package com.iplanet.am.console.user.model;

import com.iplanet.am.console.base.model.AMAdminConstants;
import com.iplanet.am.console.base.model.AMAdminUtils;
import com.iplanet.am.console.base.model.AMAttributeDisplayImpl;
import com.iplanet.am.console.base.model.AMConsoleException;
import com.iplanet.am.console.base.model.AMFormatUtils;
import com.iplanet.am.console.base.model.AMModelBase;
import com.iplanet.am.console.base.model.AMProfileModelBase;
import com.iplanet.am.console.base.model.AMServiceDisplayModelImpl;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMRole;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.sso.SSOException;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:119465-07/SUNWamconsdk/reloc/usr/share/lib/identity/console-war/WEB-INF/lib/am_console.jar:com/iplanet/am/console/user/model/UMEditRoleServiceAttrConfigModelImpl.class */
public class UMEditRoleServiceAttrConfigModelImpl extends AMProfileModelBase implements UMEditRoleServiceAttrConfigModel {
    private String roleDN;
    private AMRole role;
    private int roleType;
    private String serviceName;
    private List attributeNames;
    private Map attrNameToOptions;
    private Map attrNameToLocalizedName;

    public UMEditRoleServiceAttrConfigModelImpl(HttpServletRequest httpServletRequest, Map map, String str, String str2) {
        super(httpServletRequest, map);
        this.roleType = 3;
        this.attrNameToLocalizedName = new HashMap();
        this.roleDN = str;
        this.serviceName = str2;
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getRoleName() {
        String str = null;
        if (this.roleDN != null) {
            str = AMFormatUtils.DNToName(this, this.roleDN, isRoleType(this.locationDN));
        }
        return str != null ? str : "";
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getLocalizedServiceName() {
        return getLocalizedServiceName(this.serviceName);
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getAttributeNameLabel() {
        return getLocalizedString("attributeName.label");
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getReadWriteLabel() {
        return getLocalizedString("roleDisplayProfileDisplay.label");
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getReadOnlyLabel() {
        return getLocalizedString("readOnly.label");
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public List getAttributeNames() {
        if (this.attributeNames == null) {
            this.attributeNames = new ArrayList();
            createRoleHandle();
            if (this.role != null) {
                Set set = Collections.EMPTY_SET;
                if (this.serviceName.equals("iPlanetAMUserService")) {
                    set = new HashSet(2);
                    set.add("userpassword");
                }
                setAttributeNames(set);
            }
        }
        return this.attributeNames;
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public String getLocalizedAttributeName(String str) {
        return (String) this.attrNameToLocalizedName.get(str);
    }

    private void setAttributeNames(Set set) {
        try {
            ServiceSchemaManager serviceSchemaManager = getServiceSchemaManager(this.serviceName);
            if (this.roleType != 3) {
                registerAttributeSchemas(serviceSchemaManager, getAttributeSchemas(serviceSchemaManager, SchemaType.ORGANIZATION), set);
            }
            registerAttributeSchemas(serviceSchemaManager, getAttributeSchemas(serviceSchemaManager, SchemaType.DYNAMIC), set);
            registerAttributeSchemas(serviceSchemaManager, getAttributeSchemas(serviceSchemaManager, SchemaType.USER), set);
        } catch (SSOException e) {
            AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeNames", e);
        } catch (SMSException e2) {
            AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeNames", e2);
        }
    }

    private void registerAttributeSchemas(ServiceSchemaManager serviceSchemaManager, Set set, Set set2) {
        String i18NKey;
        HashMap hashMap = new HashMap(set.size() * 2);
        TreeSet treeSet = new TreeSet();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            AttributeSchema attributeSchema = (AttributeSchema) it.next();
            String name = attributeSchema.getName();
            if (!set2.contains(name) && (i18NKey = attributeSchema.getI18NKey()) != null && i18NKey.length() > 0) {
                this.attrNameToLocalizedName.put(name, getL10NAttributeName(serviceSchemaManager, i18NKey));
                hashMap.put(i18NKey, name);
                treeSet.add(i18NKey);
            }
        }
        Iterator it2 = treeSet.iterator();
        while (it2.hasNext()) {
            this.attributeNames.add(hashMap.get(it2.next()));
        }
    }

    private Set getAttributeSchemas(ServiceSchemaManager serviceSchemaManager, SchemaType schemaType) {
        ServiceSchema schema;
        Set set = Collections.EMPTY_SET;
        try {
            Set schemaTypes = serviceSchemaManager.getSchemaTypes();
            if (schemaTypes != null && AMAdminUtils.containsSchemaType(schemaTypes, schemaType) && (schema = serviceSchemaManager.getSchema(schemaType)) != null) {
                Set attributeSchemaNames = schema.getAttributeSchemaNames();
                set = new HashSet(attributeSchemaNames.size() * 2);
                if (attributeSchemaNames != null && !attributeSchemaNames.isEmpty()) {
                    Iterator it = attributeSchemaNames.iterator();
                    while (it.hasNext()) {
                        AttributeSchema attributeSchema = schema.getAttributeSchema((String) it.next());
                        if (attributeSchema != null) {
                            set.add(attributeSchema);
                        }
                    }
                }
            }
        } catch (SMSException e) {
            AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeSchemas", e);
        }
        return set;
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public boolean isAttrDisplay(String str) {
        boolean z = false;
        getDisplayOptions();
        Set set = (Set) this.attrNameToOptions.get(str);
        if (set != null && !set.isEmpty() && !set.contains(AMAdminConstants.READONLY_ATTRIBUTE)) {
            if ((isAdministrator() || isTopLevelAdministrator()) && (set.contains(AMAdminConstants.ADMINISTRATOR_DISPLAY_ATTRIBUTE) || set.contains(AMAdminConstants.DISPLAY_ATTRIBUTE) || set.contains(AMAdminConstants.USER_READ_ONLY_ATTRIBUTE))) {
                z = true;
            } else if (set.contains(AMAdminConstants.DISPLAY_ATTRIBUTE) && !set.contains(AMAdminConstants.USER_READ_ONLY_ATTRIBUTE)) {
                z = true;
            }
        }
        return z;
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public boolean isAttrReadOnly(String str) {
        boolean z = false;
        getDisplayOptions();
        Set set = (Set) this.attrNameToOptions.get(str);
        if (set != null && !set.isEmpty()) {
            z = !isAttrDisplay(str);
        }
        return z;
    }

    private void getDisplayOptions() {
        if (this.attrNameToOptions == null) {
            if (this.role != null) {
                try {
                    AMAttributeDisplayImpl aMAttributeDisplayImpl = new AMAttributeDisplayImpl(this.dpStoreConn, this.ssoToken);
                    HashSet hashSet = new HashSet(2);
                    hashSet.add(this.serviceName);
                    this.attrNameToOptions = (Map) aMAttributeDisplayImpl.getRoleOptions(this, this.role, hashSet).get(this.serviceName);
                } catch (AMException e) {
                    AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeNames", e);
                } catch (SSOException e2) {
                    AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeNames", e2);
                } catch (SMSException e3) {
                    AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.getAttributeNames", e3);
                }
            }
            if (this.attrNameToOptions == null) {
                this.attrNameToOptions = Collections.EMPTY_MAP;
            }
        }
    }

    @Override // com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModel
    public void saveDisplayOptions(Map map) throws AMConsoleException {
        createRoleHandle();
        if (this.role != null) {
            try {
                AMAttributeDisplayImpl aMAttributeDisplayImpl = new AMAttributeDisplayImpl(this.dpStoreConn, this.ssoToken);
                Map roleOptions = aMAttributeDisplayImpl.getRoleOptions(this, this.role, getServiceNames());
                HashMap hashMap = new HashMap(2);
                hashMap.put(this.serviceName, map);
                roleOptions.putAll(hashMap);
                aMAttributeDisplayImpl.setRoleOptions(this.role, roleOptions);
                this.logger.doLog("roleServiceAttrModified.message", this.role.getDN());
            } catch (AMException e) {
                throw new AMConsoleException(getErrorString(e));
            } catch (SSOException e2) {
                throw new AMConsoleException(getErrorString(e2));
            } catch (SMSException e3) {
                throw new AMConsoleException(getErrorString(e3));
            }
        }
    }

    private Set getServiceNames() throws AMException, SSOException, SMSException {
        Set set = Collections.EMPTY_SET;
        if (this.role != null) {
            Set<String> availableServices = getAvailableServices(this.role);
            Set deniedServices = new AMServiceDisplayModelImpl(this.dpStoreConn).getDeniedServices(this.role);
            availableServices.removeAll(deniedServices);
            if (!deniedServices.contains("iPlanetAMUserService")) {
                availableServices.add("iPlanetAMUserService");
            }
            set = new HashSet(availableServices.size());
            for (String str : availableServices) {
                if (hasAttributes(str)) {
                    set.add(str);
                }
            }
        }
        return set;
    }

    private boolean hasAttributes(String str) {
        boolean z = false;
        try {
            ServiceSchemaManager serviceSchemaManager = getServiceSchemaManager(str);
            if (this.roleType != 3) {
                z = hasAttributes(serviceSchemaManager, SchemaType.ORGANIZATION);
            }
            if (!z) {
                z = hasAttributes(serviceSchemaManager, SchemaType.DYNAMIC);
            }
            if (!z) {
                z = hasAttributes(serviceSchemaManager, SchemaType.USER);
            }
        } catch (SSOException e) {
            AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.hasAttributes", e);
        } catch (SMSException e2) {
            AMModelBase.debug.warning("UMEditRoleServiceAttrConfigModelImpl.hasAttributes", e2);
        }
        return z;
    }

    private boolean hasAttributes(ServiceSchemaManager serviceSchemaManager, SchemaType schemaType) {
        ServiceSchema schema;
        Set attributeSchemaNames;
        boolean z = false;
        try {
            Set schemaTypes = serviceSchemaManager.getSchemaTypes();
            if (schemaTypes != null && AMAdminUtils.containsSchemaType(schemaTypes, schemaType) && (schema = serviceSchemaManager.getSchema(schemaType)) != null && (attributeSchemaNames = schema.getAttributeSchemaNames()) != null && !attributeSchemaNames.isEmpty()) {
                Iterator it = attributeSchemaNames.iterator();
                while (it.hasNext() && !z) {
                    AttributeSchema attributeSchema = schema.getAttributeSchema((String) it.next());
                    if (attributeSchema != null) {
                        String i18NKey = attributeSchema.getI18NKey();
                        z = i18NKey != null && i18NKey.length() > 0;
                    }
                }
            }
        } catch (SMSException e) {
            AMModelBase.debug.error("UMEditRoleServiceAttrConfigModelImpl.hasAttributes", e);
        }
        return z;
    }

    private void createRoleHandle() {
        if (this.role == null) {
            try {
                AMStoreConnection adminStoreConnection = getAdminStoreConnection();
                if (adminStoreConnection != null) {
                    this.role = adminStoreConnection.getRole(this.roleDN);
                    this.roleType = this.role.getRoleType();
                }
            } catch (AMException e) {
                AMModelBase.debug.error("UMEditRoleServiceAttrConfigModelImpl.createRoleHandle", e);
            } catch (SSOException e2) {
                AMModelBase.debug.error("UMEditRoleServiceAttrConfigModelImpl.createRoleHandle", e2);
            }
        }
    }

    private AMStoreConnection getAdminStoreConnection() {
        return (AMStoreConnection) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.iplanet.am.console.user.model.UMEditRoleServiceAttrConfigModelImpl.1
            private final UMEditRoleServiceAttrConfigModelImpl this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return AMAdminUtils.getStoreConnAsAdmin();
                } catch (SecurityException e) {
                    AMModelBase.debug.error("UMEditRoleServiceAttrConfigModelImpl.createRoleHandle", e);
                    return null;
                }
            }
        });
    }
}
