package com.ibm.ws.security.scanner;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.wsspi.security.scanner.ConfigChecker;
import com.ibm.wsspi.security.scanner.ConfigHashMap;
import java.io.File;
import java.util.ArrayList;
import java.util.Locale;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/ibm/ws/security/scanner/CorbaNSChecker.class */
public class CorbaNSChecker implements ConfigChecker {
    ArrayList report;
    private static final TraceComponent tc = Tr.register(CorbaNSChecker.class, "Security", "com.ibm.ejs.resources.security");
    String pathName = null;
    String profileName = null;
    String wasVersion = null;
    String status = "false";
    boolean fileFound = false;
    String globalEnabled = "false";
    int index = 0;
    private ConfigHashMap resultMap = null;

    public int doCheck(String str, Locale locale, ArrayList arrayList) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "doCheck", new Object[]{str, locale, arrayList, this});
        }
        this.report = arrayList;
        this.profileName = str;
        File file = new File(str);
        this.pathName = file.getAbsolutePath();
        this.fileFound = false;
        this.resultMap = new ConfigHashMap();
        int i = 1;
        int checkInConfig = checkInConfig(file);
        if (checkInConfig > 1) {
            i = checkInConfig;
        }
        String str2 = str + File.separator + "config" + File.separator + "cells" + File.separator + Controller.getCellName() + File.separator + "naming-authz.xml";
        if (!this.fileFound) {
            Tr.error(tc, "security.scanner.error.invalid.file", new Object[]{str2});
            this.resultMap.addItem("status", Controller.getNLSString("security.scanner.status.undetermined"));
            this.resultMap.addItem("risk", Controller.getNLSString("security.scanner.risk.undetermined"));
            this.resultMap.addItem(CommonConstants.ACTION, Controller.getNLSString("security.scanner.action.undetermined"));
            this.resultMap.addItem("errorMsg", Controller.getFormattedMessage("security.scanner.error.invalid.file", new Object[]{str2}));
            this.report.add(this.index, this.resultMap);
            i = 3;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "doCheck", new Integer(i));
        }
        return i;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v122 */
    /* JADX WARN: Type inference failed for: r0v124 */
    /* JADX WARN: Type inference failed for: r0v126 */
    /* JADX WARN: Type inference failed for: r0v128 */
    /* JADX WARN: Type inference failed for: r0v155 */
    /* JADX WARN: Type inference failed for: r0v157 */
    /* JADX WARN: Type inference failed for: r0v159 */
    /* JADX WARN: Type inference failed for: r0v161 */
    /* JADX WARN: Type inference failed for: r0v163 */
    /* JADX WARN: Type inference failed for: r0v180 */
    /* JADX WARN: Type inference failed for: r0v181 */
    /* JADX WARN: Type inference failed for: r0v56 */
    /* JADX WARN: Type inference failed for: r0v58 */
    /* JADX WARN: Type inference failed for: r0v60 */
    /* JADX WARN: Type inference failed for: r0v62 */
    /* JADX WARN: Type inference failed for: r0v89 */
    /* JADX WARN: Type inference failed for: r0v91 */
    /* JADX WARN: Type inference failed for: r0v93 */
    /* JADX WARN: Type inference failed for: r0v95 */
    private int findAdminIdInXMLDoc(Document document) {
        NodeList elementsByTagName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findAdminIdInXMLDoc", new Object[]{document, this});
        }
        int i = 1;
        boolean z = 10;
        boolean z2 = 10;
        boolean z3 = 10;
        boolean z4 = 10;
        NodeList elementsByTagName2 = document.getElementsByTagName("authorizations");
        if (elementsByTagName2.getLength() == 0) {
            Tr.error(tc, Controller.getFormattedMessage("security.scanner.error.parse.xml", new Object[]{"naming-authx.xml", "No authorizations field in naming-authz.xml file."}));
            this.resultMap.addItem("errorMsg", Controller.getFormattedMessage("security.scanner.error.parse.xml", new Object[]{"naming-authx.xml", "No authorizations field in naming-authz.xml file."}));
        } else {
            for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
                String nodeValue = elementsByTagName2.item(i2).getAttributes().getNamedItem("role").getNodeValue();
                if (nodeValue.equals("SecurityRoleExt_1")) {
                    NodeList elementsByTagName3 = ((Element) elementsByTagName2.item(i2)).getElementsByTagName("specialSubjects");
                    if (elementsByTagName3 != null) {
                        for (int i3 = 0; i3 < elementsByTagName3.getLength(); i3++) {
                            Node item = elementsByTagName3.item(i3);
                            if (item != null) {
                                String nodeValue2 = item.getAttributes().getNamedItem("xmi:id").getNodeValue();
                                if (nodeValue2.startsWith("EveryoneExt") && z > 1) {
                                    z = true;
                                }
                                if (nodeValue2.startsWith("ServerExt") && z > 4) {
                                    z = 4;
                                }
                                if (nodeValue2.startsWith("AllAuthenticatedUsersExt") && z > 2) {
                                    z = 2;
                                }
                                if (nodeValue2.startsWith("UserExt") && z > 3) {
                                    z = 3;
                                }
                            } else if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "No id set for reading the CORBA namespace");
                            }
                        }
                    }
                } else if (nodeValue.equals("SecurityRoleExt_2")) {
                    NodeList elementsByTagName4 = ((Element) elementsByTagName2.item(i2)).getElementsByTagName("specialSubjects");
                    if (elementsByTagName4 != null) {
                        for (int i4 = 0; i4 < elementsByTagName4.getLength(); i4++) {
                            Node item2 = elementsByTagName4.item(i4);
                            if (item2 != null) {
                                String nodeValue3 = item2.getAttributes().getNamedItem("xmi:id").getNodeValue();
                                if (nodeValue3.startsWith("EveryoneExt") && z2 > 1) {
                                    z2 = true;
                                }
                                if (nodeValue3.startsWith("ServerExt") && z2 > 4) {
                                    z2 = 4;
                                }
                                if (nodeValue3.startsWith("AllAuthenticatedUsersExt") && z2 > 2) {
                                    z2 = 2;
                                }
                                if (nodeValue3.startsWith("UserExt") && z2 > 3) {
                                    z2 = 3;
                                }
                            } else if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "No id set for writing the CORBA namespace");
                            }
                        }
                    }
                } else if (nodeValue.equals("SecurityRoleExt_3")) {
                    NodeList elementsByTagName5 = ((Element) elementsByTagName2.item(i2)).getElementsByTagName("specialSubjects");
                    if (elementsByTagName5 != null) {
                        for (int i5 = 0; i5 < elementsByTagName5.getLength(); i5++) {
                            Node item3 = elementsByTagName5.item(i5);
                            if (item3 != null) {
                                String nodeValue4 = item3.getAttributes().getNamedItem("xmi:id").getNodeValue();
                                if (nodeValue4.startsWith("EveryoneExt") && z3 > 1) {
                                    z3 = true;
                                }
                                if (nodeValue4.startsWith("ServerExt") && z3 > 4) {
                                    z3 = 4;
                                }
                                if (nodeValue4.startsWith("AllAuthenticatedUsersExt") && z3 > 2) {
                                    z3 = 2;
                                }
                                if (nodeValue4.startsWith("UserExt") && z3 > 3) {
                                    z3 = 3;
                                }
                            } else if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "No id set for creating the CORBA namespace");
                            }
                        }
                    }
                } else if (nodeValue.equals("SecurityRoleExt_4") && (elementsByTagName = ((Element) elementsByTagName2.item(i2)).getElementsByTagName("specialSubjects")) != null) {
                    for (int i6 = 0; i6 < elementsByTagName.getLength(); i6++) {
                        Node item4 = elementsByTagName.item(i6);
                        if (item4 != null) {
                            String nodeValue5 = item4.getAttributes().getNamedItem("xmi:id").getNodeValue();
                            if (nodeValue5.startsWith("EveryoneExt") && z4 > 1) {
                                z4 = true;
                            }
                            if (nodeValue5.startsWith("ServerExt") && z4 > 4) {
                                z4 = 4;
                            }
                            if (nodeValue5.startsWith("AllAuthenticatedUsersExt") && z4 > 2) {
                                z4 = 2;
                            }
                            if (nodeValue5.startsWith("UserExt") && z4 > 3) {
                                z4 = 3;
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "No id set for deleting the CORBA namespace");
                        }
                    }
                }
            }
        }
        if (z2 == 2 || z3 == 2 || z4 == 2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "\nThe CORBA Namespace can be modified by All Authenticated users ");
            }
            this.resultMap.addItem("status", Controller.getNLSString("security.scanner.status.improve"));
            this.resultMap.addItem("risk", Controller.getNLSString("security.scanner.risk.corba.improve.all.auth"));
            this.resultMap.addItem(CommonConstants.ACTION, Controller.getNLSString("security.scanner.action.corba"));
            this.report.add(this.index, this.resultMap);
            i = 2;
        } else if (z2 || z3 || z4) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "\nThe CORBA namespace can be modified by Everyone! ");
            }
            this.resultMap.addItem("status", Controller.getNLSString("security.scanner.status.improve"));
            this.resultMap.addItem("risk", Controller.getNLSString("security.scanner.risk.corba.improve.everyone"));
            this.resultMap.addItem(CommonConstants.ACTION, Controller.getNLSString("security.scanner.action.corba"));
            this.report.add(this.index, this.resultMap);
            i = 2;
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "\nCORBA naming roles are configured");
            }
            this.resultMap.addItem("status", Controller.getNLSString("security.scanner.status.ok"));
            this.resultMap.addItem("risk", Controller.getNLSString("security.scanner.risk.corba.ok"));
            this.resultMap.addItem(CommonConstants.ACTION, Controller.getNLSString("security.scanner.action.none"));
            this.report.add(this.index, this.resultMap);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findAdminIdInXMLDoc", new Integer(i));
        }
        return i;
    }

    public static void main(String[] strArr) {
    }

    public String getCheckName() {
        return Controller.getNLSString("security.scanner.check.corba");
    }

    public String getCategory() {
        return Controller.getNLSString("security.scanner.category.corba");
    }

    public String getPriority() {
        return Controller.getNLSString("security.scanner.priority.high");
    }

    public String getProfileName() {
        return this.profileName;
    }

    public String getPathName() {
        return this.pathName;
    }

    public int getOrderNumber() {
        return 3;
    }

    public String getStatus() {
        return this.status;
    }

    public String getComponentName() {
        return Controller.getNLSString("security.scanner.component.security");
    }

    private int checkInConfig(File file) {
        int i = 1;
        File[] listFiles = file.listFiles();
        int i2 = 0;
        while (true) {
            if (i2 >= listFiles.length) {
                break;
            }
            if (listFiles[i2].isDirectory() && listFiles[i2].getName().equals("config")) {
                int checkSecurityConfig = checkSecurityConfig(listFiles[i2].getAbsolutePath());
                if (checkSecurityConfig > 1) {
                    i = checkSecurityConfig;
                }
            } else {
                i2++;
            }
        }
        return i;
    }

    private int checkSecurityConfig(String str) {
        File file = new File(str + "/cells");
        if (file.isDirectory()) {
            return configCheck(file);
        }
        Tr.error(tc, "security.scanner.error.invalid.file", new Object[]{file.getAbsolutePath()});
        this.resultMap.addItem("errorMsg", Controller.getFormattedMessage("security.scanner.error.invalid.file", new Object[]{file.getAbsolutePath()}));
        return 3;
    }

    private int configCheck(File file) {
        int configCheck;
        int configCheckInFile;
        int i = 1;
        File[] listFiles = file.listFiles();
        for (int i2 = 0; i2 < listFiles.length; i2++) {
            if (listFiles[i2].isFile()) {
                if (listFiles[i2].getName().equals("naming-authz.xml") && (configCheckInFile = configCheckInFile(listFiles[i2])) > i) {
                    i = configCheckInFile;
                }
            } else if (listFiles[i2].isDirectory() && (configCheck = configCheck(listFiles[i2])) > i) {
                i = configCheck;
            }
        }
        return i;
    }

    private int configCheckInFile(File file) {
        int i = 1;
        try {
            Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(file);
            this.fileFound = true;
            int findAdminIdInXMLDoc = findAdminIdInXMLDoc(parse);
            if (findAdminIdInXMLDoc > 1) {
                i = findAdminIdInXMLDoc;
            }
        } catch (Exception e) {
            Tr.error(tc, "security.scanner.error.parse.xml", new Object[]{file.getName(), e});
            this.resultMap.addItem("errorMsg", Controller.getFormattedMessage("security.scanner.error.parse.xml", new Object[]{file.getName(), e.getMessage()}));
            i = 3;
        }
        return i;
    }
}
