package oracle.security.idm.providers.stdldap;

import java.security.Principal;
import java.util.ArrayList;
import java.util.logging.Level;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapContext;
import oracle.security.idm.IMException;
import oracle.security.idm.ObjectNotFoundException;
import oracle.security.idm.Role;
import oracle.security.idm.RoleProfile;
import oracle.security.idm.SearchResponse;
import oracle.security.idm.spi.AbstractRoleManager;

/* loaded from: input_file:oracle/security/idm/providers/stdldap/LDRoleManager.class */
public class LDRoleManager extends AbstractRoleManager {
    protected LDIdentityStore store;
    private String namingAttr = null;
    private ArrayList mandAttrs = null;
    private String[] createbase = null;
    String[] objClassNames = null;
    private static final String classname = "oracle.idm.security.providers.stdldap.LDRoleManager";

    public LDRoleManager(LDIdentityStore lDIdentityStore) throws IMException {
        this.store = null;
        this.store = lDIdentityStore;
    }

    @Override // oracle.security.idm.RoleManager
    public boolean isDropRoleSupported() {
        return true;
    }

    @Override // oracle.security.idm.RoleManager
    public boolean isCreateRoleSupported() {
        return true;
    }

    @Override // oracle.security.idm.RoleManager
    public boolean isModifyRoleSupported() {
        return true;
    }

    @Override // oracle.security.idm.RoleManager
    public Role createRole(String str, int i) throws IMException {
        return createRole(str, i, null);
    }

    public Role createRole(String str, int i, Attributes attributes) throws IMException {
        LdapContext ldapContext = null;
        this.store.factory.logr.entering(classname, "createRole(String, int, Attributes)");
        try {
            ldapContext = this.store.acquireConnection();
            LDRole newRoleInstance = this.store.getNewRoleInstance(this.store.realm.createRole(ldapContext, str, this.store.realm.getConfig().getRoleSelectedCreateBase(), attributes));
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
            this.store.factory.logr.exiting(classname, "createRole(String, int, Attributes)");
            return newRoleInstance;
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            this.store.factory.logr.exiting(classname, "createRole(String, int, Attributes)");
            throw th;
        }
    }

    @Override // oracle.security.idm.RoleManager
    public Role createRole(String str) throws IMException {
        return createRole(str, 0);
    }

    @Override // oracle.security.idm.RoleManager
    public void dropRole(RoleProfile roleProfile) throws IMException {
        dropRole((Role) roleProfile);
    }

    @Override // oracle.security.idm.RoleManager
    public void dropRole(Role role) throws IMException {
        LdapContext ldapContext = null;
        this.store.factory.logr.entering(classname, "dropRole(Role)");
        try {
            ldapContext = this.store.acquireConnection();
            this.store.realm.dropRole(ldapContext, ((LDRole) role).jndirole, true);
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
            this.store.factory.logr.exiting(classname, "dropRole(Role)");
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            this.store.factory.logr.exiting(classname, "dropRole(Role)");
            throw th;
        }
    }

    @Override // oracle.security.idm.RoleManager
    public void grantRole(Role role, Principal principal) throws IMException {
        LdapContext ldapContext = null;
        try {
            ldapContext = this.store.acquireConnection();
            String str = null;
            if (principal instanceof LDUserPrincipal) {
                str = ((LDUserPrincipal) principal).getDN();
            } else if (principal instanceof LDRolePrincipal) {
                str = ((LDRolePrincipal) principal).getDN();
            }
            ((LDRole) role).jndirole.addMember(ldapContext, str);
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.RoleManager
    public void revokeRole(Role role, Principal principal) throws IMException {
        LdapContext ldapContext = null;
        try {
            ldapContext = this.store.acquireConnection();
            String str = null;
            if (principal instanceof LDUserPrincipal) {
                str = ((LDUserPrincipal) principal).getDN();
            } else if (principal instanceof LDRolePrincipal) {
                str = ((LDRolePrincipal) principal).getDN();
            }
            ((LDRole) role).jndirole.dropMember(ldapContext, str);
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.RoleManager
    public SearchResponse getGrantedRoles(Principal principal, boolean z) throws IMException {
        LdapContext ldapContext = null;
        boolean z2 = false;
        try {
            ldapContext = this.store.acquireConnection();
            String str = null;
            if (principal instanceof LDUserPrincipal) {
                str = ((LDUserPrincipal) principal).getDN();
            } else if (principal instanceof LDRolePrincipal) {
                str = ((LDRolePrincipal) principal).getDN();
            }
            String str2 = (String) this.store.getStoreConfiguration().getProperty("USER_GROUP_MEMBER_ATTRS");
            String[] strArr = null;
            if (str2 != null) {
                strArr = new String[]{str2};
            }
            LDSearchResponse lDSearchResponse = new LDSearchResponse(this.store, ldapContext, this.store.realm.getGrantedRoles(ldapContext, str, z, strArr));
            z2 = true;
            if (1 == 0 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
            return lDSearchResponse;
        } catch (Throwable th) {
            if (!z2 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.RoleManager
    public boolean isGranted(Role role, Principal principal) throws IMException {
        boolean z = false;
        LdapContext ldapContext = null;
        String str = null;
        try {
            try {
                ldapContext = this.store.acquireConnection();
                if (principal instanceof LDPrincipal) {
                    str = ((LDPrincipal) principal).getDN();
                }
                z = ((LDRole) role).jndirole.isGranted(ldapContext, str);
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e) {
                    }
                }
                return z;
            } catch (ObjectNotFoundException e2) {
                this.store.factory.logr.logp(Level.FINEST, classname, "isOwnedBy()", "Exception occured while checking -- whether the role " + role.getUniqueName() + " is granted to the princpial : " + str + "\t" + e2);
                boolean z2 = z;
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e3) {
                    }
                }
                return z2;
            }
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e4) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.spi.AbstractRoleManager, oracle.security.idm.RoleManager
    public SearchResponse getOwnedRoles(Principal principal, boolean z) throws IMException {
        LdapContext ldapContext = null;
        boolean z2 = false;
        try {
            ldapContext = this.store.acquireConnection();
            String str = null;
            if (principal instanceof LDPrincipal) {
                str = ((LDPrincipal) principal).getDN();
            }
            LDSearchResponse lDSearchResponse = new LDSearchResponse(this.store, ldapContext, this.store.realm.getOwnedRoles(ldapContext, str, z));
            z2 = true;
            if (1 == 0 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
            return lDSearchResponse;
        } catch (Throwable th) {
            if (!z2 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.spi.AbstractRoleManager, oracle.security.idm.RoleManager
    public SearchResponse getManagedRoles(Principal principal, boolean z) throws IMException {
        LdapContext ldapContext = null;
        boolean z2 = false;
        try {
            ldapContext = this.store.acquireConnection();
            String str = null;
            if (principal instanceof LDPrincipal) {
                str = ((LDPrincipal) principal).getDN();
            }
            LDSearchResponse lDSearchResponse = new LDSearchResponse(this.store, ldapContext, this.store.realm.getManagedRoles(ldapContext, str, z));
            z2 = true;
            if (1 == 0 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e) {
                }
            }
            return lDSearchResponse;
        } catch (Throwable th) {
            if (!z2 && ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.spi.AbstractRoleManager, oracle.security.idm.RoleManager
    public boolean isOwnedBy(Role role, Principal principal) throws IMException {
        boolean z = false;
        LdapContext ldapContext = null;
        String str = null;
        try {
            try {
                ldapContext = this.store.acquireConnection();
                if (principal instanceof LDPrincipal) {
                    str = ((LDPrincipal) principal).getDN();
                }
                z = ((LDRole) role).jndirole.isOwnedBy(ldapContext, str);
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e) {
                    }
                }
                return z;
            } catch (ObjectNotFoundException e2) {
                this.store.factory.logr.logp(Level.FINEST, classname, "isOwnedBy()", "Exception occured while checking -- whether the role " + role.getUniqueName() + " is owned by the princpial : " + str + "\t" + e2);
                boolean z2 = z;
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e3) {
                    }
                }
                return z2;
            }
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e4) {
                }
            }
            throw th;
        }
    }

    @Override // oracle.security.idm.spi.AbstractRoleManager, oracle.security.idm.RoleManager
    public boolean isManagedBy(Role role, Principal principal) throws IMException {
        boolean z = false;
        LdapContext ldapContext = null;
        String str = null;
        try {
            try {
                ldapContext = this.store.acquireConnection();
                if (principal instanceof LDPrincipal) {
                    str = ((LDPrincipal) principal).getDN();
                }
                z = ((LDRole) role).jndirole.isManagedBy(ldapContext, str);
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e) {
                    }
                }
                return z;
            } catch (ObjectNotFoundException e2) {
                this.store.factory.logr.logp(Level.FINEST, classname, "isManagedBy()", "Exception occured while checking -- whether the role " + role.getUniqueName() + " is managed by the princpial : " + str + "\t" + e2);
                boolean z2 = z;
                if (ldapContext != null) {
                    try {
                        this.store.releaseConnection(ldapContext);
                    } catch (IMException e3) {
                    }
                }
                return z2;
            }
        } catch (Throwable th) {
            if (ldapContext != null) {
                try {
                    this.store.releaseConnection(ldapContext);
                } catch (IMException e4) {
                }
            }
            throw th;
        }
    }
}
