package org.opends.server.core;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.concurrent.atomic.AtomicReference;
import org.opends.server.admin.server.ConfigurationChangeListener;
import org.opends.server.admin.server.ServerManagementContext;
import org.opends.server.admin.std.meta.AccessControlHandlerCfgDefn;
import org.opends.server.admin.std.server.AccessControlHandlerCfg;
import org.opends.server.api.AccessControlHandler;
import org.opends.server.api.AccessControlProvider;
import org.opends.server.api.AlertGenerator;
import org.opends.server.config.ConfigException;
import org.opends.server.loggers.ErrorLogger;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.messages.ConfigMessages;
import org.opends.server.messages.MessageHandler;
import org.opends.server.types.ConfigChangeResult;
import org.opends.server.types.DN;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.types.ErrorLogCategory;
import org.opends.server.types.ErrorLogSeverity;
import org.opends.server.types.InitializationException;
import org.opends.server.types.ResultCode;
import org.opends.server.util.ServerConstants;
import org.opends.server.util.StaticUtils;

/* loaded from: input_file:org/opends/server/core/AccessControlConfigManager.class */
public final class AccessControlConfigManager implements AlertGenerator {
    private static final String CLASS_NAME = "org.opends.server.core.AccessControlConfigManager";
    private AtomicReference<AccessControlProvider> accessControlProvider = new AtomicReference<>(new DefaultAccessControlProvider());
    private PrivateACLConfiguration currentConfiguration = null;
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    private static AccessControlConfigManager instance = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/core/AccessControlConfigManager$ChangeListener.class */
    public class ChangeListener implements ConfigurationChangeListener<AccessControlHandlerCfg> {
        private ChangeListener() {
        }

        /* renamed from: isConfigurationChangeAcceptable, reason: avoid collision after fix types in other method */
        public boolean isConfigurationChangeAcceptable2(AccessControlHandlerCfg accessControlHandlerCfg, List<String> list) {
            try {
                PrivateACLConfiguration.readConfiguration(accessControlHandlerCfg);
                return true;
            } catch (ConfigException e) {
                list.add(e.getMessage());
                return false;
            }
        }

        @Override // org.opends.server.admin.server.ConfigurationChangeListener
        public ConfigChangeResult applyConfigurationChange(AccessControlHandlerCfg accessControlHandlerCfg) {
            ResultCode resultCode = ResultCode.SUCCESS;
            ArrayList arrayList = new ArrayList();
            try {
                AccessControlConfigManager.this.updateConfiguration(PrivateACLConfiguration.readConfiguration(accessControlHandlerCfg));
            } catch (ConfigException e) {
                arrayList.add(e.getMessage());
                resultCode = ResultCode.CONSTRAINT_VIOLATION;
            } catch (InitializationException e2) {
                arrayList.add(e2.getMessage());
                resultCode = DirectoryServer.getServerErrorResultCode();
            }
            return new ConfigChangeResult(resultCode, false, arrayList);
        }

        @Override // org.opends.server.admin.server.ConfigurationChangeListener
        public /* bridge */ /* synthetic */ boolean isConfigurationChangeAcceptable(AccessControlHandlerCfg accessControlHandlerCfg, List list) {
            return isConfigurationChangeAcceptable2(accessControlHandlerCfg, (List<String>) list);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/core/AccessControlConfigManager$PrivateACLConfiguration.class */
    public static class PrivateACLConfiguration {
        private boolean enabled;
        private Class<? extends AccessControlProvider> providerClass;
        private AccessControlHandlerCfg configuration;

        public static PrivateACLConfiguration readConfiguration(AccessControlHandlerCfg accessControlHandlerCfg) throws ConfigException {
            if (accessControlHandlerCfg.getAclHandlerClass() == null) {
                throw new ConfigException(ConfigMessages.MSGID_CONFIG_AUTHZ_ENTRY_DOES_NOT_HAVE_OBJECT_CLASS, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_ENTRY_DOES_NOT_HAVE_OBJECT_CLASS, accessControlHandlerCfg.toString()));
            }
            return new PrivateACLConfiguration(accessControlHandlerCfg, accessControlHandlerCfg.isEnabled(), getClassAttribute(accessControlHandlerCfg));
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public Class<? extends AccessControlProvider> getProviderClass() {
            return this.providerClass;
        }

        public AccessControlHandlerCfg getConfiguration() {
            return this.configuration;
        }

        private PrivateACLConfiguration(AccessControlHandlerCfg accessControlHandlerCfg, boolean z, Class<? extends AccessControlProvider> cls) {
            this.configuration = accessControlHandlerCfg;
            this.enabled = z;
            this.providerClass = cls;
        }

        private static Class<? extends AccessControlProvider> getClassAttribute(AccessControlHandlerCfg accessControlHandlerCfg) throws ConfigException {
            try {
                String aclHandlerClass = accessControlHandlerCfg.getAclHandlerClass();
                try {
                    return DirectoryServer.loadClass(aclHandlerClass).asSubclass(AccessControlProvider.class);
                } catch (ClassCastException e) {
                    if (DebugLogger.debugEnabled()) {
                        AccessControlConfigManager.TRACER.debugCaught(DebugLogLevel.ERROR, e);
                    }
                    throw new ConfigException(ConfigMessages.MSGID_CONFIG_AUTHZ_BAD_CLASS, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_BAD_CLASS, aclHandlerClass, String.valueOf(accessControlHandlerCfg.dn().toString()), AccessControlProvider.class.getName(), StaticUtils.getExceptionMessage(e)), e);
                } catch (ClassNotFoundException e2) {
                    if (DebugLogger.debugEnabled()) {
                        AccessControlConfigManager.TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                    }
                    throw new ConfigException(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_LOAD_CLASS, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_LOAD_CLASS, aclHandlerClass, String.valueOf(accessControlHandlerCfg.dn().toString()), StaticUtils.getExceptionMessage(e2)), e2);
                }
            } catch (ConfigException e3) {
                throw new ConfigException(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_DETERMINE_CLASS, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_DETERMINE_CLASS, accessControlHandlerCfg.dn().toString(), StaticUtils.getExceptionMessage(e3)), e3);
            }
        }
    }

    public static AccessControlConfigManager getInstance() {
        if (instance == null) {
            instance = new AccessControlConfigManager();
        }
        return instance;
    }

    public boolean isAccessControlEnabled() {
        return this.currentConfiguration.isEnabled();
    }

    public AccessControlHandler getAccessControlHandler() {
        return this.accessControlProvider.get().getInstance();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initializeAccessControl() throws ConfigException, InitializationException {
        AccessControlHandlerCfg accessControlHandler = ServerManagementContext.getInstance().getRootConfiguration().getAccessControlHandler();
        PrivateACLConfiguration readConfiguration = PrivateACLConfiguration.readConfiguration(accessControlHandler);
        accessControlHandler.addChangeListener(new ChangeListener());
        updateConfiguration(readConfiguration);
    }

    private AccessControlConfigManager() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateConfiguration(PrivateACLConfiguration privateACLConfiguration) throws ConfigException, InitializationException {
        AccessControlProvider<? extends AccessControlHandlerCfg> defaultAccessControlProvider;
        DN dn = privateACLConfiguration.getConfiguration().dn();
        Class cls = null;
        if (this.currentConfiguration == null) {
            cls = privateACLConfiguration.isEnabled() ? privateACLConfiguration.getProviderClass() : DefaultAccessControlProvider.class;
        } else {
            boolean isEnabled = this.currentConfiguration.isEnabled();
            boolean isEnabled2 = privateACLConfiguration.isEnabled();
            if (!isEnabled && isEnabled2) {
                cls = privateACLConfiguration.getProviderClass();
            } else if (isEnabled && !isEnabled2) {
                cls = DefaultAccessControlProvider.class;
            } else if (isEnabled2 && !this.currentConfiguration.getProviderClass().equals(privateACLConfiguration.getProviderClass())) {
                cls = privateACLConfiguration.getProviderClass();
            }
        }
        if (cls != null) {
            try {
                if (privateACLConfiguration.isEnabled()) {
                    defaultAccessControlProvider = loadProvider(cls.getName(), privateACLConfiguration.getConfiguration());
                } else {
                    defaultAccessControlProvider = new DefaultAccessControlProvider();
                    defaultAccessControlProvider.initializeAccessControlHandler(null);
                }
                AccessControlProvider andSet = this.accessControlProvider.getAndSet(defaultAccessControlProvider);
                if (andSet != null) {
                    andSet.finalizeAccessControlHandler();
                }
                if (cls.equals(DefaultAccessControlProvider.class)) {
                    String message = MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_DISABLED);
                    ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.SEVERE_WARNING, message, ConfigMessages.MSGID_CONFIG_AUTHZ_DISABLED);
                    if (this.currentConfiguration != null) {
                        DirectoryServer.sendAlertNotification(this, ServerConstants.ALERT_TYPE_ACCESS_CONTROL_DISABLED, ConfigMessages.MSGID_CONFIG_AUTHZ_DISABLED, message);
                    }
                } else {
                    String message2 = MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_ENABLED, cls.getName());
                    ErrorLogger.logError(ErrorLogCategory.CONFIGURATION, ErrorLogSeverity.NOTICE, message2, ConfigMessages.MSGID_CONFIG_AUTHZ_ENABLED);
                    if (this.currentConfiguration != null) {
                        DirectoryServer.sendAlertNotification(this, ServerConstants.ALERT_TYPE_ACCESS_CONTROL_ENABLED, ConfigMessages.MSGID_CONFIG_AUTHZ_ENABLED, message2);
                    }
                }
            } catch (Exception e) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                throw new InitializationException(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_INSTANTIATE_HANDLER, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_INSTANTIATE_HANDLER, cls.getName(), String.valueOf(dn.toString()), StaticUtils.stackTraceToSingleLineString(e)), e);
            }
        }
        this.currentConfiguration = privateACLConfiguration;
    }

    @Override // org.opends.server.api.AlertGenerator
    public DN getComponentEntryDN() {
        return this.currentConfiguration.getConfiguration().dn();
    }

    @Override // org.opends.server.api.AlertGenerator
    public String getClassName() {
        return CLASS_NAME;
    }

    @Override // org.opends.server.api.AlertGenerator
    public LinkedHashMap<String, String> getAlerts() {
        LinkedHashMap<String, String> linkedHashMap = new LinkedHashMap<>();
        linkedHashMap.put(ServerConstants.ALERT_TYPE_ACCESS_CONTROL_DISABLED, ServerConstants.ALERT_DESCRIPTION_ACCESS_CONTROL_DISABLED);
        linkedHashMap.put(ServerConstants.ALERT_TYPE_ACCESS_CONTROL_ENABLED, ServerConstants.ALERT_DESCRIPTION_ACCESS_CONTROL_ENABLED);
        return linkedHashMap;
    }

    private AccessControlProvider<? extends AccessControlHandlerCfg> loadProvider(String str, AccessControlHandlerCfg accessControlHandlerCfg) throws InitializationException {
        try {
            AccessControlProvider<? extends AccessControlHandlerCfg> accessControlProvider = (AccessControlProvider) AccessControlHandlerCfgDefn.getInstance().getAclHandlerClassPropertyDefinition().loadClass(str, AccessControlProvider.class).newInstance();
            if (accessControlHandlerCfg != null) {
                accessControlProvider.getClass().getMethod("initializeAccessControlHandler", accessControlHandlerCfg.definition().getServerConfigurationClass()).invoke(accessControlProvider, accessControlHandlerCfg);
            }
            return accessControlProvider;
        } catch (Exception e) {
            throw new InitializationException(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_INSTANTIATE_HANDLER, MessageHandler.getMessage(ConfigMessages.MSGID_CONFIG_AUTHZ_UNABLE_TO_INSTANTIATE_HANDLER, str, String.valueOf(accessControlHandlerCfg.dn()), StaticUtils.stackTraceToSingleLineString(e)), e);
        }
    }
}
