package com.ibm.isc.datastore.global;

import com.ibm.isc.datastore.DatastoreConstants;
import com.ibm.isc.datastore.DatastoreException;
import com.ibm.isc.datastore.exceptions.PreferenceProfileAlreadyExistsException;
import com.ibm.isc.datastore.exceptions.PreferenceProfileNotExistException;
import com.ibm.isc.datastore.exceptions.ProfileReferenceAlreadyAssignedException;
import com.ibm.isc.datastore.exceptions.ProfileReferenceNotAssignedException;
import com.ibm.isc.datastore.exceptions.RoleAlreadyExistsException;
import com.ibm.isc.datastore.exceptions.RoleAlreadyExistsInAppRoles;
import com.ibm.isc.datastore.exceptions.RoleCantDeleteException;
import com.ibm.isc.datastore.exceptions.RoleCaseMismatchException;
import com.ibm.isc.datastore.exceptions.RoleInvalidNameException;
import com.ibm.isc.datastore.exceptions.RoleNotExistException;
import com.ibm.isc.deploy.helper.IscDeployCoreException;
import com.ibm.isc.ha.runtime.RepositoryException;
import com.ibm.isc.ha.runtime.RepositoryManagerFactory;
import com.ibm.isc.wccm.approles.ApprolesFactory;
import com.ibm.isc.wccm.approles.DocumentRoot;
import com.ibm.isc.wccm.approles.IbmPortalAppRoles;
import com.ibm.isc.wccm.approles.ProfileDefinition;
import com.ibm.isc.wccm.approles.ProfileRef;
import com.ibm.isc.wccm.approles.impl.ApprolesPackageImpl;
import com.ibm.isc.wccm.security.ApplicationRole;
import com.ibm.isc.wccm.security.util.SecurityResourceFactoryImpl;
import com.ibm.isclite.common.util.AuditUtil;
import com.ibm.isclite.common.util.ISCAppUtil;
import com.ibm.isclite.common.util.PerformanceAnalysisUtil;
import com.ibm.isclite.common.util.SecurityUtil;
import com.ibm.isclite.platform.ProductInfoImpl;
import com.ibm.isclite.runtime.Constants;
import com.ibm.isclite.service.datastore.IReadWriteLocks;
import com.ibm.isclite.service.security.roles.RoleServiceUtil;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import java.io.File;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.EPackage;
import org.eclipse.emf.ecore.resource.Resource;
import org.eclipse.emf.ecore.resource.ResourceSet;
import org.eclipse.emf.ecore.util.EcoreUtil;

/* loaded from: input_file:com/ibm/isc/datastore/global/UpdateAppRolesStore.class */
public class UpdateAppRolesStore extends UpdateStore {
    protected static final Logger logger = Logger.getLogger(UpdateAppRolesStore.class.getName());
    private ApprolesFactory factory;
    protected IbmPortalAppRoles docRoot;
    protected UpdateArgusStore argusStore;
    private static final boolean isEWAS;
    private static ArrayList adminConsoleCommonRoles;
    private static final String TIP_CONSOLE_SECURITY_ROLE = "iscadmins";
    private static final String ADMIN_CONSOLE_SECURITY_ROLE = "adminsecuritymanager";

    public UpdateAppRolesStore(ResourceSet resourceSet, WorkSpace workSpace) {
        super(resourceSet);
        CLASSNAME = UpdateAppRolesStore.class.getName();
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            this.ws = workSpace;
            initArgusStore(resourceSet);
            initFactory();
            initResource(false);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "UpdateAppRolesStore");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public UpdateAppRolesStore(WorkSpace workSpace, String str) {
        super(workSpace, str);
        CLASSNAME = UpdateAppRolesStore.class.getName();
        logger.entering(CLASSNAME, "UpdateAppRolesStore(workspace,cellName)");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            this.ws = workSpace;
            initArgusStore(null);
            initFactory();
            initResource(true);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "UpdateAppRolesStore(workspace,cellName)");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public UpdateAppRolesStore(ResourceSet resourceSet) {
        super(resourceSet);
        CLASSNAME = UpdateAppRolesStore.class.getName();
        logger.entering(CLASSNAME, "UpdateAppRolesStore(resSet)");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initArgusStore(resourceSet);
            initFactory();
            initResource(false);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "UpdateAppRolesStore(resSet)");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    protected void initArgusStore(ResourceSet resourceSet) {
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            if (resourceSet == null) {
                boolean exists = new File(this.wsTempBaseURI).exists();
                boolean exists2 = new File(baseURI).exists();
                if (exists && !exists2) {
                    this.argusStore = new UpdateArgusStore(this.wsTempBaseURI, resourceSet);
                } else if (exists && exists2) {
                    this.argusStore = new UpdateArgusStore(baseURI, resourceSet);
                } else {
                    this.argusStore = new UpdateArgusStore(baseURI, resourceSet);
                }
            } else {
                this.argusStore = new UpdateArgusStore(resourceSet);
            }
            IReadWriteLocks.storeWrite.unlock();
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    private void initFactory() {
        logger.entering(CLASSNAME, "initFactory");
        Resource.Factory.Registry.INSTANCE.getExtensionToFactoryMap().put("xml", new SecurityResourceFactoryImpl());
        ApprolesPackageImpl.init();
        this.factory = EPackage.Registry.INSTANCE.getEPackage("http://www.ibm.com/tivoli/tip/schemas/2.1/ibm-portal-approles.xsd").getApprolesFactory();
        logger.exiting(CLASSNAME, "initFactory");
    }

    protected void initResource(boolean z) {
        logger.entering(CLASSNAME, "initResource");
        long time = new Date().getTime();
        String str = z ? this.wsTempBaseURI + File.separator + "appRoles.xml" : baseURI + File.separator + "appRoles.xml";
        URI createFileURI = URI.createFileURI(str);
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            try {
                this.resource = this.resSet.getResource(createFileURI, true);
            } catch (Exception e) {
                logger.logp(Level.FINE, "UpdateAppRolesStore", "initAppRolesResource", "AppRoles Registry does not exist. It will be created." + e.getMessage());
            }
            if (this.resource == null) {
                try {
                    this.resource = this.resSet.createResource(createFileURI);
                    DocumentRoot createDocumentRoot = this.factory.createDocumentRoot();
                    createDocumentRoot.setIbmPortalApproles(this.factory.createIbmPortalAppRoles());
                    this.resource.getContents().add(createDocumentRoot);
                    HashMap hashMap = new HashMap();
                    hashMap.put("ENCODING", "UTF-8");
                    initDocRoot();
                    addSystemRolesFromArgus();
                    this.resource.save(hashMap);
                } catch (IOException e2) {
                    logger.logp(Level.SEVERE, CLASSNAME, "addNode", e2.toString());
                    logger.exiting(CLASSNAME, "addNode");
                }
            } else {
                initDocRoot();
            }
            ResourceMonitorManager.addResourceMonitor(str);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "initResource");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void save(boolean z) throws RepositoryException {
        logger.entering(CLASSNAME, "save");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            if (RepositoryManagerFactory.isInTransaction()) {
                if (z) {
                    this.argusStore.updateDatastore();
                    if (isEWAS) {
                        UpdateAdminAuthzStore updateAdminAuthzStore = new UpdateAdminAuthzStore(this.ws, ISCAppUtil.getCellName());
                        Iterator it = adminConsoleCommonRoles.iterator();
                        while (it.hasNext()) {
                            String str = (String) it.next();
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "save", "Synchronizing admin-authz.xml users/groups for role '" + str + "'...");
                            }
                            List<String> usersInRole = RoleServiceUtil.getUsersInRole(str);
                            List<String> groupsInRole = RoleServiceUtil.getGroupsInRole(str);
                            updateAdminAuthzStore.setUsersInRole(str, usersInRole);
                            updateAdminAuthzStore.setGroupsInRole(str, groupsInRole);
                            if (str.equals("iscadmins")) {
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "save", "Synchronizing admin-authz.xml users/groups for role 'adminsecuritymanager'...");
                                }
                                updateAdminAuthzStore.setUsersInRole(ADMIN_CONSOLE_SECURITY_ROLE, usersInRole);
                                updateAdminAuthzStore.setGroupsInRole(ADMIN_CONSOLE_SECURITY_ROLE, groupsInRole);
                            }
                        }
                        try {
                            updateAdminAuthzStore.synch();
                        } catch (DatastoreException e) {
                            logger.logp(Level.SEVERE, CLASSNAME, "save", "DatastoreException saving admin-authz data: " + e);
                            logger.logp(Level.SEVERE, CLASSNAME, "save", "Admin Console roles may be out of sync.");
                        }
                    }
                }
                super.save();
                AuditUtil auditUtil = new AuditUtil();
                if (auditUtil.isAuditEnable()) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("Update appRoles Store", "Role mapping update in appRoles Store");
                    auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                }
                IReadWriteLocks.storeWrite.unlock();
                logger.exiting(CLASSNAME, "save");
            }
            try {
                try {
                    RepositoryManagerFactory.beginTransaction();
                    if (z) {
                        this.argusStore.updateDatastore();
                        if (isEWAS) {
                            UpdateAdminAuthzStore updateAdminAuthzStore2 = new UpdateAdminAuthzStore(this.ws, ISCAppUtil.getCellName());
                            Iterator it2 = adminConsoleCommonRoles.iterator();
                            while (it2.hasNext()) {
                                String str2 = (String) it2.next();
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "save", "Synchronizing admin-authz.xml users/groups for role '" + str2 + "'...");
                                }
                                List<String> usersInRole2 = RoleServiceUtil.getUsersInRole(str2);
                                List<String> groupsInRole2 = RoleServiceUtil.getGroupsInRole(str2);
                                updateAdminAuthzStore2.setUsersInRole(str2, usersInRole2);
                                updateAdminAuthzStore2.setGroupsInRole(str2, groupsInRole2);
                                if (str2.equals("iscadmins")) {
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.logp(Level.FINE, CLASSNAME, "save", "Synchronizing admin-authz.xml users/groups for role 'adminsecuritymanager'...");
                                    }
                                    updateAdminAuthzStore2.setUsersInRole(ADMIN_CONSOLE_SECURITY_ROLE, usersInRole2);
                                    updateAdminAuthzStore2.setGroupsInRole(ADMIN_CONSOLE_SECURITY_ROLE, groupsInRole2);
                                }
                            }
                            try {
                                updateAdminAuthzStore2.synch();
                            } catch (DatastoreException e2) {
                                logger.logp(Level.SEVERE, CLASSNAME, "save", "DatastoreException saving admin-authz data: " + e2);
                                logger.logp(Level.SEVERE, CLASSNAME, "save", "Admin Console roles may be out of sync.");
                            }
                        }
                    }
                    super.save();
                    AuditUtil auditUtil2 = new AuditUtil();
                    if (auditUtil2.isAuditEnable()) {
                        HashMap hashMap2 = new HashMap();
                        hashMap2.put("Update appRoles Store", "Role mapping update in appRoles Store");
                        auditUtil2.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                    RepositoryManagerFactory.commitTransaction();
                    IReadWriteLocks.storeWrite.unlock();
                    logger.exiting(CLASSNAME, "save");
                } catch (Throwable th) {
                    RepositoryManagerFactory.rollbackTransaction();
                    throw new RepositoryException(th.getMessage());
                }
            } catch (RepositoryException e3) {
                RepositoryManagerFactory.rollbackTransaction();
                throw e3;
            }
        } catch (Throwable th2) {
            IReadWriteLocks.storeWrite.unlock();
            throw th2;
        }
    }

    public void saveWithoutAuthz() throws RepositoryException {
        logger.entering(CLASSNAME, "saveWithoutAuthz");
        super.save();
        AuditUtil auditUtil = new AuditUtil();
        if (auditUtil.isAuditEnable()) {
            HashMap hashMap = new HashMap();
            hashMap.put("Update appRoles Store", "Role mapping update in appRoles Store");
            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
        }
        logger.exiting(CLASSNAME, "saveWithoutAuthz");
    }

    @Override // com.ibm.isc.datastore.global.UpdateStore
    public void updateDatastore(String str) throws WorkSpaceException {
        logger.entering(CLASSNAME, "updateDatastore");
        super.updateDatastore(str);
        AuditUtil auditUtil = new AuditUtil();
        if (auditUtil.isAuditEnable()) {
            HashMap hashMap = new HashMap();
            hashMap.put("Update appRoles Store", "Role mapping update in appRoles Store");
            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
        }
        this.argusStore.updateDatastore();
        logger.exiting(CLASSNAME, "updateDatastore");
    }

    @Override // com.ibm.isc.datastore.global.UpdateStore
    public void updateDatastore() {
        logger.entering(CLASSNAME, "updateDatastore");
        super.updateDatastore();
        AuditUtil auditUtil = new AuditUtil();
        if (auditUtil.isAuditEnable()) {
            HashMap hashMap = new HashMap();
            hashMap.put("Update appRoles Store", "Role mapping update in appRoles Store");
            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
        }
        this.argusStore.updateDatastore();
        logger.exiting(CLASSNAME, "updateDatastore");
    }

    protected void addCoreAppRoles() {
        logger.entering(CLASSNAME, "addSystemAppRoles");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            addCoreRole(Constants.ISCADMINROLE_KEY);
            addCoreRole("configurator");
            addCoreRole("operator");
            addCoreRole("monitor");
            addCoreRole("deployer");
            addCoreRole(ADMIN_CONSOLE_SECURITY_ROLE);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "addSystemAppRoles");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    private void addSystemRolesFromArgus() {
        logger.entering(CLASSNAME, "addSystemRolesFromAdminAuthz");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            Set<String> applicationRoles = this.argusStore.getApplicationRoles();
            for (String str : applicationRoles) {
                try {
                    validateRoleInAppRolesStore(str);
                    addRoleToAppRolesStore(str, DatastoreConstants.SYSTEM_ROLE);
                } catch (RoleAlreadyExistsInAppRoles e) {
                    logger.logp(Level.WARNING, CLASSNAME, "addSystemRolesFromAdminAuthz", "Application role '" + str + "' is not added to the datastore, because it already exists.");
                } catch (RoleCaseMismatchException e2) {
                    logger.logp(Level.WARNING, CLASSNAME, "addSystemRolesFromAdminAuthz", e2.getMessage());
                }
            }
            if (!applicationRoles.contains(SecurityUtil.ISCUSERS_ROLE)) {
                addRoleToAppRolesStore(SecurityUtil.ISCUSERS_ROLE, DatastoreConstants.SYSTEM_ROLE);
            }
            if (!applicationRoles.contains("monitor")) {
                addRoleToAppRolesStore("monitor", DatastoreConstants.SYSTEM_ROLE);
            }
            if (!applicationRoles.contains("operator")) {
                addRoleToAppRolesStore("operator", DatastoreConstants.SYSTEM_ROLE);
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "addSystemRolesFromAdminAuthz");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    @Override // com.ibm.isc.datastore.global.UpdateStore
    protected void initDocRoot() {
        logger.entering(CLASSNAME, "initDocRoot");
        synchronized (IReadWriteLocks.appRoles) {
            this.docRoot = ((DocumentRoot) this.resource.getContents().get(0)).getIbmPortalApproles();
        }
        logger.exiting(CLASSNAME, "initDocRoot");
    }

    public ApprolesFactory getFactory() {
        logger.entering(CLASSNAME, "getFactory");
        if (this.factory == null) {
            initFactory();
        }
        logger.exiting(CLASSNAME, "getFactory");
        return this.factory;
    }

    public IbmPortalAppRoles getDocRoot() {
        logger.entering(CLASSNAME, "getDocRoot()");
        if (this.docRoot == null) {
            initDocRoot();
        }
        logger.exiting(CLASSNAME, "getDocRoot()");
        return this.docRoot;
    }

    public boolean validateRolesToBeCreated(Vector vector, String str) throws IscDeployCoreException {
        logger.entering(CLASSNAME, "validateRolesToBeCreated()");
        if (str.indexOf(",") != -1) {
            String str2 = "Commas are not allowed in roles:" + str;
            logger.logp(Level.SEVERE, CLASSNAME, "validateRolesToBeCreated()", str2);
            logger.exiting(CLASSNAME, "validateRolesToBeCreated()");
            throw new IscDeployCoreException(str2);
        }
        long time = new Date().getTime();
        IReadWriteLocks.storeRead.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeRead");
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                ApplicationRole applicationRole = (ApplicationRole) it.next();
                if (applicationRole.getUniqueName().toString().equalsIgnoreCase(str)) {
                    String str3 = "Same role '" + str + "' with different alphabetic case is found in the ibm-portal-security.xml '" + applicationRole.getUniqueName() + "', Please check roles in the ibm-portal-security.xml file.";
                    logger.logp(Level.SEVERE, CLASSNAME, "validateRolesToBeCreated()", str3);
                    logger.exiting(CLASSNAME, "validateRolesToBeCreated()");
                    AuditUtil auditUtil = new AuditUtil();
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("validateRoleInAppRolesStore: " + str, str3);
                        auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                    }
                    throw new IscDeployCoreException(str3);
                }
            }
            IReadWriteLocks.storeRead.unlock();
            logger.exiting(CLASSNAME, "validateRolesToBeCreated()");
            return true;
        } catch (Throwable th) {
            IReadWriteLocks.storeRead.unlock();
            throw th;
        }
    }

    public void validateRoleName(String str) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "validateRoleName");
        UpdateStoreUtil.validateRoleName(str);
        logger.exiting(CLASSNAME, "validateRoleName");
    }

    public void validateRoleInAppRolesStore(String str) throws RoleAlreadyExistsInAppRoles, RoleCaseMismatchException {
        logger.entering(CLASSNAME, "validateRoleInAppRolesStore");
        if (Constants.ALL_USERS.equalsIgnoreCase(str) && !Constants.ALL_USERS.equals(str)) {
            String str2 = "Application role with name '" + str + "' already exists in appRoles.xml with letter case mismatch between existing role '" + Constants.ALL_USERS + "'";
            logger.logp(Level.WARNING, CLASSNAME, "validateRoleInAppRolesStore", str2);
            logger.exiting(CLASSNAME, "validateRoleInAppRolesStore");
            AuditUtil auditUtil = new AuditUtil();
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap = new HashMap();
                hashMap.put("validateRoleInAppRolesStore: " + str, str2);
                auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
            }
            throw new RoleCaseMismatchException(str2, Constants.ALL_USERS);
        }
        long time = new Date().getTime();
        IReadWriteLocks.storeRead.lock();
        AuditUtil auditUtil2 = new AuditUtil();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeRead");
            initDocRoot();
            Iterator it = this.docRoot.getApplicationRole().iterator();
            while (it.hasNext()) {
                String uniqueName = ((com.ibm.isc.wccm.approles.ApplicationRole) it.next()).getUniqueName();
                if (uniqueName.equalsIgnoreCase(str)) {
                    if (uniqueName.equals(str)) {
                        String str3 = "Application role with name '" + str + "' already exists in appRoles.xml";
                        logger.logp(Level.WARNING, CLASSNAME, "validateRoleInAppRolesStore", str3);
                        logger.exiting(CLASSNAME, "validateRoleInAppRolesStore");
                        if (auditUtil2.isAuditEnable()) {
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put("validateRoleInAppRolesStore" + str, str3);
                            auditUtil2.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                        }
                        throw new RoleAlreadyExistsInAppRoles(str3);
                    }
                    String str4 = "Application role with name '" + str + "' already exists in appRoles.xml with letter case mismatch between existing role '" + uniqueName + "'";
                    logger.logp(Level.WARNING, CLASSNAME, "validateRoleInAppRolesStore", str4);
                    logger.exiting(CLASSNAME, "validateRoleInAppRolesStore");
                    if (auditUtil2.isAuditEnable()) {
                        HashMap hashMap3 = new HashMap();
                        hashMap3.put("validateRoleInAppRolesStore" + str, str4);
                        auditUtil2.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                    }
                    throw new RoleCaseMismatchException(str4, uniqueName);
                }
            }
            IReadWriteLocks.storeRead.unlock();
            logger.exiting(CLASSNAME, "validateRoleInAppRolesStore");
        } catch (Throwable th) {
            IReadWriteLocks.storeRead.unlock();
            throw th;
        }
    }

    protected void addCoreRole(String str) {
        logger.entering(CLASSNAME, "addSystemRole");
        try {
            validateRoleInAppRolesStore(str);
        } catch (RoleAlreadyExistsInAppRoles e) {
            logger.logp(Level.WARNING, CLASSNAME, "addSystemRole", "Core role '" + str + "' is not added to the appRoles.xml, because it already exists.");
            logger.exiting(CLASSNAME, "addSystemRole");
        } catch (RoleCaseMismatchException e2) {
            logger.logp(Level.WARNING, CLASSNAME, "addSystemRole", "Core role '" + str + "' is not added to the appRoles.xml, because it already exists with different case '" + e2.getExistingRoleName() + "'");
            logger.exiting(CLASSNAME, "addSystemRole");
        }
        addRoleToAppRolesStore(str, DatastoreConstants.CORE_ROLE);
        this.argusStore.addRole(str);
        logger.exiting(CLASSNAME, "addSystemRole");
    }

    public void addRole(String str, String str2) throws RoleAlreadyExistsException, RoleInvalidNameException, RoleCaseMismatchException {
        logger.entering(CLASSNAME, "addRole(roleName,roleType)");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            try {
                validateRoleName(str);
                validateRoleInAppRolesStore(str);
                addRoleToAppRolesStore(str, str2);
                this.argusStore.addRole(str);
                IReadWriteLocks.storeWrite.unlock();
                logger.exiting(CLASSNAME, "addRole(roleName,roleType)");
            } catch (RoleAlreadyExistsInAppRoles e) {
                logger.logp(Level.WARNING, CLASSNAME, "addRole(roleName,roleType)", "Application role '" + str + "' is not added to the datastore, because it already exists.");
                logger.exiting(CLASSNAME, "addRole(roleName,roleType)");
                throw new RoleAlreadyExistsException("Application role '" + str + "' is not added to the datastore, because it already exists.", e);
            } catch (RoleInvalidNameException e2) {
                logger.logp(Level.WARNING, CLASSNAME, "addRole(roleName,roleType)", "Application role '" + str + "' is not added to the datastore, because its name is invalid.");
                logger.exiting(CLASSNAME, "addRole(roleName,roleType)");
                throw new RoleInvalidNameException("Application role '" + str + "' is not added to the datastore, because its name is invalid.", e2);
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void addOnlyAppRole(String str, String str2) throws RoleAlreadyExistsException, RoleCaseMismatchException {
        logger.entering(CLASSNAME, "addOnlyAppRole");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            try {
                validateRoleInAppRolesStore(str);
                addRoleToAppRolesStore(str, str2);
                IReadWriteLocks.storeWrite.unlock();
                logger.exiting(CLASSNAME, "addOnlyAppRole");
            } catch (RoleAlreadyExistsInAppRoles e) {
                logger.logp(Level.WARNING, CLASSNAME, "addOnlyAppRole", "Application role '" + str + "' is not added to the datastore, because it already exists.");
                logger.exiting(CLASSNAME, "addOnlyAppRole");
                throw new RoleAlreadyExistsException("Application role '" + str + "' is not added to the datastore, because it already exists.", e);
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public boolean isRoleExistedInApp(String str) {
        logger.entering(CLASSNAME, "isRoleExistedInApp");
        boolean z = false;
        Iterator it = getDocRoot().getApplicationRole().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (((com.ibm.isc.wccm.approles.ApplicationRole) it.next()).getUniqueName().equalsIgnoreCase(str)) {
                z = true;
                break;
            }
        }
        return z;
    }

    public com.ibm.isc.wccm.approles.ApplicationRole addRole(String str, List list, List list2, String str2) throws RoleAlreadyExistsException, RoleInvalidNameException, RoleCaseMismatchException {
        logger.entering(CLASSNAME, "addRole");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            try {
                try {
                    validateRoleName(str);
                    validateRoleInAppRolesStore(str);
                    com.ibm.isc.wccm.approles.ApplicationRole addRoleToAppRolesStore = addRoleToAppRolesStore(str, str2);
                    this.argusStore.addUsersToRole(str, list);
                    this.argusStore.addGroupsToRole(str, list2);
                    IReadWriteLocks.storeWrite.unlock();
                    logger.exiting(CLASSNAME, "addRole");
                    return addRoleToAppRolesStore;
                } catch (RoleInvalidNameException e) {
                    logger.logp(Level.WARNING, CLASSNAME, "addRole", "Application role '" + str + "' is not added to the datastore, because its name is invalid.");
                    logger.exiting(CLASSNAME, "addRole");
                    throw new RoleInvalidNameException("Application role '" + str + "' is not added to the datastore, because its name is invalid.", e);
                }
            } catch (RoleAlreadyExistsInAppRoles e2) {
                logger.logp(Level.WARNING, CLASSNAME, "addRole", "Application role '" + str + "' is not added to the datastore, because it already exists.");
                logger.exiting(CLASSNAME, "addRole");
                throw new RoleAlreadyExistsException("Application role '" + str + "' is not added to the datastore, because it already exists.", e2);
            }
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void updateRole(String str, String str2, String str3) throws RoleAlreadyExistsException, RoleCaseMismatchException, RoleInvalidNameException, RoleCantDeleteException {
        logger.entering(CLASSNAME, "updateRole");
        try {
            validateRoleInAppRolesStore(str2);
            this.argusStore.validateRoleInArgusStore(str2);
            updateRoleInAppRolesStore(str, str2, str3);
            this.argusStore.updateRoleName(str, str2);
            logger.exiting(CLASSNAME, "updateRole");
        } catch (RoleAlreadyExistsInAppRoles e) {
            logger.logp(Level.WARNING, CLASSNAME, "updateRole", "Application role '" + str + "' is not updated");
            logger.exiting(CLASSNAME, "updateRole");
            throw new RoleAlreadyExistsException("Application role '" + str + "' is not updated", e);
        }
    }

    public void updateRoleMapping(String str, List list, List list2) {
        logger.entering(CLASSNAME, "updateRoleMapping");
        if (str.equals(Constants.ALL_USERS) || this.argusStore.isAuthenticatedRole(str) || this.argusStore.isEveryOneInRole(str)) {
            logger.logp(Level.WARNING, CLASSNAME, "updateRoleMapping", "This role " + str + "is set to All Authenticated subject, don't need to map any users/groups on it");
            return;
        }
        this.argusStore.removeUsersFromRole(str, RoleServiceUtil.getUsersInRole(str));
        this.argusStore.addUsersToRole(str, list);
        this.argusStore.removeGroupsFromRole(str, RoleServiceUtil.getGroupsInRole(str));
        this.argusStore.addGroupsToRole(str, list2);
    }

    public void addUsersToRole(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "addUsersToRole");
        try {
            validateRoleName(str);
            this.argusStore.addUsersToRole(str, list);
            logger.exiting(CLASSNAME, "addUsersToRole");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "addUsersToRole", "Application role '" + str + "' is not added to the datastore, because its name is invalid.");
            logger.exiting(CLASSNAME, "addUsersToRole");
            throw new RoleInvalidNameException("Application role '" + str + "' is not added to the datastore, because its name is invalid.", e);
        }
    }

    public void addGroupsToRole(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "addGroupsToRole");
        try {
            validateRoleName(str);
            this.argusStore.addGroupsToRole(str, list);
            logger.exiting(CLASSNAME, "addGroupsToRole");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "addGroupsToRole", "Application role '" + str + "' is not added to the datastore, because its name is invalid.");
            logger.exiting(CLASSNAME, "addGroupsToRole");
            throw new RoleInvalidNameException("Application role '" + str + "' is not added to the datastore, because its name is invalid.", e);
        }
    }

    protected com.ibm.isc.wccm.approles.ApplicationRole addRoleToAppRolesStore(String str, String str2) {
        com.ibm.isc.wccm.approles.ApplicationRole createApplicationRole = this.factory.createApplicationRole();
        createApplicationRole.setUniqueName(str);
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat(DatastoreConstants.DATETIME_FORMAT);
        Date date = new Date();
        createApplicationRole.setDateCreated(simpleDateFormat.format(date));
        createApplicationRole.setDateUpdated(simpleDateFormat.format(date));
        createApplicationRole.setType(str2);
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            this.docRoot.getApplicationRole().add(createApplicationRole);
            AuditUtil auditUtil = new AuditUtil();
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap = new HashMap();
                hashMap.put("addRoleToAppRolesStore", "roleName " + str + " and roleType " + str2);
                auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
            }
            IReadWriteLocks.storeWrite.unlock();
            return createApplicationRole;
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    private void updateRoleInAppRolesStore(String str, String str2, String str3) {
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            Iterator it = this.docRoot.getApplicationRole().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                com.ibm.isc.wccm.approles.ApplicationRole applicationRole = (com.ibm.isc.wccm.approles.ApplicationRole) it.next();
                if (applicationRole.getUniqueName().equals(str)) {
                    applicationRole.setUniqueName(str2);
                    applicationRole.setDateUpdated(new SimpleDateFormat(DatastoreConstants.DATETIME_FORMAT).format(new Date()));
                    if (str3 != null && str3.length() > 0) {
                        applicationRole.setType(str3);
                    }
                    AuditUtil auditUtil = new AuditUtil();
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("UpdateRoleInAppRolesStore: " + str, "SUCCESS");
                        auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                }
            }
            IReadWriteLocks.storeWrite.unlock();
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void updateRoleTimeStamp(String str) {
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            Iterator it = this.docRoot.getApplicationRole().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                com.ibm.isc.wccm.approles.ApplicationRole applicationRole = (com.ibm.isc.wccm.approles.ApplicationRole) it.next();
                if (applicationRole.getUniqueName().equals(str)) {
                    applicationRole.setDateUpdated(new SimpleDateFormat(DatastoreConstants.DATETIME_FORMAT).format(new Date()));
                    AuditUtil auditUtil = new AuditUtil();
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("updateRoleTimeStamp: " + str, "SUCCESS");
                        auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                }
            }
            IReadWriteLocks.storeWrite.unlock();
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public List removeRoles(List list) {
        logger.entering(CLASSNAME, "removeRoles");
        ArrayList arrayList = new ArrayList();
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            Vector<com.ibm.isc.wccm.approles.ApplicationRole> vector = new Vector();
            vector.addAll(this.docRoot.getApplicationRole());
            String str = "";
            for (com.ibm.isc.wccm.approles.ApplicationRole applicationRole : vector) {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    if (applicationRole.getUniqueName().equals((String) it.next()) && !applicationRole.getType().equals(DatastoreConstants.CORE_ROLE)) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "removeRoles", "   Removing : " + applicationRole.getUniqueName() + "," + applicationRole.getUniqueName());
                        }
                        this.docRoot.getApplicationRole().remove(applicationRole);
                        arrayList.add(applicationRole);
                        str = applicationRole.getUniqueName() + "+" + str;
                        EcoreUtil.remove(applicationRole);
                    }
                }
            }
            AuditUtil auditUtil = new AuditUtil();
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap = new HashMap();
                hashMap.put("removeRoles in appRoles store", "roleNames:  " + str);
                auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
            }
            this.argusStore.removeRoles(list);
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "removeRoles");
            return arrayList;
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void removeRole(String str) {
        logger.entering(CLASSNAME, "removeRoles");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            ArrayList<com.ibm.isc.wccm.approles.ApplicationRole> arrayList = new ArrayList();
            arrayList.addAll(this.docRoot.getApplicationRole());
            for (com.ibm.isc.wccm.approles.ApplicationRole applicationRole : arrayList) {
                if (applicationRole.getUniqueName().equals(str) && !applicationRole.getType().equals(DatastoreConstants.CORE_ROLE)) {
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASSNAME, "removeRoles", "   Removing : " + applicationRole.getUniqueName() + "," + applicationRole.getUniqueName());
                    }
                    EcoreUtil.remove(applicationRole);
                    this.docRoot.getApplicationRole().remove(applicationRole);
                    AuditUtil auditUtil = new AuditUtil();
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("removeRole in appRoles store: roleName", "Remove roleName Successfully");
                        auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                    try {
                        this.argusStore.validateRoleInArgusStore(applicationRole.getUniqueName());
                        this.argusStore.removeRole(str);
                    } catch (RoleCantDeleteException e) {
                        logger.logp(Level.WARNING, CLASSNAME, "removeRoles", "Application role '" + str + "' is not removed");
                        logger.exiting(CLASSNAME, "removeRoles");
                        IReadWriteLocks.storeWrite.unlock();
                        return;
                    }
                }
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "removeRoles");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    private boolean checkPreferenceProfileExists(String str) {
        logger.entering(CLASSNAME, "checkPreferenceProfileExists");
        long time = new Date().getTime();
        IReadWriteLocks.storeRead.lock();
        boolean z = false;
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeRead");
            Iterator it = this.docRoot.getPreferenceProfile().iterator();
            while (it.hasNext()) {
                if (((ProfileDefinition) it.next()).getUniqueName().equals(str)) {
                    z = true;
                }
            }
            IReadWriteLocks.storeRead.unlock();
            logger.exiting(CLASSNAME, "checkPreferenceProfileExists");
            return z;
        } catch (Throwable th) {
            IReadWriteLocks.storeRead.unlock();
            throw th;
        }
    }

    public Vector removeViewFromPreferenceProfiles(String str) {
        logger.entering(CLASSNAME, "removeViewFromPreferenceProfiles");
        Vector vector = new Vector();
        long time = new Date().getTime();
        IReadWriteLocks.storeRead.lock();
        try {
            try {
                PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeRead");
                for (ProfileDefinition profileDefinition : this.docRoot.getPreferenceProfile()) {
                    if (profileDefinition.getDefaultViewId().equals(str)) {
                        vector.add(profileDefinition.getUniqueName());
                        profileDefinition.setDefaultViewId("");
                    }
                }
                saveWithoutAuthz();
                IReadWriteLocks.storeRead.unlock();
            } catch (RepositoryException e) {
                logger.logp(Level.SEVERE, CLASSNAME, "removeViewFromPreferenceProfiles", e.toString());
                IReadWriteLocks.storeRead.unlock();
                IReadWriteLocks.storeRead.unlock();
            }
            logger.exiting(CLASSNAME, "removeViewFromPreferenceProfiles");
            return vector;
        } catch (Throwable th) {
            IReadWriteLocks.storeRead.unlock();
            throw th;
        }
    }

    public void addPreferenceProfile(ProfileDefinition profileDefinition) throws PreferenceProfileAlreadyExistsException {
        logger.entering(CLASSNAME, "addPreferenceProfile");
        if (checkPreferenceProfileExists(profileDefinition.getUniqueName())) {
            logger.logp(Level.WARNING, CLASSNAME, "addPreferenceProfile", "Preference profile with name '" + profileDefinition.getUniqueName() + "' can not be added to datastore. Another preference profile with the same name already exists.");
            logger.exiting(CLASSNAME, "addPreferenceProfile");
            throw new PreferenceProfileAlreadyExistsException("Preference profile with name '" + profileDefinition.getUniqueName() + "' can not be added to datastore. Another preference profile with the same name already exists.");
        }
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            this.docRoot.getPreferenceProfile().add(new EcoreUtil.Copier().copy(profileDefinition));
            IReadWriteLocks.storeWrite.unlock();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "addPreferenceProfile", " Preference profile with name '" + profileDefinition.getUniqueName() + "' was added.");
            }
            logger.exiting(CLASSNAME, "addPreferenceProfile");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void removePreferenceProfiles(List list) throws PreferenceProfileNotExistException {
        logger.entering(CLASSNAME, "removePreferenceProfiles");
        long currentTimeMillis = System.currentTimeMillis();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(System.currentTimeMillis() - currentTimeMillis, "IReadWriteLocks.storeWrite");
            Iterator it = list.iterator();
            while (it.hasNext()) {
                removePreferenceProfile((String) it.next());
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "removePreferenceProfiles");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void removePreferenceProfile(String str) throws PreferenceProfileNotExistException {
        logger.entering(CLASSNAME, "removePreferenceProfile , preferenceProfileUniqueName : " + str);
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            reload();
            Vector vector = new Vector();
            vector.addAll(this.docRoot.getPreferenceProfile());
            while (vector.size() > 0) {
                ProfileDefinition profileDefinition = (ProfileDefinition) vector.get(0);
                if (profileDefinition.getUniqueName().equals(str)) {
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASSNAME, "removePreferenceProfile", "   Removing : " + profileDefinition.getUniqueName());
                    }
                    EcoreUtil.remove(profileDefinition);
                    logger.exiting(CLASSNAME, "removePreferenceProfile");
                    IReadWriteLocks.storeWrite.unlock();
                    return;
                }
                vector.remove(0);
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.logp(Level.WARNING, CLASSNAME, "removePreferenceProfile", "Could not delete preference profile. Preference Profile with name '" + str + "' does not exist");
            logger.exiting(CLASSNAME, "removePreferenceProfile");
            throw new PreferenceProfileNotExistException("Could not delete preference profile. Preference Profile with name '" + str + "' does not exist");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void addPreferenceProfileRefToAppRole(String str, String str2) throws ProfileReferenceAlreadyAssignedException, PreferenceProfileNotExistException, RoleNotExistException {
        logger.entering(CLASSNAME, "addPreferenceProfileRefToAppRole , preferenceProfileUniqueName : " + str + " , applicationRoleUniqueName : " + str2);
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        AuditUtil auditUtil = new AuditUtil();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            initDocRoot();
            for (com.ibm.isc.wccm.approles.ApplicationRole applicationRole : this.docRoot.getApplicationRole()) {
                String uniqueName = applicationRole.getUniqueName();
                if (uniqueName.equals(str2)) {
                    if (applicationRole.getPreferencesProfileRef() != null) {
                        logger.logp(Level.WARNING, CLASSNAME, "addPreferenceProfileRefToAppRole", "Could not add preference profile reference. Preference Profile Reference for application role '" + str2 + "' already exists");
                        logger.exiting(CLASSNAME, "addPreferenceProfileRefToAppRole");
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap = new HashMap();
                            hashMap.put("addPreferenceProfileRefToAppRole: " + uniqueName, "Could not add preference profile reference. Preference Profile Reference for application role '" + str2 + "' already exists");
                            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                        }
                        throw new ProfileReferenceAlreadyAssignedException("Could not add preference profile reference. Preference Profile Reference for application role '" + str2 + "' already exists");
                    }
                    if (!checkPreferenceProfileExists(str)) {
                        logger.logp(Level.WARNING, CLASSNAME, "addPreferenceProfileRefToAppRole", "Could not add preference profile reference. Preference Profile with name '" + str + "' does not exist");
                        logger.exiting(CLASSNAME, "addPreferenceProfileRefToAppRole");
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap2 = new HashMap();
                            hashMap2.put("addPreferenceProfileRefToAppRole: " + str2, "Could not add preference profile reference. Preference Profile with name '" + str + "' does not exist");
                            auditUtil.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "ERROR", 47L);
                        }
                        throw new PreferenceProfileNotExistException("Could not add preference profile reference. Preference Profile with name '" + str + "' does not exist");
                    }
                    ProfileRef createProfileRef = this.factory.createProfileRef();
                    createProfileRef.setUniqueName(str);
                    applicationRole.setPreferencesProfileRef(createProfileRef);
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASSNAME, "addPreferenceProfileRefToAppRole", "Preference Profile Reference with name '" + str + "' for application role '" + str2 + "' was added.");
                    }
                    logger.exiting(CLASSNAME, "addPreferenceProfileRefToAppRole");
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap3 = new HashMap();
                        hashMap3.put("addPreferenceProfileRefToAppRole: " + str2, "Preference Profile Reference with name '" + str + "' for application role '" + str2 + "' was added.");
                        auditUtil.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                    IReadWriteLocks.storeWrite.unlock();
                    return;
                }
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.logp(Level.WARNING, CLASSNAME, "addPreferenceProfileRefToAppRole", "Could not add preference profile reference. Application role with name '" + str2 + "' does not exist");
            logger.exiting(CLASSNAME, "addPreferenceProfileRefToAppRole");
            throw new RoleNotExistException("Could not add preference profile reference. Application role with name '" + str2 + "' does not exist");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public String getPreferenceProfileUniqueNameByTitle(String str) {
        long time = new Date().getTime();
        IReadWriteLocks.storeRead.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeRead");
            for (ProfileDefinition profileDefinition : this.docRoot.getPreferenceProfile()) {
                if (profileDefinition.getTitle().equals(str)) {
                    String uniqueName = profileDefinition.getUniqueName();
                    IReadWriteLocks.storeRead.unlock();
                    return uniqueName;
                }
            }
            IReadWriteLocks.storeRead.unlock();
            return "";
        } catch (Throwable th) {
            IReadWriteLocks.storeRead.unlock();
            throw th;
        }
    }

    public void removePreferenceProfileRefFromAppRole(String str) throws RoleNotExistException, ProfileReferenceNotAssignedException {
        logger.entering(CLASSNAME, "removePreferenceProfileRefFromAppRole , applicationRoleUniqueName : " + str);
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        AuditUtil auditUtil = new AuditUtil();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            Vector vector = new Vector();
            vector.addAll(this.docRoot.getApplicationRole());
            while (vector.size() > 0) {
                com.ibm.isc.wccm.approles.ApplicationRole applicationRole = (com.ibm.isc.wccm.approles.ApplicationRole) vector.get(0);
                if (applicationRole.getUniqueName().equals(str)) {
                    ProfileRef preferencesProfileRef = applicationRole.getPreferencesProfileRef();
                    if (preferencesProfileRef == null) {
                        logger.logp(Level.WARNING, CLASSNAME, "removePreferenceProfileRefFromAppRole", "Could not remove preference profile reference. Application role with name '" + str + "' does not have any pereference profile reference");
                        logger.exiting(CLASSNAME, "removePreferenceProfileRefFromAppRole");
                        if (auditUtil.isAuditEnable()) {
                            HashMap hashMap = new HashMap();
                            hashMap.put("removePreferenceProfileRefFromAppRole: " + str, "Could not remove preference profile reference. Application role with name '" + str + "' does not have any pereference profile reference");
                            auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "INFO", 47L);
                        }
                        throw new ProfileReferenceNotAssignedException("Could not remove preference profile reference. Application role with name '" + str + "' does not have any pereference profile reference");
                    }
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASSNAME, "removePreferenceProfileRefFromAppRole", "Removing preference profile '" + preferencesProfileRef.getUniqueName() + "' from application role '" + str + "'");
                    }
                    EcoreUtil.remove(preferencesProfileRef);
                    logger.exiting(CLASSNAME, "removePreferenceProfileRefFromAppRole");
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap2 = new HashMap();
                        hashMap2.put("removePreferenceProfileRefFromAppRole: " + str, "Removing preference profile '" + preferencesProfileRef.getUniqueName() + "' from application role '" + str + "'");
                        auditUtil.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                    IReadWriteLocks.storeWrite.unlock();
                    return;
                }
                vector.remove(0);
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.logp(Level.WARNING, CLASSNAME, "removePreferenceProfileRefFromAppRole", "Could not remove preference profile reference. Application role with name '" + str + "' does not exist");
            logger.exiting(CLASSNAME, "removePreferenceProfileRefFromAppRole");
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap3 = new HashMap();
                hashMap3.put("removePreferenceProfileRefFromAppRole: " + str, "Could not remove preference profile reference. Application role with name '" + str + "' does not exist");
                auditUtil.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "INFO", 47L);
            }
            throw new RoleNotExistException("Could not remove preference profile reference. Application role with name '" + str + "' does not exist");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    public void removePreferenceProfileRefFromAppRole(List list) {
        logger.entering(CLASSNAME, "removePreferenceProfileRefFromAppRole");
        long time = new Date().getTime();
        IReadWriteLocks.storeWrite.lock();
        try {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.storeWrite");
            for (com.ibm.isc.wccm.approles.ApplicationRole applicationRole : this.docRoot.getApplicationRole()) {
                ProfileRef preferencesProfileRef = applicationRole.getPreferencesProfileRef();
                Iterator it = list.iterator();
                while (true) {
                    if (it.hasNext()) {
                        String str = (String) it.next();
                        if (preferencesProfileRef != null && preferencesProfileRef.getUniqueName().equals(str)) {
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "removePreferenceProfileRefFromAppRole", "Removing preference profile '" + str + "' from application role '" + applicationRole.getUniqueName() + "'");
                            }
                            AuditUtil auditUtil = new AuditUtil();
                            if (auditUtil.isAuditEnable()) {
                                HashMap hashMap = new HashMap();
                                hashMap.put("removePreferenceProfileRefFromAppRole:" + applicationRole.getUniqueName(), "Removing preference profile '" + str + "' from application role '" + applicationRole.getUniqueName() + "'");
                                auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                            }
                            EcoreUtil.remove(preferencesProfileRef);
                        }
                    }
                }
            }
            IReadWriteLocks.storeWrite.unlock();
            logger.exiting(CLASSNAME, "removePreferenceProfileRefFromAppRole");
        } catch (Throwable th) {
            IReadWriteLocks.storeWrite.unlock();
            throw th;
        }
    }

    @Override // com.ibm.isc.datastore.global.UpdateStore
    protected String getXmlFileName() {
        return "appRoles.xml";
    }

    public int getNumberOfUsersForRole(String str) {
        return this.argusStore.getNumberOfUsersForRole(str);
    }

    public void removeUsersFromRole(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "removeUsersFromRole");
        try {
            validateRoleName(str);
            this.argusStore.removeUsersFromRole(str, list);
            logger.exiting(CLASSNAME, "removeUsersFromRole");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "removeUsersFromRole", "Application role '" + str + "' name is invalid.");
            logger.exiting(CLASSNAME, "removeUsersFromRole");
            throw new RoleInvalidNameException("Application role '" + str + "' name is invalid.", e);
        }
    }

    public void removeGroupsFromRole(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "removeGroupsFromRole");
        try {
            validateRoleName(str);
            this.argusStore.removeGroupsFromRole(str, list);
            logger.exiting(CLASSNAME, "removeGroupsFromRole");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "removeGroupsFromRole", "Application role '" + str + "' name is invalid.");
            logger.exiting(CLASSNAME, "removeGroupsFromRole");
            throw new RoleInvalidNameException("Application role '" + str + "' name is invalid.", e);
        }
    }

    public void removeUsersFromRoleByForce(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "removeUsersFromRoleByForce");
        try {
            validateRoleName(str);
            this.argusStore.removeUsersFromRoleByForce(str, list);
            logger.exiting(CLASSNAME, "removeUsersFromRoleByForce");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "removeUsersFromRoleByForce", "Application role '" + str + "' name is invalid.");
            logger.exiting(CLASSNAME, "removeUsersFromRoleByForce");
            throw new RoleInvalidNameException("Application role '" + str + "' name is invalid.", e);
        }
    }

    public void removeGroupsFromRoleByForce(String str, List<String> list) throws RoleInvalidNameException {
        logger.entering(CLASSNAME, "removeGroupsFromRoleByForce");
        try {
            validateRoleName(str);
            this.argusStore.removeGroupsFromRoleByForce(str, list);
            logger.exiting(CLASSNAME, "removeGroupsFromRoleByForce");
        } catch (RoleInvalidNameException e) {
            logger.logp(Level.WARNING, CLASSNAME, "removeGroupsFromRoleByForce", "Application role '" + str + "' name is invalid.");
            logger.exiting(CLASSNAME, "removeGroupsFromRoleByForce");
            throw new RoleInvalidNameException("Application role '" + str + "' name is invalid.", e);
        }
    }

    public void setWorkspace(WorkSpace workSpace) {
        this.ws = workSpace;
    }

    static {
        isEWAS = ProductInfoImpl.getInstance().getPlatform() == 2;
        adminConsoleCommonRoles = new ArrayList();
        adminConsoleCommonRoles.add(Constants.ISCADMINROLE_KEY);
        adminConsoleCommonRoles.add("operator");
        adminConsoleCommonRoles.add("configurator");
        adminConsoleCommonRoles.add("monitor");
        adminConsoleCommonRoles.add("iscadmins");
    }
}
