package org.dataone.cn.ldap;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.dataone.configuration.Settings;
import org.dataone.service.exceptions.ServiceFailure;
import org.dataone.service.types.v1.NodeReference;
import org.dataone.service.types.v1.Service;
import org.dataone.service.types.v1.ServiceMethodRestriction;
import org.dataone.service.types.v1.Subject;
import org.dataone.service.types.v2.Node;

/* loaded from: input_file:org/dataone/cn/ldap/ServiceMethodRestrictionsAccess.class */
public class ServiceMethodRestrictionsAccess extends LDAPService {
    public static Log log = LogFactory.getLog(ServiceMethodRestrictionsAccess.class);
    private static NodeServicesAccess nodeServicesAccess = new NodeServicesAccess();
    public static final String OBJECT_CLASS_ID = "d1ServiceMethodRestriction";
    public static final String SERVICE_METHOD_NAME = "d1ServiceMethodName";
    public static final String SERVICE_ALLOWED_SUBJECT = "d1AllowedSubject";

    public ServiceMethodRestrictionsAccess() {
        setBase(Settings.getConfiguration().getString("nodeRegistry.ldap.base"));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String buildServiceMethodRestrictionDN(NodeReference nodeReference, Service service, ServiceMethodRestriction serviceMethodRestriction) {
        return String.format("%s=%s,%s=%s,cn=%s,dc=dataone,dc=org", SERVICE_METHOD_NAME, serviceMethodRestriction.getMethodName(), NodeServicesAccess.NODE_SERVICE_ID, nodeServicesAccess.buildNodeServiceId(service), nodeReference.getValue());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Boolean deleteServiceMethodRestriction(DirContext dirContext, NodeReference nodeReference, Service service, ServiceMethodRestriction serviceMethodRestriction) {
        return Boolean.valueOf(super.removeEntry(dirContext, buildServiceMethodRestrictionDN(nodeReference, service, serviceMethodRestriction)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<ServiceMethodRestriction> getServiceMethodRestrictionList(DirContext dirContext, String str, String str2) throws ServiceFailure {
        ArrayList arrayList = new ArrayList();
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = dirContext.search(getBase(), String.format("(&(&(objectClass=%s)(%s=%s))(%s=%s))", OBJECT_CLASS_ID, NodeServicesAccess.NODE_SERVICE_ID, str2, NodeAccess.NODE_ID, str), searchControls);
            while (search != null) {
                if (!search.hasMore()) {
                    break;
                }
                SearchResult searchResult = (SearchResult) search.next();
                log.trace("Search result found for: " + searchResult.getNameInNamespace());
                HashMap<String, NamingEnumeration> hashMap = new HashMap<>();
                NamingEnumeration all = searchResult.getAttributes().getAll();
                while (all.hasMore()) {
                    Attribute attribute = (Attribute) all.next();
                    hashMap.put(attribute.getID().toLowerCase(), attribute.getAll());
                }
                arrayList.add(mapServiceMethodRestriction(hashMap));
            }
            return arrayList;
        } catch (CommunicationException e) {
            log.error("LDAP Service is unresponsive " + str, e);
            throw new ServiceFailure("-1", "LDAP Service is unresponsive");
        } catch (Exception e2) {
            log.error("Problem search Nodes for Nodelist", e2);
            throw new ServiceFailure("-1", e2.getMessage());
        }
    }

    protected ServiceMethodRestriction mapServiceMethodRestriction(HashMap<String, NamingEnumeration> hashMap) throws NamingException {
        ServiceMethodRestriction serviceMethodRestriction = new ServiceMethodRestriction();
        serviceMethodRestriction.setMethodName(getEnumerationValueString(hashMap.get(SERVICE_METHOD_NAME.toLowerCase())));
        if (hashMap.containsKey(SERVICE_ALLOWED_SUBJECT.toLowerCase())) {
            List subjectList = serviceMethodRestriction.getSubjectList();
            NamingEnumeration namingEnumeration = hashMap.get(SERVICE_ALLOWED_SUBJECT.toLowerCase());
            while (namingEnumeration.hasMore()) {
                Subject subject = new Subject();
                String str = (String) namingEnumeration.next();
                subject.setValue(str);
                try {
                    subject.setValue(new X500Principal(str).getName("RFC2253"));
                } catch (IllegalArgumentException e) {
                }
                subjectList.add(subject);
            }
        }
        return serviceMethodRestriction;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Attributes mapServiceMethodRestrictionAttributes(Node node, Service service, ServiceMethodRestriction serviceMethodRestriction) {
        BasicAttributes basicAttributes = new BasicAttributes();
        String buildNodeServiceId = nodeServicesAccess.buildNodeServiceId(service);
        basicAttributes.put(new BasicAttribute("objectclass", OBJECT_CLASS_ID));
        basicAttributes.put(new BasicAttribute(NodeServicesAccess.NODE_SERVICE_ID, buildNodeServiceId));
        basicAttributes.put(new BasicAttribute(NodeAccess.NODE_ID, node.getIdentifier().getValue()));
        basicAttributes.put(new BasicAttribute(SERVICE_METHOD_NAME, serviceMethodRestriction.getMethodName()));
        if (serviceMethodRestriction.getSubjectList() != null && !serviceMethodRestriction.getSubjectList().isEmpty()) {
            Iterator it = serviceMethodRestriction.getSubjectList().iterator();
            while (it.hasNext()) {
                basicAttributes.put(new BasicAttribute(SERVICE_ALLOWED_SUBJECT, ((Subject) it.next()).getValue()));
            }
        }
        return basicAttributes;
    }
}
