package org.apache.directory.server.core.authz;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/apacheds-core-1.0.2.jar:org/apache/directory/server/core/authz/GroupCache.class */
public class GroupCache {
    private static final String OC_ATTR = "objectClass";
    private static final String MEMBER_ATTR = "member";
    private static final String UNIQUEMEMBER_ATTR = "uniqueMember";
    private static final String GROUPOFNAMES_OC = "groupOfNames";
    private static final String GROUPOFUNIQUENAMES_OC = "groupOfUniqueNames";
    private static final Logger log;
    private static final boolean IS_DEBUG;
    private final PartitionNexus nexus;
    private final Hashtable env;
    private Map normalizerMap;
    static Class class$org$apache$directory$server$core$authz$GroupCache;
    private final Map groups = new HashMap();
    LdapDN administratorsGroupDn = new LdapDN("cn=Administrators,ou=groups,ou=system");

    public GroupCache(DirectoryServiceConfiguration directoryServiceConfiguration) throws NamingException {
        this.normalizerMap = directoryServiceConfiguration.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping();
        this.nexus = directoryServiceConfiguration.getPartitionNexus();
        this.env = (Hashtable) directoryServiceConfiguration.getEnvironment().clone();
        this.administratorsGroupDn.normalize(this.normalizerMap);
        initialize();
    }

    private LdapDN parseNormalized(String str) throws NamingException {
        LdapDN ldapDN = new LdapDN(str);
        ldapDN.normalize(this.normalizerMap);
        return ldapDN;
    }

    private void initialize() throws NamingException {
        BranchNode branchNode = new BranchNode(9);
        branchNode.addNode(new SimpleNode("objectClass", GROUPOFNAMES_OC, 0));
        branchNode.addNode(new SimpleNode("objectClass", GROUPOFUNIQUENAMES_OC, 0));
        Iterator listSuffixes = this.nexus.listSuffixes();
        while (listSuffixes.hasNext()) {
            LdapDN ldapDN = new LdapDN((String) listSuffixes.next());
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = this.nexus.search(ldapDN, this.env, branchNode, searchControls);
            while (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                String ldapDN2 = parseNormalized(searchResult.getName()).toString();
                Attribute memberAttribute = getMemberAttribute(searchResult.getAttributes());
                if (memberAttribute != null) {
                    HashSet hashSet = new HashSet(memberAttribute.size());
                    addMembers(hashSet, memberAttribute);
                    this.groups.put(ldapDN2, hashSet);
                } else {
                    log.warn(new StringBuffer().append("Found group '").append(ldapDN2).append("' without any member or uniqueMember attributes").toString());
                }
            }
            search.close();
        }
        if (IS_DEBUG) {
            log.debug(new StringBuffer().append("group cache contents on startup:\n").append(this.groups).toString());
        }
    }

    private Attribute getMemberAttribute(Attributes attributes) {
        Attribute attribute = attributes.get("objectClass");
        if (attribute == null) {
            if (attributes.get(MEMBER_ATTR) != null) {
                return attributes.get(MEMBER_ATTR);
            }
            if (attributes.get(UNIQUEMEMBER_ATTR) != null) {
                return attributes.get(UNIQUEMEMBER_ATTR);
            }
            return null;
        }
        if (AttributeUtils.containsValueCaseIgnore(attribute, GROUPOFNAMES_OC)) {
            return attributes.get(MEMBER_ATTR);
        }
        if (AttributeUtils.containsValueCaseIgnore(attribute, GROUPOFUNIQUENAMES_OC)) {
            return attributes.get(UNIQUEMEMBER_ATTR);
        }
        return null;
    }

    private void addMembers(Set set, Attribute attribute) throws NamingException {
        for (int i = 0; i < attribute.size(); i++) {
            String str = (String) attribute.get(i);
            try {
                str = parseNormalized(str).toString();
            } catch (NamingException e) {
                log.warn("Malformed member DN in groupOf[Unique]Names entry.  Member not added to GroupCache.", e);
            }
            set.add(str);
        }
    }

    private void removeMembers(Set set, Attribute attribute) throws NamingException {
        for (int i = 0; i < attribute.size(); i++) {
            String str = (String) attribute.get(i);
            try {
                str = parseNormalized(str).toString();
            } catch (NamingException e) {
                log.warn("Malformed member DN in groupOf[Unique]Names entry.  Member not removed from GroupCache.", e);
            }
            set.remove(str);
        }
    }

    public void groupAdded(String str, Name name, Attributes attributes) throws NamingException {
        Attribute memberAttribute = getMemberAttribute(attributes);
        if (memberAttribute == null) {
            return;
        }
        HashSet hashSet = new HashSet(memberAttribute.size());
        addMembers(hashSet, memberAttribute);
        this.groups.put(name.toString(), hashSet);
        if (IS_DEBUG) {
            log.debug(new StringBuffer().append("group cache contents after adding ").append(name.toString()).append(":\n").append(this.groups).toString());
        }
    }

    public void groupDeleted(Name name, Attributes attributes) {
        if (getMemberAttribute(attributes) == null) {
            return;
        }
        this.groups.remove(name.toString());
        if (IS_DEBUG) {
            log.debug(new StringBuffer().append("group cache contents after deleting ").append(name.toString()).append(":\n").append(this.groups).toString());
        }
    }

    private void modify(Set set, int i, Attribute attribute) throws NamingException {
        switch (i) {
            case 1:
                addMembers(set, attribute);
                return;
            case 2:
                if (attribute.size() > 0) {
                    set.clear();
                    addMembers(set, attribute);
                    return;
                }
                return;
            case 3:
                removeMembers(set, attribute);
                return;
            default:
                throw new InternalError(new StringBuffer().append("Undefined modify operation value of ").append(i).toString());
        }
    }

    public void groupModified(Name name, ModificationItemImpl[] modificationItemImplArr, Attributes attributes) throws NamingException {
        Attribute attribute = null;
        String str = null;
        Attribute attribute2 = attributes.get("objectClass");
        if (AttributeUtils.containsValueCaseIgnore(attribute2, GROUPOFNAMES_OC)) {
            attribute = attributes.get(MEMBER_ATTR);
            str = MEMBER_ATTR;
        }
        if (AttributeUtils.containsValueCaseIgnore(attribute2, GROUPOFUNIQUENAMES_OC)) {
            attribute = attributes.get(UNIQUEMEMBER_ATTR);
            str = UNIQUEMEMBER_ATTR;
        }
        if (attribute == null) {
            return;
        }
        int i = 0;
        while (true) {
            if (i >= modificationItemImplArr.length) {
                break;
            }
            if (str.equalsIgnoreCase(modificationItemImplArr[i].getAttribute().getID())) {
                Set set = (Set) this.groups.get(name.toString());
                if (set != null) {
                    modify(set, modificationItemImplArr[i].getModificationOp(), modificationItemImplArr[i].getAttribute());
                }
            } else {
                i++;
            }
        }
        if (IS_DEBUG) {
            log.debug(new StringBuffer().append("group cache contents after modifying ").append(name.toString()).append(":\n").append(this.groups).toString());
        }
    }

    public void groupModified(Name name, int i, Attributes attributes, Attributes attributes2) throws NamingException {
        Attribute memberAttribute = getMemberAttribute(attributes);
        if (memberAttribute == null) {
            return;
        }
        Set set = (Set) this.groups.get(name.toString());
        if (set != null) {
            modify(set, i, memberAttribute);
        }
        if (IS_DEBUG) {
            log.debug(new StringBuffer().append("group cache contents after modifying ").append(name.toString()).append(":\n").append(this.groups).toString());
        }
    }

    public final boolean isPrincipalAnAdministrator(LdapDN ldapDN) {
        if (ldapDN.toNormName().equals(PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED)) {
            return true;
        }
        Set set = (Set) this.groups.get(this.administratorsGroupDn.toNormName());
        if (set != null) {
            return set.contains(ldapDN.toNormName());
        }
        log.warn("What do you mean there is no administrators group? This is bad news.");
        return false;
    }

    public Set getGroups(String str) throws NamingException {
        try {
            String ldapDN = parseNormalized(str).toString();
            HashSet hashSet = null;
            for (String str2 : this.groups.keySet()) {
                Set set = (Set) this.groups.get(str2);
                if (set != null && set.contains(ldapDN)) {
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(new LdapDN(str2));
                }
            }
            return hashSet == null ? Collections.EMPTY_SET : hashSet;
        } catch (NamingException e) {
            log.warn("Malformed member DN.  Could not find groups for member in GroupCache. Returning empty set for groups!", e);
            return Collections.EMPTY_SET;
        }
    }

    public boolean groupRenamed(Name name, Name name2) {
        Object remove = this.groups.remove(name.toString());
        if (remove == null) {
            return false;
        }
        this.groups.put(name2.toString(), remove);
        if (!IS_DEBUG) {
            return true;
        }
        log.debug(new StringBuffer().append("group cache contents after renaming ").append(name.toString()).append(":\n").append(this.groups).toString());
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$directory$server$core$authz$GroupCache == null) {
            cls = class$("org.apache.directory.server.core.authz.GroupCache");
            class$org$apache$directory$server$core$authz$GroupCache = cls;
        } else {
            cls = class$org$apache$directory$server$core$authz$GroupCache;
        }
        log = LoggerFactory.getLogger(cls);
        IS_DEBUG = log.isDebugEnabled();
    }
}
