package com.iplanet.am.console.user.model;

import com.iplanet.am.console.base.model.AMAdminConstants;
import com.iplanet.am.console.base.model.AMAdminUtils;
import com.iplanet.am.console.base.model.AMConsoleException;
import com.iplanet.am.console.base.model.AMFormatUtils;
import com.iplanet.am.console.base.model.AMModelBase;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMOrganization;
import com.iplanet.am.sdk.AMSearchControl;
import com.iplanet.am.sdk.AMSearchResults;
import com.iplanet.sso.SSOException;
import com.sun.xml.rpc.processor.modeler.rmi.RmiConstants;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import netscape.ldap.util.DN;

/* loaded from: input_file:117585-13/SUNWamconsdk/reloc/usr/share/lib/identity/console-war/WEB-INF/lib/am_console.jar:com/iplanet/am/console/user/model/UMUserRoleSelectModelImpl.class */
public class UMUserRoleSelectModelImpl extends UMUserViewModelImpl implements UMUserRoleSelectModel {
    private Set roles;
    private boolean rolesModified;
    private int errorCode;
    private String errorMessage;
    private String errorTitle;

    public UMUserRoleSelectModelImpl(HttpServletRequest httpServletRequest, Map map) {
        super(httpServletRequest, map);
        this.roles = null;
        this.rolesModified = false;
        this.errorCode = 0;
        this.errorMessage = null;
        this.errorTitle = null;
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public Set getUserRoleDNs() {
        Set set = Collections.EMPTY_SET;
        try {
            if (this.curUser != null) {
                set = this.curUser.getRoleDNs();
            }
        } catch (AMException e) {
            AMModelBase.debug.warning("UMUserRoleSelectModelImpl.getUserRoleDNs", e);
        } catch (SSOException e2) {
            AMModelBase.debug.error("UMUserRoleSelectModelImpl.getUserRoleDNs", e2);
        }
        if (set == null) {
            set = Collections.EMPTY_SET;
        } else {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                try {
                    if (getObjectType(str) != 6) {
                        if (AMModelBase.debug.warningEnabled()) {
                            AMModelBase.debug.warning(new StringBuffer().append("removing ").append(str).append(" from the ").append("users role list. It is not an IS role.").toString());
                        }
                        it.remove();
                    }
                } catch (AMException e3) {
                    it.remove();
                    if (AMModelBase.debug.warningEnabled()) {
                        AMModelBase.debug.warning(new StringBuffer().append("removing ").append(str).append(" from the user role list (").append(e3.getMessage()).append(RmiConstants.SIG_ENDMETHOD).toString());
                    }
                } catch (SSOException e4) {
                    AMModelBase.debug.warning("invalid sso token getting users roles");
                }
            }
        }
        return set;
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getNoRolesAvailableMsg() {
        return getLocalizedString("noAddRoleEntries.message");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public Set getRoles(String str) {
        AMOrganization userOrg;
        Set userRoleDNs = getUserRoleDNs();
        if (isAdministrator() && (userOrg = getUserOrg()) != null) {
            try {
                AMSearchControl aMSearchControl = new AMSearchControl();
                aMSearchControl.setSearchScope(1);
                setSearchControlLimits(userOrg, aMSearchControl);
                AMSearchResults searchRoles = userOrg.searchRoles(str, aMSearchControl);
                if (searchRoles == null) {
                    AMModelBase.debug.warning("UMUserRoleSelectImpl.getRoles: search for roles returned null");
                    this.roles = userRoleDNs;
                } else {
                    combineRoles(userRoleDNs, searchRoles.getSearchResults());
                    this.errorCode = searchRoles.getErrorCode();
                    this.errorMessage = AMAdminUtils.getSearchResultWarningMessage(searchRoles, this);
                    this.errorTitle = AMAdminUtils.getSearchResultWarningTitle(searchRoles, this);
                }
            } catch (AMException e) {
                AMModelBase.debug.warning("UMUserRoleSelectModelImpl.getRoles", e);
            } catch (SSOException e2) {
                AMModelBase.debug.warning("UMUserRoleSelectModelImpl.getRoles", e2);
            }
        }
        this.roles = convertToOrderedSet(userRoleDNs);
        return this.roles;
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public boolean displaySearchMessage() {
        return this.errorCode != 0;
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getSearchMessageTitle() {
        return this.errorTitle != null ? this.errorTitle : "";
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getSearchMessage() {
        return this.errorMessage != null ? this.errorMessage : "";
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public void updateRoles(Set set) throws AMConsoleException {
        if (this.curUser == null || !isAdministrator()) {
            return;
        }
        Set userRoleDNs = getUserRoleDNs();
        Set excludedObjFromSet = excludedObjFromSet(userRoleDNs, set);
        Set excludedObjFromSet2 = excludedObjFromSet(set, userRoleDNs);
        removeRoles(excludedObjFromSet);
        addRoles(excludedObjFromSet2);
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public void removeRoles(Set set) throws AMConsoleException {
        ArrayList arrayList = new ArrayList(10);
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                try {
                    this.curUser.removeRole(str);
                    this.rolesModified = true;
                    StringBuffer stringBuffer = new StringBuffer(100);
                    stringBuffer.append(getLocalizedString("removedUserFromRole.message")).append(new StringBuffer().append(" ").append(str).toString()).append(new StringBuffer().append(":[").append(this.curUser.getDN()).append("]").toString());
                    this.logger.doLog(stringBuffer.toString());
                } catch (AMException e) {
                    AMModelBase.debug.warning("failed to remove role from user", e);
                    arrayList.add(getErrorString(e));
                } catch (SSOException e2) {
                    AMModelBase.debug.warning("failed to remove role from user", e2);
                    arrayList.add(getErrorString(e2));
                }
            }
        }
        if (!arrayList.isEmpty()) {
            throw new AMConsoleException(arrayList);
        }
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getRoleDisplayName(String str) {
        return AMFormatUtils.DNToName(this, str, true);
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getPropertiesLabel() {
        return getLocalizedString("viewRole.label");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getNoRoleMessage() {
        return getLocalizedString("roleNotFound.message");
    }

    private void combineRoles(Set set, Set set2) {
        if (set == null || set2 == null || set2.isEmpty()) {
            return;
        }
        Iterator it = set2.iterator();
        while (it.hasNext()) {
            boolean z = false;
            String str = (String) it.next();
            DN dn = new DN(str);
            Iterator it2 = set.iterator();
            while (it2.hasNext() && !z) {
                z = dn.equals(new DN((String) it2.next()));
            }
            if (!z) {
                set.add(str);
            }
        }
    }

    @Override // com.iplanet.am.console.base.model.AMProfileModelBase, com.iplanet.am.console.base.model.AMProfileModel
    public String getSuccessMessage() {
        return this.rolesModified ? getLocalizedString("updateUser.message") : getLocalizedString("noChangesMade.message");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public Set getAssignedRoles() {
        return getUserRoleDNs();
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getNoRoleEntriesMsg() {
        String localizedString = getLocalizedString("noRoleEntriesUser.message");
        if (isAdministrator()) {
            localizedString = getLocalizedString("noRoleEntries.message");
        }
        return localizedString;
    }

    @Override // com.iplanet.am.console.user.model.UMUserViewModelImpl, com.iplanet.am.console.base.model.AMModelBase, com.iplanet.am.console.base.model.AMModel
    public String getHelpAnchorTag() {
        String localizedString = getLocalizedString("userRoles.help");
        if (localizedString.equals("userRoles.help")) {
            localizedString = AMAdminConstants.DEFAULT_HELP_FILE;
        }
        return getHelpURL(localizedString);
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getRoleNotSelectedMessage() {
        return getLocalizedString("roleNotSelected.message");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getRoleNotSelectedTitle() {
        return getLocalizedString("roleNotSelected.title");
    }

    private void addRoles(Set set) throws AMConsoleException {
        ArrayList arrayList = new ArrayList(10);
        if (set != null && !set.isEmpty()) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                try {
                    this.curUser.assignRole(str);
                    this.rolesModified = true;
                    StringBuffer stringBuffer = new StringBuffer(100);
                    stringBuffer.append(getLocalizedString("assignedUserToRole.message")).append(new StringBuffer().append(" ").append(str).toString()).append(new StringBuffer().append(":[").append(this.curUser.getDN()).append("]").toString());
                    this.logger.doLog(stringBuffer.toString());
                } catch (AMException e) {
                    AMModelBase.debug.warning("assigning roles to user", e);
                    arrayList.add(getErrorString(e));
                } catch (SSOException e2) {
                    AMModelBase.debug.error("assigning roles to user", e2);
                    arrayList.add(getErrorString(e2));
                }
            }
        }
        if (!arrayList.isEmpty()) {
            throw new AMConsoleException(arrayList);
        }
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public Set getUnAssignedRoles(String str) {
        Set excludedObjFromSet = excludedObjFromSet(getRoles(str), getUserRoleDNs());
        return excludedObjFromSet == null ? Collections.EMPTY_SET : excludedObjFromSet;
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getDisplayRolesMessage() {
        return getLocalizedString("displayRoles.message");
    }

    @Override // com.iplanet.am.console.base.model.AMProfileModelBase, com.iplanet.am.console.base.model.AMProfileModel
    public String getAddButtonLabel() {
        return getLocalizedString("dynGUIAddToList.button");
    }

    @Override // com.iplanet.am.console.base.model.AMProfileModelBase, com.iplanet.am.console.base.model.AMProfileModel
    public String getRemoveButtonLabel() {
        return getLocalizedString("dynGUIRemoveFromList.button");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getDisplayEndUserRolesLabel() {
        return getLocalizedString("displayEndUserRoles.label");
    }

    @Override // com.iplanet.am.console.user.model.UMUserRoleSelectModel
    public String getNoRolesAssignedMessage() {
        return getLocalizedString("noRolesAssigned.message");
    }
}
