package com.ibm.isclite.service.security;

import com.ibm.isc.datastore.DatastoreConstants;
import com.ibm.isc.datastore.DatastoreException;
import com.ibm.isc.datastore.exceptions.PortletEntityNotFoundException;
import com.ibm.isc.datastore.exceptions.PreferenceProfileNotExistException;
import com.ibm.isc.datastore.exceptions.ProfileReferenceAlreadyAssignedException;
import com.ibm.isc.datastore.exceptions.ProfileReferenceNotAssignedException;
import com.ibm.isc.datastore.exceptions.RoleAlreadyExistsException;
import com.ibm.isc.datastore.exceptions.RoleCantDeleteException;
import com.ibm.isc.datastore.exceptions.RoleCaseMismatchException;
import com.ibm.isc.datastore.exceptions.RoleInvalidNameException;
import com.ibm.isc.datastore.exceptions.RoleNotExistException;
import com.ibm.isc.datastore.global.ResourceMonitorManager;
import com.ibm.isc.datastore.global.UpdateAppRolesStore;
import com.ibm.isc.datastore.global.UpdateComponentStore;
import com.ibm.isc.datastore.global.UpdateNavigationStore;
import com.ibm.isc.datastore.global.UpdatePortletStore;
import com.ibm.isc.datastore.global.UpdateStoreUtil;
import com.ibm.isc.datastore.runtime.Category;
import com.ibm.isc.datastore.runtime.NavigationNode;
import com.ibm.isc.datastore.runtime.NavigationTree;
import com.ibm.isc.datastore.runtime.ResourceType;
import com.ibm.isc.datastore.runtime.RoleType;
import com.ibm.isc.ha.runtime.RepositoryException;
import com.ibm.isc.ha.runtime.RepositoryManagerFactory;
import com.ibm.isc.ha.stores.file.FileUtil;
import com.ibm.isc.wccm.approles.ApplicationRole;
import com.ibm.isc.wccm.approles.ApprolesFactory;
import com.ibm.isc.wccm.approles.DocumentRoot;
import com.ibm.isc.wccm.portletentities.AccessControl;
import com.ibm.isc.wccm.portletentities.impl.PortletentitiesPackageImpl;
import com.ibm.isclite.common.Properties;
import com.ibm.isclite.common.util.AuditUtil;
import com.ibm.isclite.common.util.ConsolePropertiesUtil;
import com.ibm.isclite.common.util.ISCAppUtil;
import com.ibm.isclite.common.util.PerformanceAnalysisUtil;
import com.ibm.isclite.common.util.SecurityUtil;
import com.ibm.isclite.platform.ProductInfoImpl;
import com.ibm.isclite.runtime.BrandingConstants;
import com.ibm.isclite.runtime.ConsoleViewActionSet;
import com.ibm.isclite.runtime.Constants;
import com.ibm.isclite.runtime.ConstantsExt;
import com.ibm.isclite.runtime.CoreException;
import com.ibm.isclite.runtime.GroupActionSet;
import com.ibm.isclite.runtime.NavigationNodeActionSet;
import com.ibm.isclite.runtime.UserActionSet;
import com.ibm.isclite.runtime.resourcepermissions.accesscontrol.CategoryAccessControl;
import com.ibm.isclite.runtime.resourcepermissions.accesscontrol.PageAccessControl;
import com.ibm.isclite.runtime.resourcepermissions.accesscontrol.PortletAccessControl;
import com.ibm.isclite.runtime.resourcepermissions.cache.CategoryCache;
import com.ibm.isclite.runtime.resourcepermissions.cache.PageCache;
import com.ibm.isclite.runtime.resourcepermissions.cache.PortletCache;
import com.ibm.isclite.runtime.topology.WindowMode;
import com.ibm.isclite.service.ServiceManager;
import com.ibm.isclite.service.datastore.DatastoreServiceImpl;
import com.ibm.isclite.service.datastore.IReadWriteLocks;
import com.ibm.isclite.service.datastore.categories.CategoryService;
import com.ibm.isclite.service.datastore.categories.NoSuchCategoryException;
import com.ibm.isclite.service.datastore.component.ComponentService;
import com.ibm.isclite.service.datastore.navigation.NavigationService;
import com.ibm.isclite.service.datastore.portletentities.PortletEntityService;
import com.ibm.isclite.service.datastore.topology.TopologyService;
import com.ibm.isclite.service.portletregistry.PortletModuleBean;
import com.ibm.isclite.service.security.roles.RoleServiceUtil;
import com.ibm.isclite.service.vmm.VMMUtil;
import com.ibm.websphere.management.repository.ConfigRepositoryFactory;
import com.ibm.websphere.models.config.security.LTPA;
import com.ibm.websphere.models.config.security.LocalOSUserRegistry;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.security.UserRegistry;
import com.ibm.ws.runtime.service.RepositoryFactory;
import com.ibm.ws.security.core.SecurityContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import java.io.File;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.portlet.PortletRequest;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.EPackage;
import org.eclipse.emf.ecore.resource.Resource;
import org.eclipse.emf.ecore.resource.ResourceSet;

/* loaded from: input_file:com/ibm/isclite/service/security/AbstractSecurityServiceImpl.class */
public abstract class AbstractSecurityServiceImpl extends DatastoreServiceImpl implements SecurityService {
    private static final String ROLE_DELIMITER = ",";
    private static final String ROLE_ISCUSERS = "iscusers";
    private static String CLASSNAME = "AbstractSecurityServiceImpl";
    private static Logger logger = Logger.getLogger(AbstractSecurityServiceImpl.class.getName());
    private static CopyOnWriteArrayList allAppRoles = new CopyOnWriteArrayList();
    private static List allAppRolesVO = new CopyOnWriteArrayList();
    private static Boolean userRegistryIgnoreCase = null;
    private static Long authTimeout = null;
    protected UpdateComponentStore updateComponentStore;
    protected UpdateAppRolesStore updateAppRolesStore;
    protected UpdatePortletStore updatePortletStore;
    protected UpdateNavigationStore updateNavigationStore;
    SecurityContext securitycontext = new SecurityContext();
    private Object roleService = null;
    private Method RSisUserInRole_Generic = null;
    protected Resource appRolesRes = null;
    protected ResourceSet resSet = null;
    private boolean isTechPreview = "true".equalsIgnoreCase(ConsolePropertiesUtil.getConsoleProperty(BrandingConstants.TECHPREVIEW));
    private String[] techPreviewApps = new String[0];

    protected abstract UpdateComponentStore getUpdateComponentStore();

    protected abstract UpdateNavigationStore getUpdateNavigationStore();

    protected abstract UpdateAppRolesStore getUpdateAppRolesStore(WorkSpace workSpace);

    protected abstract UpdatePortletStore getUpdatePortletStore();

    protected abstract void loadAppRolesRes() throws DatastoreException;

    @Override // com.ibm.isclite.service.datastore.DatastoreServiceImpl, com.ibm.isclite.service.Service
    public void init(ServletContext servletContext, Properties properties) throws CoreException {
        super.init(servletContext, properties);
        if (ProductInfoImpl.getInstance().getPlatform() == 1) {
            try {
                this.RSisUserInRole_Generic = Class.forName("com.ibm.isclite.indus.service.roles.RoleService").getMethod("isUserInRole", Object.class, String.class);
                this.roleService = ServiceManager.getService(Constants.ROLE_SERVICE);
            } catch (ClassNotFoundException e) {
                logger.logp(Level.SEVERE, CLASSNAME, "init( ServletContext context, Properties prop )", "Unable to load the role service: " + e.getMessage());
            } catch (NoSuchMethodException e2) {
                logger.logp(Level.SEVERE, CLASSNAME, "init( ServletContext context, Properties prop )", "Unable to find the role service isUserInRole method: " + e2.getMessage());
            } catch (SecurityException e3) {
                logger.logp(Level.SEVERE, CLASSNAME, "init( ServletContext context, Properties prop )", "Unable to load the role service isUserInRole method: " + e3.getMessage());
            }
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getPagePermissions(String str, String str2) {
        List list = null;
        try {
            list = getPagePermissions(str, ((NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE)).getSession(str2));
        } catch (CoreException e) {
            logger.logp(Level.SEVERE, CLASSNAME, "getPagePermissions", "CoreException while getting the navigationService:" + e);
        }
        return list;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getPagePermissions(String str, HttpSession httpSession) {
        long time = new Date().getTime();
        synchronized (IReadWriteLocks.securityService) {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
            if (ResourceMonitorManager.isFileUpdated(ISCAppUtil.getArgusIndexPath())) {
                PageCache.getInstance().removeAll();
            }
            List list = PageCache.getInstance().get(str);
            if (list == null) {
                list = new ArrayList();
                try {
                    NavigationNode navigationNode = ((NavigationTree) httpSession.getAttribute(Constants.NAVIGATION_TREE)).getNavigationNode(str);
                    if (navigationNode == null) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "getPagePermissions", "Page is not found in navigation tree, it's must be new custom page.");
                        }
                        return list;
                    }
                    String wscRole = navigationNode.getWscRole();
                    if (wscRole == null || wscRole.length() == 0) {
                        return new ArrayList();
                    }
                    String moduleRef = navigationNode.getModuleRef();
                    String[] split = wscRole.equals("") ? new String[0] : wscRole.split(ROLE_DELIMITER);
                    String wscRoleType = navigationNode.getWscRoleType();
                    boolean z = wscRoleType != null;
                    String[] split2 = z ? wscRoleType.split(ROLE_DELIMITER) : null;
                    String name = RoleType.getDefault().getName();
                    ResourceType pageType = navigationNode.getPageType();
                    String localPagePermissions = pageType.equals(ResourceType.STATIC) ? getLocalPagePermissions(str, moduleRef) : null;
                    List defaultRoles = SecurityUtil.getDefaultRoles();
                    for (int i = 0; i < split.length; i++) {
                        String str2 = split[i];
                        if (z) {
                            name = split2[i];
                        }
                        PageAccessControl pageAccessControl = new PageAccessControl(str2, name);
                        if (pageType.equals(ResourceType.CUSTOM) && defaultRoles.contains(str2)) {
                            pageAccessControl.setDefaultRole(true);
                        }
                        if (pageType.equals(ResourceType.STATIC) && localPagePermissions.indexOf(str2) != -1) {
                            pageAccessControl.setDefaultRole(true);
                        }
                        list.add(pageAccessControl);
                    }
                    PageCache.getInstance().put(str, moduleRef, list);
                } catch (CoreException e) {
                    logger.logp(Level.WARNING, CLASSNAME, "getPagePermissions", "Error initializing the navigation service");
                } catch (IllegalStateException e2) {
                    logger.logp(Level.WARNING, CLASSNAME, "getPagePermissions", "Error initializing the navigation service");
                }
            }
            return list;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public void setPagePermissions(String str, List list, String str2) throws RepositoryException {
        AuditUtil auditUtil = new AuditUtil();
        try {
            NavigationNode navigationNode = ((NavigationTree) ((NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE)).getSession(str2).getAttribute(Constants.NAVIGATION_TREE)).getNavigationNode(str);
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.securityService) {
                PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                UpdateNavigationStore updateNavigationStore = getUpdateNavigationStore();
                boolean equals = navigationNode.getPageType().equals(ResourceType.STATIC);
                IReadWriteLocks.storeWrite.lock();
                try {
                    updateNavigationStore.setAccessControl(str, list, equals);
                    PageCache.getInstance().put(str, navigationNode.getModuleRef(), list);
                    updateNavigationStore.save();
                    if (auditUtil.isAuditEnable()) {
                        HashMap hashMap = new HashMap();
                        hashMap.put("setPagePermissions:" + navigationNode.getFullname(), "SUCCESSSucessfully update page permissions");
                        auditUtil.printAuditLog(null, hashMap, "SECURITY_MGMT_REGISTRY", "SUCCESS", 7L);
                    }
                    IReadWriteLocks.storeWrite.unlock();
                    StringBuffer stringBuffer = new StringBuffer();
                    StringBuffer stringBuffer2 = new StringBuffer();
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        PageAccessControl pageAccessControl = (PageAccessControl) it.next();
                        stringBuffer.append(pageAccessControl.getApplicationRole());
                        stringBuffer2.append(pageAccessControl.getRoleType());
                        if (it.hasNext()) {
                            stringBuffer.append(ROLE_DELIMITER);
                            stringBuffer2.append(ROLE_DELIMITER);
                        }
                    }
                    navigationNode.setWscRole(stringBuffer.toString());
                    navigationNode.setWscRoleType(stringBuffer2.toString());
                } catch (Throwable th) {
                    IReadWriteLocks.storeWrite.unlock();
                    throw th;
                }
            }
        } catch (CoreException e) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "setPagePermissions", "Exception while updating page permissions", (Throwable) e);
            }
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap2 = new HashMap();
                hashMap2.put("Exception while updating page permissions", "FAILURE" + e.getMessage());
                auditUtil.printAuditLog(null, hashMap2, "SECURITY_MGMT_REGISTRY", "FAILURE", 47L);
            }
        } catch (Exception e2) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "setPagePermissions", "Exception while updating page permissions", (Throwable) e2);
            }
            if (auditUtil.isAuditEnable()) {
                HashMap hashMap3 = new HashMap();
                hashMap3.put("Exception while updating page permissions", "FAILURE" + e2.getMessage());
                auditUtil.printAuditLog(null, hashMap3, "SECURITY_MGMT_REGISTRY", "FAILURE", 47L);
            }
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getPortletPermissions(String str, String str2) throws PortletEntityNotFoundException {
        logger.entering(CLASSNAME, "getPortletPermissions");
        List list = PortletCache.getInstance().get(str);
        if (ProductInfoImpl.getInstance().getPlatform() != 1) {
            ISCAppUtil.getCellName();
        }
        boolean isHAEnabled = RepositoryManagerFactory.isHAEnabled();
        if (list == null || isHAEnabled) {
            list = new ArrayList();
            try {
                PortletModuleBean portletEntity = ((PortletEntityService) ServiceManager.getService(DatastoreConstants.PortletEntityService)).getPortletEntity(str);
                if (portletEntity == null) {
                    if (logger.isLoggable(Level.FINE)) {
                        logger.logp(Level.FINE, CLASSNAME, "getPortletPermissions", "portlet entity is not found in porletEntities.xml");
                    }
                    throw new PortletEntityNotFoundException("Cannot find the portlet entity: " + str);
                }
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "getPortletPermissions", "reading portlet entity permissions..");
                }
                boolean z = false;
                if (!this.isTechPreview) {
                    int i = 0;
                    while (true) {
                        if (i >= this.techPreviewApps.length) {
                            break;
                        }
                        if (this.techPreviewApps[i].equals(portletEntity.getModuleRef())) {
                            logger.logp(Level.FINE, CLASSNAME, "getPortletPermissions", "entity '" + str + "' is part of a disabled tech preview and is being hidden. Setting ACL to empty.");
                            z = true;
                            break;
                        }
                        i++;
                    }
                }
                if (!z) {
                    IReadWriteLocks.storeRead.lock();
                    try {
                        Iterator it = portletEntity.getPortletEntity().getAccessControl().iterator();
                        while (it.hasNext()) {
                            list.add(new PortletAccessControl((AccessControl) it.next()));
                        }
                        IReadWriteLocks.storeRead.unlock();
                    } catch (Throwable th) {
                        IReadWriteLocks.storeRead.unlock();
                        throw th;
                    }
                }
                PortletCache.getInstance().put(str, portletEntity.getModuleRef(), list);
            } catch (CoreException e) {
                logger.logp(Level.WARNING, CLASSNAME, "getPortletPermissions", "Error instantiating portlet entity service: " + e.getMessage());
            }
        }
        return list;
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public void setPortletPermissions(String str, List list, List list2, String str2, String str3) throws RepositoryException {
        long time = new Date().getTime();
        synchronized (IReadWriteLocks.securityService) {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
            UpdatePortletStore updatePortletStore = getUpdatePortletStore();
            IReadWriteLocks.storeWrite.lock();
            try {
                Iterator it = list.iterator();
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                ArrayList arrayList3 = null;
                boolean z = false;
                if (str.equals("com.ibm.isclite.portlet.manageportlets.entity") || str.equals("com.ibm.isclite.portlet.managepages.entity") || str.equals("com.ibm.isclite.portlet.managecatalogs.entity")) {
                    arrayList3 = new ArrayList();
                    z = true;
                }
                while (it.hasNext()) {
                    PortletAccessControl portletAccessControl = (PortletAccessControl) it.next();
                    arrayList.add(createWccmPortletAccessControl(portletAccessControl));
                    if (z) {
                        arrayList3.add(new PageAccessControl(portletAccessControl.getApplicationRole(), portletAccessControl.getRoleType()));
                    }
                }
                if (list2 != null) {
                    Iterator it2 = list2.iterator();
                    while (it2.hasNext()) {
                        arrayList2.add(createWccmPortletAccessControl((PortletAccessControl) it2.next()));
                    }
                }
                updatePortletStore.setAccessControl(str, arrayList, arrayList2, str2);
                updatePortletStore.save();
                if (z) {
                    if (str.equals("com.ibm.isclite.portlet.manageportlets.entity")) {
                        setPagePermissions(ConstantsExt.ISC_MANAGEPORTLETS_NAVNODE_ID, arrayList3, str3);
                    }
                    if (str.equals("com.ibm.isclite.portlet.managepages.entity")) {
                        setPagePermissions(ConstantsExt.ISC_MANAGEPAGES_NAVNODE_ID, arrayList3, str3);
                        ArrayList arrayList4 = new ArrayList();
                        for (int i = 0; i < arrayList3.size(); i++) {
                            PageAccessControl pageAccessControl = (PageAccessControl) arrayList3.get(i);
                            if (pageAccessControl.getRoleType().equals(Constants.PORTALACTIONSET_MANAGER)) {
                                arrayList4.add(pageAccessControl);
                            }
                        }
                        setPagePermissions(ConstantsExt.ISC_SAVEPAGEMODALDIALOG_NAVNODE_ID, arrayList4, str3);
                    }
                    if (str.equals("com.ibm.isclite.portlet.managecatalogs.entity")) {
                        setPagePermissions("com.ibm.isclite.portlet.managecatalogs.page", arrayList3, str3);
                    }
                }
                IReadWriteLocks.storeWrite.unlock();
            } catch (Throwable th) {
                IReadWriteLocks.storeWrite.unlock();
                throw th;
            }
        }
        PortletCache.getInstance().put(str, str2, list);
    }

    private AccessControl createWccmPortletAccessControl(PortletAccessControl portletAccessControl) {
        PortletentitiesPackageImpl.init();
        AccessControl createAccessControl = EPackage.Registry.INSTANCE.getEPackage("http://www.ibm.com/tivoli/tip/schemas/2.1/ibm-portal-portletentities.xsd").getPortletentitiesFactory().createAccessControl();
        createAccessControl.setApplicationRole(portletAccessControl.getApplicationRole());
        createAccessControl.setRoleType(portletAccessControl.getRoleType());
        createAccessControl.setDeployTime(portletAccessControl.isDeployTime());
        return createAccessControl;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean isWindowModeAllowed(String str, WindowMode windowMode, HttpServletRequest httpServletRequest) {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(CLASSNAME, "isWindowModeAllowed", new Object[]{str, "'" + windowMode + "'", "request"});
        }
        if (str.equals(Constants.ISCW_MYTASK) || str.equals("com.ibm.isclite.portletpref.appElement.B") || str.equals(Constants.ISCW_WELCOME) || str.equals("com.ibm.isclite.welcomeportlet.appElement.B")) {
            if (!logger.isLoggable(Level.FINER)) {
                return true;
            }
            logger.exiting(CLASSNAME, "isWindowModeAllowed", "true (special portlet)");
            return true;
        }
        if (!isSecurityEnabled()) {
            if (!logger.isLoggable(Level.FINER)) {
                return true;
            }
            logger.exiting(CLASSNAME, "isWindowModeAllowed", "true (security disabled)");
            return true;
        }
        List userAppRoles = getUserAppRoles(httpServletRequest.getSession().getId());
        try {
            for (PortletAccessControl portletAccessControl : getPortletPermissions(str, httpServletRequest.getSession().getId())) {
                String applicationRole = portletAccessControl.getApplicationRole();
                String roleType = portletAccessControl.getRoleType();
                if (userAppRoles.contains(applicationRole) && windowMode.isAccessible(roleType)) {
                    if (!logger.isLoggable(Level.FINER)) {
                        return true;
                    }
                    logger.exiting(CLASSNAME, "isWindowModeAllowed", "true (user has role '" + applicationRole + "' which has roleType '" + roleType + "')");
                    return true;
                }
            }
            if (!logger.isLoggable(Level.FINER)) {
                return false;
            }
            logger.exiting(CLASSNAME, "isWindowModeAllowed", "false (user does not have role with appropriate roleType)");
            return false;
        } catch (PortletEntityNotFoundException e) {
            logger.logp(Level.WARNING, CLASSNAME, "isWindowModeAllowed", e.getMessage());
            if (!logger.isLoggable(Level.FINER)) {
                return false;
            }
            logger.exiting(CLASSNAME, "isWindowModeAllowed", "false (unable to find portlet entity)");
            return false;
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void addDynamicPortlet(String str, String str2, String str3, String str4) {
        PortletAccessControl portletAccessControl = new PortletAccessControl(str3, str4);
        List list = PortletCache.getInstance().get(str);
        if (list == null) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(portletAccessControl);
            PortletCache.getInstance().put(str, str2, arrayList);
        } else if (list.contains(portletAccessControl)) {
            list.remove(portletAccessControl);
            list.add(portletAccessControl);
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getApplicationRoles(String str) throws DatastoreException {
        return allAppRoles;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getUsersInRole(String str) {
        reloadArgusRepository();
        return RoleServiceUtil.getUsersInRole(str);
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getGroupsInRole(String str) {
        reloadArgusRepository();
        return RoleServiceUtil.getGroupsInRole(str);
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public List getAppRoles(String str) throws DatastoreException {
        PerformanceAnalysisUtil.startPerformancePoint("getAppRoles");
        logger.entering(CLASSNAME, "getAppRoles");
        HttpSession httpSession = getHttpSession(str);
        if (reloadAppRoles()) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "appRoles.xml was modified since last loaded, we will reload it.");
            }
            allAppRolesVO.clear();
            allAppRoles.clear();
            RoleServiceUtil.reloadArgusRepository();
        }
        if (allAppRolesVO == null || allAppRolesVO.isEmpty()) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "Fecthing all application-roles from appRoles.xml, either it's first time load or appRoles.xml has changed");
            }
            if (this.appRolesRes == null) {
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "Error: approles resourceset is null.");
                }
                logger.exiting(CLASSNAME, "getAppRoles");
                PerformanceAnalysisUtil.endPerformancePoint("getAppRoles");
                throw new DatastoreException(CLASSNAME + ":getAppRoles>> Error: Error: approles resourceset is null.");
            }
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.securityService) {
                PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                loadAppRolesRes();
                ApprolesFactory factory = getUpdateAppRolesStore((WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY)).getFactory();
                IReadWriteLocks.storeRead.lock();
                try {
                    EList<ApplicationRole> applicationRole = ((DocumentRoot) this.appRolesRes.getContents().get(0)).getIbmPortalApproles().getApplicationRole();
                    for (ApplicationRole applicationRole2 : applicationRole) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "Adding role: " + applicationRole2 + " to a list of all application role");
                        }
                        allAppRolesVO.add(applicationRole2);
                        allAppRoles.add(applicationRole2.getUniqueName());
                    }
                    ArrayList arrayList = new ArrayList();
                    arrayList.addAll(RoleServiceUtil.getRoles());
                    for (int i = 0; i < arrayList.size(); i++) {
                        boolean z = false;
                        String str2 = (String) arrayList.get(i);
                        Iterator it = applicationRole.iterator();
                        while (it.hasNext()) {
                            if (((ApplicationRole) it.next()).getUniqueName().equals(str2) || Constants.ALL_USERS.equals(str2)) {
                                z = true;
                                break;
                            }
                        }
                        if (!z) {
                            ApplicationRole createApplicationRole = factory.createApplicationRole();
                            createApplicationRole.setUniqueName(str2);
                            createApplicationRole.setType(DatastoreConstants.SYSTEM_ROLE);
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "Adding role: " + createApplicationRole + " to a list of all application role");
                            }
                            allAppRolesVO.add(createApplicationRole);
                            allAppRoles.add(str2);
                        }
                    }
                    IReadWriteLocks.storeRead.unlock();
                } catch (Throwable th) {
                    IReadWriteLocks.storeRead.unlock();
                    throw th;
                }
            }
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "getAppRoles", "All application-roles from approles.xml: " + allAppRolesVO);
        }
        logger.exiting(CLASSNAME, "getAppRoles");
        PerformanceAnalysisUtil.endPerformancePoint("getAppRoles");
        return allAppRolesVO;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getUserAppRoles(String str) {
        if (SecurityContext.isSecurityEnabled()) {
            return getUserAppRoles(getHttpSession(str));
        }
        if (logger.isLoggable(Level.WARNING)) {
            logger.logp(Level.WARNING, CLASSNAME, "getUserAppRoles(sessionId)", "Skipping processing of getUserAppRoles as security is disabled.");
        }
        logger.exiting(CLASSNAME, "getUserAppRoles(sessionId)");
        return null;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getUserAppRoles(HttpSession httpSession) {
        PerformanceAnalysisUtil.startPerformancePoint("getUserAppRoles(session)");
        if (!SecurityContext.isSecurityEnabled()) {
            if (logger.isLoggable(Level.WARNING)) {
                logger.logp(Level.WARNING, CLASSNAME, "getUserAppRoles(session)", "Skipping processing of getUserAppRoles as security is disabled.");
            }
            logger.exiting(CLASSNAME, "getUserAppRoles(session)");
            PerformanceAnalysisUtil.endPerformancePoint("getUserAppRoles(session)");
            return null;
        }
        ArrayList arrayList = null;
        if (httpSession != null) {
            try {
                arrayList = (ArrayList) httpSession.getAttribute(ConstantsExt.ALL_USER_IN_ROLES_KEY);
            } catch (IllegalStateException e) {
                logger.logp(Level.WARNING, CLASSNAME, "getUserAppRoles(session)", "Session is not valid!");
            }
            if (arrayList == null && logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(session)", "Cannot retrieve the user roles from the session");
            }
        } else {
            arrayList = new ArrayList();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(session)", "Cannot get user roles because of error in retrieving HttpSession");
            }
        }
        PerformanceAnalysisUtil.endPerformancePoint("getUserAppRoles(session)");
        return arrayList;
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean addApplicationRole(String str, String str2) throws RoleAlreadyExistsException, RoleCaseMismatchException, RepositoryException {
        HttpSession httpSession = getHttpSession(str2);
        boolean z = true;
        if (httpSession != null) {
            WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.securityService) {
                PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                if (logger.isLoggable(Level.FINE)) {
                    logger.logp(Level.FINE, CLASSNAME, "addApplicationRole", "Saving appRoles file repository...");
                }
                UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
                IReadWriteLocks.storeWrite.lock();
                try {
                    try {
                        updateAppRolesStore.addRole(str, DatastoreConstants.CUSTOM_ROLE);
                        updateAppRolesStore.save(true);
                        IReadWriteLocks.storeWrite.unlock();
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "addApplicationRole", "Saving appRoles file repository...");
                        }
                    } catch (Throwable th) {
                        IReadWriteLocks.storeWrite.unlock();
                        throw th;
                    }
                } catch (RoleAlreadyExistsException e) {
                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e.getMessage());
                    throw new RoleAlreadyExistsException("This role already exists");
                } catch (RoleCaseMismatchException e2) {
                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e2.getMessage());
                    throw new RoleCaseMismatchException(e2);
                } catch (RoleInvalidNameException e3) {
                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e3.getMessage());
                    IReadWriteLocks.storeWrite.unlock();
                    return false;
                }
            }
        } else {
            z = false;
        }
        if (z) {
            allAppRoles.add(str);
        }
        return z;
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public void updateApplicationRole(String str, String str2, String str3, List list, List list2, List list3, List list4, String str4) throws RoleAlreadyExistsException, RoleCaseMismatchException, RepositoryException, RoleInvalidNameException {
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Updating role '" + str + "' (new role name: '" + str2 + "'):\npreferenceProfile: " + str3 + FileUtil.EOLN + "userMembers: " + list.size() + FileUtil.EOLN + "groupMembers: " + list2.size() + FileUtil.EOLN + "categoryMembers: " + list3.size() + FileUtil.EOLN + "pageMembers: " + list4.size());
        }
        HttpSession httpSession = getHttpSession(str4);
        if (httpSession == null) {
            logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", "Cannot update the application role, because did not get session object");
            return;
        }
        WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
        try {
            NavigationService navigationService = (NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE);
            TopologyService topologyService = (TopologyService) ServiceManager.getService(Constants.TOPOLOGY_SERVICE);
            PortletEntityService portletEntityService = (PortletEntityService) ServiceManager.getService(DatastoreConstants.PortletEntityService);
            NavigationTree navigationTree = (NavigationTree) httpSession.getAttribute(Constants.NAVIGATION_TREE);
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.navigationService) {
                synchronized (IReadWriteLocks.securityService) {
                    PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                    IReadWriteLocks.storeWrite.lock();
                    try {
                        try {
                            RepositoryManagerFactory.beginTransaction();
                            UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
                            UpdateComponentStore updateComponentStore = getUpdateComponentStore();
                            UpdateNavigationStore updateNavigationStore = getUpdateNavigationStore();
                            UpdatePortletStore updatePortletStore = getUpdatePortletStore();
                            if (!str.trim().equals(str2)) {
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Changing role name from '" + str + "' to '" + str2 + "'");
                                }
                                try {
                                    updateAppRolesStore.updateRole(str, str2, DatastoreConstants.CUSTOM_ROLE);
                                } catch (RoleAlreadyExistsException e) {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e.getMessage());
                                    throw new RoleAlreadyExistsException("This role already exists");
                                } catch (RoleCantDeleteException e2) {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e2.getMessage());
                                } catch (RoleCaseMismatchException e3) {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e3.getMessage());
                                    throw new RoleCaseMismatchException(e3);
                                } catch (RoleInvalidNameException e4) {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e4.getMessage());
                                    throw new RoleInvalidNameException(e4);
                                }
                            } else if (!str.equals(Constants.ALL_USERS)) {
                                if (updateAppRolesStore.isRoleExistedInApp(str2)) {
                                    updateAppRolesStore.updateRoleTimeStamp(str);
                                } else {
                                    updateAppRolesStore.addOnlyAppRole(str2, DatastoreConstants.SYSTEM_ROLE);
                                }
                            }
                            ArrayList arrayList = new ArrayList();
                            for (int i = 0; i < list.size(); i++) {
                                arrayList.add(((UserActionSet) list.get(i)).getUniqueName());
                            }
                            ArrayList arrayList2 = new ArrayList();
                            for (int i2 = 0; i2 < list2.size(); i2++) {
                                arrayList2.add(((GroupActionSet) list2.get(i2)).getUniqueName());
                            }
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Updating mapping for role '" + str2 + "' to:\nusers: " + arrayList.toString() + FileUtil.EOLN + "groups: " + arrayList2.toString());
                            }
                            updateAppRolesStore.updateRoleMapping(str2, arrayList, arrayList2);
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Removing old preference profile reference");
                            }
                            try {
                                updateAppRolesStore.removePreferenceProfileRefFromAppRole(str);
                            } catch (ProfileReferenceNotAssignedException e5) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", e5.getMessage());
                            } catch (RoleNotExistException e6) {
                                logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e6.getMessage());
                            }
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Removing old category mappings");
                            }
                            updateComponentStore.removeAccessControlFromAllCategories(str);
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Removing old page mappings");
                            }
                            updateNavigationStore.removeAllAccessControl(str);
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Removing old pages from page cache");
                            }
                            for (NavigationNodeActionSet navigationNodeActionSet : navigationService.getNavigationNodesByAppRole(str, str4)) {
                                List<PageAccessControl> list5 = PageCache.getInstance().get(navigationNodeActionSet.getNodeId());
                                PageCache.getInstance().remove(navigationNodeActionSet.getNodeId());
                                ArrayList arrayList3 = new ArrayList();
                                for (PageAccessControl pageAccessControl : list5) {
                                    if (!pageAccessControl.getApplicationRole().equals(str)) {
                                        arrayList3.add(new PageAccessControl(pageAccessControl.getApplicationRole(), pageAccessControl.getRoleType(), pageAccessControl.isDefaultRole()));
                                    }
                                }
                                NavigationNode navigationNode = navigationTree.getNavigationNode(navigationNodeActionSet.getNodeId());
                                if (navigationNode != null) {
                                    if (navigationNode.getPageType().equals(ResourceType.SYSTEM)) {
                                        navigationNode.setPageType(ResourceType.SYSTEM_MODIFIED);
                                    }
                                    setPagePermissions(navigationNodeActionSet.getNodeId(), arrayList3, str4);
                                } else {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRoles()", "Cannot find page to put it's security info in cache.");
                                }
                            }
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Adding new preference profile");
                            }
                            try {
                                String preferenceProfileUniqueNameByTitle = updateAppRolesStore.getPreferenceProfileUniqueNameByTitle(str3);
                                if (preferenceProfileUniqueNameByTitle != null && preferenceProfileUniqueNameByTitle != "") {
                                    updateAppRolesStore.addPreferenceProfileRefToAppRole(preferenceProfileUniqueNameByTitle, str2);
                                }
                            } catch (PreferenceProfileNotExistException e7) {
                                logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e7.getMessage());
                            } catch (ProfileReferenceAlreadyAssignedException e8) {
                                logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e8.getMessage());
                            } catch (RoleNotExistException e9) {
                                logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e9.getMessage());
                            }
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Adding new category mappings");
                            }
                            ArrayList arrayList4 = new ArrayList();
                            Iterator it = list3.iterator();
                            while (it.hasNext()) {
                                ConsoleViewActionSet consoleViewActionSet = (ConsoleViewActionSet) it.next();
                                updateComponentStore.addAccessControlToCategory(consoleViewActionSet.getConsoleView().getUniqueName(), str2, consoleViewActionSet.getRoleType());
                                if (consoleViewActionSet.isGrantedAllResources()) {
                                    arrayList4.add(consoleViewActionSet.getConsoleView().getUniqueName());
                                }
                            }
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Adding new page mappings");
                            }
                            Iterator it2 = list4.iterator();
                            while (it2.hasNext()) {
                                NavigationNodeActionSet navigationNodeActionSet2 = (NavigationNodeActionSet) it2.next();
                                NavigationNode navigationNode2 = navigationTree.getNavigationNode(navigationNodeActionSet2.getNodeId());
                                if (navigationNode2 == null || navigationNode2.getType() == 1) {
                                    logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", "Cannot find page to put it's security info in cache.");
                                } else {
                                    String nodeID = navigationNode2.getNodeID();
                                    List pagePermissions = getPagePermissions(nodeID, str4);
                                    pagePermissions.add(new PageAccessControl(str2, navigationNodeActionSet2.getRoleType()));
                                    setPagePermissions(nodeID, pagePermissions, str4);
                                    String moduleRef = navigationNode2.getModuleRef();
                                    if (navigationNode2.getType() == 2) {
                                        try {
                                            boolean z = false;
                                            Iterator it3 = arrayList4.iterator();
                                            while (true) {
                                                if (it3.hasNext()) {
                                                    if (navigationNode2.containsCategoryID((String) it3.next())) {
                                                        z = true;
                                                        break;
                                                    }
                                                } else {
                                                    break;
                                                }
                                            }
                                            if (z) {
                                                for (String str5 : topologyService.getPage(moduleRef, navigationNode2.getNodeID(), str4).getPortlets()) {
                                                    if (moduleRef.equals("com.ibm.isclite.global.custom.module")) {
                                                        navigationNode2.getOriginalModuleRef();
                                                    }
                                                    PortletModuleBean portletEntity = portletEntityService.getPortletEntity(str5);
                                                    try {
                                                        List portletPermissions = getPortletPermissions(portletEntity.getPortletEntity().getUniqueName(), str4);
                                                        PortletAccessControl portletAccessControl = new PortletAccessControl(str2, navigationNodeActionSet2.getRoleType());
                                                        Iterator it4 = portletPermissions.iterator();
                                                        boolean z2 = false;
                                                        while (true) {
                                                            if (!it4.hasNext()) {
                                                                break;
                                                            }
                                                            PortletAccessControl portletAccessControl2 = (PortletAccessControl) it4.next();
                                                            if (portletAccessControl2.getApplicationRole().equals(portletAccessControl.getApplicationRole())) {
                                                                z2 = true;
                                                                if (!portletAccessControl2.getRoleType().equals(portletAccessControl.getRoleType())) {
                                                                    portletAccessControl2.setRoleType(portletAccessControl.getRoleType());
                                                                }
                                                            }
                                                        }
                                                        if (!z2) {
                                                            portletPermissions.add(portletAccessControl);
                                                        }
                                                        setPortletPermissions(str5, portletPermissions, null, portletEntity.getModuleRef(), str4);
                                                    } catch (PortletEntityNotFoundException e10) {
                                                        logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e10.getMessage());
                                                    }
                                                }
                                            }
                                        } catch (DatastoreException e11) {
                                            logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", "Cannot get page object.");
                                        }
                                    }
                                }
                            }
                            updateAppRolesStore.setWorkspace(workSpace);
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Saving stores...");
                            }
                            updateAppRolesStore.save(true);
                            updateComponentStore.save();
                            updateNavigationStore.save();
                            updatePortletStore.save();
                            if (logger.isLoggable(Level.FINE)) {
                                logger.logp(Level.FINE, CLASSNAME, "updateApplicationRole", "Updating allAppRoles list");
                            }
                            if (!str.trim().equals(str2)) {
                                allAppRoles.remove(str);
                                allAppRoles.add(str2);
                            }
                            RepositoryManagerFactory.commitTransaction();
                            IReadWriteLocks.storeWrite.unlock();
                        } catch (Throwable th) {
                            IReadWriteLocks.storeWrite.unlock();
                            throw th;
                        }
                    } catch (RepositoryException e12) {
                        RepositoryManagerFactory.rollbackTransaction();
                        throw e12;
                    } catch (Throwable th2) {
                        RepositoryManagerFactory.rollbackTransaction();
                        throw new RepositoryException(th2.getMessage());
                    }
                }
            }
        } catch (CoreException e13) {
            logger.logp(Level.WARNING, CLASSNAME, "updateApplicationRole", e13.getMessage());
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public void addApplicationRole(String str, String str2, List list, List list2, List list3, List list4, String str3) throws RoleAlreadyExistsException, RoleCaseMismatchException, RepositoryException {
        HttpSession httpSession = getHttpSession(str3);
        if (httpSession != null) {
            WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
            try {
                TopologyService topologyService = (TopologyService) ServiceManager.getService(Constants.TOPOLOGY_SERVICE);
                PortletEntityService portletEntityService = (PortletEntityService) ServiceManager.getService(DatastoreConstants.PortletEntityService);
                NavigationTree navigationTree = (NavigationTree) httpSession.getAttribute(Constants.NAVIGATION_TREE);
                try {
                    if (getApplicationRoles(httpSession.getId()).contains(str)) {
                        logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", "Role with that name already exists.");
                        throw new RoleAlreadyExistsException("This role already exists");
                    }
                    long time = new Date().getTime();
                    synchronized (IReadWriteLocks.securityService) {
                        PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                        IReadWriteLocks.storeWrite.lock();
                        try {
                            try {
                                RepositoryManagerFactory.beginTransaction();
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.logp(Level.FINE, CLASSNAME, "addApplicationRole", "Saving appRoles file repository...");
                                }
                                UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
                                updateAppRolesStore.setWorkspace(workSpace);
                                UpdateComponentStore updateComponentStore = getUpdateComponentStore();
                                UpdateNavigationStore updateNavigationStore = getUpdateNavigationStore();
                                try {
                                    ArrayList arrayList = new ArrayList();
                                    for (int i = 0; i < list.size(); i++) {
                                        arrayList.add(((UserActionSet) list.get(i)).getUniqueName());
                                    }
                                    ArrayList arrayList2 = new ArrayList();
                                    for (int i2 = 0; i2 < list2.size(); i2++) {
                                        arrayList2.add(((GroupActionSet) list2.get(i2)).getUniqueName());
                                    }
                                    ApplicationRole addRole = updateAppRolesStore.addRole(str, arrayList, arrayList2, DatastoreConstants.CUSTOM_ROLE);
                                    try {
                                        String preferenceProfileUniqueNameByTitle = updateAppRolesStore.getPreferenceProfileUniqueNameByTitle(str2);
                                        if (preferenceProfileUniqueNameByTitle != null && preferenceProfileUniqueNameByTitle != "") {
                                            updateAppRolesStore.addPreferenceProfileRefToAppRole(preferenceProfileUniqueNameByTitle, str);
                                        }
                                    } catch (PreferenceProfileNotExistException e) {
                                        logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e.getMessage());
                                    } catch (ProfileReferenceAlreadyAssignedException e2) {
                                        logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e2.getMessage());
                                    } catch (RoleNotExistException e3) {
                                        logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e3.getMessage());
                                    }
                                    ArrayList arrayList3 = new ArrayList();
                                    Iterator it = list3.iterator();
                                    while (it.hasNext()) {
                                        ConsoleViewActionSet consoleViewActionSet = (ConsoleViewActionSet) it.next();
                                        updateComponentStore.addAccessControlToCategory(consoleViewActionSet.getConsoleView().getUniqueName(), str, consoleViewActionSet.getRoleType());
                                        if (consoleViewActionSet.isGrantedAllResources()) {
                                            arrayList3.add(consoleViewActionSet.getConsoleView().getUniqueName());
                                        }
                                    }
                                    Iterator it2 = list4.iterator();
                                    while (it2.hasNext()) {
                                        NavigationNodeActionSet navigationNodeActionSet = (NavigationNodeActionSet) it2.next();
                                        NavigationNode navigationNode = navigationTree.getNavigationNode(navigationNodeActionSet.getNodeId());
                                        if (navigationNode == null || navigationNode.getType() == 1) {
                                            logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", "Cannot find page to put it's security info in cache.");
                                        } else {
                                            String nodeID = navigationNode.getNodeID();
                                            List pagePermissions = getPagePermissions(nodeID, str3);
                                            pagePermissions.add(new PageAccessControl(str, navigationNodeActionSet.getRoleType()));
                                            setPagePermissions(nodeID, pagePermissions, str3);
                                            String moduleRef = navigationNode.getModuleRef();
                                            if (navigationNode.getType() == 2) {
                                                try {
                                                    boolean z = false;
                                                    Iterator it3 = arrayList3.iterator();
                                                    while (true) {
                                                        if (it3.hasNext()) {
                                                            if (navigationNode.containsCategoryID((String) it3.next())) {
                                                                z = true;
                                                                break;
                                                            }
                                                        } else {
                                                            break;
                                                        }
                                                    }
                                                    if (z) {
                                                        for (String str4 : topologyService.getPage(moduleRef, navigationNode.getNodeID(), str3).getPortlets()) {
                                                            if (moduleRef.equals("com.ibm.isclite.global.custom.module")) {
                                                                navigationNode.getOriginalModuleRef();
                                                            }
                                                            PortletModuleBean portletEntity = portletEntityService.getPortletEntity(str4);
                                                            if (portletEntity != null) {
                                                                try {
                                                                    List portletPermissions = getPortletPermissions(portletEntity.getPortletEntity().getUniqueName(), str3);
                                                                    portletPermissions.add(new PortletAccessControl(str, navigationNodeActionSet.getRoleType()));
                                                                    setPortletPermissions(str4, portletPermissions, null, portletEntity.getModuleRef(), str3);
                                                                } catch (PortletEntityNotFoundException e4) {
                                                                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e4.getMessage());
                                                                }
                                                            }
                                                        }
                                                    }
                                                } catch (DatastoreException e5) {
                                                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", "Cannot get page object.");
                                                }
                                            }
                                        }
                                    }
                                    updateAppRolesStore.save(true);
                                    updateComponentStore.save();
                                    updateNavigationStore.save();
                                    allAppRolesVO.add(addRole);
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.logp(Level.FINE, CLASSNAME, "addApplicationRole", "Saving appRoles file repository...");
                                    }
                                    RepositoryManagerFactory.commitTransaction();
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.logp(Level.FINE, CLASSNAME, "addApplicationRole", "Save successful");
                                    }
                                    IReadWriteLocks.storeWrite.unlock();
                                } catch (RoleAlreadyExistsException e6) {
                                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e6.getMessage());
                                    throw new RoleAlreadyExistsException("This role already exists");
                                } catch (RoleCaseMismatchException e7) {
                                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e7.getMessage());
                                    throw new RoleCaseMismatchException(e7);
                                } catch (RoleInvalidNameException e8) {
                                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e8.getMessage());
                                    IReadWriteLocks.storeWrite.unlock();
                                    return;
                                }
                            } catch (Throwable th) {
                                IReadWriteLocks.storeWrite.unlock();
                                throw th;
                            }
                        } catch (RepositoryException e9) {
                            RepositoryManagerFactory.rollbackTransaction();
                            throw e9;
                        } catch (Throwable th2) {
                            RepositoryManagerFactory.rollbackTransaction();
                            throw new RepositoryException(th2.getCause() != null ? th2.getCause().getMessage() : th2.getMessage());
                        }
                    }
                    if (1 != 0) {
                        allAppRoles.add(str);
                    }
                } catch (DatastoreException e10) {
                    logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e10.getMessage());
                }
            } catch (CoreException e11) {
                logger.logp(Level.WARNING, CLASSNAME, "addApplicationRole", e11.getMessage());
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean removeApplicationRoles(List list, String str) throws RepositoryException {
        List removeRoles;
        HttpSession httpSession = getHttpSession(str);
        boolean z = true;
        if (httpSession != null) {
            WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.navigationService) {
                synchronized (IReadWriteLocks.securityService) {
                    PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                    IReadWriteLocks.storeWrite.lock();
                    try {
                        try {
                            RepositoryManagerFactory.beginTransaction();
                            UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
                            UpdateComponentStore updateComponentStore = getUpdateComponentStore();
                            UpdateNavigationStore updateNavigationStore = getUpdateNavigationStore();
                            UpdatePortletStore updatePortletStore = getUpdatePortletStore();
                            removeRoles = updateAppRolesStore.removeRoles(list);
                            Iterator it = list.iterator();
                            while (it.hasNext()) {
                                updateComponentStore.removeAccessControlFromAllCategories((String) it.next());
                            }
                            Iterator it2 = list.iterator();
                            while (it2.hasNext()) {
                                updateNavigationStore.removeAllAccessControl((String) it2.next());
                            }
                            Iterator it3 = list.iterator();
                            while (it3.hasNext()) {
                                Iterator it4 = updatePortletStore.removePortletEntitiesAccessControlItem((String) it3.next()).iterator();
                                while (it4.hasNext()) {
                                    PortletCache.getInstance().remove((String) it4.next());
                                }
                            }
                            updateAppRolesStore.setWorkspace(workSpace);
                            updateAppRolesStore.save(true);
                            updateComponentStore.save();
                            updateNavigationStore.save();
                            updatePortletStore.save();
                            RepositoryManagerFactory.commitTransaction();
                            IReadWriteLocks.storeWrite.unlock();
                        } catch (Throwable th) {
                            IReadWriteLocks.storeWrite.unlock();
                            throw th;
                        }
                    } catch (RepositoryException e) {
                        RepositoryManagerFactory.rollbackTransaction();
                        throw e;
                    } catch (Throwable th2) {
                        RepositoryManagerFactory.rollbackTransaction();
                        throw new RepositoryException(th2.getMessage());
                    }
                }
                if (1 != 0) {
                    int size = removeRoles.size();
                    for (int i = 0; i < size; i++) {
                        allAppRolesVO.remove((ApplicationRole) removeRoles.get(i));
                    }
                    allAppRoles.removeAll(list);
                    NavigationService navigationService = null;
                    try {
                        navigationService = (NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE);
                    } catch (CoreException e2) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "removeApplicationRoles", e2.getMessage());
                        }
                    }
                    NavigationTree navigationTree = (NavigationTree) httpSession.getAttribute(Constants.NAVIGATION_TREE);
                    Iterator it5 = list.iterator();
                    while (it5.hasNext()) {
                        String str2 = (String) it5.next();
                        for (NavigationNodeActionSet navigationNodeActionSet : navigationService.getNavigationNodesByAppRole(str2, str)) {
                            List<PageAccessControl> list2 = PageCache.getInstance().get(navigationNodeActionSet.getNodeId());
                            PageCache.getInstance().remove(navigationNodeActionSet.getNodeId());
                            ArrayList arrayList = new ArrayList();
                            String str3 = "";
                            String str4 = "";
                            for (PageAccessControl pageAccessControl : list2) {
                                if (!pageAccessControl.getApplicationRole().equals(str2)) {
                                    PageAccessControl pageAccessControl2 = new PageAccessControl(pageAccessControl.getApplicationRole(), pageAccessControl.getRoleType(), pageAccessControl.isDefaultRole());
                                    arrayList.add(pageAccessControl2);
                                    str3 = str3 + pageAccessControl2.getApplicationRole() + ROLE_DELIMITER;
                                    str4 = str4 + pageAccessControl2.getRoleType() + ROLE_DELIMITER;
                                }
                            }
                            if (str3.length() > 0) {
                                str3 = str3.substring(0, str3.length() - 1);
                            }
                            if (str4.length() > 0) {
                                str4 = str4.substring(0, str4.length() - 1);
                            }
                            NavigationNode navigationNode = navigationTree.getNavigationNode(navigationNodeActionSet.getNodeId());
                            if (navigationNode != null) {
                                String moduleRef = navigationNode.getModuleRef();
                                navigationNode.setWscRole(str3);
                                navigationNode.setWscRoleType(str4);
                                PageCache.getInstance().put(navigationNodeActionSet.getNodeId(), moduleRef, arrayList);
                            } else {
                                logger.logp(Level.WARNING, CLASSNAME, "removeApplicationRoles()", "Cannot find page to put it's security info in cache.");
                            }
                        }
                    }
                }
            }
        } else {
            z = false;
        }
        return z;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void updateUserRoles(String str, List<String> list, List<String> list2, String str2) throws RepositoryException {
        WorkSpace workSpace = null;
        HttpSession httpSession = getHttpSession(str2);
        if (httpSession != null) {
            workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
        }
        UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
        ArrayList arrayList = new ArrayList();
        arrayList.add(VMMUtil.converUniqueName(str, false));
        synchronized (IReadWriteLocks.securityService) {
            IReadWriteLocks.storeWrite.lock();
            try {
                try {
                    reloadArgusRepository();
                    RepositoryManagerFactory.beginTransaction();
                    if (list != null && list.size() > 0) {
                        Iterator<String> it = list.iterator();
                        while (it.hasNext()) {
                            updateAppRolesStore.addUsersToRole(it.next(), arrayList);
                        }
                    }
                    if (list2 != null && list2.size() > 0) {
                        Iterator<String> it2 = list2.iterator();
                        while (it2.hasNext()) {
                            updateAppRolesStore.removeUsersFromRole(it2.next(), arrayList);
                        }
                    }
                    updateAppRolesStore.setWorkspace(workSpace);
                    updateAppRolesStore.save(true);
                    RepositoryManagerFactory.commitTransaction();
                    IReadWriteLocks.storeWrite.unlock();
                } catch (Throwable th) {
                    IReadWriteLocks.storeWrite.unlock();
                    throw th;
                }
            } catch (RoleInvalidNameException e) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateUserRoles", "Role name is invalidate\n" + e.getStackTrace());
                IReadWriteLocks.storeWrite.unlock();
            } catch (RepositoryException e2) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateUserRoles", e2.getMessage(), (Throwable) e2);
                throw e2;
            } catch (Throwable th2) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateUserRoles", th2.getMessage(), th2);
                throw new RepositoryException(th2.getMessage());
            }
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public Set<String> getArgusRoles() {
        reloadArgusRepository();
        HashSet hashSet = new HashSet(RoleServiceUtil.getRoles());
        hashSet.remove("iscusers");
        return hashSet;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void updateGroupRoles(String str, List<String> list, List<String> list2, String str2) throws RepositoryException {
        WorkSpace workSpace = null;
        HttpSession httpSession = getHttpSession(str2);
        if (httpSession != null) {
            workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
        }
        UpdateAppRolesStore updateAppRolesStore = getUpdateAppRolesStore(workSpace);
        ArrayList arrayList = new ArrayList();
        arrayList.add(VMMUtil.converUniqueName(str, false));
        synchronized (IReadWriteLocks.securityService) {
            IReadWriteLocks.storeWrite.lock();
            try {
                try {
                    reloadArgusRepository();
                    RepositoryManagerFactory.beginTransaction();
                    if (list != null && list.size() > 0) {
                        Iterator<String> it = list.iterator();
                        while (it.hasNext()) {
                            updateAppRolesStore.addGroupsToRole(it.next(), arrayList);
                        }
                    }
                    if (list2 != null && list2.size() > 0) {
                        Iterator<String> it2 = list2.iterator();
                        while (it2.hasNext()) {
                            updateAppRolesStore.removeGroupsFromRole(it2.next(), arrayList);
                        }
                    }
                    updateAppRolesStore.setWorkspace(workSpace);
                    updateAppRolesStore.save(true);
                    RepositoryManagerFactory.commitTransaction();
                    IReadWriteLocks.storeWrite.unlock();
                } catch (Throwable th) {
                    IReadWriteLocks.storeWrite.unlock();
                    throw th;
                }
            } catch (RoleInvalidNameException e) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateGroupRoles", "Role name is invalidate\n" + e.getStackTrace());
                IReadWriteLocks.storeWrite.unlock();
            } catch (RepositoryException e2) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateGroupRoles", e2.getMessage(), (Throwable) e2);
                throw e2;
            } catch (Throwable th2) {
                RepositoryManagerFactory.rollbackTransaction();
                logger.logp(Level.WARNING, CLASSNAME, "updateGroupRoles", th2.getMessage(), th2);
                throw new RepositoryException(th2.getMessage());
            }
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean isNavigationNodeAccessible(NavigationNode navigationNode, String str) {
        if (navigationNode == null || !isSecurityEnabled() || "com.ibm.isclite.ISCAdminPortlet".equals(navigationNode.getModuleRef()) || navigationNode.getModuleRef().equals("com.ibm.isclite.ISCAdminPortlets")) {
            return true;
        }
        String wscRole = navigationNode.getWscRole();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "isNavigationNodeAccessible", "WSC roles: " + wscRole);
        }
        if (wscRole != null) {
            String[] split = wscRole.split(ROLE_DELIMITER);
            List userAppRoles = getUserAppRoles(str);
            for (String str2 : split) {
                if (userAppRoles.contains(str2)) {
                    return true;
                }
            }
            return false;
        }
        if (navigationNode.getIsWscNode()) {
            if (!logger.isLoggable(Level.FINE)) {
                return true;
            }
            logger.logp(Level.FINE, CLASSNAME, "isNavigationNodeAccessible", "WSC node allows role = null ");
            return true;
        }
        if (navigationNode.getNodeID() == Constants.RootNode) {
            if (!logger.isLoggable(Level.FINE)) {
                return true;
            }
            logger.logp(Level.FINE, CLASSNAME, "isNavigationNodeAccessible", "RootNode allows role = null");
            return true;
        }
        if (!logger.isLoggable(Level.FINE)) {
            return false;
        }
        logger.logp(Level.FINE, CLASSNAME, "isNavigationNodeAccessible", "Portlet node doesn't allow role = null ");
        return false;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void clearModuleCache(String str) {
        try {
            String compName = ((ComponentService) ServiceManager.getService(DatastoreConstants.ComponentService)).getCompName(str);
            PortletCache.getInstance().removeModuleEntries(compName);
            PageCache.getInstance().removeModuleEntries(compName);
            CategoryCache.getInstance().removeModuleEntries(compName);
        } catch (CoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "clearModuleCache", "The module cache could not be cleared", (Throwable) e);
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void clearCache() {
        PageCache.getInstance().removeAll();
        PortletCache.getInstance().removeAll();
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean userInRole(Object obj, NavigationNode navigationNode) {
        Logger logger2 = logger;
        String str = CLASSNAME;
        Object[] objArr = new Object[2];
        objArr[0] = "req";
        objArr[1] = navigationNode == null ? null : navigationNode.getModuleRef();
        logger2.entering(str, "userInRole", objArr);
        if (navigationNode == null) {
            logger.exiting(CLASSNAME, "userInRole", "true");
            return true;
        }
        SecurityContext securityContext = this.securitycontext;
        if (!SecurityContext.isSecurityEnabled()) {
            logger.exiting(CLASSNAME, "userInRole", "true");
            return true;
        }
        if ("com.ibm.isclite.ISCAdminPortlet".equals(navigationNode.getModuleRef()) && !navigationNode.getNodeID().equals(ConstantsExt.ISC_FAVORITES_NAVNODE_ID) && navigationNode.getType() != 0) {
            logger.exiting(CLASSNAME, "userInRole", "true");
            return true;
        }
        if (navigationNode.getType() == 1) {
            logger.exiting(CLASSNAME, "userInRole", "true");
            return true;
        }
        if (obj instanceof PortletRequest) {
            ((PortletRequest) obj).getPortletSession().getId();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "userInRole", "login:" + ((PortletRequest) obj).getRemoteUser());
            }
        } else {
            ((HttpServletRequest) obj).getSession().getId();
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "userInRole", "login: " + ((HttpServletRequest) obj).getRemoteUser());
            }
        }
        String wscRole = navigationNode.getWscRole();
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "userInRole", "WSC roles: " + wscRole);
        }
        if (navigationNode.getIsWscNode()) {
            if (!logger.isLoggable(Level.FINE)) {
                return true;
            }
            logger.logp(Level.FINE, CLASSNAME, "userInRole", "WSC node allows role = null ");
            logger.exiting(CLASSNAME, "userInRole", "true");
            return true;
        }
        if (wscRole == null) {
            if (navigationNode.getNodeID() == Constants.RootNode) {
                if (!logger.isLoggable(Level.FINE)) {
                    return true;
                }
                logger.logp(Level.FINE, CLASSNAME, "userInRole", "RootNode allows role = null");
                logger.exiting(CLASSNAME, "userInRole", "true");
                return true;
            }
            if (!logger.isLoggable(Level.FINE)) {
                return false;
            }
            logger.logp(Level.FINE, CLASSNAME, "userInRole", "Portlet node doesn't allow role = null ");
            logger.exiting(CLASSNAME, "userInRole", "false");
            return false;
        }
        boolean z = false;
        StringTokenizer stringTokenizer = new StringTokenizer(wscRole, ROLE_DELIMITER);
        while (stringTokenizer.hasMoreTokens()) {
            String trim = stringTokenizer.nextToken().trim();
            if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, CLASSNAME, "userInRole", "Checking role '" + trim + "'...");
            }
            if (trim.equals(Constants.ALL_USERS)) {
                logger.exiting(CLASSNAME, "userInRole", "true");
                return true;
            }
            if (obj instanceof PortletRequest) {
                if (ProductInfoImpl.getInstance().getPlatform() != 1) {
                    PerformanceAnalysisUtil.startPerformancePoint("userInRole-isUserInRole(" + trim + ")");
                    ((PortletRequest) obj).getRemoteUser();
                    z = RoleServiceUtil.isUserInRole(trim, (PortletRequest) obj);
                    PerformanceAnalysisUtil.endPerformancePoint("userInRole-isUserInRole(" + trim + ")");
                } else {
                    try {
                        z = ((Boolean) this.RSisUserInRole_Generic.invoke(this.roleService, (PortletRequest) obj, trim)).booleanValue();
                    } catch (Exception e) {
                        logger.logp(Level.SEVERE, CLASSNAME, "userInRole", "Unable to determine if user is in role: " + e.getMessage() + " " + e.getStackTrace()[0]);
                    }
                }
            } else if (ProductInfoImpl.getInstance().getPlatform() != 1) {
                PerformanceAnalysisUtil.startPerformancePoint("userInRole-isUserInRole(" + trim + ")");
                ((HttpServletRequest) obj).getRemoteUser();
                z = RoleServiceUtil.isUserInRole(trim, (HttpServletRequest) obj);
                PerformanceAnalysisUtil.endPerformancePoint("userInRole-isUserInRole(" + trim + ")");
            } else {
                try {
                    z = ((Boolean) this.RSisUserInRole_Generic.invoke(this.roleService, (HttpServletRequest) obj, trim)).booleanValue();
                } catch (Exception e2) {
                    logger.logp(Level.SEVERE, CLASSNAME, "userInRole", "Unable to determine if user is in role: " + e2.getMessage() + " " + e2.getStackTrace()[0]);
                }
            }
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "userInRole", "user has role " + trim + "? " + z);
            }
            if (z) {
                logger.exiting(CLASSNAME, "userInRole", "true");
                return true;
            }
        }
        logger.exiting(CLASSNAME, "userInRole", "false");
        return false;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public ArrayList getUserAppRoles(HttpServletRequest httpServletRequest) throws DatastoreException {
        PerformanceAnalysisUtil.startPerformancePoint("getUserAppRoles(request)");
        logger.entering(CLASSNAME, "getUserAppRoles(request)");
        if (!SecurityContext.isSecurityEnabled()) {
            if (logger.isLoggable(Level.WARNING)) {
                logger.logp(Level.WARNING, CLASSNAME, "getUserAppRoles(request)", "Skipping processing of getUserAppRoles as security is disabled.");
            }
            logger.exiting(CLASSNAME, "getUserAppRoles(request)");
            PerformanceAnalysisUtil.endPerformancePoint("getUserAppRoles(request)");
            return null;
        }
        ArrayList arrayList = (ArrayList) httpServletRequest.getSession().getAttribute(ConstantsExt.ALL_USER_IN_ROLES_KEY);
        if (arrayList == null) {
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(request)", "Populating userRoleList, either it's first time load or admin-authz.xml has changed");
            }
            arrayList = new ArrayList();
            List<ApplicationRole> appRoles = getAppRoles(httpServletRequest.getSession().getId());
            if (logger.isLoggable(Level.FINE)) {
                logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(request)", "rolesList = " + appRoles);
            }
            if (!appRoles.isEmpty()) {
                IReadWriteLocks.storeRead.lock();
                try {
                    for (ApplicationRole applicationRole : appRoles) {
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(request)", "role = " + applicationRole);
                        }
                        String uniqueName = applicationRole.getUniqueName();
                        if (logger.isLoggable(Level.FINE)) {
                            logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(request)", "roleName = " + uniqueName);
                        }
                        boolean z = false;
                        if (ProductInfoImpl.getInstance().getPlatform() != 1) {
                            PerformanceAnalysisUtil.startPerformancePoint("getUserAppRoles(request)-isUserInRole(" + uniqueName + ")");
                            z = RoleServiceUtil.isUserInRole(uniqueName, httpServletRequest);
                            PerformanceAnalysisUtil.endPerformancePoint("getUserAppRoles(request)-isUserInRole(" + uniqueName + ")");
                        } else {
                            try {
                                z = ((Boolean) this.RSisUserInRole_Generic.invoke(this.roleService, httpServletRequest, uniqueName)).booleanValue();
                            } catch (Exception e) {
                                logger.logp(Level.SEVERE, CLASSNAME, "getUserAppRoles(request)", "Unable to determine if user is in role: " + e.getMessage() + " " + e.getStackTrace()[0]);
                            }
                        }
                        if (Constants.ALL_USERS.equals(uniqueName) || z) {
                            arrayList.add(uniqueName);
                        }
                    }
                    IReadWriteLocks.storeRead.unlock();
                } catch (Throwable th) {
                    IReadWriteLocks.storeRead.unlock();
                    throw th;
                }
            }
            if (!arrayList.contains(Constants.ALL_USERS)) {
                arrayList.add(Constants.ALL_USERS);
            }
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.logp(Level.FINE, CLASSNAME, "getUserAppRoles(request)", "User inrole application-roles: " + arrayList);
        }
        logger.exiting(CLASSNAME, "getUserAppRoles(request)");
        PerformanceAnalysisUtil.endPerformancePoint("getUserAppRoles(request)");
        return arrayList;
    }

    protected abstract boolean reloadAppRoles();

    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean isSecurityEnabled() {
        return SecurityContext.isSecurityEnabled();
    }

    @Override // com.ibm.isclite.service.datastore.DatastoreServiceImpl, com.ibm.isclite.service.Service
    public void destroy() throws CoreException {
    }

    private HttpSession getHttpSession(String str) {
        try {
            return ((NavigationService) ServiceManager.getService(Constants.NAVIGATION_SERVICE)).getSession(str);
        } catch (CoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "getHttpSession", "Cannot get NavigationService :" + e.getMessage());
            return null;
        } catch (Exception e2) {
            logger.logp(Level.WARNING, CLASSNAME, "getHttpSession", "Cannot get HttpSession object from portlet session id:" + e2.getMessage(), (Throwable) e2);
            return null;
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public List getCategoryPermissions(String str, String str2) throws NoSuchCategoryException {
        List list = CategoryCache.getInstance().get(str);
        if (list == null) {
            list = new ArrayList();
            try {
                Category category = ((CategoryService) ServiceManager.getService(DatastoreConstants.CategoryService)).getCategory(str);
                List defaultRoles = SecurityUtil.getDefaultRoles();
                for (CategoryAccessControl categoryAccessControl : category.getAccessControlList()) {
                    if (defaultRoles.contains(categoryAccessControl.getApplicationRole())) {
                        categoryAccessControl.setDefaultRole(true);
                    }
                }
                list = category.getAccessControlList();
            } catch (CoreException e) {
                logger.logp(Level.WARNING, CLASSNAME, "getCategoryPermissions", "Exception :" + e.getMessage());
            }
        }
        return list;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void setCategoryPermissions(String str, List list, String str2) throws NoSuchCategoryException {
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public String getLocalPagePermissions(String str, String str2) {
        Resource resource;
        logger.entering(CLASSNAME, "getLocalPagePermissions");
        try {
            ComponentService componentService = (ComponentService) ServiceManager.getService(DatastoreConstants.ComponentService);
            long time = new Date().getTime();
            synchronized (IReadWriteLocks.securityService) {
                PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
                String contextPath = componentService.getContextPath(str2);
                if (contextPath == "" || contextPath == null) {
                    logger.logp(Level.WARNING, CLASSNAME, "getLocalPagePermissions", "Cannot find component " + str2);
                    logger.logp(Level.WARNING, CLASSNAME, "getLocalPagePermissions", "Module: " + str2 + " is not registered. Looking into wsc navigation xml");
                    logger.logp(Level.SEVERE, CLASSNAME, "getLocalPagePermissions", "TIPJ2EE: Cannot be a WSC page, returning empty permission string.");
                    return "";
                }
                if (this.baseURIForTopology == null) {
                    logger.logp(Level.WARNING, CLASSNAME, "getLocalPagePermissions", "System root path not initialized.");
                    logger.exiting(CLASSNAME, "getLocalPagePermissions");
                    return null;
                }
                String str3 = this.baseURIForTopology + File.separator + contextPath + File.separator + "ibm-portal-security.xml";
                long time2 = new Date().getTime();
                synchronized (IReadWriteLocks.securityService) {
                    PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time2, "IReadWriteLocks.sercuirtyService");
                    resource = this.resSet.getResource(URI.createFileURI(str3), true);
                    if (resource == null) {
                        logger.logp(Level.WARNING, CLASSNAME, "getLocalPagePermissions", "Can't get security resource of module: " + str2);
                    }
                }
                return UpdateStoreUtil.getApplicationRoleList(str, ((com.ibm.isc.wccm.security.DocumentRoot) resource.getContents().get(0)).getIbmPortalSecurity());
            }
        } catch (CoreException e) {
            logger.logp(Level.WARNING, CLASSNAME, "getLocalPagePermissions", e.getMessage());
            logger.exiting(CLASSNAME, "getLocalPagePermissions");
            return "";
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public int getNumberOfUsersForRole(String str, String str2) {
        int numberOfUsersForRole;
        HttpSession httpSession = getHttpSession(str2);
        if (httpSession == null) {
            logger.logp(Level.WARNING, CLASSNAME, "getNumberOfUsersForRole", "Cannot get users for the application role=" + str);
            return 0;
        }
        WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
        long time = new Date().getTime();
        synchronized (IReadWriteLocks.securityService) {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
            numberOfUsersForRole = getUpdateAppRolesStore(workSpace).getNumberOfUsersForRole(str);
        }
        return numberOfUsersForRole;
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public void validateRoleName(String str, String str2) throws RoleInvalidNameException {
        HttpSession httpSession = getHttpSession(str2);
        if (httpSession == null) {
            logger.logp(Level.WARNING, CLASSNAME, "validateRoleName", "Cannot get validate role name, because cannot get HttpSession by portlet session id");
            return;
        }
        WorkSpace workSpace = (WorkSpace) httpSession.getAttribute(Constants.WORKSPACE_KEY);
        long time = new Date().getTime();
        synchronized (IReadWriteLocks.securityService) {
            PerformanceAnalysisUtil.logSynchronizedBlockDelay(new Date().getTime() - time, "IReadWriteLocks.securityService");
            getUpdateAppRolesStore(workSpace).validateRoleName(str);
        }
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public boolean isUserRegistryIgnoreCase() {
        if (userRegistryIgnoreCase == null) {
            synchronized (SecurityService.class) {
                if (userRegistryIgnoreCase == null) {
                    String str = (String) ConfigRepositoryFactory.getConfigRepository().getConfig().get("was.repository.root");
                    String property = System.getProperty("os.name");
                    boolean z = false;
                    if (ProductInfoImpl.getInstance().getPlatform() != 1) {
                        try {
                            Security security = null;
                            EList contents = RepositoryFactory.createRepository("ws-server", str, ISCAppUtil.getCellName(), (String) null, (String) null).getConfigRoot().getResource(0, "security.xml").getContents();
                            if (0 < contents.size()) {
                                Object obj = contents.get(0);
                                if (obj instanceof Security) {
                                    security = (Security) obj;
                                }
                            }
                            UserRegistry activeUserRegistry = security.getActiveUserRegistry();
                            if (activeUserRegistry instanceof LocalOSUserRegistry) {
                                if (logger.isLoggable(Level.FINER)) {
                                    logger.logp(Level.FINER, CLASSNAME, "isUserRegistryIgnoreCase", "Using LocalOSUserRegistry");
                                }
                                if (property.indexOf("Windows") != -1 || property.indexOf("z/OS") != -1) {
                                    z = true;
                                }
                            } else {
                                z = activeUserRegistry.isIgnoreCase();
                            }
                        } catch (Exception e) {
                            logger.logp(Level.WARNING, CLASSNAME, "isUserRegistryIgnoreCase", e.getMessage());
                            e.printStackTrace();
                        }
                    } else if (property.indexOf("Windows") != -1 || property.indexOf("z/OS") != -1) {
                        z = true;
                    }
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.logp(Level.FINEST, CLASSNAME, "isUserRegistryIgnoreCase", "Current UserRegistry ignores case? " + z);
                    }
                    userRegistryIgnoreCase = new Boolean(z);
                }
            }
        }
        return userRegistryIgnoreCase.booleanValue();
    }

    @Override // com.ibm.isclite.service.security.SecurityService
    public long getAuthTimeout() {
        if (authTimeout == null) {
            synchronized (SecurityService.class) {
                if (authTimeout == null) {
                    long j = 120;
                    try {
                        Security security = null;
                        EList contents = RepositoryFactory.createRepository("ws-server", (String) ConfigRepositoryFactory.getConfigRepository().getConfig().get("was.repository.root"), ISCAppUtil.getCellName(), (String) null, (String) null).getConfigRoot().getResource(0, "security.xml").getContents();
                        if (0 < contents.size()) {
                            Object obj = contents.get(0);
                            if (obj instanceof Security) {
                                security = (Security) obj;
                            }
                        }
                        LTPA activeAuthMechanism = security.getActiveAuthMechanism();
                        if (activeAuthMechanism instanceof LTPA) {
                            j = activeAuthMechanism.getTimeout();
                        }
                    } catch (Exception e) {
                        logger.logp(Level.WARNING, CLASSNAME, "getAuthTimeout", e.getMessage());
                        e.printStackTrace();
                    }
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.logp(Level.FINEST, CLASSNAME, "getAuthTimeout", "Current auth timeout: " + j);
                    }
                    authTimeout = new Long(j);
                }
            }
        }
        return authTimeout.longValue();
    }

    protected void reloadArgusRepository() {
        if (reloadAppRoles()) {
            synchronized (IReadWriteLocks.securityService) {
                IReadWriteLocks.storeWrite.lock();
                try {
                    RoleServiceUtil.reloadArgusRepository();
                    IReadWriteLocks.storeWrite.unlock();
                } catch (Throwable th) {
                    IReadWriteLocks.storeWrite.unlock();
                    throw th;
                }
            }
        }
    }
}
