package com.ibm.commerce.accesscontrol.policymanager;

import com.ibm.commerce.accesscontrol.AccManager;
import com.ibm.commerce.accesscontrol.util.AccessControlConstants;
import com.ibm.commerce.accesscontrol.util.PolicyManagerHelper;
import com.ibm.commerce.accesscontrol.util.QueryGenerator;
import com.ibm.commerce.base.helpers.EJBConstants;
import com.ibm.commerce.command.CommandContext;
import com.ibm.commerce.command.CommandFactory;
import com.ibm.commerce.command.ViewCommand;
import com.ibm.commerce.condition.Condition;
import com.ibm.commerce.condition.ConditionList;
import com.ibm.commerce.condition.Evaluator;
import com.ibm.commerce.condition.SimpleCondition;
import com.ibm.commerce.condition.TrueCondition;
import com.ibm.commerce.grouping.Groupable;
import com.ibm.commerce.grouping.GroupingContext;
import com.ibm.commerce.membergroup.commands.CheckCurrentUserInMemberGroupCmd;
import com.ibm.commerce.ras.ECTrace;
import com.ibm.commerce.security.Protectable;
import com.ibm.commerce.server.ECConstants;
import com.ibm.commerce.tools.optools.order.helpers.OrderSearchBean;
import com.ibm.commerce.tools.segmentation.SegmentCache;
import com.ibm.commerce.user.objects.MemberAccessBean;
import com.ibm.commerce.user.objects.MemberGroupAccessBean;
import com.ibm.commerce.user.objects.MemberRelationshipsAccessBean;
import com.ibm.commerce.user.objects.MemberRoleAccessBean;
import com.ibm.commerce.user.objects.RoleAccessBean;
import com.ibm.commerce.user.objects.UserAccessBean;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.apache.xalan.templates.Constants;

/* JADX WARN: Classes with same name are omitted:
  input_file:was/wc55EXPRESS_fp6_os400.jar:ptfs/wc55EXPRESS_fp6_os400/components/commerce.server/update.jar:/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/accesscontrol/policymanager/PolicyManagerImpl.class
  input_file:wc/wc55EXPRESS_fp6_os400.jar:ptfs/wc55EXPRESS_fp6_os400/components/commerce.cm.client/update.jar:/lib/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/accesscontrol/policymanager/PolicyManagerImpl.class
  input_file:wc/wc55EXPRESS_fp6_os400.jar:ptfs/wc55EXPRESS_fp6_os400/components/commerce.cm/update.jar:/lib/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/accesscontrol/policymanager/PolicyManagerImpl.class
 */
/* loaded from: input_file:wc/wc55EXPRESS_fp6_os400.jar:ptfs/wc55EXPRESS_fp6_os400/components/commerce.server/update.jar:/wc.ear/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/accesscontrol/policymanager/PolicyManagerImpl.class */
public class PolicyManagerImpl implements PolicyManager {
    public static final String COPYRIGHT = "Licensed Materials - Property of IBM5724-A18(c) Copyright International Business Machines Corporation 2000,2001,2003.All rights reservedUS Government Users Restricted Rights - Use, duplication ordisclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static PolicyManager instance = null;
    private static PolicyRegistry policyCache = null;
    private static PolGrpSubscriptionRegistry policyGroupCache = null;
    private static final SimpleCondition.Qualifier ORG_AND_ANCESTORS_QUALIFIER = new SimpleCondition.Qualifier("org", AccessControlConstants.ORG_AND_ANCESTORS);
    private static final String REGISTERED_CUSTOMER_ROLE_NAME = "Registered Customer";
    static Class class$0;

    private PolicyManagerImpl() throws Exception {
        initialize(true);
    }

    private PolicyManagerImpl(boolean z) throws Exception {
        initialize(z);
    }

    private boolean checkUserInUserGroup(CommandContext commandContext, Condition condition, MemberGroupAccessBean memberGroupAccessBean) throws Exception {
        CheckCurrentUserInMemberGroupCmd createCommand = CommandFactory.createCommand(CheckCurrentUserInMemberGroupCmd.Name, commandContext.getStoreId());
        createCommand.setCommandContext(commandContext);
        createCommand.setMemberGroupAccessBean(memberGroupAccessBean);
        createCommand.setMemberGroupCondition(condition);
        createCommand.setMemberGroupName(memberGroupAccessBean.getMbrGrpName());
        createCommand.setMemberGroupOwnerId(memberGroupAccessBean.getOwnerIdInEJBType());
        createCommand.execute();
        return createCommand.getResult();
    }

    private boolean checkUserInCmdLevelUserGroup(MemberGroupAccessBean memberGroupAccessBean, Long l, CommandContext commandContext, Long[] lArr) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "checkUserInCmdLevelUserGroup");
        Condition segmentCondition = SegmentCache.getSegmentCondition(memberGroupAccessBean.getOwnerIdInEJBType(), memberGroupAccessBean.getMbrGrpName());
        if (segmentCondition == null) {
            ECTrace.trace(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", "Special cmd level evaluation of member group condition was not done");
            if (checkUserInUserGroup(commandContext, memberGroupAccessBean)) {
                ECTrace.exit(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", "true");
                return true;
            }
            ECTrace.exit(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", "false");
            return false;
        }
        ECTrace.trace(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", new StringBuffer("memberGroupCondition: ").append(segmentCondition).toString());
        ConditionList conditionList = (Condition) segmentCondition.clone();
        if (conditionList instanceof ConditionList) {
            Condition[] conditions = conditionList.getConditions();
            for (int length = conditions.length - 1; length >= 0; length--) {
                Condition condition = conditions[length];
                if (condition instanceof SimpleCondition) {
                    conditions[length] = addScopingQualifierToCondition((SimpleCondition) condition);
                }
            }
            conditionList.setConditions(conditions);
        } else if (conditionList instanceof SimpleCondition) {
            conditionList = addScopingQualifierToCondition((SimpleCondition) conditionList);
        }
        if (checkUserInUserGroup(commandContext, qualifyCondition(conditionList, l, commandContext, lArr), memberGroupAccessBean)) {
            ECTrace.exit(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", "true");
            return true;
        }
        ECTrace.exit(38L, getClass().getName(), "checkUserInCmdLevelUserGroup", "false");
        return false;
    }

    private SimpleCondition addScopingQualifierToCondition(SimpleCondition simpleCondition) {
        ECTrace.entry(38L, getClass().getName(), "addScopingToCondition");
        String variable = simpleCondition.getVariable();
        String operator = simpleCondition.getOperator();
        if (variable.equals("role") && operator.equals("=") && simpleCondition.getQualifiers() == null) {
            ECTrace.trace(38L, getClass().getName(), "addScopingToCondition", "No existing qualifiers, so adding new scoping qualifier");
            simpleCondition.setQualifiers(new SimpleCondition.Qualifier[]{ORG_AND_ANCESTORS_QUALIFIER});
        }
        ECTrace.exit(38L, getClass().getName(), "addScopingToCondition");
        return simpleCondition;
    }

    private boolean checkUserInUserGroup(CommandContext commandContext, MemberGroupAccessBean memberGroupAccessBean) throws Exception {
        CheckCurrentUserInMemberGroupCmd createCommand = CommandFactory.createCommand(CheckCurrentUserInMemberGroupCmd.Name, commandContext.getStoreId());
        createCommand.setCommandContext(commandContext);
        createCommand.setMemberGroupName(memberGroupAccessBean.getMbrGrpName());
        createCommand.setMemberGroupOwnerId(memberGroupAccessBean.getOwnerIdInEJBType());
        createCommand.setMemberGroupAccessBean(memberGroupAccessBean);
        createCommand.execute();
        return createCommand.getResult();
    }

    private GroupingContext convertToGroupingContext(CommandContext commandContext) {
        GroupingContext groupingContext = new GroupingContext();
        groupingContext.setStoreId(commandContext.getStoreId());
        return groupingContext;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10 */
    /* JADX WARN: Type inference failed for: r0v12 */
    /* JADX WARN: Type inference failed for: r0v13 */
    /* JADX WARN: Type inference failed for: r0v7 */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    public static PolicyManager createInstance() throws Exception {
        if (instance == null) {
            Class<?> cls = class$0;
            ?? r0 = cls;
            if (cls == null) {
                try {
                    cls = Class.forName("com.ibm.commerce.accesscontrol.policymanager.PolicyManagerImpl");
                    class$0 = cls;
                    r0 = cls;
                } catch (ClassNotFoundException unused) {
                    throw new NoClassDefFoundError(cls.getMessage());
                }
            }
            boolean z = r0;
            synchronized (r0) {
                if (instance == null) {
                    instance = new PolicyManagerImpl();
                }
                r0 = z;
            }
        }
        return instance;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10 */
    /* JADX WARN: Type inference failed for: r0v12 */
    /* JADX WARN: Type inference failed for: r0v13 */
    /* JADX WARN: Type inference failed for: r0v7 */
    /* JADX WARN: Type inference failed for: r0v8, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    protected static PolicyManager createInstance(boolean z) throws Exception {
        if (instance == null) {
            Class<?> cls = class$0;
            ?? r0 = cls;
            if (cls == null) {
                try {
                    cls = Class.forName("com.ibm.commerce.accesscontrol.policymanager.PolicyManagerImpl");
                    class$0 = cls;
                    r0 = cls;
                } catch (ClassNotFoundException unused) {
                    throw new NoClassDefFoundError(cls.getMessage());
                }
            }
            boolean z2 = r0;
            synchronized (r0) {
                if (instance == null) {
                    instance = new PolicyManagerImpl(z);
                }
                r0 = z2;
            }
        }
        return instance;
    }

    private boolean evaluatePolicy(Policy policy, GroupingContext groupingContext, CommandContext commandContext, Protectable protectable, Class cls, Long l, Long[] lArr, Long[] lArr2, boolean z, boolean z2) throws Exception {
        ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", new StringBuffer("Evaluating PolicyName: ").append(policy.getName()).toString());
        if (!policy.getResourceGroup().isMember(protectable, cls, groupingContext)) {
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "ResourceGroup does not match");
            return false;
        }
        if (!isPolicyTypeTemplate(policy)) {
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", new StringBuffer("CommandLevelCheck: ").append(z).append("; BecomeUserCheck: ").append(z2).append("; StoreId: ").append(commandContext.getStoreId()).toString());
            if (AccManager.isStoreScopedCommandLevelCheckEnabled() && ((z || z2) && !ECConstants.EC_NO_STOREID.equals(PolicyManagerHelper.getAccessControlEffectiveStoreId(commandContext)))) {
                ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Performing special command level check");
                if (!checkUserInCmdLevelUserGroup(policy.getUserGroup(), protectable.getOwner(), commandContext, lArr2)) {
                    ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Command Level UserGroup does not match");
                    return false;
                }
                if (z2) {
                    UserAccessBean userAccessBean = new UserAccessBean();
                    userAccessBean.setInitKey_MemberId(String.valueOf(commandContext.getForUserId()));
                    userAccessBean.refreshCopyHelper();
                    if ("R".equals(userAccessBean.getRegisterType())) {
                        ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Performing become user check, check whether the shopper is registered to the administrator authorizaiton domain.");
                        if (!checkShopperRegisteredInAdminAuthDomain(policy.getUserGroup(), commandContext.getUser(), userAccessBean)) {
                            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Become user not registered to administrator authorization domain");
                            return false;
                        }
                    }
                }
            } else if (!checkUserInUserGroup(commandContext, policy.getUserGroup())) {
                ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Normal UserGroup does not match");
                return false;
            }
        } else if (!isTemplatePolicyApplicableForAnyParent(policy, commandContext, lArr, lArr2)) {
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "Template UserGroup does not match");
            return false;
        }
        boolean z3 = false;
        if (policy.getRelationship() != null && !policy.getRelationship().equals("")) {
            z3 = true;
        }
        boolean z4 = false;
        RelationshipGroup relationshipGroup = policy.getRelationshipGroup();
        if (relationshipGroup != null && relationshipGroup.getConditionsObject() != null) {
            z4 = true;
        }
        if (!z4 && !z3) {
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", "No Relationship or RelationshipGroup to check");
            return true;
        }
        boolean z5 = false;
        if (z4) {
            RelationshipEvaluator relationshipEvaluator = new RelationshipEvaluator();
            relationshipEvaluator.setUserId(commandContext.getUserId());
            relationshipEvaluator.setResource(protectable);
            z5 = relationshipGroup.getConditionsObject().evaluate(relationshipEvaluator);
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", new StringBuffer("RelationshipGroup check: ").append(z5).toString());
        } else if (z3) {
            String relationship = policy.getRelationship();
            if (relationship.equalsIgnoreCase("owner")) {
                z5 = commandContext.getUserId().equals(l);
            } else {
                try {
                    z5 = protectable.fulfills(commandContext.getUserId(), relationship);
                } catch (Exception e) {
                    ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", new StringBuffer("Exception during Relationship check: ").append(e.toString()).toString());
                }
            }
            ECTrace.trace(38L, getClass().getName(), "evaluatePolicy", new StringBuffer("Relationship check: ").append(relationship).append(" -> ").append(z5).toString());
        }
        return z5;
    }

    public AccessClause getAccessClause(CommandContext commandContext, String str, String str2) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "getAccessClause");
        ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Action: ").append(str).append("; Resource: ").append(str2).toString());
        StringBuffer stringBuffer = new StringBuffer();
        AccessClause accessClause = new AccessClause();
        ArrayList parameterList = accessClause.getParameterList();
        Long userId = commandContext.getUserId();
        boolean z = true;
        boolean z2 = false;
        Enumeration policiesByAction = policyCache.getPoliciesByAction(str);
        if (policiesByAction == null) {
            accessClause.prefilteringSuccessful(false);
            accessClause.postfilteringNeeded(false);
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", "No policies match action.");
            ECTrace.exit(38L, getClass().getName(), "getAccessClause");
            return accessClause;
        }
        Vector applicablePoliciesByUser = getApplicablePoliciesByUser(commandContext, policiesByAction, accessClause);
        if (applicablePoliciesByUser.size() == 0) {
            accessClause.prefilteringSuccessful(true);
            accessClause.setAccessClauseString(" WHERE (1=0) ");
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", "User does not belong to any applicable Access Groups.");
            ECTrace.exit(38L, getClass().getName(), "getAccessClause");
            return accessClause;
        }
        Enumeration elements = applicablePoliciesByUser.elements();
        ResourceCategory resourceCategory = ResourceRegistry.getInstance().getResourceCategory(str2);
        String resTblName = resourceCategory.getResTblName();
        if (resTblName == null) {
            accessClause.prefilteringSuccessful(false);
            accessClause.postfilteringNeeded(false);
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", "Resource table meta data not available.");
            ECTrace.exit(38L, getClass().getName(), "getAccessClause");
            return accessClause;
        }
        int listOfPrimaryCols = resourceCategory.listOfPrimaryCols();
        Vector primaryColumns = resourceCategory.getPrimaryColumns();
        if (listOfPrimaryCols >= 2 || primaryColumns == null) {
            accessClause.prefilteringSuccessful(false);
            accessClause.postfilteringNeeded(false);
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Problem with primary key columns: ").append(listOfPrimaryCols).toString());
            ECTrace.exit(38L, getClass().getName(), "getAccessClause");
            return accessClause;
        }
        String str3 = (String) primaryColumns.get(0);
        boolean z3 = true;
        while (elements.hasMoreElements()) {
            StringBuffer stringBuffer2 = new StringBuffer();
            Policy policy = (Policy) elements.nextElement();
            Long owner = policy.getOwner();
            Integer policyType = policy.getPolicyType();
            String relationship = policy.getRelationship();
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Processing policy: Name -> ").append(policy.getName()).append("; ID -> ").append(policy.getPolicyId()).append("; Type -> ").append(policyType).append("; Relationship -> ").append(relationship).append("; Owner -> ").append(owner).toString());
            Vector orgSubscriptionsByPolicy = AccessControlConstants.GROUPABLE_STANDARD_POLICY.equals(policyType) ? policyGroupCache.getOrgSubscriptionsByPolicy(policy.getPolicyId()) : null;
            ResourceGroup resourceGroup = policy.getResourceGroup();
            ResourceGroup resourceGroup2 = policy.getResourceGroup();
            if (resourceGroup2.isMember(str2) || resourceGroup2.doesConditionHaveClassname(str2)) {
                ResourceRelation relationship2 = resourceCategory.getRelationship(relationship);
                String relationSubQuery = getRelationSubQuery(resourceCategory, relationship2, resTblName, str3, userId, parameterList);
                if (relationSubQuery.length() == 0) {
                    ECTrace.trace(38L, getClass().getName(), "getAccessClause", "There is no Relationship subquery for this policy.");
                    stringBuffer2.append("1=1");
                } else {
                    stringBuffer2.append(relationSubQuery);
                    ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Relationship subquery: ").append(relationSubQuery).toString());
                }
                Condition conditionObject = resourceGroup.getConditionObject();
                if (conditionObject != null) {
                    String conditionSubQuery = getConditionSubQuery(resourceCategory, resTblName, str3, conditionObject, str2);
                    if (conditionSubQuery.length() != 0) {
                        stringBuffer2.append(OrderSearchBean.andClause);
                        stringBuffer2.append("(");
                        stringBuffer2.append(conditionSubQuery);
                        stringBuffer2.append(")");
                        ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Condition query: ").append(conditionSubQuery).toString());
                    } else {
                        z = false;
                        z2 = true;
                        ECTrace.trace(38L, getClass().getName(), "getAccessClause", "Condition query lenth is 0.");
                    }
                }
                String str4 = new String();
                if (str3 != null) {
                    str4 = getOwnershipSubQuery(resourceCategory, str3, relationship2, userId, parameterList, orgSubscriptionsByPolicy, policy);
                }
                if (str4.length() == 0) {
                    ECTrace.trace(38L, getClass().getName(), "getAccessClause", "Ownership subquery is empty.");
                    z = false;
                    z2 = false;
                } else {
                    stringBuffer2.append(OrderSearchBean.andClause);
                    stringBuffer2.append("(");
                    stringBuffer2.append(str4);
                    stringBuffer2.append(")");
                    ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Ownership subquery: ").append(str4).toString());
                    if (stringBuffer2.length() != 0) {
                        if (z3) {
                            stringBuffer = new StringBuffer("WHERE ((").append((Object) stringBuffer2);
                            stringBuffer.append(")");
                        } else {
                            stringBuffer.append(" OR ");
                            StringBuffer append = new StringBuffer("(").append((Object) stringBuffer2);
                            append.append(")");
                            stringBuffer.append(append.toString());
                        }
                        if (z3) {
                            z3 = !z3;
                        }
                    }
                    ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Current state of ownership subquery: ").append((Object) stringBuffer).toString());
                }
            } else {
                ECTrace.trace(38L, getClass().getName(), "getAccessClause", "Resource is not member of Resource Group.");
            }
        }
        if (stringBuffer.length() != 0) {
            stringBuffer.append(")");
        } else {
            z = false;
            z2 = false;
        }
        accessClause.prefilteringSuccessful(z);
        accessClause.postfilteringNeeded(z2);
        accessClause.setAccessClauseString(stringBuffer.toString());
        ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Final state of query: ").append((Object) stringBuffer).toString());
        ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("Is pre-filtering successful: ").append(z).toString());
        if (ECTrace.traceEnabled(38L) && parameterList.size() > 0) {
            StringBuffer stringBuffer3 = new StringBuffer();
            Object[] array = parameterList.toArray();
            for (int i = 0; i < array.length; i++) {
                if (i > 0) {
                    stringBuffer3.append(", ");
                }
                stringBuffer3.append(array[i].toString());
            }
            ECTrace.trace(38L, getClass().getName(), "getAccessClause", new StringBuffer("parameterList: (").append((Object) stringBuffer3).append(")").toString());
        }
        ECTrace.exit(38L, getClass().getName(), "getAccessClause");
        return accessClause;
    }

    private Vector getApplicablePoliciesByUser(CommandContext commandContext, Enumeration enumeration, AccessClause accessClause) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "getApplicablePoliciesByUser");
        Vector vector = new Vector();
        while (enumeration.hasMoreElements()) {
            Policy policy = (Policy) enumeration.nextElement();
            if (isPolicyTypeTemplate(policy)) {
                vector.add(policy);
                accessClause.prefilteringSuccessful(false);
                accessClause.postfilteringNeeded(true);
            } else if (checkUserInUserGroup(commandContext, policy.getUserGroup())) {
                vector.add(policy);
            } else {
                ECTrace.trace(38L, getClass().getName(), "getApplicablePoliciesByUser", new StringBuffer("User does not belong to access group of policy: Name -> ").append(policy.getName()).append("; Policy ID -> ").append(policy.getPolicyId()).append("; Access Group Name -> ").append(policy.getUserGroup().getMbrGrpName()).append("; Access Group ID -> ").append(policy.getUserGroup().getMbrGrpId()).toString());
            }
        }
        ECTrace.exit(38L, getClass().getName(), "getApplicablePoliciesByUser");
        return vector;
    }

    private String getConditionSubQuery(ResourceCategory resourceCategory, String str, String str2, Condition condition, String str3) {
        ECTrace.entry(38L, getClass().getName(), "getConditionSubQuery");
        StringBuffer stringBuffer = new StringBuffer();
        QueryGenerator queryGenerator = new QueryGenerator();
        if (condition != null) {
            String generateQuery = queryGenerator.generateQuery(condition, str3, resourceCategory);
            if (generateQuery == null || generateQuery.length() == 0) {
                return stringBuffer.toString();
            }
            stringBuffer.append(str);
            stringBuffer.append(".");
            stringBuffer.append(str2);
            stringBuffer.append(" IN ");
            stringBuffer.append("(");
            stringBuffer.append(generateQuery);
            stringBuffer.append(")");
        }
        ECTrace.exit(38L, getClass().getName(), "getConditionSubQuery");
        return stringBuffer.toString();
    }

    private Long[] getParentOrganizationsForResource(Long l) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "getParentOrganizationsForResource");
        ParentOrganizationCacheCmdImpl parentOrganizationCacheCmdImpl = new ParentOrganizationCacheCmdImpl();
        parentOrganizationCacheCmdImpl.setResourceOwner(l);
        try {
            parentOrganizationCacheCmdImpl.execute();
            Long[] parentOrganizations = parentOrganizationCacheCmdImpl.getParentOrganizations();
            if (parentOrganizations == null || parentOrganizations.length == 0) {
                parentOrganizations = new Long[]{EJBConstants.ROOT_ORGANIZATION};
                ECTrace.trace(38L, getClass().getName(), "getParentOrganizationsForResource", "Error: No parent organizations; defaulting to Root Organization. MBRREL table or Dynacache may be in invalid state.");
            }
            ECTrace.exit(38L, getClass().getName(), "getParentOrganizationsForResource");
            return parentOrganizations;
        } catch (Exception e) {
            ECTrace.trace(38L, getClass().getName(), "getParentOrganizationsForResource", new StringBuffer("Caught Exception: ").append(e.toString()).toString());
            throw e;
        }
    }

    private Condition getTrueOrFalseCondition(String str, boolean z) {
        TrueCondition trueCondition = null;
        if ("=".equals(str) && z) {
            trueCondition = new TrueCondition();
        } else if ("=".equals(str) && !z) {
            TrueCondition trueCondition2 = new TrueCondition();
            trueCondition2.setNot(true);
            trueCondition = trueCondition2;
        } else if ("!=".equals(str) && z) {
            TrueCondition trueCondition3 = new TrueCondition();
            trueCondition3.setNot(true);
            trueCondition = trueCondition3;
        } else if ("!=".equals(str) && !z) {
            trueCondition = new TrueCondition();
        }
        return trueCondition;
    }

    private void initialize(boolean z) throws Exception {
        if (policyCache == null || policyGroupCache == null) {
            AccessControlRegistryImpl.getInstance().initialize(z);
            if (policyCache == null) {
                policyCache = PolicyRegistry.getInstance();
            }
            if (policyGroupCache == null) {
                policyGroupCache = PolGrpSubscriptionRegistry.getInstance();
            }
        }
    }

    public boolean isAllowed(CommandContext commandContext, String str, Protectable protectable) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "isAllowed");
        boolean z = AccessControlConstants.EXECUTE_ACTION.equals(str) || (protectable instanceof ViewCommand);
        boolean z2 = AccessControlConstants.BECOME_USER_ACTION.equals(str);
        Enumeration policiesByAction = policyCache.getPoliciesByAction(str);
        GroupingContext convertToGroupingContext = convertToGroupingContext(commandContext);
        Long owner = protectable.getOwner();
        Class<?> cls = protectable.getClass();
        Long[] lArr = (Long[]) null;
        Vector vector = null;
        if (policiesByAction.hasMoreElements()) {
            if (lArr == null) {
                if (owner != null) {
                    lArr = getParentOrganizationsForResource(owner);
                } else {
                    ECTrace.trace(38L, getClass().getName(), "isAllowed", "Resource owner is null; defaulting to Root Organization.");
                    lArr = getParentOrganizationsForResource(EJBConstants.ROOT_ORGANIZATION);
                }
            }
            vector = new Vector();
            for (int i = 0; i < lArr.length; i++) {
                vector.addElement(lArr[i]);
                if (!policyGroupCache.getPolicyGroupsByOrg(lArr[i]).isEmpty()) {
                    break;
                }
            }
        }
        if (ECTrace.traceEnabled(38L)) {
            StringBuffer stringBuffer = new StringBuffer("isAllowed? ");
            stringBuffer.append(new StringBuffer("User=").append(commandContext.getUserId()).append("; ").toString());
            stringBuffer.append(new StringBuffer("Action=").append(str).append("; ").toString());
            stringBuffer.append(new StringBuffer("Resource=").append(cls.getName()).append("; ").toString());
            stringBuffer.append(new StringBuffer("Owner=").append(owner).append("; ").toString());
            stringBuffer.append(new StringBuffer("Resource Ancestor Orgs=").append(printArray(lArr)).append("; ").toString());
            stringBuffer.append(new StringBuffer("Resource Applicable Orgs=").append(printArray(vector.toArray())).toString());
            if (protectable instanceof Groupable) {
                stringBuffer.append("; resource is Groupable");
            }
            ECTrace.trace(38L, getClass().getName(), "isAllowed", stringBuffer.toString());
        }
        Vector vector2 = new Vector();
        while (policiesByAction.hasMoreElements()) {
            Policy policy = (Policy) policiesByAction.nextElement();
            ECTrace.trace(38L, getClass().getName(), "isAllowed", new StringBuffer("Found PolicyName: ").append(policy.getName()).append("; PolicyType: ").append(policy.getPolicyType()).append("; PolicyOwner: ").append(policy.getOwner()).toString());
            Long[] policyApplicableOrgs = getPolicyApplicableOrgs(policy, vector);
            if (policyApplicableOrgs == null) {
                ECTrace.trace(38L, getClass().getName(), "isAllowed", "Policy does not apply to the resource's applicable organizations");
            } else if (isPolicyTypeGroupable(policy)) {
                if (evaluatePolicy(policy, convertToGroupingContext, commandContext, protectable, cls, owner, policyApplicableOrgs, lArr, z, z2)) {
                    ECTrace.trace(38L, getClass().getName(), "isAllowed", "PASSED? =true");
                    ECTrace.exit(38L, getClass().getName(), "isAllowed");
                    return true;
                }
            } else if (policy.getOwner().equals(EJBConstants.ROOT_ORGANIZATION) || policy.getOwner().equals(owner)) {
                if (evaluatePolicy(policy, convertToGroupingContext, commandContext, protectable, cls, owner, policyApplicableOrgs, lArr, z, z2)) {
                    ECTrace.trace(38L, getClass().getName(), "isAllowed", "PASSED? =true");
                    ECTrace.exit(38L, getClass().getName(), "isAllowed");
                    return true;
                }
            } else {
                Vector vector3 = new Vector();
                vector3.addElement(policy);
                vector3.addElement(policyApplicableOrgs);
                vector2.addElement(vector3);
                ECTrace.trace(38L, getClass().getName(), "isAllowed", "This is an old type ancestor policy; it will be evaluated later");
            }
        }
        Enumeration elements = vector2.elements();
        while (elements.hasMoreElements()) {
            Vector vector4 = (Vector) elements.nextElement();
            if (evaluatePolicy((Policy) vector4.get(0), convertToGroupingContext, commandContext, protectable, cls, owner, (Long[]) vector4.get(1), lArr, z, z2)) {
                ECTrace.trace(38L, getClass().getName(), "isAllowed", "PASSED? =true");
                ECTrace.exit(38L, getClass().getName(), "isAllowed");
                return true;
            }
        }
        ECTrace.trace(38L, getClass().getName(), "isAllowed", "PASSED? =false");
        ECTrace.exit(38L, getClass().getName(), "isAllowed");
        return false;
    }

    private boolean isTemplatePolicyApplicableForAnyParent(Policy policy, CommandContext commandContext, Long[] lArr, Long[] lArr2) throws Exception {
        MemberGroupAccessBean memberGroupAccessBean = null;
        Condition condition = null;
        for (int i = 0; i < lArr.length; i++) {
            if (isTemplatePolicyValid(policy.getOverriddenOrgList(), lArr[i])) {
                ECTrace.trace(38L, getClass().getName(), "isTemplatePolicyValid", new StringBuffer("Applying template policy for OrgId: ").append(lArr[i]).toString());
                if (memberGroupAccessBean == null) {
                    memberGroupAccessBean = policy.getUserGroup();
                }
                if (condition == null) {
                    condition = SegmentCache.getSegmentCondition(memberGroupAccessBean.getOwnerIdInEJBType(), memberGroupAccessBean.getMbrGrpName());
                }
                if (condition == null) {
                    continue;
                } else {
                    Policy policy2 = new Policy();
                    policy2.setUserGroupId(policy.getUserGroupId());
                    policy2.setRelationship(policy.getRelationship());
                    policy2.setPolicyType(policy.getPolicyType());
                    policy2.setOwner(lArr[i]);
                    if (checkUserInUserGroup(commandContext, qualifyCondition((Condition) condition.clone(), policy2.getOwner(), commandContext, lArr2), memberGroupAccessBean)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private boolean isTemplatePolicyValid(Vector vector, Long l) throws Exception {
        boolean z = true;
        if (vector != null && !vector.isEmpty()) {
            Enumeration elements = vector.elements();
            while (true) {
                if (!elements.hasMoreElements()) {
                    break;
                }
                if (l.equals((Long) elements.nextElement())) {
                    z = false;
                    ECTrace.trace(38L, getClass().getName(), "isTemplatePolicyValid", new StringBuffer("Template policy overridden for OrgId: ").append(l).toString());
                    break;
                }
            }
        } else {
            z = true;
        }
        return z;
    }

    private Condition qualifyCondition(Condition condition, Long l, CommandContext commandContext, Long[] lArr) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "qualifyCondition");
        if (condition instanceof ConditionList) {
            Condition[] conditions = ((ConditionList) condition).getConditions();
            for (int length = conditions.length - 1; length >= 0; length--) {
                Condition condition2 = conditions[length];
                if (condition2 instanceof SimpleCondition) {
                    conditions[length] = qualifyCondition(condition2, l, commandContext, lArr);
                }
            }
            ((ConditionList) condition).setConditions(conditions);
        } else if (condition instanceof SimpleCondition) {
            String variable = ((SimpleCondition) condition).getVariable();
            String value = ((SimpleCondition) condition).getValue();
            String operator = ((SimpleCondition) condition).getOperator();
            if (variable.equals("org") && value.equals("?")) {
                condition = (operator.equals(">") || operator.equals(">=")) ? getTrueOrFalseCondition("=", checkOrgInOrgOrderedList(operator, l, Long.valueOf(commandContext.getUser().getParentMemberId()), lArr)) : new SimpleCondition("org", operator, l.toString());
            } else {
                SimpleCondition.Qualifier[] qualifiers = ((SimpleCondition) condition).getQualifiers();
                for (int i = 0; qualifiers != null && i < qualifiers.length; i++) {
                    String name = qualifiers[i].getName();
                    String data = qualifiers[i].getData();
                    if ("org".equals(name) && "?".equals(data)) {
                        qualifiers[i].setData(l.toString());
                        ((SimpleCondition) condition).setQualifiers(qualifiers);
                    } else if ("org".equals(name) && (("DescendantOrgs".equals(data) || "OrgAndDescendantOrgs".equals(data) || "AncestorOrgs".equals(data) || AccessControlConstants.ORG_AND_ANCESTORS.equals(data)) && variable.equals("role"))) {
                        Enumeration findByMemberIdRoleId = new MemberRoleAccessBean().findByMemberIdRoleId(commandContext.getUserId(), new RoleAccessBean().findByName(value).getRoleIdInEJBType());
                        boolean z = false;
                        if ("DescendantOrgs".equals(data) || "OrgAndDescendantOrgs".equals(data)) {
                            MemberAccessBean memberAccessBean = new MemberAccessBean();
                            memberAccessBean.setInitKey_MemberId(l.toString());
                            Long[] descendants = memberAccessBean.getDescendants();
                            while (true) {
                                if (!findByMemberIdRoleId.hasMoreElements() || z) {
                                    break;
                                }
                                Long orgEntityIdInEJBType = ((MemberRoleAccessBean) findByMemberIdRoleId.nextElement()).getOrgEntityIdInEJBType();
                                if ("OrgAndDescendantOrgs".equals(data) && orgEntityIdInEJBType.equals(l)) {
                                    z = true;
                                    break;
                                }
                                int length2 = descendants != null ? descendants.length : 0;
                                int i2 = 0;
                                while (true) {
                                    if (i2 < length2) {
                                        if (orgEntityIdInEJBType != null && descendants[i2] != null && orgEntityIdInEJBType.equals(descendants[i2])) {
                                            z = true;
                                            break;
                                        }
                                        i2++;
                                    }
                                }
                            }
                        } else {
                            String str = "AncestorOrgs".equals(data) ? ">" : ">=";
                            while (findByMemberIdRoleId.hasMoreElements() && !z) {
                                z = checkOrgInOrgOrderedList(str, l, ((MemberRoleAccessBean) findByMemberIdRoleId.nextElement()).getOrgEntityIdInEJBType(), lArr);
                            }
                        }
                        condition = getTrueOrFalseCondition("=", z);
                    }
                }
            }
        }
        ECTrace.exit(38L, getClass().getName(), "qualifyCondition", condition);
        return condition;
    }

    private String getOwnershipSubQuery(ResourceCategory resourceCategory, String str, ResourceRelation resourceRelation, Long l, List list, Vector vector, Policy policy) {
        ECTrace.entry(38L, getClass().getName(), "getOwnershipSubQuery");
        Long owner = policy.getOwner();
        Integer policyType = policy.getPolicyType();
        Integer policyId = policy.getPolicyId();
        StringBuffer stringBuffer = new StringBuffer();
        String resTblName = resourceCategory.getResTblName();
        String resOwnerTblName = resourceCategory.getResOwnerTblName();
        String resOwnerTblKeyColName = resourceCategory.getResOwnerTblKeyColName();
        String resOwnerColName = resourceCategory.getResOwnerColName();
        String resJoinKey = resourceCategory.getResJoinKey();
        String str2 = null;
        String str3 = null;
        String str4 = null;
        if (resourceRelation != null) {
            str2 = resourceRelation.getRelationName();
            str3 = resourceRelation.getResourceRelTableName();
            str4 = resourceRelation.getResourceMemberColName();
        }
        boolean z = !resTblName.equalsIgnoreCase(resOwnerTblName);
        boolean z2 = z;
        if (z && resJoinKey == null) {
            ECTrace.trace(38L, getClass().getName(), "getOwnershipSubQuery", "Resource Owner Table meta data not available.");
            ECTrace.exit(38L, getClass().getName(), "getOwnershipSubQuery");
            return stringBuffer.toString();
        }
        stringBuffer.append("(");
        stringBuffer.append(resTblName);
        stringBuffer.append(".");
        stringBuffer.append(str);
        stringBuffer.append(" IN ");
        stringBuffer.append("(");
        stringBuffer.append(" SELECT ");
        stringBuffer.append(resTblName);
        stringBuffer.append(".");
        stringBuffer.append(str);
        stringBuffer.append(" FROM ");
        stringBuffer.append(resTblName);
        if (z2) {
            stringBuffer.append(",");
            stringBuffer.append(resOwnerTblName);
        }
        stringBuffer.append(OrderSearchBean.whereClause);
        if (z2) {
            stringBuffer.append("(");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerTblKeyColName);
            stringBuffer.append("=");
            stringBuffer.append(resTblName);
            stringBuffer.append(".");
            stringBuffer.append(resJoinKey);
            stringBuffer.append(") AND");
        }
        if (AccessControlConstants.STANDARD_POLICY.equals(policyType) || policyType == null || AccessControlConstants.TEMPLATE_ORG_POLICY.equals(policyType)) {
            stringBuffer.append("(");
            stringBuffer.append("(");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerColName);
            stringBuffer.append("=");
            stringBuffer.append('?');
            list.add(owner);
            stringBuffer.append(")");
            stringBuffer.append(" OR ");
            boolean z3 = false;
            if (str2 != null && (str2.equals("owner") || (str3.equals(resOwnerTblName) && str4.equals(resOwnerColName)))) {
                stringBuffer.append("(");
                stringBuffer.append('?');
                list.add(owner);
                stringBuffer.append(" = MBRREL.ANCESTOR_ID AND MBRREL.DESCENDANT_ID = ");
                stringBuffer.append('?');
                list.add(l);
                stringBuffer.append(" AND MBRREL.DESCENDANT_ID = ");
                stringBuffer.append(resOwnerTblName);
                stringBuffer.append(".");
                stringBuffer.append(resOwnerColName);
                stringBuffer.append(")");
                z3 = true;
            }
            if (!z3) {
                stringBuffer.append("(");
                stringBuffer.append('?');
                list.add(owner);
                stringBuffer.append(" = MBRREL.ANCESTOR_ID AND MBRREL.DESCENDANT_ID = ");
                stringBuffer.append(resOwnerTblName);
                stringBuffer.append(".");
                stringBuffer.append(resOwnerColName);
                stringBuffer.append(")");
            }
            stringBuffer.append(") AND ");
            stringBuffer.append("(");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerColName);
            stringBuffer.append(" not in (select descendant_id from mbrrel");
            stringBuffer.append(" where ancestor_id in (select orgentity_id from acplgpsubs)");
            stringBuffer.append(" and ancestor_id in (select descendant_id from mbrrel where ancestor_id = ?");
            list.add(owner);
            stringBuffer.append(")) AND ");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerColName);
            stringBuffer.append(" not in (select orgentity_id from acplgpsubs");
            stringBuffer.append(" where orgentity_id in (select descendant_id from mbrrel where ancestor_id = ?");
            list.add(owner);
            stringBuffer.append(")))");
        } else if (AccessControlConstants.GROUPABLE_STANDARD_POLICY.equals(policyType) || AccessControlConstants.GROUPABLE_TEMPLATE_POLICY.equals(policyType)) {
            if (vector.size() == 0) {
                ECTrace.trace(38L, getClass().getName(), "getOwnershipSubQuery", "No organizations subscribe to this groupable policy.");
                ECTrace.exit(38L, getClass().getName(), "getOwnershipSubQuery");
                return "";
            }
            StringBuffer stringBuffer2 = new StringBuffer("(SELECT acplgpsubs.orgentity_id FROM acplgpsubs, acpolgppol WHERE acplgpsubs.acpolgrp_id = acpolgppol.acpolgrp_id and acpolgppol.acpolicy_id = ?)");
            stringBuffer.append("(");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerColName);
            stringBuffer.append(" IN ");
            stringBuffer.append((Object) stringBuffer2);
            list.add(policyId);
            stringBuffer.append(" OR ");
            stringBuffer.append(resOwnerTblName);
            stringBuffer.append(".");
            stringBuffer.append(resOwnerColName);
            stringBuffer.append(" IN ");
            stringBuffer.append("(SELECT descendant_id FROM mbrrel mbrrelOut WHERE ancestor_id IN ");
            stringBuffer.append((Object) stringBuffer2);
            list.add(policyId);
            stringBuffer.append(" AND sequence = (SELECT MIN(sequence) FROM mbrrel");
            stringBuffer.append(" WHERE descendant_id = mbrrelOut.descendant_id");
            stringBuffer.append(" AND ancestor_id IN (SELECT orgentity_id FROM acplgpsubs)");
            stringBuffer.append(")))");
        }
        stringBuffer.append("))");
        ECTrace.exit(38L, getClass().getName(), "getOwnershipSubQuery");
        return stringBuffer.toString();
    }

    private String getRelationSubQuery(ResourceCategory resourceCategory, ResourceRelation resourceRelation, String str, String str2, Long l, List list) {
        ECTrace.entry(38L, getClass().getName(), "getRelationSubQuery");
        if (resourceRelation == null) {
            ECTrace.exit(38L, getClass().getName(), "getRelationSubQuery");
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        String relationName = resourceRelation.getRelationName();
        String resourceRelTableName = resourceRelation.getResourceRelTableName();
        String resourceRelColName = resourceRelation.getResourceRelColName();
        String resourceJoinKeyColName = resourceRelation.getResourceJoinKeyColName();
        String resourceTypeColumn = resourceRelation.getResourceTypeColumn();
        stringBuffer.append(str);
        stringBuffer.append(".");
        stringBuffer.append(str2);
        stringBuffer.append(" IN (SELECT ");
        stringBuffer.append(str);
        stringBuffer.append(".");
        stringBuffer.append(str2);
        stringBuffer.append(" FROM ");
        stringBuffer.append(str);
        boolean z = false;
        if (!str.equalsIgnoreCase(resourceRelTableName) && resourceRelTableName.length() != 0) {
            stringBuffer.append(" , ");
            stringBuffer.append(resourceRelTableName);
            stringBuffer.append(OrderSearchBean.whereClause);
            z = true;
            stringBuffer.append("(");
            stringBuffer.append(str);
            stringBuffer.append(".");
            stringBuffer.append(resourceJoinKeyColName);
            stringBuffer.append("=");
            stringBuffer.append(resourceRelTableName);
            stringBuffer.append(".");
            stringBuffer.append(resourceRelation.getResourceKeyColName());
            stringBuffer.append(") AND");
        }
        if (!z) {
            stringBuffer.append(OrderSearchBean.whereClause);
        }
        if ((resourceTypeColumn == null || resourceTypeColumn.equals("")) && resourceRelColName != null && resourceRelColName.length() != 0) {
            stringBuffer.append("(");
            stringBuffer.append(resourceRelTableName);
            stringBuffer.append(".");
            stringBuffer.append(resourceRelColName);
            stringBuffer.append("= '");
            stringBuffer.append(relationName);
            stringBuffer.append("'");
            stringBuffer.append(") AND ");
        } else if (resourceTypeColumn != null && !resourceTypeColumn.equals("")) {
            if (resourceRelColName == null || resourceRelColName.equals("")) {
                ECTrace.trace(38L, getClass().getName(), "getRelationSubQuery", "Resource Relation Column data is missing.");
                ECTrace.exit(38L, getClass().getName(), "getRelationSubQuery");
                return "";
            }
            stringBuffer.append("(");
            stringBuffer.append(resourceRelTableName);
            stringBuffer.append(".");
            stringBuffer.append(resourceRelColName);
            stringBuffer.append(" = ");
            stringBuffer.append(new StringBuffer(" ( SELECT ACRELATION_ID FROM ACRELATION WHERE RELATIONNAME = '").append(relationName).append("')) ").toString());
            stringBuffer.append(OrderSearchBean.andClause);
            stringBuffer.append("(");
            stringBuffer.append(resourceRelTableName);
            stringBuffer.append(".");
            stringBuffer.append(resourceTypeColumn);
            stringBuffer.append(" = ");
            stringBuffer.append(resourceCategory.getResourceCategoryId());
            stringBuffer.append(" ) AND ");
        }
        stringBuffer.append("(");
        stringBuffer.append(resourceRelTableName);
        stringBuffer.append(".");
        stringBuffer.append(resourceRelation.getResourceMemberColName());
        stringBuffer.append("=");
        stringBuffer.append('?');
        list.add(l);
        stringBuffer.append("))");
        ECTrace.exit(38L, getClass().getName(), "getRelationSubQuery");
        return stringBuffer.toString();
    }

    private boolean isPolicyTypeGroupable(Policy policy) {
        return AccessControlConstants.GROUPABLE_STANDARD_POLICY.equals(policy.getPolicyType()) || AccessControlConstants.GROUPABLE_TEMPLATE_POLICY.equals(policy.getPolicyType());
    }

    private boolean isPolicyTypeTemplate(Policy policy) {
        return AccessControlConstants.TEMPLATE_ORG_POLICY.equals(policy.getPolicyType()) || AccessControlConstants.GROUPABLE_TEMPLATE_POLICY.equals(policy.getPolicyType());
    }

    private Long[] getPolicyApplicableOrgs(Policy policy, Vector vector) throws Exception {
        int i;
        ECTrace.entry(38L, getClass().getName(), "getPolicyApplicableOrgs");
        Long owner = policy.getOwner();
        Long[] lArr = (Long[]) null;
        if (owner == null) {
            ECTrace.exit(38L, getClass().getName(), "getPolicyApplicableOrgs");
            return lArr;
        }
        if (isPolicyTypeGroupable(policy)) {
            Vector orgSubscriptionsByPolicy = policyGroupCache.getOrgSubscriptionsByPolicy(policy.getPolicyId());
            if (orgSubscriptionsByPolicy == null || orgSubscriptionsByPolicy.isEmpty()) {
                i = vector.size();
                ECTrace.trace(38L, getClass().getName(), "getPolicyApplicableOrgs", "No organizations subscribe to a policy group with this policy");
            } else {
                i = 0;
                while (i < vector.size() && !orgSubscriptionsByPolicy.contains((Long) vector.get(i))) {
                    i++;
                }
            }
        } else {
            i = 0;
            while (i < vector.size() && !((Long) vector.get(i)).equals(owner)) {
                i++;
            }
        }
        if (i < vector.size()) {
            if (isPolicyTypeTemplate(policy)) {
                lArr = new Long[i + 1];
                for (int i2 = 0; i2 < i + 1; i2++) {
                    lArr[i2] = (Long) vector.get(i2);
                }
            } else {
                lArr = new Long[]{(Long) vector.get(i)};
            }
        }
        if (ECTrace.traceEnabled(38L)) {
            StringBuffer stringBuffer = new StringBuffer("Policy Applicable Orgs=");
            stringBuffer.append(printArray(lArr));
            ECTrace.trace(38L, getClass().getName(), "getPolicyApplicableOrgs", stringBuffer.toString());
        }
        ECTrace.exit(38L, getClass().getName(), "getPolicyApplicableOrgs");
        return lArr;
    }

    private boolean checkOrgInOrgOrderedList(String str, Long l, Long l2, Long[] lArr) {
        ECTrace.entry(38L, getClass().getName(), "checkOrgInOrgOrderedList");
        boolean z = false;
        if (str == null || l == null || l2 == null || lArr == null) {
            ECTrace.exit(38L, getClass().getName(), "checkOrgInOrgOrderedList");
            return false;
        }
        boolean z2 = false;
        int i = 0;
        while (true) {
            if (i >= lArr.length) {
                break;
            }
            if (!z2 && l.equals(lArr[i])) {
                z2 = true;
                if (str.equals(">")) {
                    continue;
                    i++;
                }
            }
            if (z2 && l2.equals(lArr[i])) {
                z = true;
                break;
            }
            i++;
        }
        if (ECTrace.traceEnabled(38L)) {
            StringBuffer stringBuffer = new StringBuffer(new StringBuffer("orgToSearch:").append(l2).append(";").toString());
            stringBuffer.append(new StringBuffer("fromOrg:").append(l).append(";").toString());
            stringBuffer.append(new StringBuffer("orgList:").append(printArray(lArr)).append(";").toString());
            stringBuffer.append(new StringBuffer("operator: ").append(str).append(";").toString());
            stringBuffer.append(new StringBuffer("isOrgInOrgList? ").append(z).toString());
            ECTrace.trace(38L, getClass().getName(), "checkOrgInOrgOrderedList", stringBuffer.toString());
        }
        ECTrace.exit(38L, getClass().getName(), "checkOrgInOrgOrderedList");
        return z;
    }

    private String printArray(Object[] objArr) {
        if (objArr == null || objArr.length == 0) {
            return Constants.ELEMNAME_EMPTY_STRING;
        }
        String str = "";
        for (Object obj : objArr) {
            str = new StringBuffer(String.valueOf(str)).append(obj).append(",").toString();
        }
        return str.substring(0, str.length() - 1);
    }

    private boolean checkShopperRegisteredInAdminAuthDomain(MemberGroupAccessBean memberGroupAccessBean, UserAccessBean userAccessBean, UserAccessBean userAccessBean2) throws Exception {
        ECTrace.entry(38L, getClass().getName(), "checkShopperRegisteredInAdminAuthDomain(MemberGroupAccessBean, UserAccessBean, UserAccessBean)");
        boolean z = false;
        RoleAccessBean findByName = new RoleAccessBean().findByName(REGISTERED_CUSTOMER_ROLE_NAME);
        ArrayList arrayList = new ArrayList();
        Enumeration findByMemberIdRoleId = new MemberRoleAccessBean().findByMemberIdRoleId(userAccessBean2.getUserIdInEJBType(), findByName.getRoleIdInEJBType());
        while (findByMemberIdRoleId.hasMoreElements()) {
            arrayList.add(((MemberRoleAccessBean) findByMemberIdRoleId.nextElement()).getOrgEntityId());
        }
        if (!arrayList.isEmpty()) {
            ECTrace.trace(38L, getClass().getName(), "checkShopperRegisteredInAdminAuthDomain(MemberGroupAccessBean, UserAccessBean, UserAccessBean)", new StringBuffer("forUser registered organizations: ").append(printArray(arrayList.toArray())).toString());
            z = evaluateRCRelationship(SegmentCache.getSegmentCondition(memberGroupAccessBean.getOwnerIdInEJBType(), memberGroupAccessBean.getMbrGrpName()), userAccessBean, arrayList);
        }
        ECTrace.trace(38L, getClass().getName(), "checkShopperRegisteredInAdminAuthDomain(MemberGroupAccessBean, UserAccessBean, UserAccessBean)", new StringBuffer("forUser registered in admin authorization domain: ").append(z).toString());
        ECTrace.exit(38L, getClass().getName(), "checkShopperRegisteredInAdminAuthDomain(MemberGroupAccessBean, UserAccessBean, UserAccessBean)");
        return z;
    }

    private boolean evaluateRCRelationship(Condition condition, UserAccessBean userAccessBean, ArrayList arrayList) throws Exception {
        ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationship(Condition, UserAccessBean, ArrayList)", new StringBuffer("memberGroupCondition: ").append(condition).toString());
        boolean z = false;
        if (condition != null) {
            ConditionList conditionList = (Condition) condition.clone();
            if (conditionList instanceof ConditionList) {
                Condition[] conditions = conditionList.getConditions();
                int length = conditions.length;
                for (int i = 0; i < length; i++) {
                    Condition condition2 = conditions[i];
                    if (condition2 instanceof SimpleCondition) {
                        conditions[i] = getTrueOrFalseCondition("=", evaluateRCRelationshipWithAdminRole((SimpleCondition) condition2, userAccessBean, arrayList));
                    } else if (condition2 instanceof ConditionList) {
                        conditions[i] = getTrueOrFalseCondition("=", evaluateRCRelationship(condition2, userAccessBean, arrayList));
                    } else {
                        conditions[i] = getTrueOrFalseCondition("=", false);
                    }
                }
                conditionList.setConditions(conditions);
            } else {
                conditionList = conditionList instanceof SimpleCondition ? getTrueOrFalseCondition("=", evaluateRCRelationshipWithAdminRole((SimpleCondition) conditionList, userAccessBean, arrayList)) : getTrueOrFalseCondition("=", false);
            }
            z = conditionList.evaluate((Evaluator) null);
        }
        ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationship(Condition, UserAccessBean, ArrayList)", new StringBuffer("Done condition evaluation: ").append(z).toString());
        return z;
    }

    private boolean evaluateRCRelationshipWithAdminRole(SimpleCondition simpleCondition, UserAccessBean userAccessBean, ArrayList arrayList) throws Exception {
        boolean z = false;
        String variable = simpleCondition.getVariable();
        String operator = simpleCondition.getOperator();
        String value = simpleCondition.getValue();
        if (variable.equals("role") && operator.equals("=") && value != null) {
            ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationshipWithAdminRole(SimpleCondition, UserAccessBean, ArrayList)", new StringBuffer("Evaluating admin role ").append(value).toString());
            Enumeration findByMemberIdRoleId = new MemberRoleAccessBean().findByMemberIdRoleId(userAccessBean.getUserIdInEJBType(), new RoleAccessBean().findByName(value).getRoleIdInEJBType());
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            while (true) {
                if (!findByMemberIdRoleId.hasMoreElements()) {
                    break;
                }
                String orgEntityId = ((MemberRoleAccessBean) findByMemberIdRoleId.nextElement()).getOrgEntityId();
                ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationshipWithAdminRole(SimpleCondition, UserAccessBean, ArrayList)", new StringBuffer("Evaluating admin role ").append(value).append(" for organization ").append(orgEntityId).toString());
                if (!arrayList2.contains(orgEntityId)) {
                    if (arrayList.contains(orgEntityId)) {
                        z = true;
                        break;
                    }
                    arrayList2.add(orgEntityId);
                    arrayList3.add(orgEntityId);
                }
            }
            if (!z) {
                Iterator it = arrayList3.iterator();
                while (!z && it.hasNext()) {
                    Enumeration findDescendantOrganizations = new MemberRelationshipsAccessBean().findDescendantOrganizations(new Long((String) it.next()));
                    while (true) {
                        if (!findDescendantOrganizations.hasMoreElements()) {
                            break;
                        }
                        String descendantId = ((MemberRelationshipsAccessBean) findDescendantOrganizations.nextElement()).getDescendantId();
                        ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationshipWithAdminRole(SimpleCondition, UserAccessBean, ArrayList)", new StringBuffer("Evaluating admin role ").append(value).append(" for descendant organization ").append(descendantId).toString());
                        if (!arrayList2.contains(descendantId)) {
                            if (arrayList.contains(descendantId)) {
                                z = true;
                                break;
                            }
                            arrayList2.add(descendantId);
                        }
                    }
                }
            }
            ECTrace.trace(38L, getClass().getName(), "evaluateRCRelationshipWithAdminRole(SimpleCondition, UserAccessBean, ArrayList)", new StringBuffer("Done evaluating admin role, ").append(value).append(": ").append(z).toString());
        }
        return z;
    }
}
