package oracle.gridhome.impl.operation;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import oracle.cluster.gridhome.client.GridHomeActionResult;
import oracle.cluster.gridhome.client.GridHomeOption;
import oracle.cluster.impl.gridhome.client.InternalParameter;
import oracle.gridhome.common.GHConstants;
import oracle.gridhome.impl.operation.GHOperationCommonImpl;
import oracle.gridhome.impl.operation.OperationAccess;
import oracle.gridhome.impl.operation.ServerProxy;
import oracle.gridhome.operation.RoleOperation;
import oracle.gridhome.repository.ACEException;
import oracle.gridhome.repository.BuiltInRoles;
import oracle.gridhome.repository.EntityAlreadyExistsException;
import oracle.gridhome.repository.EntityNotExistsException;
import oracle.gridhome.repository.OSUser;
import oracle.gridhome.repository.OSUserException;
import oracle.gridhome.repository.OSUserFactory;
import oracle.gridhome.repository.RepositoryException;
import oracle.gridhome.repository.Role;
import oracle.gridhome.repository.RoleException;
import oracle.gridhome.repository.RoleFactory;
import oracle.gridhome.repository.Site;
import oracle.gridhome.repository.SiteException;
import oracle.gridhome.repository.SiteFactory;
import oracle.gridhome.repository.SiteType;
import oracle.gridhome.resources.PrGoMsgID;
import oracle.ops.mgmt.has.ClusterUtil;
import oracle.ops.mgmt.has.ClusterUtilException;
import oracle.ops.mgmt.has.Util;
import oracle.ops.mgmt.has.UtilException;
import oracle.ops.mgmt.nls.MessageBundle;
import oracle.ops.mgmt.trace.Trace;

/* loaded from: input_file:oracle/gridhome/impl/operation/RoleOperationImpl.class */
public class RoleOperationImpl extends BaseOperationImpl implements RoleOperation {
    /* JADX INFO: Access modifiers changed from: package-private */
    public RoleOperationImpl(GHOperationCommonImpl gHOperationCommonImpl, MessageBundle messageBundle, String str, String str2) throws OperationException {
        super(gHOperationCommonImpl, messageBundle, str, str2);
    }

    @Override // oracle.gridhome.operation.RoleOperation
    public String add() throws OperationException {
        String str = null;
        try {
            try {
                preOp();
                str = internalAdd();
                return postOp(str);
            } catch (OperationException e) {
                Trace.out("OperationException: " + e.getMessage());
                str = GridHomeActionResult.genExceptionOutput(new String[]{e.getMessage()});
                throw e;
            }
        } catch (Throwable th) {
            postOp(str);
            throw th;
        }
    }

    private String internalAdd() throws OperationException {
        Trace.out("running 'add role' operation");
        return this.m_containerType == GHOperationCommonImpl.ContainerType.GHC ? invokeRHPS(ServerProxy.ServerMethod.ADD_ROLE) : addInternalRHPS();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String addInternalRHPS() throws OperationException {
        validateContainer(GHOperationCommonImpl.ContainerType.GHS, "ROI_addInternalRHPS-01");
        try {
            String paramValue = getParamValue(InternalParameter.USERNAME.toString());
            String paramValue2 = getParamValue(InternalParameter.CLUSTERNAME.toString());
            if (!new OperationAccess(this.m_repository).allowOperation(OperationAccess.OperationType.ADD_ROLE, paramValue, paramValue2, getArgumentsMap())) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_PRIV_ADDROLE, true, new Object[]{paramValue}));
            }
            String argValue = getArgValue(GridHomeOption.ROLE.toString());
            Trace.out("role name: " + argValue);
            if (argValue.trim().toUpperCase().startsWith(GHConstants.ROLE_PREFIX)) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.ROLE_PREFIX_NOT_ALLOW, true, new Object[]{argValue}));
            }
            RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
            try {
                roleFactory.fetchRole(argValue);
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.ROLE_ALREADY_EXISTS, true, new Object[]{argValue}));
            } catch (EntityNotExistsException e) {
                Role buildRole = roleFactory.buildRole(argValue);
                String clientID = getClientID(paramValue, paramValue2);
                Trace.out("role creator: " + clientID);
                buildRole.setCreator(clientID);
                String argValue2 = getArgValue(GridHomeOption.HASROLES.toString());
                if (argValue2 != null) {
                    String[] split = argValue2.split(GHConstants.COMMA);
                    ArrayList arrayList = new ArrayList();
                    StringBuilder sb = null;
                    for (String str : split) {
                        try {
                            Role fetchRole = roleFactory.fetchRole(str);
                            if (arrayList.contains(fetchRole)) {
                                Trace.out("role %s already on list; ignoring", str);
                            } else {
                                Trace.out("adding role %s to the list", str);
                                arrayList.add(fetchRole);
                            }
                        } catch (EntityNotExistsException e2) {
                            if (sb == null) {
                                sb = new StringBuilder(str);
                            } else {
                                sb.append(str);
                            }
                        }
                    }
                    if (sb != null) {
                        throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.INVALID_ROLENAMES, true, new Object[]{sb.toString()}));
                    }
                    buildRole.setRoles(arrayList);
                }
                roleFactory.storeRole(buildRole);
                return getArgValue(GridHomeOption.VERBOSE.toString()) == null ? GridHomeActionResult.genSuccessOutput(new String[0]) : GridHomeActionResult.genSuccessOutput(new String[]{this.m_msgBndl.getMessage(PrGoMsgID.ADD_ROLE_SUCCESS, false)});
            }
        } catch (EntityAlreadyExistsException e3) {
            Trace.out("EntityAlreadyExistsException: " + e3.getMessage());
            throw new OperationException(e3);
        } catch (RepositoryException e4) {
            Trace.out("RepositoryException: " + e4.getMessage());
            throw new OperationException(e4);
        } catch (RoleException e5) {
            Trace.out("RoleException: " + e5.getMessage());
            throw new OperationException(e5);
        }
    }

    @Override // oracle.gridhome.operation.RoleOperation
    public String query() throws OperationException {
        String str = null;
        try {
            try {
                preOp();
                str = internalQuery();
                return postOp(str);
            } catch (OperationException e) {
                Trace.out("OperationException: " + e.getMessage());
                str = GridHomeActionResult.genExceptionOutput(new String[]{e.getMessage()});
                throw e;
            }
        } catch (Throwable th) {
            postOp(str);
            throw th;
        }
    }

    private String internalQuery() throws OperationException {
        Trace.out("running 'query role' operation");
        return this.m_containerType == GHOperationCommonImpl.ContainerType.GHC ? invokeRHPS(ServerProxy.ServerMethod.CONFIG_ROLE) : queryInternalRHPS();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String queryInternalRHPS() throws OperationException {
        validateContainer(GHOperationCommonImpl.ContainerType.GHS, "ROI_queryInternalRHPS-01");
        if (getArgValue("testFutureProof") == null) {
            String paramValue = getParamValue(InternalParameter.USERNAME.toString());
            if (!new OperationAccess(this.m_repository).allowOperation(OperationAccess.OperationType.CONFIG_ROLE, paramValue, getParamValue(InternalParameter.CLUSTERNAME.toString()), getArgumentsMap())) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_PRIV_QUERYROLE, true, new Object[]{paramValue}));
            }
            String argValue = getArgValue(GridHomeOption.ROLE.toString());
            return argValue == null ? listAll() : getInfo(argValue);
        }
        String[] split = getArgValue("testFutureProof").split(GHConstants.HASH);
        String str = split[0];
        if ("MOUNT".equals(str)) {
            String str2 = split[1];
            Trace.out("performing mount JMX to RHPC %s ...", str2);
            exportAndMount(str2, split[5], new ArrayList(), split[6], null, split[3], split[4], false, split[2]);
        } else if ("UMOUNT".equals(str)) {
            String str3 = split[1];
            Trace.out("performing unmount JMX to RHPC %s ...", str3);
            unexportAndUnmount(str3, split[2], split[3]);
        } else {
            String str4 = split[1];
            Trace.out("performing dynamicOps JMX to RHPC %s ...", str4);
            String str5 = split[2];
            String str6 = split[3];
            List<String> arrayList = new ArrayList();
            if (!split[4].trim().isEmpty()) {
                arrayList = Arrays.asList(split[4].split(GHConstants.UNDERSCORE));
            }
            writeMessage(dynamicOps(str4, str5, str6, arrayList).getAllOutputs());
        }
        return GridHomeActionResult.genSuccessOutput(new String[0]);
    }

    private String listAll() throws OperationException {
        try {
            List<Role> fetchAllRoles = RoleFactory.getInstance(this.m_repository).fetchAllRoles();
            if (fetchAllRoles.size() == 0) {
                return GridHomeActionResult.genSuccessOutput(new String[]{this.m_msgBndl.getMessage(PrGoMsgID.NO_ROLE_CONFIGURED, false)});
            }
            StringBuilder sb = new StringBuilder(GridHomeActionResult.genSuccessOutput(new String[0]));
            Iterator<Role> it = fetchAllRoles.iterator();
            while (it.hasNext()) {
                sb.append(GridHomeActionResult.generateOutput(PrGoMsgID.facility, PrGoMsgID.ROLE_NAME, false, new String[]{it.next().getRoleName()}));
            }
            return sb.toString();
        } catch (RepositoryException e) {
            Trace.out("RepositoryException: " + e.getMessage());
            throw new OperationException(e);
        } catch (RoleException e2) {
            Trace.out("RoleException: " + e2.getMessage());
            throw new OperationException(e2);
        }
    }

    private String getInfo(String str) throws OperationException {
        try {
            Role fetchRole = RoleFactory.getInstance(this.m_repository).fetchRole(str);
            Trace.out(fetchRole.toRoleString());
            return GridHomeActionResult.genSuccessOutput(new String[0]) + GridHomeActionResult.generateOutput(PrGoMsgID.facility, PrGoMsgID.ROLE_NAME, false, new String[]{fetchRole.getRoleName()}) + GridHomeActionResult.generateOutput(PrGoMsgID.facility, PrGoMsgID.ASSOCIATED_ROLES, false, new String[]{roleListToString(fetchRole.getRoles())}) + GridHomeActionResult.generateOutput(PrGoMsgID.facility, PrGoMsgID.USERS_WITH_THIS_ROLE, false, new String[]{userListToString(getUsersWithRole(fetchRole))});
        } catch (ACEException e) {
            Trace.out("ACEException: " + e.getMessage());
            throw new OperationException(e);
        } catch (EntityNotExistsException e2) {
            Trace.out("EntityNotExistsException: " + e2.getMessage());
            throw new OperationException(e2);
        } catch (OSUserException e3) {
            Trace.out("OSUserException: " + e3.getMessage());
            throw new OperationException(e3);
        } catch (RepositoryException e4) {
            Trace.out("RepositoryException: " + e4.getMessage());
            throw new OperationException(e4);
        } catch (RoleException e5) {
            Trace.out("RoleException: " + e5.getMessage());
            throw new OperationException(e5);
        }
    }

    private String roleListToString(List<Role> list) {
        StringBuilder sb = null;
        for (Role role : list) {
            if (sb == null) {
                sb = new StringBuilder(role.getRoleName());
            } else {
                sb.append(GHConstants.COMMA);
                sb.append(GHConstants.SPACE);
                sb.append(role.getRoleName());
            }
        }
        return sb == null ? "" : sb.toString();
    }

    private String userListToString(List<OSUser> list) throws OSUserException {
        StringBuilder sb = null;
        for (OSUser oSUser : list) {
            if (sb == null) {
                sb = new StringBuilder(oSUser.getUserName());
            } else {
                sb.append(GHConstants.COMMA);
                sb.append(GHConstants.SPACE);
                sb.append(oSUser.getUserName());
            }
        }
        return sb == null ? "" : sb.toString();
    }

    private List<OSUser> getUsersWithRole(Role role) throws EntityNotExistsException, OperationException, OSUserException, RepositoryException {
        List<OSUser> fetchAllUsers = OSUserFactory.getInstance(this.m_repository).fetchAllUsers();
        ArrayList arrayList = new ArrayList();
        for (OSUser oSUser : fetchAllUsers) {
            if (oSUser.getRoles().contains(role)) {
                arrayList.add(oSUser);
            }
        }
        return arrayList;
    }

    @Override // oracle.gridhome.operation.RoleOperation
    public String delete() throws OperationException {
        String str = null;
        try {
            try {
                preOp();
                str = internalDelete();
                return postOp(str);
            } catch (OperationException e) {
                Trace.out("OperationException: " + e.getMessage());
                str = GridHomeActionResult.genExceptionOutput(new String[]{e.getMessage()});
                throw e;
            }
        } catch (Throwable th) {
            postOp(str);
            throw th;
        }
    }

    private String internalDelete() throws OperationException {
        Trace.out("running 'delete role' operation");
        return this.m_containerType == GHOperationCommonImpl.ContainerType.GHC ? invokeRHPS(ServerProxy.ServerMethod.DELETE_ROLE) : deleteInternalRHPS();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String deleteInternalRHPS() throws OperationException {
        validateContainer(GHOperationCommonImpl.ContainerType.GHS, "ROI_deleteInternalRHPS-01");
        try {
            String paramValue = getParamValue(InternalParameter.USERNAME.toString());
            if (!new OperationAccess(this.m_repository).allowOperation(OperationAccess.OperationType.DELETE_ROLE, paramValue, getParamValue(InternalParameter.CLUSTERNAME.toString()), getArgumentsMap())) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_PRIV_DELETEROLE, true, new Object[]{paramValue}));
            }
            String argValue = getArgValue(GridHomeOption.ROLE.toString());
            try {
                BuiltInRoles.getEnumMember(argValue);
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_DEL_BUILTIN_ROLE, true, new Object[]{argValue}));
            } catch (EnumConstantNotPresentException e) {
                Trace.out(argValue + " is not a built-in role");
                RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
                String userListToString = userListToString(getUsersWithRole(roleFactory.fetchRole(argValue)));
                if (!userListToString.equals("")) {
                    throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.USERS_HAVE_ROLE, true, new Object[]{argValue, userListToString}));
                }
                roleFactory.deleteRole(argValue);
                return getArgValue(GridHomeOption.VERBOSE.toString()) == null ? GridHomeActionResult.genSuccessOutput(new String[0]) : GridHomeActionResult.genSuccessOutput(new String[]{this.m_msgBndl.getMessage(PrGoMsgID.DELETE_ROLE_SUCCESS, false)});
            }
        } catch (EntityNotExistsException e2) {
            Trace.out("EntityNotExistsException: " + e2.getMessage());
            throw new OperationException(e2);
        } catch (OSUserException e3) {
            Trace.out("OSUserException: " + e3.getMessage());
            throw new OperationException(e3);
        } catch (RepositoryException e4) {
            Trace.out("RepositoryException: " + e4.getMessage());
            throw new OperationException(e4);
        } catch (RoleException e5) {
            Trace.out("RoleException: " + e5.getMessage());
            throw new OperationException(e5);
        }
    }

    @Override // oracle.gridhome.operation.RoleOperation
    public String grant() throws OperationException {
        String str = null;
        try {
            try {
                preOp();
                str = internalGrant();
                return postOp(str);
            } catch (OperationException e) {
                Trace.out("OperationException: " + e.getMessage());
                str = GridHomeActionResult.genExceptionOutput(new String[]{e.getMessage()});
                throw e;
            }
        } catch (Throwable th) {
            postOp(str);
            throw th;
        }
    }

    private String internalGrant() throws OperationException {
        Trace.out("running 'grant role' operation");
        return this.m_containerType == GHOperationCommonImpl.ContainerType.GHC ? invokeRHPS(ServerProxy.ServerMethod.GRANT_ROLE) : grantInternalRHPS();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String grantInternalRHPS() throws OperationException {
        validateContainer(GHOperationCommonImpl.ContainerType.GHS, "ROI_grantInternalRHPS-01");
        try {
            String paramValue = getParamValue(InternalParameter.USERNAME.toString());
            String paramValue2 = getParamValue(InternalParameter.CLUSTERNAME.toString());
            if (!new OperationAccess(this.m_repository).allowOperation(OperationAccess.OperationType.GRANT_ROLE, paramValue, paramValue2, getArgumentsMap())) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_PRIV_GRANTROLE, true, new Object[]{paramValue}));
            }
            String argValue = getArgValue(GridHomeOption.ROLE.toString());
            String argValue2 = getArgValue(GridHomeOption.CLIENT.toString());
            if (argValue == null) {
                String argValue3 = getArgValue(GridHomeOption.MAPROLES.toString());
                String clientID = getClientID(paramValue, paramValue2);
                if (argValue2 == null) {
                    return mapRoles(argValue3, true, paramValue2, clientID);
                }
                SiteFactory.getInstance(this.m_repository).fetchSite(argValue2);
                return mapRoles(argValue3, true, argValue2, clientID);
            }
            Role fetchRole = RoleFactory.getInstance(this.m_repository).fetchRole(argValue);
            String argValue4 = getArgValue(GridHomeOption.USER.toString());
            if (argValue4 != null) {
                return argValue2 == null ? grantRoleToUser(fetchRole, argValue4, paramValue2, paramValue, paramValue2) : grantRoleToUser(fetchRole, argValue4, argValue2, paramValue, paramValue2);
            }
            String argValue5 = getArgValue(GridHomeOption.GRANTEE.toString());
            if (argValue5 != null) {
                return grantRoleToRole(fetchRole, argValue5, paramValue, paramValue2);
            }
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.INVALID_GRANTROLE_OPTION, true));
        } catch (RepositoryException e) {
            Trace.out("RepositoryException: " + e.getMessage());
            throw new OperationException(e);
        } catch (ClusterUtilException e2) {
            Trace.out("ClusterUtilException: " + e2.getMessage());
            throw new OperationException((Throwable) e2);
        } catch (EntityAlreadyExistsException e3) {
            Trace.out("EntityAlreadyExistsException: " + e3.getMessage());
            throw new OperationException(e3);
        } catch (EntityNotExistsException e4) {
            Trace.out("EntityNotExistsException: " + e4.getMessage());
            throw new OperationException(e4);
        } catch (OSUserException e5) {
            Trace.out("OSUserException: " + e5.getMessage());
            throw new OperationException(e5);
        } catch (RoleException e6) {
            Trace.out("RoleException: " + e6.getMessage());
            throw new OperationException(e6);
        } catch (SiteException e7) {
            Trace.out("SiteException: " + e7.getMessage());
            throw new OperationException(e7);
        } catch (UtilException e8) {
            Trace.out("UtilException: " + e8.getMessage());
            throw new OperationException((Throwable) e8);
        }
    }

    private String grantRoleToUser(Role role, String str, String str2, String str3, String str4) throws ClusterUtilException, EntityAlreadyExistsException, EntityNotExistsException, OperationException, OSUserException, RepositoryException, RoleException, SiteException, UtilException {
        OSUser buildUser;
        validateRootUser(str);
        validateUserRole(role, true, str, str2, str3, str4);
        SiteFactory.getInstance(this.m_repository).fetchSite(str2);
        OSUserFactory oSUserFactory = OSUserFactory.getInstance(this.m_repository);
        String clientID = getClientID(str, str2);
        try {
            buildUser = oSUserFactory.fetchUser(clientID);
            Trace.out("user already exists");
        } catch (EntityNotExistsException e) {
            buildUser = oSUserFactory.buildUser(clientID);
            Trace.out("set the owner to " + clientID);
            try {
                oSUserFactory.storeUser(buildUser);
            } catch (EntityAlreadyExistsException e2) {
                Trace.out("user already stored in the repos; not an error");
            }
        }
        List<Role> roles = buildUser.getRoles();
        Role fetchRole = RoleFactory.getInstance(this.m_repository).fetchRole(BuiltInRoles.GH_JOB_USER.toString());
        if (roles.contains(role)) {
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.USER_GRANT_ROLE_FAILED, true, new Object[]{role.getRoleName(), clientID}));
        }
        roles.add(role);
        if (!roles.contains(fetchRole)) {
            Trace.out("Granting GH_JOB_USER role");
            roles.add(fetchRole);
        }
        buildUser.setRoles(roles);
        oSUserFactory.updateUser(buildUser);
        return GridHomeActionResult.genSuccessOutput(new String[0]);
    }

    private void validateRootUser(String str) throws OperationException {
        if (str != null && str.equals(GHConstants.ROOT_USER)) {
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_ROOT_USER, true));
        }
    }

    private void validateUserRole(Role role, boolean z, String str, String str2, String str3, String str4) throws ClusterUtilException, EntityNotExistsException, OperationException, OSUserException, RepositoryException, RoleException, SiteException, UtilException {
        String clientID;
        try {
            clientID = getClientID(str, str2);
        } catch (EntityNotExistsException e) {
            Trace.out("The user does not exist, so no validation for REST");
        }
        if (OSUserFactory.getInstance(this.m_repository).fetchUser(clientID).isRestUser()) {
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_RESTUSER, true, new Object[]{clientID}));
        }
        String roleName = role.getRoleName();
        Trace.out("role name: " + roleName);
        try {
            BuiltInRoles enumMember = BuiltInRoles.getEnumMember(roleName);
            if (enumMember == BuiltInRoles.GH_SA || enumMember == BuiltInRoles.GH_CA) {
                String clientID2 = getClientID(str3, str4);
                Trace.out("user granting or revoking the role: " + clientID2);
                List<Role> roles = OSUserFactory.getInstance(this.m_repository).fetchUser(clientID2).getRoles();
                Trace.out("grantor's/revoker's roles: " + roles.toString());
                if (enumMember != BuiltInRoles.GH_SA) {
                    Role fetchRole = RoleFactory.getInstance(this.m_repository).fetchRole(BuiltInRoles.GH_SA.toString());
                    if (!roles.contains(role) && !roles.contains(fetchRole)) {
                        if (z) {
                            Trace.out("no privilege to grant GH_CA");
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_USER_GH_CA, true, new Object[]{str3, str4}));
                        }
                        Trace.out("no privilege to revoke GH_CA");
                        throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_USER_GH_CA, true, new Object[]{str3, str4}));
                    }
                    if (!z) {
                        Trace.out("fetching client " + str2);
                        Site fetchSite = SiteFactory.getInstance(this.m_repository).fetchSite(str2);
                        if (fetchSite.getSiteType() == SiteType.GHC && fetchSite.getCRSUser().equals(str)) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_CRSUSER_GH_CA, true, new Object[]{str, str2}));
                        }
                    }
                } else {
                    if (!roles.contains(role)) {
                        if (z) {
                            Trace.out("no privilege to grant GH_SA");
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_USER_GH_SA, true, new Object[]{str3, str4}));
                        }
                        Trace.out("no privilege to revoke GH_SA");
                        throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_USER_GH_SA, true, new Object[]{str3, str4}));
                    }
                    if (!z) {
                        String clusterName = new ClusterUtil().getClusterName();
                        String clientID3 = getClientID(str, str2);
                        Trace.out("userStr: " + clientID3);
                        String currentUser = new Util().getCurrentUser();
                        if (getClientID(currentUser, clusterName).equals(clientID3)) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_CRSUSER_GH_SA, true, new Object[]{currentUser}));
                        }
                    }
                }
            }
        } catch (EnumConstantNotPresentException e2) {
            Trace.out(roleName + " is not a built-in role");
        }
    }

    private String grantRoleToRole(Role role, String str, String str2, String str3) throws EntityNotExistsException, OperationException, OSUserException, RepositoryException, RoleException {
        RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
        Role fetchRole = roleFactory.fetchRole(str);
        String roleName = role.getRoleName();
        try {
            BuiltInRoles.getEnumMember(str);
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_BUILTIN_ROLE, true, new Object[]{roleName, str}));
        } catch (EnumConstantNotPresentException e) {
            Trace.out("grantee " + str + " is not a built-in role");
            try {
                BuiltInRoles enumMember = BuiltInRoles.getEnumMember(roleName);
                if (enumMember == BuiltInRoles.GH_SA || enumMember == BuiltInRoles.GH_CA) {
                    List<Role> roles = OSUserFactory.getInstance(this.m_repository).fetchUser(getClientID(str2, str3)).getRoles();
                    if (enumMember != BuiltInRoles.GH_SA) {
                        Role fetchRole2 = roleFactory.fetchRole(BuiltInRoles.GH_SA.toString());
                        if (!roles.contains(role) && !roles.contains(fetchRole2)) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_ROLE_GH_CA, true, new Object[]{str2, str3}));
                        }
                    } else if (!roles.contains(role)) {
                        throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_ROLE_GH_SA, true, new Object[]{str2, str3}));
                    }
                }
            } catch (EnumConstantNotPresentException e2) {
                Trace.out(roleName + " is not a built-in role");
            }
            List<Role> roles2 = fetchRole.getRoles();
            if (!roles2.contains(role)) {
                roles2.add(role);
                fetchRole.setRoles(roles2);
                roleFactory.updateRole(fetchRole);
            }
            return GridHomeActionResult.genSuccessOutput(new String[0]);
        }
    }

    public String mapRoles(String str, boolean z, String str2, String str3) throws OperationException {
        Trace.out("begin mapRoles");
        try {
            Map<String, List<String>> parseMapRoles = parseMapRoles(str, !z, str2);
            if (parseMapRoles == null) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.INCORRECT_MAPROLES_SYNTAX, true, new Object[]{str}));
            }
            OSUserFactory oSUserFactory = OSUserFactory.getInstance(this.m_repository);
            RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
            ServerCommon serverCommon = this.m_serverCommon;
            String[] splitClientID = ServerCommon.splitClientID(str3);
            OSUser oSUser = null;
            ArrayList arrayList = new ArrayList();
            List<Role> list = null;
            for (String str4 : parseMapRoles.keySet()) {
                Trace.out("mapping roles to user " + str4);
                List<String> list2 = parseMapRoles.get(str4);
                arrayList.clear();
                ServerCommon serverCommon2 = this.m_serverCommon;
                String[] splitClientID2 = ServerCommon.splitClientID(str4);
                boolean z2 = true;
                try {
                    oSUser = oSUserFactory.fetchUser(str4);
                    list = oSUser.getRoles();
                    r26 = z ? null : getRoleNames(str4);
                } catch (EntityNotExistsException e) {
                    Trace.out("EntityNotExistsException: " + e.getMessage());
                    z2 = false;
                }
                for (String str5 : list2) {
                    if (!z && !r26.contains(str5)) {
                        if (oSUser != null && oSUser.isRestUser()) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_GRANT_RESTUSER, true, new Object[]{str4}));
                        }
                        Trace.out("user " + str4 + " doesn't have the role " + str5 + "; building the list of available roles");
                        StringBuilder sb = null;
                        for (String str6 : r26) {
                            if (sb == null) {
                                sb = new StringBuilder(str6);
                            } else {
                                sb.append(GHConstants.COMMA);
                                sb.append(GHConstants.SPACE);
                                sb.append(str6);
                            }
                        }
                        MessageBundle messageBundle = this.m_msgBndl;
                        Object[] objArr = new Object[3];
                        objArr[0] = str4;
                        objArr[1] = str5;
                        objArr[2] = sb == null ? "" : sb.toString();
                        throw new OperationException(messageBundle.getMessage(PrGoMsgID.USER_NOT_HAVE_ROLE, true, objArr));
                    }
                    Trace.out("mapping role " + str5);
                    Role fetchRole = roleFactory.fetchRole(str5);
                    validateUserRole(fetchRole, z, splitClientID2[0], splitClientID2[1], splitClientID[0], splitClientID[1]);
                    if (z) {
                        validateRootUser(splitClientID2[0]);
                        if (z2 && list.contains(fetchRole)) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.USER_GRANT_ROLE_FAILED, true, new Object[]{str5, str4}));
                        }
                    }
                    arrayList.add(fetchRole);
                }
                if (z2) {
                    if (z) {
                        Trace.out("adding");
                        list.addAll(arrayList);
                    } else {
                        Trace.out("removing");
                        list.removeAll(arrayList);
                    }
                    Trace.out("update user");
                    oSUser.setRoles(list);
                    oSUserFactory.updateUser(oSUser);
                } else {
                    Trace.out("creating user");
                    oSUser = oSUserFactory.buildUser(str4);
                    oSUser.setRoles(arrayList);
                    oSUser.setCreator(str3);
                    oSUserFactory.storeUser(oSUser);
                }
            }
            Trace.out("Mapped roles successfully");
            return GridHomeActionResult.genSuccessOutput(new String[0]);
        } catch (RoleException e2) {
            Trace.out("RoleException: " + e2.getMessage());
            throw new OperationException(e2);
        } catch (ClusterUtilException e3) {
            Trace.out("ClusterUtilException: " + e3.getMessage());
            throw new OperationException((Throwable) e3);
        } catch (EntityAlreadyExistsException e4) {
            Trace.out("EntityAlreadyExistsException: " + e4.getMessage());
            throw new OperationException(e4);
        } catch (EntityNotExistsException e5) {
            Trace.out("EntityNotExistsException: " + e5.getMessage());
            throw new OperationException(e5);
        } catch (OSUserException e6) {
            Trace.out("OSUserException: " + e6.getMessage());
            throw new OperationException(e6);
        } catch (RepositoryException e7) {
            Trace.out("RepositoryException: " + e7.getMessage());
            throw new OperationException(e7);
        } catch (SiteException e8) {
            Trace.out("SiteException: " + e8.getMessage());
            throw new OperationException(e8);
        } catch (UtilException e9) {
            Trace.out("UtilException: " + e9.getMessage());
            throw new OperationException((Throwable) e9);
        }
    }

    private Map<String, List<String>> parseMapRoles(String str, boolean z, String str2) throws EntityNotExistsException, OSUserException, RepositoryException, RoleException {
        Trace.out("maproles: " + str);
        HashMap hashMap = new HashMap();
        String[] split = str.split(GHConstants.COMMA);
        RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
        OSUserFactory oSUserFactory = OSUserFactory.getInstance(this.m_repository);
        for (String str3 : split) {
            String[] split2 = str3.split("=");
            if (split2.length == 1) {
                return null;
            }
            String[] split3 = split2[1].split("\\+");
            roleFactory.fetchRole(split2[0]);
            for (String str4 : split3) {
                String clientID = getClientID(str4, str2);
                if (z) {
                    oSUserFactory.fetchUser(clientID);
                }
                if (!hashMap.containsKey(clientID)) {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(split2[0]);
                    hashMap.put(clientID, arrayList);
                } else if (!((List) hashMap.get(clientID)).contains(split2[0])) {
                    ((List) hashMap.get(clientID)).add(split2[0]);
                }
            }
        }
        Trace.out("result: " + hashMap);
        return hashMap;
    }

    private List<String> getRoleNames(String str) throws EntityNotExistsException, OSUserException, RepositoryException {
        List<Role> roles = OSUserFactory.getInstance(this.m_repository).fetchUser(str).getRoles();
        ArrayList arrayList = new ArrayList();
        Iterator<Role> it = roles.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getRoleName());
        }
        return arrayList;
    }

    @Override // oracle.gridhome.operation.RoleOperation
    public String revoke() throws OperationException {
        String str = null;
        try {
            try {
                preOp();
                str = internalRevoke();
                return postOp(str);
            } catch (OperationException e) {
                Trace.out("OperationException: " + e.getMessage());
                str = GridHomeActionResult.genExceptionOutput(new String[]{e.getMessage()});
                throw e;
            }
        } catch (Throwable th) {
            postOp(str);
            throw th;
        }
    }

    private String internalRevoke() throws OperationException {
        Trace.out("running 'revoke role' operation");
        return this.m_containerType == GHOperationCommonImpl.ContainerType.GHC ? invokeRHPS(ServerProxy.ServerMethod.REVOKE_ROLE) : revokeInternalRHPS();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String revokeInternalRHPS() throws OperationException {
        validateContainer(GHOperationCommonImpl.ContainerType.GHS, "ROI_revokeInternalRHPS-01");
        try {
            String paramValue = getParamValue(InternalParameter.USERNAME.toString());
            String paramValue2 = getParamValue(InternalParameter.CLUSTERNAME.toString());
            if (!new OperationAccess(this.m_repository).allowOperation(OperationAccess.OperationType.REVOKE_ROLE, paramValue, paramValue2, getArgumentsMap())) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_PRIV_REVOKEROLE, true, new Object[]{paramValue}));
            }
            String argValue = getArgValue(GridHomeOption.ROLE.toString());
            String argValue2 = getArgValue(GridHomeOption.CLIENT.toString());
            if (argValue != null) {
                Role fetchRole = RoleFactory.getInstance(this.m_repository).fetchRole(argValue);
                String argValue3 = getArgValue(GridHomeOption.USER.toString());
                if (argValue3 != null) {
                    return argValue2 == null ? revokeRoleFromUser(fetchRole, argValue3, paramValue2, paramValue, paramValue2) : revokeRoleFromUser(fetchRole, argValue3, argValue2, paramValue, paramValue2);
                }
                String argValue4 = getArgValue(GridHomeOption.GRANTEE.toString());
                if (argValue4 != null) {
                    return revokeRoleFromRole(fetchRole, argValue4, paramValue, paramValue2);
                }
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.INVALID_REVOKEROLE_OPTION, true));
            }
            String argValue5 = getArgValue(GridHomeOption.MAPROLES.toString());
            String clientID = getClientID(paramValue, paramValue2);
            if (argValue2 == null) {
                return mapRoles(argValue5, false, paramValue2, clientID);
            }
            Trace.out("checking existence of client " + argValue2);
            SiteFactory.getInstance(this.m_repository).fetchSite(argValue2);
            Trace.out("site already exists");
            return mapRoles(argValue5, false, argValue2, clientID);
        } catch (EntityNotExistsException e) {
            Trace.out("EntityNotExistsException: " + e.getMessage());
            throw new OperationException(e);
        } catch (OSUserException e2) {
            Trace.out("OSUserException: " + e2.getMessage());
            throw new OperationException(e2);
        } catch (RoleException e3) {
            Trace.out("RoleException: " + e3.getMessage());
            throw new OperationException(e3);
        } catch (UtilException e4) {
            Trace.out("UtilException: " + e4.getMessage());
            throw new OperationException((Throwable) e4);
        } catch (SiteException e5) {
            Trace.out("SiteException: " + e5.getMessage());
            throw new OperationException(e5);
        } catch (ClusterUtilException e6) {
            Trace.out("ClusterUtilException: " + e6.getMessage());
            throw new OperationException((Throwable) e6);
        } catch (RepositoryException e7) {
            Trace.out("RepositoryException: " + e7.getMessage());
            throw new OperationException(e7);
        }
    }

    private String revokeRoleFromUser(Role role, String str, String str2, String str3, String str4) throws ClusterUtilException, EntityNotExistsException, OperationException, OSUserException, RepositoryException, RoleException, SiteException, UtilException {
        SiteFactory.getInstance(this.m_repository).fetchSite(str2);
        Trace.out("site already exists");
        OSUserFactory oSUserFactory = OSUserFactory.getInstance(this.m_repository);
        String clientID = getClientID(str, str2);
        try {
            OSUser fetchUser = oSUserFactory.fetchUser(clientID);
            Trace.out("user already exists");
            validateUserRole(role, false, str, str2, str3, str4);
            List<Role> roles = fetchUser.getRoles();
            if (!roles.contains(role)) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.USER_REVOKE_ROLE_FAILED, true, new Object[]{role.getRoleName(), clientID}));
            }
            roles.remove(role);
            fetchUser.setRoles(roles);
            oSUserFactory.updateUser(fetchUser);
            return GridHomeActionResult.genSuccessOutput(new String[0]);
        } catch (EntityNotExistsException e) {
            Trace.out("EntityNotExistsException: " + e.getMessage());
            throw new OperationException(e);
        }
    }

    private String revokeRoleFromRole(Role role, String str, String str2, String str3) throws EntityNotExistsException, OperationException, OSUserException, RepositoryException, RoleException {
        RoleFactory roleFactory = RoleFactory.getInstance(this.m_repository);
        Role fetchRole = roleFactory.fetchRole(str);
        String roleName = role.getRoleName();
        try {
            BuiltInRoles.getEnumMember(str);
            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_BUILTIN_ROLE, true, new Object[]{roleName, str}));
        } catch (EnumConstantNotPresentException e) {
            Trace.out("grantee " + str + " is not a built-in role");
            try {
                BuiltInRoles enumMember = BuiltInRoles.getEnumMember(roleName);
                if (enumMember == BuiltInRoles.GH_SA || enumMember == BuiltInRoles.GH_CA) {
                    List<Role> roles = OSUserFactory.getInstance(this.m_repository).fetchUser(getClientID(str2, str3)).getRoles();
                    if (enumMember != BuiltInRoles.GH_SA) {
                        Role fetchRole2 = roleFactory.fetchRole(BuiltInRoles.GH_SA.toString());
                        if (!roles.contains(role) && !roles.contains(fetchRole2)) {
                            throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_ROLE_GH_CA, true, new Object[]{str, str2, str3}));
                        }
                    } else if (!roles.contains(role)) {
                        throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_ROLE_GH_SA, true, new Object[]{str, str2, str3}));
                    }
                }
            } catch (EnumConstantNotPresentException e2) {
                Trace.out(roleName + " is not a built-in role");
            }
            List<Role> roles2 = fetchRole.getRoles();
            if (!roles2.contains(role)) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.ROLE_REVOKE_ROLE_FAILED, true, new Object[]{roleName, str}));
            }
            if (roles2.size() == 1) {
                throw new OperationException(this.m_msgBndl.getMessage(PrGoMsgID.NO_REVOKE_USER_DEF_ROLE, true, new Object[]{roleName, str}));
            }
            roles2.remove(role);
            fetchRole.setRoles(roles2);
            roleFactory.updateRole(fetchRole);
            return GridHomeActionResult.genSuccessOutput(new String[0]);
        }
    }
}
