + "]");
                }
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ROLE_READ_FAILED, "getRole dn [" + dn + "] LEXCD=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Role> findRoles(Role role) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(role.getContextId(), GlobalIds.ROLE_ROOT);
        String str = null;
        try {
            try {
                str = "(&(objectClass=ftRls)(ftRoleName=" + encodeSafeText(role.getName(), 40) + "*))";
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, str, ROLE_ATRS, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, role.getContextId()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "findRoles filter [" + str + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "findRoles filter [" + str + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Role> groupRoles(Group group) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(group.getContextId(), GlobalIds.ROLE_ROOT);
        StringBuilder sb = new StringBuilder();
        try {
            try {
                List<String> members = group.getMembers();
                if (!CollectionUtils.isNotEmpty(members)) {
                    throw new FinderException(GlobalErrIds.GROUP_MEMBER_NULL, "groupRoles passed empty member list");
                }
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(GlobalIds.ROLE_OBJECT_CLASS_NM);
                sb.append(")(");
                sb.append("|");
                for (String str : members) {
                    sb.append("(");
                    sb.append("entryDN");
                    sb.append("=");
                    sb.append(str);
                    sb.append(")");
                }
                sb.append("))");
                LdapConnection adminConnection = getAdminConnection();
                SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, sb.toString(), ROLE_ATRS, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, group.getContextId()));
                }
                closeAdminConnection(adminConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "groupRoles filter [" + sb.toString() + "] caught LdapException=" + e, e);
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "groupRoles filter [" + sb.toString() + "] caught CursorException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> findRoles(Role role, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(role.getContextId(), GlobalIds.ROLE_ROOT);
        String str = null;
        try {
            try {
                str = "(&(objectClass=ftRls)(ftRoleName=" + encodeSafeText(role.getName(), 40) + "*))";
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, str, ROLE_NM_ATR, false, i);
                while (search.next()) {
                    arrayList.add(getAttribute(search.getEntry(), ROLE_NM));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "findRoles filter [" + str + "] caught LdapException=" + e, e);
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "findRoles filter [" + str + "] caught CursorException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> findAssignedRoles(String str, String str2) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(str2, GlobalIds.ROLE_ROOT);
        try {
            try {
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, "(&(objectClass=ftRls)(roleOccupant=" + str + "))", ROLE_NM_ATR, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                while (search.next()) {
                    arrayList.add(getAttribute(search.getEntry(), ROLE_NM));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.ROLE_OCCUPANT_SEARCH_FAILED, "findAssignedRoles userDn [" + str + "] caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ROLE_OCCUPANT_SEARCH_FAILED, "findAssignedRoles userDn [" + str + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v5, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Graphable> getAllDescendants(String str) throws FinderException {
        String[] strArr = {ROLE_NM, GlobalIds.PARENT_NODES};
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(str, GlobalIds.ROLE_ROOT);
        String str2 = null;
        try {
            try {
                try {
                    str2 = "(&(objectClass=ftRls)(ftParents=*))";
                    ldapConnection = getAdminConnection();
                    SearchCursor search = search(ldapConnection, rootDn, SearchScope.ONELEVEL, str2, strArr, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        search.getEntry();
                        ?? r3 = j;
                        j = r3 + 1;
                        arrayList.add(unloadDescendants(r3, r3, str));
                    }
                    closeAdminConnection(ldapConnection);
                    return arrayList;
                } catch (CursorException e) {
                    throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "getAllDescendants filter [" + str2 + "] caught CursorException=" + e.getMessage(), e);
                }
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.ROLE_SEARCH_FAILED, "getAllDescendants filter [" + str2 + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private void loadGidNumber(Role role) throws CreateException {
        if (StringUtils.isEmpty(role.getGidNumber())) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(GlobalIds.GID_NUMBER);
            try {
                role.setGidNumber(Config.getInstance().getIncrementReplacePosixIds(arrayList, this).getGidNumber());
            } catch (CfgException e) {
                throw new CreateException(GlobalErrIds.USER_ADD_FAILED, "Create role had a problem loading the gidNumber, catching a CfgException:" + e.getMessage(), e);
            }
        }
    }

    private Graphable unloadDescendants(Entry entry, long j, String str) throws LdapInvalidAttributeValueException {
        Role createRole = new ObjectFactory().createRole();
        createRole.setSequenceId(j);
        createRole.setName(getAttribute(entry, ROLE_NM));
        createRole.setParents(getAttributeSet(entry, GlobalIds.PARENT_NODES));
        return createRole;
    }

    private Role unloadLdapEntry(Entry entry, long j, String str) throws LdapInvalidAttributeValueException {
        Role createRole = new ObjectFactory().createRole();
        createRole.setSequenceId(j);
        createRole.setId(getAttribute(entry, GlobalIds.FT_IID));
        createRole.setName(getAttribute(entry, ROLE_NM));
        createRole.setDescription(getAttribute(entry, "description"));
        createRole.setChildren(RoleUtil.getInstance().getChildren(createRole.getName().toUpperCase(), str));
        createRole.setParents(getAttributeSet(entry, GlobalIds.PARENT_NODES));
        unloadTemporal(entry, createRole);
        createRole.setDn(entry.getDn().getName());
        createRole.addProperties(PropUtil.getProperties(getAttributes(entry, GlobalIds.PROPS)));
        if (IS_RFC2307) {
            createRole.setGidNumber(getAttribute(entry, GlobalIds.GID_NUMBER));
        }
        createRole.setOccupants(getAttributes(entry, "roleOccupant"));
        return createRole;
    }

    private String getDn(String str, String str2) {
        return "cn=" + str + "," + getRootDn(str2, GlobalIds.ROLE_ROOT);
    }

    @Override // org.apache.directory.fortress.core.impl.PropertyProvider
    public String getDn(Role role) {
        return getDn(role.getName(), role.getContextId());
    }

    @Override // org.apache.directory.fortress.core.impl.PropertyProvider
    public Role getEntity(Role role) throws FinderException {
        return getRole(role);
    }

    static {
        IS_RFC2307 = Config.getInstance().getProperty(GlobalIds.RFC2307_PROP) != null && Config.getInstance().getProperty(GlobalIds.RFC2307_PROP).equalsIgnoreCase("true");
        String[] strArr = new String[8];
        strArr[0] = GlobalIds.FT_IID;
        strArr[1] = ROLE_NM;
        strArr[2] = "description";
        strArr[3] = GlobalIds.CONSTRAINT;
        strArr[4] = "roleOccupant";
        strArr[5] = GlobalIds.PARENT_NODES;
        strArr[6] = GlobalIds.PROPS;
        strArr[7] = IS_RFC2307 ? GlobalIds.GID_NUMBER : null;
        ROLE_ATRS = strArr;
        ROLE_OBJ_CLASS = IS_RFC2307 ? new String[]{"top", GlobalIds.ROLE_OBJECT_CLASS_NM, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME, POSIX_GROUP} : new String[]{"top", GlobalIds.ROLE_OBJECT_CLASS_NM, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
    }
}
