package com.rational.pjc.usecase;

import com.catapulse.memsvc.AccessControlManager;
import com.catapulse.memsvc.AuthorizationManager;
import com.catapulse.memsvc.CataAclEntry;
import com.catapulse.memsvc.CataPrincipal;
import com.catapulse.memsvc.Group;
import com.catapulse.memsvc.GroupKey;
import com.catapulse.memsvc.MembershipServicesFactory;
import com.catapulse.memsvc.PersonKey;
import com.catapulse.memsvc.Resource;
import com.catapulse.memsvc.ResourceKey;
import com.catapulse.memsvc.SecurityContext;
import com.catapulse.memui.usecase.IProjectConstants;
import com.rational.dashboard.utilities.GlobalConstants;
import com.rational.logging.Logger;
import com.rational.pjc.security.SecurityServices;
import com.rational.pjc.utilities.CataAclUtil;
import com.rational.pjc.utilities.SerializableString;
import com.rational.ssm.ContextID;
import com.rational.ssm.ISession;
import com.rational.ssm.SecuritySessionContext;
import com.rational.ssm.SessionManager;
import com.rational.wpf.request.HttpRequest;
import com.rational.wpf.usecase.HttpServletBasedUseCaseHandler;
import com.rational.wpf.usecase.UseCaseException;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.Enumeration;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.varia.ExternallyRolledFileAppender;

/* loaded from: input_file:PJCWeb.war:WEB-INF/lib/pjcserver.jar:com/rational/pjc/usecase/DashboardSecurityHttpUseCaseHandler.class */
public class DashboardSecurityHttpUseCaseHandler extends HttpServletBasedUseCaseHandler {
    public static Logger logger = SecurityServices.logger;
    static final String ADMIN_GROUP_ID = "5";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:PJCWeb.war:WEB-INF/lib/pjcserver.jar:com/rational/pjc/usecase/DashboardSecurityHttpUseCaseHandler$TreeNodeSorter.class */
    public class TreeNodeSorter implements Comparator {
        private final DashboardSecurityHttpUseCaseHandler this$0;

        TreeNodeSorter(DashboardSecurityHttpUseCaseHandler dashboardSecurityHttpUseCaseHandler) {
            this.this$0 = dashboardSecurityHttpUseCaseHandler;
        }

        @Override // java.util.Comparator
        public int compare(Object obj, Object obj2) {
            return ((Resource) obj).getName().toLowerCase().compareTo(((Resource) obj2).getName().toLowerCase());
        }
    }

    public String authenticateUser(String str, String str2) {
        try {
            SecurityContext login = SecurityServices.getInstance().getAuthenticationManager().login(str, str2);
            return new StringBuffer().append(login.getPrincipal().getFirstName()).append(GlobalConstants.SPACE).append(login.getPrincipal().getLastName()).toString();
        } catch (Exception e) {
            return GlobalConstants.STATUS_ERROR;
        }
    }

    public String copyResource(Resource resource, BigDecimal bigDecimal, BigDecimal bigDecimal2, String str, SecurityContext securityContext) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "createResource(Resource rsc, BigDecimal parentId,String szDescription)", "Entering");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            ResourceKey createResource = accessControlManager.createResource(new ResourceKey(bigDecimal2), resource, true);
            stringBuffer = createResource.getId().toString();
            setResourceDescription(createResource.getId(), accessControlManager.getResource(new ResourceKey(bigDecimal)).getDescription());
            copyAcl(bigDecimal, createResource.getId(), securityContext);
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "handleRequest(IUseCaseRequest useCaseRequest)", new StringBuffer().append("Exception occured while creating resource ").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "createResource(Resource rsc, BigDecimal id,String szDescription)", "Exitting");
        return stringBuffer;
    }

    public String touchSession() {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "touchSession()", "Entering");
        logger.debug("DashboardSecurityHttpUseCaseHandler", "touchSession()", "Exitting");
        return ExternallyRolledFileAppender.OK;
    }

    public String createResource(Resource resource, BigDecimal bigDecimal, String str, SecurityContext securityContext) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "createResource(Resource rsc, BigDecimal id,String szDescription)", "Entering");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            ResourceKey createResource = accessControlManager.createResource(new ResourceKey(bigDecimal), resource, true);
            GroupKey key = SecurityServices.getInstance().getPJCOrgAdminGroup().getKey();
            if (!MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext).checkPermission(createResource, key)) {
                accessControlManager.addGroupToResource(createResource, key, "crud", "active", 0);
            }
            if (!isAdmin(securityContext)) {
                AuthorizationManager authorizationManager = MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext);
                CataPrincipal principal = authorizationManager.getCallerContext().getPrincipal();
                GroupKey key2 = SecurityServices.getInstance().getPJCUserGroup().getKey();
                if (!authorizationManager.checkPermission(createResource, principal)) {
                    accessControlManager.addPrincipalToResource(createResource, principal.getPersonKey(), key2, "crud", "active");
                }
            }
            stringBuffer = createResource.getId().toString();
            setResourceDescription(createResource.getId(), str);
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "createResource(Resource rsc, BigDecimal id,String szDescription)", new StringBuffer().append("Exception occured while creating resource ").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "createResource(Resource rsc, BigDecimal id,String szDescription)", "Exitting");
        return stringBuffer;
    }

    public ArrayList getAclList(BigDecimal bigDecimal) {
        ArrayList arrayList = new ArrayList();
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getAclList(BigDecimal rscId)", "Entering");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            Enumeration aclList = accessControlManager.getAclList(new ResourceKey(bigDecimal));
            while (aclList.hasMoreElements()) {
                CataAclEntry cataAclEntry = (CataAclEntry) aclList.nextElement();
                GroupKey groupKey = cataAclEntry.getGroupKey();
                PersonKey personKey = cataAclEntry.getPersonKey();
                Group group = accessControlManager.getGroup(groupKey);
                CataPrincipal cataPrincipal = null;
                if (personKey != null) {
                    cataPrincipal = accessControlManager.getPrincipal(personKey);
                }
                arrayList.add(new CataAclUtil(cataPrincipal, group));
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getAclList(BigDecimal rscId)", new StringBuffer().append("Exception while getting the acl list. ERROR: ").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getAclList(BigDecimal rscId)", "Exitting");
        return arrayList;
    }

    public ArrayList getChildNodes(BigDecimal bigDecimal) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal id)", "Entering");
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration resourceList = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).getResourceList(new ResourceKey(bigDecimal));
            while (resourceList.hasMoreElements()) {
                arrayList.add((Resource) resourceList.nextElement());
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal id)", new StringBuffer().append("Exception occured while getting child nodes. ERROR: ").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal id)", "Exitting");
        return arrayList;
    }

    public ArrayList getAllChildNodes(BigDecimal bigDecimal, BigDecimal bigDecimal2) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getAllChildNodes(BigDecimal id)", "Entering");
        ArrayList arrayList = new ArrayList();
        try {
            new ArrayList();
            ArrayList childNodes = getChildNodes(bigDecimal, bigDecimal2);
            Collections.sort(childNodes, new TreeNodeSorter(this));
            arrayList.addAll(childNodes);
            for (int i = 0; i < arrayList.size(); i++) {
                ArrayList childNodes2 = getChildNodes(((Resource) arrayList.get(i)).getKey().getId(), bigDecimal2);
                if (childNodes2 != null) {
                    Collections.sort(childNodes2, new TreeNodeSorter(this));
                    arrayList.addAll(childNodes2);
                }
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getAllChildNodes(BigDecimal id)", new StringBuffer().append("Exception occured while getting child nodes. ERROR: ").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getAllChildNodes(BigDecimal id)", "Exitting");
        return arrayList;
    }

    public ArrayList getGroupList() {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getGroupList()", "Entering");
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration groupList = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).getGroupList(SecurityServices.getInstance().getPJCOrgKey());
            while (groupList.hasMoreElements()) {
                arrayList.add(groupList.nextElement());
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getGroupList()", "Exception occured while getting group list");
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getGroupList()", "Exitting");
        return arrayList;
    }

    public ArrayList getUserList() {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getUserList()", "Entering");
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration principalList = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).getPrincipalList(SecurityServices.getInstance().getPJCOrgKey());
            while (principalList.hasMoreElements()) {
                arrayList.add(principalList.nextElement());
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getUserList()", new StringBuffer().append("Exception occured while getting the user list. ERROR: ").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getUserList()", "Exitting");
        return arrayList;
    }

    public ArrayList getUsersOfGroup(BigDecimal bigDecimal) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getUsersOfGroup(BigDecimal id)", "Entering");
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration principalList = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).getPrincipalList(new GroupKey(bigDecimal));
            while (principalList.hasMoreElements()) {
                arrayList.add(principalList.nextElement());
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getUsersOfGroup(BigDecimal id)", new StringBuffer().append("Exception occured while getting the users of a group. ERROR: ").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getUsersOfGroup(BigDecimal id)", "Exitting");
        return arrayList;
    }

    @Override // com.rational.wpf.usecase.HttpServletBasedUseCaseHandler, com.rational.wpf.usecase.IHttpServletBasedUseCaseHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, UseCaseException {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "handleRequest(HttpServletRequest req,HttpServletResponse response)", "Entering");
        try {
            ISession session = SessionManager.getInstance().getSession(httpServletRequest, ContextID.PROJECTEXPLORER);
            SecurityContext securityContext = null;
            if (session != null) {
                securityContext = ((SecuritySessionContext) session.getSecurityContext()).getSecurityContext();
            } else {
                logger.severe("DashboardSecurityHttpUseCaseHandler", "handleRequest(HttpServletRequest req,HttpServletResponse response)", "Could not get the securitycontext");
            }
            String parameter = httpServletRequest.getParameter("ACTION");
            BigDecimal id = securityContext.getPrincipal().getPersonKey().getId();
            if (parameter.equals("GET_CHILD_NODES")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getChildNodes(new BigDecimal(httpServletRequest.getParameter("PARENT_ID")), id));
            } else if (parameter.equals("GET_ALL_CHILD_NODES")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getAllChildNodes(new BigDecimal(httpServletRequest.getParameter("PARENT_ID")), id));
            } else if (parameter.equals("KEEP_ALIVE")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(new SerializableString(touchSession()));
            } else if (parameter.equals("CREATE_RESOURCE")) {
                HttpRequest httpRequest = new HttpRequest(httpServletRequest);
                String parameter2 = httpRequest.getParameter("RESOURCE_NAME");
                String parameter3 = httpRequest.getParameter("DESCRIPTION");
                String parameter4 = httpServletRequest.getParameter("PARENT_ID");
                String parameter5 = httpServletRequest.getParameter("RESOURCE_TYPE");
                if (parameter3 == null) {
                    parameter3 = "";
                }
                Resource resource = new Resource(parameter2);
                resource.setType(parameter5);
                String createResource = createResource(resource, new BigDecimal(parameter4), parameter3, securityContext);
                ObjectOutputStream objectOutputStream = new ObjectOutputStream(httpServletResponse.getOutputStream());
                SerializableString serializableString = new SerializableString();
                if (createResource.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString.setBoolean(true);
                } else {
                    serializableString.setBoolean(false);
                }
                serializableString.setString(createResource);
                objectOutputStream.writeObject(serializableString);
            } else if (parameter.equals("COPY_RESOURCE")) {
                HttpRequest httpRequest2 = new HttpRequest(httpServletRequest);
                String parameter6 = httpRequest2.getParameter("RESOURCE_NAME");
                String parameter7 = httpRequest2.getParameter("DESCRIPTION");
                String parameter8 = httpServletRequest.getParameter("PARENT_ID");
                String parameter9 = httpServletRequest.getParameter("RESOURCE_TYPE");
                String parameter10 = httpServletRequest.getParameter("SRC_RESOURCE_ID");
                if (parameter7 == null) {
                    parameter7 = "";
                }
                Resource resource2 = new Resource(parameter6);
                resource2.setType(parameter9);
                String copyResource = copyResource(resource2, new BigDecimal(parameter10), new BigDecimal(parameter8), parameter7, securityContext);
                ObjectOutputStream objectOutputStream2 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                SerializableString serializableString2 = new SerializableString();
                if (copyResource.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString2.setBoolean(true);
                } else {
                    serializableString2.setBoolean(false);
                }
                serializableString2.setString(copyResource);
                objectOutputStream2.writeObject(serializableString2);
            } else if (parameter.equals("RENAME_RESOURCE")) {
                String updateResource = updateResource(new BigDecimal(httpServletRequest.getParameter("RESOURCE_ID")), new HttpRequest(httpServletRequest).getParameter("RESOURCE_NAME"));
                ObjectOutputStream objectOutputStream3 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                SerializableString serializableString3 = new SerializableString(updateResource);
                if (updateResource.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString3.setBoolean(true);
                } else {
                    serializableString3.setBoolean(false);
                }
                serializableString3.setString(updateResource);
                objectOutputStream3.writeObject(serializableString3);
            } else if (parameter.equals("DELETE_RESOURCE")) {
                String removeResource = removeResource(new BigDecimal(httpServletRequest.getParameter("RESOURCE_ID")));
                ObjectOutputStream objectOutputStream4 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                SerializableString serializableString4 = new SerializableString(removeResource);
                if (removeResource.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString4.setBoolean(true);
                } else {
                    serializableString4.setBoolean(false);
                }
                serializableString4.setString(removeResource);
                objectOutputStream4.writeObject(serializableString4);
            } else if (parameter.equals("CHECK_PERMISSION")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(new SerializableString(checkResourcePermission(new BigDecimal(httpServletRequest.getParameter("RESOURCE_ID")), securityContext)));
            } else if (parameter.equals("GET_USERS_OF_GROUP")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getUsersOfGroup(new BigDecimal(httpServletRequest.getParameter(IProjectConstants.GROUP_ID))));
            } else if (parameter.equals("DO_LOGIN")) {
                String authenticateUser = authenticateUser(httpServletRequest.getParameter("USER_NAME"), httpServletRequest.getParameter("PASSWORD"));
                ObjectOutputStream objectOutputStream5 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                SerializableString serializableString5 = new SerializableString(authenticateUser);
                if (authenticateUser.equals(GlobalConstants.STATUS_ERROR)) {
                    serializableString5.setBoolean(false);
                } else {
                    serializableString5.setBoolean(true);
                }
                serializableString5.setString(authenticateUser);
                objectOutputStream5.writeObject(serializableString5);
            } else if (parameter.equals("GET_USER_LIST")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getUserList());
            } else if (parameter.equals("GET_GROUP_LIST")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getGroupList());
            } else if (parameter.equals("GET_ACL_LIST")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(getAclList(new BigDecimal(httpServletRequest.getParameter("RESOURCE_ID"))));
            } else if (parameter.equals("SET_ACL")) {
                String parameter11 = httpServletRequest.getParameter("RESOURCE_ID");
                String parameter12 = httpServletRequest.getParameter(IProjectConstants.USER_ID);
                String parameter13 = httpServletRequest.getParameter(IProjectConstants.GROUP_ID);
                ObjectOutputStream objectOutputStream6 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                if (parameter11 == null || parameter11.equals("")) {
                    SerializableString serializableString6 = new SerializableString("Resource id cannot be null");
                    serializableString6.setBoolean(false);
                    objectOutputStream6.writeObject(serializableString6);
                }
                if ((parameter13 == null || parameter13.equals("")) && (parameter12 == null || parameter12.equals(""))) {
                    SerializableString serializableString7 = new SerializableString("Both group id and userid cannot be null");
                    serializableString7.setBoolean(false);
                    objectOutputStream6.writeObject(serializableString7);
                }
                BigDecimal bigDecimal = new BigDecimal(parameter11);
                BigDecimal bigDecimal2 = null;
                BigDecimal bigDecimal3 = null;
                if (parameter13 != null && !parameter13.equals("")) {
                    bigDecimal2 = new BigDecimal(parameter13);
                }
                if (parameter12 != null && !parameter12.equals("")) {
                    bigDecimal3 = new BigDecimal(parameter12);
                }
                String acl = setAcl(bigDecimal, bigDecimal2, bigDecimal3);
                SerializableString serializableString8 = new SerializableString(acl);
                if (acl.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString8.setBoolean(true);
                } else {
                    serializableString8.setBoolean(false);
                }
                serializableString8.setString(acl);
                objectOutputStream6.writeObject(serializableString8);
            } else if (parameter.equals("SET_ACL_LIST")) {
                String parameter14 = httpServletRequest.getParameter("RESOURCE_ID");
                String[] parameterValues = httpServletRequest.getParameterValues("USER_LIST");
                String[] parameterValues2 = httpServletRequest.getParameterValues("GROUP_LIST");
                String parameter15 = httpServletRequest.getParameter("ACL_FLAG");
                ArrayList arrayList = null;
                if (parameterValues != null) {
                    arrayList = new ArrayList();
                    for (String str : parameterValues) {
                        arrayList.add(new BigDecimal(str));
                    }
                }
                ArrayList arrayList2 = null;
                if (parameterValues2 != null) {
                    arrayList2 = new ArrayList();
                    for (String str2 : parameterValues2) {
                        arrayList2.add(new BigDecimal(str2));
                    }
                }
                String acl2 = setAcl(new BigDecimal(parameter14), arrayList, arrayList2, parameter15, securityContext);
                SerializableString serializableString9 = new SerializableString(acl2);
                if (acl2.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString9.setBoolean(true);
                } else {
                    serializableString9.setBoolean(false);
                }
                serializableString9.setString(acl2);
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(serializableString9);
            } else if (parameter.equals("IS_ADMIN")) {
                new ObjectOutputStream(httpServletResponse.getOutputStream()).writeObject(new SerializableString(isAdmin(securityContext)));
            } else if (parameter.equals("GET_RESOURCE_DESC")) {
                String parameter16 = httpServletRequest.getParameter("RESOURCE_ID");
                ObjectOutputStream objectOutputStream7 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                String resourceDescription = getResourceDescription(new BigDecimal(parameter16));
                SerializableString serializableString10 = new SerializableString();
                if (resourceDescription.indexOf(GlobalConstants.STATUS_ERROR) >= 0) {
                    serializableString10.setBoolean(false);
                } else {
                    serializableString10.setBoolean(true);
                }
                serializableString10.setString(resourceDescription);
                objectOutputStream7.writeObject(serializableString10);
            } else if (parameter.equals("SET_RESOURCE_DESC")) {
                String parameter17 = new HttpRequest(httpServletRequest).getParameter("DESCRIPTION");
                String parameter18 = httpServletRequest.getParameter("RESOURCE_ID");
                ObjectOutputStream objectOutputStream8 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                String resourceDescription2 = setResourceDescription(new BigDecimal(parameter18), parameter17);
                SerializableString serializableString11 = new SerializableString();
                if (resourceDescription2.indexOf(GlobalConstants.STATUS_ERROR) >= 0) {
                    serializableString11.setBoolean(false);
                } else {
                    serializableString11.setBoolean(true);
                }
                serializableString11.setString(resourceDescription2);
                objectOutputStream8.writeObject(serializableString11);
            } else if (parameter.equals("COPY_ACL")) {
                String parameter19 = httpServletRequest.getParameter("DEST_RESOURCE_ID");
                String parameter20 = httpServletRequest.getParameter("SRC_RESOURCE_ID");
                ObjectOutputStream objectOutputStream9 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                if (parameter19 == null || parameter19.equals("")) {
                    objectOutputStream9.writeObject(new SerializableString("Dest Resource id cannot be null"));
                }
                String copyAcl = copyAcl((parameter20 == null && parameter20.equals("")) ? null : new BigDecimal(parameter20), new BigDecimal(parameter19), securityContext);
                SerializableString serializableString12 = new SerializableString();
                if (copyAcl.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString12.setBoolean(true);
                } else {
                    serializableString12.setBoolean(false);
                }
                serializableString12.setString(copyAcl);
                objectOutputStream9.writeObject(serializableString12);
            } else if (parameter.equals("COPY_DESCRIPTION")) {
                String parameter21 = httpServletRequest.getParameter("DEST_RESOURCE_ID");
                String parameter22 = httpServletRequest.getParameter("SRC_RESOURCE_ID");
                ObjectOutputStream objectOutputStream10 = new ObjectOutputStream(httpServletResponse.getOutputStream());
                if (parameter21 == null || parameter21.equals("")) {
                    objectOutputStream10.writeObject(new SerializableString("Dest Resource id cannot be null"));
                }
                BigDecimal bigDecimal4 = new BigDecimal(parameter21);
                String copyResourceDescription = copyResourceDescription((parameter22 == null && parameter22.equals("")) ? null : new BigDecimal(parameter22), bigDecimal4);
                SerializableString serializableString13 = new SerializableString();
                if (copyResourceDescription.equals(ExternallyRolledFileAppender.OK)) {
                    serializableString13.setBoolean(true);
                } else {
                    serializableString13.setBoolean(false);
                }
                serializableString13.setString(copyResourceDescription);
                objectOutputStream10.writeObject(serializableString13);
            }
        } catch (NullPointerException e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "handleRequest(HttpServletRequest req,HttpServletResponse response)", "NullPointerException occured in handlerequest.");
            ObjectOutputStream objectOutputStream11 = new ObjectOutputStream(httpServletResponse.getOutputStream());
            SerializableString serializableString14 = new SerializableString();
            serializableString14.setBoolean(false);
            serializableString14.setString("ERROR: NullPointerException occured in handleRequest ");
            objectOutputStream11.writeObject(serializableString14);
            objectOutputStream11.flush();
            objectOutputStream11.close();
        } catch (Exception e2) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "handleRequest(HttpServletRequest req,HttpServletResponse response)", new StringBuffer().append("Exception occured in handlerequest. ERROR: ").append(e2.getMessage()).toString());
            ObjectOutputStream objectOutputStream12 = new ObjectOutputStream(httpServletResponse.getOutputStream());
            SerializableString serializableString15 = new SerializableString();
            serializableString15.setBoolean(false);
            serializableString15.setString(new StringBuffer().append("ERROR: Exception occured in handleRequest ").append(e2.getMessage()).toString());
            objectOutputStream12.writeObject(serializableString15);
            objectOutputStream12.flush();
            objectOutputStream12.close();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "handleRequest(HttpServletRequest req,HttpServletResponse response)", "Exitting.");
    }

    public String removeResource(BigDecimal bigDecimal) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "removeResource(BigDecimal id)", "Entering.");
        try {
            SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).removeResource(new ResourceKey(bigDecimal));
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "removeResource(BigDecimal id)", new StringBuffer().append("Exception occured while removing the resource. ERROR: ").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "removeResource(BigDecimal id)", "Exitting.");
        return stringBuffer;
    }

    public boolean checkResourcePermission(BigDecimal bigDecimal, SecurityContext securityContext) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "checkResourcePermission(BigDecimal id)", "Entering.");
        try {
            AuthorizationManager authorizationManager = MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext);
            if (authorizationManager.checkPermission(new ResourceKey(bigDecimal), authorizationManager.getCallerContext().getPrincipal(), "crud")) {
                logger.debug("DashboardSecurityHttpUseCaseHandler", "checkResourcePermission(BigDecimal id)", "Exitting.");
                return true;
            }
            logger.debug("DashboardSecurityHttpUseCaseHandler", "checkResourcePermission(BigDecimal id)", "Exitting.");
            return false;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "checkResourcePermission(BigDecimal id)", new StringBuffer().append("Exception occured while checking the permission. ERROR: ").append(e.getMessage()).toString());
            return false;
        }
    }

    public boolean isAdmin(SecurityContext securityContext) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "isAdmin(SecurityContext secCon)", "Entering.");
        try {
            if (MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext).isPrincipalInGroup(securityContext.getPrincipal().getPersonKey(), SecurityServices.getInstance().getPJCOrgAdminGroup().getKey())) {
                return true;
            }
            logger.debug("DashboardSecurityHttpUseCaseHandler", "isAdmin(SecurityContext secCon)", "Exitting.");
            return false;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "isAdmin(SecurityContext secCon)", new StringBuffer().append("Exception occured while checking the admin perms. ERROR:").append(e.getMessage()).toString());
            return false;
        }
    }

    public String setAcl(BigDecimal bigDecimal, BigDecimal bigDecimal2, BigDecimal bigDecimal3) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "setAcl(BigDecimal rscId, BigDecimal grpId, BigDecimal userId)", "Entering.");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            if (bigDecimal3 != null) {
                accessControlManager.addPrincipalToResource(new ResourceKey(bigDecimal), new PersonKey(bigDecimal3), SecurityServices.getInstance().getPJCUserGroup().getKey(), "crud", "active");
            } else {
                accessControlManager.addGroupToResource(new ResourceKey(bigDecimal), new GroupKey(bigDecimal2), "crud", "active");
            }
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "setAcl(BigDecimal rscId, BigDecimal grpId, BigDecimal userId)", new StringBuffer().append("Exception occured while setting the acl. ERROR:").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "setAcl(BigDecimal rscId, BigDecimal grpId, BigDecimal userId)", "Entering.");
        return stringBuffer;
    }

    public String setAcl(BigDecimal bigDecimal, ArrayList arrayList, ArrayList arrayList2, String str, SecurityContext securityContext) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler**", "setAcl(BigDecimal rscId, ArrayList users, ArrayList groups,String aclFlag,SecurityContext secCon)", "Entering.");
        int i = 0;
        try {
            i = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler**", "setAcl(BigDecimal rscId, ArrayList users, ArrayList groups,String aclFlag,SecurityContext secCon)", e.getMessage());
        }
        try {
            MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext);
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            GroupKey key = SecurityServices.getInstance().getPJCUserGroup().getKey();
            Enumeration aclList = accessControlManager.getAclList(new ResourceKey(bigDecimal));
            while (aclList.hasMoreElements()) {
                CataAclEntry cataAclEntry = (CataAclEntry) aclList.nextElement();
                GroupKey groupKey = cataAclEntry.getGroupKey();
                PersonKey personKey = cataAclEntry.getPersonKey();
                accessControlManager.getGroup(groupKey);
                if (personKey != null && personKey.getId().intValue() > 0) {
                    accessControlManager.getPrincipal(personKey);
                    if (i == 2) {
                        accessControlManager.removePrincipalFromResource(new ResourceKey(bigDecimal), key, personKey, 2);
                    } else {
                        accessControlManager.removePrincipalFromResource(new ResourceKey(bigDecimal), key, personKey, 0);
                    }
                } else if (i == 2) {
                    accessControlManager.removeGroupFromResource(new ResourceKey(bigDecimal), groupKey, 2);
                } else {
                    accessControlManager.removeGroupFromResource(new ResourceKey(bigDecimal), groupKey, 0);
                }
            }
            if (arrayList != null) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    accessControlManager.addPrincipalToResource(new ResourceKey(bigDecimal), new PersonKey((BigDecimal) it.next()), key, "crud", "active", i);
                }
            }
            if (arrayList2 != null) {
                Iterator it2 = arrayList2.iterator();
                while (it2.hasNext()) {
                    BigDecimal bigDecimal2 = (BigDecimal) it2.next();
                    if (bigDecimal2.toString().equals("5")) {
                        accessControlManager.addGroupToResource(new ResourceKey(bigDecimal), new GroupKey(bigDecimal2), "crud", "active", i);
                    } else {
                        accessControlManager.addGroupToResource(new ResourceKey(bigDecimal), new GroupKey(bigDecimal2), "r", "active", i);
                    }
                }
            }
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e2) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "setAcl(BigDecimal rscId, ArrayList users, ArrayList groups,String aclFlag,SecurityContext secCon)", new StringBuffer().append("Exception occured while setting the acl. ERROR:").append(e2.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e2.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "setAcl(BigDecimal rscId, ArrayList users, ArrayList groups,String aclFlag,SecurityContext secCon)", "Exitting.");
        return stringBuffer;
    }

    public String updateResource(BigDecimal bigDecimal, String str) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "updateResource(BigDecimal id, String name)", "Entering.");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            Resource resource = accessControlManager.getResource(new ResourceKey(bigDecimal));
            resource.setName(str);
            accessControlManager.updateResource(resource);
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "updateResource(BigDecimal id, String name)", new StringBuffer().append("Exception occured while updating the resource").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "updateResource(BigDecimal id, String name)", "Exitting.");
        return stringBuffer;
    }

    public String setResourceDescription(BigDecimal bigDecimal, String str) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "setResourceDescription(BigDecimal resourceID, String description)", "Entering.");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            Resource resource = accessControlManager.getResource(new ResourceKey(bigDecimal));
            resource.setDescription(str);
            accessControlManager.updateResource(resource);
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "setResourceDescription(BigDecimal resourceID, String description)", new StringBuffer().append("Exception occured while updating the resource").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "setResourceDescription(BigDecimal resourceID, String description)", "Exitting.");
        return stringBuffer;
    }

    public String copyResourceDescription(BigDecimal bigDecimal, BigDecimal bigDecimal2) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "copyResourceDescription(BigDecimal srcResId, BigDecimal destResId)", "Entering.");
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            Resource resource = accessControlManager.getResource(new ResourceKey(bigDecimal));
            Resource resource2 = accessControlManager.getResource(new ResourceKey(bigDecimal2));
            resource2.setDescription(resource.getDescription());
            accessControlManager.updateResource(resource2);
            stringBuffer = ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "copyResourceDescription(BigDecimal srcResId, BigDecimal destResId)", new StringBuffer().append("Exception occured while updating the resource").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "copyResourceDescription(BigDecimal srcResId, BigDecimal destResId)", "Exitting.");
        return stringBuffer;
    }

    public String getResourceDescription(BigDecimal bigDecimal) {
        String stringBuffer;
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getResourceDescription(BigDecimal id)", "Entering.");
        try {
            stringBuffer = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal()).getResource(new ResourceKey(bigDecimal)).getDescription();
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getResourceDescription(BigDecimal id)", new StringBuffer().append("Exception occured while getting the resource description").append(e.getMessage()).toString());
            stringBuffer = new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getResourceDescription(BigDecimal id)", "Exitting.");
        return stringBuffer;
    }

    public String copyAcl(BigDecimal bigDecimal, BigDecimal bigDecimal2, SecurityContext securityContext) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "copyAcl(BigDecimal srcRscId, BigDecimal destRscId)", "Entering.");
        try {
            ResourceKey resourceKey = new ResourceKey(bigDecimal2);
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            AuthorizationManager authorizationManager = MembershipServicesFactory.getInstance().getAuthorizationManager(securityContext);
            if (bigDecimal == null) {
                bigDecimal = accessControlManager.getParentResource(new ResourceKey(bigDecimal2)).getKey().getId();
            }
            Enumeration aclList = accessControlManager.getAclList(new ResourceKey(bigDecimal));
            while (aclList.hasMoreElements()) {
                CataAclEntry cataAclEntry = (CataAclEntry) aclList.nextElement();
                GroupKey groupKey = cataAclEntry.getGroupKey();
                PersonKey personKey = cataAclEntry.getPersonKey();
                if (personKey != null && personKey.getId().intValue() > 0) {
                    SecurityServices.getInstance().getPJCUserGroup().getKey();
                    if (!authorizationManager.checkPermission(resourceKey, accessControlManager.getPrincipal(personKey))) {
                        accessControlManager.addPrincipalToResource(new ResourceKey(bigDecimal2), personKey, groupKey, "crud", "active");
                    }
                } else if (groupKey.toString().equals("5")) {
                    if (!authorizationManager.checkPermission(resourceKey, groupKey)) {
                        accessControlManager.addGroupToResource(resourceKey, groupKey, "crud", "active");
                    } else if (!authorizationManager.checkPermission(resourceKey, groupKey)) {
                        accessControlManager.addGroupToResource(resourceKey, groupKey, "r", "active");
                    }
                }
            }
            logger.debug("DashboardSecurityHttpUseCaseHandler", "copyAcl(BigDecimal srcRscId, BigDecimal destRscId)", "Exitting.");
            return ExternallyRolledFileAppender.OK;
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "copyAcl(BigDecimal srcRscId, BigDecimal destRscId)", new StringBuffer().append("Exception occured while copying the acl. ERROR: ").append(e.getMessage()).toString());
            return new StringBuffer().append("ERROR: ").append(e.getMessage()).toString();
        }
    }

    public ArrayList getChildNodes(BigDecimal bigDecimal, BigDecimal bigDecimal2) {
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal rscId, BigDecimal userId)", "Entering.");
        ArrayList arrayList = new ArrayList();
        try {
            AccessControlManager accessControlManager = SecurityServices.getInstance().getAccessControlManager(SecurityServices.getInstance().getWebsecCataPrincipal());
            Enumeration resourceList = bigDecimal2 != null ? accessControlManager.getResourceList(new ResourceKey(bigDecimal), new PersonKey(bigDecimal2)) : accessControlManager.getResourceList(new ResourceKey(bigDecimal));
            while (resourceList.hasMoreElements()) {
                arrayList.add((Resource) resourceList.nextElement());
            }
        } catch (Exception e) {
            logger.severe("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal rscId, BigDecimal userId)", new StringBuffer().append("Exception occured while getting the child nodes. ERROR:").append(e.getMessage()).toString());
        }
        logger.debug("DashboardSecurityHttpUseCaseHandler", "getChildNodes(BigDecimal rscId, BigDecimal userId)", "Exitting.");
        return arrayList;
    }
}
