package org.apache.directory.fortress.core.impl;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.TreeMap;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.configuration2.tree.DefaultExpressionEngineSymbols;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyResponse;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.DefaultAttribute;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException;
import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
import org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapNoPermissionException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.BindResponse;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CfgException;
import org.apache.directory.fortress.core.CreateException;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.PasswordException;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.UpdateException;
import org.apache.directory.fortress.core.ldap.LdapDataProvider;
import org.apache.directory.fortress.core.model.Address;
import org.apache.directory.fortress.core.model.AdminRole;
import org.apache.directory.fortress.core.model.Configuration;
import org.apache.directory.fortress.core.model.ConstraintUtil;
import org.apache.directory.fortress.core.model.FortEntity;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.OrgUnit;
import org.apache.directory.fortress.core.model.PwMessage;
import org.apache.directory.fortress.core.model.Role;
import org.apache.directory.fortress.core.model.RoleConstraint;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.model.UserAdminRole;
import org.apache.directory.fortress.core.model.UserRole;
import org.apache.directory.fortress.core.model.Warning;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.fortress.core.util.PropUpdater;
import org.apache.directory.fortress.core.util.PropUtil;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/fortress-core-3.0.1.jar:org/apache/directory/fortress/core/impl/UserDAO.class */
public final class UserDAO extends LdapDataProvider implements PropUpdater {
    private static final String USERS_AUX_OBJECT_CLASS_NAME = "ftUserAttrs";
    private static final String USER_OBJECT_CLASS = "user.objectclass";
    private static final String USERS_EXTENSIBLE_OBJECT = "extensibleObject";
    private static final String SYSTEM_USER = "ftSystem";
    private static final String DEPARTMENT_NUMBER = "departmentNumber";
    private static final String ROOM_NUMBER = "roomNumber";
    private static final String MOBILE = "mobile";
    private static final String JPEGPHOTO = "jpegPhoto";
    private static final String EMPLOYEE_TYPE = "employeeType";
    private static final String OPENLDAP_POLICY_SUBENTRY = "pwdPolicySubentry";
    private static final String OPENLDAP_PW_RESET = "pwdReset";
    private static final String OPENLDAP_PW_LOCKED_TIME = "pwdAccountLockedTime";
    private static final String LOCK_VALUE = "000001010000Z";
    private static final String POSIX_ACCOUNT = "posixAccount";
    private static final String HOME_DIRECTORY = "homeDirectory";
    private static final String CLS_NM = UserDAO.class.getName();
    private static final Logger LOG = LoggerFactory.getLogger(CLS_NM);
    private static final String[] USERID = {SchemaConstants.UID_AT};
    private static final String USER_ROLE_ASSIGN = "ftRA";
    private static final String[] ROLES = {USER_ROLE_ASSIGN};
    private static final String[] USERID_ATRS = {SchemaConstants.UID_AT};
    private static String[] authnAtrs = null;
    private static String[] defaultAtrs = null;
    private static final String[] ROLE_ATR = {GlobalIds.USER_ROLE_DATA};
    private static final String[] AROLE_ATR = {GlobalIds.USER_ADMINROLE_DATA};
    private static final String[] USERID_ATR = {SchemaConstants.UID_AT};

    /* JADX INFO: Access modifiers changed from: package-private */
    public UserDAO() {
        initAttrArrays();
    }

    @Override // org.apache.directory.fortress.core.util.PropUpdater
    public String newValue(String str) {
        return Integer.valueOf(new Integer(str).intValue() + 1).toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v38, types: [byte[], byte[][]] */
    public User create(User user) throws CreateException {
        LdapConnection ldapConnection = null;
        boolean z = false;
        try {
            try {
                user.setInternalId();
                String dn = getDn(user.getUserId(), user.getContextId());
                DefaultEntry defaultEntry = new DefaultEntry(dn);
                defaultEntry.add(SchemaConstants.OBJECT_CLASS_AT, getUserObjectClass());
                defaultEntry.add(GlobalIds.FT_IID, user.getInternalId());
                defaultEntry.add(SchemaConstants.UID_AT, user.getUserId());
                if (StringUtils.isEmpty(user.getCn())) {
                    user.setCn(user.getUserId());
                }
                defaultEntry.add(SchemaConstants.CN_AT, user.getCn());
                if (StringUtils.isEmpty(user.getSn())) {
                    user.setSn(user.getUserId());
                }
                defaultEntry.add(SchemaConstants.SN_AT, user.getSn());
                if (StringUtils.isNotEmpty(user.getPassword())) {
                    defaultEntry.add(SchemaConstants.USER_PASSWORD_AT, user.getPassword());
                } else if (!Config.getInstance().getBoolean(GlobalIds.USER_CREATION_PASSWORD_FIELD, false)) {
                    defaultEntry.add(SchemaConstants.USER_PASSWORD_AT, new String());
                }
                String[] strArr = new String[1];
                strArr[0] = StringUtils.isNotEmpty(user.getDisplayName()) ? user.getDisplayName() : user.getCn();
                defaultEntry.add(SchemaConstants.DISPLAY_NAME_AT, strArr);
                if (StringUtils.isNotEmpty(user.getTitle())) {
                    defaultEntry.add("title", user.getTitle());
                }
                if (StringUtils.isNotEmpty(user.getEmployeeType())) {
                    defaultEntry.add("employeeType", user.getEmployeeType());
                }
                loadAttrs(user.getPhones(), defaultEntry, SchemaConstants.TELEPHONE_NUMBER_AT);
                loadAttrs(user.getMobiles(), defaultEntry, "mobile");
                loadAttrs(user.getEmails(), defaultEntry, SchemaConstants.MAIL_AT);
                if (user.isSystem() != null) {
                    defaultEntry.add(SYSTEM_USER, user.isSystem().toString().toUpperCase());
                }
                if ((Config.getInstance().isOpenldap() || Config.getInstance().isApacheds()) && StringUtils.isNotEmpty(user.getPwPolicy())) {
                    defaultEntry.add("pwdPolicySubentry", PolicyDAO.getPolicyDn(user));
                    z = true;
                }
                if (StringUtils.isNotEmpty(user.getOu())) {
                    defaultEntry.add(SchemaConstants.OU_AT, user.getOu());
                }
                if (StringUtils.isNotEmpty(user.getDescription())) {
                    defaultEntry.add("description", user.getDescription());
                }
                user.addProperty("init", "");
                loadProperties(user.getProperties(), defaultEntry, GlobalIds.PROPS);
                user.setName(user.getUserId());
                defaultEntry.add(GlobalIds.CONSTRAINT, ConstraintUtil.setConstraint(user));
                loadAddress(user.getAddress(), defaultEntry);
                if (ArrayUtils.isNotEmpty(user.getJpegPhoto())) {
                    defaultEntry.add("jpegPhoto", (byte[][]) new byte[]{user.getJpegPhoto()});
                }
                if (RoleDAO.IS_RFC2307) {
                    loadPosixIds(user);
                    defaultEntry.add("uidNumber", user.getUidNumber());
                    defaultEntry.add("gidNumber", user.getGidNumber());
                    if (StringUtils.isEmpty(user.getHomeDirectory())) {
                        user.setHomeDirectory("/home/" + user.getUserId());
                    }
                    defaultEntry.add("homeDirectory", user.getHomeDirectory());
                }
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, user, z);
                user.setDn(dn);
                closeAdminConnection(ldapConnection);
                return user;
            } catch (LdapEntryAlreadyExistsException e) {
                throw new CreateException(GlobalErrIds.USER_ADD_FAILED_ALREADY_EXISTS, "create userId [" + user.getUserId() + "] failed, already exists in directory", e);
            } catch (LdapException e2) {
                throw new CreateException(GlobalErrIds.USER_ADD_FAILED, "create userId [" + user.getUserId() + "] caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Type inference failed for: r5v10, types: [byte[], byte[][]] */
    public User update(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        boolean z = false;
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (StringUtils.isNotEmpty(user.getCn())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.CN_AT, user.getCn()));
                }
                if (StringUtils.isNotEmpty(user.getSn())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.SN_AT, user.getSn()));
                }
                if (StringUtils.isNotEmpty(user.getOu())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.OU_AT, user.getOu()));
                }
                if (StringUtils.isNotEmpty(user.getPassword())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.USER_PASSWORD_AT, user.getPassword()));
                }
                if (StringUtils.isNotEmpty(user.getDescription())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "description", user.getDescription()));
                }
                if (StringUtils.isNotEmpty(user.getEmployeeType())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "employeeType", user.getEmployeeType()));
                }
                if (StringUtils.isNotEmpty(user.getDisplayName())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.DISPLAY_NAME_AT, user.getDisplayName()));
                }
                if (StringUtils.isNotEmpty(user.getTitle())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "title", user.getTitle()));
                }
                if ((Config.getInstance().isOpenldap() || Config.getInstance().isApacheds()) && StringUtils.isNotEmpty(user.getPwPolicy())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdPolicySubentry", PolicyDAO.getPolicyDn(user)));
                    z = true;
                }
                if (user.isSystem() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SYSTEM_USER, user.isSystem().toString().toUpperCase()));
                }
                if (user.isTemporalSet()) {
                    user.setName(user.getUserId());
                    String constraint = ConstraintUtil.setConstraint(user);
                    if (StringUtils.isNotEmpty(constraint)) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, GlobalIds.CONSTRAINT, constraint));
                    }
                }
                if (PropUtil.isNotEmpty(user.getProperties())) {
                    loadProperties(user.getProperties(), (List<Modification>) arrayList, GlobalIds.PROPS, true);
                }
                loadAddress(user.getAddress(), arrayList);
                loadAttrs(user.getPhones(), arrayList, SchemaConstants.TELEPHONE_NUMBER_AT);
                loadAttrs(user.getMobiles(), arrayList, "mobile");
                loadAttrs(user.getEmails(), arrayList, SchemaConstants.MAIL_AT);
                if (ArrayUtils.isNotEmpty(user.getJpegPhoto())) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "jpegPhoto", (byte[][]) new byte[]{user.getJpegPhoto()}));
                }
                if (RoleDAO.IS_RFC2307) {
                    if (StringUtils.isNotEmpty(user.getUidNumber())) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "uidNumber", user.getUidNumber()));
                    }
                    if (StringUtils.isNotEmpty(user.getGidNumber())) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "gidNumber", user.getGidNumber()));
                    }
                    if (StringUtils.isNotEmpty(user.getHomeDirectory())) {
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "homeDirectory", user.getHomeDirectory()));
                    }
                }
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, user, z);
                    user.setDn(dn);
                }
                user.setDn(dn);
                closeAdminConnection(ldapConnection);
                return user;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.USER_UPDATE_FAILED, "update userId [" + user.getUserId() + "] caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    User updateProps(User user, boolean z) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (PropUtil.isNotEmpty(user.getProperties())) {
                    loadProperties(user.getProperties(), arrayList, GlobalIds.PROPS, z);
                }
                if (arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, user);
                    user.setDn(dn);
                }
                user.setDn(dn);
                closeAdminConnection(ldapConnection);
                return user;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.USER_UPDATE_FAILED, "updateProps userId [" + user.getUserId() + "] isReplace [" + z + "] caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String remove(User user) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ldapConnection = getAdminConnection();
                delete(ldapConnection, dn, user);
                closeAdminConnection(ldapConnection);
                return dn;
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.USER_DELETE_FAILED, "remove userId [" + user.getUserId() + "] caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void lock(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdAccountLockedTime", LOCK_VALUE));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, (List<Modification>) arrayList, (FortEntity) user, true);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_LOCK_FAILED, "lock user [" + user.getUserId() + "] caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void unlock(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, "pwdAccountLockedTime"));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, (List<Modification>) arrayList, (FortEntity) user, true);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchAttributeException e) {
                LOG.info("unlock user [" + user.getUserId() + "] no such attribute:pwdAccountLockedTime");
                closeAdminConnection(ldapConnection);
            } catch (LdapException e2) {
                throw new UpdateException(1024, "unlock user [" + user.getUserId() + "] caught LDAPException= " + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public User getUser(User user, boolean z) throws FinderException {
        User user2 = null;
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        String[] strArr = z ? defaultAtrs : authnAtrs;
        try {
            try {
                ldapConnection = getAdminConnection();
                Entry read = read(ldapConnection, dn, strArr);
                closeAdminConnection(ldapConnection);
                if (read != null) {
                    try {
                        user2 = unloadLdapEntry(read, 0L, user.getContextId());
                    } catch (LdapInvalidAttributeValueException e) {
                        user2 = null;
                    }
                }
                if (user2 == null) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getUser userId [" + user.getUserId() + "] not found, Fortress rc=1005");
                }
                return user2;
            } catch (LdapNoSuchObjectException e2) {
                throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getUser COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
            } catch (LdapException e3) {
                throw new FinderException(1001, "getUser [" + dn + "]= caught LDAPException=" + e3, e3);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    List<UserAdminRole> getUserAdminRoles(User user) throws FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                try {
                    ldapConnection = getAdminConnection();
                    List<UserAdminRole> unloadUserAdminRoles = unloadUserAdminRoles(read(ldapConnection, dn, AROLE_ATR), user.getUserId(), user.getContextId());
                    closeAdminConnection(ldapConnection);
                    return unloadUserAdminRoles;
                } catch (LdapNoSuchObjectException e) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getUserAdminRoles COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
                }
            } catch (LdapException e2) {
                throw new FinderException(1001, "getUserAdminRoles [" + dn + "]= caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> getRoles(User user) throws FinderException {
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                LdapConnection adminConnection = getAdminConnection();
                Entry read = read(adminConnection, dn, ROLES);
                if (read == null) {
                    throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getRoles userId [" + user.getUserId() + "] not found, Fortress rc=1005");
                }
                List<String> attributes = getAttributes(read, USER_ROLE_ASSIGN);
                closeAdminConnection(adminConnection);
                return attributes;
            } catch (LdapNoSuchObjectException e) {
                throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getRoles COULD NOT FIND ENTRY for user [" + user.getUserId() + "]");
            } catch (LdapException e2) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getRoles [" + dn + "]= caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Session checkPassword(User user) throws FinderException, PasswordException {
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                Session createSession = new ObjectFactory().createSession();
                createSession.setAuthenticated(false);
                createSession.setUserId(user.getUserId());
                LdapConnection userConnection = getUserConnection();
                BindResponse bind = bind(userConnection, dn, user.getPassword());
                if (bind.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
                    createSession.setMsg("PASSWORD INVALID for userId [" + user.getUserId() + "], resultCode [" + bind.getLdapResult().getResultCode() + "]");
                    createSession.setErrorId(GlobalErrIds.USER_PW_INVLD);
                }
                checkPwPolicies(createSession, bind);
                if (createSession.getErrorId() != 0) {
                    throw new PasswordException(createSession.getErrorId(), createSession.getMsg());
                }
                createSession.setAuthenticated(true);
                closeUserConnection(userConnection);
                return createSession;
            } catch (LdapAuthenticationException e) {
                throw new PasswordException(GlobalErrIds.USER_PW_INVLD, "checkPassword INVALID PASSWORD for userId [" + user.getUserId() + "] exception [" + e + "]");
            } catch (LdapException e2) {
                throw new FinderException(1001, "checkPassword userId [" + user.getUserId() + "] caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeUserConnection(null);
            throw th;
        }
    }

    private void checkPwPolicies(PwMessage pwMessage, BindResponse bindResponse) {
        int i = 0;
        boolean z = false;
        String str = "checkPwPolicies for userId [" + pwMessage.getUserId() + "] ";
        PasswordPolicyResponse pwdRespCtrl = getPwdRespCtrl(bindResponse);
        if (pwdRespCtrl != null) {
            String str2 = null;
            if (pwdRespCtrl.getTimeBeforeExpiration() > 0) {
                pwMessage.setExpirationSeconds(pwdRespCtrl.getTimeBeforeExpiration());
                pwMessage.setWarning(new ObjectFactory().createWarning(11, "PASSWORD WILL EXPIRE", Warning.Type.PASSWORD));
            }
            if (pwdRespCtrl.getGraceAuthNRemaining() > 0) {
                pwMessage.setGraceLogins(pwdRespCtrl.getGraceAuthNRemaining());
                pwMessage.setWarning(new ObjectFactory().createWarning(12, "PASSWORD IN GRACE", Warning.Type.PASSWORD));
            }
            if (pwdRespCtrl.getPasswordPolicyError() != null) {
                switch (pwdRespCtrl.getPasswordPolicyError()) {
                    case CHANGE_AFTER_RESET:
                        if (!Config.getInstance().isRealm()) {
                            str2 = str + "PASSWORD HAS BEEN RESET BY LDAP_ADMIN_POOL_UID";
                            i = 1015;
                            break;
                        } else {
                            str2 = str + "PASSWORD HAS BEEN RESET BY LDAP_ADMIN_POOL_UID BUT ALLOWING TO CONTINUE DUE TO REALM";
                            z = true;
                            pwMessage.setWarning(new ObjectFactory().createWarning(GlobalErrIds.USER_PW_RESET, str2, Warning.Type.PASSWORD));
                            break;
                        }
                    case ACCOUNT_LOCKED:
                        str2 = str + "ACCOUNT HAS BEEN LOCKED";
                        i = 1016;
                        break;
                    case PASSWORD_EXPIRED:
                        str2 = str + "PASSWORD HAS EXPIRED";
                        i = 1017;
                        break;
                    case PASSWORD_MOD_NOT_ALLOWED:
                        str2 = str + "PASSWORD MOD NOT ALLOWED";
                        i = 1018;
                        break;
                    case MUST_SUPPLY_OLD_PASSWORD:
                        str2 = str + "MUST SUPPLY OLD PASSWORD";
                        i = 1019;
                        break;
                    case INSUFFICIENT_PASSWORD_QUALITY:
                        str2 = str + "PASSWORD QUALITY VIOLATION";
                        i = 1020;
                        break;
                    case PASSWORD_TOO_SHORT:
                        str2 = str + "PASSWORD TOO SHORT";
                        i = 1021;
                        break;
                    case PASSWORD_TOO_YOUNG:
                        str2 = str + "PASSWORD TOO YOUNG";
                        i = 1022;
                        break;
                    case PASSWORD_IN_HISTORY:
                        str2 = str + "PASSWORD IN HISTORY VIOLATION";
                        i = 1023;
                        break;
                    default:
                        str2 = str + "PASSWORD CHECK FAILED";
                        i = 1014;
                        break;
                }
            }
            if (i != 0) {
                pwMessage.setMsg(str2);
                pwMessage.setErrorId(i);
                pwMessage.setAuthenticated(z);
                LOG.debug(str2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<User> findUsers(User user) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(user.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                StringBuilder sb = new StringBuilder();
                if (StringUtils.isNotEmpty(user.getUserId())) {
                    String encodeSafeText = encodeSafeText(user.getUserId(), 40);
                    sb.append(GlobalIds.FILTER_PREFIX);
                    sb.append(Config.getInstance().getProperty(USER_OBJECT_CLASS));
                    sb.append(")(");
                    sb.append(SchemaConstants.UID_AT);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append("*))");
                } else if (StringUtils.isNotEmpty(user.getInternalId())) {
                    String encodeSafeText2 = encodeSafeText(user.getInternalId(), 40);
                    sb.append(GlobalIds.FILTER_PREFIX);
                    sb.append(Config.getInstance().getProperty(USER_OBJECT_CLASS));
                    sb.append(")(");
                    sb.append(GlobalIds.FT_IID);
                    sb.append("=");
                    sb.append(encodeSafeText2);
                    sb.append("))");
                } else {
                    sb.append("(objectclass=");
                    sb.append(Config.getInstance().getProperty(USER_OBJECT_CLASS));
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                }
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, sb.toString(), defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000)));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, user.getContextId()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(1000, "findUsers userRoot [" + rootDn + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(1000, "findUsers userRoot [" + rootDn + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(1000, "findUsers userRoot [" + rootDn + "] caught LDAPException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> findUsers(User user, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(user.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(user.getUserId(), 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + Config.getInstance().getProperty(USER_OBJECT_CLASS) + ")(" + SchemaConstants.UID_AT + "=" + encodeSafeText + "*))", USERID, false, i);
                    while (search.next()) {
                        try {
                            arrayList.add(getAttribute(search.getEntry(), SchemaConstants.UID_AT));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(1000, "findUsers caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(1000, "findUsers caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(1000, "findUsers caught LdapException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<User> getAuthorizedUsers(Role role) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(USERS_AUX_OBJECT_CLASS_NAME);
                sb.append(")(");
                Set<String> descendants = RoleUtil.getInstance().getDescendants(role.getName(), role.getContextId());
                if (CollectionUtils.isNotEmpty(descendants)) {
                    sb.append("|(");
                    sb.append(USER_ROLE_ASSIGN);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                    for (String str : descendants) {
                        sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_START);
                        sb.append(USER_ROLE_ASSIGN);
                        sb.append("=");
                        sb.append(str);
                        sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                    }
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                } else {
                    sb.append(USER_ROLE_ASSIGN);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                }
                sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, sb.toString(), defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, role.getContextId()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<User> getAssignedUsers(Role role, RoleConstraint roleConstraint) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(USERS_AUX_OBJECT_CLASS_NAME);
                sb.append(")(");
                sb.append(USER_ROLE_ASSIGN);
                sb.append("=");
                sb.append(encodeSafeText);
                sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                if (roleConstraint != null) {
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_START);
                    sb.append(GlobalIds.USER_ROLE_DATA);
                    sb.append("=");
                    sb.append(roleConstraint.getRawData(new UserRole(role.getName())));
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                }
                sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, sb.toString(), defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, role.getContextId()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (Throwable th3) {
                closeAdminConnection(null);
                throw th3;
            }
        } catch (LdapException e3) {
            throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<UserRole> getUserRoles(Role role, RoleConstraint.RCType rCType, String str) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + USERS_AUX_OBJECT_CLASS_NAME + ")(" + USER_ROLE_ASSIGN + "=" + encodeSafeText + DefaultExpressionEngineSymbols.DEFAULT_INDEX_END + DefaultExpressionEngineSymbols.DEFAULT_INDEX_START + GlobalIds.USER_ROLE_DATA + "=" + getFilterForRoleConstraint(role.getName(), rCType, str) + DefaultExpressionEngineSymbols.DEFAULT_INDEX_END + DefaultExpressionEngineSymbols.DEFAULT_INDEX_END, defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    while (search.next()) {
                        try {
                            arrayList.addAll(unloadUserRoles(search.getEntry(), getAttribute(search.getEntry(), SchemaConstants.UID_AT), role.getContextId(), role.getName()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (Throwable th3) {
                closeAdminConnection(null);
                throw th3;
            }
        } catch (LdapException e3) {
            throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers role name [" + role.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
        }
    }

    private String getFilterForRoleConstraint(String str, RoleConstraint.RCType rCType, String str2) {
        StringBuilder sb = new StringBuilder();
        String delimiter = Config.getInstance().getDelimiter();
        sb.append(str);
        sb.append(delimiter);
        sb.append("type");
        sb.append(delimiter);
        sb.append(rCType);
        sb.append(delimiter);
        sb.append(str2);
        sb.append(delimiter);
        sb.append("*");
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> getAssignedUserIds(Role role) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + USERS_AUX_OBJECT_CLASS_NAME + ")(" + USER_ROLE_ASSIGN + "=" + encodeSafeText + "))", USERID_ATR, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    while (search.next()) {
                        try {
                            arrayList.add(unloadUser(search.getEntry()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUserIds role name [" + role.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUserIds role name [" + role.getName() + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUserIds role name [" + role.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<String> getAssignedUsers(Set<String> set, String str) throws FinderException {
        HashSet hashSet = new HashSet();
        String rootDn = getRootDn(str, GlobalIds.USER_ROOT);
        try {
            try {
                StringBuilder sb = new StringBuilder();
                sb.append(GlobalIds.FILTER_PREFIX);
                sb.append(USERS_AUX_OBJECT_CLASS_NAME);
                sb.append(")(|");
                if (!CollectionUtils.isNotEmpty(set)) {
                    return null;
                }
                Iterator<String> it = set.iterator();
                while (it.hasNext()) {
                    String encodeSafeText = encodeSafeText(it.next(), 40);
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_START);
                    sb.append(USER_ROLE_ASSIGN);
                    sb.append("=");
                    sb.append(encodeSafeText);
                    sb.append(DefaultExpressionEngineSymbols.DEFAULT_INDEX_END);
                }
                sb.append("))");
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, sb.toString(), USERID_ATRS, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    while (search.next()) {
                        try {
                            hashSet.add(getAttribute(search.getEntry(), SchemaConstants.UID_AT));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return hashSet;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAssignedUsers caught LDAPException=" + e3, e3);
            }
        } finally {
            closeAdminConnection(null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<User> getAssignedUsers(AdminRole adminRole) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(adminRole.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(adminRole.getName(), 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + USERS_AUX_OBJECT_CLASS_NAME + ")(" + GlobalIds.USER_ADMINROLE_ASSIGN + "=" + encodeSafeText + "))", defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, adminRole.getContextId()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.ARLE_USER_SEARCH_FAILED, "getAssignedUsers admin role name [" + adminRole.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.ARLE_USER_SEARCH_FAILED, "getAssignedUsers admin role name [" + adminRole.getName() + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.ARLE_USER_SEARCH_FAILED, "getAssignedUsers admin role name [" + adminRole.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<String> getAuthorizedUsers(Role role, int i) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(role.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(role.getName(), 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + USERS_AUX_OBJECT_CLASS_NAME + ")(" + USER_ROLE_ASSIGN + "=" + encodeSafeText + "))", USERID, false, i);
                    while (search.next()) {
                        try {
                            arrayList.add(getAttribute(search.getEntry(), SchemaConstants.UID_AT));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.URLE_SEARCH_FAILED, "getAuthorizedUsers role name [" + role.getName() + "] caught LDAPException=" + e3.getMessage(), e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    List<String> findUsersList(String str, String str2) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(str2, GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(str, 40);
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + Config.getInstance().getProperty(USER_OBJECT_CLASS) + ")(" + SchemaConstants.UID_AT + "=" + encodeSafeText + "*))", defaultAtrs, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, str2).getUserId());
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(1000, "findUsersList caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(1000, "findUsersList caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(1000, "findUsersList caught LDAPException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<User> findUsers(OrgUnit orgUnit, boolean z) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String rootDn = getRootDn(orgUnit.getContextId(), GlobalIds.USER_ROOT);
        try {
            try {
                String encodeSafeText = encodeSafeText(orgUnit.getName(), 40);
                int i = z ? 10 : 0;
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, rootDn, SearchScope.ONELEVEL, GlobalIds.FILTER_PREFIX + Config.getInstance().getProperty(USER_OBJECT_CLASS) + ")(" + SchemaConstants.OU_AT + "=" + encodeSafeText + "))", defaultAtrs, false, i);
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3, orgUnit.getContextId()));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(1000, "findUsers caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(1000, "findUsers caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(1000, "findUsers caught LDAPException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean changePassword(User user, String str) throws SecurityException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                try {
                    ldapConnection = getUserConnection();
                    bind(ldapConnection, dn, user.getPassword());
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.USER_PASSWORD_AT, str));
                    modify(ldapConnection, dn, arrayList);
                    if (user.getAdminSession() != null && Config.getInstance().isOpenldap() && Config.getInstance().isAuditEnabled()) {
                        modify(ldapConnection, dn, new ArrayList(), user);
                    }
                    closeUserConnection(ldapConnection);
                    if (Config.getInstance().isApacheds()) {
                        deleteResetFlag(user);
                    }
                    return true;
                } catch (LdapException e) {
                    throw new UpdateException(GlobalErrIds.USER_PW_CHANGE_FAILED, (User.class.getName() + ".changePassword user [" + user.getUserId() + "] ") + " caught LDAPException rc=" + e, e);
                }
            } catch (LdapInvalidAttributeValueException e2) {
                throw new PasswordException(GlobalErrIds.PSWD_CONST_VIOLATION, (User.class.getName() + ".changePassword user [" + user.getUserId() + "] ") + " constraint violation, ldap rc=" + e2 + " Fortress rc=4024");
            } catch (LdapNoPermissionException e3) {
                throw new UpdateException(GlobalErrIds.USER_PW_MOD_NOT_ALLOWED, (User.class.getName() + ".changePassword user [" + user.getUserId() + "] ") + " user not authorized to change password, ldap rc=" + e3 + " Fortress rc=1018");
            }
        } catch (Throwable th) {
            closeUserConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void resetUserPassword(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.USER_PASSWORD_AT, user.getPassword()));
                arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdReset", "TRUE"));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, user);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_RESET_FAILED, "resetUserPassword userId [" + user.getUserId() + "] caught LDAPException=" + e.getMessage(), e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private void deleteResetFlag(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, "pwdReset"));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, user);
                closeAdminConnection(ldapConnection);
            } catch (LdapNoSuchAttributeException e) {
                LOG.info("deleteResetFlag user [" + user.getUserId() + "] no such attribute:pwdReset");
                closeAdminConnection(ldapConnection);
            } catch (LdapException e2) {
                throw new UpdateException(GlobalErrIds.USER_PW_RESET_FAILED, "deleteResetFlag userId [" + user.getUserId() + "] caught LDAPException=" + e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String assign(UserRole userRole) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                try {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, userRole.getRawData()));
                    arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, USER_ROLE_ASSIGN, userRole.getName()));
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, userRole);
                    closeAdminConnection(ldapConnection);
                    return dn;
                } catch (LdapException e) {
                    throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, ("assign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] ") + "caught LDAPException=" + e, e);
                }
            } catch (LdapAttributeInUseException e2) {
                throw new FinderException(GlobalErrIds.URLE_ASSIGN_EXIST, ("assign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] ") + "assignment already exists.");
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void assign(UserRole userRole, RoleConstraint roleConstraint) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String str = "";
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                roleConstraint.genId();
                ArrayList arrayList = new ArrayList();
                str = roleConstraint.getRawData(userRole);
                arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, str));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, userRole);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, ("assign userId [" + userRole.getUserId() + "] role constraint [" + str + "] ") + "caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void deassign(UserRole userRole, RoleConstraint roleConstraint) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String str = "";
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                str = roleConstraint.getRawData(userRole);
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, str));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, arrayList, userRole);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, ("deassign userId [" + userRole.getUserId() + "] role constraint [" + str + "] dn [" + dn + "] ") + "caught LDAPException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String deassign(UserRole userRole) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(userRole.getUserId(), userRole.getContextId());
        try {
            try {
                List<UserRole> userRoles = getUserRoles(userRole.getUserId(), userRole.getContextId());
                int i = -1;
                if (userRoles != null) {
                    i = userRoles.indexOf(userRole);
                    if (i > -1) {
                        UserRole userRole2 = userRoles.get(i);
                        userRole2.setContextId(userRole.getContextId());
                        ArrayList arrayList = new ArrayList();
                        Iterator<RoleConstraint> it = userRole2.getRoleConstraints().iterator();
                        while (it.hasNext()) {
                            deassign(userRole2, it.next());
                        }
                        arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, userRole2.getRawData()));
                        arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, USER_ROLE_ASSIGN, userRole2.getName()));
                        ldapConnection = getAdminConnection();
                        modify(ldapConnection, dn, arrayList, userRole);
                    }
                }
                if (i == -1) {
                    throw new FinderException(GlobalErrIds.URLE_ASSIGN_NOT_EXIST, "deassign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] assignment does not exist.");
                }
                return dn;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.URLE_DEASSIGN_FAILED, "deassign userId [" + userRole.getUserId() + "] name [" + userRole.getName() + "] caught LDAPException=" + e, e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String assign(UserAdminRole userAdminRole) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(userAdminRole.getUserId(), userAdminRole.getContextId());
        try {
            try {
                try {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_DATA, userAdminRole.getRawData()));
                    arrayList.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole.getName()));
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, userAdminRole);
                    closeAdminConnection(ldapConnection);
                    return dn;
                } catch (LdapAttributeInUseException e) {
                    throw new FinderException(GlobalErrIds.ARLE_ASSIGN_EXIST, "assign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] assignment already exists.");
                }
            } catch (LdapException e2) {
                throw new UpdateException(GlobalErrIds.ARLE_ASSIGN_FAILED, "assign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String deassign(UserAdminRole userAdminRole) throws UpdateException, FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(userAdminRole.getUserId(), userAdminRole.getContextId());
        try {
            try {
                User user = new User(userAdminRole.getUserId());
                user.setContextId(userAdminRole.getContextId());
                List<UserAdminRole> userAdminRoles = getUserAdminRoles(user);
                int i = -1;
                if (userAdminRoles != null) {
                    i = userAdminRoles.indexOf(userAdminRole);
                    if (i > -1) {
                        UserAdminRole userAdminRole2 = userAdminRoles.get(i);
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ADMINROLE_DATA, userAdminRole2.getRawData()));
                        arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ADMINROLE_ASSIGN, userAdminRole2.getName()));
                        ldapConnection = getAdminConnection();
                        modify(ldapConnection, dn, arrayList, userAdminRole);
                    }
                }
                if (i == -1) {
                    throw new FinderException(GlobalErrIds.ARLE_DEASSIGN_NOT_EXIST, "deassign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] assignment does not exist.");
                }
                return dn;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.ARLE_DEASSIGN_FAILED, "deassign userId [" + userAdminRole.getUserId() + "] name [" + userAdminRole.getName() + "] caught LDAPException=" + e, e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String deletePwPolicy(User user) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(user.getUserId(), user.getContextId());
        try {
            try {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, "pwdPolicySubentry"));
                ldapConnection = getAdminConnection();
                modify(ldapConnection, dn, (List<Modification>) arrayList, (FortEntity) user, true);
                closeAdminConnection(ldapConnection);
                return dn;
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.USER_PW_PLCY_DEL_FAILED, "deletePwPolicy userId [" + user.getUserId() + "] caught LDAPException=" + e + " msg=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private String unloadUser(Entry entry) throws LdapInvalidAttributeValueException {
        return getAttribute(entry, SchemaConstants.UID_AT);
    }

    private User unloadLdapEntry(Entry entry, long j, String str) throws LdapInvalidAttributeValueException {
        User createUser = new ObjectFactory().createUser();
        createUser.setSequenceId(j);
        createUser.setInternalId(getAttribute(entry, GlobalIds.FT_IID));
        createUser.setDescription(getAttribute(entry, "description"));
        createUser.setUserId(getAttribute(entry, SchemaConstants.UID_AT));
        createUser.setCn(getAttribute(entry, SchemaConstants.CN_AT));
        createUser.setName(createUser.getCn());
        createUser.setSn(getAttribute(entry, SchemaConstants.SN_AT));
        createUser.setOu(getAttribute(entry, SchemaConstants.OU_AT));
        createUser.setDn(entry.getDn().getName());
        createUser.setDisplayName(getAttribute(entry, SchemaConstants.DISPLAY_NAME_AT));
        createUser.setTitle(getAttribute(entry, "title"));
        createUser.setEmployeeType(getAttribute(entry, "employeeType"));
        unloadTemporal(entry, createUser);
        createUser.setRoles(unloadUserRoles(entry, createUser.getUserId(), str, null));
        createUser.setAdminRoles(unloadUserAdminRoles(entry, createUser.getUserId(), str));
        createUser.setAddress(unloadAddress(entry));
        createUser.setPhones(getAttributes(entry, SchemaConstants.TELEPHONE_NUMBER_AT));
        createUser.setMobiles(getAttributes(entry, "mobile"));
        createUser.setEmails(getAttributes(entry, SchemaConstants.MAIL_AT));
        String attribute = getAttribute(entry, SYSTEM_USER);
        if (attribute != null) {
            createUser.setSystem(Boolean.valueOf(attribute));
        }
        createUser.addProperties(PropUtil.getProperties(getAttributes(entry, GlobalIds.PROPS)));
        if (Config.getInstance().isOpenldap() || Config.getInstance().isApacheds()) {
            String attribute2 = getAttribute(entry, "pwdReset");
            if (attribute2 != null && attribute2.equalsIgnoreCase("true")) {
                createUser.setReset(true);
            }
            String attribute3 = getAttribute(entry, "pwdPolicySubentry");
            if (StringUtils.isNotEmpty(attribute3)) {
                createUser.setPwPolicy(getRdn(attribute3));
            }
            String attribute4 = getAttribute(entry, "pwdAccountLockedTime");
            if (attribute4 != null && attribute4.equals(LOCK_VALUE)) {
                createUser.setLocked(true);
            }
        }
        createUser.setJpegPhoto(getPhoto(entry, "jpegPhoto"));
        if (RoleDAO.IS_RFC2307) {
            createUser.setUidNumber(getAttribute(entry, "uidNumber"));
            createUser.setGidNumber(getAttribute(entry, "gidNumber"));
            createUser.setHomeDirectory(getAttribute(entry, "homeDirectory"));
        }
        return createUser;
    }

    private List<UserRole> getUserRoles(String str, String str2) throws FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(str, str2);
        try {
            try {
                ldapConnection = getAdminConnection();
                List<UserRole> unloadUserRoles = unloadUserRoles(read(ldapConnection, dn, ROLE_ATR), str, str2, null);
                closeAdminConnection(ldapConnection);
                return unloadUserRoles;
            } catch (LdapNoSuchObjectException e) {
                throw new FinderException(GlobalErrIds.USER_NOT_FOUND, "getUserRoles COULD NOT FIND ENTRY for user [" + str + "]");
            } catch (LdapException e2) {
                throw new FinderException(1001, "getUserRoles [" + dn + "]= caught LDAPException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private void loadUserAdminRoles(List<UserAdminRole> list, Entry entry) throws LdapException {
        if (list != null) {
            DefaultAttribute defaultAttribute = new DefaultAttribute(GlobalIds.USER_ADMINROLE_DATA);
            DefaultAttribute defaultAttribute2 = new DefaultAttribute(GlobalIds.USER_ADMINROLE_ASSIGN);
            for (UserAdminRole userAdminRole : list) {
                defaultAttribute.add(userAdminRole.getRawData());
                defaultAttribute2.add(userAdminRole.getName());
            }
            if (defaultAttribute.size() != 0) {
                entry.add(defaultAttribute);
                entry.add(defaultAttribute2);
            }
        }
    }

    private void loadUserRoles(List<UserRole> list, List<Modification> list2) throws LdapInvalidAttributeValueException {
        DefaultAttribute defaultAttribute = new DefaultAttribute(GlobalIds.USER_ROLE_DATA);
        DefaultAttribute defaultAttribute2 = new DefaultAttribute(USER_ROLE_ASSIGN);
        if (list != null) {
            for (UserRole userRole : list) {
                defaultAttribute.add(userRole.getRawData());
                defaultAttribute2.add(userRole.getName());
            }
            if (defaultAttribute.size() != 0) {
                list2.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, defaultAttribute));
                list2.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, defaultAttribute2));
            }
        }
    }

    private void loadUserAdminRoles(List<UserAdminRole> list, List<Modification> list2) throws LdapInvalidAttributeValueException {
        DefaultAttribute defaultAttribute = new DefaultAttribute(GlobalIds.USER_ADMINROLE_DATA);
        DefaultAttribute defaultAttribute2 = new DefaultAttribute(GlobalIds.USER_ADMINROLE_ASSIGN);
        if (list != null) {
            boolean z = false;
            for (UserAdminRole userAdminRole : list) {
                defaultAttribute.add(userAdminRole.getRawData());
                if (!z) {
                    defaultAttribute2.add(userAdminRole.getName());
                    z = true;
                }
            }
            if (defaultAttribute.size() != 0) {
                list2.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, defaultAttribute));
                list2.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, defaultAttribute2));
            }
        }
    }

    private void loadUserRoles(List<UserRole> list, Entry entry) throws LdapException {
        if (list != null) {
            DefaultAttribute defaultAttribute = new DefaultAttribute(GlobalIds.USER_ROLE_DATA);
            DefaultAttribute defaultAttribute2 = new DefaultAttribute(USER_ROLE_ASSIGN);
            for (UserRole userRole : list) {
                defaultAttribute.add(userRole.getRawData());
                defaultAttribute2.add(userRole.getName());
            }
            if (defaultAttribute.size() != 0) {
                entry.add(defaultAttribute, defaultAttribute2);
            }
        }
    }

    private void loadAddress(Address address, Entry entry) throws LdapException {
        if (address != null) {
            if (CollectionUtils.isNotEmpty(address.getAddresses())) {
                Iterator<String> it = address.getAddresses().iterator();
                while (it.hasNext()) {
                    entry.add(SchemaConstants.POSTAL_ADDRESS_AT, it.next());
                }
            }
            if (StringUtils.isNotEmpty(address.getCity())) {
                entry.add(SchemaConstants.L_AT, address.getCity());
            }
            if (StringUtils.isNotEmpty(address.getPostalCode())) {
                entry.add(SchemaConstants.POSTALCODE_AT, address.getPostalCode());
            }
            if (StringUtils.isNotEmpty(address.getPostOfficeBox())) {
                entry.add(SchemaConstants.POSTOFFICEBOX_AT, address.getPostOfficeBox());
            }
            if (StringUtils.isNotEmpty(address.getState())) {
                entry.add(SchemaConstants.ST_AT, address.getState());
            }
            if (StringUtils.isNotEmpty(address.getBuilding())) {
                entry.add(SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT, address.getBuilding());
            }
            if (StringUtils.isNotEmpty(address.getDepartmentNumber())) {
                entry.add("departmentNumber", address.getDepartmentNumber());
            }
            if (StringUtils.isNotEmpty(address.getRoomNumber())) {
                entry.add("roomNumber", address.getRoomNumber());
            }
        }
    }

    private void loadAddress(Address address, List<Modification> list) {
        if (address != null) {
            if (CollectionUtils.isNotEmpty(address.getAddresses())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.POSTAL_ADDRESS_AT));
                Iterator<String> it = address.getAddresses().iterator();
                while (it.hasNext()) {
                    list.add(new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, SchemaConstants.POSTAL_ADDRESS_AT, it.next()));
                }
            }
            if (StringUtils.isNotEmpty(address.getCity())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.L_AT, address.getCity()));
            }
            if (StringUtils.isNotEmpty(address.getPostalCode())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.POSTALCODE_AT, address.getPostalCode()));
            }
            if (StringUtils.isNotEmpty(address.getPostOfficeBox())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.POSTOFFICEBOX_AT, address.getPostOfficeBox()));
            }
            if (StringUtils.isNotEmpty(address.getState())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.ST_AT, address.getState()));
            }
            if (StringUtils.isNotEmpty(address.getBuilding())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT, address.getBuilding()));
            }
            if (StringUtils.isNotEmpty(address.getDepartmentNumber())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "departmentNumber", address.getDepartmentNumber()));
            }
            if (StringUtils.isNotEmpty(address.getRoomNumber())) {
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "roomNumber", address.getRoomNumber()));
            }
        }
    }

    private Address unloadAddress(Entry entry) throws LdapInvalidAttributeValueException {
        Address createAddress = new ObjectFactory().createAddress();
        List<String> attributes = getAttributes(entry, SchemaConstants.POSTAL_ADDRESS_AT);
        if (attributes != null) {
            Iterator<String> it = attributes.iterator();
            while (it.hasNext()) {
                createAddress.setAddress(it.next());
            }
        }
        createAddress.setCity(getAttribute(entry, SchemaConstants.L_AT));
        createAddress.setState(getAttribute(entry, SchemaConstants.ST_AT));
        createAddress.setPostalCode(getAttribute(entry, SchemaConstants.POSTALCODE_AT));
        createAddress.setPostOfficeBox(getAttribute(entry, SchemaConstants.POSTOFFICEBOX_AT));
        createAddress.setBuilding(getAttribute(entry, SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT));
        createAddress.setDepartmentNumber(getAttribute(entry, "departmentNumber"));
        createAddress.setRoomNumber(getAttribute(entry, "roomNumber"));
        return createAddress;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v0, types: [org.apache.directory.fortress.core.model.ParentUtil, org.apache.directory.fortress.core.impl.RoleUtil, long] */
    private List<UserAdminRole> unloadUserAdminRoles(Entry entry, String str, String str2) {
        ArrayList arrayList = null;
        List<String> attributes = getAttributes(entry, GlobalIds.USER_ADMINROLE_DATA);
        if (attributes != null) {
            long j = 0;
            arrayList = new ArrayList();
            for (String str3 : attributes) {
                UserAdminRole createUserAdminRole = new ObjectFactory().createUserAdminRole();
                ?? roleUtil = RoleUtil.getInstance();
                createUserAdminRole.load(str3, str2, roleUtil);
                long j2 = j;
                j = roleUtil + 1;
                createUserAdminRole.setSequenceId(j2);
                createUserAdminRole.setUserId(str);
                arrayList.add(createUserAdminRole);
            }
        }
        return arrayList;
    }

    private void loadPosixIds(User user) throws CreateException {
        if (StringUtils.isEmpty(user.getUidNumber()) || StringUtils.isEmpty(user.getGidNumber())) {
            ArrayList arrayList = new ArrayList();
            if (StringUtils.isEmpty(user.getUidNumber())) {
                arrayList.add("uidNumber");
            }
            if (StringUtils.isEmpty(user.getGidNumber())) {
                arrayList.add("gidNumber");
            }
            try {
                Configuration incrementReplacePosixIds = Config.getInstance().getIncrementReplacePosixIds(arrayList, this);
                if (StringUtils.isEmpty(user.getUidNumber())) {
                    user.setUidNumber(incrementReplacePosixIds.getUidNumber());
                }
                if (StringUtils.isEmpty(user.getGidNumber())) {
                    user.setGidNumber(incrementReplacePosixIds.getGidNumber());
                }
            } catch (CfgException e) {
                throw new CreateException(GlobalErrIds.USER_ADD_FAILED, "create user caught CfgException replacing an ID prop:" + e.getMessage(), e);
            }
        }
    }

    private String getDn(String str, String str2) {
        return "uid=" + str + "," + getRootDn(str2, GlobalIds.USER_ROOT);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v3, types: [org.apache.directory.fortress.core.model.ParentUtil, org.apache.directory.fortress.core.impl.RoleUtil, long] */
    private List<UserRole> unloadUserRoles(Entry entry, String str, String str2, String str3) {
        TreeMap treeMap = new TreeMap(String.CASE_INSENSITIVE_ORDER);
        List<String> attributes = getAttributes(entry, GlobalIds.USER_ROLE_DATA);
        if (attributes != null) {
            long j = 0;
            for (String str4 : attributes) {
                String upperCase = str4.substring(0, str4.indexOf(Config.getInstance().getDelimiter())).toUpperCase();
                if (str3 == null || str3.toUpperCase().equals(upperCase)) {
                    if (treeMap.containsKey(upperCase)) {
                        ((UserRole) treeMap.get(upperCase)).load(str4, str2, RoleUtil.getInstance());
                    } else {
                        UserRole createUserRole = new ObjectFactory().createUserRole();
                        ?? roleUtil = RoleUtil.getInstance();
                        createUserRole.load(str4, str2, roleUtil);
                        createUserRole.setUserId(str);
                        long j2 = j;
                        j = roleUtil + 1;
                        createUserRole.setSequenceId(j2);
                        treeMap.put(upperCase, createUserRole);
                    }
                }
            }
        }
        return new ArrayList(treeMap.values());
    }

    private String[] getUserObjectClass() {
        return RoleDAO.IS_RFC2307 ? new String[]{SchemaConstants.TOP_OC, Config.getInstance().getProperty(USER_OBJECT_CLASS), USERS_AUX_OBJECT_CLASS_NAME, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME, "extensibleObject", POSIX_ACCOUNT} : new String[]{SchemaConstants.TOP_OC, Config.getInstance().getProperty(USER_OBJECT_CLASS), USERS_AUX_OBJECT_CLASS_NAME, GlobalIds.PROPS_AUX_OBJECT_CLASS_NAME, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME, "extensibleObject"};
    }

    private void initAttrArrays() {
        if (!Config.getInstance().isOpenldap() && !Config.getInstance().isApacheds()) {
            String[] strArr = new String[31];
            strArr[0] = GlobalIds.FT_IID;
            strArr[1] = SchemaConstants.UID_AT;
            strArr[2] = SchemaConstants.USER_PASSWORD_AT;
            strArr[3] = "description";
            strArr[4] = SchemaConstants.OU_AT;
            strArr[5] = SchemaConstants.CN_AT;
            strArr[6] = SchemaConstants.SN_AT;
            strArr[7] = GlobalIds.USER_ROLE_DATA;
            strArr[8] = GlobalIds.CONSTRAINT;
            strArr[9] = USER_ROLE_ASSIGN;
            strArr[10] = GlobalIds.PROPS;
            strArr[11] = GlobalIds.USER_ADMINROLE_ASSIGN;
            strArr[12] = GlobalIds.USER_ADMINROLE_DATA;
            strArr[13] = SchemaConstants.POSTAL_ADDRESS_AT;
            strArr[14] = SchemaConstants.L_AT;
            strArr[15] = SchemaConstants.POSTALCODE_AT;
            strArr[16] = SchemaConstants.POSTOFFICEBOX_AT;
            strArr[17] = SchemaConstants.ST_AT;
            strArr[18] = SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT;
            strArr[19] = "departmentNumber";
            strArr[20] = "roomNumber";
            strArr[21] = SchemaConstants.TELEPHONE_NUMBER_AT;
            strArr[22] = "mobile";
            strArr[23] = SchemaConstants.MAIL_AT;
            strArr[24] = "employeeType";
            strArr[25] = "title";
            strArr[26] = SYSTEM_USER;
            strArr[27] = "jpegPhoto";
            strArr[28] = RoleDAO.IS_RFC2307 ? "homeDirectory" : null;
            strArr[29] = RoleDAO.IS_RFC2307 ? "gidNumber" : null;
            strArr[30] = RoleDAO.IS_RFC2307 ? "uidNumber" : null;
            defaultAtrs = strArr;
            authnAtrs = new String[]{GlobalIds.FT_IID, SchemaConstants.UID_AT, SchemaConstants.USER_PASSWORD_AT, "description", SchemaConstants.OU_AT, SchemaConstants.CN_AT, SchemaConstants.SN_AT, GlobalIds.CONSTRAINT, GlobalIds.PROPS};
            return;
        }
        String[] strArr2 = new String[34];
        strArr2[0] = GlobalIds.FT_IID;
        strArr2[1] = SchemaConstants.UID_AT;
        strArr2[2] = SchemaConstants.USER_PASSWORD_AT;
        strArr2[3] = "description";
        strArr2[4] = SchemaConstants.OU_AT;
        strArr2[5] = SchemaConstants.CN_AT;
        strArr2[6] = SchemaConstants.SN_AT;
        strArr2[7] = GlobalIds.USER_ROLE_DATA;
        strArr2[8] = GlobalIds.CONSTRAINT;
        strArr2[9] = USER_ROLE_ASSIGN;
        strArr2[10] = "pwdReset";
        strArr2[11] = "pwdAccountLockedTime";
        strArr2[12] = "pwdPolicySubentry";
        strArr2[13] = GlobalIds.PROPS;
        strArr2[14] = GlobalIds.USER_ADMINROLE_ASSIGN;
        strArr2[15] = GlobalIds.USER_ADMINROLE_DATA;
        strArr2[16] = SchemaConstants.POSTAL_ADDRESS_AT;
        strArr2[17] = SchemaConstants.L_AT;
        strArr2[18] = SchemaConstants.POSTALCODE_AT;
        strArr2[19] = SchemaConstants.POSTOFFICEBOX_AT;
        strArr2[20] = SchemaConstants.ST_AT;
        strArr2[21] = SchemaConstants.PHYSICAL_DELIVERY_OFFICE_NAME_AT;
        strArr2[22] = "departmentNumber";
        strArr2[23] = "roomNumber";
        strArr2[24] = SchemaConstants.TELEPHONE_NUMBER_AT;
        strArr2[25] = "mobile";
        strArr2[26] = SchemaConstants.MAIL_AT;
        strArr2[27] = "employeeType";
        strArr2[28] = "title";
        strArr2[29] = SYSTEM_USER;
        strArr2[30] = "jpegPhoto";
        strArr2[31] = RoleDAO.IS_RFC2307 ? "homeDirectory" : null;
        strArr2[32] = RoleDAO.IS_RFC2307 ? "gidNumber" : null;
        strArr2[33] = RoleDAO.IS_RFC2307 ? "uidNumber" : null;
        defaultAtrs = strArr2;
        authnAtrs = new String[]{GlobalIds.FT_IID, SchemaConstants.UID_AT, SchemaConstants.USER_PASSWORD_AT, "description", SchemaConstants.OU_AT, SchemaConstants.CN_AT, SchemaConstants.SN_AT, GlobalIds.CONSTRAINT, "pwdReset", "pwdAccountLockedTime", GlobalIds.PROPS};
    }
}
