package com.sun.identity.sm;

import com.iplanet.am.sdk.AMConstants;
import com.iplanet.am.util.AMResourceBundleCache;
import com.iplanet.am.util.AdminUtils;
import com.iplanet.am.util.Cache;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.OrderedSet;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.iplanet.ums.IUMSConstants;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.common.CaseInsensitiveHashSet;
import com.sun.identity.delegation.DelegationEvaluator;
import com.sun.identity.delegation.DelegationException;
import com.sun.identity.delegation.DelegationPermission;
import com.sun.identity.jaxrpc.JAXRPCUtil;
import com.sun.identity.jaxrpc.SOAPClient;
import com.sun.identity.security.AdminTokenAction;
import java.net.URL;
import java.security.AccessController;
import java.security.Principal;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.StringTokenizer;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import netscape.ldap.LDAPException;
import netscape.ldap.util.DN;

/* JADX WARN: Classes with same name are omitted:
  input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/sm/SMSEntry.class
 */
/* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/sm/SMSEntry.class */
public class SMSEntry implements Cloneable {
    public static final String SERVICES_NODE = "services";
    public static final String PLACEHOLDER_RDN = "ou";
    public static final String SERVICES_RDN = "ou=services";
    public static final String COMMA = ",";
    public static SSOTokenManager tm;
    static boolean cacheSMSEntries;
    public static ResourceBundle bundle;
    static String baseDN;
    static int baseDNCount;
    static SMSException initializationException;
    static final String SMS_OBJECT_PROPERTY = "com.sun.identity.sm.sms_object_class_name";
    static final String DEFAULT_SMS_CLASS_NAME = "com.sun.identity.sm.ldap.SMSLdapObject";
    static final String JAXRPC_SMS_CLASS_NAME = "com.sun.identity.sm.jaxrpc.SMSJAXRPCObject";
    static final String SMS_ENABLE_DB_NOTIFICATION = "com.sun.identity.sm.enableDataStoreNotification";
    public static final String DB_PROXY_ENABLE = "com.sun.identity.sm.ldap.enableProxy";
    static SMSObject smsObject;
    static final String SLASH_STR = "/";
    static final String DOT_STR = ".";
    public static final String EXPORTEDARGS = "exportedTo";
    public static final String IMPORTEDARGS = "importedFrom";
    static final String AUTH_SUPER_USER = "com.sun.identity.authentication.super.user";
    static final String READ = "READ";
    static final String MODIFY = "MODIFY";
    static DelegationEvaluator dlgEval;
    static boolean SMSJAXRPCObjectFlg;
    static boolean backendProxyEnabled;
    static SSOToken adminSSOToken;
    static CaseInsensitiveHashSet mCaseSensitiveAttributes;
    static boolean enableDataStoreNotification;
    private SSOToken ssoToken;
    protected String dn;
    protected String normalizedDN;
    private boolean newEntry;
    private boolean readOnly;
    private Map attrSet;
    private Set modSet;
    public static final String ORGANIZATION_RDN = "o";
    public static final String DC_RDN = "dc";
    public static final String EQUALS = "=";
    public static final String DEFAULT_RDN = "ou=default";
    static final String ORG_PLACEHOLDER_RDN = "o=";
    static final String DELEGATION_SERVICES_RDN = "ou=services,";
    static final String DELEGATION_SERVICES_RDN_WITH_COMMA = ",ou=services,";
    static final int DELEGATION_SERVICES_RDN_WITH_COMMA_LEN;
    static final int ORG_UNIT_OBJECT = 1;
    static final int SERVICE_OBJECT = 2;
    static final int SERVICE_COMP_OBJECT = 3;
    public static final String ATTR_SCHEMA = "sunServiceSchema";
    public static final String ATTR_PLUGIN_SCHEMA = "sunPluginSchema";
    public static final String ATTR_KEYVAL = "sunKeyValue";
    public static final String ATTR_XML_KEYVAL = "sunxmlKeyValue";
    public static final String ATTR_OBJECTCLASS = "objectclass";
    public static final String ATTR_PRIORITY = "sunsmspriority";
    public static final String ATTR_SERVICE_ID = "sunserviceID";
    public static final String ATTR_LABELED_URI = "labeleduri";
    public static final String ATTR_MODIFY_TIMESTAMP = "modifytimestamp";
    public static final String[] SMS_ATTRIBUTES;
    public static final String OC_TOP = "top";
    public static final String OC_ORG_UNIT = "organizationalunit";
    public static final String OC_SERVICE = "sunService";
    public static final String OC_REALM_SERVICE = "sunRealmService";
    public static final String OC_SERVICE_COMP = "sunServiceComponent";
    public static final String SUN_INTERNAL_REALM_NAME = "sunamhiddenrealm";
    public static final String SUN_INTERNAL_REALM_PREFIX = "o=sunamhiddenrealm";
    public static final String REALM_SERVICE = "sunAMRealmService";
    protected static final String FILTER_PATTERN_ALL = "(&(&(objectclass=top)(ou={0}))(&(objectclass=top)(sunserviceID={1})))";
    protected static final String FILTER_PATTERN = "(&(objectclass=top)(ou={0}))";
    protected static final String FILTER_PATTERN_SERVICE = "(&(objectclass=sunService)(ou={0})(ou={1}))";
    public static final String FILTER_SERVICE_COMPONENTS = "(|(objectclass=sunService)(objectclass=sunServiceComponent))";
    public static Debug debug = Debug.getInstance("amSMS");
    public static Debug eventDebug = Debug.getInstance("amSMSEvent");
    private static Cache cache = new Cache(500);
    static String GLOBAL_CACHE_PROPERTY = AMConstants.CACHE_ENABLED_DISABLED_KEY;
    static String SM_CACHE_PROPERTY = "com.sun.identity.sm.cache.enabled";
    static String DEFAULT_ORG_PROPERTY = "com.iplanet.am.defaultOrg";
    static Set specialUserSet = new HashSet(50);
    static Set readActionSet = new HashSet(2);
    static Set modifyActionSet = new HashSet(2);
    static Set changeListeners = new HashSet();
    static List localChanges = Collections.synchronizedList(new LinkedList());
    static int LOCAL_CHANGES_MAX_SIZE = 25;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/sm/SMSEntry$NotificationThread.class
     */
    /* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/sm/SMSEntry$NotificationThread.class */
    public static class NotificationThread extends Thread {
        String name;
        int type;

        NotificationThread(String str, int i) {
            this.name = str;
            this.type = i;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            String lowerCase = this.name.toLowerCase();
            if (this.type == 0 && (new StringTokenizer(this.name, ",").countTokens() <= SMSEntry.baseDNCount + 1 || lowerCase.startsWith(SMSEntry.DELEGATION_SERVICES_RDN) || lowerCase.startsWith("ou=globalconfig,") || lowerCase.startsWith("ou=organizationconfig,") || lowerCase.startsWith("ou=instances,") || lowerCase.startsWith("ou=pluginconfig,"))) {
                return;
            }
            if (ServiceManager.isRealmEnabled() && !SMSEntry.enableDataStoreNotification) {
                if (SMSEntry.eventDebug.messageEnabled()) {
                    SMSEntry.eventDebug.message("SMSEntry::NotificationThread:run sending local notifications");
                }
                SMSEntry.objectChanged(this.name, this.type, true);
            }
            if (SMSEntry.SMSJAXRPCObjectFlg || SMSEntry.enableDataStoreNotification || !ServiceManager.isRealmEnabled()) {
                return;
            }
            try {
                Iterator it = ServiceManager.getAMServerInstances().iterator();
                while (it != null) {
                    if (!it.hasNext()) {
                        break;
                    }
                    URL url = new URL((String) it.next());
                    String url2 = WebtopNaming.getServiceURL("jaxrpc", url.getProtocol(), url.getHost(), Integer.toString(url.getPort()), false).toString();
                    String stringBuffer = !url2.endsWith("/") ? new StringBuffer().append(url2).append("/SMSObjectIF").toString() : new StringBuffer().append(url2).append(JAXRPCUtil.SMS_SERVICE).toString();
                    try {
                        SOAPClient sOAPClient = new SOAPClient();
                        sOAPClient.setURL(stringBuffer);
                        Object[] objArr = {this.name, new Integer(this.type)};
                        if (SMSEntry.eventDebug.messageEnabled()) {
                            SMSEntry.eventDebug.message(new StringBuffer().append("SMSEntry:NotificationThread:run Sending to URL: ").append(stringBuffer).toString());
                        }
                        sOAPClient.send("notifyObjectChanged", objArr, SMSEntry.adminSSOToken, (String) null);
                    } catch (Throwable th) {
                        if (SMSEntry.eventDebug.warningEnabled()) {
                            SMSEntry.eventDebug.warning(new StringBuffer().append("SMSEntry:NotificationThread:: Unable to send notification to: ").append(stringBuffer).toString(), th);
                        }
                    }
                }
            } catch (Throwable th2) {
                if (SMSEntry.eventDebug.warningEnabled()) {
                    SMSEntry.eventDebug.warning("SMSEntry:NotificationThread:: Unable to send notifications", th2);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SMSEntry(SSOToken sSOToken, String str) throws SSOException, SMSException {
        if (initializationException != null) {
            throw initializationException;
        }
        this.ssoToken = sSOToken;
        this.dn = str;
        this.normalizedDN = new DN(str).toRFCString().toLowerCase();
        read();
    }

    public Map getAttributes() {
        return this.attrSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getAttributeValues(String str) {
        return getAttributeValues(str, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getAttributeValues(String str, boolean z) {
        if (z || !cacheSMSEntries) {
            try {
                read();
            } catch (SSOException e) {
                debug.error(new StringBuffer().append("SMSLdapEntry: SSOToken problem in reading attrs: ").append(e).toString());
            } catch (SMSException e2) {
                debug.error(new StringBuffer().append("SMSLdapEntry: Error in reading attrs: ").append(e2).toString());
            }
        }
        Set set = this.attrSet == null ? null : (Set) this.attrSet.get(str);
        if (set == null) {
            return null;
        }
        return (String[]) set.toArray(new String[set.size()]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addAttribute(String str, String str2) throws SMSException {
        Set set = null;
        if (this.attrSet == null) {
            this.attrSet = new CaseInsensitiveHashMap();
        } else if (this.attrSet.containsKey(str)) {
            set = (Set) this.attrSet.get(str);
            if (set.contains(str2)) {
                if (debug.messageEnabled()) {
                    debug.message("SMSEntry: Duplicate value for addition");
                }
                throw new SMSException(new LDAPException(bundle.getString(IUMSConstants.SMS_ATTR_OR_VAL_EXISTS), 20), IUMSConstants.SMS_ATTR_OR_VAL_EXISTS);
            }
        }
        if (set == null) {
            set = new HashSet();
        }
        set.add(str2);
        this.attrSet.put(str, set);
        if (this.modSet == null) {
            this.modSet = new HashSet();
        }
        this.modSet.add(new ModificationItem(1, new BasicAttribute(str, str2)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAttribute(String str, String[] strArr) {
        HashSet hashSet = new HashSet();
        BasicAttribute basicAttribute = new BasicAttribute(str);
        for (int i = 0; strArr != null && i < strArr.length; i++) {
            hashSet.add(strArr[i]);
            basicAttribute.add(strArr[i]);
        }
        this.attrSet = this.attrSet == null ? new CaseInsensitiveHashMap() : this.attrSet;
        this.modSet = this.modSet == null ? new HashSet() : this.modSet;
        if (this.attrSet.containsKey(str)) {
            this.modSet.add(new ModificationItem(2, basicAttribute));
        } else {
            this.modSet.add(new ModificationItem(1, basicAttribute));
        }
        this.attrSet.put(str, hashSet);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeAttribute(String str, String str2) throws SMSException {
        Set set;
        if (this.attrSet == null || (set = (Set) this.attrSet.get(str)) == null || !set.contains(str2)) {
            throw new SMSException(new LDAPException(bundle.getString(IUMSConstants.SMS_ATTR_OR_VAL_EXISTS), 20), IUMSConstants.SMS_ATTR_OR_VAL_EXISTS);
        }
        set.remove(str2);
        this.attrSet.put(str, set);
        if (this.modSet == null) {
            this.modSet = new HashSet();
        }
        this.modSet.add(new ModificationItem(3, new BasicAttribute(str, str2)));
    }

    void removeAttribute(String str) throws SMSException {
        Set set = (Set) this.attrSet.get(str);
        if (set == null) {
            throw new SMSException(new LDAPException(bundle.getString(IUMSConstants.SMS_ATTR_OR_VAL_EXISTS), 20), IUMSConstants.SMS_ATTR_OR_VAL_EXISTS);
        }
        this.attrSet.remove(str);
        if (this.modSet == null) {
            this.modSet = new HashSet();
        }
        BasicAttribute basicAttribute = new BasicAttribute(str, set);
        Iterator it = set.iterator();
        while (it.hasNext()) {
            basicAttribute.add(it.next());
        }
        this.modSet.add(new ModificationItem(3, basicAttribute));
    }

    boolean containsAttrValue(String str, String str2) {
        Set set;
        if (this.attrSet == null || (set = (Set) this.attrSet.get(str)) == null) {
            return false;
        }
        return set.contains(str2);
    }

    void read() throws SSOException, SMSException {
        read(this.ssoToken);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void read(SSOToken sSOToken) throws SSOException, SMSException {
        if (!backendProxyEnabled) {
            getDelegationPermission(sSOToken, this.normalizedDN, readActionSet);
        } else if (isAllowed(sSOToken, this.normalizedDN, readActionSet)) {
            if (adminSSOToken == null) {
                adminSSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
            }
            sSOToken = adminSSOToken;
        }
        this.attrSet = smsObject.read(sSOToken, this.dn);
        if (this.attrSet == null) {
            this.newEntry = true;
        } else {
            this.newEntry = false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void save() throws SSOException, SMSException {
        if (!this.readOnly) {
            save(this.ssoToken);
        } else {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("SMSEntry: Attempted to save an entry that is marked as read-only: ").append(this.dn).toString());
            }
            throw new SMSException(SMSException.STATUS_NO_PERMISSION, IUMSConstants.SMS_INSUFFICIENT_ACCESS_RIGHTS);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void save(SSOToken sSOToken) throws SSOException, SMSException {
        if (!backendProxyEnabled) {
            getDelegationPermission(sSOToken, this.normalizedDN, modifyActionSet);
        } else if (isAllowed(sSOToken, this.normalizedDN, modifyActionSet)) {
            if (adminSSOToken == null) {
                adminSSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
            }
            sSOToken = adminSSOToken;
        }
        if (this.newEntry && this.attrSet != null) {
            smsObject.create(sSOToken, this.dn, this.attrSet);
            notifyObjectChanged(this.dn, 0);
        } else if (this.modSet != null) {
            smsObject.modify(sSOToken, this.dn, (ModificationItem[]) this.modSet.toArray(new ModificationItem[this.modSet.size()]));
            notifyObjectChanged(this.dn, 3);
        }
        this.newEntry = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete() throws SMSException, SSOException {
        if (!this.readOnly) {
            delete(this.ssoToken);
        } else {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("SMSEntry: Attempted to delete an entry that is marked as read-only: ").append(this.dn).toString());
            }
            throw new SMSException(SMSException.STATUS_NO_PERMISSION, IUMSConstants.SMS_INSUFFICIENT_ACCESS_RIGHTS);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete(SSOToken sSOToken) throws SMSException, SSOException {
        if (this.newEntry) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("SMSEntry: Attempted to delete an entry that does not exist: ").append(this.dn).toString());
                return;
            }
            return;
        }
        if (!backendProxyEnabled) {
            getDelegationPermission(sSOToken, this.normalizedDN, modifyActionSet);
        } else if (isAllowed(sSOToken, this.normalizedDN, modifyActionSet)) {
            if (adminSSOToken == null) {
                adminSSOToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
            }
            sSOToken = adminSSOToken;
        }
        smsObject.delete(sSOToken, this.dn);
        this.newEntry = true;
        this.attrSet = null;
        this.modSet = null;
        notifyObjectChanged(this.dn, 1);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set searchSubOrgNames(SSOToken sSOToken, String str, int i, boolean z, boolean z2, boolean z3) throws SMSException, SSOException {
        Set<String> searchSubOrgNames = smsObject.searchSubOrgNames(sSOToken, this.dn, str, i, z, z2, z3);
        OrderedSet orderedSet = new OrderedSet();
        for (String str2 : searchSubOrgNames) {
            if (hasReadPermission(sSOToken, str2)) {
                orderedSet.add(str2);
            }
        }
        Set parseResult = parseResult(orderedSet, this.normalizedDN);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry: Successfully obtained suborganization names for : ").append(this.dn).toString());
        }
        return parseResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set subEntries(String str, int i, boolean z, boolean z2) throws SMSException, SSOException {
        return subEntries(this.ssoToken, str, i, z, z2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set subEntries(SSOToken sSOToken, String str, int i, boolean z, boolean z2) throws SMSException, SSOException {
        Set<String> subEntries = smsObject.subEntries(sSOToken, this.dn, str, i, z, z2);
        OrderedSet orderedSet = new OrderedSet();
        for (String str2 : subEntries) {
            if (hasReadPermission(sSOToken, new StringBuffer().append("ou=").append(str2).append(",").append(this.dn).toString())) {
                orderedSet.add(str2);
            }
        }
        return orderedSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set schemaSubEntries(SSOToken sSOToken, String str, String str2, int i, boolean z, boolean z2) throws SMSException, SSOException {
        Set<String> schemaSubEntries = smsObject.schemaSubEntries(sSOToken, this.dn, str, str2, i, z, z2);
        OrderedSet orderedSet = new OrderedSet();
        for (String str3 : schemaSubEntries) {
            if (hasReadPermission(sSOToken, new StringBuffer().append("ou=").append(str3).append(",").append(this.dn).toString())) {
                orderedSet.add(str3);
            }
        }
        return orderedSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set searchOrganizationNames(SSOToken sSOToken, int i, boolean z, boolean z2, String str, String str2, Set set) throws SMSException, SSOException {
        Set<String> searchOrganizationNames = smsObject.searchOrganizationNames(sSOToken, this.dn, i, z, z2, str, str2, set);
        OrderedSet orderedSet = new OrderedSet();
        for (String str3 : searchOrganizationNames) {
            if (hasReadPermission(sSOToken, str3)) {
                orderedSet.add(str3);
            }
        }
        if (str2.equalsIgnoreCase(EXPORTEDARGS)) {
            return orderedSet;
        }
        Set parseResult = parseResult(orderedSet, this.normalizedDN, true);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry: Successfully obtained organization names for : ").append(this.dn).toString());
        }
        return parseResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set search(String str) throws SMSException {
        try {
            return smsObject.search(null, baseDN, str);
        } catch (SSOException e) {
            debug.error(new StringBuffer().append("SMSEntry: Search ERROR: ").append(str).toString(), e);
            throw new SMSException(bundle.getString("sms-error-in-searching"), e, "sms-error-in-searching");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void refresh(SMSEntry sMSEntry) {
        if (sMSEntry.attrSet != null) {
            this.attrSet = SMSUtils.copyAttributes(sMSEntry.attrSet);
        } else {
            this.attrSet = null;
        }
        this.newEntry = sMSEntry.newEntry;
        this.modSet = null;
    }

    public static boolean checkIfEntryExists(String str, SSOToken sSOToken) {
        try {
            return smsObject.entryExists(sSOToken, str);
        } catch (Exception e) {
            debug.error(new StringBuffer().append("SMSEntry: Error in checking if entry exists: ").append(str).toString(), e);
            return false;
        }
    }

    public static void registerCallbackHandler(SSOToken sSOToken, SMSObjectListener sMSObjectListener) throws SMSException, SSOException {
        changeListeners.add(sMSObjectListener);
        if (!ServiceManager.isRealmEnabled() || enableDataStoreNotification) {
            smsObject.registerCallbackHandler(sSOToken, sMSObjectListener);
            if (eventDebug.messageEnabled()) {
                eventDebug.message("SMSEntry:registerCallbackHander calling SMSObject for co-existence mode");
            }
        }
        eventDebug.message("SMSEntry:registerCallbackHander called");
    }

    public static void objectChanged(String str, int i) {
        objectChanged(str, i, false);
    }

    public static void objectChanged(String str, int i, boolean z) {
        if (eventDebug.messageEnabled()) {
            eventDebug.message(new StringBuffer().append("SMSEntry:objectChanged: ").append(str).append(" type: ").append(i).append(" IsLocal: ").append(z).append("\nNumber of callback objects: ").append(changeListeners.size()).toString());
        }
        if (z) {
            if (localChanges.size() > LOCAL_CHANGES_MAX_SIZE) {
                localChanges.remove(0);
            }
            localChanges.add(new StringBuffer().append(str).append(i).toString());
        } else {
            if (localChanges.contains(new StringBuffer().append(str).append(i).toString())) {
                localChanges.remove(new StringBuffer().append(str).append(i).toString());
                if (eventDebug.messageEnabled()) {
                    eventDebug.message(new StringBuffer().append("SMSEntry:objectChanged: ").append(str).append(" type: ").append(i).append(" IsLocal: ").append(z).append("\nHas been delivered locally").toString());
                    return;
                }
                return;
            }
            if (eventDebug.messageEnabled()) {
                eventDebug.message(new StringBuffer().append("SMSEntry:objectChanged: ").append(str).append(" type: ").append(i).append(" IsLocal: ").append(z).append("\nHas NOT been delivered locally, will be notified").toString());
            }
        }
        Iterator it = changeListeners.iterator();
        while (it.hasNext()) {
            ((SMSObjectListener) it.next()).objectChanged(str, i);
        }
    }

    public static void notifyObjectChanged(String str, int i) {
        if (eventDebug.messageEnabled()) {
            eventDebug.message(new StringBuffer().append("SMSEntry:notifyObjectChanged: ").append(str).append(" type: ").append(i).append("\nCalling NotificationThread").toString());
        }
        NotificationThread notificationThread = new NotificationThread(str, i);
        if (WebtopNaming.isServerMode()) {
            notificationThread.start();
        } else {
            notificationThread.run();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getDN() {
        return this.dn;
    }

    Principal getPrincipal() {
        try {
            return this.ssoToken.getPrincipal();
        } catch (SSOException e) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSOToken getSSOToken() {
        return this.ssoToken;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setReadOnly() {
        this.readOnly = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isNewEntry() {
        return this.newEntry;
    }

    public static SMSObject getSMSObject() {
        return smsObject;
    }

    public static void validateToken(SSOToken sSOToken) throws SMSException {
        try {
            tm.validateToken(sSOToken);
        } catch (SSOException e) {
            throw new SMSException(e, "sms-INVALID_SSO_TOKEN");
        }
    }

    public Object clone() throws CloneNotSupportedException {
        SMSEntry sMSEntry = (SMSEntry) super.clone();
        sMSEntry.ssoToken = this.ssoToken;
        sMSEntry.dn = this.dn;
        sMSEntry.newEntry = this.newEntry;
        sMSEntry.modSet = null;
        if (this.attrSet != null) {
            sMSEntry.attrSet = SMSUtils.copyAttributes(this.attrSet);
        } else {
            sMSEntry.attrSet = null;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry being cloned: ").append(this.dn).toString());
        }
        return sMSEntry;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer().append("DN\t\t: ").append(this.dn).append("\n").toString());
        if (this.newEntry) {
            stringBuffer.append("\t(NEW Entry)");
        }
        stringBuffer.append(new StringBuffer().append("Attribute Set\t: ").append(this.attrSet).append("\n").toString());
        stringBuffer.append(new StringBuffer().append("Modifcation Set\t: ").append(this.modSet).append("\n").toString());
        return stringBuffer.toString();
    }

    public static String getRootSuffix() {
        return baseDN;
    }

    public static boolean isAttributeCaseSensitive(String str) {
        return mCaseSensitiveAttributes.contains(str);
    }

    public static String getFilterPatternService() {
        return FILTER_PATTERN_SERVICE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Set parseResult(Set set, String str) {
        return parseResult(set, str, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Set parseResult(Set set, String str, boolean z) {
        OrderedSet orderedSet = new OrderedSet();
        if (set != null) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                DN dn = new DN((String) it.next());
                String rFCString = dn.toRFCString();
                String lowerCase = dn.toRFCString().toLowerCase();
                if (!lowerCase.equals(baseDN) && !lowerCase.startsWith(SUN_INTERNAL_REALM_PREFIX)) {
                    if (!lowerCase.equals(str)) {
                        String stringBuffer = ServiceManager.isRealmEnabled() ? ORG_PLACEHOLDER_RDN : new StringBuffer().append(OrgConfigViaAMSDK.getNamingAttrForOrg()).append("=").toString();
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("SMSEntry:parseResult:orgAttr ").append(stringBuffer).toString());
                        }
                        int indexOf = lowerCase.indexOf(stringBuffer.toLowerCase());
                        if (indexOf > 0) {
                            rFCString = rFCString.substring(indexOf);
                        }
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("SMSEntry:parseResult:DNName ").append(str).toString());
                            debug.message(new StringBuffer().append("SMSEntry:parseResult:RFCDN ").append(rFCString).toString());
                        }
                        int indexOf2 = lowerCase.indexOf(str);
                        if (indexOf2 < 0) {
                            indexOf2 = lowerCase.lastIndexOf(baseDN);
                        }
                        String replaceString = DNMapper.replaceString(rFCString.substring(0, indexOf2 - 1), stringBuffer, "/");
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("SMSEntry:parseResult:origStr1 ").append(replaceString).toString());
                        }
                        String replaceString2 = DNMapper.replaceString(replaceString, ",", "");
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("SMSEntry:parseResult:origStr2 ").append(replaceString2).toString());
                        }
                        StringBuffer stringBuffer2 = new StringBuffer();
                        while (replaceString2.length() != 0) {
                            int lastIndexOf = replaceString2.lastIndexOf("/");
                            if (lastIndexOf >= 0) {
                                stringBuffer2.append(replaceString2.substring(lastIndexOf + 1)).append("/");
                                replaceString2 = replaceString2.substring(0, lastIndexOf);
                            }
                        }
                        String stringBuffer3 = stringBuffer2.toString();
                        if (stringBuffer3 != null && stringBuffer3.length() > 0) {
                            orderedSet.add(stringBuffer3.substring(0, stringBuffer3.length() - 1));
                        }
                    } else if (z) {
                        orderedSet.add("/");
                    }
                }
            }
        }
        return orderedSet;
    }

    static String[] parseOrgDN(String str) {
        String str2;
        String[] strArr = (String[]) cache.get(str);
        if (strArr != null) {
            return strArr;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry:parseOrgDN:DNName ").append(str).toString());
        }
        String[] strArr2 = new String[5];
        if (str == null || str.length() == 0) {
            strArr2[0] = baseDN;
            strArr2[1] = "*";
            strArr2[2] = "*";
            strArr2[3] = "*";
            strArr2[4] = "*";
            return strArr2;
        }
        String lowerCase = new DN(str).toRFCString().toLowerCase();
        int indexOf = lowerCase.indexOf(DELEGATION_SERVICES_RDN_WITH_COMMA);
        if (indexOf == -1 || lowerCase.equals(DNMapper.serviceDN)) {
            strArr2[0] = lowerCase;
            str2 = "";
        } else if (ServiceManager.isRealmEnabled()) {
            int indexOf2 = lowerCase.indexOf(DNMapper.serviceDN);
            if (indexOf2 == -1 || indexOf2 == 0) {
                strArr2[0] = baseDN;
                str2 = "";
            } else {
                String substring = lowerCase.substring(0, indexOf2 - 1);
                if (substring.indexOf(DELEGATION_SERVICES_RDN) == -1) {
                    strArr2[0] = baseDN;
                    str2 = substring;
                } else {
                    strArr2[0] = lowerCase.substring(indexOf + DELEGATION_SERVICES_RDN_WITH_COMMA_LEN);
                    str2 = lowerCase.substring(0, indexOf);
                }
            }
        } else {
            strArr2[0] = lowerCase.substring(indexOf + DELEGATION_SERVICES_RDN_WITH_COMMA_LEN);
            str2 = lowerCase.substring(0, indexOf);
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry:parseOrgDN: orgDN: ").append(strArr2[0]).append(" restOfDN: ").append(str2).toString());
        }
        String[] explodeDN = str2.length() > 0 ? new DN(str2).explodeDN(true) : null;
        int length = explodeDN == null ? 0 : explodeDN.length;
        strArr2[4] = length < 1 ? REALM_SERVICE : explodeDN[length - 1];
        strArr2[3] = length < 2 ? "*" : explodeDN[length - 2];
        strArr2[2] = length < 3 ? "*" : explodeDN[length - 3];
        if (length >= 4) {
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = length - 4; i >= 0; i--) {
                stringBuffer.append('/').append(explodeDN[i]);
            }
            strArr2[1] = stringBuffer.toString();
        } else {
            strArr2[1] = "*";
        }
        cache.put(str, strArr2);
        return strArr2;
    }

    static boolean hasReadPermission(SSOToken sSOToken, String str) {
        try {
            getDelegationPermission(sSOToken, str, readActionSet);
            if (!debug.messageEnabled()) {
                return true;
            }
            try {
                debug.message(new StringBuffer().append("SMSEntry::hasReadPermission Allowed user: ").append(sSOToken.getPrincipal().getName()).append(" for dn: ").append(str).toString());
                return true;
            } catch (SSOException e) {
                debug.message(new StringBuffer().append("SMSEntry::hasReadPermission Allowed access for dn: ").append(str).append(" Got SSOException").toString(), e);
                return true;
            }
        } catch (SMSException e2) {
            if (!debug.messageEnabled()) {
                return false;
            }
            try {
                debug.message(new StringBuffer().append("SMSEntry::hasReadPermission Denied user: ").append(sSOToken.getPrincipal().getName()).append(" for dn: ").append(str).toString());
                return false;
            } catch (SSOException e3) {
                debug.message(new StringBuffer().append("SMSEntry::hasReadPermission Denied access for dn: ").append(str).append(" Got SSOException").toString(), e3);
                return false;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean getDelegationPermission(SSOToken sSOToken, String str, Set set) throws SMSException {
        if (SMSJAXRPCObjectFlg || backendProxyEnabled || str.equals(baseDN) || str.equals(DNMapper.serviceDN)) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SMSEntry:getDelegationPermission :No delegation check needed for client sdk, db proxy enabled and for baseDNs: ").append(baseDN).toString());
            }
            return true;
        }
        try {
            String name = sSOToken.getPrincipal().getName();
            if (DN.isDN(name)) {
                String lowerCase = new DN(name).toRFCString().toLowerCase();
                if (specialUserSet.contains(lowerCase)) {
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("SMSEntry.getDelegationPermission :No delegation check needed for special users.").append(lowerCase).toString());
                    }
                    return true;
                }
            }
            if (!ServiceManager.isConfigMigratedTo70()) {
                if (backendProxyEnabled) {
                    return true;
                }
                debug.error("SMSEntry::getDelegationPermission Must enable LDAP proxy support if configuration (DIT) is not migrated to AM 7.0");
                throw new SMSException(SMSException.STATUS_NO_PERMISSION, IUMSConstants.SMS_INSUFFICIENT_ACCESS_RIGHTS);
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SMSEntry:getDelegationPermission :Calling delegation service for dnName: ").append(str).append(" for permissions: ").append(set).toString());
            }
            if (isAllowedByDelegation(sSOToken, str, set)) {
                return true;
            }
            throw new SMSException(SMSException.STATUS_NO_PERMISSION, IUMSConstants.SMS_INSUFFICIENT_ACCESS_RIGHTS);
        } catch (SSOException e) {
            debug.error("SMSEntry.isAllowed : Invalid Token: ", e);
            throw new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), "sms-INVALID_SSO_TOKEN");
        }
    }

    private static boolean isAllowed(SSOToken sSOToken, String str, Set set) throws SMSException {
        if (SMSJAXRPCObjectFlg) {
            return false;
        }
        if (str.equals(baseDN) || str.equals(DNMapper.serviceDN)) {
            return true;
        }
        try {
            String name = sSOToken.getPrincipal().getName();
            if (DN.isDN(name)) {
                String lowerCase = new DN(name).toRFCString().toLowerCase();
                if (specialUserSet.contains(lowerCase)) {
                    if (!debug.messageEnabled()) {
                        return true;
                    }
                    debug.message(new StringBuffer().append("SMSEntry.isAllowed :No delegation check needed for special users.").append(lowerCase).toString());
                    return true;
                }
            }
            if (ServiceManager.isConfigMigratedTo70()) {
                return isAllowedByDelegation(sSOToken, str, set);
            }
            return false;
        } catch (SSOException e) {
            debug.error("SMSEntry.isAllowed : Invalid Token: ", e);
            throw new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), "sms-INVALID_SSO_TOKEN");
        }
    }

    private static boolean isAllowedByDelegation(SSOToken sSOToken, String str, Set set) throws SMSException {
        String[] parseOrgDN = parseOrgDN(str);
        String str2 = parseOrgDN[0];
        String str3 = parseOrgDN[1];
        String str4 = parseOrgDN[2];
        String str5 = parseOrgDN[3];
        String str6 = parseOrgDN[4];
        if (!str6.equals(REALM_SERVICE) && (str4.equalsIgnoreCase("*") || str3.equalsIgnoreCase("*"))) {
            return true;
        }
        try {
            DelegationPermission delegationPermission = new DelegationPermission(str2, str6, str5, str4, str3, set, Collections.EMPTY_MAP);
            if (dlgEval == null) {
                dlgEval = new DelegationEvaluator();
            }
            boolean isAllowed = dlgEval.isAllowed(sSOToken, delegationPermission, Collections.EMPTY_MAP);
            if (!isAllowed && debug.warningEnabled()) {
                try {
                    debug.warning(new StringBuffer().append("SMSEntry: Attempt by:  ").append(sSOToken.getPrincipal().getName()).append(" to read/modify entry: ").append(str).append(" has no permissions").toString());
                } catch (SSOException e) {
                    debug.warning(new StringBuffer().append("SMSEntry: Attempted to:  read/modify an entry that has invalid delegation privilege: ").append(str).toString(), e);
                }
            }
            return isAllowed;
        } catch (SSOException e2) {
            debug.error("SMSEntry.isAllowed : Invalid Token: ", e2);
            throw new SMSException(bundle.getString("sms-INVALID_SSO_TOKEN"), "sms-INVALID_SSO_TOKEN");
        } catch (DelegationException e3) {
            debug.error("SMSEntry.isAllowed : Invalid DelegationPermission: ", e3);
            throw new SMSException(bundle.getString("sms-invalid_delegation_privilege"), "sms-invalid_delegation_privilege");
        }
    }

    static {
        readActionSet.add("READ");
        modifyActionSet.add("MODIFY");
        String str = SystemProperties.get("com.sun.identity.authentication.super.user", "");
        if (str != null && str.length() != 0) {
            specialUserSet.add(new DN(str).toRFCString().toLowerCase());
        }
        String adminDN = AdminUtils.getAdminDN();
        if (adminDN != null && adminDN.length() != 0) {
            specialUserSet.add(new DN(adminDN).toRFCString().toLowerCase());
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry: Special User Set: ").append(specialUserSet).toString());
        }
        String str2 = SystemProperties.get(DB_PROXY_ENABLE);
        if (str2 != null && str2.equalsIgnoreCase("true")) {
            backendProxyEnabled = true;
        }
        mCaseSensitiveAttributes = new CaseInsensitiveHashSet(3);
        mCaseSensitiveAttributes.add(ATTR_SCHEMA);
        mCaseSensitiveAttributes.add(ATTR_PLUGIN_SCHEMA);
        mCaseSensitiveAttributes.add(ATTR_KEYVAL);
        if (System.getProperty(GLOBAL_CACHE_PROPERTY, SystemProperties.get(GLOBAL_CACHE_PROPERTY, "true")).equalsIgnoreCase("true")) {
            cacheSMSEntries = true;
        } else {
            String str3 = SystemProperties.get(SM_CACHE_PROPERTY);
            if (str3 == null || str3.length() <= 0) {
                cacheSMSEntries = false;
            } else {
                cacheSMSEntries = str3.equalsIgnoreCase("true");
            }
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry: cache enabled: ").append(cacheSMSEntries).toString());
        }
        String str4 = SystemProperties.get(SMS_ENABLE_DB_NOTIFICATION);
        if (str4 != null && str4.equalsIgnoreCase("true")) {
            enableDataStoreNotification = true;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("SMSEntry: DN notification enabled: ").append(enableDataStoreNotification).toString());
        }
        bundle = AMResourceBundleCache.getInstance().getResBundle("amSDK", Locale.ENGLISH);
        String str5 = SystemProperties.get(SMS_OBJECT_PROPERTY, DEFAULT_SMS_CLASS_NAME);
        new Object[1][0] = str5;
        try {
            tm = SSOTokenManager.getInstance();
            smsObject = (SMSObject) Class.forName(str5).newInstance();
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Using SMS object class ").append(str5).toString());
            }
        } catch (ClassNotFoundException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("SMSObject class not found: ").append(str5).toString());
            }
            initializationException = new SMSException(e, "sms-init-no-class-found");
        } catch (Exception e2) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("SMSEntry: error in instantiation of: ").append(str5).append(" Message: ").append(e2.getMessage()).toString());
            }
            initializationException = new SMSException(e2, "sms-instantiation-failed");
        }
        if (smsObject == null) {
            try {
                if (str5.equals(DEFAULT_SMS_CLASS_NAME)) {
                    debug.message("SMSEntry: Using default JAXRPC implementation");
                    smsObject = (SMSObject) Class.forName(JAXRPC_SMS_CLASS_NAME).newInstance();
                    SMSJAXRPCObjectFlg = true;
                } else if (str5.equals(JAXRPC_SMS_CLASS_NAME)) {
                    debug.message("SMSEntry: Using default JAXRPC implementation");
                    smsObject = (SMSObject) Class.forName(JAXRPC_SMS_CLASS_NAME).newInstance();
                    SMSJAXRPCObjectFlg = true;
                } else {
                    debug.message("SMSEntry: Using default LDAP implementation");
                    smsObject = (SMSObject) Class.forName(DEFAULT_SMS_CLASS_NAME).newInstance();
                }
                initializationException = null;
            } catch (Exception e3) {
                debug.error("SMSEntry: Error in getting configured/default SMSObject", initializationException);
                debug.error("SMSEntry: Error in getting backupSMSObject", e3);
            }
        }
        String rootSuffix = smsObject.getRootSuffix();
        if (rootSuffix != null) {
            baseDN = new DN(rootSuffix).toRFCString().toLowerCase();
        } else {
            baseDN = "o=unknown-suffix";
        }
        if (baseDN == null) {
            initializationException = new SMSException(bundle.getString("sms-invalid-dn"), "sms-invalid-dn");
        } else {
            baseDNCount = new StringTokenizer(baseDN, ",").countTokens();
        }
        DELEGATION_SERVICES_RDN_WITH_COMMA_LEN = DELEGATION_SERVICES_RDN_WITH_COMMA.length();
        SMS_ATTRIBUTES = new String[]{PLACEHOLDER_RDN, ATTR_SCHEMA, ATTR_PLUGIN_SCHEMA, ATTR_KEYVAL, ATTR_XML_KEYVAL, ATTR_OBJECTCLASS, ATTR_PRIORITY, ATTR_SERVICE_ID, ATTR_LABELED_URI, ATTR_MODIFY_TIMESTAMP};
    }
}
