package com.ibm.wbimonitor.security;

import com.ibm.json.java.JSONArray;
import com.ibm.json.java.JSONObject;
import com.ibm.wbimonitor.persistence.FgsSecurityFilter;
import com.ibm.wbimonitor.persistence.MonitorBasePersistent;
import com.ibm.wbimonitor.repository.DataAccessException;
import com.ibm.wbimonitor.repository.apis.RepositoryAccess;
import com.ibm.wbimonitor.repository.apis.RepositoryConstants;
import com.ibm.wbimonitor.rest.exceptions.MonitorObjectNotFoundException;
import com.ibm.wbimonitor.rest.util.Group;
import com.ibm.wbimonitor.rest.util.MemberHelper;
import com.ibm.wbimonitor.rest.util.PayloadKeyConstants;
import com.ibm.wbimonitor.rest.util.ResourceUtils;
import com.ibm.wbimonitor.rest.util.User;
import com.ibm.wbimonitor.security.beans.FgsSecurityFilterBean;
import com.ibm.wbimonitor.security.exceptions.FGSParmValidationException;
import com.ibm.wbimonitor.security.finegrainsecurity.FGSException;
import com.ibm.wbimonitor.security.spi.SecurityAccessException;
import com.ibm.websphere.logging.WsLevel;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.ws.ffdc.FFDCFilter;
import java.io.IOException;
import java.rmi.RemoteException;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.List;
import java.util.Properties;
import java.util.logging.Logger;

/* loaded from: input_file:library_jars/com.ibm.wbimonitor.repository.jar:com/ibm/wbimonitor/security/FineGrainedSecurityUtility.class */
public class FineGrainedSecurityUtility {
    public static final String COPYRIGHT = "Copyright IBM Corporation 2010, 2011.";
    private static final String CLASSNAME = FineGrainedSecurityUtility.class.getName();
    protected static Logger logger = Logger.getLogger(FineGrainedSecurityUtility.class.getName(), com.ibm.wbimonitor.kpi.MessageBundleKeys.BUNDLE_NAME);

    public static JSONObject createFilterJSONFromFilterBean(FgsSecurityFilterBean fgsSecurityFilterBean) throws SecurityAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createFilterJSONFromFilterBean()", "Entry");
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createFilterJSONFromFilterBean()", "Input kpiBean: " + fgsSecurityFilterBean.toString());
        }
        JSONObject jSONObject = new JSONObject();
        String modelId = fgsSecurityFilterBean.getModelId();
        if (modelId != null && modelId.length() > 0) {
            modelId = ResourceUtils.convertReposIdToFeedId(modelId);
        }
        jSONObject.put(PayloadKeyConstants.MODELID, modelId);
        String mcId = fgsSecurityFilterBean.getMcId();
        if (mcId != null && mcId.length() > 0) {
            mcId = ResourceUtils.convertReposIdToFeedId(mcId);
        }
        jSONObject.put(PayloadKeyConstants.MC_ID, mcId);
        String entityType = fgsSecurityFilterBean.getEntityType();
        String entityId = fgsSecurityFilterBean.getEntityId();
        if (entityType != null) {
            if (entityType.equalsIgnoreCase("User")) {
                jSONObject.put("UserDN", entityId);
            }
            if (entityType.equalsIgnoreCase("Group")) {
                jSONObject.put("GroupDN", entityId);
            }
        }
        if (fgsSecurityFilterBean.getDisplayIndicator().shortValue() == 1) {
            jSONObject.put(PayloadKeyConstants.DISPLAY_INDICATION, true);
        } else {
            jSONObject.put(PayloadKeyConstants.DISPLAY_INDICATION, false);
        }
        try {
            jSONObject.put(PayloadKeyConstants.FILTER_SET, ResourceUtils.getJSONArtifact(fgsSecurityFilterBean.getFilterValue()));
            if (logger.isLoggable(WsLevel.FINER)) {
                logger.logp(WsLevel.FINER, CLASSNAME, "createFilterJSONFromFilterBean()", "Result JSON: " + jSONObject);
            }
            if (logger.isLoggable(WsLevel.FINER)) {
                logger.logp(WsLevel.FINER, CLASSNAME, "createFilterJSONFromFilterBean()", "Exit");
            }
            return jSONObject;
        } catch (IOException e) {
            throw new SecurityAccessException(e);
        }
    }

    public static FgsSecurityFilterBean createFilterBeanFromImportJSON(JSONObject jSONObject) throws SecurityAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createFilterBeanFromImportJSON()", "Entry");
        }
        FgsSecurityFilterBean fgsSecurityFilterBean = new FgsSecurityFilterBean();
        if (!jSONObject.containsKey(PayloadKeyConstants.MODELID)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        if (!jSONObject.containsKey(PayloadKeyConstants.MC_ID)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        if (!jSONObject.containsKey("User") && !jSONObject.containsKey("UserDN") && !jSONObject.containsKey("Group") && !jSONObject.containsKey("GroupDN")) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        if (!jSONObject.containsKey(PayloadKeyConstants.FILTER_SET)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        if (jSONObject != null) {
            String str = (String) jSONObject.get(PayloadKeyConstants.MODELID);
            String str2 = (String) jSONObject.get(PayloadKeyConstants.MC_ID);
            fgsSecurityFilterBean.setReposMCID("/" + str + "/" + str2);
            fgsSecurityFilterBean.setModelId(str);
            fgsSecurityFilterBean.setMcId(str2);
            fgsSecurityFilterBean.setFilterValue(ResourceUtils.getSerializedJSON((JSONObject) jSONObject.get(PayloadKeyConstants.FILTER_SET)));
            if (jSONObject.containsKey(PayloadKeyConstants.DISPLAY_INDICATION)) {
                Boolean bool = (Boolean) jSONObject.get(PayloadKeyConstants.DISPLAY_INDICATION);
                if (bool == null) {
                    fgsSecurityFilterBean.setDisplayIndicator(new Short("0"));
                } else if (bool.booleanValue()) {
                    fgsSecurityFilterBean.setDisplayIndicator(new Short("1"));
                } else {
                    fgsSecurityFilterBean.setDisplayIndicator(new Short("0"));
                }
            }
            if (jSONObject.containsKey("User")) {
                if (jSONObject.containsKey("UserDN") || jSONObject.containsKey("Group") || jSONObject.containsKey("GroupDN")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7036E", new Object[0]));
                }
                fgsSecurityFilterBean.setEntityId((String) jSONObject.get("User"));
                fgsSecurityFilterBean.setEntityType(FineGrainedSecurityConstants.USER_ID);
            }
            if (jSONObject.containsKey("UserDN")) {
                if (jSONObject.containsKey("User") || jSONObject.containsKey("Group") || jSONObject.containsKey("GroupDN")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7036E", new Object[0]));
                }
                fgsSecurityFilterBean.setEntityId((String) jSONObject.get("UserDN"));
                fgsSecurityFilterBean.setEntityType("UserDN");
            }
            if (jSONObject.containsKey("Group")) {
                if (jSONObject.containsKey("User") || jSONObject.containsKey("UserDN") || jSONObject.containsKey("GroupDN")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7036E", new Object[0]));
                }
                fgsSecurityFilterBean.setEntityId((String) jSONObject.get("Group"));
                fgsSecurityFilterBean.setEntityType(FineGrainedSecurityConstants.GROUP_ID);
            }
            if (jSONObject.containsKey("GroupDN")) {
                if (jSONObject.containsKey("User") || jSONObject.containsKey("UserDN") || jSONObject.containsKey("Group")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7036E", new Object[0]));
                }
                fgsSecurityFilterBean.setEntityId((String) jSONObject.get("GroupDN"));
                fgsSecurityFilterBean.setEntityType("GroupDN");
            }
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createFilterBeanFromImportJSON()", "Exit");
        }
        return fgsSecurityFilterBean;
    }

    public static JSONObject createExportJSONFromFilterBean(List<FgsSecurityFilter> list) throws SecurityAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createExportJSONFromFilterBean()", "Entry");
        }
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        for (int i = 0; i < list.size(); i++) {
            new JSONObject();
            FgsSecurityFilterBean fgsSecurityFilterBean = new FgsSecurityFilterBean();
            copyFGSSecurityFilterToFGSSecurityFilterBean(list.get(i), fgsSecurityFilterBean);
            jSONArray.add(createFilterJSONFromFilterBean(fgsSecurityFilterBean));
        }
        jSONObject.put(PayloadKeyConstants.SECURITY_FILTER_ARRAY, jSONArray);
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createExportJSONFromFilterBean()", "Result JSON: " + jSONObject);
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "createExportJSONFromFilterBean()", "Exit");
        }
        return jSONObject;
    }

    public static void copyFGSSecurityFilterToFGSSecurityFilterBean(FgsSecurityFilter fgsSecurityFilter, FgsSecurityFilterBean fgsSecurityFilterBean) {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "copyFGSSecurityFilterToFGSSecurityFilterBean(securityFilter, securityFilterBean)", "Entry");
        }
        fgsSecurityFilterBean.setReposMCID(fgsSecurityFilter.getContextKey());
        fgsSecurityFilterBean.setModelId(fgsSecurityFilter.getModelId());
        fgsSecurityFilterBean.setMcId(fgsSecurityFilter.getMCId());
        fgsSecurityFilterBean.setEntityId(fgsSecurityFilter.getEntityId());
        fgsSecurityFilterBean.setEntityType(fgsSecurityFilter.getEntityType());
        fgsSecurityFilterBean.setDisplayIndicator(Short.valueOf(fgsSecurityFilter.getDisplayIndication()));
        fgsSecurityFilterBean.setFilterValue(fgsSecurityFilter.getFilterValue());
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "copyFGSSecurityFilterToFGSSecurityFilterBean(securityFilter, securityFilterBean)", "Exit");
        }
    }

    /* JADX WARN: Finally extract failed */
    public static boolean isModelIDValid(String str) throws DataAccessException, SQLException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "isModelIDValid(String)", "Entry: modelId=" + str);
        }
        RepositoryAccess repositoryAccess = null;
        boolean z = false;
        try {
            repositoryAccess = new RepositoryAccess();
            String[] allModelIds = repositoryAccess.getAllModelIds();
            int i = 0;
            while (true) {
                if (i >= allModelIds.length) {
                    break;
                }
                if (ResourceUtils.convertReposIdToFeedId(allModelIds[i]).equals(str)) {
                    z = true;
                    break;
                }
                i++;
            }
            if (repositoryAccess != null) {
                repositoryAccess.closeConnection();
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "isModelIDValid(String)", "Entry: retVal=" + z);
            }
            return z;
        } catch (Throwable th) {
            if (repositoryAccess != null) {
                repositoryAccess.closeConnection();
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static boolean isMCIDValid(String str, String str2) throws DataAccessException, SQLException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "isMCIDValid()", "Entry: modelId=" + str + ",  mcID=" + str2);
        }
        RepositoryAccess repositoryAccess = null;
        boolean z = false;
        try {
            repositoryAccess = new RepositoryAccess();
            String[] strArr = null;
            try {
                strArr = repositoryAccess.getMCIdsByModelId(str, 0L);
            } catch (MonitorObjectNotFoundException e) {
                z = false;
            }
            int i = 0;
            while (true) {
                if (i >= strArr.length) {
                    break;
                }
                if (ResourceUtils.convertReposIdToFeedId(strArr[i]).equals(str2)) {
                    z = true;
                    break;
                }
                i++;
            }
            if (repositoryAccess != null) {
                repositoryAccess.closeConnection();
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "isMCIDValid()", "Entry: retVal=" + z);
            }
            return z;
        } catch (Throwable th) {
            if (repositoryAccess != null) {
                repositoryAccess.closeConnection();
            }
            throw th;
        }
    }

    public static String validateUserID(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "validateUserID(String)", "Entry: userId=" + str);
        }
        try {
            String userDN = getUserDN(str);
            if (userDN == null) {
                throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7037E", new Object[]{str}));
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "validateUserID(String)", "Entry: retVal=" + userDN);
            }
            return userDN;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".validateUserID(String)", "326", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7037E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".validateUserID(String)", "320", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7037E", new Object[]{str}));
        }
    }

    public static String validateUserDN(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "validateUserDN(String)", "Entry: userDN=" + str);
        }
        try {
            if (getUserDN(str) == null) {
                throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7038E", new Object[]{str}));
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "validateUserDN(String)", "Entry: retVal=" + str);
            }
            return str;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".validateUserDN(String)", "364", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7038E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".validateUserDN(String)", "358", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7038E", new Object[]{str}));
        }
    }

    public static String validateGroupID(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "validateGroupID(String)", "Entry: groupId=" + str);
        }
        try {
            String groupDN = getGroupDN(str);
            if (groupDN == null) {
                throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7039E", new Object[]{str}));
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "validateGroupID(String)", "Entry: retVal=" + groupDN);
            }
            return groupDN;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".validateGroupID(String)", "403", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7039E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".validateGroupID(String)", "397", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7039E", new Object[]{str}));
        }
    }

    public static String validateGroupDN(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "validateGroupDN(String)", "Entry: groupDN=" + str);
        }
        try {
            String groupDN = getGroupDN(str);
            if (groupDN == null) {
                throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7040E", new Object[]{str}));
            }
            if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "validateGroupDN(String)", "Entry: retVal=" + groupDN);
            }
            return groupDN;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".validateGroupDN(String)", "442", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7040E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".validateGroupDN(String)", "436", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7040E", new Object[]{str}));
        }
    }

    public static List<String> getGroupDNsFromUserDN(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromUserDN(String)", "Entry: userDN=" + str);
        }
        try {
            List<String> groupDNsFromUserDN = MemberHelper.getGroupDNsFromUserDN(str);
            if (groupDNsFromUserDN == null || groupDNsFromUserDN.size() == 0) {
                if (logger.isLoggable(WsLevel.FINEST)) {
                    logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromUserDN(String)", "Exit: group DN list for userDN '" + str + "' is empty");
                }
            } else if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromUserDN(String)", "Exit: Size of group DN list for userDN '" + str + "': " + groupDNsFromUserDN.size());
            }
            return groupDNsFromUserDN;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".getGroupDNsFromUserDN(String)", "403", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7038E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".getGroupDNsFromUserDN(String)", "397", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7038E", new Object[]{str}));
        }
    }

    public static List<String> getGroupDNsFromGroupDN(String str) throws FGSParmValidationException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromGroupDN(String)", "Entry: groupDN=" + str);
        }
        try {
            List<String> groupDNsForGroupDN = MemberHelper.getGroupDNsForGroupDN(str);
            if (groupDNsForGroupDN == null || groupDNsForGroupDN.size() == 0) {
                if (logger.isLoggable(WsLevel.FINEST)) {
                    logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromGroupDN(String)", "Exit: group DN list for groupDN '" + str + "' is empty");
                }
            } else if (logger.isLoggable(WsLevel.FINEST)) {
                logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDNsFromGroupDN(String)", "Exit: Size of group DN list for groupDN '" + str + "': " + groupDNsForGroupDN.size());
            }
            return groupDNsForGroupDN;
        } catch (RemoteException e) {
            FFDCFilter.processException(e, CLASSNAME + ".getGroupDNsFromGroupDN(String)", "403", e);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7040E", new Object[]{str}));
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, CLASSNAME + ".getGroupDNsFromGroupDN(String)", "397", e2);
            throw new FGSParmValidationException(FGSInterfaceMessageHelper.getMessage("CWMDS7040E", new Object[]{str}));
        }
    }

    public static String getUserDN(String str) throws RemoteException, WSSecurityException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getUserDN(String)", "Entry: userId=" + str);
        }
        String str2 = null;
        List<User> allUserDNs = MemberHelper.getAllUserDNs(str);
        if (allUserDNs.size() == 1) {
            str2 = allUserDNs.get(0).getDN();
        }
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getUserDN(String)", "Entry: retVal=" + str2);
        }
        return str2;
    }

    public static String getGroupDN(String str) throws RemoteException, WSSecurityException {
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDN(String)", "Entry: groupId=" + str);
        }
        String str2 = null;
        List<Group> allGroupDNs = MemberHelper.getAllGroupDNs(str);
        if (allGroupDNs.size() == 1) {
            str2 = allGroupDNs.get(0).getDN();
        }
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "getGroupDN(String)", "Entry: retVal=" + str2);
        }
        return str2;
    }

    public static FgsSecurityFilterBean validateSecurityFilter(Connection connection, FgsSecurityFilterBean fgsSecurityFilterBean) throws SecurityAccessException {
        String groupDN;
        if (logger.isLoggable(WsLevel.FINEST)) {
            logger.logp(WsLevel.FINEST, CLASSNAME, "validateSecurityFilter(String)", "Entry: filter=" + fgsSecurityFilterBean.toString());
        }
        try {
            if (!isModelIDValid(fgsSecurityFilterBean.getModelId())) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7013E", new Object[]{fgsSecurityFilterBean.getModelId()}));
            }
            try {
                if (!isMCIDValid(fgsSecurityFilterBean.getModelId(), fgsSecurityFilterBean.getMcId())) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7014E", new Object[]{fgsSecurityFilterBean.getMcId(), fgsSecurityFilterBean.getModelId()}));
                }
                try {
                    if (fgsSecurityFilterBean.getEntityType().equalsIgnoreCase(FineGrainedSecurityConstants.USER_ID) || fgsSecurityFilterBean.getEntityType().equalsIgnoreCase("UserDN")) {
                        String userDN = getUserDN(fgsSecurityFilterBean.getEntityId());
                        if (userDN == null) {
                            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7015E", new Object[]{fgsSecurityFilterBean.getEntityType(), fgsSecurityFilterBean.getEntityId()}));
                        }
                        fgsSecurityFilterBean.setEntityId(userDN);
                        fgsSecurityFilterBean.setEntityType("User");
                    }
                    try {
                        if (fgsSecurityFilterBean.getEntityType().equalsIgnoreCase(FineGrainedSecurityConstants.GROUP_ID) || fgsSecurityFilterBean.getEntityType().equalsIgnoreCase("GroupDN")) {
                            if (fgsSecurityFilterBean.getEntityId().equalsIgnoreCase(FineGrainedSecurityConstants.ALL_AUTHENTICATED_USERS)) {
                                groupDN = FineGrainedSecurityConstants.ALL_AUTHENTICATED_USERS;
                            } else {
                                groupDN = getGroupDN(fgsSecurityFilterBean.getEntityId());
                                if (groupDN == null) {
                                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7015E", new Object[]{fgsSecurityFilterBean.getEntityType(), fgsSecurityFilterBean.getEntityId()}));
                                }
                            }
                            fgsSecurityFilterBean.setEntityId(groupDN);
                            fgsSecurityFilterBean.setEntityType("Group");
                        }
                        validateJSONFilter(connection, fgsSecurityFilterBean.getModelId(), fgsSecurityFilterBean.getMcId(), 0L, fgsSecurityFilterBean.getFilterValue());
                        if (logger.isLoggable(WsLevel.FINEST)) {
                            logger.logp(WsLevel.FINEST, CLASSNAME, "validateSecurityFilter(String)", "Entry: retVal=" + fgsSecurityFilterBean.toString());
                        }
                        return fgsSecurityFilterBean;
                    } catch (WSSecurityException e) {
                        throw new SecurityAccessException((Throwable) e);
                    } catch (DataAccessException e2) {
                        throw new SecurityAccessException(e2);
                    } catch (RemoteException e3) {
                        throw new SecurityAccessException((Throwable) e3);
                    }
                } catch (RemoteException e4) {
                    throw new SecurityAccessException((Throwable) e4);
                } catch (WSSecurityException e5) {
                    throw new SecurityAccessException((Throwable) e5);
                }
            } catch (DataAccessException e6) {
                throw new SecurityAccessException(e6);
            } catch (SQLException e7) {
                throw new SecurityAccessException(e7);
            }
        } catch (DataAccessException e8) {
            throw new SecurityAccessException(e8);
        } catch (SQLException e9) {
            throw new SecurityAccessException(e9);
        }
    }

    public static JSONObject replaceSecurityAttributes(JSONObject jSONObject, String str) throws SecurityAccessException, FGSException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "replaceSecurityAttributes()", "Entry jsonFilter=" + jSONObject);
        }
        new JSONObject();
        JSONObject jSONObject2 = (JSONObject) jSONObject.get(PayloadKeyConstants.FILTER_SET);
        JSONObject replaceAttributesFromFilterSet = replaceAttributesFromFilterSet(jSONObject2, str);
        if (replaceAttributesFromFilterSet != jSONObject2) {
            jSONObject.put(PayloadKeyConstants.FILTER_SET, replaceAttributesFromFilterSet);
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "replaceSecurityAttributes()", "Exit");
        }
        return jSONObject;
    }

    public static JSONObject replaceAttributesFromFilterSet(JSONObject jSONObject, String str) throws SecurityAccessException, FGSException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "replaceAttributesFromFilterSet()", "Entry");
        }
        JSONArray jSONArray = (JSONArray) jSONObject.get(PayloadKeyConstants.FILTER_ARRAY);
        for (int i = 0; i < jSONArray.size(); i++) {
            new JSONObject();
            JSONObject jSONObject2 = (JSONObject) jSONArray.get(i);
            if (jSONObject2.containsKey(PayloadKeyConstants.FILTER_SET)) {
                JSONObject jSONObject3 = (JSONObject) jSONObject2.get(PayloadKeyConstants.FILTER_SET);
                JSONObject replaceAttributesFromFilterSet = replaceAttributesFromFilterSet(jSONObject3, str);
                if (replaceAttributesFromFilterSet != jSONObject3) {
                    jSONObject2.put(PayloadKeyConstants.FILTER_SET, replaceAttributesFromFilterSet);
                }
            } else {
                String str2 = (String) jSONObject2.get(PayloadKeyConstants.SECURITY_FILTER_OPERATOR);
                if (jSONObject2.get(PayloadKeyConstants.SECURITY_FILTER_VALUE) instanceof String) {
                    String str3 = (String) jSONObject2.get(PayloadKeyConstants.SECURITY_FILTER_VALUE);
                    if (str3.contains("#$")) {
                        FGSAttributeHelper fGSAttributeHelper = new FGSAttributeHelper();
                        fGSAttributeHelper.replaceAttribute(str3, str2, str);
                        if (logger.isLoggable(WsLevel.FINEST)) {
                            logger.logp(WsLevel.FINEST, CLASSNAME, "replaceAttributesFromFilterSet()", "Resultant Filter Operator: " + fGSAttributeHelper.getResultOperator());
                        }
                        jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_OPERATOR, fGSAttributeHelper.getResultOperator());
                        if (fGSAttributeHelper.isMultipleValues()) {
                            JSONArray jSONArray2 = new JSONArray();
                            List<String> filterValues = fGSAttributeHelper.getFilterValues();
                            for (int i2 = 0; i2 < filterValues.size(); i2++) {
                                jSONArray2.add(filterValues.get(i2));
                            }
                            jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, jSONArray2);
                        } else {
                            jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, fGSAttributeHelper.getFilterValue());
                        }
                    }
                } else {
                    JSONArray jSONArray3 = (JSONArray) jSONObject2.get(PayloadKeyConstants.SECURITY_FILTER_VALUE);
                    for (int i3 = 0; i3 < jSONArray3.size(); i3++) {
                        String str4 = (String) jSONArray3.get(i3);
                        if (str4.contains("#$")) {
                            FGSAttributeHelper fGSAttributeHelper2 = new FGSAttributeHelper();
                            fGSAttributeHelper2.replaceAttribute(str4, str2, str);
                            if (fGSAttributeHelper2.isMultipleValues()) {
                                JSONArray jSONArray4 = new JSONArray();
                                List<String> filterValues2 = fGSAttributeHelper2.getFilterValues();
                                for (int i4 = 0; i4 < filterValues2.size(); i4++) {
                                    jSONArray4.add(filterValues2.get(i4));
                                }
                                jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, jSONArray4);
                            } else {
                                jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, fGSAttributeHelper2.getFilterValue());
                            }
                            if (logger.isLoggable(WsLevel.FINEST)) {
                                logger.logp(WsLevel.FINEST, CLASSNAME, "replaceAttributesFromFilterSet()", "Resultant Filter Operator: " + fGSAttributeHelper2.getResultOperator());
                            }
                            jSONObject2.put(PayloadKeyConstants.SECURITY_FILTER_OPERATOR, fGSAttributeHelper2.getResultOperator());
                        }
                    }
                }
            }
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "replaceAttributesFromFilterSet()", "Exit");
        }
        return jSONObject;
    }

    public static void validateJSONFilter(Connection connection, String str, String str2, long j, String str3) throws DataAccessException, SecurityAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "validateJSONFilter()", "Entry   modelId=" + str + "   mcId=" + str2 + "filterVersion= " + j + "  filterString=" + str3);
        }
        try {
            RepositoryAccess repositoryAccess = new RepositoryAccess(connection);
            Integer.valueOf(repositoryAccess.getDbmsType());
            JSONObject jSONObject = new JSONObject();
            try {
                jSONObject = (JSONObject) ResourceUtils.getJSONArtifact(str3);
            } catch (IOException e) {
                FFDCFilter.processException(e, CLASSNAME + ".validateJSONFilter()", "1867", e);
            }
            if (!jSONObject.containsKey(PayloadKeyConstants.FILTER_ARRAY)) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
            }
            JSONArray jSONArray = (JSONArray) jSONObject.get(PayloadKeyConstants.FILTER_ARRAY);
            if (!jSONObject.containsKey(PayloadKeyConstants.SECURITY_FILTER_OPERATOR) && jSONArray.size() > 1) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
            }
            String str4 = (String) jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_OPERATOR);
            if (str4 == null) {
                if (jSONArray.size() > 1) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
                }
                str4 = "AND";
            }
            if (!str4.equalsIgnoreCase("AND") && !str4.equalsIgnoreCase("OR")) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
            }
            for (int i = 0; i < jSONArray.size(); i++) {
                new JSONObject();
                JSONObject jSONObject2 = (JSONObject) jSONArray.get(i);
                if (jSONObject2.containsKey(PayloadKeyConstants.FILTER_SET)) {
                    new JSONObject();
                    JSONObject jSONObject3 = (JSONObject) jSONObject2.get(PayloadKeyConstants.FILTER_SET);
                    JSONObject validateChildJSONFilter = validateChildJSONFilter(repositoryAccess, str, str2, j, jSONObject3);
                    if (validateChildJSONFilter != jSONObject3) {
                        jSONObject3.remove(PayloadKeyConstants.FILTER_SET);
                        jSONObject3.put(PayloadKeyConstants.FILTER_SET, validateChildJSONFilter);
                    }
                } else {
                    JSONObject validateFilterValue = validateFilterValue(repositoryAccess, str, str2, j, jSONObject2);
                    if (validateFilterValue != jSONObject2) {
                        jSONArray.set(i, validateFilterValue);
                    }
                }
            }
            if (logger.isLoggable(WsLevel.FINER)) {
                logger.logp(WsLevel.FINER, CLASSNAME, "validateJSONFilter()", "Exit");
            }
        } catch (SQLException e2) {
            FFDCFilter.processException(e2, "com.ibm.wbimonitor.repository.FilterHelper.validateJSONFilter", "980");
            throw new DataAccessException(e2);
        }
    }

    private static JSONObject validateFilterValue(RepositoryAccess repositoryAccess, String str, String str2, long j, JSONObject jSONObject) throws SecurityAccessException, DataAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "validateFilterValue()", "Entry   modelId=" + str + "   mcId=" + str2 + "filterVersion= " + j + "  filterString=" + jSONObject);
        }
        if (!jSONObject.containsKey(PayloadKeyConstants.SECURITY_FILTER_METRIC)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        if (!jSONObject.containsKey(PayloadKeyConstants.SECURITY_FILTER_OPERATOR)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
        }
        String str3 = "/" + str + "/" + str2;
        if (jSONObject.containsKey(PayloadKeyConstants.MC_ID)) {
            str2 = "/" + str + "/" + ((String) jSONObject.get(PayloadKeyConstants.MC_ID));
        }
        String str4 = str3 + "/" + jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_METRIC);
        try {
            Properties metricInfo = repositoryAccess.getMetricInfo(str4, j);
            if (logger.isLoggable(WsLevel.FINER)) {
                logger.logp(WsLevel.FINER, CLASSNAME, "validateFilterValue()", "Retrieved metric information: " + metricInfo);
            }
            String trim = metricInfo.getProperty(RepositoryConstants.METRIC_TYPE).trim();
            if (!trim.equalsIgnoreCase("decimal") && !trim.equalsIgnoreCase(MonitorBasePersistent.STRING_DATATYPE) && !trim.equalsIgnoreCase(MonitorBasePersistent.INT_DATATYPE) && !trim.equalsIgnoreCase(MonitorBasePersistent.BOOLEAN_DATATYPE)) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7045E", new Object[]{trim, jSONObject}));
            }
            String str5 = (String) jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_OPERATOR);
            if (trim.equalsIgnoreCase(MonitorBasePersistent.BOOLEAN_DATATYPE)) {
                if (!str5.equalsIgnoreCase("equals") && !str5.equalsIgnoreCase("notEquals")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7046E", new Object[]{str5, jSONObject}));
                }
                String str6 = (String) jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_VALUE);
                if (!str6.equalsIgnoreCase("true") && !str6.equalsIgnoreCase("true()") && !str6.equalsIgnoreCase("false") && !str6.equalsIgnoreCase("false()")) {
                    throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7049E", new Object[]{str6, jSONObject}));
                }
                if (str6.equalsIgnoreCase("true")) {
                    jSONObject.remove(PayloadKeyConstants.SECURITY_FILTER_VALUE);
                    jSONObject.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, "true()");
                }
                if (str6.equalsIgnoreCase("false")) {
                    jSONObject.remove(PayloadKeyConstants.SECURITY_FILTER_VALUE);
                    jSONObject.put(PayloadKeyConstants.SECURITY_FILTER_VALUE, "false()");
                }
            }
            if (trim.equalsIgnoreCase(MonitorBasePersistent.STRING_DATATYPE) && !str5.equalsIgnoreCase("equals") && !str5.equalsIgnoreCase("notEquals") && !str5.equalsIgnoreCase("in") && !str5.equalsIgnoreCase("notIn") && !str5.equalsIgnoreCase("isNull") && !str5.equalsIgnoreCase("isNotNull") && !str5.equalsIgnoreCase("like") && !str5.equalsIgnoreCase("notLike")) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7047E", new Object[]{str5, jSONObject}));
            }
            if ((trim.equalsIgnoreCase(MonitorBasePersistent.INT_DATATYPE) || trim.equalsIgnoreCase("decimal")) && !str5.equalsIgnoreCase("equals") && !str5.equalsIgnoreCase("notEquals") && !str5.equalsIgnoreCase("isNull") && !str5.equalsIgnoreCase("isNotNull") && !str5.equalsIgnoreCase("lessThan") && !str5.equalsIgnoreCase("lessThanOrEquals") && !str5.equalsIgnoreCase("greaterThan") && !str5.equalsIgnoreCase("greaterThanOrEquals")) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7048E", new Object[]{str5, jSONObject}));
            }
            if (!str5.equalsIgnoreCase("isNull") && !str5.equalsIgnoreCase("isNotNull") && !jSONObject.containsKey(PayloadKeyConstants.SECURITY_FILTER_VALUE)) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7032E", new Object[]{jSONObject}));
            }
            try {
                repositoryAccess.getMCInfo(str3, j);
                if (logger.isLoggable(WsLevel.FINER)) {
                    logger.logp(WsLevel.FINER, CLASSNAME, "validateFilterValue()", "Exit");
                }
                return jSONObject;
            } catch (MonitorObjectNotFoundException e) {
                if (logger.isLoggable(WsLevel.FINER)) {
                    logger.logp(WsLevel.FINER, CLASSNAME, "validateFilterValue()", "Monitoring context " + str2 + " was not found model version " + j);
                }
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7044E", new Object[]{str2, str}));
            }
        } catch (MonitorObjectNotFoundException e2) {
            if (logger.isLoggable(WsLevel.FINER)) {
                logger.logp(WsLevel.FINER, CLASSNAME, "validateFilterValue()", "Metric " + str4 + " was not found monitoring context " + str2);
            }
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7026E", new Object[]{jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_METRIC), str2}));
        }
    }

    public static JSONObject validateChildJSONFilter(RepositoryAccess repositoryAccess, String str, String str2, long j, JSONObject jSONObject) throws DataAccessException {
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "validateChildJSONFilter()", "Entry   modelId=" + str + "   mcId=" + str2 + "filterVersion= " + j + "  filterSetobj=" + jSONObject);
        }
        if (!jSONObject.containsKey(PayloadKeyConstants.FILTER_ARRAY)) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
        }
        JSONArray jSONArray = (JSONArray) jSONObject.get(PayloadKeyConstants.FILTER_ARRAY);
        if (!jSONObject.containsKey(PayloadKeyConstants.SECURITY_FILTER_OPERATOR) && jSONArray.size() > 1) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
        }
        String str3 = (String) jSONObject.get(PayloadKeyConstants.SECURITY_FILTER_OPERATOR);
        if (str3 == null) {
            if (jSONArray.size() > 1) {
                throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
            }
            str3 = "AND";
        }
        if (!str3.equalsIgnoreCase("AND") && !str3.equalsIgnoreCase("OR")) {
            throw new SecurityAccessException(FGSInterfaceMessageHelper.getMessage("CWMDS7033E", new Object[]{jSONObject}));
        }
        for (int i = 0; i < jSONArray.size(); i++) {
            new JSONObject();
            JSONObject jSONObject2 = (JSONObject) jSONArray.get(i);
            if (jSONObject2.containsKey(PayloadKeyConstants.FILTER_SET)) {
                JSONObject jSONObject3 = (JSONObject) jSONObject2.get(PayloadKeyConstants.FILTER_SET);
                JSONObject validateChildJSONFilter = validateChildJSONFilter(repositoryAccess, str, str2, j, jSONObject3);
                if (validateChildJSONFilter != jSONObject3) {
                    jSONObject2.remove(PayloadKeyConstants.FILTER_SET);
                    jSONObject2.put(PayloadKeyConstants.FILTER_SET, validateChildJSONFilter);
                }
            } else {
                JSONObject validateFilterValue = validateFilterValue(repositoryAccess, str, str2, j, jSONObject2);
                if (validateFilterValue != jSONObject2) {
                    jSONArray.set(i, validateFilterValue);
                }
            }
        }
        if (logger.isLoggable(WsLevel.FINER)) {
            logger.logp(WsLevel.FINER, CLASSNAME, "validateChildJSONFilter()", "Exit");
        }
        return jSONObject;
    }
}
