package com.bea.security.providers.xacml.entitlement;

import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.SecurityLogger;
import com.bea.common.security.utils.Pair;
import com.bea.common.security.xacml.DocumentParseException;
import com.bea.common.security.xacml.URI;
import com.bea.common.security.xacml.URISyntaxException;
import com.bea.common.security.xacml.policy.IdReference;
import com.bea.common.security.xacml.policy.Policy;
import com.bea.common.security.xacml.policy.PolicyIdReference;
import com.bea.common.security.xacml.policy.PolicySet;
import com.bea.common.security.xacml.policy.PolicySetMember;
import com.bea.common.security.xacml.policy.Rule;
import com.bea.security.providers.xacml.ConflictException;
import com.bea.security.providers.xacml.Cursor;
import com.bea.security.providers.xacml.StoredRoleCollectionInfo;
import com.bea.security.providers.xacml.UniqueIdentifier;
import com.bea.security.providers.xacml.XMLEscaper;
import com.bea.security.providers.xacml.store.MetaDataPolicyStore;
import com.bea.security.providers.xacml.store.PolicyMetaDataImpl;
import com.bea.security.xacml.PolicyInfo;
import com.bea.security.xacml.PolicyMetaData;
import com.bea.security.xacml.PolicySetInfo;
import com.bea.security.xacml.PolicyStoreException;
import com.bea.security.xacml.cache.resource.ResourceMatchUtil;
import com.bea.security.xacml.cache.resource.ResourcePolicyIdUtil;
import com.bea.security.xacml.store.PolicyStore;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import weblogic.management.utils.CreateException;
import weblogic.management.utils.InvalidCursorException;
import weblogic.management.utils.NotFoundException;
import weblogic.management.utils.RemoveException;
import weblogic.security.spi.Resource;

/* loaded from: input_file:com/bea/security/providers/xacml/entitlement/RoleManager.class */
public class RoleManager {
    private static final String WLS_ROLE_INFO = "WLSRoleInfo";
    private static final String WLS_XML_START = "<WLSRoleInfo ";
    public static final String PCI_KEY = "RoleCollectionInfo#";
    private static final String PCI_XML_START = "<RoleCollectionInfo ";
    private PolicyStore store;
    private EntitlementConverter converter;
    private LoggerSpi log;
    private UniqueIdentifier ui = new UniqueIdentifier("rm");
    private ResourceMatchUtil rmu = new ResourceMatchUtil();

    public RoleManager(PolicyStore policyStore, EntitlementConverter entitlementConverter, LoggerSpi loggerSpi) throws URISyntaxException {
        this.store = policyStore;
        this.converter = entitlementConverter;
        this.log = loggerSpi;
    }

    public boolean hasRole(Resource resource, String str) throws NotFoundException {
        return hasRole(resource != null ? resource.toString() : null, str);
    }

    public boolean hasRole(String str, String str2) throws NotFoundException {
        try {
            try {
                return this.store.hasPolicy(new URI(this.converter.getPolicyId(str, str2)), "1.0");
            } catch (java.net.URISyntaxException e) {
                throw new URISyntaxException(e);
            }
        } catch (DocumentParseException e2) {
            throw new NotFoundException(e2);
        } catch (URISyntaxException e3) {
            throw new NotFoundException(e3);
        } catch (PolicyStoreException e4) {
            throw new NotFoundException(e4);
        }
    }

    public String getRole(Resource resource, String str) throws NotFoundException {
        return getRole(resource != null ? resource.toString() : null, str);
    }

    public String getRole(String str, String str2) throws NotFoundException {
        List<Rule> rules;
        try {
            try {
                Policy readPolicy = this.store.readPolicy(new URI(this.converter.getPolicyId(str, str2)), "1.0");
                if (readPolicy == null || (rules = readPolicy.getRules()) == null || rules.isEmpty()) {
                    throw new NotFoundException(SecurityLogger.getFailedToSetResource());
                }
                return getRoleFromDescription(readPolicy.getDescription());
            } catch (java.net.URISyntaxException e) {
                throw new URISyntaxException(e);
            }
        } catch (DocumentParseException e2) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e2);
        } catch (URISyntaxException e3) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e3);
        } catch (PolicyStoreException e4) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e4);
        }
    }

    public String getRoleAuxiliary(Resource resource, String str) throws NotFoundException {
        return getRoleAuxiliary(resource != null ? resource.toString() : null, str);
    }

    public String getRoleAuxiliary(String str, String str2) throws NotFoundException {
        List<Rule> rules;
        try {
            try {
                Policy readPolicy = this.store.readPolicy(new URI(this.converter.getPolicyId(str, str2)), "1.0");
                if (readPolicy == null || (rules = readPolicy.getRules()) == null || rules.isEmpty()) {
                    throw new NotFoundException(SecurityLogger.getFailedToSetResource());
                }
                return getAuxiliaryFromDescription(readPolicy.getDescription());
            } catch (java.net.URISyntaxException e) {
                throw new URISyntaxException(e);
            }
        } catch (DocumentParseException e2) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e2);
        } catch (URISyntaxException e3) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e3);
        } catch (PolicyStoreException e4) {
            throw new NotFoundException(SecurityLogger.getFailedToSetResource(), e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getRoleFromDescription(String str) {
        int length;
        int indexOf;
        if (str == null) {
            return "";
        }
        int indexOf2 = str.indexOf("<aux:ent>");
        return (indexOf2 == -1 || (indexOf = str.indexOf("</aux:ent>", (length = indexOf2 + "<aux:ent>".length()))) == -1) ? str : str.substring(length, indexOf);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getAuxiliaryFromDescription(String str) {
        int indexOf;
        int length;
        int indexOf2;
        if (str == null || (indexOf = str.indexOf("<aux:data>")) == -1 || (indexOf2 = str.indexOf("</aux:data>", (length = indexOf + "<aux:data>".length()))) == -1) {
            return null;
        }
        return str.substring(length, indexOf2);
    }

    public void setRole(Resource resource, String str, String str2, String str3) throws CreateException {
        setRole(convertExpression(resource, str, str2, str3), str, true, (String) null);
    }

    private Policy convertExpression(Resource resource, String str, String str2, String str3) throws CreateException {
        return convertExpression(resource != null ? resource.toString() : null, str, str2, str3);
    }

    public void setRole(String str, String str2, String str3, String str4) throws CreateException {
        setRole(convertExpression(str, str2, str3, str4), str2, false, (String) null);
    }

    private Policy convertExpression(String str, String str2, String str3, String str4) throws CreateException {
        if (str4 == null) {
            try {
                try {
                    str4 = getRoleAuxiliary(str, str2);
                } catch (NotFoundException e) {
                }
            } catch (DocumentParseException e2) {
                throw new CreateException(e2);
            } catch (URISyntaxException e3) {
                throw new CreateException(e3);
            }
        }
        Policy convertRoleExpression = this.converter.convertRoleExpression(str, str2, str3, str4);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Converted role policy:\n" + convertRoleExpression);
        }
        return convertRoleExpression;
    }

    public void setRoleImport(String str, String str2, String str3, String str4, boolean z, String str5, boolean z2) throws CreateException, ConflictException {
        if (str.equals("null")) {
            str = "";
        }
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new CreateException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        if (!z2) {
            try {
                try {
                    URI uri = new URI(this.converter.getPolicyId(str, str2));
                    if (this.log.isDebugEnabled()) {
                        this.log.debug("setRoleImport: " + uri);
                    }
                    if (metaDataPolicyStore.getPolicyMetaDataEntry(uri, "1.0") != null) {
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("setRoleImport: role exists, do not overwrite");
                        }
                        throw new ConflictException(str2 + " : " + str);
                    }
                } catch (java.net.URISyntaxException e) {
                    throw new CreateException(e);
                }
            } catch (URISyntaxException e2) {
                throw new CreateException(e2);
            } catch (PolicyStoreException e3) {
                throw new CreateException(e3);
            }
        }
        setRole(convertExpression(str, str2, str3, str4), str2, z, str5);
    }

    private void setRole(Policy policy, String str, boolean z, String str2) throws CreateException {
        String str3;
        try {
            if (this.store instanceof MetaDataPolicyStore) {
                MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
                HashMap hashMap = new HashMap();
                String str4 = z ? "deploy" : "mbean";
                hashMap.put("wlsCreatorInfo", str4);
                if (str2 != null) {
                    hashMap.put("wlsCollectionName", str2);
                    str3 = "<WLSRoleInfo wlsCreatorInfo=\"" + str4 + "\" wlsCollectionName=\"" + XMLEscaper.escapeXMLChars(str2) + "\"/>";
                } else {
                    str3 = "<WLSRoleInfo wlsCreatorInfo=\"" + str4 + "\"/>";
                }
                PolicyMetaDataImpl policyMetaDataImpl = new PolicyMetaDataImpl(WLS_ROLE_INFO, str3, hashMap);
                if (metaDataPolicyStore instanceof EntitlementAwarePolicyStore) {
                    metaDataPolicyStore.setPolicy(policy, 3, policyMetaDataImpl);
                } else {
                    metaDataPolicyStore.setPolicy(policy, 1, policyMetaDataImpl);
                    setTopPolicySet(policy, str);
                }
            } else if (this.store instanceof EntitlementAwarePolicyStore) {
                this.store.setPolicy(policy, 3);
            } else {
                this.store.setPolicy(policy, 1);
                setTopPolicySet(policy, str);
            }
        } catch (DocumentParseException e) {
            throw new CreateException(e);
        } catch (URISyntaxException e2) {
            throw new CreateException(e2);
        } catch (PolicyStoreException e3) {
            throw new CreateException(e3);
        }
    }

    private void setTopPolicySet(Policy policy, String str) throws DocumentParseException, PolicyStoreException, URISyntaxException {
        try {
            PolicySet readPolicySet = this.store.readPolicySet(new URI(this.converter.getTopPolicyId(str)), "1.0");
            if (readPolicySet == null) {
                readPolicySet = this.converter.createTopPolicySet(str);
            }
            IdReference reference = policy.getReference();
            List<PolicySetMember> policiesPolicySetsAndReferences = readPolicySet.getPoliciesPolicySetsAndReferences();
            if (policiesPolicySetsAndReferences == null || !policiesPolicySetsAndReferences.contains(reference)) {
                ArrayList arrayList = new ArrayList();
                if (policiesPolicySetsAndReferences != null) {
                    arrayList.addAll(policiesPolicySetsAndReferences);
                }
                arrayList.add(reference);
                this.store.setPolicySet(new PolicySet(readPolicySet.getId(), readPolicySet.getTarget(), readPolicySet.getCombiningAlgId(), readPolicySet.getDescription(), readPolicySet.getVersion(), readPolicySet.getDefaults(), readPolicySet.getCombinerParameters(), readPolicySet.getObligations(), arrayList, readPolicySet.getPolicyCombinerParameters(), readPolicySet.getPolicySetCombinerParameters()), 0);
            }
        } catch (java.net.URISyntaxException e) {
            throw new URISyntaxException(e);
        }
    }

    public void setRoleAuxiliary(Resource resource, String str, String str2) throws CreateException {
        setRoleAuxiliary(resource != null ? resource.toString() : null, str, str2);
    }

    public void setRoleAuxiliary(String str, String str2, String str3) throws CreateException {
        String str4;
        try {
            try {
                str4 = getRole(str, str2);
            } catch (NotFoundException e) {
                str4 = "~Grp(everyone)";
            }
            Policy convertRoleExpression = this.converter.convertRoleExpression(str, str2, str4, str3);
            if (this.store instanceof EntitlementAwarePolicyStore) {
                this.store.setPolicy(convertRoleExpression, 3);
            } else {
                this.store.setPolicy(convertRoleExpression, 1);
                setTopPolicySet(convertRoleExpression, str2);
            }
        } catch (DocumentParseException e2) {
            throw new CreateException(e2);
        } catch (URISyntaxException e3) {
            throw new CreateException(e3);
        } catch (PolicyStoreException e4) {
            throw new CreateException(e4);
        }
    }

    public boolean setRoleCollectionEntry(String str, Resource resource, String str2, String str3) throws CreateException, ConflictException {
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new CreateException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        boolean z = true;
        try {
            URI uri = new URI(this.converter.getPolicyId(resource, str2));
            if (this.log.isDebugEnabled()) {
                this.log.debug("setRoleCollectionEntry: " + uri);
            }
            try {
                PolicyMetaData policyMetaDataEntry = metaDataPolicyStore.getPolicyMetaDataEntry(uri, "1.0");
                if (policyMetaDataEntry != null) {
                    z = false;
                    String value = policyMetaDataEntry.getValue();
                    if (this.log.isDebugEnabled()) {
                        this.log.debug("setRoleCollectionEntry existing metadata: " + value);
                    }
                    if (!"deploy".equals(policyMetaDataEntry.getIndexValue("wlsCreatorInfo"))) {
                        throw new ConflictException("Role definition customized: " + str2 + " : " + (resource != null ? resource.toString() : Expression.NULL));
                    }
                }
                setRole(convertExpression(resource, str2, str3, (String) null), str2, true, str);
                return z;
            } catch (URISyntaxException e) {
                throw new CreateException(e);
            } catch (PolicyStoreException e2) {
                throw new CreateException(e2);
            }
        } catch (java.net.URISyntaxException e3) {
            throw new CreateException(e3);
        }
    }

    public void removeRole(Resource resource, String str) throws RemoveException {
        removeRole(resource != null ? resource.toString() : null, str);
    }

    public void removeRole(String str, String str2) throws RemoveException {
        try {
            try {
                URI uri = new URI(this.converter.getPolicyId(str, str2));
                if (this.store.hasPolicy(uri, "1.0")) {
                    this.store.deletePolicy(uri, "1.0");
                    if (!(this.store instanceof EntitlementAwarePolicyStore)) {
                        removeTopPolicySet(uri, "1.0", str2);
                    }
                }
            } catch (java.net.URISyntaxException e) {
                throw new URISyntaxException(e);
            }
        } catch (DocumentParseException e2) {
            throw new RemoveException(e2);
        } catch (URISyntaxException e3) {
            throw new RemoveException(e3);
        } catch (PolicyStoreException e4) {
            throw new RemoveException(e4);
        }
    }

    public void removeRoleSet(Resource resource, String str) throws RemoveException {
        removeRoleSet(resource != null ? resource.toString() : null, str);
    }

    public void removeRoleSet(String str, String str2) throws RemoveException {
        try {
            try {
                URI uri = new URI(this.converter.getPolicyId(str, str2));
                if (this.store.hasPolicySet(uri, "1.0")) {
                    this.store.deletePolicySet(uri, "1.0");
                }
            } catch (java.net.URISyntaxException e) {
                throw new URISyntaxException(e);
            }
        } catch (DocumentParseException e2) {
            throw new RemoveException(e2);
        } catch (URISyntaxException e3) {
            throw new RemoveException(e3);
        } catch (PolicyStoreException e4) {
            throw new RemoveException(e4);
        }
    }

    private void removeTopPolicySet(URI uri, String str, String str2) throws DocumentParseException, PolicyStoreException, URISyntaxException {
        try {
            URI uri2 = new URI(this.converter.getTopPolicyId(str2));
            PolicySet readPolicySet = this.store.readPolicySet(uri2, "1.0");
            if (readPolicySet != null) {
                PolicyIdReference policyIdReference = new PolicyIdReference(uri, str);
                List<PolicySetMember> policiesPolicySetsAndReferences = readPolicySet.getPoliciesPolicySetsAndReferences();
                if (policiesPolicySetsAndReferences == null || !policiesPolicySetsAndReferences.contains(policyIdReference)) {
                    return;
                }
                ArrayList arrayList = new ArrayList();
                if (policiesPolicySetsAndReferences != null) {
                    arrayList.addAll(policiesPolicySetsAndReferences);
                }
                arrayList.remove(policyIdReference);
                if (arrayList.isEmpty()) {
                    this.store.deletePolicySet(uri2, "1.0");
                } else {
                    this.store.setPolicySet(new PolicySet(readPolicySet.getId(), readPolicySet.getTarget(), readPolicySet.getCombiningAlgId(), readPolicySet.getDescription(), readPolicySet.getVersion(), readPolicySet.getDefaults(), readPolicySet.getCombinerParameters(), readPolicySet.getObligations(), arrayList, readPolicySet.getPolicyCombinerParameters(), readPolicySet.getPolicySetCombinerParameters()));
                }
            }
        } catch (java.net.URISyntaxException e) {
            throw new URISyntaxException(e);
        }
    }

    public Set<ResourcePolicyIdUtil.RoleResource> getRoleResourceIds() throws NotFoundException {
        HashSet hashSet = new HashSet();
        try {
            Set<Policy> readAllPolicies = this.store.readAllPolicies();
            if (readAllPolicies != null) {
                Iterator<Policy> it = readAllPolicies.iterator();
                while (it.hasNext()) {
                    ResourcePolicyIdUtil.RoleResource roleResourceId = this.converter.getRoleResourceId(it.next().getId().toString());
                    if (roleResourceId != null) {
                        hashSet.add(roleResourceId);
                    }
                }
            }
            return hashSet;
        } catch (DocumentParseException e) {
            throw new NotFoundException(e);
        } catch (URISyntaxException e2) {
            throw new NotFoundException(e2);
        } catch (PolicyStoreException e3) {
            throw new NotFoundException(e3);
        }
    }

    public Cursor listRoles(final int i, final CursorFilter cursorFilter) throws NotFoundException {
        try {
            Set<Policy> readAllPolicies = this.store.readAllPolicies();
            if (this.log.isDebugEnabled()) {
                this.log.debug("listRoles() found unfiltered policy count: " + (readAllPolicies != null ? readAllPolicies.size() : 0));
            }
            final Iterator<Policy> it = readAllPolicies != null ? readAllPolicies.iterator() : null;
            return new CursorImpl(this.ui.getNext()) { // from class: com.bea.security.providers.xacml.entitlement.RoleManager.1
                private int returnedCount = 0;

                @Override // com.bea.security.providers.xacml.entitlement.CursorImpl
                public boolean hasNext() {
                    return this.next != null || search();
                }

                @Override // com.bea.security.providers.xacml.entitlement.CursorImpl
                public CursorElement next() throws InvalidCursorException {
                    if (this.next == null) {
                        search();
                        if (this.next == null) {
                            throw new InvalidCursorException(SecurityLogger.getDefAuthImplNoSearchResults());
                        }
                    }
                    CursorElement cursorElement = this.next;
                    this.next = null;
                    return cursorElement;
                }

                private boolean search() {
                    if (i != 0) {
                        int i2 = this.returnedCount;
                        this.returnedCount = i2 + 1;
                        if (i2 >= i) {
                            return false;
                        }
                    }
                    if (it == null) {
                        return false;
                    }
                    while (it.hasNext()) {
                        Policy policy = (Policy) it.next();
                        ResourcePolicyIdUtil.RoleResource roleResourceId = RoleManager.this.converter.getRoleResourceId(policy.getId().toString());
                        if (roleResourceId != null) {
                            String resourceId = roleResourceId.getResourceId();
                            String role = roleResourceId.getRole();
                            if (cursorFilter == null || cursorFilter.isValidRole(resourceId, role)) {
                                String str = null;
                                boolean z = false;
                                if (RoleManager.this.store instanceof MetaDataPolicyStore) {
                                    try {
                                        PolicyMetaData policyMetaDataEntry = ((MetaDataPolicyStore) RoleManager.this.store).getPolicyMetaDataEntry(policy.getId(), policy.getVersion());
                                        if (policyMetaDataEntry != null) {
                                            str = policyMetaDataEntry.getIndexValue("wlsCollectionName");
                                            z = "deploy".equals(policyMetaDataEntry.getIndexValue("wlsCreatorInfo"));
                                        }
                                    } catch (Exception e) {
                                        if (RoleManager.this.log.isDebugEnabled()) {
                                            RoleManager.this.log.debug("listRoles.CursorImpl.search() metadata: " + e.toString());
                                        }
                                    }
                                }
                                this.next = new CursorElement(resourceId, role, RoleManager.this.getRoleFromDescription(policy.getDescription()), RoleManager.this.getAuxiliaryFromDescription(policy.getDescription()), z, str);
                                return true;
                            }
                        }
                    }
                    return false;
                }
            };
        } catch (DocumentParseException e) {
            throw new NotFoundException(e);
        } catch (URISyntaxException e2) {
            throw new NotFoundException(e2);
        } catch (PolicyStoreException e3) {
            throw new NotFoundException(e3);
        }
    }

    public Collection<String> getPredicates() {
        return this.converter.getPredicates();
    }

    public Set<ResourcePolicyIdUtil.RoleResource> listRoleCollection(String str) throws NotFoundException {
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new NotFoundException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        if (this.log.isDebugEnabled()) {
            this.log.debug("listRoleCollection: '" + str + Expression.QUOTE);
        }
        HashSet hashSet = new HashSet();
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("wlsCollectionName", str);
            hashMap.put("wlsCreatorInfo", "deploy");
            List<PolicyInfo> readPolicy = metaDataPolicyStore.readPolicy(new PolicyMetaDataImpl(WLS_ROLE_INFO, null, hashMap));
            if (readPolicy != null) {
                Iterator<PolicyInfo> it = readPolicy.iterator();
                while (it.hasNext()) {
                    Policy policy = it.next().getPolicy();
                    ResourcePolicyIdUtil.RoleResource roleResourceId = this.converter.getRoleResourceId(policy.getId().toString());
                    if (roleResourceId != null) {
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("listRoleCollection policy id: '" + policy.getId() + Expression.QUOTE);
                        }
                        hashSet.add(roleResourceId);
                    }
                }
            }
            return hashSet;
        } catch (DocumentParseException e) {
            throw new NotFoundException(e);
        } catch (URISyntaxException e2) {
            throw new NotFoundException(e2);
        } catch (PolicyStoreException e3) {
            throw new NotFoundException(e3);
        }
    }

    public Pair<Set<ResourcePolicyIdUtil.RoleResource>, Set<String>> listRoles(String str, String str2, boolean z) throws NotFoundException {
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new NotFoundException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        if (this.log.isDebugEnabled()) {
            this.log.debug("listRoles: '" + str + "':'" + str2 + Expression.QUOTE);
        }
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("resourceScope", PolicyManager.getSearchResourceScope(str));
            if (z) {
                hashMap.put("wlsCreatorInfo", "deploy");
            }
            PolicyMetaDataImpl policyMetaDataImpl = new PolicyMetaDataImpl(WLS_ROLE_INFO, null, hashMap);
            List<PolicyInfo> readPolicy = metaDataPolicyStore.readPolicy(policyMetaDataImpl);
            if (readPolicy != null) {
                Iterator<PolicyInfo> it = readPolicy.iterator();
                while (it.hasNext()) {
                    Policy policy = it.next().getPolicy();
                    ResourcePolicyIdUtil.RoleResource roleResourceId = this.converter.getRoleResourceId(policy.getId().toString());
                    String resourceId = roleResourceId != null ? roleResourceId.getResourceId() : this.rmu.getTargetResource(policy.getTarget());
                    if (PolicyManager.resourceMatches(resourceId, str2)) {
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("listRoles policy id: '" + policy.getId() + Expression.QUOTE);
                        }
                        hashSet.add(roleResourceId != null ? roleResourceId : new ResourcePolicyIdUtil.RoleResource(resourceId, null));
                    }
                }
            }
            List<PolicySetInfo> readPolicySet = metaDataPolicyStore.readPolicySet(policyMetaDataImpl);
            if (readPolicySet != null) {
                Iterator<PolicySetInfo> it2 = readPolicySet.iterator();
                while (it2.hasNext()) {
                    PolicySet policySet = it2.next().getPolicySet();
                    String targetResource = this.rmu.getTargetResource(policySet.getTarget());
                    if (PolicyManager.resourceMatches(targetResource, str2)) {
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("listPolicy policy set id: '" + policySet.getId() + Expression.QUOTE);
                        }
                        hashSet2.add(targetResource);
                    }
                }
            }
            return new Pair<>(hashSet, hashSet2);
        } catch (DocumentParseException e) {
            throw new NotFoundException(e);
        } catch (URISyntaxException e2) {
            throw new NotFoundException(e2);
        } catch (PolicyStoreException e3) {
            throw new NotFoundException(e3);
        }
    }

    public void copyRoles(String str, String str2, String str3, String str4) throws CreateException {
        String targetResource;
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new CreateException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        if (this.log.isDebugEnabled()) {
            this.log.debug("copyRoles: '" + str3 + "':'" + str4 + Expression.QUOTE);
        }
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("resourceScope", PolicyManager.getSearchResourceScope(str));
            PolicyMetaDataImpl policyMetaDataImpl = new PolicyMetaDataImpl(WLS_ROLE_INFO, null, hashMap);
            HashMap hashMap2 = new HashMap();
            List<PolicyInfo> readPolicy = metaDataPolicyStore.readPolicy(policyMetaDataImpl);
            if (readPolicy != null) {
                for (PolicyInfo policyInfo : readPolicy) {
                    Policy policy = policyInfo.getPolicy();
                    boolean z = true;
                    ResourcePolicyIdUtil.RoleResource roleResourceId = this.converter.getRoleResourceId(policy.getId().toString());
                    if (roleResourceId != null) {
                        targetResource = roleResourceId.getResourceId();
                    } else {
                        z = false;
                        targetResource = this.rmu.getTargetResource(policy.getTarget());
                    }
                    if (PolicyManager.resourceMatches(targetResource, str2)) {
                        PolicyMetaData metaDataEntry = policyInfo.getMetaDataEntry();
                        if (metaDataEntry == null || !"deploy".equals(metaDataEntry.getIndexValue("wlsCreatorInfo"))) {
                            if (this.log.isDebugEnabled()) {
                                this.log.debug("copyRoles id: '" + policy.getId() + Expression.QUOTE);
                            }
                            Policy policy2 = new Policy(z ? PolicyManager.getUpdatedId(policy.getId(), str3, str4) : policy.getId(), this.rmu.updateTarget(policy.getTarget(), targetResource, PolicyManager.getUpdatedResource(targetResource, str3, str4)), policy.getCombiningAlgId(), policy.getDescription(), z ? policy.getVersion() : PolicyManager.getUpdatedVersion(policy.getVersion()), policy.getDefaults(), policy.getCombinerParameters(), policy.getObligations(), policy.getRules(), policy.getRuleCombinerParameters(), policy.getVariableDefinitions());
                            hashMap2.put(policy.getReference(), policy2.getReference());
                            if (!z) {
                                metaDataPolicyStore.setPolicy(policy2, metaDataPolicyStore.getPolicyStatus(policy.getId(), policy.getVersion()), metaDataEntry);
                            } else if (metaDataPolicyStore instanceof EntitlementAwarePolicyStore) {
                                metaDataPolicyStore.setPolicy(policy2, 3, metaDataEntry);
                            } else {
                                metaDataPolicyStore.setPolicy(policy2, 1, metaDataEntry);
                                setTopPolicySet(policy2, roleResourceId.getRole());
                            }
                        } else if (this.log.isDebugEnabled()) {
                            this.log.debug("copyRoles skipped: " + policy.getId());
                        }
                    }
                }
            }
            List<PolicySetInfo> readPolicySet = metaDataPolicyStore.readPolicySet(policyMetaDataImpl);
            if (readPolicySet != null) {
                for (PolicySetInfo policySetInfo : readPolicySet) {
                    PolicySet policySet = policySetInfo.getPolicySet();
                    String targetResource2 = this.rmu.getTargetResource(policySet.getTarget());
                    if (PolicyManager.resourceMatches(targetResource2, str2)) {
                        PolicyMetaData metaDataEntry2 = policySetInfo.getMetaDataEntry();
                        if (metaDataEntry2 == null || !"deploy".equals(metaDataEntry2.getIndexValue("wlsCreatorInfo"))) {
                            if (this.log.isDebugEnabled()) {
                                this.log.debug("copyPolicy id (set): '" + policySet.getId() + Expression.QUOTE);
                            }
                            metaDataPolicyStore.setPolicySet(new PolicySet(policySet.getId(), this.rmu.updateTarget(policySet.getTarget(), targetResource2, PolicyManager.getUpdatedResource(targetResource2, str3, str4)), policySet.getCombiningAlgId(), policySet.getDescription(), PolicyManager.getUpdatedVersion(policySet.getVersion()), policySet.getDefaults(), policySet.getCombinerParameters(), policySet.getObligations(), PolicyManager.updateReferences(policySet.getPoliciesPolicySetsAndReferences(), str2, this.converter, this.rmu, hashMap2, metaDataPolicyStore), policySet.getPolicyCombinerParameters(), policySet.getPolicySetCombinerParameters()), metaDataPolicyStore.getPolicySetStatus(policySet.getId(), policySet.getVersion()), metaDataEntry2);
                        } else if (this.log.isDebugEnabled()) {
                            this.log.debug("copyPolicy skipped (set): " + policySet.getId());
                        }
                    }
                }
            }
        } catch (DocumentParseException e) {
            throw new CreateException(e);
        } catch (URISyntaxException e2) {
            throw new CreateException(e2);
        } catch (PolicyStoreException e3) {
            throw new CreateException(e3);
        }
    }

    public void createRoleCollectionInfo(String str, String str2, String str3) throws CreateException {
        if (!(this.store instanceof MetaDataPolicyStore)) {
            throw new CreateException("Invalid PolicyStore");
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        if (this.log.isDebugEnabled()) {
            this.log.debug("createRoleCollectionInfo: " + str + " : " + str2 + " : " + str3);
        }
        String str4 = PCI_KEY + str;
        String str5 = "<RoleCollectionInfo Name=\"" + XMLEscaper.escapeXMLChars(str) + "\" TimeStamp=\"" + str3 + "\" Version=\"" + str2 + "\"/>";
        try {
            metaDataPolicyStore.setMetaDataEntry(str4, str5);
            if (this.log.isDebugEnabled()) {
                this.log.debug("createRoleCollectionInfo: " + str5);
            }
        } catch (PolicyStoreException e) {
            throw new CreateException(e);
        }
    }

    public StoredRoleCollectionInfo getRoleCollectionInfo(String str) {
        if (!(this.store instanceof MetaDataPolicyStore)) {
            return null;
        }
        MetaDataPolicyStore metaDataPolicyStore = (MetaDataPolicyStore) this.store;
        StoredRoleCollectionInfo storedRoleCollectionInfo = null;
        String str2 = PCI_KEY + str;
        if (this.log.isDebugEnabled()) {
            this.log.debug("getRoleCollectionInfo: " + str2);
        }
        try {
            storedRoleCollectionInfo = getRoleCollectionInfoValue(metaDataPolicyStore.getMetaDataEntry(str2));
        } catch (PolicyStoreException e) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("getRoleCollectionInfo:" + e.toString(), e);
            }
        } catch (RuntimeException e2) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("getRoleCollectionInfo run-time:" + e2.toString(), e2);
            }
        }
        return storedRoleCollectionInfo;
    }

    private StoredRoleCollectionInfo getRoleCollectionInfoValue(String str) {
        if (str == null) {
            return null;
        }
        StoredRoleCollectionInfo storedRoleCollectionInfo = null;
        int indexOf = str.indexOf("Name=\"");
        int i = indexOf + PolicyManager.PCI_XML_NAME_LEN;
        if (indexOf != -1) {
            int indexOf2 = str.indexOf(34, i);
            String unescapeXMLChars = XMLEscaper.unescapeXMLChars(str.substring(i, indexOf2));
            int indexOf3 = str.indexOf("TimeStamp=\"", indexOf2 + 1) + PolicyManager.PCI_XML_TIMESTAMP_LEN;
            int indexOf4 = str.indexOf(34, indexOf3);
            String substring = str.substring(indexOf3, indexOf4);
            int indexOf5 = str.indexOf("Version=\"", indexOf4 + 1) + PolicyManager.PCI_XML_VERSION_LEN;
            String substring2 = str.substring(indexOf5, str.indexOf(34, indexOf5));
            storedRoleCollectionInfo = new StoredRoleCollectionInfo(unescapeXMLChars, substring2, substring);
            if (this.log.isDebugEnabled()) {
                this.log.debug("getRoleCollectionInfoValue: " + unescapeXMLChars + " : " + substring2 + " : " + substring);
            }
        }
        return storedRoleCollectionInfo;
    }

    public List<StoredRoleCollectionInfo> getAllRoleCollectionInfo() {
        LinkedList linkedList = null;
        List<String> allRoleCollectionInfoValues = getAllRoleCollectionInfoValues();
        if (allRoleCollectionInfoValues != null) {
            linkedList = new LinkedList();
            Iterator<String> it = allRoleCollectionInfoValues.iterator();
            while (it.hasNext()) {
                StoredRoleCollectionInfo roleCollectionInfoValue = getRoleCollectionInfoValue(it.next());
                if (roleCollectionInfoValue != null) {
                    linkedList.add(roleCollectionInfoValue);
                }
            }
        }
        return linkedList;
    }

    public List<String> getAllRoleCollectionInfoValues() {
        List<String> list = null;
        if (this.store instanceof MetaDataPolicyStore) {
            try {
                list = ((MetaDataPolicyStore) this.store).readAllMetaDataEntries();
            } catch (PolicyStoreException e) {
                if (this.log.isDebugEnabled()) {
                    this.log.debug("getAllRoleCollectionInfoValues:" + e.toString(), e);
                }
            }
        }
        return list;
    }
}
