package org.apache.archiva.redback.rbac.ldap;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.apache.archiva.redback.common.ldap.MappingException;
import org.apache.archiva.redback.common.ldap.connection.LdapConnection;
import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory;
import org.apache.archiva.redback.common.ldap.connection.LdapException;
import org.apache.archiva.redback.common.ldap.role.LdapRoleMapper;
import org.apache.archiva.redback.common.ldap.role.LdapRoleMapperConfiguration;
import org.apache.archiva.redback.components.cache.Cache;
import org.apache.archiva.redback.configuration.UserConfiguration;
import org.apache.archiva.redback.configuration.UserConfigurationKeys;
import org.apache.archiva.redback.rbac.AbstractRBACManager;
import org.apache.archiva.redback.rbac.AbstractRole;
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RBACManagerListener;
import org.apache.archiva.redback.rbac.RBACObjectAssertions;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.apache.archiva.redback.rbac.RbacPermanentException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserManagerException;
import org.apache.archiva.redback.users.ldap.ctl.LdapController;
import org.apache.archiva.redback.users.ldap.ctl.LdapControllerException;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("rbacManager#ldap")
/* loaded from: input_file:WEB-INF/lib/redback-rbac-ldap-2.6.jar:org/apache/archiva/redback/rbac/ldap/LdapRbacManager.class */
public class LdapRbacManager extends AbstractRBACManager implements RBACManager, RBACManagerListener {

    @Inject
    @Named("rbacManager#cached")
    private RBACManager rbacImpl;

    @Inject
    @Named("ldapRoleMapper#default")
    private LdapRoleMapper ldapRoleMapper;

    @Inject
    @Named("userConfiguration#default")
    private UserConfiguration userConf;

    @Inject
    @Named("userManager#ldap")
    private UserManager userManager;

    @Inject
    private LdapConnectionFactory ldapConnectionFactory;

    @Inject
    private LdapController ldapController;

    @Inject
    @Named("ldapRoleMapperConfiguration#default")
    private LdapRoleMapperConfiguration ldapRoleMapperConfiguration;

    @Inject
    @Named("cache#ldapRoles")
    private Cache<String, Role> rolesCache;

    @Inject
    @Named("cache#userAssignments")
    private Cache<String, UserAssignment> userAssignmentsCache;
    private Logger log = LoggerFactory.getLogger(getClass());
    private boolean writableLdap = false;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/redback-rbac-ldap-2.6.jar:org/apache/archiva/redback/rbac/ldap/LdapRbacManager$RoleImpl.class */
    public static class RoleImpl extends AbstractRole {
        private String name;
        private String description;
        private List<Permission> permissions;
        private List<String> childRoleNames;

        private RoleImpl(String str) {
            this.permissions = new ArrayList();
            this.childRoleNames = new ArrayList();
            this.name = str;
        }

        private RoleImpl(String str, List<Permission> list) {
            this.permissions = new ArrayList();
            this.childRoleNames = new ArrayList();
            this.name = str;
            this.permissions = list;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void addPermission(Permission permission) {
            this.permissions.add(permission);
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void addChildRoleName(String str) {
            this.childRoleNames.add(str);
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public List<String> getChildRoleNames() {
            return this.childRoleNames;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public String getDescription() {
            return this.description;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public String getName() {
            return this.name;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public List<Permission> getPermissions() {
            return this.permissions;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public boolean isAssignable() {
            return true;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void removePermission(Permission permission) {
            this.permissions.remove(permission);
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setAssignable(boolean z) {
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setChildRoleNames(List<String> list) {
            this.childRoleNames = list;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setDescription(String str) {
            this.description = str;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setName(String str) {
            this.name = str;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setPermissions(List<Permission> list) {
            this.permissions = list;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public boolean isPermanent() {
            return true;
        }

        @Override // org.apache.archiva.redback.rbac.Role
        public void setPermanent(boolean z) {
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("RoleImpl");
            sb.append("{name='").append(this.name).append('\'');
            sb.append('}');
            return sb.toString();
        }

        @Override // org.apache.archiva.redback.rbac.AbstractRole
        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            RoleImpl roleImpl = (RoleImpl) obj;
            return this.name != null ? this.name.equals(roleImpl.name) : roleImpl.name == null;
        }

        public int hashCode() {
            if (this.name != null) {
                return this.name.hashCode();
            }
            return 0;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/redback-rbac-ldap-2.6.jar:org/apache/archiva/redback/rbac/ldap/LdapRbacManager$UserAssignmentImpl.class */
    private static class UserAssignmentImpl implements UserAssignment {
        private String username;
        private List<String> roleNames;
        private boolean permanent;

        private UserAssignmentImpl(String str, Collection<String> collection) {
            this.username = str;
            if (collection == null) {
                this.roleNames = new ArrayList();
            } else {
                this.roleNames = new ArrayList(collection);
            }
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public String getPrincipal() {
            return this.username;
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public List<String> getRoleNames() {
            return this.roleNames;
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void addRoleName(Role role) {
            if (role == null) {
                return;
            }
            this.roleNames.add(role.getName());
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void addRoleName(String str) {
            if (str == null) {
                return;
            }
            this.roleNames.add(str);
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void removeRoleName(Role role) {
            if (role == null) {
                return;
            }
            this.roleNames.remove(role.getName());
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void removeRoleName(String str) {
            if (str == null) {
                return;
            }
            this.roleNames.remove(str);
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void setPrincipal(String str) {
            this.username = str;
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void setRoleNames(List<String> list) {
            this.roleNames = list;
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public boolean isPermanent() {
            return this.permanent;
        }

        @Override // org.apache.archiva.redback.rbac.UserAssignment
        public void setPermanent(boolean z) {
            this.permanent = z;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("UserAssignmentImpl");
            sb.append("{username='").append(this.username).append('\'');
            sb.append(", roleNames=").append(this.roleNames);
            sb.append(", permanent=").append(this.permanent);
            sb.append('}');
            return sb.toString();
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    @PostConstruct
    public void initialize() {
        this.writableLdap = this.userConf.getBoolean(UserConfigurationKeys.LDAP_WRITABLE, this.writableLdap);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void addChildRole(Role role, Role role2) throws RbacObjectInvalidException, RbacManagerException {
        this.rbacImpl.addChildRole(role, role2);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void addListener(RBACManagerListener rBACManagerListener) {
        super.addListener(rBACManagerListener);
        this.rbacImpl.addListener(rBACManagerListener);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Operation createOperation(String str) throws RbacManagerException {
        return this.rbacImpl.createOperation(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Permission createPermission(String str) throws RbacManagerException {
        return this.rbacImpl.createPermission(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Permission createPermission(String str, String str2, String str3) throws RbacManagerException {
        return this.rbacImpl.createPermission(str, str2, str3);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Resource createResource(String str) throws RbacManagerException {
        return this.rbacImpl.createResource(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Role createRole(String str) {
        return this.rbacImpl.createRole(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public UserAssignment createUserAssignment(String str) throws RbacManagerException {
        return this.rbacImpl.createUserAssignment(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void eraseDatabase() {
        if (this.writableLdap) {
            LdapConnection ldapConnection = null;
            DirContext dirContext = null;
            try {
                try {
                    ldapConnection = this.ldapConnectionFactory.getConnection();
                    dirContext = ldapConnection.getDirContext();
                    this.ldapRoleMapper.removeAllRoles(dirContext);
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                } catch (MappingException e) {
                    this.log.warn("skip error removing all roles {}", e.getMessage());
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                } catch (LdapException e2) {
                    this.log.warn("skip error removing all roles {}", e2.getMessage());
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                }
            } catch (Throwable th) {
                closeContext(dirContext);
                closeLdapConnection(ldapConnection);
                throw th;
            }
        }
        this.rolesCache.clear();
        this.userAssignmentsCache.clear();
        this.rbacImpl.eraseDatabase();
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public List<Role> getAllAssignableRoles() throws RbacManagerException {
        try {
            Collection<Collection<String>> values = this.ldapRoleMapperConfiguration.getLdapGroupMappings().values();
            HashSet hashSet = new HashSet();
            Iterator<Collection<String>> it = values.iterator();
            while (it.hasNext()) {
                Iterator<String> it2 = it.next().iterator();
                while (it2.hasNext()) {
                    hashSet.add(new RoleImpl(it2.next()));
                }
            }
            return new ArrayList(hashSet);
        } catch (MappingException e) {
            throw new RbacManagerException(e.getMessage(), e);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<Operation> getAllOperations() throws RbacManagerException {
        return this.rbacImpl.getAllOperations();
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<Permission> getAllPermissions() throws RbacManagerException {
        return this.rbacImpl.getAllPermissions();
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<Resource> getAllResources() throws RbacManagerException {
        return this.rbacImpl.getAllResources();
    }

    /* JADX WARN: Type inference failed for: r8v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<Role> getAllRoles() throws RbacManagerException {
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                try {
                    ldapConnection = this.ldapConnectionFactory.getConnection();
                    dirContext = ldapConnection.getDirContext();
                    List<Role> mapToRoles = mapToRoles(this.ldapRoleMapper.getAllGroups(dirContext));
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                    return mapToRoles;
                } catch (MappingException e) {
                    throw new RbacManagerException(e.getMessage(), e);
                }
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX WARN: Type inference failed for: r9v1, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<UserAssignment> getAllUserAssignments() throws RbacManagerException {
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                ldapConnection = this.ldapConnectionFactory.getConnection();
                dirContext = ldapConnection.getDirContext();
                Map<String, Collection<String>> findUsersWithRoles = this.ldapController.findUsersWithRoles(dirContext);
                ArrayList arrayList = new ArrayList(findUsersWithRoles.size());
                for (Map.Entry<String, Collection<String>> entry : findUsersWithRoles.entrySet()) {
                    UserAssignmentImpl userAssignmentImpl = new UserAssignmentImpl(entry.getKey(), entry.getValue());
                    arrayList.add(userAssignmentImpl);
                    this.userAssignmentsCache.put(userAssignmentImpl.getPrincipal(), userAssignmentImpl);
                }
                closeContext(dirContext);
                closeLdapConnection(ldapConnection);
                return arrayList;
            } catch (LdapException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapControllerException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    protected void closeLdapConnection(LdapConnection ldapConnection) {
        if (ldapConnection != null) {
            ldapConnection.close();
        }
    }

    protected void closeContext(DirContext dirContext) {
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (NamingException e) {
                this.log.warn("skip issue closing context: {}", e.getMessage());
            }
        }
    }

    private List<Role> mapToRoles(List<String> list) throws MappingException, RbacManagerException {
        if (list == null || list.isEmpty()) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList(list.size());
        Map<String, Collection<String>> ldapGroupMappings = this.ldapRoleMapperConfiguration.getLdapGroupMappings();
        for (String str : list) {
            Collection<String> collection = ldapGroupMappings.get(str);
            if (collection != null) {
                Iterator<String> it = collection.iterator();
                while (it.hasNext()) {
                    arrayList.add(buildRole(it.next()));
                }
            } else if (this.ldapRoleMapper.isUseDefaultRoleName()) {
                arrayList.add(buildRole(str));
            }
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [org.apache.archiva.redback.rbac.Role] */
    private Role buildRole(String str) throws RbacManagerException {
        RoleImpl roleImpl = null;
        try {
            roleImpl = this.rbacImpl.getRole(str);
        } catch (RbacObjectNotFoundException e) {
        }
        RoleImpl roleImpl2 = roleImpl == null ? new RoleImpl(str) : roleImpl;
        if (roleImpl2 != null) {
            this.rolesCache.put(roleImpl2.getName(), roleImpl2);
        }
        return roleImpl2;
    }

    protected List<String> getRealRoles() throws RbacManagerException {
        List<Role> allRoles = this.rbacImpl.getAllRoles();
        ArrayList arrayList = new ArrayList(allRoles.size());
        Iterator<Role> it = allRoles.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getName());
        }
        return arrayList;
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Collection<Role> getAssignedRoles(String str) throws RbacManagerException {
        try {
            List<String> roles = this.ldapRoleMapper.getRoles(str, this.ldapConnectionFactory.getConnection().getDirContext(), getRealRoles());
            if (roles.isEmpty()) {
                return Collections.emptyList();
            }
            ArrayList arrayList = new ArrayList(roles.size());
            Iterator<String> it = roles.iterator();
            while (it.hasNext()) {
                arrayList.add(this.rbacImpl.getRole(it.next()));
            }
            return arrayList;
        } catch (MappingException e) {
            throw new RbacManagerException(e.getMessage(), e);
        } catch (LdapException e2) {
            throw new RbacManagerException(e2.getMessage(), e2);
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Collection<Role> getAssignedRoles(UserAssignment userAssignment) throws RbacManagerException {
        return getAssignedRoles(userAssignment.getPrincipal());
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Map<String, Role> getChildRoles(Role role) throws RbacManagerException {
        return this.rbacImpl.getChildRoles(role);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Map<String, Role> getParentRoles(Role role) throws RbacManagerException {
        return this.rbacImpl.getParentRoles(role);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Set<Role> getEffectiveRoles(Role role) throws RbacManagerException {
        return this.rbacImpl.getEffectiveRoles(role);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Resource getGlobalResource() throws RbacManagerException {
        return this.rbacImpl.getGlobalResource();
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Operation getOperation(String str) throws RbacManagerException {
        return this.rbacImpl.getOperation(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Permission getPermission(String str) throws RbacManagerException {
        return this.rbacImpl.getPermission(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Resource getResource(String str) throws RbacManagerException {
        return this.rbacImpl.getResource(str);
    }

    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Role getRole(String str) throws RbacManagerException {
        Role role = this.rolesCache.get(str);
        if (role != null) {
            return role;
        }
        try {
            if (!this.ldapRoleMapper.hasRole(this.ldapConnectionFactory.getConnection().getDirContext(), str)) {
                return null;
            }
            Role role2 = this.rbacImpl.getRole(str);
            Role roleImpl = role2 == null ? new RoleImpl(str) : role2;
            this.rolesCache.put(str, roleImpl);
            return roleImpl;
        } catch (MappingException e) {
            throw new RbacManagerException(e.getMessage(), e);
        } catch (LdapException e2) {
            throw new RbacManagerException(e2.getMessage(), e2);
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Map<String, Role> getRoles(Collection<String> collection) throws RbacManagerException {
        return this.rbacImpl.getRoles(collection);
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public Collection<Role> getUnassignedRoles(String str) throws RbacManagerException {
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                ldapConnection = this.ldapConnectionFactory.getConnection();
                dirContext = ldapConnection.getDirContext();
                List<String> allRoles = this.ldapRoleMapper.getAllRoles(dirContext);
                List<String> roles = this.ldapRoleMapper.getRoles(str, dirContext, getRealRoles());
                ArrayList arrayList = new ArrayList();
                for (String str2 : allRoles) {
                    if (!roles.contains(str2)) {
                        arrayList.add(this.rbacImpl.getRole(str2));
                    }
                }
                closeContext(dirContext);
                closeLdapConnection(ldapConnection);
                return arrayList;
            } catch (MappingException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX WARN: Type inference failed for: r11v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public UserAssignment getUserAssignment(String str) throws RbacManagerException {
        UserAssignment userAssignment = this.userAssignmentsCache.get(str);
        if (userAssignment != null) {
            return userAssignment;
        }
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                ldapConnection = this.ldapConnectionFactory.getConnection();
                dirContext = ldapConnection.getDirContext();
                UserAssignmentImpl userAssignmentImpl = new UserAssignmentImpl(str, this.ldapRoleMapper.getRoles(str, dirContext, getRealRoles()));
                this.userAssignmentsCache.put(str, userAssignmentImpl);
                closeContext(dirContext);
                closeLdapConnection(ldapConnection);
                return userAssignmentImpl;
            } catch (MappingException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public List<UserAssignment> getUserAssignmentsForRoles(Collection<String> collection) throws RbacManagerException {
        return this.rbacImpl.getUserAssignmentsForRoles(collection);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean operationExists(Operation operation) {
        return this.rbacImpl.operationExists(operation);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean operationExists(String str) {
        return this.rbacImpl.operationExists(str);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean permissionExists(Permission permission) {
        return this.rbacImpl.permissionExists(permission);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean permissionExists(String str) {
        return this.rbacImpl.permissionExists(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacInit(boolean z) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacInit(z);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacPermissionRemoved(Permission permission) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacPermissionRemoved(permission);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacPermissionSaved(Permission permission) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacPermissionSaved(permission);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacRoleRemoved(Role role) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacRoleRemoved(role);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacRoleSaved(Role role) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacRoleSaved(role);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacUserAssignmentRemoved(UserAssignment userAssignment) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacUserAssignmentRemoved(userAssignment);
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManagerListener
    public void rbacUserAssignmentSaved(UserAssignment userAssignment) {
        if (this.rbacImpl instanceof RBACManagerListener) {
            ((RBACManagerListener) this.rbacImpl).rbacUserAssignmentSaved(userAssignment);
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removeListener(RBACManagerListener rBACManagerListener) {
        this.rbacImpl.removeListener(rBACManagerListener);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void removeOperation(Operation operation) throws RbacManagerException {
        this.rbacImpl.removeOperation(operation);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removeOperation(String str) throws RbacManagerException {
        this.rbacImpl.removeOperation(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void removePermission(Permission permission) throws RbacManagerException {
        this.rbacImpl.removePermission(permission);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removePermission(String str) throws RbacManagerException {
        this.rbacImpl.removePermission(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void removeResource(Resource resource) throws RbacManagerException {
        this.rbacImpl.removeResource(resource);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removeResource(String str) throws RbacManagerException {
        this.rbacImpl.removeResource(str);
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void removeRole(Role role) throws RbacManagerException {
        RBACObjectAssertions.assertValid(role);
        if (role.isPermanent()) {
            throw new RbacPermanentException("Unable to delete permanent role [" + role.getName() + "]");
        }
        this.rolesCache.remove(role.getName());
        if (this.writableLdap) {
            try {
                this.ldapRoleMapper.removeRole(role.getName(), this.ldapConnectionFactory.getConnection().getDirContext());
                fireRbacRoleRemoved(role);
            } catch (MappingException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removeRole(String str) throws RbacManagerException {
        if (str == null) {
            return;
        }
        removeRole(new RoleImpl(str));
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public void removeUserAssignment(String str) throws RbacManagerException {
        this.userAssignmentsCache.remove(str);
        this.rbacImpl.removeUserAssignment(str);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public void removeUserAssignment(UserAssignment userAssignment) throws RbacManagerException {
        if (userAssignment != null) {
            this.userAssignmentsCache.remove(userAssignment.getPrincipal());
        }
        this.rbacImpl.removeUserAssignment(userAssignment);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean resourceExists(Resource resource) {
        return this.rbacImpl.resourceExists(resource);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean resourceExists(String str) {
        return this.rbacImpl.resourceExists(str);
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean roleExists(Role role) throws RbacManagerException {
        if (role == null) {
            return false;
        }
        return roleExists(role.getName());
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean roleExists(String str) throws RbacManagerException {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        if (this.rolesCache.get(str) != null) {
            return true;
        }
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                try {
                    ldapConnection = this.ldapConnectionFactory.getConnection();
                    dirContext = ldapConnection.getDirContext();
                    if (this.rolesCache.hasKey(str)) {
                        closeContext(dirContext);
                        closeLdapConnection(ldapConnection);
                        return true;
                    }
                    boolean hasRole = this.ldapRoleMapper.hasRole(dirContext, str);
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                    return hasRole;
                } catch (MappingException e) {
                    throw new RbacManagerException(e.getMessage(), e);
                }
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Operation saveOperation(Operation operation) throws RbacManagerException {
        return this.rbacImpl.saveOperation(operation);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Permission savePermission(Permission permission) throws RbacManagerException {
        return this.rbacImpl.savePermission(permission);
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public Resource saveResource(Resource resource) throws RbacManagerException {
        return this.rbacImpl.saveResource(resource);
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public synchronized Role saveRole(Role role) throws RbacManagerException {
        if (this.writableLdap) {
            try {
                DirContext dirContext = this.ldapConnectionFactory.getConnection().getDirContext();
                this.ldapRoleMapper.saveRole(role.getName(), dirContext);
                if (!role.getChildRoleNames().isEmpty()) {
                    Iterator<String> it = role.getChildRoleNames().iterator();
                    while (it.hasNext()) {
                        this.ldapRoleMapper.saveRole(it.next(), dirContext);
                    }
                }
                fireRbacRoleSaved(role);
            } catch (MappingException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        }
        Role saveRole = this.rbacImpl.saveRole(role);
        this.rolesCache.put(saveRole.getName(), saveRole);
        return saveRole;
    }

    /* JADX WARN: Type inference failed for: r9v0, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public synchronized void saveRoles(Collection<Role> collection) throws RbacManagerException {
        if (this.writableLdap) {
            try {
                DirContext dirContext = this.ldapConnectionFactory.getConnection().getDirContext();
                for (Role role : collection) {
                    this.ldapRoleMapper.saveRole(role.getName(), dirContext);
                    fireRbacRoleSaved(role);
                }
            } catch (MappingException e) {
                throw new RbacManagerException(e.getMessage(), e);
            } catch (LdapException e2) {
                throw new RbacManagerException(e2.getMessage(), e2);
            }
        }
        this.rbacImpl.saveRoles(collection);
    }

    /* JADX WARN: Type inference failed for: r9v1, types: [java.lang.Throwable, org.apache.archiva.redback.common.ldap.connection.LdapException] */
    @Override // org.apache.archiva.redback.rbac.RBACManager
    public UserAssignment saveUserAssignment(UserAssignment userAssignment) throws RbacManagerException {
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                try {
                    try {
                        if (!this.userManager.userExists(userAssignment.getPrincipal())) {
                            this.userManager.addUser(this.userManager.createUser(userAssignment.getPrincipal(), null, null));
                        }
                        ldapConnection = this.ldapConnectionFactory.getConnection();
                        dirContext = ldapConnection.getDirContext();
                        List<String> allRoles = this.ldapRoleMapper.getAllRoles(dirContext);
                        List<String> roles = this.ldapRoleMapper.getRoles(userAssignment.getPrincipal(), dirContext, getRealRoles());
                        for (String str : userAssignment.getRoleNames()) {
                            if (!roles.contains(str) && this.writableLdap) {
                                if (!allRoles.contains(str)) {
                                    this.ldapRoleMapper.saveRole(str, dirContext);
                                    allRoles.add(str);
                                }
                                this.ldapRoleMapper.saveUserRole(str, userAssignment.getPrincipal(), dirContext);
                                roles.add(str);
                            }
                        }
                        for (String str2 : roles) {
                            if (!userAssignment.getRoleNames().contains(str2) && this.writableLdap) {
                                this.ldapRoleMapper.removeUserRole(str2, userAssignment.getPrincipal(), dirContext);
                            }
                        }
                        this.userAssignmentsCache.put(userAssignment.getPrincipal(), userAssignment);
                        closeContext(dirContext);
                        closeLdapConnection(ldapConnection);
                        return userAssignment;
                    } catch (UserManagerException e) {
                        throw new RbacManagerException(e.getMessage(), e);
                    }
                } catch (LdapException e2) {
                    throw new RbacManagerException(e2.getMessage(), e2);
                }
            } catch (MappingException e3) {
                throw new RbacManagerException(e3.getMessage(), e3);
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean userAssignmentExists(String str) {
        if (this.userAssignmentsCache.hasKey(str)) {
            return true;
        }
        LdapConnection ldapConnection = null;
        DirContext dirContext = null;
        try {
            try {
                try {
                    try {
                        ldapConnection = this.ldapConnectionFactory.getConnection();
                        dirContext = ldapConnection.getDirContext();
                        List<String> roles = this.ldapRoleMapper.getRoles(str, dirContext, getRealRoles());
                        if (roles != null) {
                            if (!roles.isEmpty()) {
                                closeContext(dirContext);
                                closeLdapConnection(ldapConnection);
                                return true;
                            }
                        }
                        closeContext(dirContext);
                        closeLdapConnection(ldapConnection);
                        return false;
                    } catch (RbacManagerException e) {
                        this.log.warn("fail to call userAssignmentExists: {}", e.getMessage());
                        closeContext(dirContext);
                        closeLdapConnection(ldapConnection);
                        return false;
                    }
                } catch (MappingException e2) {
                    this.log.warn("fail to call userAssignmentExists: {}", e2.getMessage());
                    closeContext(dirContext);
                    closeLdapConnection(ldapConnection);
                    return false;
                }
            } catch (LdapException e3) {
                this.log.warn("fail to call userAssignmentExists: {}", e3.getMessage());
                closeContext(dirContext);
                closeLdapConnection(ldapConnection);
                return false;
            }
        } catch (Throwable th) {
            closeContext(dirContext);
            closeLdapConnection(ldapConnection);
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean userAssignmentExists(UserAssignment userAssignment) {
        if (userAssignment == null) {
            return false;
        }
        return userAssignmentExists(userAssignment.getPrincipal());
    }

    public RBACManager getRbacImpl() {
        return this.rbacImpl;
    }

    public void setRbacImpl(RBACManager rBACManager) {
        this.rbacImpl = rBACManager;
    }

    public boolean isWritableLdap() {
        return this.writableLdap;
    }

    public void setWritableLdap(boolean z) {
        this.writableLdap = z;
    }

    public LdapRoleMapper getLdapRoleMapper() {
        return this.ldapRoleMapper;
    }

    public void setLdapRoleMapper(LdapRoleMapper ldapRoleMapper) {
        this.ldapRoleMapper = ldapRoleMapper;
    }

    @Override // org.apache.archiva.redback.rbac.AbstractRBACManager, org.apache.archiva.redback.rbac.RBACManager
    public boolean isFinalImplementation() {
        return true;
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public String getDescriptionKey() {
        return "archiva.redback.rbacmanager.ldap";
    }

    @Override // org.apache.archiva.redback.rbac.RBACManager
    public boolean isReadOnly() {
        return !this.writableLdap;
    }
}
