package org.apache.jetspeed.security.spi.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.naming.NamingException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.BasePrincipal;
import org.apache.jetspeed.security.RolePrincipal;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.impl.RolePrincipalImpl;
import org.apache.jetspeed.security.spi.RoleSecurityHandler;
import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao;
import org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl;

/* loaded from: input_file:portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.1.3.jar:org/apache/jetspeed/security/spi/impl/LdapRoleSecurityHandler.class */
public class LdapRoleSecurityHandler implements RoleSecurityHandler {
    private static final Log logger;
    private LdapPrincipalDao ldap;
    static Class class$org$apache$jetspeed$security$spi$impl$LdapRoleSecurityHandler;

    public LdapRoleSecurityHandler(LdapPrincipalDao ldapPrincipalDao) {
        this.ldap = ldapPrincipalDao;
    }

    public LdapRoleSecurityHandler() throws NamingException, SecurityException {
        this(new LdapRoleDaoImpl());
    }

    @Override // org.apache.jetspeed.security.spi.RoleSecurityHandler
    public RolePrincipal getRolePrincipal(String str) {
        String convertUidToLdapAcceptableName = this.ldap.convertUidToLdapAcceptableName(str);
        verifyRoleId(convertUidToLdapAcceptableName);
        try {
            if (StringUtils.isEmpty(this.ldap.lookupByUid(convertUidToLdapAcceptableName))) {
                return null;
            }
            return new RolePrincipalImpl(str);
        } catch (SecurityException e) {
            logSecurityException(e, str);
            return null;
        }
    }

    @Override // org.apache.jetspeed.security.spi.RoleSecurityHandler
    public void setRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
        verifyRolePrincipal(rolePrincipal);
        String convertUidToLdapAcceptableName = this.ldap.convertUidToLdapAcceptableName(rolePrincipal.getFullPath());
        if (getRolePrincipal(convertUidToLdapAcceptableName) == null) {
            this.ldap.create(convertUidToLdapAcceptableName);
        }
    }

    @Override // org.apache.jetspeed.security.spi.RoleSecurityHandler
    public void removeRolePrincipal(RolePrincipal rolePrincipal) throws SecurityException {
        verifyRolePrincipal(rolePrincipal);
        this.ldap.delete(this.ldap.convertUidToLdapAcceptableName(rolePrincipal.getFullPath()));
    }

    @Override // org.apache.jetspeed.security.spi.RoleSecurityHandler
    public List getRolePrincipals(String str) {
        try {
            return Arrays.asList(this.ldap.find(str, BasePrincipal.PREFS_ROLE_ROOT));
        } catch (SecurityException e) {
            logSecurityException(e, str);
            return new ArrayList();
        }
    }

    private void verifyRoleId(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new IllegalArgumentException("The roleId cannot be null or empty.");
        }
    }

    private void logSecurityException(SecurityException securityException, String str) {
        if (logger.isErrorEnabled()) {
            logger.error(new StringBuffer().append("An LDAP error has occurred for groupId:").append(str).toString(), securityException);
        }
    }

    private void verifyRolePrincipal(RolePrincipal rolePrincipal) {
        if (rolePrincipal == null) {
            throw new IllegalArgumentException("The RolePrincipal cannot be null or empty.");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$jetspeed$security$spi$impl$LdapRoleSecurityHandler == null) {
            cls = class$("org.apache.jetspeed.security.spi.impl.LdapRoleSecurityHandler");
            class$org$apache$jetspeed$security$spi$impl$LdapRoleSecurityHandler = cls;
        } else {
            cls = class$org$apache$jetspeed$security$spi$impl$LdapRoleSecurityHandler;
        }
        logger = LogFactory.getLog(cls);
    }
}
