package com.metamatrix.admin.server;

import com.metamatrix.admin.api.exception.AdminComponentException;
import com.metamatrix.admin.api.exception.AdminException;
import com.metamatrix.admin.api.exception.AdminProcessingException;
import com.metamatrix.admin.api.exception.security.InvalidSessionException;
import com.metamatrix.admin.api.exception.security.MetaMatrixSecurityException;
import com.metamatrix.admin.api.objects.AdminOptions;
import com.metamatrix.admin.api.server.AdminRoles;
import com.metamatrix.admin.api.server.ServerSecurityAdmin;
import com.metamatrix.admin.objects.MMGroup;
import com.metamatrix.admin.objects.MMRole;
import com.metamatrix.api.exception.security.AuthorizationException;
import com.metamatrix.api.exception.security.AuthorizationMgmtException;
import com.metamatrix.common.jdbc.JDBCReservedWords;
import com.metamatrix.platform.registry.ClusteredRegistryState;
import com.metamatrix.platform.security.api.AuthorizationObjectEditor;
import com.metamatrix.platform.security.api.AuthorizationPolicyID;
import com.metamatrix.platform.security.api.MetaMatrixPrincipalName;
import com.metamatrix.platform.security.api.SessionToken;
import com.metamatrix.platform.security.util.RolePermissionFactory;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: input_file:com/metamatrix/admin/server/ServerSecurityAdminImpl.class */
public class ServerSecurityAdminImpl extends AbstractAdminImpl implements ServerSecurityAdmin {
    public ServerSecurityAdminImpl(ServerAdminImpl serverAdminImpl, ClusteredRegistryState clusteredRegistryState) {
        super(serverAdminImpl, clusteredRegistryState);
    }

    public void assignRoleToGroup(String str, String str2) throws AdminException {
        if (!AdminRoles.containsRole(str)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Non_existant_role", new Object[]{str}));
        }
        if (str2.equals(JDBCReservedWords.ALL_COLS)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Cant_use_wildcard"));
        }
        SessionToken validateSession = validateSession();
        AuthorizationObjectEditor authorizationObjectEditor = new AuthorizationObjectEditor();
        try {
            authorizationObjectEditor.addPrincipal(getAuthorizationServiceProxy().getPolicy(validateSession, new AuthorizationPolicyID(str, (String) null, RolePermissionFactory.getRealm())), new MetaMatrixPrincipalName(str2, 1));
            executeAuthorizationActions(authorizationObjectEditor);
        } catch (AuthorizationException e) {
            throw new AdminComponentException(e);
        } catch (AuthorizationMgmtException e2) {
            throw new AdminComponentException(e2);
        } catch (InvalidSessionException e3) {
            throw new AdminComponentException(e3);
        }
    }

    public void removeRoleFromGroup(String str, String str2) throws AdminException {
        if (!AdminRoles.containsRole(str)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Non_existant_role", new Object[]{str}));
        }
        if (str2.equals(JDBCReservedWords.ALL_COLS)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Cant_use_wildcard"));
        }
        SessionToken validateSession = validateSession();
        AuthorizationObjectEditor authorizationObjectEditor = new AuthorizationObjectEditor();
        try {
            authorizationObjectEditor.removePrincipal(getAuthorizationServiceProxy().getPolicy(validateSession, new AuthorizationPolicyID(str, (String) null, RolePermissionFactory.getRealm())), new MetaMatrixPrincipalName(str2, 1));
            executeAuthorizationActions(authorizationObjectEditor);
        } catch (AuthorizationException e) {
            throw new AdminComponentException(e);
        } catch (AuthorizationMgmtException e2) {
            throw new AdminComponentException(e2);
        } catch (InvalidSessionException e3) {
            throw new AdminComponentException(e3);
        }
    }

    private void executeAuthorizationActions(AuthorizationObjectEditor authorizationObjectEditor) throws AdminException {
        try {
            getAuthorizationServiceProxy().executeTransaction(validateSession(), authorizationObjectEditor.getDestination().popActions());
        } catch (AuthorizationException e) {
            throw new AdminComponentException(e);
        } catch (InvalidSessionException e2) {
            throw new AdminComponentException(e2);
        } catch (AuthorizationMgmtException e3) {
            throw new AdminComponentException(e3);
        }
    }

    public Collection getRolesForUser(String str) throws AdminException {
        if (str.equals(JDBCReservedWords.ALL_COLS)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Cant_use_wildcard"));
        }
        try {
            Collection roleNamesForPrincipal = getAuthorizationServiceProxy().getRoleNamesForPrincipal(validateSession(), new MetaMatrixPrincipalName(str, 0));
            ArrayList arrayList = new ArrayList();
            Iterator it = roleNamesForPrincipal.iterator();
            while (it.hasNext()) {
                arrayList.add(new MMRole(new String[]{(String) it.next()}));
            }
            return arrayList;
        } catch (AuthorizationException e) {
            throw new AdminComponentException(e);
        } catch (AuthorizationMgmtException e2) {
            throw new AdminComponentException(e2);
        } catch (InvalidSessionException e3) {
            throw new AdminComponentException(e3);
        }
    }

    public Collection getGroupsForUser(String str) throws AdminException {
        if (str == null) {
            throwProcessingException("AdminImpl.requiredparameter", new Object[0]);
        }
        if (str.equals(JDBCReservedWords.ALL_COLS)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Cant_use_wildcard"));
        }
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = getMembershipServiceProxy().getGroupsForUser(str).iterator();
            while (it.hasNext()) {
                arrayList.add(new MMGroup(new String[]{(String) it.next()}));
            }
            return arrayList;
        } catch (MetaMatrixSecurityException e) {
            throw new AdminComponentException(e);
        }
    }

    public Collection getGroups(String str) throws AdminException {
        if (str == null) {
            throwProcessingException("AdminImpl.requiredparameter", new Object[0]);
        }
        ArrayList arrayList = new ArrayList();
        try {
            for (String str2 : getMembershipServiceProxy().getGroupNames()) {
                if (str.equals(JDBCReservedWords.ALL_COLS) || str2.equals(str)) {
                    arrayList.add(new MMGroup(new String[]{str2}));
                }
            }
            return arrayList;
        } catch (MetaMatrixSecurityException e) {
            throw new AdminComponentException(e);
        }
    }

    public Collection getRolesForGroup(String str) throws AdminException {
        if (str == null) {
            throwProcessingException("AdminImpl.requiredparameter", new Object[0]);
        }
        if (str.equals(JDBCReservedWords.ALL_COLS)) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.Cant_use_wildcard"));
        }
        try {
            Collection roleNamesForPrincipal = getAuthorizationServiceProxy().getRoleNamesForPrincipal(validateSession(), new MetaMatrixPrincipalName(str, 1));
            ArrayList arrayList = new ArrayList();
            Iterator it = roleNamesForPrincipal.iterator();
            while (it.hasNext()) {
                arrayList.add(new MMRole(new String[]{(String) it.next()}));
            }
            return arrayList;
        } catch (InvalidSessionException e) {
            throw new AdminComponentException(e);
        } catch (AuthorizationException e2) {
            throw new AdminComponentException(e2);
        } catch (AuthorizationMgmtException e3) {
            throw new AdminComponentException(e3);
        }
    }

    @Override // com.metamatrix.admin.server.AbstractAdminImpl
    public String importDataRoles(String str, String str2, char[] cArr, AdminOptions adminOptions) throws AdminException {
        if (str == null) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.vdbName_can_not_be_null"));
        }
        if (str2 == null) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.vdbVersion_can_not_be_null"));
        }
        if (adminOptions == null) {
            adminOptions = new AdminOptions(2);
        }
        return super.importDataRoles(str, str2, cArr, adminOptions);
    }

    @Override // com.metamatrix.admin.server.AbstractAdminImpl
    public char[] exportDataRoles(String str, String str2) throws AdminException {
        if (str == null) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.vdbName_can_not_be_null"));
        }
        if (str2 == null) {
            throw new AdminProcessingException(AdminServerPlugin.Util.getString("ServerSecurityAdminImpl.vdbVersion_can_not_be_null"));
        }
        return super.exportDataRoles(str, str2);
    }
}
