package com.ibm.ws.security.admintask;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.models.config.rolebasedauthz.AuthorizationTableExt;
import com.ibm.websphere.models.config.rolebasedauthz.RoleAssignmentExt;
import com.ibm.websphere.models.config.rolebasedauthz.SecurityRoleExt;
import com.ibm.websphere.models.config.rolebasedauthz.UserExt;
import com.ibm.websphere.models.config.rolebasedauthz.impl.RolebasedauthzFactoryImpl;
import com.ibm.ws.management.application.AppUtils;
import com.ibm.ws.management.configservice.WorkspaceHelper;
import com.ibm.ws.profile.WSProfileConstants;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import com.ibm.ws.webservices.wssecurity.KRBConstants;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.ObjectName;
import javax.management.QueryExp;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.resource.Resource;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/AddToAdminAuthz.class */
public class AddToAdminAuthz extends AbstractTaskCommand {
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(AddToAdminAuthz.class, "AddToAdminAuthz", "com.ibm.ws.security.admintask");
    private String adminUser;
    private String registryType;
    ConfigService cs;
    Session session;
    static final String ldapUR = "LDAPUserRegistry";
    static final String wimUR = "WIMUserRegistry";
    static final String customUR = "CustomUserRegistry";
    static final String localOSUR = "LocalOSUserRegistry";

    public AddToAdminAuthz(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.adminUser = null;
        this.registryType = null;
        this.cs = null;
        this.session = null;
    }

    public AddToAdminAuthz(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.adminUser = null;
        this.registryType = null;
        this.cs = null;
        this.session = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    private AuthorizationTableExt getAuthTable(Session session, String str, WorkSpace workSpace) throws WorkSpaceException, Exception {
        r12 = null;
        RepositoryContext findContext = AppUtils.findContext("cells", str, (String) null, (RepositoryContext) null, workSpace, true);
        findContext.extract("admin-authz.xml", false);
        Resource createResource = findContext.getResourceSet().createResource(URI.createURI("admin-authz.xml"));
        createResource.load(new HashMap());
        for (AuthorizationTableExt authorizationTableExt : createResource.getContents()) {
            if (authorizationTableExt.getContext().equals("domain")) {
                break;
            }
        }
        return authorizationTableExt;
    }

    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        this.adminUser = (String) getParameter(WSProfileConstants.S_ADMIN_USER_ARG);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AuditConstants.VALIDATE);
        }
    }

    protected void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResult = getTaskCommandResult();
        if (!taskCommandResult.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "unsuccessful at getting TaskCommandResultImpl afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            ObjectName createObjectName = ConfigServiceHelper.createObjectName((ConfigDataId) null, KRBConstants.ELM_SECURITY);
            ConfigService configService = ConfigServiceFactory.getConfigService();
            this.session = getConfigSession();
            ObjectName objectName = configService.resolve(this.session, "Cell=")[0];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "cell = " + objectName.toString());
            }
            if (objectName != null) {
                ObjectName objectName2 = configService.queryConfigObjects(this.session, objectName, createObjectName, (QueryExp) null)[0];
            }
            String substring = objectName.toString().substring(objectName.toString().indexOf("_Websphere_Config_Data_Display_Name"));
            String substring2 = substring.substring(0, substring.indexOf(","));
            String substring3 = substring2.substring(substring2.indexOf("=") + 1);
            WorkSpace workspace = WorkspaceHelper.getWorkspace(this.session);
            RolebasedauthzFactoryImpl rolebasedauthzFactoryImpl = new RolebasedauthzFactoryImpl();
            boolean z = false;
            try {
                AuthorizationTableExt authTable = getAuthTable(this.session, substring3, workspace);
                if (authTable != null) {
                    EList<RoleAssignmentExt> authorizations = authTable.getAuthorizations();
                    for (RoleAssignmentExt roleAssignmentExt : authorizations) {
                        if (roleAssignmentExt != null && roleAssignmentExt.getRole().getRoleName().equals(Constants.ADMIN_ROLE)) {
                            Iterator it = roleAssignmentExt.getUsers().iterator();
                            while (it.hasNext()) {
                                if (((UserExt) it.next()).getName().equals(this.adminUser)) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "found user " + this.adminUser + " in admin-authz.xml");
                                    }
                                    z = true;
                                    taskCommandResult.setResult(new Boolean(true));
                                }
                            }
                        }
                    }
                    if (!z) {
                        for (RoleAssignmentExt roleAssignmentExt2 : authorizations) {
                            if (roleAssignmentExt2 != null) {
                                SecurityRoleExt role = roleAssignmentExt2.getRole();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "role.getRoleName = " + role.getRoleName());
                                }
                                if (role.getRoleName().equals(Constants.ADMIN_ROLE)) {
                                    UserExt createUserExt = rolebasedauthzFactoryImpl.createUserExt();
                                    createUserExt.setName(this.adminUser);
                                    roleAssignmentExt2.getUsers().add(createUserExt);
                                } else if (role.getRoleName().equals(Constants.ADMINSECURITY_ROLE)) {
                                    UserExt createUserExt2 = rolebasedauthzFactoryImpl.createUserExt();
                                    createUserExt2.setName(this.adminUser);
                                    roleAssignmentExt2.getUsers().add(createUserExt2);
                                }
                            }
                        }
                    }
                    AppUtils.findContext("cells", substring3, (String) null, (RepositoryContext) null, workspace, true).getResourceSet().getResource(URI.createURI("admin-authz.xml"), false).save(new HashMap());
                }
                taskCommandResult.setResult(new Boolean(true));
            } catch (WorkSpaceException e) {
                e.printStackTrace();
                taskCommandResult.setException(new CommandException(e, getMsg(resBundle, "security.admintask.WorkSpaceFailAddUsertoAdminAuthz", null)));
                taskCommandResult.setResult(new Boolean(false));
            } catch (Exception e2) {
                e2.printStackTrace();
                taskCommandResult.setException(new CommandException(e2, getMsg(resBundle, "security.admintask.FailAddUsertoAdminAuthz", null)));
                taskCommandResult.setResult(new Boolean(false));
            }
        } catch (Throwable th) {
            String msg = getMsg(resBundle, "security.admintask.FailAccesstoSecWS", null);
            taskCommandResult.addWarnings(msg);
            taskCommandResult.setResult(new Boolean(false));
            taskCommandResult.setException(new CommandException(msg));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }
}
