package org.opends.server.core;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import org.opends.server.api.ConfigAddListener;
import org.opends.server.api.ConfigChangeListener;
import org.opends.server.api.ConfigDeleteListener;
import org.opends.server.api.ConfigHandler;
import org.opends.server.api.ConfigurableComponent;
import org.opends.server.config.ConfigAttribute;
import org.opends.server.config.ConfigConstants;
import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
import org.opends.server.config.DNConfigAttribute;
import org.opends.server.config.MultiChoiceConfigAttribute;
import org.opends.server.loggers.ErrorLogger;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.messages.ConfigMessages;
import org.opends.server.messages.MessageHandler;
import org.opends.server.types.ConfigChangeResult;
import org.opends.server.types.DN;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.ErrorLogCategory;
import org.opends.server.types.ErrorLogSeverity;
import org.opends.server.types.InitializationException;
import org.opends.server.types.Privilege;
import org.opends.server.types.ResultCode;
import org.opends.server.util.ServerConstants;
import org.opends.server.util.StaticUtils;

/* loaded from: input_file:org/opends/server/core/RootDNConfigManager.class */
public class RootDNConfigManager implements ConfigChangeListener, ConfigAddListener, ConfigDeleteListener, ConfigurableComponent {
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    private ConcurrentHashMap<DN, List<DN>> bindMappings = new ConcurrentHashMap<>();
    private DN rootDNConfigBaseDN;
    private LinkedHashSet<Privilege> rootPrivileges;

    public void initializeRootDNs() throws ConfigException, InitializationException {
        ConfigHandler configHandler = DirectoryServer.getConfigHandler();
        try {
            this.rootDNConfigBaseDN = DN.decode(ConfigConstants.DN_ROOT_DN_CONFIG_BASE);
            ConfigEntry configEntry = configHandler.getConfigEntry(this.rootDNConfigBaseDN);
            if (configEntry == null) {
                throw new ConfigException(ConfigMessages.MSGID_CONFIG_ROOTDN_BASE_DOES_NOT_EXIST, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_BASE_DOES_NOT_EXIST));
            }
            this.rootPrivileges = new LinkedHashSet<>(Privilege.getDefaultRootPrivileges());
            try {
                MultiChoiceConfigAttribute multiChoiceConfigAttribute = (MultiChoiceConfigAttribute) configEntry.getConfigAttribute(new MultiChoiceConfigAttribute(ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ROOT_PRIVILEGE), false, true, false, Privilege.getPrivilegeNames()));
                if (multiChoiceConfigAttribute != null) {
                    ArrayList arrayList = new ArrayList();
                    for (String str : multiChoiceConfigAttribute.activeValues()) {
                        Privilege privilegeForName = Privilege.privilegeForName(StaticUtils.toLowerCase(str));
                        if (privilegeForName == null) {
                            ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_WARNING, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_UNRECOGNIZED_PRIVILEGE, ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, String.valueOf(this.rootDNConfigBaseDN), String.valueOf(str)), ConfigMessages.MSGID_CONFIG_ROOTDN_UNRECOGNIZED_PRIVILEGE);
                        } else {
                            arrayList.add(privilegeForName);
                        }
                    }
                    this.rootPrivileges = new LinkedHashSet<>(arrayList);
                }
                configEntry.registerAddListener(this);
                configEntry.registerDeleteListener(this);
                DirectoryServer.registerConfigurableComponent(this);
                if (configEntry.hasChildren()) {
                    for (ConfigEntry configEntry2 : configEntry.getChildren().values()) {
                        StringBuilder sb = new StringBuilder();
                        if (configAddIsAcceptable(configEntry2, sb)) {
                            try {
                                ConfigChangeResult applyConfigurationAdd = applyConfigurationAdd(configEntry2);
                                if (applyConfigurationAdd.getResultCode() != ResultCode.SUCCESS) {
                                    StringBuilder sb2 = new StringBuilder();
                                    List<String> messages = applyConfigurationAdd.getMessages();
                                    if (messages == null || messages.isEmpty()) {
                                        sb2.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_UNKNOWN_UNACCEPTABLE_REASON));
                                    } else {
                                        Iterator<String> it = messages.iterator();
                                        sb2.append(it.next());
                                        while (it.hasNext()) {
                                            sb2.append(ServerConstants.EOL);
                                            sb2.append(it.next());
                                        }
                                    }
                                    ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR, ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_CREATE, String.valueOf(configEntry2.getDN()), sb2.toString());
                                }
                            } catch (Exception e) {
                                ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR, ConfigMessages.MSGID_CONFIG_PWGENERATOR_CANNOT_CREATE_GENERATOR, configEntry2.getDN().toString(), String.valueOf(e));
                            }
                        } else {
                            ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_ERROR, ConfigMessages.MSGID_CONFIG_ROOTDN_ENTRY_UNACCEPTABLE, String.valueOf(configEntry2.getDN()), sb.toString());
                        }
                    }
                }
            } catch (Exception e2) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                }
                throw new InitializationException(ConfigMessages.MSGID_CONFIG_ROOTDN_ERROR_DETERMINING_ROOT_PRIVILEGES, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_ERROR_DETERMINING_ROOT_PRIVILEGES, StaticUtils.getExceptionMessage(e2)), e2);
            }
        } catch (Exception e3) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e3);
            }
            throw new ConfigException(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_GET_BASE, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_GET_BASE, String.valueOf(e3)), e3);
        }
    }

    public Set<Privilege> getRootPrivileges() {
        return this.rootPrivileges;
    }

    @Override // org.opends.server.api.ConfigChangeListener
    public boolean configChangeIsAcceptable(ConfigEntry configEntry, StringBuilder sb) {
        if (!configEntry.hasObjectClass(ConfigConstants.OC_ROOT_DN)) {
            sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_INVALID_OBJECTCLASS, configEntry.getDN().toString()));
            return false;
        }
        try {
            DNConfigAttribute dNConfigAttribute = (DNConfigAttribute) configEntry.getConfigAttribute(new DNConfigAttribute(ConfigConstants.ATTR_ROOTDN_ALTERNATE_BIND_DN, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ALTERNATE_BIND_DN), false, true, false));
            if (dNConfigAttribute != null) {
                for (DN dn : dNConfigAttribute.pendingValues()) {
                    DN actualRootBindDN = DirectoryServer.getActualRootBindDN(dn);
                    if (actualRootBindDN != null && !actualRootBindDN.equals(configEntry.getDN())) {
                        sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CONFLICTING_MAPPING, String.valueOf(dn), String.valueOf(configEntry.getDN()), String.valueOf(actualRootBindDN)));
                        return false;
                    }
                }
            }
            return true;
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_PARSE_ALTERNATE_BIND_DNS, String.valueOf(configEntry.getDN()), StaticUtils.getExceptionMessage(e)));
            return false;
        }
    }

    @Override // org.opends.server.api.ConfigChangeListener
    public ConfigChangeResult applyConfigurationChange(ConfigEntry configEntry) {
        DN dn = configEntry.getDN();
        ResultCode resultCode = ResultCode.SUCCESS;
        ArrayList arrayList = new ArrayList();
        List<DN> list = null;
        try {
            DNConfigAttribute dNConfigAttribute = (DNConfigAttribute) configEntry.getConfigAttribute(new DNConfigAttribute(ConfigConstants.ATTR_ROOTDN_ALTERNATE_BIND_DN, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ALTERNATE_BIND_DN), false, true, false));
            if (dNConfigAttribute != null) {
                list = dNConfigAttribute.activeValues();
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_PARSE_ALTERNATE_BIND_DNS, StaticUtils.getExceptionMessage(e)));
            resultCode = ResultCode.INVALID_ATTRIBUTE_SYNTAX;
        }
        if (resultCode == ResultCode.SUCCESS) {
            List<DN> list2 = this.bindMappings.get(dn);
            if (list2 != null) {
                for (DN dn2 : list2) {
                    if (list == null || !list.contains(dn2)) {
                        DirectoryServer.deregisterAlternateRootBindDN(dn2);
                    }
                }
            }
            if (list == null) {
                list = new ArrayList(0);
            } else {
                for (DN dn3 : list) {
                    try {
                        DirectoryServer.registerAlternateRootDN(dn, dn3);
                    } catch (DirectoryException e2) {
                        if (DebugLogger.debugEnabled()) {
                            TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                        }
                        arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_REGISTER_ALTERNATE_BIND_DN, String.valueOf(dn3), String.valueOf(dn), e2.getErrorMessage()));
                        if (resultCode == ResultCode.SUCCESS) {
                            resultCode = ResultCode.CONSTRAINT_VIOLATION;
                        }
                    }
                }
            }
            this.bindMappings.put(dn, list);
        }
        return new ConfigChangeResult(resultCode, false, arrayList);
    }

    @Override // org.opends.server.api.ConfigAddListener
    public boolean configAddIsAcceptable(ConfigEntry configEntry, StringBuilder sb) {
        DN dn = configEntry.getDN();
        if (this.bindMappings.containsKey(dn) || DirectoryServer.getActualRootBindDN(dn) != null) {
            sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_EXISTS, String.valueOf(dn)));
            return false;
        }
        if (!configEntry.hasObjectClass(ConfigConstants.OC_ROOT_DN)) {
            sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_INVALID_OBJECTCLASS, dn.toString()));
            return false;
        }
        try {
            DNConfigAttribute dNConfigAttribute = (DNConfigAttribute) configEntry.getConfigAttribute(new DNConfigAttribute(ConfigConstants.ATTR_ROOTDN_ALTERNATE_BIND_DN, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ALTERNATE_BIND_DN), false, true, false));
            if (dNConfigAttribute != null) {
                for (DN dn2 : dNConfigAttribute.pendingValues()) {
                    DN actualRootBindDN = DirectoryServer.getActualRootBindDN(dn2);
                    if (actualRootBindDN != null && !actualRootBindDN.equals(dn)) {
                        sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CONFLICTING_MAPPING, String.valueOf(dn2), String.valueOf(dn), String.valueOf(actualRootBindDN)));
                        return false;
                    }
                }
            }
            return true;
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            sb.append(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_PARSE_ALTERNATE_BIND_DNS, StaticUtils.getExceptionMessage(e)));
            return false;
        }
    }

    @Override // org.opends.server.api.ConfigAddListener
    public ConfigChangeResult applyConfigurationAdd(ConfigEntry configEntry) {
        DN dn = configEntry.getDN();
        ResultCode resultCode = ResultCode.SUCCESS;
        ArrayList arrayList = new ArrayList();
        List<DN> list = null;
        try {
            DNConfigAttribute dNConfigAttribute = (DNConfigAttribute) configEntry.getConfigAttribute(new DNConfigAttribute(ConfigConstants.ATTR_ROOTDN_ALTERNATE_BIND_DN, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ALTERNATE_BIND_DN), false, true, false));
            if (dNConfigAttribute != null) {
                list = dNConfigAttribute.activeValues();
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_PARSE_ALTERNATE_BIND_DNS, StaticUtils.getExceptionMessage(e)));
            resultCode = ResultCode.INVALID_ATTRIBUTE_SYNTAX;
        }
        if (resultCode == ResultCode.SUCCESS) {
            List<DN> list2 = this.bindMappings.get(dn);
            if (list2 != null) {
                for (DN dn2 : list2) {
                    if (list == null || !list.contains(dn2)) {
                        DirectoryServer.deregisterAlternateRootBindDN(dn2);
                    }
                }
            }
            if (list == null) {
                list = new ArrayList(0);
            } else {
                for (DN dn3 : list) {
                    try {
                        DirectoryServer.registerAlternateRootDN(dn, dn3);
                    } catch (DirectoryException e2) {
                        if (DebugLogger.debugEnabled()) {
                            TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                        }
                        arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_CANNOT_REGISTER_ALTERNATE_BIND_DN, String.valueOf(dn3), String.valueOf(dn)));
                        if (resultCode == ResultCode.SUCCESS) {
                            resultCode = ResultCode.CONSTRAINT_VIOLATION;
                        }
                    }
                }
            }
            this.bindMappings.put(dn, list);
            DirectoryServer.registerRootDN(dn);
            configEntry.registerChangeListener(this);
        }
        return new ConfigChangeResult(resultCode, false, arrayList);
    }

    @Override // org.opends.server.api.ConfigDeleteListener
    public boolean configDeleteIsAcceptable(ConfigEntry configEntry, StringBuilder sb) {
        return true;
    }

    @Override // org.opends.server.api.ConfigDeleteListener
    public ConfigChangeResult applyConfigurationDelete(ConfigEntry configEntry) {
        DN dn = configEntry.getDN();
        ResultCode resultCode = ResultCode.SUCCESS;
        List<DN> remove = this.bindMappings.remove(dn);
        if (remove != null) {
            Iterator<DN> it = remove.iterator();
            while (it.hasNext()) {
                DirectoryServer.deregisterAlternateRootBindDN(it.next());
            }
        }
        return new ConfigChangeResult(resultCode, false);
    }

    @Override // org.opends.server.api.ConfigurableComponent
    public DN getConfigurableComponentEntryDN() {
        return this.rootDNConfigBaseDN;
    }

    @Override // org.opends.server.api.ConfigurableComponent
    public List<ConfigAttribute> getConfigurationAttributes() {
        LinkedList linkedList = new LinkedList();
        LinkedList linkedList2 = new LinkedList();
        Iterator<Privilege> it = this.rootPrivileges.iterator();
        while (it.hasNext()) {
            linkedList2.add(it.next().getName());
        }
        linkedList.add(new MultiChoiceConfigAttribute(ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ROOT_PRIVILEGE), false, true, false, Privilege.getPrivilegeNames(), (List<String>) linkedList2));
        return linkedList;
    }

    @Override // org.opends.server.api.ConfigurableComponent
    public boolean hasAcceptableConfiguration(ConfigEntry configEntry, List<String> list) {
        try {
            MultiChoiceConfigAttribute multiChoiceConfigAttribute = (MultiChoiceConfigAttribute) configEntry.getConfigAttribute(new MultiChoiceConfigAttribute(ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ROOT_PRIVILEGE), false, true, false, Privilege.getPrivilegeNames()));
            if (multiChoiceConfigAttribute != null) {
                for (String str : multiChoiceConfigAttribute.activeValues()) {
                    if (Privilege.privilegeForName(StaticUtils.toLowerCase(str)) == null) {
                        list.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_UNRECOGNIZED_PRIVILEGE, ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, String.valueOf(this.rootDNConfigBaseDN), String.valueOf(str)));
                        return false;
                    }
                }
            }
            return true;
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            list.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_ERROR_DETERMINING_ROOT_PRIVILEGES, StaticUtils.getExceptionMessage(e)));
            return false;
        }
    }

    @Override // org.opends.server.api.ConfigurableComponent
    public ConfigChangeResult applyNewConfiguration(ConfigEntry configEntry, boolean z) {
        ResultCode resultCode = ResultCode.SUCCESS;
        ArrayList arrayList = new ArrayList();
        LinkedHashSet<Privilege> linkedHashSet = new LinkedHashSet<>(Privilege.getDefaultRootPrivileges());
        try {
            MultiChoiceConfigAttribute multiChoiceConfigAttribute = (MultiChoiceConfigAttribute) configEntry.getConfigAttribute(new MultiChoiceConfigAttribute(ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_DESCRIPTION_ROOT_PRIVILEGE), false, true, false, Privilege.getPrivilegeNames()));
            if (multiChoiceConfigAttribute != null) {
                ArrayList arrayList2 = new ArrayList();
                for (String str : multiChoiceConfigAttribute.activeValues()) {
                    Privilege privilegeForName = Privilege.privilegeForName(StaticUtils.toLowerCase(str));
                    if (privilegeForName == null) {
                        if (resultCode == ResultCode.SUCCESS) {
                            resultCode = ResultCode.INVALID_ATTRIBUTE_SYNTAX;
                        }
                        arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_UNRECOGNIZED_PRIVILEGE, ConfigConstants.ATTR_DEFAULT_ROOT_PRIVILEGE_NAME, String.valueOf(this.rootDNConfigBaseDN), String.valueOf(str)));
                    } else {
                        arrayList2.add(privilegeForName);
                    }
                }
                linkedHashSet = new LinkedHashSet<>(arrayList2);
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            if (resultCode == ResultCode.SUCCESS) {
                resultCode = ResultCode.INVALID_ATTRIBUTE_SYNTAX;
            }
            arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_ERROR_DETERMINING_ROOT_PRIVILEGES, StaticUtils.getExceptionMessage(e)));
        }
        if (resultCode == ResultCode.SUCCESS) {
            this.rootPrivileges = linkedHashSet;
            if (z) {
                arrayList.add(MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_ROOTDN_UPDATED_PRIVILEGES));
            }
        }
        return new ConfigChangeResult(resultCode, false, arrayList);
    }
}
