package org.apache.directory.fortress.core.impl;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.DefaultAttribute;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CreateException;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.UpdateException;
import org.apache.directory.fortress.core.ldap.LdapDataProvider;
import org.apache.directory.fortress.core.model.AdminRole;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.OrgUnit;
import org.apache.directory.fortress.core.model.PermObj;
import org.apache.directory.fortress.core.model.Permission;
import org.apache.directory.fortress.core.model.PermissionAttribute;
import org.apache.directory.fortress.core.model.PermissionAttributeSet;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.core.util.PropUtil;
import org.apache.directory.ldap.client.api.LdapConnection;

/* loaded from: input_file:org/apache/directory/fortress/core/impl/PermDAO.class */
final class PermDAO extends LdapDataProvider {
    private static final String PERMISSION_ATTRIBUTE_SET_OBJECT_CLASS_NAME = "ftAttributeSet";
    private static final String PERMISSION_ATTRIBUTE_OBJECT_CLASS_NAME = "ftAttribute";
    private static final String PERMISSION_ATTRIBUTE_SET = "ftPASet";
    private static final String PERM_OBJ_OBJECT_CLASS_NAME = "ftObject";
    private static final String[] PERM_OBJ_OBJ_CLASS = {"top", "organizationalUnit", PERM_OBJ_OBJECT_CLASS_NAME, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
    private static final String PERM_OP_OBJECT_CLASS_NAME = "ftOperation";
    private static final String[] PERM_OP_OBJ_CLASS = {"top", "organizationalRole", PERM_OP_OBJECT_CLASS_NAME, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
    private static final String PERM_NAME = "ftPermName";
    private static final String ROLES = "ftRoles";
    private static final String USERS = "ftUsers";
    private static final String[] PERMISSION_OP_ATRS = {GlobalIds.FT_IID, PERM_NAME, GlobalIds.POBJ_NAME, GlobalIds.POP_NAME, "description", "ou", GlobalIds.POBJ_ID, GlobalIds.TYPE, ROLES, USERS, GlobalIds.PROPS, "ftPASet"};
    private static final String[] PERMISION_OBJ_ATRS = {GlobalIds.FT_IID, GlobalIds.POBJ_NAME, "description", "ou", GlobalIds.TYPE, GlobalIds.PROPS};
    private static final String[] PERMISION_ATTRIBUTE_SET_ATRS = {GlobalIds.FT_IID, "description", GlobalIds.POLICY_NODE_TYPE, GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE};
    private static final String[] PERMISION_ATTRIBUTE_ATRS = {GlobalIds.FT_IID, GlobalIds.FT_PERMISSION_ATTRIBUTE, "description", GlobalIds.POLICY_NODE_TYPE, "ftPASet", GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES};

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj createObject(PermObj permObj) throws CreateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permObj, permObj.getContextId());
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(dn);
                defaultEntry.add("objectClass", PERM_OBJ_OBJ_CLASS);
                defaultEntry.add(GlobalIds.POBJ_NAME, new String[]{permObj.getObjName()});
                permObj.setInternalId();
                defaultEntry.add(GlobalIds.FT_IID, new String[]{permObj.getInternalId()});
                defaultEntry.add("ou", new String[]{permObj.getOu()});
                if (StringUtils.isNotEmpty(permObj.getDescription())) {
                    defaultEntry.add("description", new String[]{permObj.getDescription()});
                }
                if (StringUtils.isNotEmpty(permObj.getType())) {
                    defaultEntry.add(GlobalIds.TYPE, new String[]{permObj.getType()});
                }
                if (PropUtil.isNotEmpty(permObj.getProperties())) {
                    loadProperties(permObj.getProperties(), defaultEntry, GlobalIds.PROPS);
                }
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, permObj);
                permObj.setDn(dn);
                closeAdminConnection(ldapConnection);
                return permObj;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.PERM_ADD_FAILED, "createObject perm obj [" + permObj.getObjName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj updateObj(PermObj permObj) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permObj, permObj.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (StringUtils.isNotEmpty(permObj.getOu())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "ou", new String[]{permObj.getOu()}));
                }
                if (StringUtils.isNotEmpty(permObj.getDescription())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", new String[]{permObj.getDescription()}));
                }
                if (StringUtils.isNotEmpty(permObj.getType())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.TYPE, new String[]{permObj.getType()}));
                }
                if (PropUtil.isNotEmpty(permObj.getProperties())) {
                    loadProperties(permObj.getProperties(), (List<Modification>) arrayList, GlobalIds.PROPS, true);
                }
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, permObj);
                    permObj.setDn(dn);
                }
                return permObj;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.PERM_UPDATE_FAILED, "updateObj objName [" + permObj.getObjName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteObj(PermObj permObj) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permObj, permObj.getContextId());
        try {
            try {
                ldapConnection = getAdminConnection();
                deleteRecursive(ldapConnection, dn, permObj);
                closeAdminConnection(ldapConnection);
            } catch (CursorException e) {
                throw new RemoveException(GlobalErrIds.PERM_DELETE_FAILED, "deleteObj objName [" + permObj.getObjName() + "] caught LdapException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RemoveException(GlobalErrIds.PERM_DELETE_FAILED, "deleteObj objName [" + permObj.getObjName() + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission createOperation(Permission permission) throws CreateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(dn);
                defaultEntry.add("objectClass", PERM_OP_OBJ_CLASS);
                defaultEntry.add(GlobalIds.POP_NAME, new String[]{permission.getOpName()});
                defaultEntry.add(GlobalIds.POBJ_NAME, new String[]{permission.getObjName()});
                permission.setAbstractName(permission.getObjName() + "." + permission.getOpName());
                permission.setInternalId();
                defaultEntry.add(GlobalIds.FT_IID, new String[]{permission.getInternalId()});
                if (StringUtils.isNotEmpty(permission.getDescription())) {
                    defaultEntry.add("description", new String[]{permission.getDescription()});
                }
                defaultEntry.add(PERM_NAME, new String[]{permission.getAbstractName()});
                defaultEntry.add(GlobalIds.POLICY_NODE_TYPE, new String[]{permission.getAbstractName()});
                if (StringUtils.isNotEmpty(permission.getObjId())) {
                    defaultEntry.add(GlobalIds.POBJ_ID, new String[]{permission.getObjId()});
                }
                if (StringUtils.isNotEmpty(permission.getType())) {
                    defaultEntry.add(GlobalIds.TYPE, new String[]{permission.getType()});
                }
                loadAttrs(permission.getRoles(), (Entry) defaultEntry, ROLES);
                loadAttrs(permission.getUsers(), (Entry) defaultEntry, USERS);
                loadAttrs(permission.getPaSets(), (Entry) defaultEntry, "ftPASet");
                if (PropUtil.isNotEmpty(permission.getProperties())) {
                    loadProperties(permission.getProperties(), defaultEntry, GlobalIds.PROPS);
                }
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, permission);
                permission.setDn(dn);
                closeAdminConnection(ldapConnection);
                return permission;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.PERM_ADD_FAILED, "createOperation objName [" + permission.getObjName() + "] opName [" + permission.getOpName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttributeSet createPermissionAttributeSet(PermissionAttributeSet permissionAttributeSet) throws CreateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permissionAttributeSet, permissionAttributeSet.getContextId());
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(dn);
                defaultEntry.add("objectClass", new String[]{"ftAttributeSet"});
                defaultEntry.add("ftPASet", new String[]{permissionAttributeSet.getName()});
                permissionAttributeSet.setInternalId();
                defaultEntry.add(GlobalIds.FT_IID, new String[]{permissionAttributeSet.getInternalId()});
                if (StringUtils.isNotEmpty(permissionAttributeSet.getDescription())) {
                    defaultEntry.add("description", new String[]{permissionAttributeSet.getDescription()});
                }
                if (StringUtils.isNotEmpty(permissionAttributeSet.getType())) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE, new String[]{permissionAttributeSet.getType()});
                }
                defaultEntry.add(GlobalIds.POLICY_NODE_TYPE, new String[]{permissionAttributeSet.getName()});
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, permissionAttributeSet);
                permissionAttributeSet.setDn(dn);
                closeAdminConnection(ldapConnection);
                for (PermissionAttribute permissionAttribute : permissionAttributeSet.getAttributes()) {
                    permissionAttribute.setContextId(permissionAttributeSet.getContextId());
                    createPermissionAttribute(permissionAttribute, permissionAttributeSet.getName());
                }
                return permissionAttributeSet;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.PERM_ADD_FAILED, "createPermissionAttributeSet name [" + permissionAttributeSet.getName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttribute createPermissionAttribute(PermissionAttribute permissionAttribute, String str) throws CreateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permissionAttribute, str, permissionAttribute.getContextId());
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(dn);
                defaultEntry.add("objectClass", new String[]{"ftAttribute"});
                permissionAttribute.setInternalId();
                defaultEntry.add(GlobalIds.FT_IID, new String[]{permissionAttribute.getInternalId()});
                defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE, new String[]{permissionAttribute.getAttributeName()});
                defaultEntry.add("ftPASet", new String[]{str});
                if (StringUtils.isNotEmpty(permissionAttribute.getDescription())) {
                    defaultEntry.add("description", new String[]{permissionAttribute.getDescription()});
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDataType())) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, new String[]{permissionAttribute.getDataType()});
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultOperator())) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, new String[]{permissionAttribute.getDefaultOperator()});
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultStrategy())) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, new String[]{permissionAttribute.getDefaultStrategy()});
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultValue())) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, new String[]{permissionAttribute.getDefaultValue()});
                }
                Iterator<String> it = permissionAttribute.getValidValues().iterator();
                while (it.hasNext()) {
                    defaultEntry.add(GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, new String[]{it.next()});
                }
                defaultEntry.add(GlobalIds.POLICY_NODE_TYPE, new String[]{permissionAttribute.getAttributeName()});
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, permissionAttribute);
                permissionAttribute.setDn(dn);
                closeAdminConnection(ldapConnection);
                return permissionAttribute;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.PERM_ATTR_ADD_FAILED, "createPermissionAttribute name [" + permissionAttribute.getAttributeName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttribute updatePermissionAttribute(PermissionAttribute permissionAttribute, String str, boolean z) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permissionAttribute, str, permissionAttribute.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (StringUtils.isNotEmpty(permissionAttribute.getDataType())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE, new String[]{permissionAttribute.getDataType()}));
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDescription())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", new String[]{permissionAttribute.getDescription()}));
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultOperator())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR, new String[]{permissionAttribute.getDefaultOperator()}));
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultStrategy())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY, new String[]{permissionAttribute.getDefaultStrategy()}));
                }
                if (StringUtils.isNotEmpty(permissionAttribute.getDefaultValue())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE, new String[]{permissionAttribute.getDefaultValue()}));
                }
                if (z) {
                    arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES));
                }
                Iterator<String> it = permissionAttribute.getValidValues().iterator();
                while (it.hasNext()) {
                    arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES, new String[]{it.next()}));
                }
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, permissionAttribute);
                    permissionAttribute.setDn(dn);
                }
                return permissionAttribute;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.PERM_ATTRIBUTE_UPDATE_FAILED, "updatePermissionAttribute name [" + permissionAttribute.getAttributeName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission updateOperation(Permission permission) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (StringUtils.isNotEmpty(permission.getAbstractName())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PERM_NAME, new String[]{permission.getAbstractName()}));
                }
                if (StringUtils.isNotEmpty(permission.getDescription())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", new String[]{permission.getDescription()}));
                }
                if (StringUtils.isNotEmpty(permission.getType())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.TYPE, new String[]{permission.getType()}));
                }
                if (CollectionUtils.isNotEmpty(permission.getPaSets())) {
                    Iterator<String> it = permission.getPaSets().iterator();
                    while (it.hasNext()) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "ftPASet", new String[]{it.next()}));
                    }
                }
                loadAttrs(permission.getRoles(), arrayList, ROLES);
                loadAttrs(permission.getUsers(), arrayList, USERS);
                loadProperties(permission.getProperties(), (List<Modification>) arrayList, GlobalIds.PROPS, true);
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, permission);
                    permission.setDn(dn);
                }
                return permission;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.PERM_UPDATE_FAILED, "updateOperation objName [" + permission.getObjName() + "] opName [" + permission.getOpName() + "] caught LdapException=" + e.getMessage(), e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteOperation(Permission permission) throws RemoveException {
        LdapConnection ldapConnection = null;
        String str = getOpRdn(permission.getOpName(), permission.getObjId()) + "," + GlobalIds.POBJ_NAME + "=" + permission.getObjName() + "," + getRootDn(permission.isAdmin(), permission.getContextId());
        try {
            try {
                ldapConnection = getAdminConnection();
                deleteRecursive(ldapConnection, str, permission);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.PERM_DELETE_FAILED, "deleteOperation objName [" + permission.getObjName() + "] opName [" + permission.getOpName() + "] caught LdapException=" + e.getMessage(), e);
            } catch (CursorException e2) {
                throw new RemoveException(GlobalErrIds.PERM_DELETE_FAILED, "deleteOperation objName [" + permission.getObjName() + "] opName [" + permission.getOpName() + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deleteAttributeSet(PermissionAttributeSet permissionAttributeSet) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permissionAttributeSet, permissionAttributeSet.getContextId());
        try {
            try {
                try {
                    ldapConnection = getAdminConnection();
                    deleteRecursive(ldapConnection, dn, permissionAttributeSet);
                    closeAdminConnection(ldapConnection);
                } catch (CursorException e) {
                    throw new RemoveException(GlobalErrIds.PERM_ATTRIBUTE_SET_DELETE_FAILED, "deleteAttributeSet name [" + permissionAttributeSet.getName() + "]  caught LdapException=" + e.getMessage(), e);
                }
            } catch (LdapException e2) {
                throw new RemoveException(GlobalErrIds.PERM_ATTRIBUTE_SET_DELETE_FAILED, "deleteAttributeSet name [" + permissionAttributeSet.getName() + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deletePermissionAttribute(PermissionAttribute permissionAttribute, String str) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permissionAttribute, str, permissionAttribute.getContextId());
        try {
            try {
                ldapConnection = getAdminConnection();
                delete(ldapConnection, dn);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.PERM_ATTRIBUTE_DELETE_FAILED, "deletePermission name [" + permissionAttribute.getAttributeName() + "] set [" + str + "] caught LdapException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void grant(Permission permission, Role role) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, ROLES, new String[]{role.getName()}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, permission);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchObjectException e) {
                throw new UpdateException(GlobalErrIds.PERM_OP_NOT_FOUND, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] role [" + role.getName() + "] perm not found, Fortress rc=" + GlobalErrIds.PERM_OP_NOT_FOUND);
            } catch (LdapAttributeInUseException e2) {
                throw new UpdateException(GlobalErrIds.PERM_ROLE_EXIST, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] role [" + role.getName() + "] assignment already exists, Fortress rc=" + GlobalErrIds.PERM_ROLE_EXIST);
            } catch (LdapException e3) {
                throw new UpdateException(GlobalErrIds.PERM_GRANT_FAILED, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] name [" + role.getName() + "]  caught LdapException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void revoke(Permission permission, Role role) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, ROLES, new String[]{role.getName()}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, permission);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchAttributeException e) {
                throw new FinderException(GlobalErrIds.PERM_ROLE_NOT_EXIST, "revoke perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] name [" + role.getName() + "] assignment does not exist.");
            } catch (LdapException e2) {
                throw new UpdateException(3024, "revoke perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] name [" + role.getName() + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void grant(Permission permission, User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, USERS, new String[]{user.getUserId()}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, permission);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchObjectException e) {
                throw new UpdateException(GlobalErrIds.PERM_OP_NOT_FOUND, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] userId [" + user.getUserId() + "] perm not found, Fortress rc=" + GlobalErrIds.PERM_OP_NOT_FOUND);
            } catch (LdapAttributeInUseException e2) {
                throw new UpdateException(GlobalErrIds.PERM_USER_EXIST, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] userId [" + user.getUserId() + "] assignment already exists, Fortress rc=" + GlobalErrIds.PERM_USER_EXIST);
            } catch (LdapException e3) {
                throw new UpdateException(GlobalErrIds.PERM_GRANT_USER_FAILED, "grant perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] userId [" + user.getUserId() + "] caught LdapException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void revoke(Permission permission, User user) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(permission, permission.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, USERS, new String[]{user.getUserId()}));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, permission);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchAttributeException e) {
                throw new FinderException(GlobalErrIds.PERM_USER_NOT_EXIST, "revoke perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] userId [" + user.getUserId() + "] assignment does not exist.");
            } catch (LdapException e2) {
                throw new UpdateException(3024, "revoke perm object [" + permission.getObjName() + "] operation [" + permission.getOpName() + "] userId [" + user.getUserId() + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Permission getPerm(Permission permission) throws FinderException {
        String str = getOpRdn(permission.getOpName(), permission.getObjId()) + "," + GlobalIds.POBJ_NAME + "=" + permission.getObjName() + "," + getRootDn(permission.isAdmin(), permission.getContextId());
        try {
            try {
                LdapConnection adminConnection = getAdminConnection();
                Entry read = read(adminConnection, str, PERMISSION_OP_ATRS);
                if (read == null) {
                    throw new FinderException(GlobalErrIds.PERM_OP_NOT_FOUND, "getPerm no entry found dn [" + str + "]");
                }
                Permission unloadPopLdapEntry = unloadPopLdapEntry(read, 0L, permission.isAdmin());
                closeAdminConnection(adminConnection);
                return unloadPopLdapEntry;
            } catch (LdapNoSuchObjectException e) {
                throw new FinderException(GlobalErrIds.PERM_OP_NOT_FOUND, "getPerm Op COULD NOT FIND ENTRY for dn [" + str + "]");
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_READ_OP_FAILED, "getUser [" + str + "] caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermObj getPerm(PermObj permObj) throws FinderException {
        String str = "ftObjNm=" + permObj.getObjName() + "," + getRootDn(permObj.isAdmin(), permObj.getContextId());
        try {
            try {
                try {
                    LdapConnection adminConnection = getAdminConnection();
                    Entry read = read(adminConnection, str, PERMISION_OBJ_ATRS);
                    if (read == null) {
                        throw new FinderException(GlobalErrIds.PERM_OBJ_NOT_FOUND, "getPerm Obj no entry found dn [" + str + "]");
                    }
                    PermObj unloadPobjLdapEntry = unloadPobjLdapEntry(read, 0L, permObj.isAdmin());
                    closeAdminConnection(adminConnection);
                    return unloadPobjLdapEntry;
                } catch (LdapException e) {
                    throw new FinderException(GlobalErrIds.PERM_READ_OBJ_FAILED, "getPerm Obj dn [" + str + "] caught LdapException=" + e.getMessage(), e);
                }
            } catch (LdapNoSuchObjectException e2) {
                throw new FinderException(GlobalErrIds.PERM_OBJ_NOT_FOUND, "getPerm Obj COULD NOT FIND ENTRY for dn [" + str + "]");
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PermissionAttributeSet getPermAttributeSet(PermissionAttributeSet permissionAttributeSet) throws FinderException {
        String dn = getDn(permissionAttributeSet, permissionAttributeSet.getContextId());
        try {
            try {
                try {
                    LdapConnection adminConnection = getAdminConnection();
                    Entry read = read(adminConnection, dn, PERMISION_ATTRIBUTE_SET_ATRS);
                    if (read == null) {
                        throw new FinderException(GlobalErrIds.PERM_ATTRIBUTE_SET_NOT_FOUND, "getPermAttributeSet no entry found dn [" + dn + "]");
                    }
                    PermissionAttributeSet unloadPASetLdapEntry = unloadPASetLdapEntry(read, 0L);
                    unloadPASetLdapEntry.setAttributes(findPermissionAttributes(unloadPASetLdapEntry));
                    closeAdminConnection(adminConnection);
                    return unloadPASetLdapEntry;
                } catch (LdapException e) {
                    throw new FinderException(GlobalErrIds.PERM_ATTRIBUTE_SET_NOT_FOUND, "getPermAttributeSet dn [" + dn + "] caught LdapException=" + e.getMessage(), e);
                }
            } catch (LdapNoSuchObjectException e2) {
                throw new FinderException(GlobalErrIds.PERM_ATTRIBUTE_SET_NOT_FOUND, "getPermAttributeSet COULD NOT FIND ENTRY for dn [" + dn + "]");
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    Set<PermissionAttribute> findPermissionAttributes(PermissionAttributeSet permissionAttributeSet) throws FinderException {
        HashSet hashSet = new HashSet();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(permissionAttributeSet.getContextId());
        try {
            try {
                try {
                    String encodeSafeText = encodeSafeText(permissionAttributeSet.getName(), 100);
                    ldapConnection = getAdminConnection();
                    SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + "ftAttribute)(ftPASet=" + encodeSafeText + "))", PERMISION_ATTRIBUTE_ATRS, false, 1000);
                    long j = 0L;
                    while (search.next()) {
                        search.getEntry();
                        ?? r3 = j;
                        j = r3 + 1;
                        hashSet.add(unloadPALdapEntry(r3, r3));
                    }
                    closeAdminConnection(ldapConnection);
                    return hashSet;
                } catch (LdapException e) {
                    throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissionAttributes caught LdapException=" + e.getMessage(), e);
                }
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissionAttributes caught CursorException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean checkPermission(Session session, Permission permission) throws FinderException {
        LdapConnection adminConnection;
        Entry read;
        boolean z = false;
        String str = getOpRdn(permission.getOpName(), permission.getObjId()) + "," + GlobalIds.POBJ_NAME + "=" + permission.getObjName() + "," + getRootDn(permission.isAdmin(), permission.getContextId());
        try {
            try {
                adminConnection = getAdminConnection();
                read = read(adminConnection, str, PERMISSION_OP_ATRS);
            } catch (LdapException e) {
                if (!(e instanceof LdapNoSuchObjectException)) {
                    throw new FinderException(GlobalErrIds.PERM_READ_OP_FAILED, "checkPermission caught LdapException=" + e.getMessage(), e);
                }
                if (!session.isGroupSession()) {
                    addAuthZAudit(null, str, session.getUser().getDn(), "AuthZ Invalid");
                }
                closeAdminConnection(null);
            }
            if (read == null) {
                throw new FinderException(GlobalErrIds.PERM_NOT_EXIST, "checkPermission DOES NOT EXIST : obj name [" + permission.getObjName() + "], obj id [" + permission.getObjId() + "], op name [" + permission.getOpName() + "], idAdmin [" + permission.isAdmin() + "]");
            }
            Permission unloadPopLdapEntry = unloadPopLdapEntry(read, 0L, permission.isAdmin());
            unloadPopLdapEntry.setAdmin(permission.isAdmin());
            unloadPopLdapEntry.setContextId(permission.getContextId());
            z = isAuthorized(session, unloadPopLdapEntry);
            String opName = z ? unloadPopLdapEntry.getOpName() : unloadPopLdapEntry.getOpName() + GlobalIds.FAILED_AUTHZ_INDICATOR;
            if (!session.isGroupSession()) {
                addAuthZAudit(adminConnection, str, session.getUser().getDn(), opName);
            }
            closeAdminConnection(adminConnection);
            return z;
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    private void addAuthZAudit(LdapConnection ldapConnection, String str, String str2, String str3) throws FinderException {
        if (!Config.getInstance().isOpenldap() || Config.getInstance().isAuditDisabled()) {
            return;
        }
        try {
            compareNode(ldapConnection, str, str2, new DefaultAttribute(GlobalIds.POP_NAME, new String[]{str3}));
        } catch (LdapException e) {
            if (!(e instanceof LdapNoSuchObjectException)) {
                throw new FinderException(GlobalErrIds.PERM_COMPARE_OP_FAILED, "addAuthZAudit caught LdapException=" + e.getMessage(), e);
            }
        } catch (UnsupportedEncodingException e2) {
            throw new FinderException(GlobalErrIds.PERM_COMPARE_OP_FAILED, "addAuthZAudit caught UnsupportedEncodingException=" + e2.getMessage(), e2);
        }
    }

    private boolean isAuthorized(Session session, Permission permission) {
        boolean z = false;
        Set<String> users = permission.getUsers();
        if (!session.isGroupSession() && CollectionUtils.isNotEmpty(users) && users.contains(session.getUserId())) {
            return true;
        }
        Set<String> roles = permission.getRoles();
        if (CollectionUtils.isNotEmpty(roles)) {
            if (permission.isAdmin()) {
                Set<String> inheritedRoles = AdminRoleUtil.getInheritedRoles(session.getAdminRoles(), permission.getContextId());
                Iterator<String> it = roles.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (inheritedRoles.contains(it.next())) {
                        z = true;
                        break;
                    }
                }
            } else {
                Set<String> inheritedRoles2 = RoleUtil.getInstance().getInheritedRoles(session.getRoles(), permission.getContextId());
                Iterator<String> it2 = roles.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    if (inheritedRoles2.contains(it2.next())) {
                        z = true;
                        break;
                    }
                }
            }
        }
        return z;
    }

    private Permission unloadPopLdapEntry(Entry entry, long j, boolean z) throws LdapInvalidAttributeValueException {
        Permission createPermission = new ObjectFactory().createPermission();
        createPermission.setSequenceId(j);
        createPermission.setAbstractName(getAttribute(entry, PERM_NAME));
        createPermission.setObjName(getAttribute(entry, GlobalIds.POBJ_NAME));
        createPermission.setObjId(getAttribute(entry, GlobalIds.POBJ_ID));
        createPermission.setOpName(getAttribute(entry, GlobalIds.POP_NAME));
        createPermission.setInternalId(getAttribute(entry, GlobalIds.FT_IID));
        createPermission.setRoles(getAttributeSet(entry, ROLES));
        createPermission.setUsers(getAttributeSet(entry, USERS));
        createPermission.setType(getAttribute(entry, GlobalIds.TYPE));
        createPermission.setDescription(getAttribute(entry, "description"));
        createPermission.addProperties(PropUtil.getProperties(getAttributes(entry, GlobalIds.PROPS)));
        createPermission.setAdmin(z);
        createPermission.setPaSets(getAttributeSet(entry, "ftPASet"));
        if (entry != null) {
            createPermission.setDn(entry.getDn().getNormName());
        }
        return createPermission;
    }

    private PermObj unloadPobjLdapEntry(Entry entry, long j, boolean z) throws LdapInvalidAttributeValueException {
        PermObj createPermObj = new ObjectFactory().createPermObj();
        createPermObj.setSequenceId(j);
        createPermObj.setObjName(getAttribute(entry, GlobalIds.POBJ_NAME));
        createPermObj.setOu(getAttribute(entry, "ou"));
        createPermObj.setDn(entry.getDn().getName());
        createPermObj.setInternalId(getAttribute(entry, GlobalIds.FT_IID));
        createPermObj.setType(getAttribute(entry, GlobalIds.TYPE));
        createPermObj.setDescription(getAttribute(entry, "description"));
        createPermObj.addProperties(PropUtil.getProperties(getAttributes(entry, GlobalIds.PROPS)));
        createPermObj.setAdmin(z);
        return createPermObj;
    }

    private PermissionAttributeSet unloadPASetLdapEntry(Entry entry, long j) throws LdapInvalidAttributeValueException {
        PermissionAttributeSet createPermissionAttributeSet = new ObjectFactory().createPermissionAttributeSet();
        createPermissionAttributeSet.setSequenceId(j);
        createPermissionAttributeSet.setName(getAttribute(entry, GlobalIds.POLICY_NODE_TYPE));
        createPermissionAttributeSet.setDn(entry.getDn().getName());
        createPermissionAttributeSet.setInternalId(getAttribute(entry, GlobalIds.FT_IID));
        createPermissionAttributeSet.setDescription(getAttribute(entry, "description"));
        createPermissionAttributeSet.setType(getAttribute(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_SET_TYPE));
        return createPermissionAttributeSet;
    }

    private PermissionAttribute unloadPALdapEntry(Entry entry, long j) throws LdapInvalidAttributeValueException {
        PermissionAttribute createPermissionAttribute = new ObjectFactory().createPermissionAttribute();
        createPermissionAttribute.setSequenceId(j);
        createPermissionAttribute.setAttributeName(getAttribute(entry, GlobalIds.POLICY_NODE_TYPE));
        createPermissionAttribute.setDn(entry.getDn().getName());
        createPermissionAttribute.setInternalId(getAttribute(entry, GlobalIds.FT_IID));
        createPermissionAttribute.setDescription(getAttribute(entry, "description"));
        createPermissionAttribute.setDataType(getAttribute(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_DATA_TYPE));
        createPermissionAttribute.setDefaultOperator(getAttribute(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_OPERATOR));
        createPermissionAttribute.setDefaultStrategy(getAttribute(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_STRATEGY));
        createPermissionAttribute.setDefaultValue(getAttribute(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_DEFAULT_VALUE));
        List<String> attributes = getAttributes(entry, GlobalIds.FT_PERMISSION_ATTRIBUTE_VALID_VALUES);
        if (attributes != null) {
            Iterator<String> it = attributes.iterator();
            while (it.hasNext()) {
                createPermissionAttribute.getValidValues().add(it.next());
            }
        }
        return createPermissionAttribute;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findPermissions(Permission permission) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(permission.isAdmin(), permission.getContextId());
        try {
            try {
                String encodeSafeText = encodeSafeText(permission.getObjName(), 100);
                String encodeSafeText2 = encodeSafeText(permission.getOpName(), 100);
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + PERM_OP_OBJECT_CLASS_NAME + ")(" + GlobalIds.POBJ_NAME + "=" + encodeSafeText + "*)(" + GlobalIds.POP_NAME + "=" + encodeSafeText2 + "*))", PERMISSION_OP_ATRS, false, 1000);
                long j = 0L;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, permission.isAdmin()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findPermissionOperations(PermObj permObj) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(permObj.isAdmin(), permObj.getContextId());
        try {
            try {
                String encodeSafeText = encodeSafeText(permObj.getObjName(), 100);
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + PERM_OP_OBJECT_CLASS_NAME + ")(" + GlobalIds.POBJ_NAME + "=" + encodeSafeText + "))", PERMISSION_OP_ATRS, false, 1000);
                long j = 0L;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, permObj.isAdmin()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findAnyPermissions(Permission permission) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(permission.isAdmin(), permission.getContextId());
        try {
            try {
                String encodeSafeText = encodeSafeText(permission.getObjName(), 100);
                String encodeSafeText2 = encodeSafeText(permission.getOpName(), 100);
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(PERM_OP_OBJECT_CLASS_NAME);
                sb.append(")(|");
                if (encodeSafeText != null && encodeSafeText != "") {
                    sb.append("(");
                    sb.append(GlobalIds.POBJ_NAME);
                    sb.append("=*");
                    sb.append(encodeSafeText);
                    sb.append("*)");
                }
                if (encodeSafeText2 != null && encodeSafeText2 != "") {
                    sb.append("(");
                    sb.append(GlobalIds.POP_NAME);
                    sb.append("=*");
                    sb.append(encodeSafeText2);
                    sb.append("*)");
                }
                sb.append("))");
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, sb.toString(), PERMISSION_OP_ATRS, false, 1000);
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, permission.isAdmin()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findAnyPermissions caught LdapException=" + e.getMessage(), e);
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findAnyPermissions caught CursorException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<PermObj> findPermissions(PermObj permObj) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(permObj.isAdmin(), permObj.getContextId());
        try {
            try {
                String encodeSafeText = encodeSafeText(permObj.getObjName(), 100);
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + PERM_OBJ_OBJECT_CLASS_NAME + ")(" + GlobalIds.POBJ_NAME + "=" + encodeSafeText + "*))", PERMISION_OBJ_ATRS, false, 1000);
                long j = 0L;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPobjLdapEntry(r3, r3, permObj.isAdmin()));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<PermObj> findPermissions(OrgUnit orgUnit, boolean z) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(orgUnit.getContextId(), GlobalIds.PERM_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(orgUnit.getName(), 40);
                int i = z ? 10 : 0;
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + PERM_OBJ_OBJECT_CLASS_NAME + ")(ou=" + encodeSafeText + "*))", PERMISION_OBJ_ATRS, false, i);
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPobjLdapEntry(r3, r3, false));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_SEARCH_FAILED, "findPermissions caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findPermissions(Role role, boolean z) throws FinderException {
        String rootDn;
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        boolean z2 = false;
        if (role.getClass().equals(AdminRole.class)) {
            rootDn = getRootDn(role.getContextId(), GlobalIds.ADMIN_PERM_ROOT);
            z2 = true;
        } else {
            rootDn = getRootDn(role.getContextId(), GlobalIds.PERM_ROOT);
        }
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(PERM_OP_OBJECT_CLASS_NAME);
                sb.append(")(");
                Set<String> ascendants = z ? null : role.getClass().equals(AdminRole.class) ? AdminRoleUtil.getAscendants(role.getName(), role.getContextId()) : RoleUtil.getInstance().getAscendants(role.getName(), role.getContextId());
                if (CollectionUtils.isNotEmpty(ascendants)) {
                    sb.append("|(");
                    sb.append(ROLES);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append(")");
                    for (String str : ascendants) {
                        sb.append("(");
                        sb.append(ROLES);
                        sb.append("=");
                        sb.append(str);
                        sb.append(")");
                    }
                    sb.append(")");
                } else {
                    sb.append(ROLES);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append(")");
                }
                sb.append(")");
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, sb.toString(), PERMISSION_OP_ATRS, false, 1000);
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, z2));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_ROLE_SEARCH_FAILED, "findPermissions caught CursorException=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_ROLE_SEARCH_FAILED, "findPermissions caught LdapException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findPermissions(User user) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(user.getContextId(), GlobalIds.PERM_ROOT);
        try {
            try {
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(PERM_OP_OBJECT_CLASS_NAME);
                sb.append(")(|");
                Set<String> inheritedRoles = RoleUtil.getInstance().getInheritedRoles(user.getRoles(), user.getContextId());
                if (CollectionUtils.isNotEmpty(inheritedRoles)) {
                    for (String str : inheritedRoles) {
                        sb.append("(");
                        sb.append(ROLES);
                        sb.append("=");
                        sb.append(str);
                        sb.append(")");
                    }
                }
                sb.append("(");
                sb.append(USERS);
                sb.append("=");
                sb.append(user.getUserId());
                sb.append(")))");
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, sb.toString(), PERMISSION_OP_ATRS, false, 1000);
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, false));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new FinderException(GlobalErrIds.PERM_USER_SEARCH_FAILED, "findPermissions user [" + user.getUserId() + "] caught LdapException in PermDAO.findPermissions=" + e.getMessage(), e);
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.PERM_USER_SEARCH_FAILED, "findPermissions user [" + user.getUserId() + "] caught CursorException in PermDAO.findPermissions=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findUserPermissions(User user) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(user.getContextId(), GlobalIds.PERM_ROOT);
        try {
            try {
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, GlobalIds.FILTER_PREFIX + PERM_OP_OBJECT_CLASS_NAME + ")(" + USERS + "=" + user.getUserId() + "))", PERMISSION_OP_ATRS, false, 1000);
                long j = 0L;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, false));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new FinderException(GlobalErrIds.PERM_USER_SEARCH_FAILED, "findUserPermissions user [" + user.getUserId() + "] caught LdapException in PermDAO.findPermissions=" + e.getMessage(), e);
            } catch (CursorException e2) {
                throw new FinderException(GlobalErrIds.PERM_USER_SEARCH_FAILED, "findUserPermissions user [" + user.getUserId() + "] caught CursorException in PermDAO.findPermissions=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<Permission> findPermissions(Session session, boolean z) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LdapConnection ldapConnection = null;
        String rootDn = getRootDn(z, session.getContextId());
        try {
            try {
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(PERM_OP_OBJECT_CLASS_NAME);
                sb.append(")(|");
                if (!session.isGroupSession()) {
                    sb.append("(");
                    sb.append(USERS);
                    sb.append("=");
                    sb.append(session.getUserId());
                    sb.append(")");
                }
                Set<String> inheritedRoles = z ? AdminRoleUtil.getInheritedRoles(session.getAdminRoles(), session.getContextId()) : RoleUtil.getInstance().getInheritedRoles(session.getRoles(), session.getContextId());
                if (CollectionUtils.isNotEmpty(inheritedRoles)) {
                    for (String str : inheritedRoles) {
                        sb.append("(");
                        sb.append(ROLES);
                        sb.append("=");
                        sb.append(str);
                        sb.append(")");
                    }
                }
                sb.append("))");
                ldapConnection = getAdminConnection();
                SearchCursor search = search(ldapConnection, rootDn, SearchScope.SUBTREE, sb.toString(), PERMISSION_OP_ATRS, false, 1000);
                long j = 0;
                while (search.next()) {
                    search.getEntry();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadPopLdapEntry(r3, r3, z));
                }
                closeAdminConnection(ldapConnection);
                return arrayList;
            } catch (CursorException e) {
                throw new FinderException(GlobalErrIds.PERM_SESS_SEARCH_FAILED, "findPermissions user [" + session.getUserId() + "] caught CursorException in PermDAO.findPermissions=" + e.getMessage(), e);
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.PERM_SESS_SEARCH_FAILED, "findPermissions user [" + session.getUserId() + "] caught LdapException in PermDAO.findPermissions=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getOpRdn(String str, String str2) {
        return (str2 == null || str2.length() <= 0) ? "ftOpNm=" + str : "ftOpNm=" + str + "+" + GlobalIds.POBJ_ID + "=" + str2;
    }

    private String getDn(Permission permission, String str) {
        return getOpRdn(permission.getOpName(), permission.getObjId()) + "," + GlobalIds.POBJ_NAME + "=" + permission.getObjName() + "," + getRootDn(permission.isAdmin(), str);
    }

    private String getDn(PermObj permObj, String str) {
        return "ftObjNm=" + permObj.getObjName() + "," + getRootDn(permObj.isAdmin(), str);
    }

    private String getDn(PermissionAttributeSet permissionAttributeSet, String str) {
        return "ou=" + permissionAttributeSet.getName() + "," + getRootDn(str, GlobalIds.SD_ROOT);
    }

    private String getDn(PermissionAttribute permissionAttribute, String str, String str2) {
        return "ftPA=" + permissionAttribute.getAttributeName() + ",ou=" + str + "," + getRootDn(str2, GlobalIds.SD_ROOT);
    }

    private String getRootDn(boolean z, String str) {
        return z ? getRootDn(str, GlobalIds.ADMIN_PERM_ROOT) : getRootDn(str, GlobalIds.PERM_ROOT);
    }
}
