package org.wso2.carbon.user.mgt;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.registry.core.Collection;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.core.AuthorizationManager;
import org.wso2.carbon.user.core.Permission;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.config.RealmConfiguration;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.user.mgt.bulkimport.BulkImportConfig;
import org.wso2.carbon.user.mgt.bulkimport.CSVUserBulkImport;
import org.wso2.carbon.user.mgt.bulkimport.ExcelUserBulkImport;
import org.wso2.carbon.user.mgt.common.ClaimValue;
import org.wso2.carbon.user.mgt.common.FlaggedName;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.user.mgt.common.UserAdminException;
import org.wso2.carbon.user.mgt.common.UserStoreInfo;
import org.wso2.carbon.user.mgt.permission.ManagementPermissionUtil;

/* loaded from: input_file:org/wso2/carbon/user/mgt/UserRealmProxy.class */
public class UserRealmProxy {
    private static Log log = LogFactory.getLog(UserRealmProxy.class);
    private UserRealm realm;

    public UserRealmProxy(UserRealm userRealm) {
        this.realm = null;
        this.realm = userRealm;
    }

    public String[] listUsers(String str) throws UserAdminException {
        try {
            return this.realm.getUserStoreManager().listUsers(str, -1);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] getAllRolesNames() throws UserAdminException {
        try {
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] roleNames = userStoreManager.getRoleNames();
            String[] hybridRoles = userStoreManager.getHybridRoles();
            Arrays.sort(hybridRoles);
            FlaggedName[] flaggedNameArr = new FlaggedName[roleNames.length];
            for (int i = 0; i < roleNames.length; i++) {
                FlaggedName flaggedName = new FlaggedName();
                flaggedName.setItemName(roleNames[i]);
                flaggedName.setEditable(true);
                if (userStoreManager.isReadOnly() && Arrays.binarySearch(hybridRoles, roleNames[i]) < 0) {
                    flaggedName.setEditable(false);
                }
                flaggedNameArr[i] = flaggedName;
            }
            return flaggedNameArr;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UserStoreInfo getUserStoreInfo() throws UserAdminException {
        try {
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            UserStoreInfo userStoreInfo = new UserStoreInfo();
            userStoreInfo.setReadOnly(realmConfiguration.isReadOnly());
            userStoreInfo.setJsRegEx(realmConfiguration.getUserStoreProperty("PasswordJavaScriptRegEx"));
            HttpSession session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false);
            if (session != null) {
                if (this.realm.getAuthorizationManager().isUserAuthorized((String) session.getAttribute("wso2carbon.admin.username"), "/permission/admin/configure/security", CarbonConstants.UI_PERMISSION_ACTION)) {
                    userStoreInfo.setAdminRole(realmConfiguration.getAdminRoleName());
                    userStoreInfo.setAdminUser(realmConfiguration.getAdminUserName());
                    userStoreInfo.setAnonUser("wso2.anonymous.user");
                    userStoreInfo.setEveryOneRole(realmConfiguration.getEveryOneRoleName());
                    userStoreInfo.setMaxUserListCount(realmConfiguration.getMaxUserListLength());
                }
            }
            return userStoreInfo;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void addUser(String str, String str2, String[] strArr, ClaimValue[] claimValueArr, String str3) throws UserAdminException {
        try {
            checkName(str);
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (strArr != null) {
                boolean z = false;
                String[] strArr2 = new String[strArr.length + 1];
                int i = 0;
                while (true) {
                    if (i >= strArr.length) {
                        break;
                    }
                    strArr2[i] = strArr[i];
                    if (strArr[i].equals(realmConfiguration.getEveryOneRoleName())) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (!z) {
                    strArr2[strArr.length] = realmConfiguration.getEveryOneRoleName();
                    strArr = strArr2;
                }
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            HashMap hashMap = new HashMap();
            if (claimValueArr != null) {
                for (ClaimValue claimValue : claimValueArr) {
                    hashMap.put(claimValue.getClaimURI(), claimValue.getValue());
                }
            }
            userStoreManager.addUser(str, str2, strArr, hashMap, str3, false);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void changePassword(String str, String str2) throws UserAdminException {
        try {
            this.realm.getUserStoreManager().updateCredentialByAdmin(str, str2);
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteUser(String str, Registry registry) throws UserAdminException {
        try {
            this.realm.getUserStoreManager().deleteUser(str);
            String str2 = "/users/" + str;
            if (registry.resourceExists(str2)) {
                registry.delete(str2);
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        } catch (RegistryException e3) {
            String str3 = "Error deleting user from registry, " + e3.getMessage();
            log.error(str3, e3);
            throw new UserAdminException(str3, e3);
        }
    }

    public void addRole(String str, String[] strArr, String[] strArr2) throws UserAdminException {
        try {
            checkName(str);
            this.realm.getUserStoreManager().addRole(str, strArr, (Permission[]) null);
            ManagementPermissionUtil.updateRoleUIPermission(str, strArr2);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteRole(String str) throws UserAdminException {
        try {
            this.realm.getUserStoreManager().deleteRole(str);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] getUsersOfRole(String str, String str2) throws UserAdminException {
        try {
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] listUsers = userStoreManager.listUsers(str2, -1);
            String[] userListOfRole = userStoreManager.getUserListOfRole(str);
            Arrays.sort(userListOfRole);
            FlaggedName[] flaggedNameArr = new FlaggedName[listUsers.length];
            for (int i = 0; i < listUsers.length; i++) {
                FlaggedName flaggedName = new FlaggedName();
                flaggedName.setItemName(listUsers[i]);
                if (Arrays.binarySearch(userListOfRole, listUsers[i]) > -1) {
                    flaggedName.setSelected(true);
                }
                flaggedNameArr[i] = flaggedName;
            }
            return flaggedNameArr;
        } catch (Exception e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void updateUsersOfRole(String str, FlaggedName[] flaggedNameArr) throws UserAdminException {
        try {
            if ("wso2.anonymous.role".equals(str)) {
                log.error("Security Alert! Carbon anonymous role is being manipulated");
                throw new UserStoreException("Invalid data");
            }
            if (this.realm.getRealmConfiguration().getEveryOneRoleName().equals(str)) {
                log.error("Security Alert! Carbon Everyone role is being manipulated");
                throw new UserStoreException("Invalid data");
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] userListOfRole = userStoreManager.getUserListOfRole(str);
            Arrays.sort(userListOfRole);
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            for (FlaggedName flaggedName : flaggedNameArr) {
                boolean isSelected = flaggedName.isSelected();
                String itemName = flaggedName.getItemName();
                if ("wso2.anonymous.user".equals(itemName)) {
                    log.error("Security Alert! Carbon anonymous user is being manipulated");
                    return;
                }
                int binarySearch = Arrays.binarySearch(userListOfRole, itemName);
                if (binarySearch > -1 && !isSelected) {
                    arrayList.add(itemName);
                } else if (binarySearch < 0 && isSelected) {
                    arrayList2.add(itemName);
                }
            }
            userStoreManager.updateUserListOfRole(str, (String[]) arrayList.toArray(new String[arrayList.size()]), (String[]) arrayList2.toArray(new String[arrayList2.size()]));
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] getRolesOfUser(String str) throws UserAdminException {
        try {
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] roleListOfUser = userStoreManager.getRoleListOfUser(str);
            String[] roleNames = userStoreManager.getRoleNames();
            FlaggedName[] flaggedNameArr = new FlaggedName[roleNames.length];
            Arrays.sort(roleListOfUser);
            for (int i = 0; i < roleNames.length; i++) {
                String str2 = roleNames[i];
                FlaggedName flaggedName = new FlaggedName();
                flaggedName.setItemName(str2);
                if (Arrays.binarySearch(roleListOfUser, str2) > -1) {
                    flaggedName.setSelected(true);
                }
                flaggedNameArr[i] = flaggedName;
            }
            return flaggedNameArr;
        } catch (Exception e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void updateRolesOfUser(String str, String[] strArr) throws UserAdminException {
        try {
            if ("wso2.anonymous.user".equals(str)) {
                log.error("Security Alert! Carbon anonymous user is being manipulated");
                throw new UserAdminException("Invalid data");
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] roleListOfUser = userStoreManager.getRoleListOfUser(str);
            Arrays.sort(strArr);
            Arrays.sort(roleListOfUser);
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            for (String str2 : strArr) {
                if (Arrays.binarySearch(roleListOfUser, str2) < 0) {
                    arrayList2.add(str2);
                }
            }
            for (String str3 : roleListOfUser) {
                if (Arrays.binarySearch(strArr, str3) < 0) {
                    if (this.realm.getRealmConfiguration().getEveryOneRoleName().equals(str3)) {
                        log.error("Security Alert! Carbon everyone role is being manipulated");
                        throw new UserAdminException("Invalid data");
                    }
                    arrayList.add(str3);
                }
            }
            userStoreManager.updateRoleListOfUser(str, (String[]) arrayList.toArray(new String[arrayList.size()]), (String[]) arrayList2.toArray(new String[arrayList2.size()]));
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UIPermissionNode getAllUIPermissions(int i, Registry registry) throws UserAdminException {
        Collection collection;
        UIPermissionNode uIPermissionNode;
        try {
            if (i == 0) {
                collection = (Collection) registry.get(UserMgtConstants.UI_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            } else {
                collection = (Collection) registry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            }
            buildUIPermissionNode(collection, uIPermissionNode, registry, null, null, null);
            return uIPermissionNode;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UIPermissionNode getRolePermissions(String str, int i, Registry registry) throws UserAdminException {
        Collection collection;
        UIPermissionNode uIPermissionNode;
        try {
            if (i == 0) {
                collection = (Collection) registry.get(UserMgtConstants.UI_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            } else {
                collection = (Collection) registry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            }
            buildUIPermissionNode(collection, uIPermissionNode, registry, this.realm.getAuthorizationManager(), str, null);
            return uIPermissionNode;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void setRoleUIPermission(String str, String[] strArr) throws UserAdminException {
        try {
            if (this.realm.getRealmConfiguration().getAdminRoleName().equals(str)) {
                log.error("UI permissions of Admin is not allowed to change");
                throw new UserAdminException("UI permissions of Admin is not allowed to change");
            }
            String[] optimizePermissions = UserCoreUtil.optimizePermissions(strArr);
            AuthorizationManager authorizationManager = this.realm.getAuthorizationManager();
            authorizationManager.clearRoleActionOnAllResources(str, UserMgtConstants.EXECUTE_ACTION);
            for (String str2 : optimizePermissions) {
                authorizationManager.authorizeRole(str, str2, UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void bulkImportUsers(String str, InputStream inputStream, String str2) throws UserAdminException {
        try {
            BulkImportConfig bulkImportConfig = new BulkImportConfig(inputStream, str);
            if (str2 != null && str2.trim().length() > 0) {
                bulkImportConfig.setDefaultPassword(str2.trim());
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            if (str.endsWith("csv")) {
                new CSVUserBulkImport(bulkImportConfig).addUserList(userStoreManager);
            } else {
                if (!str.endsWith("xls") && !str.endsWith("xlsx")) {
                    throw new UserAdminException("Unsupported format");
                }
                new ExcelUserBulkImport(bulkImportConfig).addUserList(userStoreManager);
            }
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void changePasswordByUser(String str, String str2) throws UserAdminException {
        try {
            this.realm.getUserStoreManager().updateCredential((String) ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false).getAttribute("wso2carbon.admin.username"), str2, str);
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    private void buildUIPermissionNode(Collection collection, UIPermissionNode uIPermissionNode, Registry registry, AuthorizationManager authorizationManager, String str, String str2) throws RegistryException, UserStoreException {
        String[] children = collection.getChildren();
        UIPermissionNode[] uIPermissionNodeArr = new UIPermissionNode[children.length];
        for (int i = 0; i < children.length; i++) {
            String str3 = children[i];
            Resource resource = registry.get(str3);
            boolean z = false;
            if (str != null) {
                z = authorizationManager.isRoleAuthorized(str, str3, UserMgtConstants.EXECUTE_ACTION);
            } else if (str2 != null) {
                z = authorizationManager.isUserAuthorized(str2, str3, UserMgtConstants.EXECUTE_ACTION);
            }
            uIPermissionNodeArr[i] = getUIPermissionNode(resource, registry, z);
            if (resource instanceof Collection) {
                buildUIPermissionNode((Collection) resource, uIPermissionNodeArr[i], registry, authorizationManager, str, str2);
            }
        }
        uIPermissionNode.setNodeList(uIPermissionNodeArr);
    }

    private UIPermissionNode getUIPermissionNode(Resource resource, Registry registry, boolean z) throws RegistryException {
        return new UIPermissionNode(resource.getPath(), resource.getProperty(UserMgtConstants.DISPLAY_NAME), z);
    }

    private void checkName(String str) throws UserAdminException {
        if (Pattern.compile("^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$").matcher(str).matches()) {
            return;
        }
        log.debug("Invalid name entered. Please make sure the entered name does not contain special characters and it's length is between 3 and 30");
        throw new UserAdminException("Invalid name entered. Please make sure the entered name does not contain special characters and it's length is between 3 and 30");
    }
}
