package com.ibm.isclite.service.security.roles;

import com.ibm.isc.api.argus.ArgusRoleImpl;
import com.ibm.isc.datastore.exceptions.RoleAlreadyExistsException;
import com.ibm.isc.datastore.exceptions.RoleInvalidNameException;
import com.ibm.isc.datastore.exceptions.RoleNotExistException;
import com.ibm.isc.deploy.util.DeployConstants;
import com.ibm.isclite.common.util.ISCAppUtil;
import com.ibm.isclite.common.util.SessionUtil;
import com.ibm.isclite.runtime.Constants;
import com.ibm.isclite.runtime.ConstantsExt;
import com.ibm.isclite.runtime.GroupActionSet;
import com.ibm.isclite.runtime.UserActionSet;
import com.ibm.isclite.service.security.roles.impl.GenericRoleServiceImpl;
import com.ibm.isclite.service.vmm.VMMSearchException;
import com.ibm.isclite.service.vmm.VMMUtil;
import com.ibm.websphere.management.AdminService;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.auth.WSSubject;
import com.ibm.websphere.security.cred.WSCredential;
import java.io.File;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.portlet.PortletRequest;
import javax.security.auth.login.CredentialExpiredException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ibm/isclite/service/security/roles/RoleServiceUtil.class */
public class RoleServiceUtil {
    private static final String CLASS_NAME = "RoleServiceUtil";
    private static boolean isWASOnline;
    private static IRoleService _roleService;
    private static final String useArgusStr = "false";
    private static boolean useArgus;
    private static Logger logger = Logger.getLogger(RoleServiceUtil.class.getName());
    public static String baseURI = ISCAppUtil.REPOSITORY_ROOT + File.separator + "cells" + File.separator + ISCAppUtil.getCellName() + File.separator + "applications" + File.separator + DeployConstants.EAR_URI + File.separator + "deployments" + File.separator + DeployConstants.ISCAPP_NAME + File.separator + "isclite.war" + File.separator + "WEB-INF";
    private static boolean isRoleModified = false;
    private static boolean isInvalidateCache = false;

    private RoleServiceUtil() {
    }

    public static synchronized void setBaseURI(String str) {
        baseURI = str;
        _roleService.setBaseURI(str);
    }

    public static synchronized void useGlobalTransactions(boolean z) {
        _roleService.useGlobalTransactions(z);
    }

    @Deprecated
    public static boolean isWASonline() {
        return isWASOnline;
    }

    public static boolean addRole(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "addRole");
        }
        boolean z = true;
        try {
            z = _roleService.addRole(str);
        } catch (RoleAlreadyExistsException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "addRole", "Fail to add role " + str + " : " + e.getMessage());
            z = false;
        } catch (RoleInvalidNameException e2) {
            logger.logp(Level.SEVERE, CLASS_NAME, "addRole", "Fail to add role " + str + " : " + e2.getMessage());
            z = false;
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "addRole", "Exception adding role  " + str + " : " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "addRole", Boolean.valueOf(z));
        }
        isRoleModified = z;
        return z;
    }

    public static boolean removeRole(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeRole");
        }
        boolean z = true;
        try {
            z = _roleService.removeRole(str);
        } catch (RoleInvalidNameException e) {
            z = false;
            logger.logp(Level.SEVERE, CLASS_NAME, "removeRole", "Failed to remove role " + str + " : " + e.getMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeRole", "Exception removing role  " + str + " " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "removeRole", Boolean.valueOf(z));
        }
        isRoleModified = z;
        return z;
    }

    public static boolean mapUsers2Role(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "mapUsers2Roles");
        }
        boolean z = false;
        try {
            z = _roleService.addUsersToRole(str, _getUsersFromVMM(list));
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "mapUsers2Roles", "Failed to map role " + str + " : " + e.getMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "mapUsers2Roles", "Exception mapping users to role  " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "mapUsers2Roles", Boolean.valueOf(z));
        }
        return z;
    }

    public static boolean mapGroups2Role(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "mapGroups2Roles");
        }
        boolean z = false;
        try {
            z = _roleService.addGroupsToRole(str, _getGroupsFromVMM(list));
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "mapGroups2Roles", "Failed to map role " + str + " : " + e.getMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "mapGroups2Roles", "Exception mapping groups to role  " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "mapGroups2Roles", Boolean.valueOf(z));
        }
        return z;
    }

    private static List<String> _getGroupsFromVMM(List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "_getGroupsFromVMM", list);
        }
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            try {
                arrayList.add(VMMUtil.getGroup(str).getUniqueName());
            } catch (VMMSearchException e) {
                e.printStackTrace();
                logger.warning("Could not find group " + str + " skipping");
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "_getGroupsFromVMM", arrayList);
        }
        return arrayList;
    }

    private static List<String> _getUsersFromVMM(List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "_getUsersFromVMM", list);
        }
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            if (!Constants.ALL_USERS.equalsIgnoreCase(str)) {
                try {
                    arrayList.add(VMMUtil.getUser(str).getUniqueName());
                } catch (VMMSearchException e) {
                    e.printStackTrace();
                    logger.warning("Could not find user " + str + " skipping");
                }
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "_getUsersFromVMM", arrayList);
        }
        return arrayList;
    }

    @Deprecated
    public static boolean mapRole2Role(String str, String str2) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "mapGroups2Roles");
        }
        logger.logp(Level.WARNING, CLASS_NAME, "mapGroups2Roles", "map role to role not supported");
        if (!logger.isLoggable(Level.FINER)) {
            return false;
        }
        logger.exiting(CLASS_NAME, "mapGroups2Roles");
        return false;
    }

    public static Set<String> getRoles() {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "getRoles");
        }
        Set<String> roles = _roleService.getRoles();
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "getRoles");
        }
        return roles;
    }

    public static List<String> getUsersInRole(String str) {
        return getUsersInRole(str, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static List<String> getUsersInRole(String str, boolean z) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "getUsersInRole", new Object[]{str, new Boolean(z)});
        }
        HashSet hashSet = new HashSet();
        try {
            hashSet.addAll(_roleService.getUsersInRole(str));
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getUsersInRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getUsersInRole", "Exception fetching users  " + th.getCause().getMessage());
        }
        if (z) {
            List<String> arrayList = new ArrayList();
            try {
                arrayList = _roleService.getGroupsInRole(str);
            } catch (RoleInvalidNameException e2) {
                logger.logp(Level.SEVERE, CLASS_NAME, "getUsersInRole", "invalid role name " + str + " " + e2.getLocalizedMessage());
            } catch (Throwable th2) {
                logger.logp(Level.SEVERE, CLASS_NAME, "getUsersInRole", "Exception fetching groups  " + th2.getCause().getMessage());
            }
            for (String str2 : arrayList) {
                try {
                    Iterator it = VMMUtil.getGroupMembers(str2).iterator();
                    while (it.hasNext()) {
                        hashSet.add(((UserActionSet) it.next()).getUniqueName());
                    }
                } catch (VMMSearchException e3) {
                    logger.logp(Level.SEVERE, CLASS_NAME, "getUsersInRole", "Exception finding group members for group " + str2 + ": " + e3.getLocalizedMessage());
                }
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "getUsersInRole", hashSet);
        }
        return new ArrayList(hashSet);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static List<String> getGroupsInRole(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "getGroupsInRole");
        }
        List arrayList = new ArrayList();
        try {
            arrayList = _roleService.getGroupsInRole(str);
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getGroupsInRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getGroupsInRole", "Exception fetching groups  " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "getGroupsInRole");
        }
        return arrayList;
    }

    public static boolean removeUsersFromRole(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeUsersFromRole");
        }
        boolean z = false;
        try {
            z = _roleService.removeUsersFromRole(str, _getUsersFromVMM(list));
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeUsersFromRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeUsersFromRole", "Exception removing users " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "removeUsersFromRole");
        }
        return z;
    }

    public static boolean removeGroupsFromRole(String str, List<String> list) {
        logger.entering(CLASS_NAME, "removeGroupsFromRole");
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeGroupsFromRole");
        }
        boolean z = false;
        try {
            z = _roleService.removeGroupsFromRole(str, _getGroupsFromVMM(list));
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeGroupsFromRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeGroupsFromRole", "Exception removing groups " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "removeGroupsFromRole");
        }
        return z;
    }

    public static boolean removeUsersFromRoleByForce(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeUsersFromRoleByForce");
        }
        boolean z = false;
        try {
            z = _roleService.removeUsersFromRole(str, list);
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeUsersFromRoleByForce", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeUsersFromRoleByForce", "Exception removing users " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "removeUsersFromRoleByForce");
        }
        return z;
    }

    public static boolean removeGroupsFromRoleByForce(String str, List<String> list) {
        logger.entering(CLASS_NAME, "removeGroupsFromRoleByForce");
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeGroupsFromRoleByForce");
        }
        boolean z = false;
        try {
            z = _roleService.removeGroupsFromRole(str, list);
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeGroupsFromRoleByForce", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "removeGroupsFromRoleByForce", "Exception removing groups " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "removeGroupsFromRoleByForce");
        }
        return z;
    }

    @Deprecated
    public static boolean removeRoleFromRole(String str, String str2) {
        logger.entering(CLASS_NAME, "removeGroupsFromRole");
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "removeGroupsFromRole");
        }
        logger.logp(Level.WARNING, CLASS_NAME, "removeGroupsFromRole", "map role to role not supported");
        if (!logger.isLoggable(Level.FINER)) {
            return false;
        }
        logger.exiting(CLASS_NAME, "removeGroupsFromRole");
        return false;
    }

    public static int getNumberOfUsersForRole(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "getNumberOfUsersForRole", str);
        }
        int i = 0;
        try {
            i = _roleService.getUsersInRole(str).size();
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getNumberOfUsersForRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getNumberOfUsersForRole", "Exception fetching users for role " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "getNumberOfUsersForRole", Integer.valueOf(i));
        }
        return i;
    }

    public static boolean roleExisted(String str) {
        logger.entering(CLASS_NAME, "roleExisted");
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "roleExisted", str);
        }
        boolean z = false;
        try {
            z = _roleService.isRoleExists(str);
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "roleExisted", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "roleExisted", "Exception fetching users for role " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "roleExisted", Boolean.valueOf(z));
        }
        return z;
    }

    @Deprecated
    public static boolean isRequiedRole(String str) {
        return false;
    }

    public static boolean save() {
        logger.entering(CLASS_NAME, "save");
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "save");
        }
        boolean z = true;
        try {
            _roleService.save();
        } catch (Throwable th) {
            z = false;
            logger.logp(Level.SEVERE, CLASS_NAME, "save", "Exception saving roles " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "save");
        }
        if (isRoleModified) {
            isInvalidateCache = z;
            isRoleModified = false;
        }
        return z;
    }

    public static boolean isAuthenticatedInRole(String str) {
        return isEveryOneInRole(str);
    }

    public static boolean isEveryOneInRole(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isEveryOneInRole");
        }
        boolean z = false;
        try {
            z = _roleService.isEveryOneInRole(str);
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "isEveryOneInRole", "invalid role name " + str + " " + e.getLocalizedMessage());
        } catch (Throwable th) {
            logger.logp(Level.SEVERE, CLASS_NAME, "isEveryOneInRole", "Exception " + th.getCause().getMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isEveryOneInRole", Boolean.valueOf(z));
        }
        return z;
    }

    public static void reloadArgusRepository() {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "reloadArgusRepository");
        }
        _roleService.reloadRepository();
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "reloadArgusRepository");
        }
    }

    private static boolean isUserInRole(String str, String str2, HttpSession httpSession) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isUserInRole(String roleName, String user, HttpSession session)", str);
        }
        if (str2 == null || httpSession == null) {
            return false;
        }
        List list = (List) httpSession.getAttribute(ConstantsExt.ALL_USER_IN_ROLES_KEY);
        if (isInvalidateCache) {
            list = null;
            isInvalidateCache = false;
        }
        if (list == null) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASS_NAME, "isUserInRole(String roleName, String user, HttpSession session)", "doing slow lookup, but creating cache for session: " + httpSession.getId());
            }
            list = new ArrayList();
            list.addAll(getRolesForUser(str2));
            httpSession.setAttribute(ConstantsExt.ALL_USER_IN_ROLES_KEY, list);
        } else if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASS_NAME, "isUserInRole(String roleName, String user, HttpSession session)", "using cached role lookup for session: " + httpSession.getId());
        }
        boolean contains = list.contains(str);
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isUserInRole(String roleName, String user, HttpSession session)", Boolean.valueOf(contains));
        }
        return contains;
    }

    public static boolean isUserInRole(String str, HttpServletRequest httpServletRequest) {
        boolean isUserInRole;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isUserInRole(String roleName, HttpServletRequest request)", str);
        }
        if (useArgus) {
            isUserInRole = httpServletRequest.isUserInRole(str);
        } else {
            if (null == SessionUtil.getSession(httpServletRequest.getSession().getId())) {
                SessionUtil.mapSession(httpServletRequest.getSession());
            }
            isUserInRole = isUserInRole(str, httpServletRequest.getRemoteUser(), SessionUtil.getSession(httpServletRequest.getSession().getId()));
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isUserInRole(String roleName, HttpServletRequest request)", Boolean.valueOf(isUserInRole));
        }
        return isUserInRole;
    }

    public static boolean isUserInRole(String str, PortletRequest portletRequest) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isUserInRole(String roleName, PortletRequest request)", str);
        }
        boolean isUserInRole = useArgus ? portletRequest.isUserInRole(str) : isUserInRole(str, portletRequest.getRemoteUser(), SessionUtil.getSession(portletRequest.getPortletSession().getId()));
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isUserInRole(String roleName, PortletRequest request)", Boolean.valueOf(isUserInRole));
        }
        return isUserInRole;
    }

    public static boolean isUserInRole(String str, String str2) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isUserInRole(String roleName,String userName)");
        }
        return isUserInRole(str, str2, true);
    }

    public static boolean isUserInRole(String str, String str2, boolean z) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)");
        }
        boolean z2 = false;
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "doing a SLOW isUserInRole call due to VMM limitations, no caching possible here.");
        }
        try {
            try {
                List users = VMMUtil.getUsers("*", "*", str2, "*", 1);
                if (users != null && users.size() == 1) {
                    str2 = ((UserActionSet) users.get(0)).getUniqueName();
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "userid from vmm: " + str2);
                    }
                }
                z2 = _roleService.isUserInRole(str, str2);
                if (!z2 && z) {
                    for (GroupActionSet groupActionSet : VMMUtil.getGroupsForUser(str2)) {
                        if (groupActionSet.getGid() != null) {
                            z2 = _roleService.isGroupInRole(str, groupActionSet.getGid());
                            if (z2) {
                                break;
                            }
                        }
                    }
                }
            } catch (VMMSearchException e) {
                logger.logp(Level.SEVERE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "could not retrieve user info " + e.getLocalizedMessage());
                return false;
            }
        } catch (RoleInvalidNameException e2) {
            logger.logp(Level.SEVERE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "invalid role name " + str + " " + e2.getLocalizedMessage());
        } catch (RoleNotExistException e3) {
            logger.logp(Level.SEVERE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "invalid role name " + str + " " + e3.getLocalizedMessage());
        } catch (VMMSearchException e4) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", "could not retrieve groups for user " + e4.getLocalizedMessage());
            }
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isUserInRole(String roleName,String userName,boolean checkGroup)", Boolean.valueOf(z2));
        }
        return z2;
    }

    public static boolean isGroupInRole(String str, String str2) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "isGroupInRole(String roleName, String groupid)");
        }
        boolean z = false;
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASS_NAME, "isGroupInRole(String roleName, String groupid)", "doing a SLOW isGroupInRole call due to VMM limitations, no caching possible here.");
        }
        try {
            try {
                List groups = VMMUtil.getGroups(str2, "", 1);
                if (groups != null && groups.size() == 1) {
                    str2 = ((GroupActionSet) groups.get(0)).getUniqueName();
                    System.out.println("find the group:" + str2);
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASS_NAME, "isGroupInRole(String roleName, String groupid)", "groupid from vmm: " + str2);
                    }
                }
                z = _roleService.isGroupInRole(str, str2);
            } catch (VMMSearchException e) {
                System.out.println("could not retrieve group info " + e.getLocalizedMessage());
                logger.logp(Level.SEVERE, CLASS_NAME, "isGroupInRole(String roleName, String groupid)", "could not retrieve group info " + e.getLocalizedMessage());
                return false;
            }
        } catch (RoleInvalidNameException e2) {
            logger.logp(Level.SEVERE, CLASS_NAME, "isGroupInRole(String roleName, String groupid)", "invalid role name " + str + " " + e2.getLocalizedMessage());
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(CLASS_NAME, "isGroupInRole(String roleName, String groupid)", Boolean.valueOf(z));
        }
        return z;
    }

    private static Set<String> getRolesForUser(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASS_NAME, "getRolesForUser(String userName)");
        }
        new HashSet();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASS_NAME, "getRolesForUser(String userName)", "doing a SLOW getRolesForUser call due to VMM limitations, no caching possible here.");
        }
        try {
            Set publicCredentials = WSSubject.getCallerSubject().getPublicCredentials(WSCredential.class);
            int size = publicCredentials.size();
            if (size != 1) {
                throw new RuntimeException("Invalid credential number: " + size);
            }
            WSCredential wSCredential = (WSCredential) publicCredentials.iterator().next();
            if (logger.isLoggable(Level.FINE)) {
                logger.log(Level.FINE, "getSecurityName: " + wSCredential.getSecurityName());
                logger.log(Level.FINE, "getUniqueSecurityName: " + wSCredential.getUniqueSecurityName());
                logger.log(Level.FINE, "getRealmName: " + wSCredential.getRealmName());
                logger.log(Level.FINE, "getRealmSecurityName: " + wSCredential.getRealmSecurityName());
                logger.log(Level.FINE, "getRealmUniqueSecurityName: " + wSCredential.getRealmUniqueSecurityName());
            }
            String uniqueSecurityName = wSCredential.getUniqueSecurityName();
            ArrayList groupIds = wSCredential.getGroupIds();
            logger.log(Level.FINE, "getGroupIds: " + groupIds);
            Set<String> rolesForUser = _roleService.getRolesForUser(uniqueSecurityName);
            Iterator it = groupIds.iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                int indexOf = str2.indexOf("/");
                if (indexOf != -1) {
                    String substring = str2.substring(indexOf + 1);
                    logger.log(Level.FINE, "groupUniqueId: " + substring);
                    rolesForUser.addAll(_roleService.getRolesForGroup(substring));
                }
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASS_NAME, "getRolesForUser(String userName)", rolesForUser);
            }
            return rolesForUser;
        } catch (CredentialExpiredException e) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getRolesForUser(String userName)", "could not retrieve user: " + str + " ,caused by " + e.getLocalizedMessage());
            return null;
        } catch (WSSecurityException e2) {
            logger.logp(Level.SEVERE, CLASS_NAME, "getRolesForUser(String userName)", "could not retrieve user: " + str + " ,caused by " + e2.getLocalizedMessage());
            return null;
        }
    }

    public static boolean isRoleValid(String str) throws RoleInvalidNameException {
        if (str == null || str.isEmpty()) {
            throw new RoleInvalidNameException("role name is empty, failed to map this role to groups");
        }
        return true;
    }

    static {
        isWASOnline = true;
        useArgus = false;
        try {
            AdminService adminService = AdminServiceFactory.getAdminService();
            if (useArgusStr == 0) {
                useArgus = false;
                _roleService = GenericRoleServiceImpl.getInstance(baseURI);
            } else if (useArgusStr.equalsIgnoreCase("true")) {
                useArgus = true;
                _roleService = ArgusRoleImpl.getInstance();
            } else {
                useArgus = false;
                _roleService = GenericRoleServiceImpl.getInstance(baseURI);
            }
            if (adminService == null) {
                isWASOnline = false;
            } else {
                isWASOnline = true;
            }
        } catch (NullPointerException e) {
            isWASOnline = false;
        }
    }
}
