package us.jts.fortress.rbac;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.log4j.Logger;
import us.jts.fortress.AdminMgr;
import us.jts.fortress.GlobalErrIds;
import us.jts.fortress.GlobalIds;
import us.jts.fortress.SecurityException;
import us.jts.fortress.rbac.Hier;
import us.jts.fortress.rbac.SDSet;
import us.jts.fortress.util.attr.VUtil;
import us.jts.fortress.util.time.CUtil;

/* loaded from: input_file:us/jts/fortress/rbac/AdminMgrImpl.class */
public final class AdminMgrImpl extends Manageable implements AdminMgr {
    private static final String CLS_NM = AdminMgrImpl.class.getName();
    private static final AdminRoleP adminP = new AdminRoleP();
    private static final PermP permP = new PermP();
    private static final RoleP roleP = new RoleP();
    private static final SdP sdP = new SdP();
    private static final UserP userP = new UserP();
    private static final Logger log = Logger.getLogger(CLS_NM);

    AdminMgrImpl() {
    }

    @Override // us.jts.fortress.AdminMgr
    public User addUser(User user) throws SecurityException {
        assertContext(CLS_NM, "addUser", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "addUser", user);
        User add = userP.add(user);
        roleP.addOccupant(add.getRoles(), add.getDn(), user.getContextId());
        adminP.addOccupant(add.getAdminRoles(), add.getDn(), user.getContextId());
        return add;
    }

    @Override // us.jts.fortress.AdminMgr
    public void disableUser(User user) throws SecurityException {
        assertContext(CLS_NM, "disableUser", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "disableUser", user);
        String softDelete = userP.softDelete(user);
        userP.lock(user);
        permP.remove(user);
        roleP.removeOccupant(softDelete, this.contextId);
        adminP.removeOccupant(softDelete, user.getContextId());
    }

    @Override // us.jts.fortress.AdminMgr
    public void deleteUser(User user) throws SecurityException {
        assertContext(CLS_NM, "deleteUser", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "deleteUser", user);
        permP.remove(user);
        String delete = userP.delete(user);
        roleP.removeOccupant(delete, this.contextId);
        adminP.removeOccupant(delete, user.getContextId());
    }

    @Override // us.jts.fortress.AdminMgr
    public User updateUser(User user) throws SecurityException {
        assertContext(CLS_NM, "updateUser", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "updateUser", user);
        return userP.update(user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void changePassword(User user, char[] cArr) throws SecurityException {
        assertContext(CLS_NM, "changePassword", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "changePassword", user);
        VUtil.assertNotNullOrEmpty(cArr, GlobalErrIds.USER_PW_NULL, CLS_NM + "changePassword");
        userP.changePassword(user, cArr);
    }

    @Override // us.jts.fortress.AdminMgr
    public void lockUserAccount(User user) throws SecurityException {
        assertContext(CLS_NM, "lockUserAccount", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "lockUserAccount", user);
        userP.lock(user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void unlockUserAccount(User user) throws SecurityException {
        assertContext(CLS_NM, "unlockUserAccount", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "unlockUserAccount", user);
        userP.unlock(user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void resetPassword(User user, char[] cArr) throws SecurityException {
        assertContext(CLS_NM, "resetPassword", user, GlobalErrIds.USER_NULL);
        VUtil.assertNotNullOrEmpty(cArr, GlobalErrIds.USER_PW_NULL, CLS_NM + ".resetPassword");
        setEntitySession(CLS_NM, "resetPassword", user);
        user.setPassword(cArr);
        userP.resetPassword(user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deletePasswordPolicy(User user) throws SecurityException {
        assertContext(CLS_NM, "deletePasswordPolicy", user, GlobalErrIds.USER_NULL);
        setEntitySession(CLS_NM, "deletePasswordPolicy", user);
        userP.deletePwPolicy(user);
    }

    @Override // us.jts.fortress.AdminMgr
    public Role addRole(Role role) throws SecurityException {
        assertContext(CLS_NM, "addRole", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "addRole", role);
        return roleP.add(role);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deleteRole(Role role) throws SecurityException {
        assertContext(CLS_NM, "deleteRole", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "deleteRole", role);
        int numChildren = RoleUtil.numChildren(role.getName(), role.getContextId());
        if (numChildren > 0) {
            String str = CLS_NM + ".deleteRole role [" + role.getName() + "] must remove [" + numChildren + "] descendants before deletion";
            log.error(str);
            throw new SecurityException(GlobalErrIds.HIER_DEL_FAILED_HAS_CHILD, str, null);
        }
        List<User> assignedUsers = userP.getAssignedUsers(role);
        if (assignedUsers != null) {
            Iterator<User> it = assignedUsers.iterator();
            while (it.hasNext()) {
                UserRole userRole = new UserRole(it.next().getUserId(), role.getName());
                setAdminData(CLS_NM, "deleteRole", userRole);
                deassignUser(userRole);
            }
        }
        permP.remove(role);
        Set<String> parents = RoleUtil.getParents(role.getName(), this.contextId);
        if (parents != null) {
            Iterator<String> it2 = parents.iterator();
            while (it2.hasNext()) {
                RoleUtil.updateHier(this.contextId, new Relationship(role.getName().toUpperCase(), it2.next().toUpperCase()), Hier.Op.REM);
            }
        }
        roleP.delete(role);
    }

    @Override // us.jts.fortress.AdminMgr
    public Role updateRole(Role role) throws SecurityException {
        assertContext(CLS_NM, "updateRole", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "updateRole", role);
        return roleP.update(role);
    }

    @Override // us.jts.fortress.AdminMgr
    public void assignUser(UserRole userRole) throws SecurityException {
        assertContext(CLS_NM, "assignUser", userRole, GlobalErrIds.URLE_NULL);
        Role role = new Role(userRole.getName());
        role.setContextId(this.contextId);
        User user = new User(userRole.getUserId());
        user.setContextId(this.contextId);
        setEntitySession(CLS_NM, "assignUser", userRole);
        AdminUtil.canAssign(userRole.getAdminSession(), user, role, this.contextId);
        SDUtil.validateSSD(user, role);
        role.setContextId(this.contextId);
        CUtil.validateOrCopy(roleP.read(role), userRole);
        String assign = userP.assign(userRole);
        setAdminData(CLS_NM, "assignUser", role);
        roleP.assign(role, assign);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deassignUser(UserRole userRole) throws SecurityException {
        assertContext(CLS_NM, "deassignUser", userRole, GlobalErrIds.URLE_NULL);
        Role role = new Role(userRole.getName());
        role.setContextId(this.contextId);
        User user = new User(userRole.getUserId());
        setEntitySession(CLS_NM, "deassignUser", userRole);
        AdminUtil.canDeassign(user.getAdminSession(), user, role, this.contextId);
        String deassign = userP.deassign(userRole);
        setAdminData(CLS_NM, "deassignUser", role);
        roleP.deassign(role, deassign);
    }

    @Override // us.jts.fortress.AdminMgr
    public Permission addPermission(Permission permission) throws SecurityException {
        assertContext(CLS_NM, "addPermission", permission, GlobalErrIds.PERM_OPERATION_NULL);
        setEntitySession(CLS_NM, "addPermission", permission);
        return permP.add(permission);
    }

    @Override // us.jts.fortress.AdminMgr
    public Permission updatePermission(Permission permission) throws SecurityException {
        assertContext(CLS_NM, "updatePermission", permission, GlobalErrIds.PERM_OPERATION_NULL);
        setEntitySession(CLS_NM, "updatePermission", permission);
        return permP.update(permission);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deletePermission(Permission permission) throws SecurityException {
        assertContext(CLS_NM, "deletePermission", permission, GlobalErrIds.PERM_OPERATION_NULL);
        setEntitySession(CLS_NM, "deletePermission", permission);
        permP.delete(permission);
    }

    @Override // us.jts.fortress.AdminMgr
    public PermObj addPermObj(PermObj permObj) throws SecurityException {
        assertContext(CLS_NM, "addPermObj", permObj, GlobalErrIds.PERM_OBJECT_NULL);
        setEntitySession(CLS_NM, "addPermObj", permObj);
        return permP.add(permObj);
    }

    @Override // us.jts.fortress.AdminMgr
    public PermObj updatePermObj(PermObj permObj) throws SecurityException {
        assertContext(CLS_NM, "updatePermObj", permObj, GlobalErrIds.PERM_OBJECT_NULL);
        setEntitySession(CLS_NM, "updatePermObj", permObj);
        return permP.update(permObj);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deletePermObj(PermObj permObj) throws SecurityException {
        assertContext(CLS_NM, "deletePermObj", permObj, GlobalErrIds.PERM_OBJECT_NULL);
        setEntitySession(CLS_NM, "deletePermObj", permObj);
        permP.delete(permObj);
    }

    @Override // us.jts.fortress.AdminMgr
    public void grantPermission(Permission permission, Role role) throws SecurityException {
        assertContext(CLS_NM, "grantPermission", permission, GlobalErrIds.PERM_OPERATION_NULL);
        assertContext(CLS_NM, "grantPermission", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "grantPermission", permission);
        if (permission.isAdmin()) {
            AdminRole adminRole = new AdminRole(role.getName());
            adminRole.setContextId(this.contextId);
            adminP.read(adminRole);
        } else {
            AdminUtil.canGrant(permission.getAdminSession(), role, permission, this.contextId);
            roleP.read(role);
        }
        permP.grant(permission, role);
    }

    @Override // us.jts.fortress.AdminMgr
    public void revokePermission(Permission permission, Role role) throws SecurityException {
        assertContext(CLS_NM, "revokePermission", permission, GlobalErrIds.PERM_OPERATION_NULL);
        assertContext(CLS_NM, "revokePermission", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "revokePermission", permission);
        if (!permission.isAdmin()) {
            AdminUtil.canRevoke(permission.getAdminSession(), role, permission, this.contextId);
        }
        permP.revoke(permission, role);
    }

    @Override // us.jts.fortress.AdminMgr
    public void grantPermission(Permission permission, User user) throws SecurityException {
        assertContext(CLS_NM, "grantPermissionUser", permission, GlobalErrIds.PERM_OPERATION_NULL);
        setEntitySession(CLS_NM, "grantPermissionUser", permission);
        assertContext(CLS_NM, "grantPermissionUser", user, GlobalErrIds.USER_NULL);
        userP.read(user, false);
        permP.grant(permission, user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void revokePermission(Permission permission, User user) throws SecurityException {
        assertContext(CLS_NM, "revokePermissionUser", permission, GlobalErrIds.PERM_OPERATION_NULL);
        setEntitySession(CLS_NM, "revokePermissionUser", permission);
        assertContext(CLS_NM, "revokePermissionUser", user, GlobalErrIds.USER_NULL);
        permP.revoke(permission, user);
    }

    @Override // us.jts.fortress.AdminMgr
    public void addDescendant(Role role, Role role2) throws SecurityException {
        assertContext(CLS_NM, "addDescendant", role, GlobalErrIds.PARENT_ROLE_NULL);
        assertContext(CLS_NM, "addDescendant", role2, GlobalErrIds.CHILD_ROLE_NULL);
        setEntitySession(CLS_NM, "addDescendant", role2);
        Role role3 = new Role(role.getName());
        role3.setContextId(this.contextId);
        roleP.read(role3);
        RoleUtil.validateRelationship(role2, role, false);
        role2.setParent(role.getName());
        roleP.add(role2);
        RoleUtil.updateHier(this.contextId, new Relationship(role2.getName().toUpperCase(), role.getName().toUpperCase()), Hier.Op.ADD);
    }

    @Override // us.jts.fortress.AdminMgr
    public void addAscendant(Role role, Role role2) throws SecurityException {
        assertContext(CLS_NM, "addAscendant", role2, GlobalErrIds.PARENT_ROLE_NULL);
        setEntitySession(CLS_NM, "addAscendant", role2);
        assertContext(CLS_NM, "addAscendant", role, GlobalErrIds.CHILD_ROLE_NULL);
        Role role3 = new Role(role.getName());
        role3.setContextId(this.contextId);
        Role read = roleP.read(role3);
        read.setContextId(this.contextId);
        RoleUtil.validateRelationship(role, role2, false);
        roleP.add(role2);
        Role role4 = new Role(role.getName());
        role4.setParents(read.getParents());
        role4.setParent(role2.getName());
        role4.setContextId(this.contextId);
        setAdminData(CLS_NM, "addAscendant", role4);
        roleP.update(role4);
        RoleUtil.updateHier(this.contextId, new Relationship(role.getName().toUpperCase(), role2.getName().toUpperCase()), Hier.Op.ADD);
    }

    @Override // us.jts.fortress.AdminMgr
    public void addInheritance(Role role, Role role2) throws SecurityException {
        assertContext(CLS_NM, "addInheritance", role, GlobalErrIds.PARENT_ROLE_NULL);
        assertContext(CLS_NM, "addInheritance", role2, GlobalErrIds.CHILD_ROLE_NULL);
        setEntitySession(CLS_NM, "addInheritance", role);
        Role role3 = new Role(role.getName());
        role3.setContextId(this.contextId);
        roleP.read(role3);
        Role role4 = new Role(role2.getName());
        role4.setContextId(this.contextId);
        Role read = roleP.read(role4);
        RoleUtil.validateRelationship(role2, role, false);
        RoleUtil.updateHier(this.contextId, new Relationship(role2.getName().toUpperCase(), role.getName().toUpperCase()), Hier.Op.ADD);
        Role role5 = new Role(role2.getName());
        role5.setParents(read.getParents());
        role5.setParent(role.getName());
        role5.setContextId(this.contextId);
        setAdminData(CLS_NM, "addInheritance", role5);
        roleP.update(role5);
    }

    @Override // us.jts.fortress.AdminMgr
    public void deleteInheritance(Role role, Role role2) throws SecurityException {
        assertContext(CLS_NM, "deleteInheritance", role, GlobalErrIds.PARENT_ROLE_NULL);
        setEntitySession(CLS_NM, "deleteInheritance", role);
        assertContext(CLS_NM, "deleteInheritance", role2, GlobalErrIds.CHILD_ROLE_NULL);
        RoleUtil.validateRelationship(role2, role, true);
        RoleUtil.updateHier(this.contextId, new Relationship(role2.getName().toUpperCase(), role.getName().toUpperCase()), Hier.Op.REM);
        Role role3 = new Role(role2.getName());
        role3.setContextId(this.contextId);
        Role read = roleP.read(role3);
        Role role4 = new Role(role2.getName());
        role4.setParents(read.getParents());
        role4.delParent(role.getName());
        role4.setContextId(this.contextId);
        setAdminData(CLS_NM, "deleteInheritance", role4);
        if (VUtil.isNotNullOrEmpty(role4.getParents())) {
            roleP.update(role4);
        } else {
            roleP.deleteParent(role4);
        }
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet createSsdSet(SDSet sDSet) throws SecurityException {
        assertContext(CLS_NM, "createSsdSet", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "createSsdSet", sDSet);
        sDSet.setType(SDSet.SDType.STATIC);
        if (sDSet.getCardinality() == null) {
            sDSet.setCardinality(2);
        }
        clearSSDCache(sDSet);
        return sdP.add(sDSet);
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet addSsdRoleMember(SDSet sDSet, Role role) throws SecurityException {
        assertContext(CLS_NM, "addSsdRoleMember", sDSet, GlobalErrIds.SSD_NULL);
        assertContext(CLS_NM, "addSsdRoleMember", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "addSsdRoleMember", sDSet);
        SDSet read = sdP.read(sDSet);
        read.setContextId(this.contextId);
        read.setContextId(this.contextId);
        read.addMember(role.getName());
        setAdminData(CLS_NM, "addSsdRoleMember", read);
        SDSet update = sdP.update(read);
        clearSSDCache(role);
        return update;
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet deleteSsdRoleMember(SDSet sDSet, Role role) throws SecurityException {
        assertContext(CLS_NM, "deleteSsdRoleMember", sDSet, GlobalErrIds.SSD_NULL);
        assertContext(CLS_NM, "deleteSsdRoleMember", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "deleteSsdRoleMember", sDSet);
        SDSet read = sdP.read(sDSet);
        read.setContextId(this.contextId);
        read.delMember(role.getName());
        if (read.getMembers().isEmpty()) {
            read.addMember(GlobalIds.NONE);
        }
        setAdminData(CLS_NM, "deleteSsdRoleMember", read);
        SDSet update = sdP.update(read);
        clearSSDCache(role);
        return update;
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet deleteSsdSet(SDSet sDSet) throws SecurityException {
        assertContext(CLS_NM, "deleteSsdSet", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "deleteSsdSet", sDSet);
        sDSet.setType(SDSet.SDType.STATIC);
        clearSSDCache(sDSet);
        return sdP.delete(sDSet);
    }

    private void clearSSDCache(SDSet sDSet) {
        if (sDSet.getMembers() != null) {
            Iterator<String> it = sDSet.getMembers().iterator();
            while (it.hasNext()) {
                SDUtil.clearSsdCacheEntry(it.next(), this.contextId);
            }
        }
    }

    private void clearSSDCache(Role role) {
        SDUtil.clearSsdCacheEntry(role.getName(), this.contextId);
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet setSsdSetCardinality(SDSet sDSet, int i) throws SecurityException {
        assertContext(CLS_NM, "setSsdSetCardinality", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "setSsdSetCardinality", sDSet);
        sDSet.setType(SDSet.SDType.STATIC);
        sDSet.setCardinality(Integer.valueOf(i));
        clearSSDCache(sDSet);
        return sdP.update(sDSet);
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet createDsdSet(SDSet sDSet) throws SecurityException {
        assertContext(CLS_NM, "createDsdSet", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "createDsdSet", sDSet);
        sDSet.setType(SDSet.SDType.DYNAMIC);
        if (sDSet.getCardinality() == null) {
            sDSet.setCardinality(2);
        }
        return sdP.add(sDSet);
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet addDsdRoleMember(SDSet sDSet, Role role) throws SecurityException {
        assertContext(CLS_NM, "addDsdRoleMember", sDSet, GlobalErrIds.SSD_NULL);
        assertContext(CLS_NM, "addDsdRoleMember", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "addDsdRoleMember", sDSet);
        SDSet read = sdP.read(sDSet);
        read.setContextId(this.contextId);
        read.addMember(role.getName());
        setAdminData(CLS_NM, "addDsdRoleMember", read);
        read.setContextId(this.contextId);
        SDSet update = sdP.update(read);
        clearDSDCache(sDSet);
        return update;
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet deleteDsdRoleMember(SDSet sDSet, Role role) throws SecurityException {
        assertContext(CLS_NM, "deleteDsdRoleMember", sDSet, GlobalErrIds.SSD_NULL);
        assertContext(CLS_NM, "deleteDsdRoleMember", role, GlobalErrIds.ROLE_NULL);
        setEntitySession(CLS_NM, "deleteDsdRoleMember", sDSet);
        SDSet read = sdP.read(sDSet);
        read.setContextId(this.contextId);
        read.delMember(role.getName());
        if (read.getMembers().isEmpty()) {
            read.addMember(GlobalIds.NONE);
        }
        setAdminData(CLS_NM, "deleteDsdRoleMember", read);
        SDSet update = sdP.update(read);
        clearDSDCache(sDSet);
        return update;
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet deleteDsdSet(SDSet sDSet) throws SecurityException {
        assertContext(CLS_NM, "deleteDsdSet", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "deleteDsdSet", sDSet);
        sDSet.setType(SDSet.SDType.DYNAMIC);
        clearDSDCache(sDSet);
        return sdP.delete(sDSet);
    }

    @Override // us.jts.fortress.AdminMgr
    public SDSet setDsdSetCardinality(SDSet sDSet, int i) throws SecurityException {
        assertContext(CLS_NM, "setDsdSetCardinality", sDSet, GlobalErrIds.SSD_NULL);
        setEntitySession(CLS_NM, "setDsdSetCardinality", sDSet);
        sDSet.setType(SDSet.SDType.DYNAMIC);
        sDSet.setCardinality(Integer.valueOf(i));
        clearDSDCache(sDSet);
        return sdP.update(sDSet);
    }

    private void clearDSDCache(SDSet sDSet) {
        SDUtil.clearDsdCacheEntry(sDSet.getName(), this.contextId);
    }
}
