package com.ibm.it.rome.slm.access.entitlement;

import com.ibm.it.rome.common.CmnException;
import com.ibm.it.rome.common.access.UserSession;
import com.ibm.it.rome.common.access.entitlement.EntitlementsController;
import com.ibm.it.rome.common.access.entitlement.EntitlementsFactory;
import com.ibm.it.rome.common.access.entitlement.OperationContext;
import com.ibm.it.rome.common.access.entitlement.OperationContextList;
import com.ibm.it.rome.common.access.entitlement.OperationContextsAliasList;
import com.ibm.it.rome.common.action.Action;
import com.ibm.it.rome.common.action.AllowedAction;
import com.ibm.it.rome.common.action.RootAllowedAction;
import com.ibm.it.rome.common.message.CmnErrorCodes;
import com.ibm.it.rome.common.trace.TraceHandler;
import com.ibm.it.rome.slm.access.LdapQueryHandler;
import com.ibm.it.rome.slm.admin.bl.Administrator;
import com.ibm.it.rome.slm.admin.bl.Customer;
import com.ibm.it.rome.slm.admin.bl.CustomerHome;
import com.ibm.it.rome.slm.admin.bl.LDAPHandler;
import com.ibm.it.rome.slm.admin.bl.Profile;
import com.ibm.it.rome.slm.admin.message.SlmErrorCodes;
import com.ibm.it.rome.slm.admin.model.CustomerModelObject;
import com.ibm.it.rome.slm.system.SlmException;
import com.ibm.it.rome.slm.system.SlmPropertyNames;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import javax.naming.NamingException;

/* loaded from: input_file:install/data/ITAMROOT0/4.2.0.0/assembly.dat:com/ibm/it/rome/slm/access/entitlement/LdapEntitlementsController.class */
public class LdapEntitlementsController implements EntitlementsController {
    static final String COPYRIGHT = "(C) Copyright IBM Corporation 2006. All rights reserved.";
    public static String tlmrootUserId = null;
    TraceHandler.TraceFeeder trace;

    public LdapEntitlementsController(String str) {
        this.trace = null;
        this.trace = new TraceHandler.TraceFeeder(this);
        tlmrootUserId = str;
    }

    @Override // com.ibm.it.rome.common.access.entitlement.EntitlementsController
    public OperationContextsAliasList assignEntitlements(UserSession userSession) throws CmnException {
        Enumeration enumeration;
        this.trace.entry("Entering LDAP assignEntitlements method");
        try {
            CustomerHome customerHome = new CustomerHome();
            if (tlmrootUserId == null || !tlmrootUserId.equalsIgnoreCase(userSession.getUserId())) {
                userSession.setAttribute(EntitlementsController.IS_ROOT, Boolean.FALSE);
                String fullDnByUserId = LdapQueryHandler.getFullDnByUserId(userSession.getUserId());
                this.trace.jdata("assignEntitlements", new StringBuffer().append("The full dn is ").append(fullDnByUserId).toString());
                userSession.setAttribute(EntitlementsController.LDAP_FULL_DN, fullDnByUserId);
                List groupListByFullDn = LdapQueryHandler.getGroupListByFullDn(fullDnByUserId);
                userSession.setAttribute(EntitlementsController.LDAP_GROUP_NAME_LIST, groupListByFullDn);
                enumeration = Collections.enumeration(new LDAPHandler().findOrganizationsByLdapGroup(Collections.enumeration(groupListByFullDn)));
            } else {
                userSession.setAttribute(EntitlementsController.IS_ROOT, Boolean.TRUE);
                enumeration = customerHome.findAll();
            }
            Customer customer = new Customer();
            EntitlementsFactory entitlementsFactory = new EntitlementsFactory();
            OperationContextList createOperationContextList = entitlementsFactory.createOperationContextList();
            OperationContextsAliasList operationContextsAliasList = new OperationContextsAliasList();
            while (enumeration.hasMoreElements()) {
                Long l = (Long) enumeration.nextElement();
                customer.load(l.longValue());
                OperationContext createOperationContext = entitlementsFactory.createOperationContext();
                createOperationContext.setType("Customer");
                createOperationContext.setValue(l.toString());
                createOperationContextList.addOperationContext(createOperationContext);
                operationContextsAliasList.put(customer.getName(), createOperationContext);
                this.trace.jtrace("assignEntitlements", "Adding in the aliasList -- operation: {0}, oid: {1}, type: {2}", new Object[]{createOperationContext.getValue(), createOperationContext.getType(), customer.getName()});
            }
            userSession.setAttribute(OperationContextList.OPERATION_CONTEXT_LIST, createOperationContextList);
            userSession.setAttribute(OperationContextsAliasList.OPERATION_CONTEXTS_ALIAS_LIST, operationContextsAliasList);
            this.trace.exit("Leaving LDAP assignEntitlements method");
            return operationContextsAliasList;
        } catch (SlmException e) {
            if (e.getErrorCode() == SlmErrorCodes.BL_OBJECT_NOT_FOUND) {
                throw new SlmException(SlmErrorCodes.USER_HAS_NO_ENTITLEMENTS, new Object[]{userSession.getUserId()});
            }
            return null;
        } catch (NamingException e2) {
            this.trace.jerror("assignEntitlements", e2);
            throw new SlmException(CmnErrorCodes.CRITICAL_ERROR, new Object[]{userSession.getUserId()});
        }
    }

    @Override // com.ibm.it.rome.common.access.entitlement.EntitlementsController
    public void assignOperationContext(UserSession userSession, OperationContext operationContext) throws CmnException {
        Profile profile;
        this.trace.entry("Entering LDAP assignOperationContext method");
        TraceHandler.TraceFeeder traceFeeder = this.trace;
        Object[] objArr = new Object[1];
        objArr[0] = operationContext == null ? Boolean.TRUE : Boolean.FALSE;
        traceFeeder.jtrace("assignOperationContext", "operationContext (null): {0}", objArr);
        if (operationContext == null) {
            throw new SlmException(SlmErrorCodes.UNDEFINED_USER_OPERATION_CONTEXT, new Object[]{userSession.getUserId()});
        }
        long parseLong = Long.parseLong(operationContext.getValue());
        this.trace.jdata("assignOperationContext", new StringBuffer().append("The organization id is ").append(parseLong).toString());
        if (tlmrootUserId == null || !tlmrootUserId.equalsIgnoreCase(userSession.getUserId())) {
            this.trace.jdata("assignOperationContext", new StringBuffer().append("The full dn is ").append((String) userSession.getAttribute(EntitlementsController.LDAP_FULL_DN)).toString());
            List list = (List) userSession.getAttribute(EntitlementsController.LDAP_GROUP_NAME_LIST);
            this.trace.jdata("assignOperationContext", new StringBuffer().append("The group name list has elements ").append(list.size()).toString());
            profile = new LDAPHandler().getProfile(new Long(parseLong), Collections.enumeration(list), new Boolean(System.getProperty(SlmPropertyNames.HIDE_COMPUTER_INVENTORY_INFO)));
        } else {
            Administrator administrator = new Administrator();
            administrator.load(1L);
            profile = administrator.getProfile(parseLong);
        }
        UserProfile userProfile = UserProfile.getInstance(userSession);
        CustomerModelObject newInstance = CustomerModelObject.newInstance(userSession, new Long(parseLong), userProfile.getCustomerName(), false);
        newInstance.load();
        userProfile.setCustomerName(((OperationContextsAliasList) userSession.getAttribute(OperationContextsAliasList.OPERATION_CONTEXTS_ALIAS_LIST)).findOperationContextAliasName(operationContext));
        userProfile.setCustomerId(parseLong);
        userProfile.setServerRegistrationCode(newInstance.getServerRegistrationCode());
        userProfile.setRoleIds(profile.getProfileOid());
        userProfile.setPrivacyPolicyRight(4, profile.getHideHostInv());
        userProfile.setPrivacyPolicyRight(2, profile.getHideHost());
        userProfile.setPrivacyPolicyRight(3, profile.getHideGroup());
        userProfile.setPrivacyPolicyRight(1, profile.getHideUser());
        userProfile.setKeys(profile.getKeys());
        this.trace.jtrace("assignOperationContext", "Loaded profile in the method assignOperationContext");
        userSession.setAttribute(OperationContext.OPERATION_CONTEXT, operationContext);
        this.trace.exit("Leaving LDAP assignOperationContext method");
    }

    @Override // com.ibm.it.rome.common.access.entitlement.EntitlementsController
    public void assignOperationContext(UserSession userSession, String str) throws CmnException {
        this.trace.entry("Entering LDAP assignOperationContext(UserSession, String) method");
        OperationContext createOperationContext = new EntitlementsFactory().createOperationContext();
        createOperationContext.setType("Customer");
        createOperationContext.setValue(str);
        assignOperationContext(userSession, createOperationContext);
        this.trace.exit("Leaving LDAP assignOperationContext(UserSession, String) method");
    }

    @Override // com.ibm.it.rome.common.access.entitlement.EntitlementsController
    public void checkEntitlement(UserSession userSession, Action action) throws CmnException {
        this.trace.entry("Entering LDAP checkEntitlement method");
        if (action instanceof AllowedAction) {
            this.trace.jtrace("checkEntitlement", "Action is istanceof ActionAllowed");
            this.trace.exit("Leaving LDAP checkEntitlement method");
            return;
        }
        this.trace.jtrace("checkEntitlement", "Action is not istanceof ActionAllowed");
        if (action instanceof RootAllowedAction) {
            this.trace.jtrace("checkEntitlement", "Action is istanceof RootAllowedAction");
            if (((Boolean) userSession.getAttribute(EntitlementsController.IS_ROOT)).booleanValue()) {
                this.trace.jtrace("checkEntitlement", "The user has root privilage");
                this.trace.exit("Leaving LDAP checkEntitlement method");
                return;
            }
            this.trace.jtrace("checkEntitlement", "The user has not root privilage");
        }
        this.trace.jtrace("checkEntitlement", "Action is not istanceof RootAllowedAction");
        String name = action.getName();
        if (UserProfile.getInstance(userSession).getValue(name) == null) {
            this.trace.exit("Leaving LDAP checkEntitlement method");
        } else {
            OperationContext operationContext = (OperationContext) userSession.getAttribute(OperationContext.OPERATION_CONTEXT);
            this.trace.jlog("checkEntitlement", new StringBuffer().append("User with id ").append(userSession.getUserId()).append(" and context ").append(operationContext == null ? "unknown" : operationContext.getValue()).append(" is not entitled to run task with name ").append(name).toString());
            throw new SlmException(SlmErrorCodes.USER_IS_NOT_ENTITLED);
        }
    }
}
