package com.ibm.ccl.soa.deploy.was.internal.j2ee.validator;

import com.ibm.ccl.soa.deploy.core.Constraint;
import com.ibm.ccl.soa.deploy.core.DeployModelObject;
import com.ibm.ccl.soa.deploy.core.HostingLink;
import com.ibm.ccl.soa.deploy.core.Unit;
import com.ibm.ccl.soa.deploy.core.constraint.ShortConstraintDescriptor;
import com.ibm.ccl.soa.deploy.core.util.RealizationLinkUtil;
import com.ibm.ccl.soa.deploy.core.validator.ValidatorUtils;
import com.ibm.ccl.soa.deploy.core.validator.constraints.ConstraintValidator;
import com.ibm.ccl.soa.deploy.core.validator.status.DeployCoreStatusFactory;
import com.ibm.ccl.soa.deploy.internal.core.DeployCoreMessages;
import com.ibm.ccl.soa.deploy.internal.core.validator.status.DeployAttributeStatus;
import com.ibm.ccl.soa.deploy.j2ee.J2EESecurityRole;
import com.ibm.ccl.soa.deploy.j2ee.J2eePackage;
import com.ibm.ccl.soa.deploy.os.OperatingSystemUnit;
import com.ibm.ccl.soa.deploy.os.OsPackage;
import com.ibm.ccl.soa.deploy.os.User;
import com.ibm.ccl.soa.deploy.os.UserGroup;
import com.ibm.ccl.soa.deploy.os.UserGroupUnit;
import com.ibm.ccl.soa.deploy.os.UserUnit;
import com.ibm.ccl.soa.deploy.was.WasClusterUnit;
import com.ibm.ccl.soa.deploy.was.WasDefaultSecuritySubjectEnum;
import com.ibm.ccl.soa.deploy.was.WasPackage;
import com.ibm.ccl.soa.deploy.was.WasSecurity;
import com.ibm.ccl.soa.deploy.was.WasSecuritySubjectConstraint;
import com.ibm.ccl.soa.deploy.was.WasUserRegistryTypes;
import com.ibm.ccl.soa.deploy.was.WebsphereAppServerUnit;
import com.ibm.ccl.soa.deploy.was.internal.validator.WasDomainMessages;
import com.ibm.ccl.soa.deploy.was.util.jdbcprovider.WebsphereContext;
import com.ibm.ccl.soa.deploy.was.validator.IWASProblemType;
import com.ibm.ccl.soa.deploy.was.validator.IWasValidatorID;
import java.util.ArrayList;
import java.util.List;
import org.eclipse.core.runtime.IProgressMonitor;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.MultiStatus;

/* loaded from: input_file:topology-was-runtime.jar:com/ibm/ccl/soa/deploy/was/internal/j2ee/validator/WasSecuritySubjectConstraintValidator.class */
public class WasSecuritySubjectConstraintValidator extends ConstraintValidator {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:topology-was-runtime.jar:com/ibm/ccl/soa/deploy/was/internal/j2ee/validator/WasSecuritySubjectConstraintValidator$ServerSecuritySettings.class */
    public class ServerSecuritySettings {
        private WasUserRegistryTypes userRegistry;
        private boolean securityEnabled;
        private IStatus resultStatus;

        public ServerSecuritySettings(WebsphereAppServerUnit websphereAppServerUnit) {
            this.userRegistry = null;
            this.securityEnabled = false;
            this.resultStatus = null;
            WasSecurity wasSecurity = (WasSecurity) ValidatorUtils.getCapability(websphereAppServerUnit, WasPackage.Literals.WAS_SECURITY);
            if (wasSecurity != null) {
                this.userRegistry = wasSecurity.getActiveUserRegistry();
                this.securityEnabled = wasSecurity.isGlobalSecurityEnabled();
            } else {
                this.resultStatus = WasSecuritySubjectConstraintValidator.addStatus(this.resultStatus, DeployCoreStatusFactory.INSTANCE.createDeployStatus(2, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_UNDEFINED_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_UNDEFINED, WasDomainMessages.WasJ2eeValidator_Server_Security_Properties_Not_Specified, new Object[0], websphereAppServerUnit));
                this.securityEnabled = false;
                this.userRegistry = WasUserRegistryTypes.OS_LITERAL;
            }
        }

        public WasUserRegistryTypes getUserRegistryType() {
            return this.userRegistry;
        }

        public boolean isSecurityEnabled() {
            return this.securityEnabled;
        }

        public IStatus getSecurityStatus() {
            return this.resultStatus;
        }
    }

    public boolean isPlacementValidOnDMO(DeployModelObject deployModelObject) {
        return isValidPlacement(deployModelObject);
    }

    protected boolean isValidPlacement(DeployModelObject deployModelObject) {
        if (!J2eePackage.Literals.J2EE_SECURITY_ROLE.isSuperTypeOf(deployModelObject.getEObject().eClass())) {
            return false;
        }
        J2EESecurityRole j2EESecurityRole = (J2EESecurityRole) deployModelObject;
        if (j2EESecurityRole.getParent() == null) {
            return false;
        }
        return WasJ2eeValidatorUtils.isJ2eeHostedOnWas(j2EESecurityRole);
    }

    public IStatus validate(Constraint constraint, DeployModelObject deployModelObject, IProgressMonitor iProgressMonitor) {
        IStatus iStatus = null;
        if (!WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT.isSuperTypeOf(constraint.getEObject().eClass())) {
            return DeployCoreStatusFactory.INSTANCE.getOKStatus();
        }
        WasSecuritySubjectConstraint wasSecuritySubjectConstraint = (WasSecuritySubjectConstraint) constraint;
        if (!isValidPlacement(deployModelObject)) {
            return DeployCoreStatusFactory.INSTANCE.createDeployStatus(2, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_INVALID_CONTEXT_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_INVALID_CONTEXT, WasDomainMessages.WasJ2eeValidator_WasSecuritySubjectConstraint_In_Invalid_Context, new Object[0], wasSecuritySubjectConstraint);
        }
        HostingLink findHostingLink = WasJ2eeValidatorUtils.findHostingLink(deployModelObject);
        if (findHostingLink != null) {
            Unit finalRealization = RealizationLinkUtil.getFinalRealization(findHostingLink.getTarget());
            Unit finalRealization2 = RealizationLinkUtil.getFinalRealization(findHostingLink.getSource());
            J2EESecurityRole parent = wasSecuritySubjectConstraint.getParent();
            String wasSecuritySubject = wasSecuritySubjectConstraint.getWasSecuritySubject();
            if (wasSecuritySubject == null) {
                iStatus = addStatus(null, new DeployAttributeStatus(4, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NULL_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NULL, WasDomainMessages.WasJ2eeValidator_Constraint_Attribute_Undefined_0, new String[]{WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT.getName()}, wasSecuritySubjectConstraint, WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT));
            }
            if (iStatus != null) {
                return iStatus;
            }
            iStatus = addStatus(iStatus, validateWasSecuritySubject(parent.getRole(), finalRealization, wasSecuritySubject, finalRealization2, wasSecuritySubjectConstraint));
        }
        return iStatus == null ? DeployCoreStatusFactory.INSTANCE.getOKStatus() : iStatus;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static IStatus addStatus(IStatus iStatus, IStatus iStatus2) {
        if (iStatus2 != null && iStatus2.getSeverity() != 0) {
            if (iStatus == null) {
                iStatus = iStatus2;
            } else if (iStatus instanceof MultiStatus) {
                ((MultiStatus) iStatus).add(iStatus2);
            } else {
                iStatus = new MultiStatus("com.ibm.ccl.soa.deploy.core", 0, new IStatus[]{iStatus, iStatus2}, DeployCoreMessages.Model_consistency_status_message, (Throwable) null);
            }
        }
        return iStatus;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private IStatus validateWasSecuritySubject(String str, Unit unit, String str2, Unit unit2, Constraint constraint) {
        List arrayList;
        IStatus iStatus = null;
        int i = 0;
        if (unit2 instanceof WasClusterUnit) {
            arrayList = WebsphereContext.getMembers(unit2, WasPackage.Literals.WEBSPHERE_APP_SERVER_UNIT, unit2.getEditTopology());
        } else if (unit2 instanceof WebsphereAppServerUnit) {
            arrayList = new ArrayList();
            arrayList.add(unit2);
        } else {
            arrayList = new ArrayList();
        }
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            WebsphereAppServerUnit websphereAppServerUnit = (Unit) arrayList.get(i2);
            ServerSecuritySettings serverSecuritySettings = new ServerSecuritySettings(websphereAppServerUnit);
            iStatus = addStatus(iStatus, serverSecuritySettings.getSecurityStatus());
            if (serverSecuritySettings.isSecurityEnabled()) {
                i++;
                iStatus = addStatus(iStatus, validateWasSecuritySubjectOnServer(str2, websphereAppServerUnit, serverSecuritySettings.getUserRegistryType(), constraint));
            }
        }
        if (i < arrayList.size() && i > 0) {
            iStatus = addStatus(iStatus, DeployCoreStatusFactory.INSTANCE.createDeployStatus(2, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_INCONSISTENT_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_INCONSISTENT, WasDomainMessages.WasJ2eeValidator_Server_Security_Inconsistent, new Object[0], constraint));
        }
        return iStatus == null ? DeployCoreStatusFactory.INSTANCE.getOKStatus() : iStatus;
    }

    private IStatus validateWasSecuritySubjectOnServer(String str, WebsphereAppServerUnit websphereAppServerUnit, WasUserRegistryTypes wasUserRegistryTypes, Constraint constraint) {
        IStatus iStatus = null;
        if (WasDefaultSecuritySubjectEnum.EVERYONE_LITERAL.toString().equalsIgnoreCase(str) || WasDefaultSecuritySubjectEnum.ALL_AUTHENTICATED_LITERAL.toString().equalsIgnoreCase(str)) {
            return DeployCoreStatusFactory.INSTANCE.getOKStatus();
        }
        IStatus validateWasSecuritySubjectUsingOs = wasUserRegistryTypes.equals(WasUserRegistryTypes.OS_LITERAL) ? validateWasSecuritySubjectUsingOs(str, websphereAppServerUnit, constraint) : wasUserRegistryTypes.equals(WasUserRegistryTypes.LDAP_LITERAL) ? new DeployAttributeStatus(4, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND, WasDomainMessages.WasJ2eeValidator_Required_Security_Subject_Not_Found_Reason_Registry_0, new String[]{str}, constraint, WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT) : wasUserRegistryTypes.equals(WasUserRegistryTypes.CUSTOM_LITERAL) ? new DeployAttributeStatus(4, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND, WasDomainMessages.WasJ2eeValidator_Required_Security_Subject_Not_Found_Reason_Registry_0, new String[]{str}, constraint, WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT) : new DeployAttributeStatus(4, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND, WasDomainMessages.WasJ2eeValidator_Required_Security_Subject_Not_Found_Reason_Registry_0, new String[]{str}, constraint, WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT);
        if (validateWasSecuritySubjectUsingOs != null) {
            iStatus = addStatus(null, validateWasSecuritySubjectUsingOs);
        }
        return iStatus == null ? DeployCoreStatusFactory.INSTANCE.getOKStatus() : iStatus;
    }

    private IStatus validateWasSecuritySubjectUsingOs(String str, WebsphereAppServerUnit websphereAppServerUnit, Constraint constraint) {
        OperatingSystemUnit discoverHostInStack = ValidatorUtils.discoverHostInStack(websphereAppServerUnit, OsPackage.Literals.OPERATING_SYSTEM_UNIT, (IProgressMonitor) null);
        if (discoverHostInStack == null) {
            return new DeployAttributeStatus(2, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND, WasDomainMessages.WasJ2eeValidator_Required_Security_Subject_Not_Found_Reason_Os_0, new String[]{str}, constraint, WasPackage.Literals.WAS_SECURITY_SUBJECT_CONSTRAINT__WAS_SECURITY_SUBJECT);
        }
        List hosted = ValidatorUtils.getHosted(discoverHostInStack, OsPackage.Literals.USER_GROUP_UNIT);
        for (int i = 0; i < hosted.size(); i++) {
            if (isSubjectGroup(str, (UserGroupUnit) hosted.get(i))) {
                return DeployCoreStatusFactory.INSTANCE.getOKStatus();
            }
        }
        List hosted2 = ValidatorUtils.getHosted(discoverHostInStack, OsPackage.Literals.USER_UNIT);
        for (int i2 = 0; i2 < hosted2.size(); i2++) {
            if (isSubjectUser(str, (UserUnit) hosted2.get(i2))) {
                return DeployCoreStatusFactory.INSTANCE.getOKStatus();
            }
        }
        return DeployCoreStatusFactory.INSTANCE.createDeployStatus(2, IWasValidatorID.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND_VALIDATOR_001, IWASProblemType.WAS_SECURITY_SUBJECT_CONSTRAINT_WAS_SECURITY_SUBJECT_NOT_FOUND, WasDomainMessages.WasJ2eeValidator_Required_Security_Subject_Not_Found_Reason_NotFound_0, new Object[]{str}, constraint);
    }

    private boolean isSubjectUser(String str, UserUnit userUnit) {
        User capability;
        if (str == null || (capability = ValidatorUtils.getCapability(userUnit, OsPackage.Literals.USER)) == null) {
            return false;
        }
        return str.equals(capability.getUserId());
    }

    private boolean isSubjectGroup(String str, UserGroupUnit userGroupUnit) {
        UserGroup capability;
        if (str == null || (capability = ValidatorUtils.getCapability(userGroupUnit, OsPackage.Literals.USER_GROUP)) == null) {
            return false;
        }
        return str.equals(capability.getGroupName());
    }

    public boolean canValidateConstraint(Constraint constraint) {
        return constraint instanceof WasSecuritySubjectConstraint;
    }

    public List<ShortConstraintDescriptor> applicableConstraints(Constraint constraint, List<ShortConstraintDescriptor> list) {
        return EMPTY_CONSTRAINT_LIST;
    }

    public DeployModelObject getContextForChildConstraints(Constraint constraint) {
        return null;
    }

    public String title(Constraint constraint) {
        if (constraint == null) {
            return DeployCoreMessages.null_value;
        }
        StringBuffer stringBuffer = new StringBuffer(computeTypeName(constraint));
        String displayName = constraint.getDisplayName();
        if (displayName != null && displayName.trim().length() > 0) {
            stringBuffer.append(' ').append('(').append(displayName.trim()).append(')');
        }
        String wasSecuritySubject = ((WasSecuritySubjectConstraint) constraint).getWasSecuritySubject();
        if (wasSecuritySubject != null && wasSecuritySubject.length() > 0) {
            stringBuffer.append(" = ").append(wasSecuritySubject);
        }
        return stringBuffer.toString();
    }
}
