package org.apache.directory.server.core.operational;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.directory.server.constants.ApacheSchemaConstants;
import org.apache.directory.server.constants.ServerDNConstants;
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.entry.ClonedServerEntry;
import org.apache.directory.server.core.entry.DefaultServerAttribute;
import org.apache.directory.server.core.entry.DefaultServerEntry;
import org.apache.directory.server.core.entry.ServerEntry;
import org.apache.directory.server.core.entry.ServerModification;
import org.apache.directory.server.core.filtering.EntryFilter;
import org.apache.directory.server.core.filtering.EntryFilteringCursor;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
import org.apache.directory.server.core.interceptor.context.AddOperationContext;
import org.apache.directory.server.core.interceptor.context.ListOperationContext;
import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.interceptor.context.SearchingOperationContext;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
import org.apache.directory.shared.ldap.entry.ModificationOperation;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.AttributeTypeAndValue;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.name.Rdn;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.UsageEnum;
import org.apache.directory.shared.ldap.util.DateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:resources/libs/apacheds-1.5.3/apacheds-core-1.5.3.jar:org/apache/directory/server/core/operational/OperationalAttributeInterceptor.class
 */
/* loaded from: input_file:resources/libs/apacheds-1.5.4/apacheds-core-1.5.4.jar:org/apache/directory/server/core/operational/OperationalAttributeInterceptor.class */
public class OperationalAttributeInterceptor extends BaseInterceptor {
    private static Logger LOG = LoggerFactory.getLogger(OperationalAttributeInterceptor.class);
    private final EntryFilter DENORMALIZING_SEARCH_FILTER = new EntryFilter() { // from class: org.apache.directory.server.core.operational.OperationalAttributeInterceptor.1
        @Override // org.apache.directory.server.core.filtering.EntryFilter
        public boolean accept(SearchingOperationContext searchingOperationContext, ClonedServerEntry clonedServerEntry) throws Exception {
            if (searchingOperationContext.getSearchControls().getReturningAttributes() == null) {
                return true;
            }
            return OperationalAttributeInterceptor.this.filterDenormalized(clonedServerEntry);
        }
    };
    private final EntryFilter SEARCH_FILTER = new EntryFilter() { // from class: org.apache.directory.server.core.operational.OperationalAttributeInterceptor.2
        @Override // org.apache.directory.server.core.filtering.EntryFilter
        public boolean accept(SearchingOperationContext searchingOperationContext, ClonedServerEntry clonedServerEntry) throws Exception {
            return searchingOperationContext.getSearchControls().getReturningAttributes() != null || OperationalAttributeInterceptor.this.filterOperationalAttributes(clonedServerEntry);
        }
    };
    private AttributeTypeRegistry atRegistry;
    private DirectoryService service;
    private LdapDN subschemaSubentryDn;
    private Registries registries;
    private static AttributeType CREATE_TIMESTAMP_ATTRIBUTE_TYPE;

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void init(DirectoryService directoryService) throws Exception {
        this.service = directoryService;
        this.registries = directoryService.getRegistries();
        this.atRegistry = this.registries.getAttributeTypeRegistry();
        this.subschemaSubentryDn = new LdapDN((String) this.service.getPartitionNexus().getRootDSE(null).get(SchemaConstants.SUBSCHEMA_SUBENTRY_AT).get().get());
        this.subschemaSubentryDn.normalize(this.atRegistry.getNormalizerMapping());
        CREATE_TIMESTAMP_ATTRIBUTE_TYPE = this.atRegistry.lookup(SchemaConstants.CREATE_TIMESTAMP_AT);
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void destroy() {
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void add(NextInterceptor nextInterceptor, AddOperationContext addOperationContext) throws Exception {
        String name = getPrincipal().getName();
        ClonedServerEntry entry = addOperationContext.getEntry();
        entry.put(SchemaConstants.CREATORS_NAME_AT, name);
        if (!addOperationContext.getEntry().contains(new DefaultServerAttribute(CREATE_TIMESTAMP_ATTRIBUTE_TYPE))) {
            entry.put(SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime());
        } else {
            if (!addOperationContext.getSession().getAuthenticatedPrincipal().getName().equals(ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED)) {
                LOG.error("The CreateTimeStamp attribute cannot be created by a user");
                throw new LdapSchemaViolationException("The CreateTimeStamp attribute cannot be created by a user", ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS);
            }
            entry.put(SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime());
        }
        nextInterceptor.add(addOperationContext);
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void modify(NextInterceptor nextInterceptor, ModifyOperationContext modifyOperationContext) throws Exception {
        nextInterceptor.modify(modifyOperationContext);
        if (modifyOperationContext.getDn().getNormName().equals(this.subschemaSubentryDn.getNormName())) {
            return;
        }
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new ServerModification(ModificationOperation.REPLACE_ATTRIBUTE, new DefaultServerAttribute(SchemaConstants.MODIFIERS_NAME_AT, this.atRegistry.lookup(SchemaConstants.MODIFIERS_NAME_AT), getPrincipal().getName())));
        arrayList.add(new ServerModification(ModificationOperation.REPLACE_ATTRIBUTE, new DefaultServerAttribute(SchemaConstants.MODIFY_TIMESTAMP_AT, this.atRegistry.lookup(SchemaConstants.MODIFY_TIMESTAMP_AT), DateUtils.getGeneralizedTime())));
        this.service.getPartitionNexus().modify(new ModifyOperationContext(modifyOperationContext.getSession(), modifyOperationContext.getDn(), arrayList));
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void rename(NextInterceptor nextInterceptor, RenameOperationContext renameOperationContext) throws Exception {
        nextInterceptor.rename(renameOperationContext);
        DefaultServerEntry defaultServerEntry = new DefaultServerEntry(this.registries, renameOperationContext.getDn());
        defaultServerEntry.put(SchemaConstants.MODIFIERS_NAME_AT, getPrincipal().getName());
        defaultServerEntry.put(SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime());
        LdapDN ldapDN = (LdapDN) renameOperationContext.getDn().clone();
        ldapDN.remove(renameOperationContext.getDn().size() - 1);
        ldapDN.add(renameOperationContext.getNewRdn());
        ldapDN.normalize(this.atRegistry.getNormalizerMapping());
        this.service.getPartitionNexus().modify(new ModifyOperationContext(renameOperationContext.getSession(), ldapDN, ModifyOperationContext.createModItems(defaultServerEntry, ModificationOperation.REPLACE_ATTRIBUTE)));
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void move(NextInterceptor nextInterceptor, MoveOperationContext moveOperationContext) throws Exception {
        nextInterceptor.move(moveOperationContext);
        DefaultServerEntry defaultServerEntry = new DefaultServerEntry(this.registries, moveOperationContext.getDn());
        defaultServerEntry.put(SchemaConstants.MODIFIERS_NAME_AT, getPrincipal().getName());
        defaultServerEntry.put(SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime());
        this.service.getPartitionNexus().modify(new ModifyOperationContext(moveOperationContext.getSession(), moveOperationContext.getParent(), ModifyOperationContext.createModItems(defaultServerEntry, ModificationOperation.REPLACE_ATTRIBUTE)));
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public void moveAndRename(NextInterceptor nextInterceptor, MoveAndRenameOperationContext moveAndRenameOperationContext) throws Exception {
        nextInterceptor.moveAndRename(moveAndRenameOperationContext);
        DefaultServerEntry defaultServerEntry = new DefaultServerEntry(this.registries, moveAndRenameOperationContext.getDn());
        defaultServerEntry.put(SchemaConstants.MODIFIERS_NAME_AT, getPrincipal().getName());
        defaultServerEntry.put(SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime());
        this.service.getPartitionNexus().modify(new ModifyOperationContext(moveAndRenameOperationContext.getSession(), moveAndRenameOperationContext.getParent(), ModifyOperationContext.createModItems(defaultServerEntry, ModificationOperation.REPLACE_ATTRIBUTE)));
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public ClonedServerEntry lookup(NextInterceptor nextInterceptor, LookupOperationContext lookupOperationContext) throws Exception {
        ClonedServerEntry lookup = nextInterceptor.lookup(lookupOperationContext);
        if (lookup == null) {
            return null;
        }
        if (lookupOperationContext.getAttrsId() == null) {
            filterOperationalAttributes(lookup);
        } else {
            filter(lookupOperationContext, lookup);
        }
        return lookup;
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public EntryFilteringCursor list(NextInterceptor nextInterceptor, ListOperationContext listOperationContext) throws Exception {
        EntryFilteringCursor list = nextInterceptor.list(listOperationContext);
        list.addEntryFilter(this.SEARCH_FILTER);
        return list;
    }

    @Override // org.apache.directory.server.core.interceptor.BaseInterceptor, org.apache.directory.server.core.interceptor.Interceptor
    public EntryFilteringCursor search(NextInterceptor nextInterceptor, SearchOperationContext searchOperationContext) throws Exception {
        EntryFilteringCursor search = nextInterceptor.search(searchOperationContext);
        if (!searchOperationContext.isAllOperationalAttributes() && (searchOperationContext.getReturningAttributes() == null || searchOperationContext.getReturningAttributes().isEmpty())) {
            search.addEntryFilter(this.SEARCH_FILTER);
            return search;
        }
        if (this.service.isDenormalizeOpAttrsEnabled()) {
            search.addEntryFilter(this.DENORMALIZING_SEARCH_FILTER);
        }
        return search;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean filterOperationalAttributes(ServerEntry serverEntry) throws Exception {
        HashSet hashSet = new HashSet();
        for (AttributeType attributeType : serverEntry.getAttributeTypes()) {
            if (attributeType.getUsage() != UsageEnum.USER_APPLICATIONS) {
                hashSet.add(attributeType);
            }
        }
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            serverEntry.removeAttributes((AttributeType) it.next());
        }
        return true;
    }

    private void filter(LookupOperationContext lookupOperationContext, ServerEntry serverEntry) throws Exception {
        LdapDN dn = lookupOperationContext.getDn();
        List<String> attrsId = lookupOperationContext.getAttrsId();
        if (attrsId == null || attrsId.isEmpty()) {
            filterOperationalAttributes(serverEntry);
            return;
        }
        Set<AttributeType> attributeTypes = serverEntry.getAttributeTypes();
        if (dn.size() == 0) {
            for (AttributeType attributeType : attributeTypes) {
                if (!attrsId.contains(attributeType.getOid())) {
                    serverEntry.removeAttributes(attributeType);
                }
            }
        }
        denormalizeEntryOpAttrs(serverEntry);
    }

    public void denormalizeEntryOpAttrs(ServerEntry serverEntry) throws Exception {
        if (this.service.isDenormalizeOpAttrsEnabled()) {
            EntryAttribute entryAttribute = serverEntry.get(SchemaConstants.CREATORS_NAME_AT);
            if (entryAttribute != null) {
                LdapDN ldapDN = new LdapDN(entryAttribute.getString());
                entryAttribute.clear();
                entryAttribute.add(denormalizeTypes(ldapDN).getUpName());
            }
            EntryAttribute entryAttribute2 = serverEntry.get(SchemaConstants.MODIFIERS_NAME_AT);
            if (entryAttribute2 != null) {
                LdapDN ldapDN2 = new LdapDN(entryAttribute2.getString());
                entryAttribute2.clear();
                entryAttribute2.add(denormalizeTypes(ldapDN2).getUpName());
            }
            EntryAttribute entryAttribute3 = serverEntry.get(ApacheSchemaConstants.SCHEMA_MODIFIERS_NAME_AT);
            if (entryAttribute3 != null) {
                LdapDN ldapDN3 = new LdapDN(entryAttribute3.getString());
                entryAttribute3.clear();
                entryAttribute3.add(denormalizeTypes(ldapDN3).getUpName());
            }
        }
    }

    public LdapDN denormalizeTypes(LdapDN ldapDN) throws Exception {
        LdapDN ldapDN2 = new LdapDN();
        for (int i = 0; i < ldapDN.size(); i++) {
            Rdn rdn = ldapDN.getRdn(i);
            if (rdn.size() == 0) {
                ldapDN2.add(new Rdn());
            } else if (rdn.size() == 1) {
                String name = this.atRegistry.lookup(rdn.getNormType()).getName();
                String str = (String) rdn.getAtav().getNormValue();
                ldapDN2.add(new Rdn(name, name, str, str));
            } else {
                StringBuffer stringBuffer = new StringBuffer();
                Iterator<AttributeTypeAndValue> it = rdn.iterator();
                while (it.hasNext()) {
                    stringBuffer.append(this.atRegistry.lookup(rdn.getNormType()).getName()).append('=').append(it.next().getNormValue());
                    if (it.hasNext()) {
                        stringBuffer.append('+');
                    }
                }
                ldapDN2.add(new Rdn(stringBuffer.toString()));
            }
        }
        return ldapDN2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean filterDenormalized(ServerEntry serverEntry) throws Exception {
        denormalizeEntryOpAttrs(serverEntry);
        return true;
    }
}
