package org.apache.jetspeed.security.spi.impl;

import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
import java.util.prefs.Preferences;
import javax.naming.NamingException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.BasePrincipal;
import org.apache.jetspeed.security.GroupPrincipal;
import org.apache.jetspeed.security.HierarchyResolver;
import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.UserPrincipal;
import org.apache.jetspeed.security.impl.GeneralizationHierarchyResolver;
import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
import org.apache.jetspeed.security.impl.RolePrincipalImpl;
import org.apache.jetspeed.security.impl.UserPrincipalImpl;
import org.apache.jetspeed.security.spi.SecurityMappingHandler;
import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl;
import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao;
import org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDaoImpl;

/* loaded from: input_file:portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.1.3.jar:org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.class */
public class LdapSecurityMappingHandler implements SecurityMappingHandler {
    private LdapUserPrincipalDao userDao;
    private LdapPrincipalDao groupDao;
    private LdapPrincipalDao roleDao;
    private static final Log LOG;
    private HierarchyResolver roleHierarchyResolver;
    private HierarchyResolver groupHierarchyResolver;
    static Class class$org$apache$jetspeed$security$spi$impl$LdapSecurityMappingHandler;

    public LdapSecurityMappingHandler(LdapUserPrincipalDao ldapUserPrincipalDao, LdapPrincipalDao ldapPrincipalDao, LdapPrincipalDao ldapPrincipalDao2) {
        this.roleHierarchyResolver = new GeneralizationHierarchyResolver();
        this.groupHierarchyResolver = new GeneralizationHierarchyResolver();
        this.userDao = ldapUserPrincipalDao;
        this.groupDao = ldapPrincipalDao;
        this.roleDao = ldapPrincipalDao2;
    }

    public LdapSecurityMappingHandler() throws SecurityException, NamingException {
        this.roleHierarchyResolver = new GeneralizationHierarchyResolver();
        this.groupHierarchyResolver = new GeneralizationHierarchyResolver();
        this.userDao = new LdapUserPrincipalDaoImpl();
        this.groupDao = new LdapGroupDaoImpl();
        this.roleDao = new LdapRoleDaoImpl();
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public HierarchyResolver getRoleHierarchyResolver() {
        return this.roleHierarchyResolver;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void setRoleHierarchyResolver(HierarchyResolver hierarchyResolver) {
        this.roleHierarchyResolver = hierarchyResolver;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public HierarchyResolver getGroupHierarchyResolver() {
        return this.groupHierarchyResolver;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void setGroupHierarchyResolver(HierarchyResolver hierarchyResolver) {
        this.groupHierarchyResolver = hierarchyResolver;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getRolePrincipals(String str) {
        HashSet hashSet = new HashSet();
        try {
            String[] roleUidsForUser = this.userDao.getRoleUidsForUser(str);
            for (int i = 0; i < roleUidsForUser.length; i++) {
                createResolvedRolePrincipalSet(str, hashSet, roleUidsForUser, i);
            }
        } catch (SecurityException e) {
            LOG.error(e);
        }
        return hashSet;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void setUserPrincipalInRole(String str, String str2) throws SecurityException {
        verifyUserAndRoleExist(str, str2);
        addRoleToUser(str, str2);
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void removeUserPrincipalInRole(String str, String str2) throws SecurityException {
        verifyUserAndRoleExist(str, str2);
        removeUserFromRole(str, str2);
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getRolePrincipalsInGroup(String str) {
        HashSet hashSet = new HashSet();
        try {
            String[] rolesForGroup = this.userDao.getRolesForGroup(str);
            for (int i = 0; i < rolesForGroup.length; i++) {
                createResolvedRolePrincipalSet(str, hashSet, rolesForGroup, i);
            }
        } catch (SecurityException e) {
            LOG.error(e);
        }
        return hashSet;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void setRolePrincipalInGroup(String str, String str2) throws SecurityException {
        verifyGroupAndRoleExist(str, str2);
        addRoleToGroup(str, str2);
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void removeRolePrincipalInGroup(String str, String str2) throws SecurityException {
        verifyGroupAndRoleExist(str, str2);
        removeRoleFromGroup(str, str2);
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getGroupPrincipals(String str) {
        HashSet hashSet = new HashSet();
        try {
            String[] groupUidsForUser = this.userDao.getGroupUidsForUser(str);
            for (int i = 0; i < groupUidsForUser.length; i++) {
                createResolvedGroupPrincipalSet(str, hashSet, groupUidsForUser, i);
            }
        } catch (SecurityException e) {
            LOG.error(e);
        }
        return hashSet;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getGroupPrincipalsInRole(String str) {
        return new HashSet();
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getUserPrincipalsInRole(String str) {
        HashSet hashSet = new HashSet();
        try {
            getUserPrincipalsInRole(hashSet, new String[]{str});
        } catch (SecurityException e) {
            LOG.error(e);
        }
        return hashSet;
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public Set getUserPrincipalsInGroup(String str) {
        HashSet hashSet = new HashSet();
        try {
            getUserPrincipalsInGroup(hashSet, new String[]{str});
        } catch (SecurityException e) {
            LOG.error(e);
        }
        return hashSet;
    }

    private void getUserPrincipalsInGroup(Set set, String[] strArr) throws SecurityException {
        for (String str : strArr) {
            for (String str2 : this.userDao.getUserUidsForGroup(str)) {
                set.add(new UserPrincipalImpl(str2));
            }
        }
    }

    private void getUserPrincipalsInRole(Set set, String[] strArr) throws SecurityException {
        for (String str : strArr) {
            for (String str2 : this.userDao.getUserUidsForRole(str)) {
                set.add(new UserPrincipalImpl(str2));
            }
        }
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void setUserPrincipalInGroup(String str, String str2) throws SecurityException {
        verifyUserAndGroupExist(str, str2);
        addGroupToUser(str, str2);
    }

    @Override // org.apache.jetspeed.security.spi.SecurityMappingHandler
    public void removeUserPrincipalInGroup(String str, String str2) throws SecurityException {
        verifyUserAndGroupExist(str, str2);
        removeUserFromGroup(str, str2);
    }

    private void verifyGroupAndRoleExist(String str, String str2) throws SecurityException {
        GroupPrincipal group = getGroup(str);
        RolePrincipal role = getRole(str2);
        if (null == group && null == role) {
            throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST);
        }
    }

    private void verifyUserAndGroupExist(String str, String str2) throws SecurityException {
        UserPrincipal user = getUser(str);
        GroupPrincipal group = getGroup(str2);
        if (null == user && null == group) {
            throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
        }
    }

    private void verifyUserAndRoleExist(String str, String str2) throws SecurityException {
        UserPrincipal user = getUser(str);
        RolePrincipal role = getRole(str2);
        if (null == user && null == role) {
            throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST);
        }
    }

    private void createResolvedGroupPrincipalSet(String str, Set set, String[] strArr, int i) {
        LOG.debug(new StringBuffer().append("Group [").append(i).append("] for user[").append(str).append("] is [").append(strArr[i]).append("]").toString());
        GroupPrincipalImpl groupPrincipalImpl = new GroupPrincipalImpl(strArr[i]);
        Preferences node = Preferences.userRoot().node(groupPrincipalImpl.getFullPath());
        LOG.debug(new StringBuffer().append("Group name:").append(groupPrincipalImpl.getName()).toString());
        String[] resolve = this.groupHierarchyResolver.resolve(node);
        for (int i2 = 0; i2 < resolve.length; i2++) {
            LOG.debug(new StringBuffer().append("Group [").append(i).append("] for user[").append(str).append("] is [").append(GroupPrincipalImpl.getPrincipalNameFromFullPath(resolve[i2])).append("]").toString());
            set.add(new GroupPrincipalImpl(GroupPrincipalImpl.getPrincipalNameFromFullPath(resolve[i2])));
        }
    }

    private void createResolvedRolePrincipalSet(String str, Set set, String[] strArr, int i) {
        LOG.debug(new StringBuffer().append("Group [").append(i).append("] for user[").append(str).append("] is [").append(strArr[i]).append("]").toString());
        RolePrincipalImpl rolePrincipalImpl = new RolePrincipalImpl(strArr[i]);
        Preferences node = Preferences.userRoot().node(rolePrincipalImpl.getFullPath());
        LOG.debug(new StringBuffer().append("Group name:").append(rolePrincipalImpl.getName()).toString());
        String[] resolve = this.roleHierarchyResolver.resolve(node);
        for (int i2 = 0; i2 < resolve.length; i2++) {
            LOG.debug(new StringBuffer().append("Group [").append(i).append("] for user[").append(str).append("] is [").append(RolePrincipalImpl.getPrincipalNameFromFullPath(resolve[i2])).append("]").toString());
            set.add(new RolePrincipalImpl(RolePrincipalImpl.getPrincipalNameFromFullPath(resolve[i2])));
        }
    }

    private void removeUserFromGroup(String str, String str2) throws SecurityException {
        this.userDao.removeGroup(str, str2);
    }

    private void removeUserFromRole(String str, String str2) throws SecurityException {
        this.userDao.removeRole(str, str2);
    }

    private void removeRoleFromGroup(String str, String str2) throws SecurityException {
        this.userDao.removeRoleFromGroup(str, str2);
    }

    private UserPrincipal getUser(String str) throws SecurityException {
        Principal[] find = this.userDao.find(str, BasePrincipal.PREFS_USER_ROOT);
        if (find.length == 1) {
            return (UserPrincipal) find[0];
        }
        throw new SecurityException(SecurityException.USER_DOES_NOT_EXIST.create(str));
    }

    private GroupPrincipal getGroup(String str) throws SecurityException {
        Principal[] find = this.groupDao.find(str, BasePrincipal.PREFS_GROUP_ROOT);
        if (find.length == 1) {
            return (GroupPrincipal) find[0];
        }
        throw new SecurityException(SecurityException.GROUP_DOES_NOT_EXIST.create(str));
    }

    private RolePrincipal getRole(String str) throws SecurityException {
        Principal[] find = this.roleDao.find(str, BasePrincipal.PREFS_ROLE_ROOT);
        if (find.length == 1) {
            return (RolePrincipal) find[0];
        }
        throw new SecurityException(SecurityException.ROLE_DOES_NOT_EXIST.create(str));
    }

    private void addGroupToUser(String str, String str2) throws SecurityException {
        this.userDao.addGroup(str, str2);
    }

    private void addRoleToUser(String str, String str2) throws SecurityException {
        this.userDao.addRole(str, str2);
    }

    private void addRoleToGroup(String str, String str2) throws SecurityException {
        this.userDao.addRoleToGroup(str, str2);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$jetspeed$security$spi$impl$LdapSecurityMappingHandler == null) {
            cls = class$("org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler");
            class$org$apache$jetspeed$security$spi$impl$LdapSecurityMappingHandler = cls;
        } else {
            cls = class$org$apache$jetspeed$security$spi$impl$LdapSecurityMappingHandler;
        }
        LOG = LogFactory.getLog(cls);
    }
}
