package jp.sf.pal.admin.logic;

import java.io.Serializable;
import java.security.Principal;
import java.sql.Date;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import jp.sf.pal.admin.PALAdminConstants;
import jp.sf.pal.admin.PALAdminException;
import jp.sf.pal.admin.entity.Group;
import jp.sf.pal.admin.entity.PrincipalRule;
import jp.sf.pal.admin.entity.Role;
import jp.sf.pal.admin.entity.User;
import jp.sf.pal.admin.pager.GroupPager;
import jp.sf.pal.admin.pager.RolePager;
import jp.sf.pal.admin.pager.UserPager;
import jp.sf.pal.admin.util.PALAdminUtil;
import jp.sf.pal.admin.util.PortalComponentUtil;
import org.apache.jetspeed.page.PageManager;
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
import org.apache.jetspeed.security.AuthenticationProviderProxy;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SecurityProvider;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserPrincipal;
import org.apache.jetspeed.security.om.InternalCredential;
import org.apache.jetspeed.security.spi.GroupSecurityHandler;
import org.apache.jetspeed.security.spi.RoleSecurityHandler;
import org.apache.log4j.Logger;

/* loaded from: input_file:WEB-INF/classes/jp/sf/pal/admin/logic/SecurityProviderLogic.class */
public class SecurityProviderLogic implements Serializable {
    private static final long serialVersionUID = 2380951929327928610L;
    private static final Logger logger = Logger.getLogger(SecurityProviderLogic.class);
    private transient AuthenticationProviderProxy authenticationProviderProxy;
    private transient SecurityProvider securityProvider = null;
    private transient UserManager userManager = null;
    private transient RoleSecurityHandler roleSecurityHandler = null;
    private transient RoleManager roleManager = null;
    private transient GroupSecurityHandler groupSecurityHandler = null;
    private transient GroupManager groupManager = null;
    private transient Profiler profiler = null;
    private transient PageManager pageManager = null;

    public AuthenticationProviderProxy getAuthenticationProviderProxy() {
        if (this.authenticationProviderProxy == null) {
            this.authenticationProviderProxy = getSecurityProvider().getAuthenticationProviderProxy();
        }
        return this.authenticationProviderProxy;
    }

    public void setAuthenticationProviderProxy(AuthenticationProviderProxy authenticationProviderProxy) {
        this.authenticationProviderProxy = authenticationProviderProxy;
    }

    public RoleSecurityHandler getRoleSecurityHandler() {
        if (this.roleSecurityHandler == null) {
            this.roleSecurityHandler = getSecurityProvider().getRoleSecurityHandler();
        }
        return this.roleSecurityHandler;
    }

    public void setRoleSecurityHandler(RoleSecurityHandler roleSecurityHandler) {
        this.roleSecurityHandler = roleSecurityHandler;
    }

    public GroupSecurityHandler getGroupSecurityHandler() {
        if (this.groupSecurityHandler == null) {
            this.groupSecurityHandler = getSecurityProvider().getGroupSecurityHandler();
        }
        return this.groupSecurityHandler;
    }

    public void setGroupSecurityHandler(GroupSecurityHandler groupSecurityHandler) {
        this.groupSecurityHandler = groupSecurityHandler;
    }

    public UserManager getUserManager() {
        if (this.userManager == null) {
            this.userManager = PortalComponentUtil.getUserManager();
        }
        return this.userManager;
    }

    public void setUserManager(UserManager userManager) {
        this.userManager = userManager;
    }

    public RoleManager getRoleManager() {
        if (this.roleManager == null) {
            this.roleManager = PortalComponentUtil.getRoleManager();
        }
        return this.roleManager;
    }

    public void setRoleManager(RoleManager roleManager) {
        this.roleManager = roleManager;
    }

    public GroupManager getGroupManager() {
        if (this.groupManager == null) {
            this.groupManager = PortalComponentUtil.getGroupManager();
        }
        return this.groupManager;
    }

    public void setGroupManager(GroupManager groupManager) {
        this.groupManager = groupManager;
    }

    public Profiler getProfiler() {
        if (this.profiler == null) {
            this.profiler = PortalComponentUtil.getProfiler();
        }
        return this.profiler;
    }

    public void setProfiler(Profiler profiler) {
        this.profiler = profiler;
    }

    public PageManager getPageManager() {
        if (this.pageManager == null) {
            this.pageManager = PortalComponentUtil.getPageManager();
        }
        return this.pageManager;
    }

    public void setPageManager(PageManager pageManager) {
        this.pageManager = pageManager;
    }

    public SecurityProvider getSecurityProvider() {
        if (this.securityProvider == null) {
            this.securityProvider = PortalComponentUtil.getSecurityProvider();
        }
        return this.securityProvider;
    }

    public void setSecurityProvider(SecurityProvider securityProvider) {
        this.securityProvider = securityProvider;
    }

    public List<User> getUsers(UserPager userPager) throws PALAdminException {
        if (userPager.getAuthenticationProviderName() == null) {
            userPager.setAuthenticationProviderName(getAuthenticationProviderProxy().getDefaultAuthenticationProvider());
        }
        StringBuffer stringBuffer = new StringBuffer("AdvanceFilter: ");
        stringBuffer.append("username=").append(userPager.getFilter());
        ArrayList arrayList = new ArrayList();
        try {
            userPager.setCount(getAuthenticationProviderProxy().getUserCount(stringBuffer.toString(), userPager.getAuthenticationProviderName()));
            int offset = userPager.getOffset() + 1;
            stringBuffer.append(", startAtIndex=").append(offset).append(", endAtIndex=").append(offset + userPager.getLimit());
            List userPrincipals = getAuthenticationProviderProxy().getUserPrincipals(stringBuffer.toString(), userPager.getAuthenticationProviderName());
            int size = userPrincipals.size();
            if (logger.isDebugEnabled()) {
                logger.debug("getUsers(UserPager) - pager.getFilter()=" + userPager.getFilter());
                logger.debug("getUsers(UserPager) - size=" + size + ", filter=" + stringBuffer.toString());
            }
            for (int i = 0; i < size; i++) {
                User user = new User();
                user.setName(((Principal) userPrincipals.get(i)).getName());
                arrayList.add(user);
            }
            return arrayList;
        } catch (SecurityException e) {
            logger.error("Could not get users.", e);
            throw new PALAdminException(e);
        }
    }

    public void insertUser(User user) throws PALAdminException {
        if (PALAdminUtil.isEmpty(user.getName()) || PALAdminUtil.isEmpty(user.getPassword())) {
            throw new PALAdminException("Invalid user name or password. username=" + user.getName() + ", password=" + user.getPassword());
        }
        try {
            getUserManager().addUser(user.getName(), user.getPassword());
            PasswordCredential passwordCredential = getPasswordCredential(user.getName());
            if (passwordCredential != null && user.isUpdateRequired() != passwordCredential.isUpdateRequired()) {
                getUserManager().setPasswordUpdateRequired(user.getName(), user.isUpdateRequired());
            }
            for (Role role : user.getRoles()) {
                if (!PALAdminUtil.isEmpty(role.getName())) {
                    getRoleManager().addRoleToUser(user.getName(), role.getName());
                }
            }
            Principal userPrincipal = getUserPrincipal(user.getName());
            for (PrincipalRule principalRule : user.getPrincipalRules()) {
                if (!PALAdminUtil.isEmpty(principalRule.getLocatorName()) && !PALAdminUtil.isEmpty(principalRule.getProfilingRuleName())) {
                    getProfiler().setRuleForPrincipal(userPrincipal, getProfiler().getRule(principalRule.getProfilingRuleName()), principalRule.getLocatorName());
                }
            }
            if (!getPageManager().userFolderExists(user.getName())) {
                getPageManager().deepCopyFolder(getPageManager().getFolder(PALAdminConstants.DEFAULT_TEMPLATE_FOLDER), "/_user/" + user.getName(), user.getName());
            }
        } catch (Exception e) {
            logger.error("Could not create user: " + user, e);
            throw new PALAdminException(e);
        }
    }

    private Subject getUserSubject(String str) throws SecurityException {
        return getUserManager().getUser(str).getSubject();
    }

    private PasswordCredential getPasswordCredential(String str) throws SecurityException {
        PasswordCredential passwordCredential = null;
        Iterator<Object> it = getUserManager().getUser(str).getSubject().getPrivateCredentials().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Object next = it.next();
            if (next instanceof PasswordCredential) {
                passwordCredential = (PasswordCredential) next;
                break;
            }
        }
        return passwordCredential;
    }

    public void deleteUser(User user) throws PALAdminException {
        try {
            getUserManager().removeUser(user.getName());
            if (getPageManager().folderExists("/_user/" + user.getName())) {
                this.pageManager.removeFolder(this.pageManager.getFolder("/_user/" + user.getName()));
            }
        } catch (Exception e) {
            throw new PALAdminException(e);
        }
    }

    public User getUser(String str) {
        try {
            if (getUserManager().getUser(str) == null) {
                return null;
            }
            PasswordCredential passwordCredential = getPasswordCredential(str);
            User user = new User();
            user.setName(str);
            user.setPassword(null);
            user.setUpdateRequired(passwordCredential.isUpdateRequired());
            user.setLastLogon(passwordCredential.getLastAuthenticationDate());
            user.setUserEnabled(passwordCredential.isEnabled());
            user.setExpirationDate(passwordCredential.getExpirationDate());
            if (passwordCredential.isExpired()) {
                user.setExpires(PALAdminConstants.USER_CREDENTIAL_EXPIRED);
            } else {
                user.setExpires(PALAdminConstants.USER_CREDENTIAL_ACTIVE);
            }
            return user;
        } catch (SecurityException e) {
            logger.error("Could not get user: " + str, e);
            return null;
        }
    }

    public void updateUser(User user) throws PALAdminException {
        try {
            boolean z = false;
            if (user.getPassword() != null && user.getPassword().trim().length() > 0) {
                getUserManager().setPassword(user.getName(), (String) null, user.getPassword());
                z = true;
            }
            PasswordCredential passwordCredential = getPasswordCredential(user.getName());
            if (passwordCredential != null) {
                if (user.isUpdateRequired() != passwordCredential.isUpdateRequired()) {
                    getUserManager().setPasswordUpdateRequired(user.getName(), user.isUpdateRequired());
                }
                if (user.isUserEnabled() != passwordCredential.isEnabled()) {
                    this.userManager.setPasswordEnabled(user.getName(), user.isUserEnabled());
                }
                if (!z && user.getExpires().equals(PALAdminConstants.USER_CREDENTIAL_ACTIVE)) {
                    this.userManager.setPasswordExpiration(user.getName(), (Date) null);
                } else if (!z && user.getExpires().equals(PALAdminConstants.USER_CREDENTIAL_EXPIRED)) {
                    this.userManager.setPasswordExpiration(user.getName(), new Date(Calendar.getInstance().getTimeInMillis()));
                } else if (user.getExpires().equals(PALAdminConstants.USER_CREDENTIAL_EXTEND)) {
                    this.userManager.setPasswordExpiration(user.getName(), (Date) null);
                } else if (user.getExpires().equals(PALAdminConstants.USER_CREDENTIAL_EXTEND_UNLIMITED)) {
                    this.userManager.setPasswordExpiration(user.getName(), InternalCredential.MAX_DATE);
                }
            }
        } catch (SecurityException e) {
            logger.error("Could not update user information correctly. user=" + user, e);
            throw new PALAdminException("Could not update user information correctly. user=" + user, e);
        }
    }

    public void addUserToGroup(User user, Group group) throws PALAdminException {
        try {
            if (!getGroupManager().groupExists(group.getName())) {
                throw new PALAdminException("The group does not exist. group=" + group);
            }
            getGroupManager().addUserToGroup(user.getName(), group.getName());
        } catch (SecurityException e) {
            logger.error("Could not add the group to the user. user=" + user + ", group=" + group, e);
            throw new PALAdminException("Could not add the group to the user. user=" + user + ", group=" + group, e);
        }
    }

    public void removeGroupFromUser(User user, Group group) throws PALAdminException {
        try {
            if (!getGroupManager().groupExists(group.getName())) {
                throw new PALAdminException("The group does not exist. group=" + group);
            }
            getGroupManager().removeUserFromGroup(user.getName(), group.getName());
        } catch (SecurityException e) {
            logger.error("Could not remove the group from the user. user=" + user + ", group=" + group, e);
            throw new PALAdminException("Could not remove the group from the user. user=" + user + ", group=" + group, e);
        }
    }

    public boolean exists(Group group) {
        return getGroupManager().groupExists(group.getName());
    }

    public void addUserToRole(User user, Role role) throws PALAdminException {
        try {
            if (!getRoleManager().roleExists(role.getName())) {
                throw new PALAdminException("The role does not exist. role=" + role);
            }
            getRoleManager().addRoleToUser(user.getName(), role.getName());
        } catch (SecurityException e) {
            logger.error("Could not add the role to the user. user=" + user + ", role=" + role, e);
            throw new PALAdminException("Could not add the role to the user. user=" + user + ", role=" + role, e);
        }
    }

    public void removeRoleFromUser(User user, Role role) throws PALAdminException {
        try {
            if (!getRoleManager().roleExists(role.getName())) {
                throw new PALAdminException("The role does not exist. role=" + role);
            }
            getRoleManager().removeRoleFromUser(user.getName(), role.getName());
        } catch (SecurityException e) {
            logger.error("Could not remove the role from the user. user=" + user + ", role=" + role, e);
            throw new PALAdminException("Could not remove the role from the user. user=" + user + ", role=" + role, e);
        }
    }

    public boolean exists(Role role) {
        return getRoleManager().roleExists(role.getName());
    }

    public void removePrincipalRuleFromUser(User user, PrincipalRule principalRule) throws PALAdminException {
        try {
            for (org.apache.jetspeed.profiler.rules.PrincipalRule principalRule2 : getProfiler().getRulesForPrincipal(getUserPrincipal(user.getName()))) {
                if (principalRule2.getLocatorName().equals(principalRule.getLocatorName())) {
                    getProfiler().deletePrincipalRule(principalRule2);
                }
            }
        } catch (Exception e) {
            logger.error("Could not remove the principalRule from the user. user=" + user + ", principalRule=" + principalRule, e);
            throw new PALAdminException("Could not remove the principalRule from the user. user=" + user + ", principalRule=" + principalRule, e);
        }
    }

    public List<Role> getRoles(RolePager rolePager) {
        ArrayList arrayList = new ArrayList();
        List rolePrincipals = getRoleSecurityHandler().getRolePrincipals(rolePager.getFilter());
        rolePager.setCount(rolePrincipals.size());
        int offset = rolePager.getOffset();
        int limit = rolePager.getLimit();
        int size = rolePrincipals.size();
        if (logger.isDebugEnabled()) {
            logger.debug("getRoles(RolePager) - pager.getFilter()=" + rolePager.getFilter());
            logger.debug("getRoles(RolePager) - offset=" + offset + ", limit=" + limit + ", size=" + size);
        }
        for (int i = offset; i < offset + limit && i < size; i++) {
            Role role = new Role();
            role.setName(((Principal) rolePrincipals.get(i)).getName());
            arrayList.add(role);
        }
        return arrayList;
    }

    public void insertRole(Role role) throws PALAdminException {
        try {
            getRoleManager().addRole(role.getName());
        } catch (SecurityException e) {
            throw new PALAdminException((Throwable) e);
        }
    }

    public void deleteRole(Role role) throws PALAdminException {
        try {
            getRoleManager().removeRole(role.getName());
        } catch (SecurityException e) {
            throw new PALAdminException((Throwable) e);
        }
    }

    public List<String> getRoleNames() {
        ArrayList arrayList = new ArrayList();
        Iterator it = getRoleSecurityHandler().getRolePrincipals("").iterator();
        while (it.hasNext()) {
            arrayList.add(((Principal) it.next()).getName());
        }
        return arrayList;
    }

    public void addPrincipalRuleToUser(User user, PrincipalRule principalRule) throws PALAdminException {
        try {
            getProfiler().setRuleForPrincipal(getUserPrincipal(user.getName()), getProfiler().getRule(principalRule.getProfilingRuleName()), principalRule.getLocatorName());
        } catch (SecurityException e) {
            logger.error("Could not add the principal rule to user. user=" + user + ", principalRule=" + principalRule, e);
            throw new PALAdminException("Could not add the principal rule to user. user=" + user + ", principalRule=" + principalRule, e);
        }
    }

    public List<Group> getGroups(GroupPager groupPager) {
        ArrayList arrayList = new ArrayList();
        List groupPrincipals = getGroupSecurityHandler().getGroupPrincipals(groupPager.getFilter());
        groupPager.setCount(groupPrincipals.size());
        int offset = groupPager.getOffset();
        int limit = groupPager.getLimit();
        int size = groupPrincipals.size();
        if (logger.isDebugEnabled()) {
            logger.debug("getGroups(GroupPager) - pager.getFilter()=" + groupPager.getFilter());
            logger.debug("getGroups(GroupPager) - offset=" + offset + ", limit=" + limit + ", size=" + size);
        }
        for (int i = offset; i < offset + limit && i < size; i++) {
            Group group = new Group();
            group.setName(((Principal) groupPrincipals.get(i)).getName());
            arrayList.add(group);
        }
        return arrayList;
    }

    public void insertGroup(Group group) throws PALAdminException {
        try {
            getGroupManager().addGroup(group.getName());
        } catch (SecurityException e) {
            throw new PALAdminException((Throwable) e);
        }
    }

    public void deleteGroup(Group group) throws PALAdminException {
        try {
            getGroupManager().removeGroup(group.getName());
        } catch (SecurityException e) {
            throw new PALAdminException((Throwable) e);
        }
    }

    public List<String> getGroupNames() {
        ArrayList arrayList = new ArrayList();
        Iterator it = getGroupSecurityHandler().getGroupPrincipals("").iterator();
        while (it.hasNext()) {
            arrayList.add(((Principal) it.next()).getName());
        }
        return arrayList;
    }

    public List<String> getGroupNamesForUsername(String str) {
        ArrayList arrayList = new ArrayList();
        Iterator it = getSecurityProvider().getSecurityMappingHandler().getGroupPrincipals(str).iterator();
        while (it.hasNext()) {
            arrayList.add(((Principal) it.next()).getName());
        }
        return arrayList;
    }

    public List<String> getRoleNamesForUsername(String str) {
        ArrayList arrayList = new ArrayList();
        Iterator it = getSecurityProvider().getSecurityMappingHandler().getRolePrincipals(str).iterator();
        while (it.hasNext()) {
            arrayList.add(((Principal) it.next()).getName());
        }
        return arrayList;
    }

    public List<String> getProfilingRuleNames() {
        ArrayList arrayList = new ArrayList();
        Iterator it = getProfiler().getRules().iterator();
        while (it.hasNext()) {
            arrayList.add(((ProfilingRule) it.next()).getId());
        }
        return arrayList;
    }

    public List<PrincipalRule> getPrincipalRuleForUser(User user) {
        ArrayList arrayList = new ArrayList();
        try {
            for (org.apache.jetspeed.profiler.rules.PrincipalRule principalRule : getProfiler().getRulesForPrincipal(getUserPrincipal(user.getName()))) {
                PrincipalRule principalRule2 = new PrincipalRule();
                principalRule2.setLocatorName(principalRule.getLocatorName());
                principalRule2.setProfilingRuleName(principalRule.getProfilingRule().getId());
                arrayList.add(principalRule2);
            }
        } catch (SecurityException e) {
            logger.error("Could not get principal rules.", e);
        }
        return arrayList;
    }

    private Principal getUserPrincipal(String str) throws SecurityException {
        return PALAdminUtil.getPrincipal(getUserSubject(str), UserPrincipal.class);
    }
}
