package com.ibm.wbimonitor.rest.security.accesscontrol;

import com.ibm.wbimonitor.repository.DataAccessException;
import com.ibm.wbimonitor.repository.apis.RepositoryAccess;
import com.ibm.wbimonitor.rest.dbhelper.ConnectionHelper;
import com.ibm.wbimonitor.rest.security.modelsecurity.api.ModelSecurityPartyRole;
import com.ibm.wbimonitor.rest.security.util.Role;
import com.ibm.wbimonitor.rest.security.util.RoleTable;
import com.ibm.wbimonitor.rest.util.MemberHelper;
import com.ibm.wbimonitor.rest.util.URIMatcher;
import com.ibm.wbimonitor.util.ProfileUtil;
import com.ibm.websphere.logging.WsLevel;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.WSSecurityHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import java.net.URLDecoder;
import java.rmi.RemoteException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:library_jars/com.ibm.wbimonitor.repository.jar:com/ibm/wbimonitor/rest/security/accesscontrol/AuthorizationService.class */
public class AuthorizationService {
    public static final String COPYRIGHT = "Copyright IBM Corporation 2006, 2011.";
    public static final String RESOURCE = "resource1";
    public static String SCHEMA_NAME;
    static long customRestSecurityRefreshInterval;
    private static final Logger logger = Logger.getLogger("com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService");
    private static final String CLASSNAME = AuthorizationService.class.getName();
    private static String USERID_COLUMN = "USERID";
    private static String ROLE_COLUMN = "ROLE";
    private static String MEMBERTYPE_COLUMN = "MEMBER_TYPE";
    private static String RESOURCEGROUP_COLUMN = "RESOURCE_GROUP";
    private static final String[] allowedUriList = {"/models", "/models/", "/alerts/*", "/dashboards/*", "/security/*", "/userdata", "/userdata/*", "/icons/kpi", "/images/kpi/monitorIcons/*", "/images/kpi/customIcons/*", "/bpc_host/*", "/situation/*", "/cube_packages/*"};
    private static URIMatcher allowedURIMatcher = new URIMatcher();
    private static RoleTable roleTable = new RoleTable();
    public static Map<String, URIMatcher> matchers = new HashMap();
    static long lastRefreshTime = System.currentTimeMillis();
    static ArrayList<String> allowedURICache = new ArrayList<>(1500);
    static long refreshInterval = 10000;

    public static ArrayList getUserRoles(HttpServletRequest httpServletRequest) {
        logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "Entry");
        if (!WSSecurityHelper.isServerSecurityEnabled()) {
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "Security is disabled. Returning all roles from RoleTable");
            return new RoleTable().getAllRoleNames();
        }
        List<String> list = null;
        try {
            list = MemberHelper.getGroupDNsFromUserDN();
        } catch (RemoteException e) {
            FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "134");
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", e.getMessage());
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "131");
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", e2.getMessage());
        }
        try {
            List superUsers = getSuperUsers();
            String userDNFromWAS = MemberHelper.getUserDNFromWAS();
            if (superUsers.contains(userDNFromWAS)) {
                logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "The user is a super user. Returning all roles from RoleTable");
                logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "Exit");
                return new RoleTable().getAllRoleNames();
            }
            for (int i = 0; i < list.size(); i++) {
                if (superUsers.contains(list.get(i))) {
                    logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "One of the groups the user belongs to is a super user. Returning all roles from RoleTable");
                    return new RoleTable().getAllRoleNames();
                }
            }
            String pathInfo = httpServletRequest.getPathInfo();
            String substring = pathInfo.startsWith("/") ? pathInfo.substring(12) : pathInfo.substring(11);
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "URI=" + substring);
            if ((substring.equalsIgnoreCase("/models") || substring.equalsIgnoreCase("/models/") || substring.indexOf("models") == -1) && !substring.equals("/security/roles")) {
                return new ArrayList();
            }
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", " request.getPathInfo()");
            StringTokenizer stringTokenizer = new StringTokenizer(substring, "/");
            String str = null;
            if (stringTokenizer.hasMoreTokens()) {
                stringTokenizer.nextToken();
                if (stringTokenizer.hasMoreTokens()) {
                    str = stringTokenizer.nextToken();
                    logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "Model = " + str);
                }
            }
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "Exit");
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "### URI = " + substring);
            if (!substring.equals("/security/roles")) {
                return getUserRoles(userDNFromWAS, str);
            }
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### safeDecode(request.getQueryString() = " + safeDecode(httpServletRequest.getQueryString()));
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### request.getCharacterEncoding() = " + httpServletRequest.getCharacterEncoding());
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### request.getContentType() = " + httpServletRequest.getContentType());
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### request.getLocale() = " + httpServletRequest.getLocale());
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### request.getRequestURL() = " + ((Object) httpServletRequest.getRequestURL()));
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### request.getQueryString() = " + httpServletRequest.getQueryString());
            safeDecode(httpServletRequest.getParameter("resource"));
            String safeDecode = safeDecode(httpServletRequest.getQueryString());
            String substring2 = safeDecode.substring(safeDecode.indexOf("resource=") + 9);
            logFine(CLASSNAME, "getUserRoles(HttpServletRequest request)", "#### tModel= " + substring2);
            return getUserRoles(userDNFromWAS, substring2);
        } catch (WSSecurityException e3) {
            FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "157");
            logWarning(CLASSNAME + "::getUserRoles(HttpServletRequest request)::getUserRoles() - An exception occurred in MemberHelper.getUserDNFromWAS(). Returning null user roles.");
            return new ArrayList();
        }
    }

    public static ArrayList getUserRoles(String str, String str2) {
        logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "Entry");
        ArrayList arrayList = new ArrayList();
        if (str2 == null) {
            return arrayList;
        }
        if (isMalicious(str2)) {
            logWarning(CLASSNAME + "::getUserRoles(String userDN, String resource)::getUserRoles()URL failed SQL injection check! Ignoring resource " + str2);
            return arrayList;
        }
        if (!WSSecurityHelper.isServerSecurityEnabled()) {
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "Security is disabled. Returning all roles from RoleTable");
            return new RoleTable().getAllRoleNames();
        }
        List superUsers = getSuperUsers();
        if (superUsers.contains(str)) {
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "The user is a super user. Returning all roles from RoleTable");
            return new RoleTable().getAllRoleNames();
        }
        List<String> list = null;
        try {
            list = str != null ? MemberHelper.getGroupDNsFromUserDN(str) : MemberHelper.getGroupDNsFromUserDN();
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "216");
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", e.getMessage());
        } catch (RemoteException e2) {
            FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "220");
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", e2.getMessage());
        }
        for (int i = 0; i < list.size(); i++) {
            if (superUsers.contains(list.get(i))) {
                logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "One of the groups the user belongs to is a super user. Returning all roles from RoleTable");
                return new RoleTable().getAllRoleNames();
            }
        }
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "Failed to obtain connection to database. Returning empty role list...");
            return arrayList;
        }
        Statement statement = null;
        ResultSet resultSet = null;
        long currentTimeMillis = System.currentTimeMillis();
        StringBuilder sb = new StringBuilder("select ROLE from ");
        sb.append(SCHEMA_NAME);
        sb.append(".RAT_PARTY_ROLES where ( USERID ='");
        try {
            if (str == null) {
                try {
                    try {
                        try {
                            str = MemberHelper.getUserDNFromWAS();
                        } catch (WSSecurityException e3) {
                            FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "301");
                            logWarning("getUserRoles::WSSecurityException - returning empty list");
                            closeResources(resultSet, statement, connection);
                        }
                    } catch (SQLException e4) {
                        FFDCFilter.processException(e4, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "291");
                        logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "::SQLException::ErrorCode = " + e4.getErrorCode());
                        logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "::SQLException::ErrorCode = " + e4.getSQLState());
                        logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "::SQLException::ErrorCode = " + e4.getCause());
                        closeResources(resultSet, statement, connection);
                    }
                } catch (RemoteException e5) {
                    FFDCFilter.processException(e5, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "306");
                    logWarning("getUserRoles::RemoteException - returning empty list");
                    closeResources(resultSet, statement, connection);
                }
            }
            List<String> groupDNsFromUserDN = MemberHelper.getGroupDNsFromUserDN(str);
            groupDNsFromUserDN.add(str);
            int size = groupDNsFromUserDN.size();
            for (int i2 = 0; i2 < size; i2++) {
                if (i2 == size - 1) {
                    sb.append(escapeQuote(groupDNsFromUserDN.get(i2)));
                    sb.append("')  and (RESOURCE_GROUP =(select RESOURCE_GROUP from ");
                    sb.append(SCHEMA_NAME);
                    sb.append(".RAT_AUTH_DOMAIN where RESOURCE1 ='");
                } else {
                    sb.append(escapeQuote(groupDNsFromUserDN.get(i2)));
                    sb.append("' or USERID ='");
                }
            }
            sb.append(escapeQuote(str2));
            sb.append("')");
            List<String> allLevelParentResourceGroups = getAllLevelParentResourceGroups(getResourceGroup(str2, SCHEMA_NAME));
            for (int i3 = 0; i3 < allLevelParentResourceGroups.size(); i3++) {
                sb.append(" or RESOURCE_GROUP ='");
                sb.append(escapeQuote(allLevelParentResourceGroups.get(i3)));
                sb.append("'");
            }
            sb.append(")");
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "getUserRoles::userRoleQuery = " + ((Object) sb));
            statement = connection.createStatement();
            resultSet = statement.executeQuery(sb.toString());
            while (resultSet.next()) {
                arrayList.add(resultSet.getString(1));
            }
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "::Roles list = " + arrayList);
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "Time to get user roles =  " + (System.currentTimeMillis() - currentTimeMillis));
            closeResources(resultSet, statement, connection);
            logFine(CLASSNAME, "getUserRoles(String userDN, String resource)", "Exit");
            return arrayList;
        } catch (Throwable th) {
            closeResources(resultSet, statement, connection);
            throw th;
        }
    }

    public static ArrayList getUserRoles(String str) {
        logFine(CLASSNAME, "getUserRoles(String userDN)", "Entry");
        ArrayList arrayList = new ArrayList();
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getUserRoles(String userDN)", "Failed to obtain connection to database. Returning empty user role list...");
            return arrayList;
        }
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        StringBuilder sb = new StringBuilder("select ROLE from ");
        sb.append(SCHEMA_NAME);
        sb.append(".RAT_PARTY_ROLES");
        try {
            try {
                try {
                    try {
                        List<String> groupDNsFromUserDN = MemberHelper.getGroupDNsFromUserDN(str);
                        groupDNsFromUserDN.add(str);
                        logFine(CLASSNAME, "getUserRoles(String userDN)", "::userRoleQuery = " + ((Object) sb));
                        preparedStatement = addWhereInList(connection, sb, "USERID", groupDNsFromUserDN);
                        resultSet = preparedStatement.executeQuery();
                        while (resultSet.next()) {
                            arrayList.add(resultSet.getString(1));
                        }
                        logFine(CLASSNAME, "getUserRoles(String userDN)", "::Roles list = " + arrayList);
                        closeResources(resultSet, preparedStatement, connection);
                    } catch (RemoteException e) {
                        FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "374");
                        logWarning("getUserRoles::RemoteException - returning empty list");
                        closeResources(resultSet, preparedStatement, connection);
                    }
                } catch (WSSecurityException e2) {
                    FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "368");
                    logSevere("getUserRoles::WSSecurityException - returning empty list");
                    closeResources(resultSet, preparedStatement, connection);
                }
            } catch (SQLException e3) {
                FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getUserRoles", "358");
                logFine(CLASSNAME, "getUserRoles(String userDN)", "::SQLException::ErrorCode = " + e3.getErrorCode());
                logFine(CLASSNAME, "getUserRoles(String userDN)", "::SQLException::ErrorCode = " + e3.getSQLState());
                logFine(CLASSNAME, "getUserRoles(String userDN)", "::SQLException::ErrorCode = " + e3.getCause());
                closeResources(resultSet, preparedStatement, connection);
            }
            logFine(CLASSNAME, "getUserRoles(String userDN)", "Exit");
            return arrayList;
        } catch (Throwable th) {
            closeResources(resultSet, preparedStatement, connection);
            throw th;
        }
    }

    public static List<String> getGroupRoles(String str, String str2) {
        logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "Entry");
        ArrayList arrayList = new ArrayList();
        if (str2 == null || str == null) {
            return arrayList;
        }
        if (isMalicious(str2)) {
            logWarning(CLASSNAME + "::getGroupRoles(String groupDN, String resource) URL failed SQL injection check! Ignoring resource = " + str2);
            return arrayList;
        }
        if (!WSSecurityHelper.isServerSecurityEnabled()) {
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "Security is disabled. Returning all roles from RoleTable");
            return new RoleTable().getAllRoleNames();
        }
        if (getSuperUsers().contains(str)) {
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "The group is a super user. Returning all roles from RoleTable");
            return new RoleTable().getAllRoleNames();
        }
        List<String> list = null;
        try {
            list = MemberHelper.getGroupDNsForGroupDN(str);
        } catch (RemoteException e) {
            FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getGroupRoles", "220");
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", e.getMessage());
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getGroupRoles", "216");
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", e2.getMessage());
        }
        if (list == null) {
            list = new ArrayList();
        }
        list.add(str);
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "Failed to obtain connection to database. Returning empty group role list...");
            return arrayList;
        }
        Statement statement = null;
        ResultSet resultSet = null;
        long currentTimeMillis = System.currentTimeMillis();
        logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", " building select with all groups");
        StringBuilder sb = new StringBuilder("select ROLE from ");
        sb.append(SCHEMA_NAME);
        sb.append(".RAT_PARTY_ROLES where ( USERID in (");
        boolean z = true;
        for (String str3 : list) {
            if (!z) {
                sb.append(",");
            }
            sb.append("'");
            sb.append(escapeQuote(str3));
            sb.append("'");
            z = false;
        }
        sb.append("))  and (RESOURCE_GROUP =(select RESOURCE_GROUP from ");
        sb.append(SCHEMA_NAME);
        sb.append(".RAT_AUTH_DOMAIN where RESOURCE1 ='");
        sb.append(escapeQuote(str2));
        sb.append("')");
        try {
            try {
                List<String> allLevelParentResourceGroups = getAllLevelParentResourceGroups(getResourceGroup(str2, SCHEMA_NAME));
                for (int i = 0; i < allLevelParentResourceGroups.size(); i++) {
                    sb.append(" or RESOURCE_GROUP ='" + escapeQuote(allLevelParentResourceGroups.get(i)) + "'");
                }
                sb.append(")");
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "groupRoleQuery = " + ((Object) sb));
                statement = connection.createStatement();
                resultSet = statement.executeQuery(sb.toString());
                while (resultSet.next()) {
                    arrayList.add(resultSet.getString(1));
                }
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "::Roles list = " + arrayList);
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "Time to get group roles =  " + (System.currentTimeMillis() - currentTimeMillis));
                closeResources(resultSet, statement, connection);
            } catch (SQLException e3) {
                FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getGroupRoles", "293");
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "::SQLException::ErrorCode = " + e3.getErrorCode());
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "::SQLException::ErrorCode = " + e3.getSQLState());
                logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "::SQLException::ErrorCode = " + e3.getCause());
                closeResources(resultSet, statement, connection);
            }
            logFine(CLASSNAME, "getGroupRoles(String groupDN, String resource)", "Exit");
            return arrayList;
        } catch (Throwable th) {
            closeResources(resultSet, statement, connection);
            throw th;
        }
    }

    public static List<ModelSecurityPartyRole> getAllRolesForResourceGroups(List<String> list) throws DataAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "Entry");
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                logger.logp(WsLevel.FINER, CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "resourceGroup:" + it.next());
            }
        }
        ArrayList arrayList = new ArrayList();
        if (list == null || list.size() == 0) {
            logger.logp(WsLevel.FINER, CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "Exit: resourceGroups is either null or empty. Returning an empty role list.");
            return arrayList;
        }
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logger.logp(WsLevel.SEVERE, CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "Failed to obtain database connection.");
            throw new DataAccessException(Messages.getMessage("CWMDS6557E"));
        }
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        StringBuilder sb = new StringBuilder("SELECT * FROM ");
        sb.append(SCHEMA_NAME);
        sb.append(".RAT_PARTY_ROLES");
        try {
            try {
                preparedStatement = addWhereInList(connection, sb, "RESOURCE_GROUP", list);
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    arrayList.add(new ModelSecurityPartyRole(resultSet.getString(USERID_COLUMN), resultSet.getString(ROLE_COLUMN), resultSet.getString(MEMBERTYPE_COLUMN), resultSet.getString(RESOURCEGROUP_COLUMN)));
                    if (logger.isLoggable(WsLevel.FINER)) {
                        logger.logp(WsLevel.FINER, CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "Party role: USERID=" + resultSet.getString(USERID_COLUMN) + " ROLE=" + resultSet.getString(ROLE_COLUMN) + " MEMBERTYPE=" + resultSet.getString(MEMBERTYPE_COLUMN));
                    }
                }
                closeResources(resultSet, preparedStatement, connection);
                logFine(CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "Exit");
                return arrayList;
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getGroupRoles", "293");
                logFine(CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "::SQLException::ErrorCode = " + e.getErrorCode());
                logFine(CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "::SQLException::ErrorState = " + e.getSQLState());
                logFine(CLASSNAME, "getAllRolesForResourceGroup(resourceGroup)", "::SQLException::ErrorCause = " + e.getCause());
                throw new DataAccessException(e);
            }
        } catch (Throwable th) {
            closeResources(resultSet, preparedStatement, connection);
            throw th;
        }
    }

    public static boolean isMalicious(String str) {
        return SQLInjectionChecker.getInstance().containsSQLKeywords(str);
    }

    public static boolean isActionAllowed(String str, String str2, String str3) {
        List<String> groupDNsFromUserDN;
        String str4;
        logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Entry: uri=" + str + " REST method=" + str2 + " userId=" + str3);
        if ("allow".equals(allowedURIMatcher.match(str).getTarget())) {
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "The URI " + str + " is in the 'always allow' list.");
            return true;
        }
        List superUsers = getSuperUsers();
        int size = superUsers.size();
        try {
            if (str3 != null) {
                groupDNsFromUserDN = MemberHelper.getGroupDNsFromUserDN(str3);
                groupDNsFromUserDN.add(str3);
            } else {
                groupDNsFromUserDN = MemberHelper.getGroupDNsFromUserDN();
                groupDNsFromUserDN.add(MemberHelper.getUserDNFromWAS());
            }
            for (int i = 0; i < size; i++) {
                if (groupDNsFromUserDN.contains(superUsers.get(i))) {
                    logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "The user " + superUsers.get(i) + " is a super user.");
                    logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Action allowed.");
                    return true;
                }
            }
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "The user is a NOT a super user.");
            long currentTimeMillis = System.currentTimeMillis();
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Current time in ms = " + currentTimeMillis);
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "lastRefreshTime + refreshInterval =" + lastRefreshTime + refreshInterval);
            if (currentTimeMillis > lastRefreshTime + refreshInterval) {
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Updating cache to RAT tables");
                try {
                    customRestSecurityRefreshInterval = new Long(System.getProperty("rest.security.refreshInterval")).longValue();
                    refreshInterval = customRestSecurityRefreshInterval;
                } catch (NumberFormatException e) {
                    logFine(CLASSNAME, "AuthorizationService() static", " system property rest.security.refreshInterval wasn't set. Use the default value of 10 seconds.");
                    customRestSecurityRefreshInterval = 0L;
                    refreshInterval = 10000L;
                }
                if (hasRATChanged(SCHEMA_NAME)) {
                    logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Invalidate allowed URI cache. Repopulate it.");
                    allowedURICache = new ArrayList<>();
                    resetRATMonitor(SCHEMA_NAME);
                }
                lastRefreshTime = System.currentTimeMillis();
            }
            List<Role> matchRole = roleTable.matchRole(str, str2);
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Required Roles = " + matchRole);
            if (matchRole == null || matchRole.size() == 0) {
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Required roles list is null or empty. Action NOT PERMITTED!!");
                return false;
            }
            StringTokenizer stringTokenizer = new StringTokenizer(str, "/");
            str4 = "";
            if (stringTokenizer.hasMoreTokens()) {
                stringTokenizer.nextToken();
                str4 = stringTokenizer.hasMoreTokens() ? stringTokenizer.nextToken() : "";
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", " Model = " + str4);
            }
            String str5 = SCHEMA_NAME;
            String resourceGroup = getResourceGroup(str4, str5);
            if (resourceGroup == null) {
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Action NOT PERMITTED due to null resourceGroup!!");
                return false;
            }
            List<String> allLevelParentResourceGroups = getAllLevelParentResourceGroups(resourceGroup);
            ArrayList<String> generatePartyRoles = generatePartyRoles(str5);
            for (int i2 = 0; i2 < groupDNsFromUserDN.size(); i2++) {
                String str6 = groupDNsFromUserDN.get(i2);
                if (allowedURICache != null && allowedURICache.contains(str6 + "#" + str + "#" + str2)) {
                    logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Returning true(action allowed) from cache");
                    return true;
                }
                ArrayList arrayList = new ArrayList();
                int size2 = matchRole.size();
                for (int i3 = 0; i3 < allLevelParentResourceGroups.size(); i3++) {
                    String str7 = str6 + "#" + allLevelParentResourceGroups.get(i3) + "#";
                    for (int i4 = 0; i4 < size2; i4++) {
                        arrayList.add(str7 + matchRole.get(i4));
                    }
                }
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "User/group current party roles = " + arrayList);
                logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Comparing party roles in DB with user current party roles...");
                for (int i5 = 0; i5 < arrayList.size(); i5++) {
                    for (int i6 = 0; i6 < generatePartyRoles.size(); i6++) {
                        if (((String) arrayList.get(i5)).equalsIgnoreCase(generatePartyRoles.get(i6))) {
                            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Found a match for role: " + ((String) arrayList.get(i5)));
                            allowedURICache.add(str6 + "#" + str + "#" + str2);
                            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Action allowed.");
                            return true;
                        }
                    }
                }
            }
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit: Action NOT PERMITTED!! No match found.");
            return false;
        } catch (RemoteException e2) {
            FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.isActionAllowed", "611");
            logSevere(CLASSNAME + "::isActionAllowed(String uri, String method, String userId)RESTFilter: Problem (RemoteException) getting user's group membership");
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit");
            return false;
        } catch (WSSecurityException e3) {
            FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.isActionAllowed", "602");
            logSevere(CLASSNAME + "::isActionAllowed(String uri, String method, String userId)RESTFilter: Problem (WSSecurityException) getting user's group membership");
            logFine(CLASSNAME, "isActionAllowed(String uri, String method, String userId)", "Exit");
            return false;
        }
    }

    public static boolean isUriValid(String str) {
        String str2;
        logFine(CLASSNAME, "isUriValid(String uri, String userId)", "Entry: uri=" + str);
        StringTokenizer stringTokenizer = new StringTokenizer(str, "/");
        str2 = "";
        if (stringTokenizer.hasMoreTokens()) {
            stringTokenizer.nextToken();
            str2 = stringTokenizer.hasMoreTokens() ? "/" + stringTokenizer.nextToken() : "";
            logFine(CLASSNAME, "isUriValid(String uri, String userId)", " Model = " + str2);
        }
        if (str2 != null) {
            try {
                String[] allModelIds = new RepositoryAccess().getAllModelIds();
                logFine(CLASSNAME, "isUriValid(String uri, String userId)", "RepositoryAccess returned " + allModelIds.length + " models.");
                for (int i = 0; i < allModelIds.length; i++) {
                    logFine(CLASSNAME, "isUriValid(String uri, String userId)", "Comparing " + str2 + " to " + allModelIds[i]);
                    if (str2.equals(allModelIds[i])) {
                        logFine(CLASSNAME, "isUriValid(String uri, String userId)", "Exit: Model Found.");
                        return true;
                    }
                }
            } catch (Exception e) {
            }
        }
        logFine(CLASSNAME, "isUriValid(String uri, String userId)", "Exit: Model Not Found.");
        return false;
    }

    public static String getResourceGroup(String str, String str2) {
        logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Entry");
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Failed to obtain connection to database. Returning NULL resource group string...");
            return null;
        }
        logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "resource =" + str);
        try {
            try {
                PreparedStatement prepareStatement = connection.prepareStatement("select RESOURCE_GROUP from " + SCHEMA_NAME + ".RAT_AUTH_DOMAIN where RESOURCE1 = ?");
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Exit: retVal=NULL");
                    closeResources(executeQuery, prepareStatement, connection);
                    return null;
                }
                String string = executeQuery.getString("RESOURCE_GROUP");
                if (executeQuery.wasNull()) {
                    logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", " A NULL resource group was returned");
                    logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Exit: retVal=NULL");
                    closeResources(executeQuery, prepareStatement, connection);
                    return null;
                }
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "resource group =  " + string);
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Exit");
                closeResources(executeQuery, prepareStatement, connection);
                return string;
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getResourceGroup", "832");
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", e.getMessage());
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", e.getSQLState());
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "SQL Error Code = " + e.getErrorCode());
                closeResources(null, null, connection);
                logFine(CLASSNAME, "getResourceGroup(String resource, String schema)", "Exit");
                return null;
            }
        } catch (Throwable th) {
            closeResources(null, null, connection);
            throw th;
        }
    }

    public static List<String> getAllLevelParentResourceGroups(String str) {
        logFine(CLASSNAME, "getAllLevelParentResourceGroups(String resourceGroup)", "Entry: resourceGroup=" + str);
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            arrayList.add(str);
        }
        if (str != null && !str.equals("root")) {
            boolean z = false;
            do {
                try {
                    String parent = getParent(str);
                    if (parent != null) {
                        arrayList.add(parent);
                        str = parent;
                    }
                    if (parent == null || parent.equals("root")) {
                        z = true;
                    }
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getParentResourceGroups", "911");
                    logFine(CLASSNAME, "getAllLevelParentResourceGroups(String resourceGroup)", e.getLocalizedMessage());
                }
            } while (!z);
        }
        logFine(CLASSNAME, "getAllLevelParentResourceGroups(String resourceGroup)", "Exit: ResourceGroup Hierarchy = " + arrayList);
        return arrayList;
    }

    static boolean hasRATChanged(String str) {
        logFine(CLASSNAME, "hasRATChanged(String schema)", "Entry");
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "hasRATChanged(String schema)", "Failed to obtain connection to database. Returning FALSE");
            return false;
        }
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = connection.createStatement();
                resultSet = statement.executeQuery(new StringBuffer("select MARKER from " + SCHEMA_NAME + ".RAT_UPDATE_MONITOR").toString());
                while (resultSet.next()) {
                    if (resultSet.getString("MARKER").trim().equalsIgnoreCase("NEW")) {
                        logFine(CLASSNAME, "hasRATChanged(String schema)", "Exiting with TRUE");
                        closeResources(resultSet, statement, connection);
                        return true;
                    }
                }
                closeResources(resultSet, statement, connection);
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.hasRATChanged", "666");
                logFine(CLASSNAME, "hasRATChanged(String schema)", e.getMessage());
                closeResources(resultSet, statement, connection);
            }
            logFine(CLASSNAME, "hasRATChanged(String schema)", "Exiting with FALSE");
            return false;
        } catch (Throwable th) {
            closeResources(resultSet, statement, connection);
            throw th;
        }
    }

    static void resetRATMonitor(String str) {
        logFine(CLASSNAME, "resetRATMonitor(String schema)", "Entry");
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "resetRATMonitor(String schema)", "Failed to obtain connection to database. Exiting...");
            return;
        }
        Statement statement = null;
        try {
            try {
                statement = connection.createStatement();
                StringBuffer stringBuffer = new StringBuffer("update ");
                stringBuffer.append(SCHEMA_NAME);
                stringBuffer.append(".RAT_UPDATE_MONITOR set MARKER ='OLD' where MARKER ='NEW'");
                statement.executeUpdate(stringBuffer.toString());
                closeResources(null, statement, connection);
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.resetRATMonitor", "691");
                logFine(CLASSNAME, "resetRATMonitor(String schema)", e.getMessage());
                closeResources(null, statement, connection);
            }
            logFine(CLASSNAME, "resetRATMonitor(String schema)", "Exit");
        } catch (Throwable th) {
            closeResources(null, statement, connection);
            throw th;
        }
    }

    static List getSuperUsers() {
        logFine(CLASSNAME, "getSuperUsers", "Entry");
        ArrayList arrayList = new ArrayList();
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getSuperUsers", "Failed to obtain connection to database. Returning empty super user list...");
            return arrayList;
        }
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = connection.createStatement();
                resultSet = statement.executeQuery("select * from " + SCHEMA_NAME + ".RAT_SUPERUSERS");
                while (resultSet.next()) {
                    arrayList.add(resultSet.getString("USERID"));
                }
                closeResources(resultSet, statement, connection);
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getSuperUsers", "722");
                logFine(CLASSNAME, "getSuperUsers", e.getMessage());
                closeResources(resultSet, statement, connection);
            }
            logFine(CLASSNAME, "getSuperUsers", "Exit: superUsers=" + arrayList.toString());
            return arrayList;
        } catch (Throwable th) {
            closeResources(resultSet, statement, connection);
            throw th;
        }
    }

    static ArrayList<String> generatePartyRoles(String str) {
        logFine(CLASSNAME, "generatePartyRoles(String schema)", "Entry");
        logFine(CLASSNAME, "generatePartyRoles(String schema)", "Not using the cached party roles");
        ArrayList<String> arrayList = new ArrayList<>();
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "generatePartyRoles(String schema)", "Failed to obtain connection to database. Returning empty party role list...");
            return arrayList;
        }
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = connection.prepareStatement("select * from " + SCHEMA_NAME + ".RAT_PARTY_ROLES");
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    String str2 = resultSet.getString("USERID").trim() + "#" + resultSet.getString("RESOURCE_GROUP").trim() + "#" + resultSet.getString("ROLE").trim();
                    arrayList.add(str2);
                    logFine(CLASSNAME, "generatePartyRoles(String schema)", "Party role entry in DB: " + str2);
                }
                closeResources(resultSet, preparedStatement, connection);
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.generatePartyRoles", "781");
                logFine(CLASSNAME, "generatePartyRoles(String schema)", e.getMessage());
                closeResources(resultSet, preparedStatement, connection);
            }
            logFine(CLASSNAME, "generatePartyRoles(String schema)", "Exit");
            return arrayList;
        } catch (Throwable th) {
            closeResources(resultSet, preparedStatement, connection);
            throw th;
        }
    }

    static String getParent(String str) {
        logFine(CLASSNAME, "getParent(String resourceGroup)", "Entry");
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "getParent(String resourceGroup)", "Failed to obtain connection to database. Returning NULL parent string...");
            return null;
        }
        try {
            try {
                PreparedStatement prepareStatement = connection.prepareStatement("select PARENT_ID from " + SCHEMA_NAME + ".RAT_RESOURCE_GROUPS where ID = ?");
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    closeResources(executeQuery, prepareStatement, connection);
                    return null;
                }
                String string = executeQuery.getString("PARENT_ID");
                if (!executeQuery.wasNull()) {
                    logFine(CLASSNAME, "getParent(String resourceGroup)", "Exit: retVal=" + string);
                    closeResources(executeQuery, prepareStatement, connection);
                    return string;
                }
                logFine(CLASSNAME, "getParent(String resourceGroup)", "returning NULL as rs.wasNull()=true");
                logFine(CLASSNAME, "getParent(String resourceGroup)", "Exit: retVal=NULL");
                closeResources(executeQuery, prepareStatement, connection);
                return null;
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.getParent", "878");
                logFine(CLASSNAME, "getParent(String resourceGroup)", "Exception! " + e.getMessage());
                closeResources(null, null, connection);
                logFine(CLASSNAME, "getParent(String resourceGroup)", "Exit");
                return null;
            }
        } catch (Throwable th) {
            closeResources(null, null, connection);
            throw th;
        }
    }

    public static Role getRoleDefinition(String str) {
        return roleTable.getRoleDefinition(str);
    }

    public static boolean isUserInResourceGroup(String str) {
        logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "Entry");
        logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "userDN  = " + str);
        if (str == null) {
            logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "Exit");
            logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "returning FALSE as userDN was NULL");
            return false;
        }
        if (str.length() == 0) {
            logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "Exit");
            logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "returning FALSE as userDN was of zero length");
            return false;
        }
        Connection connection = ConnectionHelper.getConnection();
        if (connection == null) {
            logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "Failed to obtain connection to database. Returning FALSE...");
            return false;
        }
        try {
            try {
                PreparedStatement prepareStatement = connection.prepareStatement("select * from " + SCHEMA_NAME + ".RAT_PARTY_ROLES where USERID = ? and RAT_PARTY_ROLES = 'root' ");
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "returning TRUE");
                    closeResources(executeQuery, prepareStatement, connection);
                    return true;
                }
                logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "returning FALSE");
                closeResources(executeQuery, prepareStatement, connection);
                return false;
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.isUserInResourceGroup", "897");
                logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "Exception! " + e.getMessage());
                logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "SQL State = " + e.getSQLState());
                logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "SQL Error code = " + e.getErrorCode());
                logFine(CLASSNAME, "isUserInResourceGroup(String userDN)", "SQL Error Cause  = " + e.getCause());
                closeResources(null, null, connection);
                return false;
            }
        } catch (Throwable th) {
            closeResources(null, null, connection);
            throw th;
        }
    }

    private static void logWarning(String str) {
        if (logger.isLoggable(WsLevel.WARNING)) {
            logger.warning(str);
        }
    }

    private static void logSevere(String str) {
        if (logger.isLoggable(WsLevel.SEVERE)) {
            logger.severe(str);
        }
    }

    private static void logFine(String str, String str2, String str3) {
        if (logger.isLoggable(WsLevel.FINE)) {
            logger.logp(WsLevel.FINE, str, str2, str3);
        }
    }

    private static void logFiner(String str, String str2, String str3) {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, str, str2, str3);
        }
    }

    static void closeResources(ResultSet resultSet, Statement statement, Connection connection) {
        logFine(CLASSNAME, "closeResources", "Entry");
        if (resultSet != null) {
            try {
                resultSet.close();
            } catch (SQLException e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.closeResources", "952");
                logFine(CLASSNAME, "closeResources", "Exception in closing ResultSet");
            }
        }
        logFine(CLASSNAME, "closeResources", "Closed ResultSet");
        if (statement != null) {
            try {
                statement.close();
            } catch (SQLException e2) {
                FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.closeResources", "961");
                logFine(CLASSNAME, "closeResources", "Exception in closing Statement");
            }
        }
        logFine(CLASSNAME, "closeResources", "Closed Statement");
        if (connection != null) {
            try {
                connection.close();
            } catch (SQLException e3) {
                FFDCFilter.processException(e3, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService.closeResources", "970");
                logFine(CLASSNAME, "closeResources", "Exception in closing Connection");
            }
        }
        logFine(CLASSNAME, "closeResources", "Closed Connection");
        logFine(CLASSNAME, "closeResources", "Exit");
    }

    private static String safeDecode(String str) {
        if (str != null) {
            try {
                str = URLDecoder.decode(str, "UTF-8");
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.wbimonitor.rest.web.URIRouterServlet.safeDecode", "806");
            }
        }
        return str;
    }

    private static PreparedStatement addWhereInList(Connection connection, StringBuilder sb, String str, List<String> list) throws SQLException {
        logFine(CLASSNAME, "addWhereInList", " using prepared statement for adding in list");
        int i = 0;
        if (str != null && list != null && list.size() > 0) {
            i = list.size();
        }
        if (i < 1) {
            return connection.prepareStatement(sb.toString());
        }
        sb.append(" WHERE ");
        sb.append(str);
        sb.append(" in (?");
        for (int i2 = 1; i2 < i; i2++) {
            sb.append(",?");
        }
        sb.append(")");
        logFine(CLASSNAME, "addWhereInList", "::query = " + ((Object) sb));
        PreparedStatement prepareStatement = connection.prepareStatement(sb.toString());
        for (int i3 = 0; i3 < i; i3++) {
            prepareStatement.setString(i3 + 1, list.get(i3));
        }
        return prepareStatement;
    }

    private static String escapeQuote(String str) {
        if (str != null) {
            return str.replace("'", "''");
        }
        return null;
    }

    static {
        SCHEMA_NAME = ProfileUtil.getSchemaQualifier();
        customRestSecurityRefreshInterval = 0L;
        try {
            customRestSecurityRefreshInterval = new Long(System.getProperty("rest.security.refreshInterval")).longValue();
        } catch (NumberFormatException e) {
            logFine(CLASSNAME, "AuthorizationService() static", " system property rest.security.refreshInterval wasn't set.");
        }
        logFine(CLASSNAME, "AuthorizationService() static", ":: SCHEMA_NAME = " + SCHEMA_NAME);
        if (SCHEMA_NAME == null) {
            SCHEMA_NAME = "MONITOR";
            logFine(CLASSNAME, "AuthorizationService() static", "AuthorizationService():: using default schema name of MONITOR");
        }
        for (int i = 0; i < allowedUriList.length; i++) {
            try {
                allowedURIMatcher.put(allowedUriList[i], new String("allow"));
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.wbimonitor.rest.security.accesscontrol.AuthorizationService", "102");
                logWarning("AuthorizationService static::Error initializing allowedURIMatcher list");
                return;
            }
        }
    }
}
