package com.ibm.ws.wim.registry.util;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.websphere.wim.ConfigConstants;
import com.ibm.websphere.wim.SchemaConstants;
import com.ibm.websphere.wim.exception.EntityNotFoundException;
import com.ibm.websphere.wim.exception.InvalidIdentifierException;
import com.ibm.websphere.wim.exception.InvalidUniqueNameException;
import com.ibm.websphere.wim.exception.WIMException;
import com.ibm.websphere.wim.model.Context;
import com.ibm.websphere.wim.model.Control;
import com.ibm.websphere.wim.model.Entity;
import com.ibm.websphere.wim.model.ExternalNameControl;
import com.ibm.websphere.wim.model.Group;
import com.ibm.websphere.wim.model.GroupMemberControl;
import com.ibm.websphere.wim.model.GroupMembershipControl;
import com.ibm.websphere.wim.model.IdentifierType;
import com.ibm.websphere.wim.model.LoginAccount;
import com.ibm.websphere.wim.model.Root;
import com.ibm.websphere.wim.model.SearchControl;
import com.ibm.websphere.wim.ras.WIMMessageHelper;
import com.ibm.websphere.wim.ras.WIMMessageKey;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.security.registry.EntryNotFoundException;
import com.ibm.ws.security.registry.RegistryException;
import com.ibm.ws.security.registry.SearchResult;
import com.ibm.ws.wim.registry.dataobject.IDAndRealm;
import java.util.ArrayList;
import java.util.List;

@TraceOptions(traceGroups = {TraceConstants.TRACE_GROUP}, traceGroup = "", messageBundle = TraceConstants.MESSAGE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.wim.registry_1.0.2.jar:com/ibm/ws/wim/registry/util/MembershipBridge.class */
public class MembershipBridge {
    private static final String COPYRIGHT_NOTICE = "(c) Copyright International Business Machines Corporation 2012";
    private static final TraceComponent tc = Tr.register(MembershipBridge.class);
    private TypeMappings propertyMap;
    private BridgeUtils mappingUtils;
    static final long serialVersionUID = 8383935809529810948L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public MembershipBridge(BridgeUtils bridgeUtils) {
        this.propertyMap = null;
        this.mappingUtils = null;
        this.mappingUtils = bridgeUtils;
        this.propertyMap = new TypeMappings(bridgeUtils);
    }

    @FFDCIgnore({WIMException.class})
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public List getGroupsForUser(String str) throws EntryNotFoundException, RegistryException {
        Root search;
        List<Context> contexts;
        ArrayList arrayList = new ArrayList();
        try {
            this.mappingUtils.validateId(str);
            IDAndRealm seperateIDAndRealm = this.mappingUtils.seperateIDAndRealm(str);
            Root createRootObject = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject, seperateIDAndRealm.getRealm());
            }
            String id = seperateIDAndRealm.getId();
            String str2 = id.indexOf("'") != -1 ? "\"" : "'";
            String realInputAttrName = this.mappingUtils.getRealInputAttrName(this.propertyMap.getInputUserSecurityName(seperateIDAndRealm.getRealm()), id, true);
            String outputGroupSecurityName = this.propertyMap.getOutputGroupSecurityName(seperateIDAndRealm.getRealm());
            boolean z = this.mappingUtils.allowDNAsPrincipalName;
            if (z && (contexts = createRootObject.getContexts()) != null) {
                Context context = new Context();
                context.setKey(SchemaConstants.ALLOW_DN_PRINCIPALNAME_AS_LITERAL);
                context.setValue(Boolean.valueOf(z));
                contexts.add(context);
            }
            Root root = null;
            try {
                root = this.mappingUtils.getEntityByIdentifier(createRootObject, realInputAttrName, id, outputGroupSecurityName, this.mappingUtils);
            } catch (WIMException e) {
                if (!z) {
                    throw e;
                }
            }
            if (root != null) {
                search = root;
            } else {
                if (z) {
                    realInputAttrName = "principalName";
                }
                List<Control> controls = createRootObject.getControls();
                SearchControl searchControl = new SearchControl();
                if (controls != null) {
                    controls.add(searchControl);
                }
                searchControl.setExpression("//entities[@xsi:type='LoginAccount' and " + realInputAttrName + "=" + str2 + id + str2 + "]");
                search = this.mappingUtils.getWimService().search(createRootObject);
            }
            List<Entity> entities = search.getEntities();
            if (entities.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            if (entities.size() != 1) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, Tr.formatMessage(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            seperateIDAndRealm.setId(entities.get(0).getIdentifier().getUniqueName());
            Root createRootObject2 = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject2, seperateIDAndRealm.getRealm());
            }
            List<Control> controls2 = createRootObject2.getControls();
            GroupMembershipControl groupMembershipControl = new GroupMembershipControl();
            if (controls2 != null) {
                controls2.add(groupMembershipControl);
            }
            if (!this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputGroupSecurityName(seperateIDAndRealm.getRealm()))) {
                groupMembershipControl.getProperties().add(this.propertyMap.getOutputGroupSecurityName(seperateIDAndRealm.getRealm()));
            }
            groupMembershipControl.setLevel(this.mappingUtils.getGroupDepth());
            groupMembershipControl.setExpression("@xsi:type='Group'");
            List<Entity> entities2 = createRootObject2.getEntities();
            LoginAccount loginAccount = new LoginAccount();
            if (entities2 != null) {
                entities2.add(loginAccount);
            }
            IdentifierType identifierType = new IdentifierType();
            identifierType.setUniqueName(seperateIDAndRealm.getId());
            loginAccount.setIdentifier(identifierType);
            List<Entity> entities3 = this.mappingUtils.getWimService().get(createRootObject2).getEntities();
            if (entities3.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            List<Group> groups = entities3.get(0).getGroups();
            if (!groups.isEmpty()) {
                String outputGroupSecurityName2 = this.propertyMap.getOutputGroupSecurityName(seperateIDAndRealm.getRealm());
                boolean isIdentifierTypeProperty = this.mappingUtils.isIdentifierTypeProperty(outputGroupSecurityName2);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getGroupsForUser grpAttrName=" + outputGroupSecurityName2 + ", isIdentifier=" + isIdentifierTypeProperty, "getGroupsForUser");
                }
                for (int i = 0; i < groups.size(); i++) {
                    Group group = groups.get(i);
                    if (isIdentifierTypeProperty) {
                        arrayList.add(group.getIdentifier().get(outputGroupSecurityName2));
                    } else {
                        arrayList.add(group.get(outputGroupSecurityName2));
                    }
                }
            }
            return arrayList;
        } catch (WIMException e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, e2.getMessage(), new Object[0]);
            }
            if ((e2 instanceof EntityNotFoundException) || (e2 instanceof InvalidIdentifierException)) {
                throw new EntryNotFoundException(e2.getMessage(), e2);
            }
            throw new RegistryException(e2.getMessage(), e2);
        }
    }

    @FFDCIgnore({WIMException.class})
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public SearchResult getUsersForGroup(String str, int i) throws EntryNotFoundException, RegistryException {
        Root search;
        SearchResult searchResult;
        try {
            this.mappingUtils.validateId(str);
            this.mappingUtils.validateLimit(i);
            IDAndRealm seperateIDAndRealm = this.mappingUtils.seperateIDAndRealm(str);
            Root createRootObject = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject, seperateIDAndRealm.getRealm());
            }
            String id = seperateIDAndRealm.getId();
            String str2 = id.indexOf("'") != -1 ? "\"" : "'";
            String realInputAttrName = this.mappingUtils.getRealInputAttrName(this.propertyMap.getInputGroupSecurityName(seperateIDAndRealm.getRealm()), id, false);
            Root entityByIdentifier = this.mappingUtils.getEntityByIdentifier(createRootObject, realInputAttrName, id, "uniqueName", this.mappingUtils);
            if (entityByIdentifier != null) {
                search = entityByIdentifier;
            } else {
                List<Control> controls = createRootObject.getControls();
                SearchControl searchControl = new SearchControl();
                if (controls != null) {
                    controls.add(searchControl);
                }
                searchControl.setExpression("//entities[@xsi:type='Group' and " + realInputAttrName + "=" + str2 + id + str2 + "]");
                search = this.mappingUtils.getWimService().search(createRootObject);
            }
            List<Entity> entities = search.getEntities();
            if (entities.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            if (entities.size() != 1) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, Tr.formatMessage(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            seperateIDAndRealm.setId(((Group) entities.get(0)).getIdentifier().getUniqueName());
            Root createRootObject2 = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject2, seperateIDAndRealm.getRealm());
            }
            List<Control> controls2 = createRootObject2.getControls();
            GroupMemberControl groupMemberControl = new GroupMemberControl();
            if (controls2 != null) {
                controls2.add(groupMemberControl);
            }
            groupMemberControl.setLevel(this.mappingUtils.getGroupDepth());
            if (!this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()))) {
                groupMemberControl.getProperties().add(this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm()));
            }
            if (i != 0) {
                groupMemberControl.setCountLimit(i + 1);
            } else {
                groupMemberControl.setCountLimit(i);
            }
            groupMemberControl.setExpression("@xsi:type='LoginAccount'");
            List<Entity> entities2 = createRootObject2.getEntities();
            Group group = new Group();
            if (entities2 != null) {
                entities2.add(group);
            }
            IdentifierType identifierType = new IdentifierType();
            identifierType.setUniqueName(seperateIDAndRealm.getId());
            group.setIdentifier(identifierType);
            List<Entity> entities3 = this.mappingUtils.getWimService().get(createRootObject2).getEntities();
            if (entities3.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            List<Entity> members = ((Group) entities3.get(0)).getMembers();
            if (members.isEmpty()) {
                searchResult = new SearchResult(new ArrayList(), false);
            } else {
                String outputUserSecurityName = this.propertyMap.getOutputUserSecurityName(seperateIDAndRealm.getRealm());
                boolean isIdentifierTypeProperty = this.mappingUtils.isIdentifierTypeProperty(outputUserSecurityName);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getUsersForGroup userAttrName=" + outputUserSecurityName + ", isIdentifier=" + isIdentifierTypeProperty, "getUsersForGroup");
                }
                ArrayList arrayList = new ArrayList();
                for (int i2 = 0; i2 < members.size() && (i == 0 || i2 != i); i2++) {
                    Entity entity = members.get(i2);
                    if (isIdentifierTypeProperty) {
                        arrayList.add(entity.getIdentifier().get(outputUserSecurityName));
                    } else {
                        arrayList.add(entity.get(outputUserSecurityName));
                    }
                }
                searchResult = new SearchResult(arrayList, true);
            }
            return searchResult;
        } catch (WIMException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, e.getMessage(), new Object[0]);
            }
            if ((e instanceof EntityNotFoundException) || (e instanceof InvalidIdentifierException)) {
                throw new EntryNotFoundException(e.getMessage(), e);
            }
            throw new RegistryException(e.getMessage(), e);
        }
    }

    @FFDCIgnore({WIMException.class})
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public List getUniqueGroupIds(String str) throws EntryNotFoundException, RegistryException {
        List<Control> controls;
        List<Context> contexts;
        ArrayList arrayList = new ArrayList();
        try {
            this.mappingUtils.validateId(str);
            IDAndRealm seperateIDAndRealm = this.mappingUtils.seperateIDAndRealm(str);
            Root createRootObject = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject, seperateIDAndRealm.getRealm());
                List<Context> contexts2 = createRootObject.getContexts();
                if (contexts2 != null) {
                    Context context = new Context();
                    context.setKey(ConfigConstants.CONFIG_PROP_ALLOW_OPERATION_IF_REPOS_DOWN);
                    context.setValue(Boolean.valueOf(this.mappingUtils.getCoreConfiguration().isAllowOpIfRepoDown(seperateIDAndRealm.getRealm())));
                    contexts2.add(context);
                }
            }
            String id = seperateIDAndRealm.getId();
            String str2 = id.indexOf("'") != -1 ? "\"" : "'";
            String realInputAttrName = this.mappingUtils.getRealInputAttrName(this.propertyMap.getInputUniqueUserId(seperateIDAndRealm.getRealm()), id, true);
            String outputUniqueGroupId = this.propertyMap.getOutputUniqueGroupId(seperateIDAndRealm.getRealm());
            boolean z = this.mappingUtils.allowDNAsPrincipalName;
            if (z && (contexts = createRootObject.getContexts()) != null) {
                Context context2 = new Context();
                context2.setKey(SchemaConstants.ALLOW_DN_PRINCIPALNAME_AS_LITERAL);
                context2.setValue(Boolean.valueOf(z));
                contexts.add(context2);
            }
            Root root = null;
            try {
                root = this.mappingUtils.getEntityByIdentifier(createRootObject, realInputAttrName, id, outputUniqueGroupId, this.mappingUtils);
            } catch (WIMException e) {
                if (!z) {
                    throw e;
                }
            }
            if (root == null) {
                List<Control> controls2 = createRootObject.getControls();
                SearchControl searchControl = new SearchControl();
                if (controls2 != null) {
                    controls2.add(searchControl);
                }
                List<Context> contexts3 = createRootObject.getContexts();
                if (contexts3 != null) {
                    Context context3 = new Context();
                    context3.setKey(ConfigConstants.CONFIG_PROP_ALLOW_OPERATION_IF_REPOS_DOWN);
                    context3.setValue(Boolean.valueOf(this.mappingUtils.getCoreConfiguration().isAllowOpIfRepoDown(seperateIDAndRealm.getRealm())));
                    contexts3.add(context3);
                }
                if (z) {
                    realInputAttrName = "principalName";
                }
                searchControl.setExpression("//entities[@xsi:type='LoginAccount' and " + realInputAttrName + "=" + str2 + id + str2 + "]");
                List<Entity> entities = this.mappingUtils.getWimService().search(createRootObject).getEntities();
                if (entities.isEmpty()) {
                    if (tc.isErrorEnabled()) {
                        Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                    }
                    throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
                }
                if (entities.size() != 1) {
                    if (tc.isErrorEnabled()) {
                        Tr.error(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str));
                    }
                    throw new EntityNotFoundException(WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, Tr.formatMessage(tc, WIMMessageKey.MULTIPLE_PRINCIPALS_FOUND, WIMMessageHelper.generateMsgParms(str)));
                }
                seperateIDAndRealm.setId(entities.get(0).getIdentifier().getUniqueName());
            }
            Root createRootObject2 = this.mappingUtils.getWimService().createRootObject();
            if (seperateIDAndRealm.isRealmDefined()) {
                this.mappingUtils.createRealmDataObject(createRootObject2, seperateIDAndRealm.getRealm());
                List<Context> contexts4 = createRootObject2.getContexts();
                if (contexts4 != null) {
                    Context context4 = new Context();
                    context4.setKey(ConfigConstants.CONFIG_PROP_ALLOW_OPERATION_IF_REPOS_DOWN);
                    context4.setValue(Boolean.valueOf(this.mappingUtils.getCoreConfiguration().isAllowOpIfRepoDown(seperateIDAndRealm.getRealm())));
                    contexts4.add(context4);
                }
            }
            List<Control> controls3 = createRootObject2.getControls();
            GroupMembershipControl groupMembershipControl = new GroupMembershipControl();
            if (controls3 != null) {
                controls3.add(groupMembershipControl);
            }
            if (!this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getOutputUniqueGroupId(seperateIDAndRealm.getRealm()))) {
                groupMembershipControl.getProperties().add(this.propertyMap.getOutputUniqueGroupId(seperateIDAndRealm.getRealm()));
            }
            groupMembershipControl.setLevel(this.mappingUtils.getGroupDepth());
            groupMembershipControl.setExpression("@xsi:type='Group'");
            List<Entity> entities2 = createRootObject2.getEntities();
            LoginAccount loginAccount = new LoginAccount();
            if (entities2 != null) {
                entities2.add(loginAccount);
            }
            IdentifierType identifierType = new IdentifierType();
            if (this.mappingUtils.isIdentifierTypeProperty(this.propertyMap.getInputUniqueUserId(seperateIDAndRealm.getRealm()))) {
                identifierType.set(this.propertyMap.getInputUniqueUserId(seperateIDAndRealm.getRealm()), seperateIDAndRealm.getId());
                loginAccount.setIdentifier(identifierType);
                if (this.propertyMap.getInputUniqueUserId(seperateIDAndRealm.getRealm()).equals(SchemaConstants.PROP_EXTERNAL_NAME) && (controls = createRootObject2.getControls()) != null) {
                    controls.add(new ExternalNameControl());
                }
            } else {
                identifierType.setUniqueName(seperateIDAndRealm.getId());
                loginAccount.setIdentifier(identifierType);
            }
            List<Entity> entities3 = this.mappingUtils.getWimService().get(createRootObject2).getEntities();
            if (entities3.isEmpty()) {
                if (tc.isErrorEnabled()) {
                    Tr.error(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str));
                }
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str)));
            }
            List<Group> groups = entities3.get(0).getGroups();
            if (!groups.isEmpty()) {
                String outputUniqueGroupId2 = this.propertyMap.getOutputUniqueGroupId(seperateIDAndRealm.getRealm());
                boolean isIdentifierTypeProperty = this.mappingUtils.isIdentifierTypeProperty(outputUniqueGroupId2);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getUniqueGroupIds grpAttrName=" + outputUniqueGroupId2 + ", isIdentifier=" + isIdentifierTypeProperty, "getUniqueGroupIds");
                }
                for (int i = 0; i < groups.size(); i++) {
                    Group group = groups.get(i);
                    if (isIdentifierTypeProperty) {
                        arrayList.add(group.getIdentifier().get(outputUniqueGroupId2));
                    } else {
                        arrayList.add(group.get(outputUniqueGroupId2));
                    }
                }
            }
            return arrayList;
        } catch (WIMException e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getUniqueGroupIds " + e2.getMessage(), new Object[0]);
            }
            if (e2 instanceof EntityNotFoundException) {
                throw new EntryNotFoundException(e2.getMessage(), e2);
            }
            if (e2 instanceof InvalidUniqueNameException) {
                throw new EntryNotFoundException(e2.getMessage(), e2);
            }
            if (e2 instanceof InvalidIdentifierException) {
                throw new EntryNotFoundException(e2.getMessage(), e2);
            }
            throw new RegistryException(e2.getMessage(), e2);
        }
    }
}
