package org.wso2.carbon.user.mgt;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.registry.api.Registry;
import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.registry.api.Resource;
import org.wso2.carbon.registry.core.Collection;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.user.api.Claim;
import org.wso2.carbon.user.api.ClaimMapping;
import org.wso2.carbon.user.api.Permission;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.AuthorizationManager;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.user.mgt.bulkimport.BulkImportConfig;
import org.wso2.carbon.user.mgt.bulkimport.CSVUserBulkImport;
import org.wso2.carbon.user.mgt.bulkimport.ExcelUserBulkImport;
import org.wso2.carbon.user.mgt.common.ClaimValue;
import org.wso2.carbon.user.mgt.common.FlaggedName;
import org.wso2.carbon.user.mgt.common.UIPermissionNode;
import org.wso2.carbon.user.mgt.common.UserAdminException;
import org.wso2.carbon.user.mgt.common.UserRealmInfo;
import org.wso2.carbon.user.mgt.common.UserStoreInfo;
import org.wso2.carbon.user.mgt.internal.UserMgtDSComponent;
import org.wso2.carbon.user.mgt.permission.ManagementPermissionUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/user/mgt/UserRealmProxy.class */
public class UserRealmProxy {
    private static Log log = LogFactory.getLog(UserRealmProxy.class);
    private UserRealm realm;

    public UserRealmProxy(UserRealm userRealm) {
        this.realm = null;
        this.realm = userRealm;
    }

    public String[] listUsers(String str, int i) throws UserAdminException {
        try {
            return this.realm.getUserStoreManager().listUsers(str, i);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] listUsers(ClaimValue claimValue, String str, int i) throws UserAdminException {
        try {
            String[] strArr = null;
            ArrayList arrayList = new ArrayList();
            if (claimValue.getClaimURI() != null && claimValue.getValue() != null) {
                strArr = this.realm.getUserStoreManager().getUserList(claimValue.getClaimURI(), claimValue.getValue(), (String) null);
            }
            FlaggedName[] listAllUsers = listAllUsers(str, i);
            if (strArr == null) {
                return listAllUsers;
            }
            Arrays.sort(strArr);
            for (FlaggedName flaggedName : listAllUsers) {
                if (Arrays.binarySearch(strArr, flaggedName.getItemName()) > -1) {
                    arrayList.add(flaggedName);
                }
            }
            return (FlaggedName[]) arrayList.toArray(new FlaggedName[arrayList.size()]);
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] listAllUsers(String str, int i) throws UserAdminException {
        HashMap hashMap = new HashMap();
        try {
            String[] listUsers = this.realm.getUserStoreManager().listUsers(str, i);
            FlaggedName[] flaggedNameArr = new FlaggedName[listUsers.length + 1];
            int i2 = 0;
            for (String str2 : listUsers) {
                flaggedNameArr[i2] = new FlaggedName();
                int indexOf = str2.indexOf("|");
                if (indexOf > 0) {
                    flaggedNameArr[i2].setItemName(str2.substring(0, indexOf));
                    flaggedNameArr[i2].setItemDisplayName(str2.substring(indexOf + 1));
                } else {
                    flaggedNameArr[i2].setItemName(str2);
                    flaggedNameArr[i2].setItemDisplayName(str2);
                }
                int indexOf2 = flaggedNameArr[i2].getItemName() != null ? flaggedNameArr[i2].getItemName().indexOf("/") : -1;
                String substring = indexOf2 > 0 ? flaggedNameArr[i2].getItemName().substring(0, indexOf2) : null;
                if (substring != null && !UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
                    UserStoreManager secondaryUserStoreManager = this.realm.getUserStoreManager().getSecondaryUserStoreManager(substring);
                    if (secondaryUserStoreManager == null || !secondaryUserStoreManager.isReadOnly()) {
                        flaggedNameArr[i2].setEditable(true);
                    } else {
                        flaggedNameArr[i2].setEditable(false);
                    }
                } else if (this.realm.getUserStoreManager().isReadOnly()) {
                    flaggedNameArr[i2].setEditable(false);
                } else {
                    flaggedNameArr[i2].setEditable(true);
                }
                if (substring != null) {
                    if (hashMap.containsKey(substring)) {
                        hashMap.put(substring, Integer.valueOf(((Integer) hashMap.get(substring)).intValue() + 1));
                    } else {
                        hashMap.put(substring, 1);
                    }
                } else if (hashMap.containsKey("PRIMARY")) {
                    hashMap.put("PRIMARY", Integer.valueOf(((Integer) hashMap.get("PRIMARY")).intValue() + 1));
                } else {
                    hashMap.put("PRIMARY", 1);
                }
                i2++;
            }
            Arrays.sort(flaggedNameArr, new Comparator<FlaggedName>() { // from class: org.wso2.carbon.user.mgt.UserRealmProxy.1
                @Override // java.util.Comparator
                public int compare(FlaggedName flaggedName, FlaggedName flaggedName2) {
                    if (flaggedName == null || flaggedName2 == null) {
                        return 0;
                    }
                    return flaggedName.getItemName().toLowerCase().compareTo(flaggedName2.getItemName().toLowerCase());
                }
            });
            String str3 = "";
            boolean z = false;
            try {
                Map maxListCount = this.realm.getUserStoreManager().getMaxListCount("MaxUserNameListLength");
                String[] strArr = (String[]) hashMap.keySet().toArray(new String[hashMap.keySet().size()]);
                for (int i3 = 0; i3 < strArr.length; i3++) {
                    if ("PRIMARY".equalsIgnoreCase(strArr[i3])) {
                        if (((Integer) hashMap.get("PRIMARY")).intValue() == ((Integer) maxListCount.get("PRIMARY")).intValue()) {
                            z = true;
                        }
                    } else if (((Integer) hashMap.get(strArr[i3])).equals(maxListCount.get(strArr[i3].toUpperCase()))) {
                        str3 = str3 + strArr[i3];
                        if (i3 != strArr.length - 1) {
                            str3 = str3 + ":";
                        }
                    }
                }
                FlaggedName flaggedName = new FlaggedName();
                if (z) {
                    flaggedName.setItemName("true");
                } else {
                    flaggedName.setItemName("false");
                }
                flaggedName.setItemDisplayName(str3);
                flaggedNameArr[flaggedNameArr.length - 1] = flaggedName;
                return flaggedNameArr;
            } catch (UserStoreException e) {
                log.error(e.getMessage(), e);
                throw new UserAdminException(e.getMessage(), e);
            }
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        } catch (Exception e3) {
            log.error(e3.getMessage(), e3);
            throw new UserAdminException(e3.getMessage(), e3);
        }
    }

    public FlaggedName[] getAllSharedRoleNames(String str, int i) throws UserAdminException {
        try {
            AbstractUserStoreManager userStoreManager = this.realm.getUserStoreManager();
            if (!(userStoreManager instanceof AbstractUserStoreManager)) {
                throw new UserAdminException("Initialized User Store Manager is not capable of getting the shared roles");
            }
            String[] sharedRoleNames = userStoreManager.getSharedRoleNames(str, i);
            ArrayList arrayList = new ArrayList();
            HashMap hashMap = new HashMap();
            int length = sharedRoleNames.length;
            for (int i2 = 0; i2 < length; i2++) {
                String str2 = sharedRoleNames[i2];
                FlaggedName flaggedName = new FlaggedName();
                mapEntityName(str2, flaggedName, userStoreManager);
                flaggedName.setRoleType(UserMgtConstants.EXTERNAL_ROLE);
                int indexOf = str2 != null ? str2.indexOf("/") : -1;
                String substring = indexOf > 0 ? str2.substring(0, indexOf) : null;
                UserStoreManager secondaryUserStoreManager = this.realm.getUserStoreManager().getSecondaryUserStoreManager(substring);
                if (substring != null && !UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
                    if (secondaryUserStoreManager == null || (!secondaryUserStoreManager.isReadOnly() && (secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups") == null || !secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups").equals("false")))) {
                        flaggedName.setEditable(true);
                    } else {
                        flaggedName.setEditable(false);
                    }
                }
                if (substring != null) {
                    if (hashMap.containsKey(substring)) {
                        hashMap.put(substring, Integer.valueOf(((Integer) hashMap.get(substring)).intValue() + 1));
                    } else {
                        hashMap.put(substring, 1);
                    }
                } else if (hashMap.containsKey("PRIMARY")) {
                    hashMap.put("PRIMARY", Integer.valueOf(((Integer) hashMap.get("PRIMARY")).intValue() + 1));
                } else {
                    hashMap.put("PRIMARY", 1);
                }
                arrayList.add(flaggedName);
            }
            String str3 = "";
            boolean z = false;
            Map maxListCount = this.realm.getUserStoreManager().getMaxListCount("MaxRoleNameListLength");
            String[] strArr = (String[]) hashMap.keySet().toArray(new String[hashMap.keySet().size()]);
            for (int i3 = 0; i3 < strArr.length; i3++) {
                if ("PRIMARY".equals(strArr[i3])) {
                    if (((Integer) hashMap.get("PRIMARY")).equals(maxListCount.get("PRIMARY"))) {
                        z = true;
                    }
                } else if (((Integer) hashMap.get(strArr[i3])).equals(maxListCount.get(strArr[i3].toUpperCase()))) {
                    str3 = str3 + strArr[i3];
                    if (i3 != strArr.length - 1) {
                        str3 = str3 + ":";
                    }
                }
            }
            FlaggedName[] flaggedNameArr = (FlaggedName[]) arrayList.toArray(new FlaggedName[arrayList.size() + 1]);
            Arrays.sort(flaggedNameArr, new Comparator<FlaggedName>() { // from class: org.wso2.carbon.user.mgt.UserRealmProxy.2
                @Override // java.util.Comparator
                public int compare(FlaggedName flaggedName2, FlaggedName flaggedName3) {
                    if (flaggedName2 == null || flaggedName3 == null) {
                        return 0;
                    }
                    return flaggedName2.getItemName().toLowerCase().compareTo(flaggedName3.getItemName().toLowerCase());
                }
            });
            FlaggedName flaggedName2 = new FlaggedName();
            if (z) {
                flaggedName2.setItemName("true");
            } else {
                flaggedName2.setItemName("false");
            }
            flaggedName2.setItemDisplayName(str3);
            flaggedNameArr[flaggedNameArr.length - 1] = flaggedName2;
            return flaggedNameArr;
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] getAllRolesNames(String str, int i) throws UserAdminException {
        try {
            AbstractUserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] roleNames = userStoreManager instanceof AbstractUserStoreManager ? userStoreManager.getRoleNames(str, i, true, true, true) : userStoreManager.getRoleNames();
            ArrayList arrayList = new ArrayList();
            HashMap hashMap = new HashMap();
            String[] strArr = roleNames;
            int length = strArr.length;
            for (int i2 = 0; i2 < length; i2++) {
                String str2 = strArr[i2];
                FlaggedName flaggedName = new FlaggedName();
                mapEntityName(str2, flaggedName, userStoreManager);
                flaggedName.setRoleType(UserMgtConstants.EXTERNAL_ROLE);
                int indexOf = str2 != null ? str2.indexOf("/") : -1;
                String substring = indexOf > 0 ? str2.substring(0, indexOf) : null;
                UserStoreManager secondaryUserStoreManager = this.realm.getUserStoreManager().getSecondaryUserStoreManager(substring);
                if (substring == null || UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
                    if (this.realm.getUserStoreManager().isReadOnly() || "false".equals(this.realm.getUserStoreManager().getRealmConfiguration().getUserStoreProperty("WriteGroups"))) {
                        flaggedName.setEditable(false);
                    } else {
                        flaggedName.setEditable(true);
                    }
                } else if (secondaryUserStoreManager == null || !(secondaryUserStoreManager.isReadOnly() || "false".equals(secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups")))) {
                    flaggedName.setEditable(true);
                } else {
                    flaggedName.setEditable(false);
                }
                if (substring != null) {
                    if (hashMap.containsKey(substring)) {
                        hashMap.put(substring, Integer.valueOf(((Integer) hashMap.get(substring)).intValue() + 1));
                    } else {
                        hashMap.put(substring, 1);
                    }
                } else if (hashMap.containsKey("PRIMARY")) {
                    hashMap.put("PRIMARY", Integer.valueOf(((Integer) hashMap.get("PRIMARY")).intValue() + 1));
                } else {
                    hashMap.put("PRIMARY", 1);
                }
                arrayList.add(flaggedName);
            }
            if (str.startsWith("Internal/")) {
                str = str.substring(str.indexOf("/") + 1);
            }
            for (String str3 : userStoreManager.getHybridRoles(str)) {
                FlaggedName flaggedName2 = new FlaggedName();
                flaggedName2.setItemName(str3);
                flaggedName2.setRoleType(UserMgtConstants.INTERNAL_ROLE);
                flaggedName2.setEditable(true);
                arrayList.add(flaggedName2);
            }
            String str4 = "";
            boolean z = false;
            Map maxListCount = this.realm.getUserStoreManager().getMaxListCount("MaxRoleNameListLength");
            String[] strArr2 = (String[]) hashMap.keySet().toArray(new String[hashMap.keySet().size()]);
            for (int i3 = 0; i3 < strArr2.length; i3++) {
                if ("PRIMARY".equals(strArr2[i3])) {
                    if (((Integer) hashMap.get("PRIMARY")).equals(maxListCount.get("PRIMARY"))) {
                        z = true;
                    }
                } else if (((Integer) hashMap.get(strArr2[i3])).equals(maxListCount.get(strArr2[i3].toUpperCase()))) {
                    str4 = str4 + strArr2[i3];
                    if (i3 != strArr2.length - 1) {
                        str4 = str4 + ":";
                    }
                }
            }
            FlaggedName[] flaggedNameArr = (FlaggedName[]) arrayList.toArray(new FlaggedName[arrayList.size() + 1]);
            Arrays.sort(flaggedNameArr, new Comparator<FlaggedName>() { // from class: org.wso2.carbon.user.mgt.UserRealmProxy.3
                @Override // java.util.Comparator
                public int compare(FlaggedName flaggedName3, FlaggedName flaggedName4) {
                    if (flaggedName3 == null || flaggedName4 == null) {
                        return 0;
                    }
                    return flaggedName3.getItemName().toLowerCase().compareTo(flaggedName4.getItemName().toLowerCase());
                }
            });
            FlaggedName flaggedName3 = new FlaggedName();
            if (z) {
                flaggedName3.setItemName("true");
            } else {
                flaggedName3.setItemName("false");
            }
            flaggedName3.setItemDisplayName(str4);
            flaggedNameArr[flaggedNameArr.length - 1] = flaggedName3;
            return flaggedNameArr;
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UserRealmInfo getUserRealmInfo() throws UserAdminException {
        UserRealmInfo userRealmInfo = new UserRealmInfo();
        String username = CarbonContext.getCurrentContext().getUsername();
        try {
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (this.realm.getAuthorizationManager().isUserAuthorized(username, "/permission/admin/configure/security", UserMgtConstants.EXECUTE_ACTION) || this.realm.getAuthorizationManager().isUserAuthorized(username, "/permission/admin/configure/security/usermgt/users", UserMgtConstants.EXECUTE_ACTION) || this.realm.getAuthorizationManager().isUserAuthorized(username, "/permission/admin/configure/security/usermgt/passwords", UserMgtConstants.EXECUTE_ACTION) || this.realm.getAuthorizationManager().isUserAuthorized(username, "/permission/admin/configure/security/usermgt/profiles", UserMgtConstants.EXECUTE_ACTION)) {
                userRealmInfo.setAdminRole(realmConfiguration.getAdminRoleName());
                userRealmInfo.setAdminUser(realmConfiguration.getAdminUserName());
                userRealmInfo.setEveryOneRole(realmConfiguration.getEveryOneRoleName());
                ClaimMapping[] allClaimMappings = this.realm.getClaimManager().getAllClaimMappings("http://wso2.org/claims");
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                for (ClaimMapping claimMapping : allClaimMappings) {
                    Claim claim = claimMapping.getClaim();
                    arrayList.add(claim.getClaimUri());
                    if (claim.isRequired()) {
                        arrayList2.add(claim.getClaimUri());
                    }
                }
                userRealmInfo.setUserClaims((String[]) arrayList.toArray(new String[arrayList.size()]));
                userRealmInfo.setRequiredUserClaims((String[]) arrayList2.toArray(new String[arrayList2.size()]));
            }
            ArrayList arrayList3 = new ArrayList();
            ArrayList arrayList4 = new ArrayList();
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            do {
                RealmConfiguration realmConfiguration2 = userStoreManager.getRealmConfiguration();
                UserStoreInfo userStoreInfo = getUserStoreInfo(realmConfiguration2, userStoreManager);
                if (realmConfiguration2.isPrimary()) {
                    userRealmInfo.setPrimaryUserStoreInfo(userStoreInfo);
                }
                arrayList3.add(userStoreInfo);
                userRealmInfo.setBulkImportSupported(userStoreManager.isBulkImportSupported());
                String userStoreProperty = realmConfiguration2.getUserStoreProperty("DomainName");
                if (userStoreProperty != null && userStoreProperty.trim().length() > 0) {
                    arrayList4.add(userStoreProperty.toUpperCase());
                }
                userStoreManager = userStoreManager.getSecondaryUserStoreManager();
            } while (userStoreManager != null);
            if (arrayList3.size() > 1) {
                userRealmInfo.setMultipleUserStore(true);
            }
            userRealmInfo.setUserStoresInfo((UserStoreInfo[]) arrayList3.toArray(new UserStoreInfo[arrayList3.size()]));
            userRealmInfo.setDomainNames((String[]) arrayList4.toArray(new String[arrayList4.size()]));
            int i = 15;
            try {
                i = Integer.parseInt(realmConfiguration.getRealmProperty("MaxItemsPerUserMgtUIPage"));
            } catch (Exception e) {
            }
            userRealmInfo.setMaxItemsPerUIPage(i);
            int i2 = 6;
            try {
                i2 = Integer.parseInt(realmConfiguration.getRealmProperty("MaxUserMgtUIPagesInCache"));
            } catch (Exception e2) {
            }
            userRealmInfo.setMaxUIPagesInCache(i2);
            userRealmInfo.setEnableUIPageCache("false".equals(realmConfiguration.getRealmProperty("EnableUserMgtUIPageCache")) ? false : true);
            return userRealmInfo;
        } catch (Exception e3) {
            throw new UserAdminException(e3.getMessage(), e3);
        }
    }

    private UserStoreInfo getUserStoreInfo(RealmConfiguration realmConfiguration, UserStoreManager userStoreManager) throws UserAdminException {
        try {
            UserStoreInfo userStoreInfo = new UserStoreInfo();
            userStoreInfo.setReadOnly(userStoreManager.isReadOnly());
            userStoreInfo.setPasswordsExternallyManaged(realmConfiguration.isPasswordsExternallyManaged());
            userStoreInfo.setPasswordRegEx(realmConfiguration.getUserStoreProperty("PasswordJavaScriptRegEx"));
            userStoreInfo.setUserNameRegEx(realmConfiguration.getUserStoreProperty("UsernameJavaScriptRegEx"));
            if (MultitenantUtils.isEmailUserName()) {
                String userStoreProperty = realmConfiguration.getUserStoreProperty("UsernameWithEmailJavaScriptRegEx");
                if (userStoreProperty != null) {
                    userStoreInfo.setUserNameRegEx(userStoreProperty);
                } else {
                    userStoreInfo.setUserNameRegEx("^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$");
                }
            }
            userStoreInfo.setRoleNameRegEx(realmConfiguration.getUserStoreProperty("RolenameJavaScriptRegEx"));
            userStoreInfo.setExternalIdP(realmConfiguration.getUserStoreProperty("ExternalIdP"));
            userStoreInfo.setBulkImportSupported(isBulkImportSupported());
            userStoreInfo.setDomainName(realmConfiguration.getUserStoreProperty("DomainName"));
            return userStoreInfo;
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    private boolean isBulkImportSupported() throws UserAdminException {
        try {
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            if (userStoreManager != null) {
                return userStoreManager.isBulkImportSupported();
            }
            throw new UserAdminException("Unable to retrieve user store manager from realm.");
        } catch (UserStoreException e) {
            throw new UserAdminException("An error occurred while retrieving user store from realm.", e);
        }
    }

    public void addUser(String str, String str2, String[] strArr, ClaimValue[] claimValueArr, String str3) throws UserAdminException {
        try {
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (realmConfiguration.getUserStoreProperty("ExternalIdP") != null) {
                throw new UserAdminException("Please contact your external Identity Provider to add users");
            }
            if (strArr != null && strArr.length > 0) {
                String loggedInUser = getLoggedInUser();
                Arrays.sort(strArr);
                boolean z = false;
                for (String str4 : strArr) {
                    z = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission", UserMgtConstants.EXECUTE_ACTION);
                    if (!z) {
                        z = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                    }
                    if (z) {
                        break;
                    }
                }
                if (z && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                    log.warn("An attempt to assign user " + str + " to Admin permission role by user : " + loggedInUser);
                    throw new UserStoreException("You have not privilege to assign user to Admin permission role");
                }
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            HashMap hashMap = new HashMap();
            if (claimValueArr != null) {
                for (ClaimValue claimValue : claimValueArr) {
                    hashMap.put(claimValue.getClaimURI(), claimValue.getValue());
                }
            }
            userStoreManager.addUser(str, str2, strArr, hashMap, str3, false);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void changePassword(String str, String str2) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            if (loggedInUser != null && loggedInUser.equalsIgnoreCase(str)) {
                log.warn("An attempt to change password with out providing old password : " + loggedInUser);
                throw new UserStoreException("An attempt to change password with out providing old password");
            }
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (realmConfiguration.getAdminUserName().equalsIgnoreCase(str) && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                log.warn("An attempt to change password of Admin user by user : " + loggedInUser);
                throw new UserStoreException("You have not privilege to change password of Admin user");
            }
            if (str != null) {
                boolean isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission", UserMgtConstants.EXECUTE_ACTION);
                if (!isUserAuthorized) {
                    isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                }
                if (isUserAuthorized && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                    log.warn("An attempt to change password of user has admin permission by user : " + loggedInUser);
                    throw new UserStoreException("You have not privilege to change password of user has admin permission");
                }
            }
            this.realm.getUserStoreManager().updateCredentialByAdmin(str, str2);
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteUser(String str, Registry registry) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (realmConfiguration.getAdminUserName().equalsIgnoreCase(str) && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                log.warn("An attempt to delete Admin user by user : " + loggedInUser);
                throw new UserStoreException("You have not privilege to delete Admin user");
            }
            if (str != null) {
                boolean isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission", UserMgtConstants.EXECUTE_ACTION);
                if (!isUserAuthorized) {
                    isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                }
                if (isUserAuthorized && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                    log.warn("An attempt to delete user user has Admin permission by user : " + loggedInUser);
                    throw new UserStoreException("You have not privilege to delete user has Admin permission");
                }
            }
            this.realm.getUserStoreManager().deleteUser(str);
            String str2 = "/users/" + str;
            if (registry.resourceExists(str2)) {
                registry.delete(str2);
            }
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        } catch (RegistryException e3) {
            String str3 = "Error deleting user from registry " + e3.getMessage();
            log.error(str3, e3);
            throw new UserAdminException(str3, e3);
        }
    }

    public void addRole(String str, String[] strArr, String[] strArr2, boolean z) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            if (strArr2 != null && !this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                Arrays.sort(strArr2);
                if (Arrays.binarySearch(strArr2, "/permission/admin") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_ADMIN_PERMISSION_ROOT) > -1 || Arrays.binarySearch(strArr2, "/permission") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_PERMISSION_ROOT) > -1 || Arrays.binarySearch(strArr2, "/permission/protected") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_PROTECTED_PERMISSION_ROOT) > -1) {
                    log.warn("An attempt to create role with admin permission by user " + loggedInUser);
                    throw new UserStoreException("You have not privilege to create a role with Admin permission");
                }
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            UserStoreManager secondaryUserStoreManager = str.contains("/") ? userStoreManager.getSecondaryUserStoreManager(str.substring(0, str.indexOf("/"))) : userStoreManager;
            if (secondaryUserStoreManager == null) {
                throw new UserAdminException("Invalid Domain");
            }
            if (secondaryUserStoreManager.isReadOnly() || "false".equals(secondaryUserStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups"))) {
                throw new UserAdminException("Read only user store or Role creation is disabled");
            }
            userStoreManager.addRole(str, strArr, ManagementPermissionUtil.getRoleUIPermissions(str, strArr2), z);
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void addInternalRole(String str, String[] strArr, String[] strArr2) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            if (strArr2 != null && !this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                Arrays.sort(strArr2);
                if (Arrays.binarySearch(strArr2, "/permission/admin") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_ADMIN_PERMISSION_ROOT) > -1 || Arrays.binarySearch(strArr2, "/permission") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_PERMISSION_ROOT) > -1 || Arrays.binarySearch(strArr2, "/permission/protected") > -1 || Arrays.binarySearch(strArr2, UserMgtConstants.UI_PROTECTED_PERMISSION_ROOT) > -1) {
                    log.warn("An attempt to create role with admin permission by user " + loggedInUser);
                    throw new UserStoreException("You have not privilege to create a role with Admin permission");
                }
            }
            AbstractUserStoreManager userStoreManager = this.realm.getUserStoreManager();
            if (!(userStoreManager instanceof AbstractUserStoreManager)) {
                throw new UserStoreException("Internal role can not be created");
            }
            userStoreManager.addRole("Internal/" + str, strArr, (Permission[]) null, false);
            ManagementPermissionUtil.updateRoleUIPermission("Internal/" + str, strArr2);
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void updateRoleName(String str, String str2) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            String str3 = str.split("@")[0];
            boolean isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission", UserMgtConstants.EXECUTE_ACTION);
            if (!isRoleAuthorized) {
                isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
            }
            if (!isRoleAuthorized || this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                this.realm.getUserStoreManager().updateRoleName(str, str2);
            } else {
                log.warn("An attempt to rename role with admin permission by user " + loggedInUser);
                throw new UserStoreException("You have not privilege to rename a role with Admin permission");
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void deleteRole(String str) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            boolean isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, "/permission", UserMgtConstants.EXECUTE_ACTION);
            if (!isRoleAuthorized) {
                isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
            }
            if (!isRoleAuthorized || this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                this.realm.getUserStoreManager().deleteRole(str);
            } else {
                log.warn("An attempt to delete role with admin permission by user " + loggedInUser);
                throw new UserStoreException("You have not privilege to delete a role with Admin permission");
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public FlaggedName[] getUsersOfRole(String str, String str2, int i) throws UserAdminException {
        int indexOf;
        if (str != null) {
            try {
                indexOf = str.indexOf("/");
            } catch (Exception e) {
                log.error(e.getMessage(), e);
                throw new UserAdminException(e.getMessage(), e);
            }
        } else {
            indexOf = -1;
        }
        int i2 = indexOf;
        String substring = i2 > 0 ? str.substring(0, i2) : null;
        if (substring != null && str2 != null && !str2.toLowerCase().startsWith(substring.toLowerCase()) && !UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
            str2 = substring + "/" + str2;
        }
        if (substring == null && i != 0) {
            str2 = str2 != null ? "/" + str2 : "/*";
        }
        UserStoreManager userStoreManager = this.realm.getUserStoreManager();
        String[] userListOfRole = userStoreManager.getUserListOfRole(str);
        Arrays.sort(userListOfRole);
        HashMap hashMap = new HashMap();
        if (i != 0) {
            String[] listUsers = userStoreManager.listUsers(str2, i);
            FlaggedName[] flaggedNameArr = new FlaggedName[listUsers.length + 1];
            for (int i3 = 0; i3 < listUsers.length; i3++) {
                FlaggedName flaggedName = new FlaggedName();
                flaggedName.setItemName(listUsers[i3]);
                if (Arrays.binarySearch(userListOfRole, listUsers[i3]) > -1) {
                    flaggedName.setSelected(true);
                }
                int indexOf2 = listUsers[i3].indexOf("|");
                if (indexOf2 > 0) {
                    flaggedName.setItemName(listUsers[i3].substring(0, indexOf2));
                    flaggedName.setItemDisplayName(listUsers[i3].substring(indexOf2 + 1));
                } else {
                    flaggedName.setItemName(listUsers[i3]);
                }
                if (substring == null || UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
                    if (userStoreManager.isReadOnly() || (userStoreManager.getSecondaryUserStoreManager(substring) != null && "false".equals(userStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups")))) {
                        flaggedName.setEditable(false);
                    } else {
                        flaggedName.setEditable(true);
                    }
                } else if (userStoreManager.getSecondaryUserStoreManager(substring) == null || !(userStoreManager.getSecondaryUserStoreManager(substring).isReadOnly() || "false".equals(userStoreManager.getSecondaryUserStoreManager(substring).getRealmConfiguration().getUserStoreProperty("WriteGroups")))) {
                    flaggedName.setEditable(true);
                } else {
                    flaggedName.setEditable(false);
                }
                if (substring != null) {
                    if (hashMap.containsKey(substring)) {
                        hashMap.put(substring, Integer.valueOf(((Integer) hashMap.get(substring)).intValue() + 1));
                    } else {
                        hashMap.put(substring, 1);
                    }
                } else if (hashMap.containsKey("PRIMARY")) {
                    hashMap.put("PRIMARY", Integer.valueOf(((Integer) hashMap.get("PRIMARY")).intValue() + 1));
                } else {
                    hashMap.put("PRIMARY", 1);
                }
                flaggedNameArr[i3] = flaggedName;
            }
            String str3 = "";
            boolean z = false;
            Map maxListCount = this.realm.getUserStoreManager().getMaxListCount("MaxUserNameListLength");
            String[] strArr = (String[]) hashMap.keySet().toArray(new String[hashMap.keySet().size()]);
            for (int i4 = 0; i4 < strArr.length; i4++) {
                if ("PRIMARY".equals(strArr[i4])) {
                    if (((Integer) hashMap.get("PRIMARY")).equals(maxListCount.get("PRIMARY"))) {
                        z = true;
                    }
                } else if (((Integer) hashMap.get(strArr[i4])).equals(maxListCount.get(strArr[i4].toUpperCase()))) {
                    str3 = str3 + strArr[i4];
                    if (i4 != strArr.length - 1) {
                        str3 = str3 + ":";
                    }
                }
            }
            FlaggedName flaggedName2 = new FlaggedName();
            if (z) {
                flaggedName2.setItemName("true");
            } else {
                flaggedName2.setItemName("false");
            }
            flaggedName2.setItemDisplayName(str3);
            flaggedNameArr[flaggedNameArr.length - 1] = flaggedName2;
            return flaggedNameArr;
        }
        Pattern compile = Pattern.compile(str2.replace("*", ".*"), 2);
        ArrayList arrayList = new ArrayList();
        for (String str4 : userListOfRole) {
            int indexOf3 = str4.indexOf("|");
            if ((indexOf3 > 0 ? compile.matcher(str4.substring(indexOf3 + 1)) : compile.matcher(str4)).matches()) {
                FlaggedName flaggedName3 = new FlaggedName();
                flaggedName3.setSelected(true);
                if (indexOf3 > 0) {
                    flaggedName3.setItemName(str4.substring(0, indexOf3));
                    flaggedName3.setItemDisplayName(str4.substring(indexOf3 + 1));
                } else {
                    flaggedName3.setItemName(str4);
                    flaggedName3.setItemDisplayName(str4);
                }
                if (substring == null || UserMgtConstants.INTERNAL_ROLE.equalsIgnoreCase(substring)) {
                    if (userStoreManager.isReadOnly() || (userStoreManager.getSecondaryUserStoreManager(substring) != null && "false".equals(userStoreManager.getRealmConfiguration().getUserStoreProperty("WriteGroups")))) {
                        flaggedName3.setEditable(false);
                    } else {
                        flaggedName3.setEditable(true);
                    }
                } else if (userStoreManager.getSecondaryUserStoreManager(substring) == null || !(userStoreManager.getSecondaryUserStoreManager(substring).isReadOnly() || "false".equals(userStoreManager.getSecondaryUserStoreManager(substring).getRealmConfiguration().getUserStoreProperty("WriteGroups")))) {
                    flaggedName3.setEditable(true);
                } else {
                    flaggedName3.setEditable(false);
                }
                if (substring != null) {
                    if (hashMap.containsKey(substring)) {
                        hashMap.put(substring, Integer.valueOf(((Integer) hashMap.get(substring)).intValue() + 1));
                    } else {
                        hashMap.put(substring, 1);
                    }
                } else if (hashMap.containsKey("PRIMARY")) {
                    hashMap.put("PRIMARY", Integer.valueOf(((Integer) hashMap.get("PRIMARY")).intValue() + 1));
                } else {
                    hashMap.put("PRIMARY", 1);
                }
                arrayList.add(flaggedName3);
            }
        }
        String str5 = "";
        boolean z2 = false;
        Map maxListCount2 = this.realm.getUserStoreManager().getMaxListCount("MaxUserNameListLength");
        String[] strArr2 = (String[]) hashMap.keySet().toArray(new String[hashMap.keySet().size()]);
        for (int i5 = 0; i5 < strArr2.length; i5++) {
            if ("PRIMARY".equals(strArr2[i5])) {
                if (((Integer) hashMap.get("PRIMARY")).equals(maxListCount2.get("PRIMARY"))) {
                    z2 = true;
                }
            } else if (((Integer) hashMap.get(strArr2[i5])).equals(maxListCount2.get(strArr2[i5].toUpperCase()))) {
                str5 = str5 + strArr2[i5];
                if (i5 != strArr2.length - 1) {
                    str5 = str5 + ":";
                }
            }
        }
        FlaggedName flaggedName4 = new FlaggedName();
        if (z2) {
            flaggedName4.setItemName("true");
        } else {
            flaggedName4.setItemName("false");
        }
        flaggedName4.setItemDisplayName(str5);
        arrayList.add(flaggedName4);
        return (FlaggedName[]) arrayList.toArray(new FlaggedName[arrayList.size()]);
    }

    /* JADX WARN: Removed duplicated region for block: B:56:0x0237 A[Catch: Exception -> 0x07ad, TryCatch #0 {Exception -> 0x07ad, blocks: (B:227:0x0004, B:9:0x0021, B:13:0x0035, B:15:0x0058, B:17:0x0064, B:18:0x0072, B:20:0x0083, B:21:0x0088, B:24:0x00b7, B:26:0x00cf, B:28:0x00e8, B:31:0x00fe, B:33:0x0109, B:37:0x011f, B:43:0x015c, B:45:0x017a, B:47:0x0184, B:49:0x0195, B:51:0x01ab, B:53:0x01de, B:56:0x0237, B:58:0x0243, B:59:0x02b0, B:61:0x0264, B:62:0x0275, B:64:0x0281, B:65:0x02a2, B:68:0x01cb, B:70:0x01d5, B:71:0x01e7, B:73:0x01f1, B:75:0x0200, B:77:0x022c, B:80:0x0219, B:82:0x0223, B:41:0x02ba, B:84:0x0134, B:88:0x014a, B:94:0x02c0, B:95:0x02fd, B:97:0x0305, B:99:0x0312, B:103:0x0390, B:105:0x0333, B:107:0x0357, B:109:0x037a, B:114:0x0396, B:116:0x03a4, B:117:0x03b5, B:120:0x03ae, B:121:0x03db, B:123:0x03f0, B:125:0x03f8, B:126:0x04e2, B:128:0x04f5, B:131:0x0508, B:133:0x0534, B:136:0x053f, B:138:0x0554, B:140:0x0571, B:144:0x05ac, B:146:0x05b8, B:148:0x0625, B:149:0x05d9, B:151:0x05ea, B:153:0x05f6, B:155:0x0617, B:157:0x0568, B:158:0x057a, B:160:0x0584, B:162:0x05a1, B:163:0x0598, B:167:0x063a, B:170:0x064d, B:172:0x0676, B:174:0x067c, B:177:0x0692, B:178:0x06cf, B:180:0x06d7, B:182:0x06e4, B:186:0x0762, B:188:0x0705, B:190:0x0729, B:192:0x074c, B:197:0x0768, B:199:0x0776, B:200:0x0787, B:202:0x0780, B:203:0x0413, B:206:0x0424, B:208:0x0445, B:210:0x044d, B:211:0x045f, B:212:0x046b, B:214:0x0473, B:217:0x048f, B:218:0x04bf, B:220:0x04c7, B:221:0x04d9, B:222:0x04a6, B:223:0x0481), top: B:226:0x0004 }] */
    /* JADX WARN: Removed duplicated region for block: B:62:0x0275 A[Catch: Exception -> 0x07ad, TryCatch #0 {Exception -> 0x07ad, blocks: (B:227:0x0004, B:9:0x0021, B:13:0x0035, B:15:0x0058, B:17:0x0064, B:18:0x0072, B:20:0x0083, B:21:0x0088, B:24:0x00b7, B:26:0x00cf, B:28:0x00e8, B:31:0x00fe, B:33:0x0109, B:37:0x011f, B:43:0x015c, B:45:0x017a, B:47:0x0184, B:49:0x0195, B:51:0x01ab, B:53:0x01de, B:56:0x0237, B:58:0x0243, B:59:0x02b0, B:61:0x0264, B:62:0x0275, B:64:0x0281, B:65:0x02a2, B:68:0x01cb, B:70:0x01d5, B:71:0x01e7, B:73:0x01f1, B:75:0x0200, B:77:0x022c, B:80:0x0219, B:82:0x0223, B:41:0x02ba, B:84:0x0134, B:88:0x014a, B:94:0x02c0, B:95:0x02fd, B:97:0x0305, B:99:0x0312, B:103:0x0390, B:105:0x0333, B:107:0x0357, B:109:0x037a, B:114:0x0396, B:116:0x03a4, B:117:0x03b5, B:120:0x03ae, B:121:0x03db, B:123:0x03f0, B:125:0x03f8, B:126:0x04e2, B:128:0x04f5, B:131:0x0508, B:133:0x0534, B:136:0x053f, B:138:0x0554, B:140:0x0571, B:144:0x05ac, B:146:0x05b8, B:148:0x0625, B:149:0x05d9, B:151:0x05ea, B:153:0x05f6, B:155:0x0617, B:157:0x0568, B:158:0x057a, B:160:0x0584, B:162:0x05a1, B:163:0x0598, B:167:0x063a, B:170:0x064d, B:172:0x0676, B:174:0x067c, B:177:0x0692, B:178:0x06cf, B:180:0x06d7, B:182:0x06e4, B:186:0x0762, B:188:0x0705, B:190:0x0729, B:192:0x074c, B:197:0x0768, B:199:0x0776, B:200:0x0787, B:202:0x0780, B:203:0x0413, B:206:0x0424, B:208:0x0445, B:210:0x044d, B:211:0x045f, B:212:0x046b, B:214:0x0473, B:217:0x048f, B:218:0x04bf, B:220:0x04c7, B:221:0x04d9, B:222:0x04a6, B:223:0x0481), top: B:226:0x0004 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.wso2.carbon.user.mgt.common.FlaggedName[] getRolesOfUser(java.lang.String r8, java.lang.String r9, int r10) throws org.wso2.carbon.user.mgt.common.UserAdminException {
        /*
            Method dump skipped, instructions count: 1992
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.user.mgt.UserRealmProxy.getRolesOfUser(java.lang.String, java.lang.String, int):org.wso2.carbon.user.mgt.common.FlaggedName[]");
    }

    public void updateUsersOfRole(String str, FlaggedName[] flaggedNameArr) throws UserAdminException {
        try {
            if ("system/wso2.anonymous.role".equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon anonymous role is being manipulated");
                throw new UserStoreException("Invalid data");
            }
            if (this.realm.getRealmConfiguration().getEveryOneRoleName().equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon Everyone role is being manipulated");
                throw new UserStoreException("Invalid data");
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] userListOfRole = userStoreManager.getUserListOfRole(str);
            ArrayList arrayList = new ArrayList();
            if (userListOfRole != null) {
                for (String str2 : userListOfRole) {
                    int indexOf = str2.indexOf("|");
                    if (indexOf > 0) {
                        arrayList.add(str2.substring(0, indexOf));
                    } else {
                        arrayList.add(str2);
                    }
                }
                userListOfRole = (String[]) arrayList.toArray(new String[arrayList.size()]);
            }
            Arrays.sort(userListOfRole);
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            for (FlaggedName flaggedName : flaggedNameArr) {
                boolean isSelected = flaggedName.isSelected();
                String itemName = flaggedName.getItemName();
                if ("wso2.anonymous.user".equalsIgnoreCase(itemName)) {
                    log.error("Security Alert! Carbon anonymous user is being manipulated");
                    return;
                }
                int binarySearch = Arrays.binarySearch(userListOfRole, itemName);
                if (binarySearch > -1 && !isSelected) {
                    arrayList2.add(itemName);
                } else if (binarySearch < 0 && isSelected) {
                    arrayList3.add(itemName);
                }
            }
            String loggedInUser = getLoggedInUser();
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            boolean isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, UserMgtConstants.UI_PERMISSION_ROOT, UserMgtConstants.EXECUTE_ACTION);
            if (!isRoleAuthorized) {
                isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, UserMgtConstants.EXECUTE_ACTION);
            }
            if ((realmConfiguration.getAdminRoleName().equalsIgnoreCase(str) || isRoleAuthorized) && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                log.warn("An attempt to add or remove users from Admin role by user : " + loggedInUser);
                throw new UserStoreException("Can not add or remove user from Admin permission role");
            }
            String[] strArr = null;
            String[] userListOfRole2 = this.realm.getUserStoreManager().getUserListOfRole(str);
            if (userListOfRole2 == null) {
                Arrays.sort(userListOfRole2);
            }
            if (arrayList2 != null && userListOfRole2 != null) {
                strArr = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
                Arrays.sort(strArr);
                if (Arrays.binarySearch(strArr, loggedInUser) > -1 && Arrays.binarySearch(userListOfRole2, loggedInUser) > -1 && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                    log.warn("An attempt to remove from role : " + str + " by user :" + loggedInUser);
                    throw new UserStoreException("Can not remove yourself from role : " + str);
                }
            }
            userStoreManager.updateUserListOfRole(str, strArr, arrayList3 != null ? (String[]) arrayList3.toArray(new String[arrayList3.size()]) : null);
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void updateRolesOfUser(String str, String[] strArr) throws UserAdminException {
        try {
            if ("wso2.anonymous.user".equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon anonymous user is being manipulated");
                throw new UserAdminException("Invalid data");
            }
            if (strArr != null) {
                String loggedInUser = getLoggedInUser();
                RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
                Arrays.sort(strArr);
                String[] roleListOfUser = this.realm.getUserStoreManager().getRoleListOfUser(str);
                if (roleListOfUser != null) {
                    Arrays.sort(roleListOfUser);
                }
                boolean z = false;
                String str2 = null;
                for (String str3 : roleListOfUser) {
                    z = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission", UserMgtConstants.EXECUTE_ACTION);
                    if (!z) {
                        z = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                    }
                    if (z) {
                        break;
                    }
                }
                int length = strArr.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    String str4 = strArr[i];
                    boolean isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission", UserMgtConstants.EXECUTE_ACTION);
                    if (!isRoleAuthorized) {
                        isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                    }
                    if (isRoleAuthorized) {
                        str2 = str4;
                        break;
                    }
                    i++;
                }
                if (roleListOfUser == null || Arrays.binarySearch(roleListOfUser, realmConfiguration.getAdminRoleName()) < 0) {
                    if ((Arrays.binarySearch(strArr, realmConfiguration.getAdminRoleName()) > -1 || (!z && str2 != null)) && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                        log.warn("An attempt to add users to Admin permission role by user : " + loggedInUser);
                        throw new UserStoreException("Can not add users to Admin permission role");
                    }
                } else if (Arrays.binarySearch(strArr, realmConfiguration.getAdminRoleName()) < 0 && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                    log.warn("An attempt to remove users from Admin role by user : " + loggedInUser);
                    throw new UserStoreException("Can not remove users from Admin role");
                }
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] roleListOfUser2 = userStoreManager.getRoleListOfUser(str);
            Arrays.sort(strArr);
            Arrays.sort(roleListOfUser2);
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            for (String str5 : strArr) {
                if (Arrays.binarySearch(roleListOfUser2, str5) < 0) {
                    arrayList2.add(str5);
                }
            }
            for (String str6 : roleListOfUser2) {
                if (Arrays.binarySearch(strArr, str6) < 0) {
                    if (this.realm.getRealmConfiguration().getEveryOneRoleName().equalsIgnoreCase(str6)) {
                        log.error("Security Alert! Carbon everyone role is being manipulated");
                        throw new UserAdminException("Invalid data");
                    }
                    arrayList.add(str6);
                }
            }
            userStoreManager.updateRoleListOfUser(str, (String[]) arrayList.toArray(new String[arrayList.size()]), (String[]) arrayList2.toArray(new String[arrayList2.size()]));
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void updateUsersOfRole(String str, String[] strArr, String[] strArr2) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            if ("system/wso2.anonymous.role".equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon anonymous role is being manipulated by user " + loggedInUser);
                throw new UserStoreException("Invalid data");
            }
            if (this.realm.getRealmConfiguration().getEveryOneRoleName().equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon Everyone role is being manipulated by user " + loggedInUser);
                throw new UserStoreException("Invalid data");
            }
            boolean isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, UserMgtConstants.UI_PERMISSION_ROOT, UserMgtConstants.EXECUTE_ACTION);
            if (!isRoleAuthorized) {
                isRoleAuthorized = this.realm.getAuthorizationManager().isRoleAuthorized(str, UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, UserMgtConstants.EXECUTE_ACTION);
            }
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if ((realmConfiguration.getAdminRoleName().equalsIgnoreCase(str) || isRoleAuthorized) && !realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                log.warn("An attempt to add or remove users from Admin role by user : " + loggedInUser);
                throw new UserStoreException("You have not privilege to add or remove user from Admin permission role");
            }
            if (strArr2 != null) {
                Arrays.sort(strArr2);
                if (realmConfiguration.getAdminRoleName().equalsIgnoreCase(str) && Arrays.binarySearch(strArr2, realmConfiguration.getAdminUserName()) > -1) {
                    log.warn("An attempt to remove Admin user from Admin role by user : " + loggedInUser);
                    throw new UserStoreException("Can not remove Admin user from Admin role");
                }
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            String[] userListOfRole = userStoreManager.getUserListOfRole(str);
            ArrayList arrayList = new ArrayList();
            if (userListOfRole != null) {
                for (String str2 : userListOfRole) {
                    int indexOf = str2.indexOf("|");
                    if (indexOf > 0) {
                        arrayList.add(str2.substring(0, indexOf));
                    } else {
                        arrayList.add(str2);
                    }
                }
                userListOfRole = (String[]) arrayList.toArray(new String[arrayList.size()]);
                Arrays.sort(userListOfRole);
            }
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            if (userListOfRole != null) {
                if (strArr != null) {
                    for (String str3 : strArr) {
                        if (Arrays.binarySearch(userListOfRole, str3) < 0) {
                            arrayList3.add(str3);
                        }
                    }
                    strArr = (String[]) arrayList3.toArray(new String[arrayList3.size()]);
                }
                if (strArr2 != null) {
                    for (String str4 : strArr2) {
                        if (Arrays.binarySearch(userListOfRole, str4) > -1) {
                            arrayList2.add(str4);
                        }
                    }
                    strArr2 = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
                }
            } else {
                strArr2 = null;
            }
            userStoreManager.updateUserListOfRole(str, strArr2, strArr);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void updateRolesOfUser(String str, String[] strArr, String[] strArr2) throws UserAdminException {
        try {
            String loggedInUser = getLoggedInUser();
            if ("wso2.anonymous.user".equalsIgnoreCase(str)) {
                log.error("Security Alert! Carbon anonymous user is being manipulated by user " + loggedInUser);
                throw new UserAdminException("Invalid data");
            }
            if (strArr2 != null) {
                for (String str2 : strArr2) {
                    if (this.realm.getRealmConfiguration().getEveryOneRoleName().equalsIgnoreCase(str2)) {
                        log.error("Security Alert! Carbon everyone role is being manipulated by user " + loggedInUser);
                        throw new UserAdminException("Invalid data");
                    }
                    if (this.realm.getRealmConfiguration().getAdminRoleName().equalsIgnoreCase(str2) && this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(str)) {
                        log.error("Can not remove admin user from admin role " + loggedInUser);
                        throw new UserAdminException("Can not remove admin user from admin role");
                    }
                }
            }
            RealmConfiguration realmConfiguration = this.realm.getRealmConfiguration();
            if (!realmConfiguration.getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                boolean isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission", UserMgtConstants.EXECUTE_ACTION);
                if (!isUserAuthorized) {
                    isUserAuthorized = this.realm.getAuthorizationManager().isUserAuthorized(str, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                }
                if (strArr != null) {
                    boolean z = false;
                    for (String str3 : strArr) {
                        if (str3.equalsIgnoreCase(realmConfiguration.getAdminRoleName())) {
                            log.warn("An attempt to add users to Admin permission role by user : " + loggedInUser);
                            throw new UserStoreException("Can not add users to Admin permission role");
                        }
                        z = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission", UserMgtConstants.EXECUTE_ACTION);
                        if (!z) {
                            z = this.realm.getAuthorizationManager().isRoleAuthorized(str3, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                        }
                        if (z) {
                            break;
                        }
                    }
                    if (!isUserAuthorized && z) {
                        log.warn("An attempt to add users to Admin permission role by user : " + loggedInUser);
                        throw new UserStoreException("Can not add users to Admin permission role");
                    }
                }
                if (strArr2 != null) {
                    boolean z2 = false;
                    for (String str4 : strArr2) {
                        z2 = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission", UserMgtConstants.EXECUTE_ACTION);
                        if (!z2) {
                            z2 = this.realm.getAuthorizationManager().isRoleAuthorized(str4, "/permission/admin", UserMgtConstants.EXECUTE_ACTION);
                        }
                        if (z2) {
                            break;
                        }
                    }
                    if (isUserAuthorized && z2) {
                        log.warn("An attempt to remove users from Admin role by user : " + loggedInUser);
                        throw new UserStoreException("Can not remove users from Admin role");
                    }
                }
            }
            this.realm.getUserStoreManager().updateRoleListOfUser(str, strArr2, strArr);
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UIPermissionNode getAllUIPermissions(int i) throws UserAdminException {
        Collection collection;
        UIPermissionNode uIPermissionNode;
        try {
            UserRegistry governanceSystemRegistry = UserMgtDSComponent.getRegistryService().getGovernanceSystemRegistry();
            if (i != -1234) {
                collection = (Collection) governanceSystemRegistry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            } else {
                if (CarbonContext.getCurrentContext().getTenantId() != -1234) {
                    log.error("Illegal access attempt");
                    throw new UserStoreException("Illegal access attempt");
                }
                collection = (Collection) governanceSystemRegistry.get(UserMgtConstants.UI_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            }
            buildUIPermissionNode(collection, uIPermissionNode, governanceSystemRegistry, null, null, null);
            return uIPermissionNode;
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public UIPermissionNode getRolePermissions(String str, int i) throws UserAdminException {
        Collection collection;
        UIPermissionNode uIPermissionNode;
        try {
            UserRegistry governanceSystemRegistry = UserMgtDSComponent.getRegistryService().getGovernanceSystemRegistry();
            if (i == -1234) {
                collection = (Collection) governanceSystemRegistry.get(UserMgtConstants.UI_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            } else {
                collection = (Collection) governanceSystemRegistry.get(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT);
                uIPermissionNode = new UIPermissionNode(UserMgtConstants.UI_ADMIN_PERMISSION_ROOT, collection.getProperty(UserMgtConstants.DISPLAY_NAME));
            }
            buildUIPermissionNode(collection, uIPermissionNode, governanceSystemRegistry, this.realm.getAuthorizationManager(), str, null);
            return uIPermissionNode;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        } catch (UserStoreException e2) {
            throw new UserAdminException(e2.getMessage(), e2);
        }
    }

    public void setRoleUIPermission(String str, String[] strArr) throws UserAdminException {
        try {
            if (this.realm.getUserStoreManager().isOthersSharedRole(str)) {
                throw new UserAdminException("Logged in user is not authorized to assign permissions to a role belong to another tenant");
            }
            if (this.realm.getRealmConfiguration().getAdminRoleName().equalsIgnoreCase(str)) {
                log.error("UI permissions of Admin is not allowed to change");
                throw new UserAdminException("UI permissions of Admin is not allowed to change");
            }
            String loggedInUser = getLoggedInUser();
            if (strArr != null && !this.realm.getRealmConfiguration().getAdminUserName().equalsIgnoreCase(loggedInUser)) {
                Arrays.sort(strArr);
                if (Arrays.binarySearch(strArr, "/permission/admin") > -1 || Arrays.binarySearch(strArr, "/permission/protected") > -1 || Arrays.binarySearch(strArr, "/permission") > -1) {
                    log.warn("An attempt to Assign admin permission for role by user : " + loggedInUser);
                    throw new UserStoreException("Can not assign Admin for permission role");
                }
            }
            String[] optimizePermissions = UserCoreUtil.optimizePermissions(strArr);
            AuthorizationManager authorizationManager = this.realm.getAuthorizationManager();
            authorizationManager.clearRoleActionOnAllResources(str, UserMgtConstants.EXECUTE_ACTION);
            for (String str2 : optimizePermissions) {
                authorizationManager.authorizeRole(str, str2, UserMgtConstants.EXECUTE_ACTION);
            }
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void bulkImportUsers(String str, InputStream inputStream, String str2) throws UserAdminException {
        try {
            BulkImportConfig bulkImportConfig = new BulkImportConfig(inputStream, str);
            if (str2 != null && str2.trim().length() > 0) {
                bulkImportConfig.setDefaultPassword(str2.trim());
            }
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            if (str.endsWith("csv")) {
                new CSVUserBulkImport(bulkImportConfig).addUserList(userStoreManager);
            } else {
                if (!str.endsWith("xls") && !str.endsWith("xlsx")) {
                    throw new UserAdminException("Unsupported format");
                }
                new ExcelUserBulkImport(bulkImportConfig).addUserList(userStoreManager);
            }
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public void changePasswordByUser(String str, String str2) throws UserAdminException {
        String str3;
        try {
            UserStoreManager userStoreManager = this.realm.getUserStoreManager();
            HttpSession session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false);
            String str4 = (String) session.getAttribute("wso2carbon.admin.logged.in");
            if (str4.indexOf("/") < 0 && (str3 = (String) session.getAttribute("logged_in_domain")) != null) {
                str4 = str3 + "/" + str4;
            }
            userStoreManager.updateCredential(str4, str2, str);
        } catch (UserStoreException e) {
            throw new UserAdminException(e.getMessage(), e);
        }
    }

    public boolean hasMultipleUserStores() throws UserAdminException {
        try {
            return this.realm.getUserStoreManager().getSecondaryUserStoreManager() != null;
        } catch (UserStoreException e) {
            log.error(e);
            throw new UserAdminException("Unable to check for multiple user stores");
        }
    }

    private void buildUIPermissionNode(Collection collection, UIPermissionNode uIPermissionNode, Registry registry, AuthorizationManager authorizationManager, String str, String str2) throws RegistryException, UserStoreException {
        boolean z = false;
        if (str != null) {
            z = authorizationManager.isRoleAuthorized(str, uIPermissionNode.getResourcePath(), UserMgtConstants.EXECUTE_ACTION);
        } else if (str2 != null) {
            z = authorizationManager.isUserAuthorized(str2, uIPermissionNode.getResourcePath(), UserMgtConstants.EXECUTE_ACTION);
        }
        if (!z) {
            buildUIPermissionNodeNotAllSelected(collection, uIPermissionNode, registry, authorizationManager, str, str2);
        } else {
            buildUIPermissionNodeAllSelected(collection, uIPermissionNode, registry);
            uIPermissionNode.setSelected(true);
        }
    }

    private void buildUIPermissionNodeAllSelected(Collection collection, UIPermissionNode uIPermissionNode, Registry registry) throws RegistryException, UserStoreException {
        String[] children = collection.getChildren();
        UIPermissionNode[] uIPermissionNodeArr = new UIPermissionNode[children.length];
        for (int i = 0; i < children.length; i++) {
            Resource resource = registry.get(children[i]);
            uIPermissionNodeArr[i] = getUIPermissionNode(resource, registry, true);
            if (resource instanceof Collection) {
                buildUIPermissionNodeAllSelected((Collection) resource, uIPermissionNodeArr[i], registry);
            }
        }
        uIPermissionNode.setNodeList(uIPermissionNodeArr);
    }

    private void buildUIPermissionNodeNotAllSelected(Collection collection, UIPermissionNode uIPermissionNode, Registry registry, AuthorizationManager authorizationManager, String str, String str2) throws RegistryException, UserStoreException {
        String[] children = collection.getChildren();
        UIPermissionNode[] uIPermissionNodeArr = new UIPermissionNode[children.length];
        for (int i = 0; i < children.length; i++) {
            String str3 = children[i];
            Resource resource = registry.get(str3);
            boolean z = false;
            if (str != null) {
                z = authorizationManager.isRoleAuthorized(str, str3, UserMgtConstants.EXECUTE_ACTION);
            } else if (str2 != null) {
                z = authorizationManager.isUserAuthorized(str2, str3, UserMgtConstants.EXECUTE_ACTION);
            }
            uIPermissionNodeArr[i] = getUIPermissionNode(resource, registry, z);
            if (resource instanceof Collection) {
                buildUIPermissionNodeNotAllSelected((Collection) resource, uIPermissionNodeArr[i], registry, authorizationManager, str, str2);
            }
        }
        uIPermissionNode.setNodeList(uIPermissionNodeArr);
    }

    private UIPermissionNode getUIPermissionNode(Resource resource, Registry registry, boolean z) throws RegistryException {
        return new UIPermissionNode(resource.getPath(), resource.getProperty(UserMgtConstants.DISPLAY_NAME), z);
    }

    private String getLoggedInUser() {
        return CarbonContext.getCurrentContext().getUsername();
    }

    private void mapEntityName(String str, FlaggedName flaggedName, UserStoreManager userStoreManager) {
        if (!str.contains("@")) {
            flaggedName.setItemName(str);
            return;
        }
        String[] split = str.split("@");
        flaggedName.setItemName(split[0]);
        flaggedName.setDn(split[1]);
        flaggedName.setShared(((AbstractUserStoreManager) userStoreManager).isOthersSharedRole(str));
        if (flaggedName.isShared()) {
            flaggedName.setItemDisplayName("@" + flaggedName.getItemName());
        }
    }

    public boolean isSharedRolesEnabled() throws UserAdminException {
        try {
            return this.realm.getUserStoreManager().isSharedGroupEnabled();
        } catch (UserStoreException e) {
            log.error(e);
            throw new UserAdminException("Unable to check shared role enabled", e);
        }
    }
}
