package org.apache.directory.fortress.core.rbac;

import java.util.Iterator;
import java.util.List;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.rbac.OrgUnit;
import org.apache.directory.fortress.core.util.attr.VUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/directory/fortress/core/rbac/AdminRoleP.class */
public final class AdminRoleP {
    private static final String CLS_NM = AdminRoleP.class.getName();
    private static final Logger LOG = LoggerFactory.getLogger(CLS_NM);
    private static final AdminRoleDAO rDao = new AdminRoleDAO();
    private static final OrgUnitP op = new OrgUnitP();

    /* JADX INFO: Access modifiers changed from: package-private */
    public final AdminRole read(AdminRole adminRole) throws SecurityException {
        return rDao.getRole(adminRole);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<AdminRole> search(AdminRole adminRole) throws SecurityException {
        return rDao.findRoles(adminRole);
    }

    final List<String> search(AdminRole adminRole, int i) throws SecurityException {
        return rDao.findRoles(adminRole, i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<Graphable> getAllDescendants(String str) throws SecurityException {
        return rDao.getAllDescendants(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final AdminRole add(AdminRole adminRole) throws SecurityException {
        validate(adminRole);
        return rDao.create(adminRole);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final AdminRole update(AdminRole adminRole) throws SecurityException {
        validate(adminRole);
        return read(rDao.update(adminRole));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void deleteParent(AdminRole adminRole) throws SecurityException {
        validate(adminRole);
        rDao.deleteParent(adminRole);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final AdminRole assign(AdminRole adminRole, String str) throws SecurityException {
        return rDao.assign(adminRole, str);
    }

    void addOccupant(List<UserAdminRole> list, String str, String str2) throws SecurityException {
        if (VUtil.isNotNullOrEmpty(list)) {
            Iterator<UserAdminRole> it = list.iterator();
            while (it.hasNext()) {
                AdminRole adminRole = new AdminRole(it.next().getName());
                adminRole.setContextId(str2);
                assign(adminRole, str);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void removeOccupant(String str, String str2) throws SecurityException {
        try {
            Iterator<String> it = rDao.findAssignedRoles(str, str2).iterator();
            while (it.hasNext()) {
                deassign(new AdminRole(it.next()), str);
            }
        } catch (FinderException e) {
            throw new SecurityException(GlobalErrIds.ARLE_REMOVE_OCCUPANT_FAILED, "removeOccupant userDn [" + str + "] caught FinderException=" + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final AdminRole deassign(AdminRole adminRole, String str) throws SecurityException {
        return rDao.deassign(adminRole, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void delete(AdminRole adminRole) throws SecurityException {
        try {
            rDao.remove(adminRole);
        } catch (RemoveException e) {
            String str = "delete name [" + adminRole.getName() + "] caught RemoveException=" + e;
            LOG.error(str);
            throw new SecurityException(GlobalErrIds.ARLE_DELETE_FAILED, str, e);
        }
    }

    private void validate(AdminRole adminRole) throws SecurityException {
        VUtil.safeText(adminRole.getName(), 40);
        if (VUtil.isNotNullOrEmpty(adminRole.getBeginRange()) && VUtil.isNotNullOrEmpty(adminRole.getEndRange())) {
            VUtil.safeText(adminRole.getBeginRange(), 40);
            VUtil.safeText(adminRole.getEndRange(), 40);
            if (adminRole.getBeginRange().equalsIgnoreCase(adminRole.getEndRange()) && (!adminRole.isBeginInclusive() || !adminRole.isEndInclusive())) {
                String str = "validate invalid range detected for role name [" + adminRole.getName() + "] non inclusive endpoint for identical range [" + adminRole.getBeginRange() + "] begin inclusive [" + adminRole.isBeginInclusive() + "] end inclusive [" + adminRole.isEndInclusive() + "]";
                LOG.warn(str);
                throw new SecurityException(GlobalErrIds.ARLE_INVLD_RANGE_INCLUSIVE, str);
            }
            if (!RoleUtil.isParent(adminRole.getBeginRange(), adminRole.getEndRange(), adminRole.getContextId()) && !adminRole.getBeginRange().equalsIgnoreCase(adminRole.getEndRange())) {
                String str2 = "validate invalid range detected for role name [" + adminRole.getName() + "] begin range [" + adminRole.getBeginRange() + "] end range [" + adminRole.getEndRange() + "]";
                LOG.warn(str2);
                throw new SecurityException(GlobalErrIds.ARLE_INVLD_RANGE, str2);
            }
        } else {
            if (!VUtil.isNotNullOrEmpty(adminRole.getBeginRange()) && VUtil.isNotNullOrEmpty(adminRole.getEndRange())) {
                String str3 = "validate role name [" + adminRole.getName() + "] begin range value null or empty.";
                LOG.warn(str3);
                throw new SecurityException(9011, str3);
            }
            if (VUtil.isNotNullOrEmpty(adminRole.getBeginRange()) && !VUtil.isNotNullOrEmpty(adminRole.getEndRange())) {
                String str4 = "validate role name [" + adminRole.getName() + "] end range value null or empty.";
                LOG.warn(str4);
                throw new SecurityException(9011, str4);
            }
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getDescription())) {
            VUtil.description(adminRole.getDescription());
        }
        if (adminRole.getTimeout().intValue() >= 0) {
            VUtil.timeout(adminRole.getTimeout());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getBeginTime())) {
            VUtil.beginTime(adminRole.getBeginTime());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getEndTime())) {
            VUtil.endTime(adminRole.getEndTime());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getBeginDate())) {
            VUtil.beginDate(adminRole.getBeginDate());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getEndDate())) {
            VUtil.endDate(adminRole.getEndDate());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getDayMask())) {
            VUtil.dayMask(adminRole.getDayMask());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getBeginLockDate())) {
            VUtil.beginDate(adminRole.getBeginDate());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getEndLockDate())) {
            VUtil.endDate(adminRole.getEndLockDate());
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getOsU())) {
            Iterator<String> it = adminRole.getOsU().iterator();
            while (it.hasNext()) {
                OrgUnit orgUnit = new OrgUnit(it.next());
                orgUnit.setType(OrgUnit.Type.USER);
                orgUnit.setContextId(adminRole.getContextId());
                op.read(orgUnit);
            }
        }
        if (VUtil.isNotNullOrEmpty(adminRole.getOsP())) {
            Iterator<String> it2 = adminRole.getOsP().iterator();
            while (it2.hasNext()) {
                OrgUnit orgUnit2 = new OrgUnit(it2.next());
                orgUnit2.setType(OrgUnit.Type.PERM);
                orgUnit2.setContextId(adminRole.getContextId());
                op.read(orgUnit2);
            }
        }
    }
}
