package com.ibm.isc.datastore.global;

import com.ibm.isc.datastore.DatastoreException;
import com.ibm.isc.datastore.exceptions.RoleAlreadyExistsInAdminAuthzException;
import com.ibm.isclite.common.util.AuditUtil;
import com.ibm.isclite.common.util.ISCAppUtil;
import com.ibm.isclite.common.util.PerformanceAnalysisUtil;
import com.ibm.isclite.platform.ProductInfoImpl;
import com.ibm.isclite.runtime.Constants;
import com.ibm.isclite.service.datastore.IReadWriteLocks;
import com.ibm.isclite.service.security.roles.RoleServiceUtil;
import com.ibm.isclite.service.vmm.VMMUtil;
import com.ibm.websphere.management.AdminClient;
import com.ibm.websphere.management.AdminClientFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.ConfigServiceProxy;
import com.ibm.websphere.models.config.rolebasedauthz.AuthorizationTableExt;
import com.ibm.websphere.models.config.rolebasedauthz.GroupExt;
import com.ibm.websphere.models.config.rolebasedauthz.RoleAssignmentExt;
import com.ibm.websphere.models.config.rolebasedauthz.RolebasedauthzFactory;
import com.ibm.websphere.models.config.rolebasedauthz.SecurityRoleExt;
import com.ibm.websphere.models.config.rolebasedauthz.SubjectExt;
import com.ibm.websphere.models.config.rolebasedauthz.UserExt;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.ws.console.core.WSCDefines;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import com.ibm.wsspi.security.registry.RegistryHelper;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.management.AttributeList;
import javax.management.ObjectName;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.resource.Resource;

/* loaded from: input_file:com/ibm/isc/datastore/global/UpdateAdminAuthzStore.class */
public class UpdateAdminAuthzStore {
    protected String cellName;
    private RepositoryContext repositoryContext;
    protected Resource resource;
    private WorkSpace ws;
    private long adminAuthzLastMod = 0;
    private File adminAuthzFile;
    protected static String CLASSNAME = UpdateAdminAuthzStore.class.getName();
    protected static final Logger logger = Logger.getLogger(CLASSNAME);
    private static final boolean isEWAS;
    private static ArrayList adminConsoleCommonRoles;
    private static final String TIP_CONSOLE_SECURITY_ROLE = "iscadmins";
    private static final String ADMIN_CONSOLE_SECURITY_ROLE = "adminsecuritymanager";

    public UpdateAdminAuthzStore(WorkSpace workSpace, String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "UpdateAdminAuthzStore(WorkSpace workspace, String cellName)", new Object[]{workSpace, str});
        }
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "UpdateAdminAuthzStore(WorkSpace workspace, String cellName)", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return;
        }
        this.ws = workSpace;
        this.cellName = str;
        try {
            reloadResource();
        } catch (DatastoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "UpdateAdminAuthzStore(WorkSpace workspace, String cellName)", e.getLocalizedMessage());
        }
        logger.exiting(CLASSNAME, "UpdateAdminAuthzStore(WorkSpace workspace, String cellName)");
    }

    /* JADX WARN: Finally extract failed */
    protected void reloadResource() throws DatastoreException {
        logger.entering(CLASSNAME, "reloadResource()");
        if (isAdminAuthzModified() || this.resource == null) {
            extractWorkSpace(true);
            long time = new Date().getTime();
            IReadWriteLocks.storeWrite.lock();
            try {
                try {
                    PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
                    RepositoryContext repositoryContext = getRepositoryContext();
                    if (this.resource != null) {
                        this.resource.unload();
                    }
                    this.resource = repositoryContext.getResourceSet().createResource(URI.createURI(getRelativePathToXmlStore()));
                    this.resource.load(new HashMap());
                    IReadWriteLocks.storeWrite.unlock();
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.logp(Level.FINEST, CLASSNAME, "reloadResource()", "Realoding of admin_authz.xml successful!");
                    }
                } catch (IOException e) {
                    logger.logp(Level.WARNING, CLASSNAME, "reloadResource()", "Exception in loading admin_authz resource: " + e.getLocalizedMessage(), (Throwable) e);
                    logger.exiting(CLASSNAME, "reloadResource()");
                    throw new DatastoreException(e);
                } catch (WorkSpaceException e2) {
                    logger.logp(Level.WARNING, CLASSNAME, "reloadResource()", "Exception when getting the repository context: " + e2.getLocalizedMessage(), e2);
                    logger.exiting(CLASSNAME, "reloadResource()");
                    throw new DatastoreException(e2);
                }
            } catch (Throwable th) {
                IReadWriteLocks.storeWrite.unlock();
                throw th;
            }
        }
        logger.exiting(CLASSNAME, "reloadResource()");
    }

    private boolean isAdminAuthzModified() throws DatastoreException {
        logger.entering(CLASSNAME, "isAdminAuthzModified()");
        boolean z = false;
        if (this.adminAuthzFile == null) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "isAdminAuthzModified()", "Creating File object to admin_authz.xml which will be used to detect if reload is needed.");
            }
            this.adminAuthzFile = new File(UpdateStoreUtil.getBaseUriToCell(this.cellName) + File.separator + getRelativePathToXmlStore());
        }
        if (this.adminAuthzFile == null) {
            logger.logp(Level.WARNING, CLASSNAME, "isAdminAuthzModified()", "admin_authz.xml can not be found!");
            logger.exiting(CLASSNAME, "isAdminAuthzModified()");
            throw new DatastoreException("admin_authz.xml can not be found!");
        }
        if (this.adminAuthzFile.lastModified() > this.adminAuthzLastMod) {
            this.adminAuthzLastMod = this.adminAuthzFile.lastModified();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "isAdminAuthzModified()", "admin_authz has been modified since the last inquiery");
            }
            z = true;
        }
        logger.exiting(CLASSNAME, "isAdminAuthzModified()");
        return z;
    }

    public void extractWorkSpace(boolean z) throws DatastoreException {
        logger.entering(CLASSNAME, "extractWorkSpace()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "extractWorkSpace()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            logger.exiting(CLASSNAME, "extractWorkSpace()");
            return;
        }
        try {
            RepositoryContext repositoryContext = getRepositoryContext();
            String path = repositoryContext.getPath();
            this.ws.extract(repositoryContext, getRelativePathToXmlStore(), z);
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "extractWorkSpace()", "admin_authz has been extracted into workspace: " + path);
            }
            logger.exiting(CLASSNAME, "extractWorkSpace()");
        } catch (WorkSpaceException e) {
            logger.exiting(CLASSNAME, "extractWorkSpace()");
            throw new DatastoreException("admin_authz failed to extract into workspace", e);
        }
    }

    protected String getRelativePathToXmlStore() {
        logger.entering(CLASSNAME, "getRelativePathToXmlStore()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "getRelativePathToXmlStore()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
        }
        logger.exiting(CLASSNAME, "getRelativePathToXmlStore()");
        return "admin-authz.xml";
    }

    protected String getRelPathToCellRepositoryContext() {
        logger.entering(CLASSNAME, "getRelPathToRepositoryContext()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "getRelPathToRepositoryContext()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            logger.exiting(CLASSNAME, "getRelPathToRepositoryContext()");
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("cells").append("/");
        stringBuffer.append(this.cellName);
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "getRelPathToRepositoryContext()", "The Relative Path to the specified cell is: " + stringBuffer.toString());
        }
        logger.exiting(CLASSNAME, "getRelPathToRepositoryContext()");
        return stringBuffer.toString();
    }

    private RepositoryContext getRepositoryContext() throws WorkSpaceException {
        logger.entering(CLASSNAME, "getRepositoryContext()");
        if (this.repositoryContext == null) {
            this.repositoryContext = this.ws.findContext(getRelPathToCellRepositoryContext());
        }
        logger.exiting(CLASSNAME, "getRepositoryContext()");
        return this.repositoryContext;
    }

    public void synch() throws DatastoreException {
        logger.entering(CLASSNAME, "synch()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "synch()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return;
        }
        try {
            updateDatastore();
            this.ws.synch(new HashMap());
            logger.logp(Level.FINE, CLASSNAME, "synch()", "Forcing WAS to synch resource " + getRelativePathToXmlStore());
            logger.exiting(CLASSNAME, "synch()");
        } catch (WorkSpaceException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "synch()", "Exception: " + e.getMessage());
            throw new DatastoreException((Throwable) e);
        }
    }

    public void updateDatastore() throws DatastoreException {
        logger.entering(CLASSNAME, "updateDatastore()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "updateDatastore()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return;
        }
        IReadWriteLocks.storeWrite.lock();
        AuditUtil auditUtil = new AuditUtil();
        try {
            try {
                try {
                    try {
                        this.resource.save(new HashMap());
                        notifyChanges();
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap = new HashMap();
                            hashMap.put("Update AdminAuthz Store", "Role mapping update in AdminAuthz Store");
                            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                        }
                        IReadWriteLocks.storeWrite.unlock();
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "updateDatastore()", "Update of the resource was successful. Waiting for WAS to synch now.");
                        }
                        logger.exiting(CLASSNAME, "updateDatastore()");
                    } catch (NullPointerException e) {
                        logger.logp(Level.WARNING, CLASSNAME, "updateDatastore()", "Authorization exception in saving the admin authz resource: " + e.getLocalizedMessage(), (Throwable) e);
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put("Exception in saving the AdminAuthz Resource", e.getMessage());
                            auditUtil.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                        }
                        logger.exiting(CLASSNAME, "updateDatastore()");
                        throw new DatastoreException(e);
                    }
                } catch (IOException e2) {
                    logger.logp(Level.WARNING, CLASSNAME, "updateDatastore()", "IO exception in saving the admin authz resource: " + e2.getLocalizedMessage(), (Throwable) e2);
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap3 = new HashMap();
                        hashMap3.put("Exception in saving the AdminAuthz Resource", e2.getMessage());
                        auditUtil.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                    }
                    logger.exiting(CLASSNAME, "updateDatastore()");
                    throw new DatastoreException(e2);
                }
            } catch (Exception e3) {
                logger.logp(Level.WARNING, CLASSNAME, "updateDatastore()", "Exception in saving the admin_authz resource: " + e3.getLocalizedMessage(), (Throwable) e3);
                if (auditUtil.isAuditEnable()) {
                    HashMap hashMap4 = new HashMap();
                    hashMap4.put("Exception in saving the AdminAuthz Resource", e3.getMessage());
                    auditUtil.printAuditLog(null, hashMap4, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                }
                logger.exiting(CLASSNAME, "updateDatastore()");
                throw new DatastoreException(e3);
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    protected void notifyChanges() {
        logger.entering(CLASSNAME, "notifyChanges()");
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "notifyChanges()", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return;
        }
        try {
            this.repositoryContext.notifyChanged(1, getRepositoryContext().getPath() + File.separatorChar + "admin-authz.xml");
            logger.logp(Level.FINE, CLASSNAME, "notifyChanges()", " Notifying the update to" + getRelativePathToXmlStore());
        } catch (WorkSpaceException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "notifyChanges()", " Error while notifying WAS for resource update. Exception: " + e.getMessage());
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "notifyChanges()", "Notifying update to WAS successful.");
        }
        logger.exiting(CLASSNAME, "notifyChanges()");
    }

    public EList getRoles() {
        logger.entering(CLASSNAME, "getRoles()");
        return null;
    }

    public List getApplicationRoles() {
        logger.entering(CLASSNAME, "getApplicationRoles()");
        return null;
    }

    public boolean addRole(String str) {
        logger.entering(CLASSNAME, "addRole(String)");
        logger.exiting(CLASSNAME, "addRole(String)");
        return true;
    }

    public boolean removeRoles(List list) {
        logger.entering(CLASSNAME, "removeRoles(List)");
        logger.exiting(CLASSNAME, "removeRoles(List)");
        return true;
    }

    public void removeRole(String str) {
        logger.entering(CLASSNAME, "removeRole(String)");
        logger.exiting(CLASSNAME, "removeRole(String)");
    }

    public void updateRoleName(String str, String str2) {
        logger.entering(CLASSNAME, "updateRoleName(String, String)", new Object[]{str, str2});
        logger.exiting(CLASSNAME, "updateRoleName(String, String)");
    }

    public void removeUserToRoleMappings(SecurityRoleExt securityRoleExt) {
        logger.entering(CLASSNAME, "removeUserToRoleMappings(SecurityRoleExt)");
        logger.exiting(CLASSNAME, "removeUserToRoleMappings(SecurityRoleExt)");
    }

    public int getNumberOfUsersForRole(String str) {
        logger.entering(CLASSNAME, "getNumberOfUsersForRole(String roleName)");
        logger.exiting(CLASSNAME, "getNumberOfUsersForRole(String roleName)");
        return 0;
    }

    public void validateRoleInAdminAuthzStore(String str) throws RoleAlreadyExistsInAdminAuthzException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "validateRoleInAdminAuthzStore(String roleName)", str);
        }
        logger.exiting(CLASSNAME, "validateRoleInAdminAuthzStore(String roleName)");
    }

    public boolean setUsersInRole(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "setUsersInRole", new Object[]{str, list});
        }
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "setUsersInRole", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return true;
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Updating the admin_authz repository by setting users (" + list.size() + ") in role: " + str);
        }
        IReadWriteLocks.storeWrite.lock();
        try {
            try {
                reloadResource();
                r13 = null;
                for (AuthorizationTableExt authorizationTableExt : this.resource.getContents()) {
                    if (authorizationTableExt.getContext().equals("domain")) {
                        break;
                    }
                }
                EList authorizations = authorizationTableExt.getAuthorizations();
                Iterator it = authorizations.iterator();
                RoleAssignmentExt roleAssignmentExt = null;
                if (logger.isLoggable(Level.FINER)) {
                    logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Looking for the roleAssignment object for '" + str + "'...");
                }
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    RoleAssignmentExt roleAssignmentExt2 = (RoleAssignmentExt) it.next();
                    if (roleAssignmentExt2.getRole() != null && roleAssignmentExt2.getRole().getRoleName().equals(str)) {
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Found the RoleAssignmentExt object for '" + str + "'");
                        }
                        AuditUtil auditUtil = new AuditUtil();
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap = new HashMap();
                            hashMap.put("Found the RoleAssignmentExt object for '" + str + "'", "SUCCESS");
                            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                        }
                        roleAssignmentExt = roleAssignmentExt2;
                    }
                }
                if (roleAssignmentExt == null) {
                    Iterator it2 = authorizationTableExt.getRoles().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        SecurityRoleExt securityRoleExt = (SecurityRoleExt) it2.next();
                        if (str.equals(securityRoleExt.getRoleName())) {
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Creating new RoleAssignmentExt for '" + str + "'");
                            }
                            AuditUtil auditUtil2 = new AuditUtil();
                            if (auditUtil2.isAuditEnable()) {
                                HashMap hashMap2 = new HashMap();
                                hashMap2.put("Creating new RoleAssignmentExt for '" + str + "'", "SUCCESS");
                                auditUtil2.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            roleAssignmentExt = RolebasedauthzFactory.eINSTANCE.createRoleAssignmentExt();
                            roleAssignmentExt.setRole(securityRoleExt);
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Adding new RoleAssignmentExt to authorizations...");
                            }
                            if (auditUtil2.isAuditEnable()) {
                                HashMap hashMap3 = new HashMap();
                                hashMap3.put("Adding new RoleAssignmentExt to authorizations...", "SUCCESS");
                                auditUtil2.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            authorizations.add(roleAssignmentExt);
                        }
                    }
                }
                if (roleAssignmentExt != null) {
                    EList users = roleAssignmentExt.getUsers();
                    while (users.size() > 0) {
                        SubjectExt subjectExt = (SubjectExt) users.remove(0);
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Removed subject (user) '" + subjectExt.getName() + "' from the roleAssignment object.");
                        }
                        AuditUtil auditUtil3 = new AuditUtil();
                        if (auditUtil3.isAuditEnable()) {
                            HashMap hashMap4 = new HashMap();
                            hashMap4.put("Removed subject (user) '" + subjectExt.getName() + "' from the roleAssignment object", "SUCCESS");
                            auditUtil3.printAuditLog(null, hashMap4, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                        }
                    }
                    for (String str2 : list) {
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "Seeing if user '" + str2 + "' is in the role's users already...");
                        }
                        boolean z = false;
                        Iterator it3 = users.iterator();
                        while (true) {
                            if (!it3.hasNext()) {
                                break;
                            }
                            if (((UserExt) it3.next()).getName().equals(str2)) {
                                z = true;
                                break;
                            }
                        }
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "User '" + str2 + "' already mapped? " + z);
                        }
                        if (!z) {
                            UserExt createUserExt = RolebasedauthzFactory.eINSTANCE.createUserExt();
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "New UserExt created from factory");
                            }
                            AuditUtil auditUtil4 = new AuditUtil();
                            if (auditUtil4.isAuditEnable()) {
                                HashMap hashMap5 = new HashMap();
                                hashMap5.put("New UserExt created from factory", "SUCCESS");
                                auditUtil4.printAuditLog(null, hashMap5, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            String str3 = null;
                            try {
                                str3 = VMMUtil.getUser(str2).getUid();
                            } catch (Exception e) {
                                logger.logp(Level.SEVERE, CLASSNAME, "setUsersInRole", "Unable to get uid using VMM util for user " + str2);
                            }
                            logger.logp(Level.FINE, CLASSNAME, "setUsersInRole", "New Userid from VMMUtil getUser getUid=" + str3);
                            if (str3 != null) {
                                createUserExt.setName(str3);
                                try {
                                    createUserExt.setAccessId(getUserAccessId(str3));
                                } catch (Exception e2) {
                                    logger.logp(Level.SEVERE, CLASSNAME, "setUsersInRole", "Unable to get accessId for user " + str3);
                                    if (auditUtil4.isAuditEnable()) {
                                        HashMap hashMap6 = new HashMap();
                                        hashMap6.put("setUsersInRole in AdminAuthz" + str3, "FAILURE :Unable to get accessId for user " + str3);
                                        auditUtil4.printAuditLog(null, hashMap6, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                                    }
                                }
                                users.add(createUserExt);
                                if (logger.isLoggable(Level.FINER)) {
                                    logger.logp(Level.FINER, CLASSNAME, "setUsersInRole", "New UserExt added to role's user list.");
                                }
                                if (auditUtil4.isAuditEnable()) {
                                    HashMap hashMap7 = new HashMap();
                                    hashMap7.put("setUsersInRole in AdminAuthz: " + createUserExt.getName(), "SUCCESS: New UserExt added to role's user list.");
                                    auditUtil4.printAuditLog(null, hashMap7, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                                }
                            }
                        }
                    }
                } else {
                    logger.logp(Level.SEVERE, CLASSNAME, "setUsersInRole", "Unable to find or create RoleAssignmentExt for '" + str + "'");
                    AuditUtil auditUtil5 = new AuditUtil();
                    if (auditUtil5.isAuditEnable()) {
                        HashMap hashMap8 = new HashMap();
                        hashMap8.put("Unable to find or create RoleAssignmentExt for '" + str + "'", "FAILURE");
                        auditUtil5.printAuditLog(null, hashMap8, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                    }
                }
                IReadWriteLocks.storeWrite.unlock();
                if (!logger.isLoggable(Level.FINER)) {
                    return true;
                }
                logger.exiting(CLASSNAME, "setUsersInRole", Boolean.TRUE);
                return true;
            } catch (DatastoreException e3) {
                logger.logp(Level.WARNING, CLASSNAME, "setUsersInRole", e3.getLocalizedMessage());
                logger.exiting(CLASSNAME, "setUsersInRole", Boolean.FALSE);
                IReadWriteLocks.storeWrite.unlock();
                return false;
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public boolean setGroupsInRole(String str, List<String> list) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "setGroupsInRole", new Object[]{str, list});
        }
        if (new ProductInfoImpl().getPlatform() == 1) {
            logger.logp(Level.SEVERE, CLASSNAME, "setGroupsInRole", "SE: AdminAuthz store ignored/hacked out, revisit this code!");
            return true;
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Updating the admin_authz repository by setting groups (" + list.size() + ") in role: " + str);
        }
        IReadWriteLocks.storeWrite.lock();
        AuditUtil auditUtil = new AuditUtil();
        try {
            try {
                reloadResource();
                r14 = null;
                for (AuthorizationTableExt authorizationTableExt : this.resource.getContents()) {
                    if (authorizationTableExt.getContext().equals("domain")) {
                        break;
                    }
                }
                EList authorizations = authorizationTableExt.getAuthorizations();
                Iterator it = authorizations.iterator();
                RoleAssignmentExt roleAssignmentExt = null;
                if (logger.isLoggable(Level.FINER)) {
                    logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Looking for the roleAssignment object for '" + str + "'...");
                }
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    RoleAssignmentExt roleAssignmentExt2 = (RoleAssignmentExt) it.next();
                    if (roleAssignmentExt2.getRole() != null && roleAssignmentExt2.getRole().getRoleName().equals(str)) {
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Found the RoleAssignmentExt object for '" + str + "'");
                        }
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap = new HashMap();
                            hashMap.put("Found the RoleAssignmentExt object for '" + str + "'", "SUCCESS");
                            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                        }
                        roleAssignmentExt = roleAssignmentExt2;
                    }
                }
                if (roleAssignmentExt == null) {
                    Iterator it2 = authorizationTableExt.getRoles().iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        SecurityRoleExt securityRoleExt = (SecurityRoleExt) it2.next();
                        if (str.equals(securityRoleExt.getRoleName())) {
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Creating new RoleAssignmentExt for '" + str + "'");
                            }
                            if (auditUtil.isAuditEnable()) {
                                HashMap hashMap2 = new HashMap();
                                hashMap2.put("Creating new RoleAssignmentExt for '" + str + "'", "SUCCESS");
                                auditUtil.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            roleAssignmentExt = RolebasedauthzFactory.eINSTANCE.createRoleAssignmentExt();
                            roleAssignmentExt.setRole(securityRoleExt);
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Adding new RoleAssignmentExt to authorizations...");
                            }
                            if (auditUtil.isAuditEnable()) {
                                HashMap hashMap3 = new HashMap();
                                hashMap3.put("Adding new RoleAssignmentExt to authorizations...", "SUCCESS");
                                auditUtil.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            authorizations.add(roleAssignmentExt);
                        }
                    }
                }
                if (roleAssignmentExt != null) {
                    EList groups = roleAssignmentExt.getGroups();
                    while (groups.size() > 0) {
                        SubjectExt subjectExt = (SubjectExt) groups.remove(0);
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Removed subject (group) '" + subjectExt.getName() + "' from the roleAssignment object.");
                        }
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap4 = new HashMap();
                            hashMap4.put("Removed subject (group) '" + subjectExt.getName() + "' from the roleAssignment object", "SUCCESS");
                            auditUtil.printAuditLog(null, hashMap4, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                        }
                    }
                    for (String str2 : list) {
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Seeing if group '" + str2 + "' is in the role's groups already...");
                        }
                        boolean z = false;
                        Iterator it3 = groups.iterator();
                        while (true) {
                            if (!it3.hasNext()) {
                                break;
                            }
                            if (((GroupExt) it3.next()).getName().equals(str2)) {
                                z = true;
                                break;
                            }
                        }
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "Group '" + str2 + "' already mapped? " + z);
                        }
                        if (!z) {
                            GroupExt createGroupExt = RolebasedauthzFactory.eINSTANCE.createGroupExt();
                            if (logger.isLoggable(Level.FINER)) {
                                logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "New GroupExt created from factory");
                            }
                            if (auditUtil.isAuditEnable()) {
                                HashMap hashMap5 = new HashMap();
                                hashMap5.put("New GroupExt created from factory" + createGroupExt.getName(), "SUCCESS");
                                auditUtil.printAuditLog(null, hashMap5, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            String str3 = null;
                            try {
                                str3 = VMMUtil.getGroup(str2).getGid();
                            } catch (Exception e) {
                                logger.logp(Level.SEVERE, CLASSNAME, "setGroupsInRole", "Unable to get gid using VMM util for group " + str2);
                            }
                            if (str3 != null) {
                                createGroupExt.setName(str3);
                                try {
                                    createGroupExt.setAccessId(getGroupAccessId(str3));
                                } catch (Exception e2) {
                                    logger.logp(Level.SEVERE, CLASSNAME, "setGroupsInRole", "Unable to get accessId for group " + str3);
                                    if (auditUtil.isAuditEnable()) {
                                        HashMap hashMap6 = new HashMap();
                                        hashMap6.put("Unable to get accessId for group " + str3, "FAILURE");
                                        auditUtil.printAuditLog(null, hashMap6, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                                    }
                                }
                                groups.add(createGroupExt);
                                if (logger.isLoggable(Level.FINER)) {
                                    logger.logp(Level.FINER, CLASSNAME, "setGroupsInRole", "New GroupExt '" + str3 + "' added to role's group list.");
                                }
                            }
                        }
                    }
                } else {
                    logger.logp(Level.SEVERE, CLASSNAME, "setGroupsInRole", "Unable to find or create RoleAssignmentExt for '" + str + "'");
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap7 = new HashMap();
                        hashMap7.put("Unable to find or create RoleAssignmentExt for '" + str + "'", "FAILURE");
                        auditUtil.printAuditLog(null, hashMap7, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                    }
                }
                IReadWriteLocks.storeWrite.unlock();
                if (!logger.isLoggable(Level.FINER)) {
                    return true;
                }
                logger.exiting(CLASSNAME, "setGroupsInRole", Boolean.TRUE);
                return true;
            } catch (DatastoreException e3) {
                logger.logp(Level.WARNING, CLASSNAME, "setGroupsInRole", e3.getLocalizedMessage());
                logger.exiting(CLASSNAME, "setGroupsInRole", Boolean.FALSE);
                IReadWriteLocks.storeWrite.unlock();
                return false;
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    private static String getUserAccessId(String str) throws Exception {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "getUserAccessId", str);
        }
        try {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAccessId", "Trying WAS RegistryHelper");
            }
            UserRegistry userRegistry = RegistryHelper.getUserRegistry((String) null);
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAccessId", "Got UserRegistry: " + userRegistry);
            }
            String uniqueUserId = userRegistry.getUniqueUserId(str);
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAccessId", "Got unique id: " + uniqueUserId);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "getUserAccessId", uniqueUserId);
            }
            return uniqueUserId;
        } catch (Exception e) {
            logger.logp(Level.WARNING, CLASSNAME, "getUserAccessId", "Error using WAS RegistryHelper: " + e.getMessage());
            e.printStackTrace();
            throw e;
        }
    }

    private static String getGroupAccessId(String str) throws Exception {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "getGroupAccessId", str);
        }
        try {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getGroupAccessId", "Trying WAS RegistryHelper");
            }
            UserRegistry userRegistry = RegistryHelper.getUserRegistry((String) null);
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getGroupAccessId", "Got UserRegistry: " + userRegistry);
            }
            String uniqueGroupId = userRegistry.getUniqueGroupId(str);
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getGroupAccessId", "Got unique id: " + uniqueGroupId);
            }
            if (logger.isLoggable(Level.FINER)) {
                logger.exiting(CLASSNAME, "getGroupAccessId", uniqueGroupId);
            }
            return uniqueGroupId;
        } catch (Exception e) {
            logger.logp(Level.WARNING, CLASSNAME, "getGroupAccessId", "Error using WAS RegistryHelper: " + e.getMessage());
            e.printStackTrace();
            throw e;
        }
    }

    public static boolean syncAuthzWithArgus_adminClient(String str, String str2) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "syncAuthzWithArgus_adminClient", str);
        }
        boolean z = true;
        if (isEWAS) {
            Properties properties = new Properties();
            properties.setProperty("type", "SOAP");
            properties.setProperty("host", "localhost");
            properties.setProperty("port", ISCAppUtil.getSOAPPort());
            properties.setProperty("username", str);
            properties.setProperty(WSCDefines.PASSWORD_PARAM, str2);
            try {
                Session session = new Session();
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "mgmtSession created: " + session);
                }
                AdminClient createAdminClient = AdminClientFactory.createAdminClient(properties);
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "adminClient created: " + createAdminClient);
                }
                ConfigServiceProxy configServiceProxy = new ConfigServiceProxy(createAdminClient);
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "configService created: " + configServiceProxy);
                }
                ObjectName objectName = configServiceProxy.resolve(session, "AuthorizationTableExt=admin-authz.xml")[0];
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "adminAuth created: " + objectName);
                }
                ArrayList arrayList = (ArrayList) configServiceProxy.getAttribute(session, objectName, "authorizations");
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "authorizationsArrayList created: " + arrayList);
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    Object next = it.next();
                    if (logger.isLoggable(Level.FINER)) {
                        logger.logp(Level.FINER, CLASSNAME, "syncAuthzWithArgus_adminClient", "next authorization (" + next.getClass().getName() + ") : " + next);
                    }
                }
                List<AttributeList> list = (List) configServiceProxy.getAttribute(session, objectName, "authorizations");
                Iterator it2 = adminConsoleCommonRoles.iterator();
                while (it2.hasNext()) {
                    String str3 = (String) it2.next();
                    List<String> usersInRole = RoleServiceUtil.getUsersInRole(str3);
                    List<String> groupsInRole = RoleServiceUtil.getGroupsInRole(str3);
                    for (AttributeList attributeList : list) {
                        ObjectName createObjectName = ConfigServiceHelper.createObjectName(attributeList);
                        ObjectName objectName2 = (ObjectName) ConfigServiceHelper.getAttributeValue(attributeList, "role");
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "foundAuthON : " + createObjectName.toString());
                        }
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "foundRoleON : " + objectName2.toString());
                        }
                        String str4 = (String) configServiceProxy.getAttribute(session, objectName2, "roleName");
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "foundRoleName : " + str4.toString());
                        }
                        if (str4.equals(str3) || (str4.equals(ADMIN_CONSOLE_SECURITY_ROLE) && str3.equals("iscadmins"))) {
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Found one of the admin roles to sync: " + str3);
                            }
                            configServiceProxy.unsetAttributes(session, createObjectName, new String[]{"users", "groups"});
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Old users/groups removed.");
                            }
                            Iterator<String> it3 = usersInRole.iterator();
                            while (it3.hasNext()) {
                                String obj = it3.next().toString();
                                String str5 = null;
                                try {
                                    str5 = VMMUtil.getUser(obj).getUid();
                                } catch (Exception e) {
                                    logger.logp(Level.SEVERE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Unable to get uid using VMM util for user " + obj);
                                }
                                String userAccessId = getUserAccessId(str5);
                                AttributeList attributeList2 = new AttributeList();
                                ConfigServiceHelper.setAttributeValue(attributeList2, "name", str5);
                                ConfigServiceHelper.setAttributeValue(attributeList2, "accessId", userAccessId);
                                configServiceProxy.createConfigData(session, createObjectName, "users", "UserExt", attributeList2);
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "User added: " + userAccessId);
                                }
                            }
                            Iterator<String> it4 = groupsInRole.iterator();
                            while (it4.hasNext()) {
                                String obj2 = it4.next().toString();
                                String str6 = null;
                                try {
                                    str6 = VMMUtil.getGroup(obj2).getGid();
                                } catch (Exception e2) {
                                    logger.logp(Level.SEVERE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Unable to get gid using VMM util for group " + obj2);
                                }
                                String groupAccessId = getGroupAccessId(str6);
                                AttributeList attributeList3 = new AttributeList();
                                ConfigServiceHelper.setAttributeValue(attributeList3, "name", str6);
                                ConfigServiceHelper.setAttributeValue(attributeList3, "accessId", groupAccessId);
                                configServiceProxy.createConfigData(session, createObjectName, "groups", "GroupExt", attributeList3);
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Group added: " + groupAccessId);
                                }
                            }
                        }
                    }
                }
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "configService saving...");
                }
                configServiceProxy.save(session, true);
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "syncAuthzWithArgus_adminClient", "configService save complete.");
                }
            } catch (Exception e3) {
                logger.logp(Level.SEVERE, CLASSNAME, "syncAuthzWithArgus_adminClient", "Exception using configService: " + e3);
                PerformanceAnalysisUtil.logStackTrace(Level.WARNING);
                z = false;
            }
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.exiting(CLASSNAME, "syncAuthzWithArgus_adminClient", z + "");
        }
        return z;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [java.util.List] */
    /* JADX WARN: Type inference failed for: r0v48, types: [java.util.List] */
    public static String getUniqueUserName(String str) {
        ArrayList arrayList = new ArrayList();
        String str2 = "";
        if (str.contains(",")) {
            String[] split = str.split(",");
            if (split != null && split.length > 0) {
                arrayList = Arrays.asList(split);
            }
        } else {
            arrayList = Arrays.asList(str);
        }
        if (arrayList.size() >= 2) {
            String trim = ((String) arrayList.get(0)).trim();
            int indexOf = trim.indexOf("=");
            String substring = indexOf != -1 ? trim.substring(indexOf + 1, trim.length()) : trim;
            if (substring.endsWith("\\")) {
                substring = substring.substring(0, substring.length() - 1);
            }
            String trim2 = ((String) arrayList.get(1)).trim();
            str2 = trim2.indexOf("=") == -1 ? substring + "," + trim2 : substring;
        } else {
            logger.logp(Level.SEVERE, CLASSNAME, "getUniqueUserName()", "Unable to store accessid in admin-authz.xml for '" + str + "'");
        }
        return str2;
    }

    static {
        isEWAS = ProductInfoImpl.getInstance().getPlatform() == 2;
        adminConsoleCommonRoles = new ArrayList();
        adminConsoleCommonRoles.add(Constants.ISCADMINROLE_KEY);
        adminConsoleCommonRoles.add("operator");
        adminConsoleCommonRoles.add("configurator");
        adminConsoleCommonRoles.add("monitor");
        adminConsoleCommonRoles.add("iscadmins");
    }
}
