package org.apache.directory.server.core.authz;

import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.schema.ConcreteNameComponentNormalizer;
import org.apache.directory.shared.ldap.aci.ACIItem;
import org.apache.directory.shared.ldap.aci.ACIItemParser;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.filter.SimpleNode;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/apacheds-core-1.0.2.jar:org/apache/directory/server/core/authz/TupleCache.class */
public class TupleCache {
    private static final String ACI_ATTR = "prescriptiveACI";
    private static final String OC_ATTR = "objectClass";
    private static final String ACSUBENTRY_OC = "accessControlSubentry";
    private static final Logger log;
    private final Hashtable env;
    private final Map tuples = new HashMap();
    private final PartitionNexus nexus;
    private final ACIItemParser aciParser;
    private Map normalizerMap;
    static Class class$org$apache$directory$server$core$authz$TupleCache;

    public TupleCache(DirectoryServiceConfiguration directoryServiceConfiguration) throws NamingException {
        this.normalizerMap = directoryServiceConfiguration.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping();
        this.nexus = directoryServiceConfiguration.getPartitionNexus();
        this.aciParser = new ACIItemParser(new ConcreteNameComponentNormalizer(directoryServiceConfiguration.getGlobalRegistries().getAttributeTypeRegistry(), directoryServiceConfiguration.getGlobalRegistries().getOidRegistry()), this.normalizerMap);
        this.env = (Hashtable) directoryServiceConfiguration.getEnvironment().clone();
        initialize();
    }

    private LdapDN parseNormalized(String str) throws NamingException {
        LdapDN ldapDN = new LdapDN(str);
        ldapDN.normalize(this.normalizerMap);
        return ldapDN;
    }

    private void initialize() throws NamingException {
        Iterator listSuffixes = this.nexus.listSuffixes();
        while (listSuffixes.hasNext()) {
            LdapDN parseNormalized = parseNormalized((String) listSuffixes.next());
            SimpleNode simpleNode = new SimpleNode("objectClass", ACSUBENTRY_OC, 0);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = this.nexus.search(parseNormalized, this.env, simpleNode, searchControls);
            while (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                String name = searchResult.getName();
                if (searchResult.getAttributes().get(ACI_ATTR) == null) {
                    log.warn(new StringBuffer().append("Found accessControlSubentry '").append(name).append("' without any ").append(ACI_ATTR).toString());
                } else {
                    subentryAdded(name, parseNormalized(name), searchResult.getAttributes());
                }
            }
            search.close();
        }
    }

    private boolean hasPrescriptiveACI(Attributes attributes) throws NamingException {
        if (attributes.get(ACI_ATTR) != null) {
            return true;
        }
        if (AttributeUtils.containsValueCaseIgnore(attributes.get("objectClass"), ACSUBENTRY_OC)) {
            throw new LdapSchemaViolationException("", ResultCodeEnum.OBJECTCLASSVIOLATION);
        }
        return false;
    }

    public void subentryAdded(String str, LdapDN ldapDN, Attributes attributes) throws NamingException {
        Attribute attribute = attributes.get(ACI_ATTR);
        if (hasPrescriptiveACI(attributes)) {
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < attribute.size(); i++) {
                ACIItem aCIItem = null;
                try {
                    aCIItem = this.aciParser.parse((String) attribute.get(i));
                    arrayList.addAll(aCIItem.toTuples());
                } catch (ParseException e) {
                    log.error(new StringBuffer().append("ACIItem parser failure on \n'").append(aCIItem).append("'\ndue to syntax error. ").append("Cannnot add ACITuples to TupleCache.\n").append("Check that the syntax of the ACI item is correct. \nUntil this error ").append("is fixed your security settings will not be as expected.").toString(), (Throwable) e);
                }
            }
            this.tuples.put(ldapDN.toNormName(), arrayList);
        }
    }

    public void subentryDeleted(Name name, Attributes attributes) throws NamingException {
        if (hasPrescriptiveACI(attributes)) {
            this.tuples.remove(name.toString());
        }
    }

    public void subentryModified(LdapDN ldapDN, ModificationItemImpl[] modificationItemImplArr, Attributes attributes) throws NamingException {
        if (hasPrescriptiveACI(attributes)) {
            boolean z = false;
            for (ModificationItemImpl modificationItemImpl : modificationItemImplArr) {
                z |= AttributeUtils.containsValueCaseIgnore(modificationItemImpl.getAttribute(), ACI_ATTR);
            }
            if (z) {
                subentryDeleted(ldapDN, attributes);
                subentryAdded(ldapDN.getUpName(), ldapDN, attributes);
            }
        }
    }

    public void subentryModified(LdapDN ldapDN, int i, Attributes attributes, Attributes attributes2) throws NamingException {
        if (hasPrescriptiveACI(attributes2) && attributes.get(ACI_ATTR) != null) {
            subentryDeleted(ldapDN, attributes2);
            subentryAdded(ldapDN.getUpName(), ldapDN, attributes2);
        }
    }

    public List getACITuples(String str) {
        List list = (List) this.tuples.get(str);
        return list == null ? Collections.EMPTY_LIST : Collections.unmodifiableList(list);
    }

    public void subentryRenamed(Name name, Name name2) {
        this.tuples.put(name2.toString(), this.tuples.remove(name.toString()));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$directory$server$core$authz$TupleCache == null) {
            cls = class$("org.apache.directory.server.core.authz.TupleCache");
            class$org$apache$directory$server$core$authz$TupleCache = cls;
        } else {
            cls = class$org$apache$directory$server$core$authz$TupleCache;
        }
        log = LoggerFactory.getLogger(cls);
    }
}
