package com.ibm.ws.console.core.action;

import com.ibm.ejs.models.base.bindings.applicationbnd.AllAuthenticatedUsers;
import com.ibm.ejs.models.base.bindings.applicationbnd.ApplicationBinding;
import com.ibm.ejs.models.base.bindings.applicationbnd.AuthorizationTable;
import com.ibm.ejs.models.base.bindings.applicationbnd.Everyone;
import com.ibm.ejs.models.base.bindings.applicationbnd.Group;
import com.ibm.ejs.models.base.bindings.applicationbnd.RoleAssignment;
import com.ibm.ejs.models.base.bindings.applicationbnd.SpecialSubject;
import com.ibm.ejs.models.base.bindings.applicationbnd.impl.ApplicationbndFactoryImpl;
import com.ibm.etools.emf.ref.EList;
import com.ibm.etools.emf.resource.Resource;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.models.config.rolebasedauthz.AllAuthenticatedUsersExt;
import com.ibm.websphere.models.config.rolebasedauthz.AuthorizationTableExt;
import com.ibm.websphere.models.config.rolebasedauthz.EveryoneExt;
import com.ibm.websphere.models.config.rolebasedauthz.GroupExt;
import com.ibm.websphere.models.config.rolebasedauthz.RoleAssignmentExt;
import com.ibm.websphere.models.config.rolebasedauthz.SecurityRoleExt;
import com.ibm.websphere.models.config.rolebasedauthz.SpecialSubjectExt;
import com.ibm.websphere.models.config.rolebasedauthz.impl.RolebasedauthzFactoryImpl;
import com.ibm.websphere.security.Result;
import com.ibm.ws.console.core.ConfigFileHelper;
import com.ibm.ws.console.core.Constants;
import com.ibm.ws.console.core.error.IBMErrorMessage;
import com.ibm.ws.console.core.form.GroupDetailForm;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import java.io.IOException;
import java.util.Iterator;
import java.util.Locale;
import javax.management.ObjectName;
import javax.management.QueryExp;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.util.MessageResources;

/* JADX WARN: Classes with same name are omitted:
  input_file:efixes/pq71511/components/webui/update.jar:/adminconsole.ear/adminconsole.war/WEB-INF/lib/core_module.jarcom/ibm/ws/console/core/action/GroupDetailAction.class
  input_file:efixes/pq71511/components/webui/update.jar:/applications/adminconsole.ear/adminconsole.war/WEB-INF/lib/core_module.jarcom/ibm/ws/console/core/action/GroupDetailAction.class
 */
/* loaded from: input_file:efixes/pq71511/components/webui/update.jar:/installable/adminconsole.ear/adminconsole.war/WEB-INF/lib/core_module.jarcom/ibm/ws/console/core/action/GroupDetailAction.class */
public class GroupDetailAction extends Action {
    public ActionForward perform(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!ConfigFileHelper.isSessionValid(httpServletRequest)) {
            return actionMapping.findForward(ConfigFileHelper.getSessionInvalidMappingName());
        }
        boolean z = true;
        if (httpServletRequest.getParameter("type").equals("naming")) {
            z = false;
        }
        HttpSession session = httpServletRequest.getSession();
        String action = getAction(httpServletRequest);
        GroupDetailForm groupDetailForm = (GroupDetailForm) actionForm;
        WorkSpace workSpace = (WorkSpace) session.getAttribute(Constants.WORKSPACE_KEY);
        ActionForward actionForward = null;
        Locale locale = (Locale) session.getAttribute("org.apache.struts.action.LOCALE");
        MessageResources messageResources = (MessageResources) ((Action) this).servlet.getServletContext().getAttribute("org.apache.struts.action.MESSAGE");
        if (action.equals("apply")) {
            if (groupDetailForm.getRole() == null || groupDetailForm.getRole().length < 1) {
                httpServletRequest.setAttribute("org.apache.struts.action.ERROR", new IBMErrorMessage[]{new IBMErrorMessage(messageResources.getMessage(locale, "error.role.not.selected"), false)});
                return actionMapping.findForward(groupDetailForm.getAction());
            }
            if (!groupDetailForm.getAction().equals("add")) {
                if (groupDetailForm.getGroup().equals("EVERYONE") || groupDetailForm.getGroup().equals("ALL_AUTHENTICATED")) {
                    groupDetailForm.setSpecialSubject(groupDetailForm.getGroup());
                    addUpdateSpecialSubject(groupDetailForm, workSpace, session, z);
                } else {
                    addUpdateGroup(groupDetailForm, workSpace, session, z);
                }
                actionForward = actionMapping.findForward("edit");
            } else if (!groupDetailForm.getSelectType().equals("group")) {
                addUpdateSpecialSubject(groupDetailForm, workSpace, session, z);
                actionForward = actionMapping.findForward("edit");
            } else if (getGroupCount(groupDetailForm.getGroup()) < 1) {
                httpServletRequest.setAttribute("org.apache.struts.action.ERROR", new IBMErrorMessage[]{new IBMErrorMessage(messageResources.getMessage(locale, "error.group.not.found"), false)});
                actionForward = actionMapping.findForward(groupDetailForm.getAction());
            } else {
                addUpdateGroup(groupDetailForm, workSpace, session, z);
                actionForward = actionMapping.findForward("edit");
            }
        } else if (action.equals("save")) {
            if (groupDetailForm.getRole() == null || groupDetailForm.getRole().length < 1) {
                httpServletRequest.setAttribute("org.apache.struts.action.ERROR", new IBMErrorMessage[]{new IBMErrorMessage(messageResources.getMessage(locale, "error.role.not.selected"), false)});
                return actionMapping.findForward(groupDetailForm.getAction());
            }
            if (groupDetailForm.getAction().equals("add")) {
                if (!groupDetailForm.getSelectType().equals("group")) {
                    addUpdateSpecialSubject(groupDetailForm, workSpace, session, z);
                } else if (getGroupCount(groupDetailForm.getGroup()) < 1) {
                    httpServletRequest.setAttribute("org.apache.struts.action.ERROR", new IBMErrorMessage[]{new IBMErrorMessage(messageResources.getMessage(locale, "error.group.not.found"), false)});
                } else {
                    addUpdateGroup(groupDetailForm, workSpace, session, z);
                }
            } else if (groupDetailForm.getGroup().equals("EVERYONE") || groupDetailForm.getGroup().equals("ALL_AUTHENTICATED")) {
                groupDetailForm.setSpecialSubject(groupDetailForm.getGroup());
                addUpdateSpecialSubject(groupDetailForm, workSpace, session, z);
            } else {
                addUpdateGroup(groupDetailForm, workSpace, session, z);
            }
            actionForward = actionMapping.findForward("success");
        } else if (action.equals("cancel")) {
            actionForward = actionMapping.findForward("success");
        }
        return actionForward;
    }

    protected String getAction(HttpServletRequest httpServletRequest) {
        String str = "apply";
        if (httpServletRequest.getParameter("apply") != null) {
            str = "apply";
        } else if (httpServletRequest.getParameter("save") != null) {
            str = "save";
        } else if (httpServletRequest.getParameter("org.apache.struts.taglib.html.CANCEL") != null) {
            str = "cancel";
        }
        return str;
    }

    private void addUpdateGroup(GroupDetailForm groupDetailForm, WorkSpace workSpace, HttpSession httpSession, boolean z) {
        if (groupDetailForm.getGroup().equals("")) {
            return;
        }
        RolebasedauthzFactoryImpl rolebasedauthzFactoryImpl = new RolebasedauthzFactoryImpl();
        try {
            AuthorizationTableExt authTable = getAuthTable(httpSession, z);
            if (authTable != null) {
                EList<RoleAssignmentExt> authorizations = authTable.getAuthorizations();
                for (RoleAssignmentExt roleAssignmentExt : authorizations) {
                    if (roleAssignmentExt != null) {
                        roleAssignmentExt.getRole();
                        Iterator it = roleAssignmentExt.getGroups().iterator();
                        while (it.hasNext()) {
                            GroupExt groupExt = (GroupExt) it.next();
                            if (groupExt.getName().equals(groupDetailForm.getGroup())) {
                                it.remove();
                                if (z) {
                                    removeGroupFromBindings(groupExt.getName(), workSpace, httpSession);
                                }
                            }
                        }
                    }
                }
                for (String str : groupDetailForm.getRole()) {
                    for (RoleAssignmentExt roleAssignmentExt2 : authorizations) {
                        if (roleAssignmentExt2 != null) {
                            SecurityRoleExt role = roleAssignmentExt2.getRole();
                            if (role.getRoleName().equals(str)) {
                                GroupExt createGroupExt = rolebasedauthzFactoryImpl.createGroupExt();
                                createGroupExt.setName(groupDetailForm.getGroup());
                                roleAssignmentExt2.getGroups().add(createGroupExt);
                                if (z) {
                                    addGroupToBindings(createGroupExt.getName(), role, workSpace, httpSession);
                                }
                            }
                        }
                    }
                }
                ((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getResourceSet().getResource(z ? "admin-authz.xml" : "naming-authz.xml").save();
            }
        } catch (WorkSpaceException e) {
            e.printStackTrace();
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    private void removeGroupFromBindings(String str, WorkSpace workSpace, HttpSession httpSession) {
        try {
            RepositoryContext findContext = workSpace.findContext(new StringBuffer().append("cells/").append(((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getName()).append("/applications/adminconsole.ear/deployments/adminconsole").toString());
            findContext.extract("META-INF/ibm-application-bnd.xmi", false);
            Resource load = findContext.getResourceSet().load("META-INF/ibm-application-bnd.xmi");
            AuthorizationTable authorizationTable = ((ApplicationBinding) load.getExtent().get(0)).getAuthorizationTable();
            if (authorizationTable != null) {
                Iterator it = authorizationTable.getAuthorizations().iterator();
                while (it.hasNext()) {
                    Iterator it2 = ((RoleAssignment) it.next()).getGroups().iterator();
                    while (true) {
                        if (it2.hasNext()) {
                            if (((Group) it2.next()).getName().equals(str)) {
                                it2.remove();
                                break;
                            }
                        }
                    }
                }
                load.save();
            }
        } catch (Exception e) {
            e.printStackTrace();
        } catch (WorkSpaceException e2) {
            e2.printStackTrace();
        }
    }

    private void addGroupToBindings(String str, SecurityRoleExt securityRoleExt, WorkSpace workSpace, HttpSession httpSession) {
        ApplicationbndFactoryImpl applicationbndFactoryImpl = new ApplicationbndFactoryImpl();
        try {
            RepositoryContext findContext = workSpace.findContext(new StringBuffer().append("cells/").append(((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getName()).append("/applications/adminconsole.ear/deployments/adminconsole").toString());
            findContext.extract("META-INF/ibm-application-bnd.xmi", false);
            Resource load = findContext.getResourceSet().load("META-INF/ibm-application-bnd.xmi");
            AuthorizationTable authorizationTable = ((ApplicationBinding) load.getExtent().get(0)).getAuthorizationTable();
            if (authorizationTable != null) {
                for (RoleAssignment roleAssignment : authorizationTable.getAuthorizations()) {
                    if (roleAssignment.getRole().getRoleName().equals(securityRoleExt.getRoleName())) {
                        Group createGroup = applicationbndFactoryImpl.createGroup();
                        createGroup.setName(str);
                        roleAssignment.getGroups().add(createGroup);
                    }
                }
                load.save();
            }
        } catch (Exception e) {
            e.printStackTrace();
        } catch (WorkSpaceException e2) {
            e2.printStackTrace();
        }
    }

    private void addUpdateSpecialSubject(GroupDetailForm groupDetailForm, WorkSpace workSpace, HttpSession httpSession, boolean z) {
        RolebasedauthzFactoryImpl rolebasedauthzFactoryImpl = new RolebasedauthzFactoryImpl();
        try {
            AuthorizationTableExt authTable = getAuthTable(httpSession, z);
            if (authTable != null) {
                EList<RoleAssignmentExt> authorizations = authTable.getAuthorizations();
                for (RoleAssignmentExt roleAssignmentExt : authorizations) {
                    if (roleAssignmentExt != null) {
                        roleAssignmentExt.getRole();
                        Iterator it = roleAssignmentExt.getSpecialSubjects().iterator();
                        while (it.hasNext()) {
                            SpecialSubjectExt specialSubjectExt = (SpecialSubjectExt) it.next();
                            if ((specialSubjectExt instanceof EveryoneExt) && groupDetailForm.getSpecialSubject().equals("EVERYONE")) {
                                it.remove();
                                if (z) {
                                    removeSpecialSubjectFromBindings("EVERYONE", workSpace, httpSession);
                                }
                            } else if ((specialSubjectExt instanceof AllAuthenticatedUsersExt) && groupDetailForm.getSpecialSubject().equals("ALL_AUTHENTICATED")) {
                                it.remove();
                                if (z) {
                                    removeSpecialSubjectFromBindings("ALL_AUTHENTICATED", workSpace, httpSession);
                                }
                            }
                        }
                    }
                }
                for (String str : groupDetailForm.getRole()) {
                    for (RoleAssignmentExt roleAssignmentExt2 : authorizations) {
                        if (roleAssignmentExt2 != null) {
                            SecurityRoleExt role = roleAssignmentExt2.getRole();
                            if (role.getRoleName().equals(str)) {
                                if (groupDetailForm.getSpecialSubject().equals("EVERYONE")) {
                                    roleAssignmentExt2.getSpecialSubjects().add(rolebasedauthzFactoryImpl.createEveryoneExt());
                                    if (z) {
                                        addSpecialSubjectToBindings(groupDetailForm.getSpecialSubject(), role, workSpace, httpSession);
                                    }
                                } else if (groupDetailForm.getSpecialSubject().equals("ALL_AUTHENTICATED")) {
                                    roleAssignmentExt2.getSpecialSubjects().add(rolebasedauthzFactoryImpl.createAllAuthenticatedUsersExt());
                                    if (z) {
                                        addSpecialSubjectToBindings(groupDetailForm.getSpecialSubject(), role, workSpace, httpSession);
                                    }
                                }
                            }
                        }
                    }
                }
                ((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getResourceSet().getResource(z ? "admin-authz.xml" : "naming-authz.xml").save();
            }
        } catch (Exception e) {
            e.printStackTrace();
        } catch (WorkSpaceException e2) {
            e2.printStackTrace();
        }
    }

    private void removeSpecialSubjectFromBindings(String str, WorkSpace workSpace, HttpSession httpSession) {
        try {
            RepositoryContext findContext = workSpace.findContext(new StringBuffer().append("cells/").append(((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getName()).append("/applications/adminconsole.ear/deployments/adminconsole").toString());
            findContext.extract("META-INF/ibm-application-bnd.xmi", false);
            Resource load = findContext.getResourceSet().load("META-INF/ibm-application-bnd.xmi");
            AuthorizationTable authorizationTable = ((ApplicationBinding) load.getExtent().get(0)).getAuthorizationTable();
            if (authorizationTable != null) {
                Iterator it = authorizationTable.getAuthorizations().iterator();
                while (it.hasNext()) {
                    Iterator it2 = ((RoleAssignment) it.next()).getSpecialSubjects().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        SpecialSubject specialSubject = (SpecialSubject) it2.next();
                        if (!str.equals("EVERYONE") || !(specialSubject instanceof Everyone)) {
                            if (str.equals("ALL_AUTHENTICATED") && (specialSubject instanceof AllAuthenticatedUsers)) {
                                it2.remove();
                                break;
                            }
                        } else {
                            it2.remove();
                            break;
                        }
                    }
                }
                load.save();
            }
        } catch (Exception e) {
            e.printStackTrace();
        } catch (WorkSpaceException e2) {
            e2.printStackTrace();
        }
    }

    private void addSpecialSubjectToBindings(String str, SecurityRoleExt securityRoleExt, WorkSpace workSpace, HttpSession httpSession) {
        ApplicationbndFactoryImpl applicationbndFactoryImpl = new ApplicationbndFactoryImpl();
        try {
            RepositoryContext findContext = workSpace.findContext(new StringBuffer().append("cells/").append(((RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY)).getName()).append("/applications/adminconsole.ear/deployments/adminconsole").toString());
            findContext.extract("META-INF/ibm-application-bnd.xmi", false);
            Resource load = findContext.getResourceSet().load("META-INF/ibm-application-bnd.xmi");
            AuthorizationTable authorizationTable = ((ApplicationBinding) load.getExtent().get(0)).getAuthorizationTable();
            if (authorizationTable != null) {
                for (RoleAssignment roleAssignment : authorizationTable.getAuthorizations()) {
                    if (roleAssignment.getRole().getRoleName().equals(securityRoleExt.getRoleName())) {
                        if (str.equals("EVERYONE")) {
                            roleAssignment.getSpecialSubjects().add(applicationbndFactoryImpl.createEveryone());
                        } else if (str.equals("ALL_AUTHENTICATED")) {
                            roleAssignment.getSpecialSubjects().add(applicationbndFactoryImpl.createAllAuthenticatedUsers());
                        }
                    }
                }
                load.save();
            }
        } catch (Exception e) {
            e.printStackTrace();
        } catch (WorkSpaceException e2) {
            e2.printStackTrace();
        }
    }

    private AuthorizationTableExt getAuthTable(HttpSession httpSession, boolean z) throws WorkSpaceException, Exception {
        String str = z ? "admin-authz.xml" : "naming-authz.xml";
        r8 = null;
        RepositoryContext repositoryContext = (RepositoryContext) httpSession.getAttribute(Constants.CURRENTCELLCTXT_KEY);
        repositoryContext.extract(str, false);
        for (AuthorizationTableExt authorizationTableExt : repositoryContext.getResourceSet().load(str).getExtent()) {
            if (authorizationTableExt.getContext().equals("domain")) {
                break;
            }
        }
        return authorizationTableExt;
    }

    public int getGroupCount(String str) {
        Iterator it;
        int i = 0;
        try {
            it = AdminServiceFactory.getAdminService().queryNames(new ObjectName(new StringBuffer().append("WebSphere:type=SecurityAdmin,process=").append(AdminServiceFactory.getAdminService().getProcessName()).append(",*").toString()), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            System.err.println("No SecurityAdmin MBean found!!");
            return 0;
        }
        i = ((Result) AdminServiceFactory.getAdminService().invoke((ObjectName) it.next(), "getGroups", new Object[]{str, new Integer(100), null}, new String[]{"java.lang.String", "java.lang.Integer", "java.util.Properties"})).getList().size();
        return i;
    }
}
