package com.sun.identity.password.ui.model;

import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMSearchControl;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.Locale;
import com.iplanet.sso.SSOException;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.util.Date;
import java.util.Set;

/* loaded from: input_file:119465-07/SUNWampwd/reloc/SUNWam/password.war:WEB-INF/lib/am_password.jar:com/sun/identity/password/ui/model/PWResetUserValidationModelImpl.class */
public class PWResetUserValidationModelImpl extends PWResetModelImpl implements PWResetUserValidationModel {
    private static final String PW_RESET_USER_VALIDATE_ATTR = "iplanet-am-password-reset-userValidate";
    private static final String PW_RESET_BASE_DN_ATTR = "iplanet-am-password-reset-baseDN";
    private static final String PW_RESET_SEARCH_FILTER_ATTR = "iplanet-am-password-reset-searchFilter";
    private static final String USER_SERVICE_LOGIN_STATUS = "iplanet-am-user-login-status";
    private static final String USER_SERVICE_ACCOUNT_LIFE = "iplanet-am-user-account-life";
    private static final String USER_SERVICE_NS_LOCKOUT = "nsaccountlock";
    public static final String STRING_FALSE = "false";
    private boolean orgDNFlag = false;
    private boolean validOrg = false;
    private String userOrgDN = null;

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getUserAttr(String str) {
        return getAttributeValue(str, PW_RESET_USER_VALIDATE_ATTR);
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public boolean isUserExists(String str, String str2, String str3) {
        String baseDN = getBaseDN(str3);
        AMSearchControl aMSearchControl = new AMSearchControl();
        aMSearchControl.setSearchScope(2);
        boolean z = false;
        try {
            Set searchResults = this.dpStoreConn.getOrganization(baseDN).searchUsers(aMSearchControl, getFilter(str2, str, str3)).getSearchResults();
            if (searchResults == null || searchResults.isEmpty()) {
                this.errorMsg = getLocalizedString("userNotExists.message");
                writeLog("logUserNotExists.message", str);
            } else if (searchResults.size() > 1) {
                this.errorMsg = getLocalizedString("multipleUsersExists.message");
            } else {
                this.userDN = (String) searchResults.iterator().next();
                this.userOrgDN = this.dpStoreConn.getUser(this.userDN).getOrganizationDN();
                z = true;
            }
        } catch (AMException e) {
            PWResetModelImpl.debug.error("PWResetUserValidationModelImpl.isUserExists", e);
            this.errorMsg = getErrorString(e);
        } catch (SSOException e2) {
            PWResetModelImpl.debug.error("PWResetUserValidationModelImpl.isUserExists", e2);
            this.errorMsg = getErrorString(e2);
        }
        return z;
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getUserValidateTitleString() {
        return getLocalizedString("userValidate.title");
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getNextBtnLabel() {
        return getLocalizedString("next.button");
    }

    private String getBaseDN(String str) {
        String orgAttributeValue = getOrgAttributeValue(str, PW_RESET_BASE_DN_ATTR);
        if (orgAttributeValue == null || orgAttributeValue.length() == 0) {
            if (this.orgDNFlag) {
                orgAttributeValue = str;
            } else {
                orgAttributeValue = PWResetModelImpl.getFirstElement(getDefaultAttrValues(getPWResetServiceSchema(), PW_RESET_BASE_DN_ATTR));
                if (orgAttributeValue == null || orgAttributeValue.length() == 0) {
                    orgAttributeValue = getRootSuffix();
                }
            }
        }
        return orgAttributeValue;
    }

    private String getSearchFilter(String str) {
        return getAttributeValue(str, PW_RESET_SEARCH_FILTER_ATTR);
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public void setOrgDNFlag(boolean z) {
        this.orgDNFlag = z;
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public boolean isValidOrg() {
        return this.validOrg;
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getLocalizedStrForAttr(String str) {
        ServiceSchema schema;
        AttributeSchema attributeSchema;
        String str2 = str;
        try {
            ServiceSchemaManager serviceSchemaManager = getServiceSchemaManager("iPlanetAMUserService");
            if (serviceSchemaManager != null && (schema = serviceSchemaManager.getSchema(SchemaType.USER)) != null && (attributeSchema = schema.getAttributeSchema(str)) != null) {
                str2 = getL10NAttributeName(serviceSchemaManager, attributeSchema.getI18NKey());
            }
        } catch (SSOException e) {
            if (PWResetModelImpl.debug.warningEnabled()) {
                PWResetModelImpl.debug.warning(new StringBuffer().append("Could not get localized string for attribute ").append(str).toString(), e);
            }
        } catch (SMSException e2) {
            if (PWResetModelImpl.debug.warningEnabled()) {
                PWResetModelImpl.debug.warning(new StringBuffer().append("Could not get localized string for attribute ").append(str).toString(), e2);
            }
        }
        return str2;
    }

    private String getFilter(String str, String str2, String str3) {
        String searchFilter = getSearchFilter(str3);
        StringBuffer stringBuffer = new StringBuffer(50);
        if (searchFilter == null || searchFilter.length() <= 0) {
            stringBuffer.append("(").append(str).append("=").append(str2).append(")");
        } else {
            if (!searchFilter.startsWith("(") && !searchFilter.endsWith(")")) {
                searchFilter = new StringBuffer().append("(").append(searchFilter).append(")").toString();
            }
            stringBuffer.append("(&(").append(str).append("=").append(str2).append(")").append(searchFilter).append(")");
        }
        return stringBuffer.toString();
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getMissingUserAttrMessage(String str) {
        this.errorMsg = getLocalizedString("missingUserAttr.message");
        return this.errorMsg;
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public boolean isUserActive(String str) {
        boolean z = false;
        try {
            AMUser user = this.dpStoreConn.getUser(this.userDN);
            String userAttributeValue = getUserAttributeValue(user, "inetuserstatus");
            String userAttributeValue2 = getUserAttributeValue(user, "iplanet-am-user-login-status", PWResetModel.ACTIVE);
            String userAttributeValue3 = getUserAttributeValue(user, "nsaccountlock", "false");
            if (!userAttributeValue.equalsIgnoreCase(PWResetModel.ACTIVE) || !userAttributeValue2.equalsIgnoreCase(PWResetModel.ACTIVE) || !userAttributeValue3.equalsIgnoreCase("false")) {
                this.errorMsg = getLocalizedString("userNotActive.message");
                writeLog("accountInactive.message", this.userDN);
            } else if (isAccountExpired(user)) {
                this.errorMsg = getLocalizedString("userAccountExpired.message");
                writeLog("accountExpired.message", this.userDN);
            } else if (isUserLockout(this.userDN, str)) {
                new String[1][0] = this.userDN;
                this.informationMsg = getLocalizedString("lockoutMsg.message");
                writeLog("accountLocked.message", this.userDN);
            } else {
                z = true;
            }
        } catch (AMException e) {
            if (PWResetModelImpl.debug.warningEnabled()) {
                PWResetModelImpl.debug.warning(new StringBuffer().append("PWResetUserValidationModelImpl.isUserActiveCould not determine the user's account status for  ").append(this.userDN).toString(), e);
            }
            this.errorMsg = getErrorString(e);
        } catch (SSOException e2) {
            if (PWResetModelImpl.debug.warningEnabled()) {
                PWResetModelImpl.debug.warning(new StringBuffer().append("PWResetUserValidationModelImpl.isUserActiveCould not determine the user's account status for  ").append(this.userDN).toString(), e2);
            }
            this.errorMsg = getErrorString(e2);
        }
        return z;
    }

    private String getUserAttributeValue(AMUser aMUser, String str, String str2) throws SSOException, AMException {
        String userAttributeValue = getUserAttributeValue(aMUser, str);
        if (userAttributeValue == null || userAttributeValue.length() == 0) {
            userAttributeValue = str2;
        }
        return userAttributeValue;
    }

    private boolean isAccountExpired(AMUser aMUser) throws SSOException, AMException {
        Date parseNormalizedDateString;
        boolean z = false;
        String userAttributeValue = getUserAttributeValue(aMUser, "iplanet-am-user-account-life");
        if (userAttributeValue != null && userAttributeValue.length() > 0 && (parseNormalizedDateString = Locale.parseNormalizedDateString(userAttributeValue)) != null) {
            z = parseNormalizedDateString.before(new Date());
        }
        return z;
    }

    private String getUserAttributeValue(AMUser aMUser, String str) throws SSOException, AMException {
        return PWResetModelImpl.getFirstElement(aMUser.getAttribute(str));
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getOrgDN(String str) throws PWResetException {
        String rootSuffix = getRootSuffix();
        if (str != null && str.length() > 0) {
            try {
                rootSuffix = this.dpStoreConn.getOrganizationDN(str, null);
            } catch (AMException e) {
                if (PWResetModelImpl.debug.warningEnabled()) {
                    PWResetModelImpl.debug.warning(new StringBuffer().append("Could not get org DN for orgName ").append(str).toString(), e);
                }
                this.errorMsg = getErrorString(e);
                throw new PWResetException(this.errorMsg);
            } catch (SSOException e2) {
                if (PWResetModelImpl.debug.warningEnabled()) {
                    PWResetModelImpl.debug.warning(new StringBuffer().append("Could not get org DN for orgName ").append(str).toString(), e2);
                }
                this.errorMsg = getErrorString(e2);
                throw new PWResetException(this.errorMsg);
            }
        }
        setValidOrg(rootSuffix);
        return rootSuffix;
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public void setValidOrg(String str) {
        this.validOrg = true;
        readPWResetProfile(str);
        this.localeContext.setOrgLocale(str);
    }

    @Override // com.sun.identity.password.ui.model.PWResetUserValidationModel
    public String getUserOrganizationDN() {
        return this.userOrgDN;
    }
}
