package us.jts.fortress.rbac;

import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPAttribute;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPAttributeSet;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPConnection;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPModificationSet;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPSearchResults;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.log4j.Logger;
import us.jts.fortress.CreateException;
import us.jts.fortress.FinderException;
import us.jts.fortress.GlobalErrIds;
import us.jts.fortress.GlobalIds;
import us.jts.fortress.ObjectFactory;
import us.jts.fortress.PasswordException;
import us.jts.fortress.RemoveException;
import us.jts.fortress.SecurityException;
import us.jts.fortress.UpdateException;
import us.jts.fortress.cfg.Config;
import us.jts.fortress.ldap.DataProvider;
import us.jts.fortress.ldap.openldap.OLPWControlImpl;
import us.jts.fortress.util.attr.AttrHelper;
import us.jts.fortress.util.attr.VUtil;
import us.jts.fortress.util.time.CUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:us/jts/fortress/rbac/UserDAO.class */
public final class UserDAO extends DataProvider {
    private static final String CLS_NM = UserDAO.class.getName();
    private static final Logger log = Logger.getLogger(CLS_NM);
    private static PwPolicyControl pwControl;
    private static final String USERS_AUX_OBJECT_CLASS_NAME = "ftUserAttrs";
    private static final String ORGANIZATIONAL_PERSON_OBJECT_CLASS_NAME = "organizationalPerson";
    private static final String USER_OBJECT_CLASS = "user.objectclass";
    private static final String[] USER_OBJ_CLASS;
    private static final String objectClassImpl;
    private static final String SN = "sn";
    private static final String PW = "userpassword";
    private static final String SYSTEM_USER = "ftSystem";
    private static final String L = "l";
    private static final String POSTAL_ADDRESS = "postalAddress";
    private static final String STATE = "st";
    private static final String POSTAL_CODE = "postalCode";
    private static final String POST_OFFICE_BOX = "postOfficeBox";
    private static final String COUNTRY = "c";
    private static final String PHYSICAL_DELIVERY_OFFICE_NAME = "physicalDeliveryOfficeName";
    private static final String DEPARTMENT_NUMBER = "departmentNumber";
    private static final String ROOM_NUMBER = "roomNumber";
    private static final String MOBILE = "mobile";
    private static final String TELEPHONE_NUMBER = "telephoneNumber";
    private static final String MAIL = "mail";
    private static final String DISPLAY_NAME = "displayName";
    private static final String TITLE = "title";
    private static final String EMPLOYEE_TYPE = "employeeType";
    private static final String OPENLDAP_POLICY_SUBENTRY = "pwdPolicySubentry";
    private static final String OPENLDAP_PW_RESET = "pwdReset";
    private static final String OPENLDAP_PW_LOCKED_TIME = "pwdAccountLockedTime";
    private static final String OPENLDAP_ACCOUNT_LOCKED_TIME = "pwdAccountLockedTime";
    private static final String LOCK_VALUE = "000001010000Z";
    private static final String[] USERID;
    private static final String[] ROLES;
    private static final String[] USERID_ATRS;
    private static final String[] AUTHN_ATRS;
    private static final String[] DEFAULT_ATRS;
    private static final String[] ROLE_ATR;
    private static final String[] AROLE_ATR;

    /* JADX INFO: Access modifiers changed from: package-private */
    public final User create(User user) throws CreateException {
        LDAPConnection lDAPConnection = null;
        try {
            try {
                LDAPAttributeSet lDAPAttributeSet = new LDAPAttributeSet();
                lDAPAttributeSet.add(createAttributes(GlobalIds.OBJECT_CLASS, USER_OBJ_CLASS));
                user.setInternalId();
                lDAPAttributeSet.add(createAttribute(GlobalIds.FT_IID, user.getInternalId()));
                lDAPAttributeSet.add(createAttribute(GlobalIds.UID, user.getUserId()));
                if (!VUtil.isNotNullOrEmpty(user.getCn())) {
                    user.setCn(user.getUserId());
                }
                lDAPAttributeSet.add(createAttribute("cn", user.getCn()));
                if (!VUtil.isNotNullOrEmpty(user.getSn())) {
                    user.setSn(user.getUserId());
                }
                lDAPAttributeSet.add(createAttribute(SN, user.getSn()));
                lDAPAttributeSet.add(createAttribute(PW, VUtil.isNotNullOrEmpty(user.getPassword()) ? new String(user.getPassword()) : new String(new char[0])));
                lDAPAttributeSet.add(createAttribute(DISPLAY_NAME, user.getCn()));
                if (VUtil.isNotNullOrEmpty(user.getTitle())) {
                    lDAPAttributeSet.add(createAttribute(TITLE, user.getTitle()));
                }
                if (VUtil.isNotNullOrEmpty(user.getEmployeeType())) {
                    lDAPAttributeSet.add(createAttribute(EMPLOYEE_TYPE, user.getEmployeeType()));
                }
                loadAttrs(user.getPhones(), lDAPAttributeSet, TELEPHONE_NUMBER);
                loadAttrs(user.getMobiles(), lDAPAttributeSet, MOBILE);
                loadAttrs(user.getEmails(), lDAPAttributeSet, MAIL);
                if (VUtil.isNotNullOrEmpty(user.isSystem())) {
                    lDAPAttributeSet.add(createAttribute(SYSTEM_USER, user.isSystem().toString().toUpperCase()));
                }
                if (GlobalIds.IS_OPENLDAP && VUtil.isNotNullOrEmpty(user.getPwPolicy())) {
                    lDAPAttributeSet.add(createAttribute(OPENLDAP_POLICY_SUBENTRY, "cn=" + user.getPwPolicy() + "," + getRootDn(user.getContextId(), GlobalIds.PPOLICY_ROOT)));
                }
                if (VUtil.isNotNullOrEmpty(user.getOu())) {
                    lDAPAttributeSet.add(createAttribute(GlobalIds.OU, user.getOu()));
                }
                if (VUtil.isNotNullOrEmpty(user.getDescription())) {
                    lDAPAttributeSet.add(createAttribute(GlobalIds.DESC, user.getDescription()));
                }
                user.addProperty("init", "");
                loadProperties(user.getProperties(), lDAPAttributeSet, GlobalIds.PROPS);
                user.setName(user.getUserId());
                lDAPAttributeSet.add(createAttribute(GlobalIds.CONSTRAINT, CUtil.setConstraint(user)));
                loadUserRoles(user.getRoles(), lDAPAttributeSet);
                loadUserAdminRoles(user.getAdminRoles(), lDAPAttributeSet);
                loadAddress(user.getAddress(), lDAPAttributeSet);
                String dn = getDn(user.getUserId(), user.getContextId());
                LDAPEntry lDAPEntry = new LDAPEntry(dn, lDAPAttributeSet);
                lDAPConnection = getAdminConnection();
                add(lDAPConnection, lDAPEntry, user);
                user.setDn(dn);
                closeAdminConnection(lDAPConnection);
                return user;
            } catch (LDAPException e) {
                throw new CreateException(GlobalErrIds.USER_ADD_FAILED, CLS_NM + ".create userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final User update(User user) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                if (VUtil.isNotNullOrEmpty(user.getCn())) {
                    lDAPModificationSet.add(2, new LDAPAttribute("cn", user.getCn()));
                }
                if (VUtil.isNotNullOrEmpty(user.getSn())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(SN, user.getSn()));
                }
                if (VUtil.isNotNullOrEmpty(user.getOu())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(GlobalIds.OU, user.getOu()));
                }
                if (VUtil.isNotNullOrEmpty(user.getPassword())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(PW, new String(user.getPassword())));
                }
                if (VUtil.isNotNullOrEmpty(user.getDescription())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(GlobalIds.DESC, user.getDescription()));
                }
                if (VUtil.isNotNullOrEmpty(user.getEmployeeType())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(EMPLOYEE_TYPE, user.getSn()));
                }
                if (VUtil.isNotNullOrEmpty(user.getTitle())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(TITLE, user.getTitle()));
                }
                if (GlobalIds.IS_OPENLDAP && VUtil.isNotNullOrEmpty(user.getPwPolicy())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(OPENLDAP_POLICY_SUBENTRY, "cn=" + user.getPwPolicy() + "," + getRootDn(user.getContextId(), GlobalIds.PPOLICY_ROOT)));
                }
                if (VUtil.isNotNullOrEmpty(user.isSystem())) {
                    lDAPModificationSet.add(2, new LDAPAttribute(SYSTEM_USER, user.isSystem().toString().toUpperCase()));
                }
                if (user.isTemporalSet()) {
                    user.setName(user.getUserId());
                    String constraint = CUtil.setConstraint(user);
                    if (VUtil.isNotNullOrEmpty(constraint)) {
                        lDAPModificationSet.add(2, new LDAPAttribute(GlobalIds.CONSTRAINT, constraint));
                    }
                }
                if (VUtil.isNotNullOrEmpty(user.getRoles())) {
                    loadUserRoles(user.getRoles(), lDAPModificationSet);
                }
                if (VUtil.isNotNullOrEmpty(user.getAdminRoles())) {
                    loadUserAdminRoles(user.getAdminRoles(), lDAPModificationSet);
                }
                if (VUtil.isNotNullOrEmpty(user.getProperties())) {
                    loadProperties(user.getProperties(), lDAPModificationSet, GlobalIds.PROPS, true);
                }
                loadAddress(user.getAddress(), lDAPModificationSet);
                loadAttrs(user.getPhones(), lDAPModificationSet, TELEPHONE_NUMBER);
                loadAttrs(user.getMobiles(), lDAPModificationSet, MOBILE);
                loadAttrs(user.getEmails(), lDAPModificationSet, MAIL);
                if (lDAPModificationSet.size() > 0) {
                    lDAPConnection = getAdminConnection();
                    modify(lDAPConnection, dn, lDAPModificationSet, user);
                    user.setDn(dn);
                }
                user.setDn(dn);
                closeAdminConnection(lDAPConnection);
                return user;
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.USER_UPDATE_FAILED, CLS_NM + ".update userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final User updateProps(User user, boolean z) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                if (VUtil.isNotNullOrEmpty(user.getProperties())) {
                    loadProperties(user.getProperties(), lDAPModificationSet, GlobalIds.PROPS, z);
                }
                if (lDAPModificationSet.size() > 0) {
                    lDAPConnection = getAdminConnection();
                    modify(lDAPConnection, dn, lDAPModificationSet, user);
                    user.setDn(dn);
                }
                user.setDn(dn);
                closeAdminConnection(lDAPConnection);
                return user;
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.USER_UPDATE_FAILED, CLS_NM + ".updateProps userId [" + user.getUserId() + "] isReplace [" + z + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String remove(User user) throws RemoveException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                lDAPConnection = getAdminConnection();
                delete(lDAPConnection, dn, user);
                closeAdminConnection(lDAPConnection);
                return dn;
            } catch (LDAPException e) {
                throw new RemoveException(GlobalErrIds.USER_DELETE_FAILED, CLS_NM + ".remove userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void lock(User user) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(2, new LDAPAttribute("pwdAccountLockedTime", LOCK_VALUE));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, user);
                closeAdminConnection(lDAPConnection);
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_LOCK_FAILED, CLS_NM + ".lock user [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void unlock(User user) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(1, new LDAPAttribute("pwdAccountLockedTime"));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, user);
                closeAdminConnection(lDAPConnection);
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() != 16) {
                    throw new UpdateException(GlobalErrIds.USER_PW_UNLOCK_FAILED, CLS_NM + ".unlock user [" + user.getUserId() + "] caught LDAPException= " + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
                }
                log.info(CLS_NM + ".unlock user [" + user.getUserId() + "] no such attribute:pwdAccountLockedTime");
                closeAdminConnection(lDAPConnection);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final User getUser(User user, boolean z) throws FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                String[] strArr = z ? DEFAULT_ATRS : AUTHN_ATRS;
                lDAPConnection = getAdminConnection();
                User unloadLdapEntry = unloadLdapEntry(read(lDAPConnection, dn, strArr), 0L, user.getContextId());
                if (unloadLdapEntry == null) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getUser userId [" + user.getUserId() + "] not found, Fortress rc=" + GlobalErrIds.USER_NOT_FOUND);
                }
                closeAdminConnection(lDAPConnection);
                return unloadLdapEntry;
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() == 32) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getUser COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
                }
                throw new FinderException(GlobalErrIds.USER_READ_FAILED, CLS_NM + ".getUser [" + dn + "]= caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    final List<UserAdminRole> getUserAdminRoles(User user) throws FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                lDAPConnection = getAdminConnection();
                List<UserAdminRole> unloadUserAdminRoles = unloadUserAdminRoles(read(lDAPConnection, dn, AROLE_ATR), user.getUserId(), user.getContextId());
                closeAdminConnection(lDAPConnection);
                return unloadUserAdminRoles;
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() == 32) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getUserAdminRoles COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
                }
                throw new FinderException(GlobalErrIds.USER_READ_FAILED, CLS_NM + ".getUserAdminRoles [" + dn + "]= caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<String> getRoles(User user) throws FinderException {
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPConnection adminConnection = getAdminConnection();
                LDAPEntry read = read(adminConnection, dn, ROLES);
                if (read == null) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getRoles userId [" + user.getUserId() + "] not found, Fortress rc=" + GlobalErrIds.USER_NOT_FOUND);
                }
                List<String> attributes = getAttributes(read, GlobalIds.USER_ROLE_ASSIGN);
                closeAdminConnection(adminConnection);
                return attributes;
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() == 32) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getRoles COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
                }
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, CLS_NM + ".getRoles [" + dn + "]= caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Session checkPassword(User user) throws FinderException {
        Session session = null;
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                session = new ObjectFactory().createSession();
                session.setUserId(user.getUserId());
                lDAPConnection = getUserConnection();
                if (bind(lDAPConnection, dn, user.getPassword())) {
                    checkPwPolicies(lDAPConnection, session);
                    if (session.getErrorId() == 0) {
                        session.setAuthenticated(true);
                    }
                }
                closeUserConnection(lDAPConnection);
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() != 49) {
                    throw new FinderException(GlobalErrIds.USER_READ_FAILED, CLS_NM + ".checkPassword userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
                }
                checkPwPolicies(lDAPConnection, session);
                if (session.getErrorId() == 0) {
                    session.setMsg("checkPassword INVALID PASSWORD for userId [" + user.getUserId() + "]");
                    session.setErrorId(GlobalErrIds.USER_PW_INVLD);
                    session.setAuthenticated(false);
                }
                closeUserConnection(lDAPConnection);
            }
            return session;
        } catch (Throwable th) {
            closeUserConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    public final List<User> findUsers(User user) throws FinderException {
        String str;
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(user.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                if (VUtil.isNotNullOrEmpty(user.getUserId())) {
                    str = GlobalIds.FILTER_PREFIX + objectClassImpl + ")(" + GlobalIds.UID + "=" + encodeSafeText(user.getUserId(), 40) + "*))";
                } else if (VUtil.isNotNullOrEmpty(user.getInternalId())) {
                    str = GlobalIds.FILTER_PREFIX + objectClassImpl + ")(" + GlobalIds.FT_IID + "=" + encodeSafeText(user.getInternalId(), 40) + "))";
                } else {
                    str = "(objectclass=" + objectClassImpl + ")";
                }
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, DEFAULT_ATRS, false, 100);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, user.getContextId()));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.USER_SEARCH_FAILED, CLS_NM + ".findUsers userRoot [" + rootDn + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<String> findUsers(User user, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(user.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String str = GlobalIds.FILTER_PREFIX + objectClassImpl + ")(" + GlobalIds.UID + "=" + encodeSafeText(user.getUserId(), 40) + "*))";
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, USERID, false, 100, i);
                while (search.hasMoreElements()) {
                    arrayList.add(getAttribute(search.next(), GlobalIds.UID));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.USER_SEARCH_FAILED, CLS_NM + ".findUsers caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    public final List<User> getAuthorizedUsers(Role role) throws FinderException {
        String str;
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                Set<String> descendants = RoleUtil.getDescendants(role.getName(), role.getContextId());
                if (VUtil.isNotNullOrEmpty(descendants)) {
                    String str2 = "(&(objectclass=ftUserAttrs)(|(ftRA=" + encodeSafeText + ")";
                    Iterator<String> it = descendants.iterator();
                    while (it.hasNext()) {
                        str2 = str2 + "(ftRA=" + it.next() + ")";
                    }
                    str = str2 + ")";
                } else {
                    str = "(&(objectclass=ftUserAttrs)(ftRA=" + encodeSafeText + ")";
                }
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str + ")", DEFAULT_ATRS, false, 100);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, role.getContextId()));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, CLS_NM + ".getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    public final List<User> getAssignedUsers(Role role) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String str = "(&(objectclass=ftUserAttrs)(ftRA=" + encodeSafeText(role.getName(), 40) + "))";
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, DEFAULT_ATRS, false, 100);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, role.getContextId()));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, CLS_NM + ".getAssignedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final Set<String> getAssignedUsers(Set<String> set, String str) throws FinderException {
        HashSet hashSet = new HashSet();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(str, GlobalIds.USER_ROOT);
        try {
            try {
                String str2 = "(&(objectclass=ftUserAttrs)(|";
                if (!VUtil.isNotNullOrEmpty(set)) {
                    closeAdminConnection(null);
                    return null;
                }
                Iterator<String> it = set.iterator();
                while (it.hasNext()) {
                    str2 = str2 + "(ftRA=" + encodeSafeText(it.next(), 40) + ")";
                }
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str2 + "))", USERID_ATRS, false, 100);
                while (search.hasMoreElements()) {
                    hashSet.add(getAttribute(search.next(), GlobalIds.UID));
                }
                closeAdminConnection(lDAPConnection);
                return hashSet;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, CLS_NM + ".getAssignedUsers caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    public final List<User> getAssignedUsers(AdminRole adminRole) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(adminRole.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String str = "(&(objectclass=ftUserAttrs)(ftARA=" + encodeSafeText(adminRole.getName(), 40) + "))";
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, DEFAULT_ATRS, false, 100);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, adminRole.getContextId()));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.ARLE_USER_SEARCH_FAILED, CLS_NM + ".getAssignedUsers admin role name [" + adminRole.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final List<String> getAuthorizedUsers(Role role, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String str = "(&(objectclass=ftUserAttrs)(ftRA=" + encodeSafeText(role.getName(), 40) + "))";
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, USERID, false, 100, i);
                while (search.hasMoreElements()) {
                    arrayList.add(getAttribute(search.next(), GlobalIds.UID));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, CLS_NM + ".getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    final List<String> findUsersList(String str, String str2) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(str2, GlobalIds.USER_ROOT);
        try {
            try {
                String str3 = GlobalIds.FILTER_PREFIX + objectClassImpl + ")(" + GlobalIds.UID + "=" + encodeSafeText(str, 40) + "*))";
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str3, DEFAULT_ATRS, false, 100);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, str2).getUserId());
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.USER_SEARCH_FAILED, CLS_NM + ".findUsersList caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v2, types: [com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry, long] */
    public final List<User> findUsers(OrgUnit orgUnit, boolean z) throws FinderException {
        ArrayList arrayList = new ArrayList();
        LDAPConnection lDAPConnection = null;
        String rootDn = getRootDn(orgUnit.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String str = GlobalIds.FILTER_PREFIX + objectClassImpl + ")(" + GlobalIds.OU + "=" + encodeSafeText(orgUnit.getName(), 40) + "))";
                int i = z ? 10 : 0;
                lDAPConnection = getAdminConnection();
                LDAPSearchResults search = search(lDAPConnection, rootDn, 1, str, DEFAULT_ATRS, false, 100, i);
                long j = 0;
                while (search.hasMoreElements()) {
                    search.next();
                    ?? r3 = j;
                    j = r3 + 1;
                    arrayList.add(unloadLdapEntry(r3, r3, orgUnit.getContextId()));
                }
                closeAdminConnection(lDAPConnection);
                return arrayList;
            } catch (LDAPException e) {
                throw new FinderException(GlobalErrIds.USER_SEARCH_FAILED, CLS_NM + ".findUsers caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final boolean changePassword(User user, char[] cArr) throws SecurityException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                lDAPConnection = getUserConnection();
                bind(lDAPConnection, dn, user.getPassword());
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(2, new LDAPAttribute(PW, new String(cArr)));
                modify(lDAPConnection, dn, lDAPModificationSet);
                if (GlobalIds.IS_AUDIT && user.getAdminSession() != null) {
                    modify(lDAPConnection, dn, new LDAPModificationSet(), user);
                }
                closeUserConnection(lDAPConnection);
                return true;
            } catch (LDAPException e) {
                String str = User.class.getName() + ".changePassword user [" + user.getUserId() + "] ";
                if (e.getLDAPResultCode() == 19) {
                    throw new PasswordException(GlobalErrIds.PSWD_CONST_VIOLATION, str + " constraint violation, ldap rc=" + e.getLDAPResultCode() + " ldap msg=" + e.getMessage() + " Fortress rc=" + GlobalErrIds.PSWD_CONST_VIOLATION);
                }
                if (e.getLDAPResultCode() == 50) {
                    throw new UpdateException(GlobalErrIds.USER_PW_MOD_NOT_ALLOWED, str + " user not authorized to change password, ldap rc=" + e.getLDAPResultCode() + " ldap msg=" + e.getMessage() + " Fortress rc=" + GlobalErrIds.USER_PW_MOD_NOT_ALLOWED);
                }
                throw new UpdateException(GlobalErrIds.USER_PW_CHANGE_FAILED, str + " caught LDAPException rc=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeUserConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void resetUserPassword(User user) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(2, new LDAPAttribute(PW, new String(user.getPassword())));
                lDAPModificationSet.add(2, new LDAPAttribute(OPENLDAP_PW_RESET, "TRUE"));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, user);
                closeAdminConnection(lDAPConnection);
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_RESET_FAILED, CLS_NM + ".resetUserPassword userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String assign(UserRole userRole) throws UpdateException, FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(0, new LDAPAttribute(GlobalIds.USER_ROLE_DATA, userRole.getRawData()));
                lDAPModificationSet.add(0, new LDAPAttribute(GlobalIds.USER_ROLE_ASSIGN, userRole.getName()));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, userRole);
                closeAdminConnection(lDAPConnection);
                return dn;
            } catch (LDAPException e) {
                String str = CLS_NM + ".assign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] ";
                if (e.getLDAPResultCode() == 20) {
                    throw new FinderException(GlobalErrIds.URLE_ASSIGN_EXIST, str + "assignment already exists.");
                }
                throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, str + "caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String deassign(UserRole userRole) throws UpdateException, FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                List<UserRole> userRoles = getUserRoles(userRole.getUserId(), userRole.getContextId());
                int i = -1;
                if (userRoles != null) {
                    i = userRoles.indexOf(userRole);
                    if (i > -1) {
                        UserRole userRole2 = userRoles.get(i);
                        LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                        lDAPModificationSet.add(1, new LDAPAttribute(GlobalIds.USER_ROLE_DATA, userRole2.getRawData()));
                        lDAPModificationSet.add(1, new LDAPAttribute(GlobalIds.USER_ROLE_ASSIGN, userRole2.getName()));
                        lDAPConnection = getAdminConnection();
                        modify(lDAPConnection, dn, lDAPModificationSet, userRole);
                    }
                }
                if (i == -1) {
                    throw new FinderException(GlobalErrIds.URLE_ASSIGN_NOT_EXIST, CLS_NM + ".deassign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] assignment does not exist.");
                }
                return dn;
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.URLE_DEASSIGN_FAILED, CLS_NM + ".deassign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } finally {
            closeAdminConnection(lDAPConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String assign(UserAdminRole userAdminRole) throws UpdateException, FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(userAdminRole.getUserId(), userAdminRole.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(0, new LDAPAttribute(GlobalIds.USER_ADMINROLE_DATA, userAdminRole.getRawData()));
                lDAPModificationSet.add(0, new LDAPAttribute(GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole.getName()));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, userAdminRole);
                closeAdminConnection(lDAPConnection);
                return dn;
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() == 20) {
                    throw new FinderException(GlobalErrIds.ARLE_ASSIGN_EXIST, CLS_NM + ".assign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] assignment already exists.");
                }
                throw new UpdateException(GlobalErrIds.ARLE_ASSIGN_FAILED, CLS_NM + ".assign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String deassign(UserAdminRole userAdminRole) throws UpdateException, FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(userAdminRole.getUserId(), userAdminRole.getContextId());
        try {
            try {
                User user = new User(userAdminRole.getUserId());
                user.setContextId(userAdminRole.getContextId());
                List<UserAdminRole> userAdminRoles = getUserAdminRoles(user);
                int i = -1;
                if (userAdminRoles != null) {
                    i = userAdminRoles.indexOf(userAdminRole);
                    if (i > -1) {
                        UserAdminRole userAdminRole2 = userAdminRoles.get(i);
                        LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                        lDAPModificationSet.add(1, new LDAPAttribute(GlobalIds.USER_ADMINROLE_DATA, userAdminRole2.getRawData()));
                        lDAPModificationSet.add(1, new LDAPAttribute(GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole2.getName()));
                        lDAPConnection = getAdminConnection();
                        modify(lDAPConnection, dn, lDAPModificationSet, userAdminRole);
                    }
                }
                if (i == -1) {
                    throw new FinderException(GlobalErrIds.ARLE_DEASSIGN_NOT_EXIST, CLS_NM + ".deassign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] assignment does not exist.");
                }
                return dn;
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.ARLE_DEASSIGN_FAILED, CLS_NM + ".deassign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } finally {
            closeAdminConnection(lDAPConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String deletePwPolicy(User user) throws UpdateException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
                lDAPModificationSet.add(1, new LDAPAttribute(OPENLDAP_POLICY_SUBENTRY));
                lDAPConnection = getAdminConnection();
                modify(lDAPConnection, dn, lDAPModificationSet, user);
                closeAdminConnection(lDAPConnection);
                return dn;
            } catch (LDAPException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_PLCY_DEL_FAILED, CLS_NM + ".deletePwPolicy userId [" + user.getUserId() + "] caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    private User unloadLdapEntry(LDAPEntry lDAPEntry, long j, String str) {
        User createUser = new ObjectFactory().createUser();
        createUser.setSequenceId(j);
        createUser.setInternalId(getAttribute(lDAPEntry, GlobalIds.FT_IID));
        createUser.setDescription(getAttribute(lDAPEntry, GlobalIds.DESC));
        createUser.setUserId(getAttribute(lDAPEntry, GlobalIds.UID));
        createUser.setCn(getAttribute(lDAPEntry, "cn"));
        createUser.setName(createUser.getCn());
        createUser.setSn(getAttribute(lDAPEntry, SN));
        createUser.setOu(getAttribute(lDAPEntry, GlobalIds.OU));
        createUser.setDn(lDAPEntry.getDN());
        createUser.setTitle(getAttribute(lDAPEntry, TITLE));
        createUser.setEmployeeType(getAttribute(lDAPEntry, EMPLOYEE_TYPE));
        unloadTemporal(lDAPEntry, createUser);
        createUser.setRoles(unloadUserRoles(lDAPEntry, createUser.getUserId(), str));
        createUser.setAdminRoles(unloadUserAdminRoles(lDAPEntry, createUser.getUserId(), str));
        createUser.setAddress(unloadAddress(lDAPEntry));
        createUser.setPhones(getAttributes(lDAPEntry, TELEPHONE_NUMBER));
        createUser.setMobiles(getAttributes(lDAPEntry, MOBILE));
        createUser.setEmails(getAttributes(lDAPEntry, MAIL));
        String attribute = getAttribute(lDAPEntry, SYSTEM_USER);
        if (attribute != null) {
            createUser.setSystem(Boolean.valueOf(attribute));
        }
        createUser.addProperties(AttrHelper.getProperties(getAttributes(lDAPEntry, GlobalIds.PROPS)));
        if (GlobalIds.IS_OPENLDAP) {
            String attribute2 = getAttribute(lDAPEntry, OPENLDAP_PW_RESET);
            if (attribute2 != null && attribute2.equalsIgnoreCase("true")) {
                createUser.setReset(true);
            }
            createUser.setPwPolicy(getAttribute(lDAPEntry, OPENLDAP_POLICY_SUBENTRY));
            String attribute3 = getAttribute(lDAPEntry, "pwdAccountLockedTime");
            if (attribute3 != null && attribute3.equals(LOCK_VALUE)) {
                createUser.setLocked(true);
            }
        }
        return createUser;
    }

    private List<UserRole> getUserRoles(String str, String str2) throws FinderException {
        LDAPConnection lDAPConnection = null;
        String dn = getDn(str, str2);
        try {
            try {
                lDAPConnection = getAdminConnection();
                List<UserRole> unloadUserRoles = unloadUserRoles(read(lDAPConnection, dn, ROLE_ATR), str, str2);
                closeAdminConnection(lDAPConnection);
                return unloadUserRoles;
            } catch (LDAPException e) {
                if (e.getLDAPResultCode() == 32) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, CLS_NM + ".getUserRoles COULD NOT FIND ENTRY for user [" + str + "]");
                }
                throw new FinderException(GlobalErrIds.USER_READ_FAILED, CLS_NM + ".getUserRoles [" + dn + "]= caught LDAPException=" + e.getLDAPResultCode() + " msg=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(lDAPConnection);
            throw th;
        }
    }

    private void checkPwPolicies(LDAPConnection lDAPConnection, PwMessage pwMessage) {
        String str;
        int i = 0;
        boolean z = false;
        String str2 = "checkPwPolicies for userId [" + pwMessage.getUserId() + "] ";
        if (lDAPConnection == null) {
            pwMessage.setAuthenticated(false);
            pwMessage.setWarningId(10);
            pwMessage.setErrorId(0);
            String str3 = str2 + "NO PASSWORD CONTROLS FOUND";
            pwMessage.setMsg(str3);
            log.warn(CLS_NM + ".checkPwPolicies " + str3);
            return;
        }
        if (!GlobalIds.IS_OPENLDAP) {
            pwMessage.setWarningId(10);
            pwMessage.setErrorId(0);
            String str4 = str2 + "PW POLICY NOT ENABLED";
            pwMessage.setMsg(str4);
            log.debug(str4);
            return;
        }
        if (pwControl != null) {
            pwControl.checkPasswordPolicy(lDAPConnection, false, pwMessage);
        }
        if (pwMessage.getErrorId() <= 0) {
            String str5 = str2 + "PASSWORD CHECK SUCCESS";
            pwMessage.setMsg(str5);
            pwMessage.setErrorId(0);
            pwMessage.setAuthenticated(true);
            log.debug(str5);
            return;
        }
        switch (pwMessage.getErrorId()) {
            case 100:
                str = str2 + "PASSWORD HAS EXPIRED";
                i = 1017;
                break;
            case 101:
                str = str2 + "ACCOUNT HAS BEEN LOCKED";
                i = 1016;
                break;
            case GlobalPwMsgIds.CHANGE_AFTER_RESET /* 102 */:
                if (!GlobalIds.IS_REALM) {
                    str = str2 + "PASSWORD HAS BEEN RESET BY LDAP_ADMIN_POOL_UID";
                    i = 1015;
                    break;
                } else {
                    str = str2 + "PASSWORD HAS BEEN RESET BY LDAP_ADMIN_POOL_UID BUT ALLOWING TO CONTINUE DUE TO REALM";
                    z = true;
                    pwMessage.setWarningId(GlobalErrIds.USER_PW_RESET);
                    break;
                }
            case 103:
                str = str2 + "PASSWORD MOD NOT ALLOWED";
                i = 1018;
                break;
            case 104:
                str = str2 + "MUST SUPPLY OLD PASSWORD";
                i = 1019;
                break;
            case 105:
                str = str2 + "PASSWORD QUALITY VIOLATION";
                i = 1020;
                break;
            case 106:
                str = str2 + "PASSWORD TOO SHORT";
                i = 1021;
                break;
            case 107:
                str = str2 + "PASSWORD TOO YOUNG";
                i = 1022;
                break;
            case 108:
                str = str2 + "PASSWORD IN HISTORY VIOLATION";
                i = 1023;
                break;
            default:
                str = str2 + "PASSWORD CHECK FAILED";
                i = 1014;
                break;
        }
        pwMessage.setMsg(str);
        pwMessage.setErrorId(i);
        pwMessage.setAuthenticated(z);
        log.debug(str);
    }

    private void loadUserAdminRoles(List<UserAdminRole> list, LDAPAttributeSet lDAPAttributeSet) {
        if (list != null) {
            LDAPAttribute lDAPAttribute = null;
            LDAPAttribute lDAPAttribute2 = null;
            for (UserAdminRole userAdminRole : list) {
                String rawData = userAdminRole.getRawData();
                if (lDAPAttribute == null) {
                    lDAPAttribute = new LDAPAttribute(GlobalIds.USER_ADMINROLE_DATA, rawData);
                    lDAPAttribute2 = new LDAPAttribute(GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole.getName());
                } else {
                    lDAPAttribute.addValue(rawData);
                    lDAPAttribute2.addValue(userAdminRole.getName());
                }
            }
            if (lDAPAttribute != null) {
                lDAPAttributeSet.add(lDAPAttribute);
                lDAPAttributeSet.add(lDAPAttribute2);
            }
        }
    }

    private void loadUserRoles(List<UserRole> list, LDAPModificationSet lDAPModificationSet) {
        LDAPAttribute lDAPAttribute = null;
        LDAPAttribute lDAPAttribute2 = null;
        if (list != null) {
            for (UserRole userRole : list) {
                String rawData = userRole.getRawData();
                if (lDAPAttribute == null) {
                    lDAPAttribute = new LDAPAttribute(GlobalIds.USER_ROLE_DATA, rawData);
                    lDAPAttribute2 = new LDAPAttribute(GlobalIds.USER_ROLE_ASSIGN, userRole.getName());
                } else {
                    lDAPAttribute.addValue(rawData);
                }
            }
            if (lDAPAttribute != null) {
                lDAPModificationSet.add(2, lDAPAttribute);
                lDAPModificationSet.add(2, lDAPAttribute2);
            }
        }
    }

    private void loadUserAdminRoles(List<UserAdminRole> list, LDAPModificationSet lDAPModificationSet) {
        LDAPAttribute lDAPAttribute = null;
        LDAPAttribute lDAPAttribute2 = null;
        if (list != null) {
            for (UserAdminRole userAdminRole : list) {
                String rawData = userAdminRole.getRawData();
                if (lDAPAttribute == null) {
                    lDAPAttribute = new LDAPAttribute(GlobalIds.USER_ADMINROLE_DATA, rawData);
                    lDAPAttribute2 = new LDAPAttribute(GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole.getName());
                } else {
                    lDAPAttribute.addValue(rawData);
                }
            }
            if (lDAPAttribute != null) {
                lDAPModificationSet.add(2, lDAPAttribute);
                lDAPModificationSet.add(2, lDAPAttribute2);
            }
        }
    }

    private void loadUserRoles(List<UserRole> list, LDAPAttributeSet lDAPAttributeSet) {
        if (list != null) {
            LDAPAttribute lDAPAttribute = null;
            LDAPAttribute lDAPAttribute2 = null;
            for (UserRole userRole : list) {
                String rawData = userRole.getRawData();
                if (lDAPAttribute == null) {
                    lDAPAttribute = new LDAPAttribute(GlobalIds.USER_ROLE_DATA, rawData);
                    lDAPAttribute2 = new LDAPAttribute(GlobalIds.USER_ROLE_ASSIGN, userRole.getName());
                } else {
                    lDAPAttribute.addValue(rawData);
                    lDAPAttribute2.addValue(userRole.getName());
                }
            }
            if (lDAPAttribute != null) {
                lDAPAttributeSet.add(lDAPAttribute);
                lDAPAttributeSet.add(lDAPAttribute2);
            }
        }
    }

    private void loadAddress(Address address, LDAPAttributeSet lDAPAttributeSet) {
        if (address != null) {
            if (VUtil.isNotNullOrEmpty(address.getAddresses())) {
                Iterator<String> it = address.getAddresses().iterator();
                while (it.hasNext()) {
                    lDAPAttributeSet.add(new LDAPAttribute(POSTAL_ADDRESS, it.next()));
                }
            }
            if (VUtil.isNotNullOrEmpty(address.getCity())) {
                lDAPAttributeSet.add(new LDAPAttribute(L, address.getCity()));
            }
            if (VUtil.isNotNullOrEmpty(address.getPostalCode())) {
                lDAPAttributeSet.add(new LDAPAttribute(POSTAL_CODE, address.getPostalCode()));
            }
            if (VUtil.isNotNullOrEmpty(address.getPostOfficeBox())) {
                lDAPAttributeSet.add(new LDAPAttribute(POST_OFFICE_BOX, address.getPostOfficeBox()));
            }
            if (VUtil.isNotNullOrEmpty(address.getState())) {
                lDAPAttributeSet.add(new LDAPAttribute(STATE, address.getState()));
            }
            if (VUtil.isNotNullOrEmpty(address.getBuilding())) {
                lDAPAttributeSet.add(new LDAPAttribute(PHYSICAL_DELIVERY_OFFICE_NAME, address.getBuilding()));
            }
            if (VUtil.isNotNullOrEmpty(address.getDepartmentNumber())) {
                lDAPAttributeSet.add(new LDAPAttribute(DEPARTMENT_NUMBER, address.getDepartmentNumber()));
            }
            if (VUtil.isNotNullOrEmpty(address.getRoomNumber())) {
                lDAPAttributeSet.add(new LDAPAttribute(ROOM_NUMBER, address.getRoomNumber()));
            }
        }
    }

    private void loadAddress(Address address, LDAPModificationSet lDAPModificationSet) {
        if (address != null) {
            if (VUtil.isNotNullOrEmpty(address.getAddresses())) {
                lDAPModificationSet.add(2, new LDAPAttribute(POSTAL_ADDRESS));
                Iterator<String> it = address.getAddresses().iterator();
                while (it.hasNext()) {
                    lDAPModificationSet.add(0, new LDAPAttribute(POSTAL_ADDRESS, it.next()));
                }
            }
            if (VUtil.isNotNullOrEmpty(address.getCity())) {
                lDAPModificationSet.add(2, new LDAPAttribute(L, address.getCity()));
            }
            if (VUtil.isNotNullOrEmpty(address.getPostalCode())) {
                lDAPModificationSet.add(2, new LDAPAttribute(POSTAL_CODE, address.getPostalCode()));
            }
            if (VUtil.isNotNullOrEmpty(address.getPostOfficeBox())) {
                lDAPModificationSet.add(2, new LDAPAttribute(POST_OFFICE_BOX, address.getPostOfficeBox()));
            }
            if (VUtil.isNotNullOrEmpty(address.getState())) {
                lDAPModificationSet.add(2, new LDAPAttribute(STATE, address.getState()));
            }
            if (VUtil.isNotNullOrEmpty(address.getBuilding())) {
                lDAPModificationSet.add(2, new LDAPAttribute(PHYSICAL_DELIVERY_OFFICE_NAME, address.getBuilding()));
            }
            if (VUtil.isNotNullOrEmpty(address.getDepartmentNumber())) {
                lDAPModificationSet.add(2, new LDAPAttribute(DEPARTMENT_NUMBER, address.getDepartmentNumber()));
            }
            if (VUtil.isNotNullOrEmpty(address.getRoomNumber())) {
                lDAPModificationSet.add(2, new LDAPAttribute(ROOM_NUMBER, address.getRoomNumber()));
            }
        }
    }

    private Address unloadAddress(LDAPEntry lDAPEntry) {
        Address createAddress = new ObjectFactory().createAddress();
        List<String> attributes = getAttributes(lDAPEntry, POSTAL_ADDRESS);
        if (attributes != null) {
            Iterator<String> it = attributes.iterator();
            while (it.hasNext()) {
                createAddress.setAddress(it.next());
            }
        }
        createAddress.setCity(getAttribute(lDAPEntry, L));
        createAddress.setState(getAttribute(lDAPEntry, STATE));
        createAddress.setPostalCode(getAttribute(lDAPEntry, POSTAL_CODE));
        createAddress.setPostOfficeBox(getAttribute(lDAPEntry, POST_OFFICE_BOX));
        createAddress.setBuilding(getAttribute(lDAPEntry, PHYSICAL_DELIVERY_OFFICE_NAME));
        createAddress.setDepartmentNumber(getAttribute(lDAPEntry, DEPARTMENT_NUMBER));
        createAddress.setRoomNumber(getAttribute(lDAPEntry, ROOM_NUMBER));
        return createAddress;
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [us.jts.fortress.rbac.UserAdminRole, java.lang.Object, long] */
    private List<UserAdminRole> unloadUserAdminRoles(LDAPEntry lDAPEntry, String str, String str2) {
        ArrayList arrayList = null;
        List<String> attributes = getAttributes(lDAPEntry, GlobalIds.USER_ADMINROLE_DATA);
        if (attributes != null) {
            long j = 0;
            arrayList = new ArrayList();
            for (String str3 : attributes) {
                ?? createUserAdminRole = new ObjectFactory().createUserAdminRole();
                createUserAdminRole.load(str3, str2);
                long j2 = j;
                j = createUserAdminRole + 1;
                createUserAdminRole.setSequenceId(j2);
                createUserAdminRole.setUserId(str);
                arrayList.add(createUserAdminRole);
            }
        }
        return arrayList;
    }

    private String getDn(String str, String str2) {
        return "uid=" + str + "," + getRootDn(str2, GlobalIds.USER_ROOT);
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [us.jts.fortress.rbac.UserRole, java.lang.Object, long] */
    private List<UserRole> unloadUserRoles(LDAPEntry lDAPEntry, String str, String str2) {
        ArrayList arrayList = null;
        List<String> attributes = getAttributes(lDAPEntry, GlobalIds.USER_ROLE_DATA);
        if (attributes != null) {
            long j = 0;
            arrayList = new ArrayList();
            for (String str3 : attributes) {
                ?? createUserRole = new ObjectFactory().createUserRole();
                createUserRole.load(str3, str2);
                createUserRole.setUserId(str);
                long j2 = j;
                j = createUserRole + 1;
                createUserRole.setSequenceId(j2);
                arrayList.add(createUserRole);
            }
        }
        return arrayList;
    }

    static {
        if (GlobalIds.IS_OPENLDAP) {
            pwControl = new OLPWControlImpl();
        }
        USER_OBJ_CLASS = new String[]{GlobalIds.TOP, Config.getProperty(USER_OBJECT_CLASS), USERS_AUX_OBJECT_CLASS_NAME, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
        objectClassImpl = Config.getProperty(USER_OBJECT_CLASS);
        USERID = new String[]{GlobalIds.UID};
        ROLES = new String[]{GlobalIds.USER_ROLE_ASSIGN};
        USERID_ATRS = new String[]{GlobalIds.UID};
        String[] strArr = new String[11];
        strArr[0] = GlobalIds.FT_IID;
        strArr[1] = GlobalIds.UID;
        strArr[2] = PW;
        strArr[3] = GlobalIds.DESC;
        strArr[4] = GlobalIds.OU;
        strArr[5] = "cn";
        strArr[6] = SN;
        strArr[7] = GlobalIds.CONSTRAINT;
        strArr[8] = GlobalIds.IS_OPENLDAP ? OPENLDAP_PW_RESET : null;
        strArr[9] = GlobalIds.IS_OPENLDAP ? "pwdAccountLockedTime" : null;
        strArr[10] = GlobalIds.PROPS;
        AUTHN_ATRS = strArr;
        String[] strArr2 = new String[30];
        strArr2[0] = GlobalIds.FT_IID;
        strArr2[1] = GlobalIds.UID;
        strArr2[2] = PW;
        strArr2[3] = GlobalIds.DESC;
        strArr2[4] = GlobalIds.OU;
        strArr2[5] = "cn";
        strArr2[6] = SN;
        strArr2[7] = GlobalIds.USER_ROLE_DATA;
        strArr2[8] = GlobalIds.CONSTRAINT;
        strArr2[9] = GlobalIds.USER_ROLE_ASSIGN;
        strArr2[10] = GlobalIds.IS_OPENLDAP ? OPENLDAP_PW_RESET : null;
        strArr2[11] = GlobalIds.IS_OPENLDAP ? "pwdAccountLockedTime" : null;
        strArr2[12] = GlobalIds.IS_OPENLDAP ? OPENLDAP_POLICY_SUBENTRY : null;
        strArr2[13] = GlobalIds.PROPS;
        strArr2[14] = GlobalIds.USER_ADMINROLE_ASSIGN;
        strArr2[15] = GlobalIds.USER_ADMINROLE_DATA;
        strArr2[16] = POSTAL_ADDRESS;
        strArr2[17] = L;
        strArr2[18] = POSTAL_CODE;
        strArr2[19] = POST_OFFICE_BOX;
        strArr2[20] = STATE;
        strArr2[21] = PHYSICAL_DELIVERY_OFFICE_NAME;
        strArr2[22] = DEPARTMENT_NUMBER;
        strArr2[23] = ROOM_NUMBER;
        strArr2[24] = TELEPHONE_NUMBER;
        strArr2[25] = MOBILE;
        strArr2[26] = MAIL;
        strArr2[27] = EMPLOYEE_TYPE;
        strArr2[28] = TITLE;
        strArr2[29] = SYSTEM_USER;
        DEFAULT_ATRS = strArr2;
        ROLE_ATR = new String[]{GlobalIds.USER_ROLE_DATA};
        AROLE_ATR = new String[]{GlobalIds.USER_ADMINROLE_DATA};
    }
}
