package com.iplanet.am.sdk.ldap;

import com.iplanet.am.sdk.AMConstants;
import com.iplanet.am.sdk.AMDirectoryManager;
import com.iplanet.am.sdk.AMDirectoryWrapper;
import com.iplanet.am.sdk.AMEntryExistsException;
import com.iplanet.am.sdk.AMEventManagerException;
import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMHashMap;
import com.iplanet.am.sdk.AMInvalidDNException;
import com.iplanet.am.sdk.AMNamingAttrManager;
import com.iplanet.am.sdk.AMObject;
import com.iplanet.am.sdk.AMObjectClassManager;
import com.iplanet.am.sdk.AMObjectListener;
import com.iplanet.am.sdk.AMOrganization;
import com.iplanet.am.sdk.AMOrganizationalUnit;
import com.iplanet.am.sdk.AMPreCallBackException;
import com.iplanet.am.sdk.AMSDKBundle;
import com.iplanet.am.sdk.AMSearchFilterManager;
import com.iplanet.am.sdk.AMSearchResults;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMTemplate;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.sdk.AMUserEntryProcessed;
import com.iplanet.am.sdk.DirectoryManagerInterface;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Locale;
import com.iplanet.am.util.OrderedSet;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.services.ldap.Attr;
import com.iplanet.services.ldap.AttrSet;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.iplanet.ums.AccessRightsException;
import com.iplanet.ums.AssignableDynamicGroup;
import com.iplanet.ums.CreationTemplate;
import com.iplanet.ums.DefaultTemplates;
import com.iplanet.ums.DynamicGroup;
import com.iplanet.ums.EntryAlreadyExistsException;
import com.iplanet.ums.EntryNotFoundException;
import com.iplanet.ums.FilteredRole;
import com.iplanet.ums.Guid;
import com.iplanet.ums.InvalidSearchFilterException;
import com.iplanet.ums.ManagedRole;
import com.iplanet.ums.Organization;
import com.iplanet.ums.OrganizationalUnit;
import com.iplanet.ums.PeopleContainer;
import com.iplanet.ums.PersistentObject;
import com.iplanet.ums.Resource;
import com.iplanet.ums.SchemaManager;
import com.iplanet.ums.SearchControl;
import com.iplanet.ums.SearchResults;
import com.iplanet.ums.SearchTemplate;
import com.iplanet.ums.SizeLimitExceededException;
import com.iplanet.ums.SortKey;
import com.iplanet.ums.StaticGroup;
import com.iplanet.ums.TemplateManager;
import com.iplanet.ums.TimeLimitExceededException;
import com.iplanet.ums.UMSException;
import com.iplanet.ums.UMSObject;
import com.iplanet.ums.cos.COSManager;
import com.iplanet.ums.cos.COSNotFoundException;
import com.iplanet.ums.cos.COSTemplate;
import com.iplanet.ums.cos.DirectCOSDefinition;
import com.iplanet.ums.cos.ICOSDefinition;
import com.sun.identity.authentication.service.AMAuthErrorCode;
import com.sun.identity.sm.SMSEntry;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.text.Collator;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.TreeMap;
import java.util.TreeSet;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPUrl;
import netscape.ldap.util.DN;
import netscape.ldap.util.RDN;

/* loaded from: input_file:119465-06/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/iplanet/am/sdk/ldap/DirectoryManager.class */
public class DirectoryManager implements AMConstants, DirectoryManagerInterface {
    private static final String DEFAULT_USER_NAMING_ATTR = "uid";
    private static final String DEFAULT_RESOURCE_NAMING_ATTR = "uid";
    private static final String DEFAULT_ROLE_NAMING_ATTR = "cn";
    private static final String DEFAULT_GROUP_NAMING_ATTR = "cn";
    private static final String DEFAULT_ORG_NAMING_ATTR = "o";
    private static final String DEFAULT_ORG_UNIT_NAMING_ATTR = "ou";
    private static final String DEFAULT_PEOPLE_CONTAINER_NAMING_ATTR = "ou";
    private static final String DEFAULT_GROUP_CONTAINER_NAMING_ATTR = "ou";
    private static final String DEFAULT_DYNAMIC_GROUP_NAMING_ATTR = "cn";
    private static final String DEFAULT_FILTERED_ROLE_NAMING_ATTR = "cn";
    private static final String DEFAULT_ASSIGNABLE_DYNAMIC_GROUP_NAMING_ATTR = "cn";
    private static final String LDAP_CONNECTION_ERROR_CODES = "com.iplanet.am.ldap.connection.ldap.error.codes.retries";
    private static final String USER_CREATION_TEMPLATE = "BasicUser";
    private static final String GROUP_CREATION_TEMPLATE = "BasicGroup";
    private static final String MANAGED_ROLE_CREATION_TEMPLATE = "BasicManagedRole";
    private static final String RESOURCE_CREATION_TEMPLATE = "BasicResource";
    private static final String FILTERED_ROLE_CREATION_TEMPLATE = "BasicFilteredRole";
    private static final String ASSIGANABLE_DYNAMIC_GROUP_CREATION_TEMPLATE = "BasicAssignableDynamicGroup";
    private static final String DYNAMIC_GROUP_CREATION_TEMPLATE = "BasicDynamicGroup";
    private static final String ORGANIZATION_CREATION_TEMPLATE = "BasicOrganization";
    private static final String PEOPLE_CONTAINTER_CREATION_TEMPLATE = "BasicPeopleContainer";
    private static final String ORGANIZATIONAL_UNIT_CREATION_TEMPLATE = "BasicOrganizationalUnit";
    private static final String GROUP_CONTAINER_CREATION_TEMPLATE = "BasicGroupContainer";
    private static final String DEFAULT_USER_OBJECT_CLASS = "inetorgperson";
    private static final String DEFAULT_RESOURCE_OBJECT_CLASS = "inetcalresource";
    private static final String DEFAULT_ROLE_OBJECT_CLASS = "nsmanagedroledefinition";
    private static final String DEFAULT_FILTERED_ROLE_OBJECT_CLASS = "nsfilteredroledefinition";
    private static final String DEFAULT_ORGANIZATION_OBJECT_CLASS = "organization";
    private static final String DEFAULT_ORGANIZATIONAL_UNIT_OBJECT_CLASS = "organizationalunit";
    private static final String DEFAULT_GROUP_OBJECT_CLASS = "iplanet-am-managed-group";
    private static final String DEFAULT_DYNAMIC_GROUP_OBJECT_CLASS = "groupofurls";
    private static final String DEFAULT_ASSIGNABLE_DYNAMIC_GROUP_OBJECT_CLASS = "iplanet-am-managed-assignable-group";
    private static final String DEFAULT_GROUP_CONTAINER_OBJECT_CLASS = "iplanet-am-managed-group-container";
    private static final String DEFAULT_PEOPLE_CONTAINER_OBJECT_CLASS = "nsManagedPeopleContainer";
    private static final String USER_SEARCH_TEMPLATE = "BasicUserSearch";
    private static final String ROLE_SEARCH_TEMPLATE = "BasicManagedRoleSearch";
    private static final String FILTERED_ROLE_SEARCH_TEMPLATE = "BasicFilteredRoleSearch";
    private static final String GROUP_SEARCH_TEMPLATE = "BasicGroupSearch";
    private static final String DYNAMIC_GROUP_SEARCH_TEMPLATE = "BasicDynamicGroupSearch";
    private static final String ORGANIZATION_SEARCH_TEMPLATE = "BasicOrganizationSearch";
    private static final String PEOPLE_CONTAINER_SEARCH_TEMPLATE = "BasicPeopleContainerSearch";
    private static final String ORGANIZATIONAL_UNIT_SEARCH_TEMPLATE = "BasicOrganizationalUnitSearch";
    private static final String ASSIGNABLE_DYNAMIC_GROUP_SEARCH_TEMPLATE = "BasicAssignableDynamicGroupSearch";
    private static final String GROUP_CONTAINER_SEARCH_TEMPLATE = "BasicGroupContainerSearch";
    private static final String RESOURCE_SEARCH_TEMPLATE = "BasicResourceSearch";
    private static final String DEFAULT_USER_SEARCH_FILTER = "(objectclass=inetorgperson)";
    private static final String DEFAULT_ROLE_SEARCH_FILTER = "(objectclass=nsmanagedroledefinition)";
    private static final String DEFAULT_FILTERED_ROLE_SEARCH_FILTER = "(&(objectclass=nsfilteredroledefinition)(!(cn=ContainerDefaultTemplateRole)))";
    private static final String DEFAULT_GROUP_SEARCH_FILTER = "(objectclass=groupofuniquenames)";
    private static final String DEFAULT_ASSIGNABLE_DYNAMIC_GROUP_SEARCH_FILTER = "(objectclass=iplanet-am-managed-assignable-group)";
    private static final String DEFAULT_DYNAMIC_GROUP_SEARCH_FILTER = "(objectclass=groupofurls)";
    private static final String DEFAULT_ORGANIZATION_SEARCH_FILTER = "(objectclass=organization)";
    private static final String DEFAULT_PEOPLE_CONTAINER_SEARCH_FILTER = "(objectclass=nsManagedPeopleContainer)";
    private static final String DEFAULT_ORGANIZATIONAL_UNIT_SEARCH_FILTER = "(objectclass=organizationalunit)";
    private static final String DEFAULT_GROUP_CONTAINER_SEARCH_FILTER = "(objectclass=iplanet-am-managed-group-container)";
    private static DirectoryManager instance;
    private static AMEventManager eventManager;
    private AMDirectoryManager amdm;
    private static HashSet retryErrorCodes = new HashSet();
    private static TemplateManager templateMgr = null;
    public static Debug debug = CommonUtils.debug;
    public static boolean isUserPluginInitialized = false;
    private static AMUserEntryProcessed userEntry = null;
    private static Map listeners = new HashMap();
    private String[] aName = {SMSEntry.ATTR_OBJECTCLASS};
    private SearchControl scontrol = new SearchControl();
    protected DCTree dcTree = new DCTree();
    protected Compliance compl = new Compliance();
    protected SSOToken internalToken = CommonUtils.getInternalToken();

    public DirectoryManager() {
        this.scontrol.setSearchScope(0);
    }

    public static synchronized DirectoryManager getInstance() {
        if (instance == null) {
            debug.message("DirectoryManager.getInstance(): Creating a new Instance of DirectoryManager()");
            instance = new DirectoryManager();
        }
        return instance;
    }

    protected String getEntryName(UMSException uMSException) {
        DN exceptionDN = getExceptionDN(uMSException);
        return exceptionDN != null ? ((RDN) exceptionDN.getRDNs().firstElement()).getValues()[0] : "";
    }

    private DN getExceptionDN(UMSException uMSException) {
        int indexOf;
        DN dn = null;
        String message = uMSException.getMessage();
        if (message != null && (indexOf = message.indexOf("::")) != -1) {
            String substring = message.substring(0, indexOf);
            if (DN.isDN(substring)) {
                dn = new DN(substring);
            }
        }
        return dn;
    }

    private String getEntryNotFoundMsgID(int i) {
        switch (i) {
            case 1:
                return "468";
            case 2:
                return "467";
            case 3:
                return "469";
            case 4:
                return "471";
            case 5:
                return "470";
            case 6:
            case 7:
            case 8:
                return "465";
            case 9:
            case 10:
            case 11:
            case 12:
                return "466";
            default:
                return "461";
        }
    }

    private String getEntryExistsMsgID(int i) {
        switch (i) {
            case 1:
                return "475";
            case 2:
                return "474";
            case 3:
                return "476";
            case 4:
                return "483";
            case 5:
                return "477";
            case 6:
            case 7:
            case 8:
                return "472";
            case 9:
            case 10:
            case 11:
            case 12:
                return "473";
            default:
                return "462";
        }
    }

    private void processInternalException(SSOToken sSOToken, UMSException uMSException, String str) throws AMException {
        try {
            switch (((LDAPException) uMSException.getRootCause()).getLDAPResultCode()) {
                case 3:
                    throw new AMException(sSOToken, "3", uMSException);
                case 4:
                    throw new AMException(sSOToken, "4", uMSException);
                case 11:
                    throw new AMException(sSOToken, "968", uMSException);
                case 19:
                    throw new AMException(sSOToken, "19", uMSException);
                case 67:
                    throw new AMException(sSOToken, "967", uMSException);
                default:
                    throw new AMException(sSOToken, str, uMSException);
            }
        } catch (Exception e) {
            throw new AMException(sSOToken, str);
        }
    }

    public static AMUserEntryProcessed getUserPostPlugin() {
        if (!isUserPluginInitialized) {
            String str = SystemProperties.get("com.iplanet.am.sdk.userEntryProcessingImpl");
            if (str != null && str.length() != 0) {
                try {
                    userEntry = (AMUserEntryProcessed) Class.forName(str).newInstance();
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("DirectoryManager.getUserPostPlugin: Class ").append(str).append(" instantiated.").toString());
                    }
                } catch (ClassNotFoundException e) {
                    debug.error(new StringBuffer().append("DirectoryManager.getUserPostPlugin(): Class not found: ").append(str).toString(), e);
                } catch (IllegalAccessException e2) {
                    debug.error(new StringBuffer().append("DirectoryManager.getUserPostPlugin(): IllegalAccessException: ").append(str).toString(), e2);
                } catch (InstantiationException e3) {
                    debug.error(new StringBuffer().append("DirectoryManager.getUserPostPlugin(): Unable to instantiate: ").append(str).toString(), e3);
                }
            }
            isUserPluginInitialized = true;
        }
        return userEntry;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public boolean doesEntryExists(SSOToken sSOToken, String str) {
        try {
            UMSObject.getObject(this.internalToken, new Guid(str));
            return true;
        } catch (UMSException e) {
            if (str.indexOf("agents") >= 0 || !debug.messageEnabled()) {
                return false;
            }
            debug.message("DirectoryManager.doesProfileExist(): + Exception caught: ", e);
            return false;
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public int getObjectType(SSOToken sSOToken, String str) throws AMException, SSOException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.getObjectType() Getting object type for: ").append(str).toString());
        }
        if (!DN.isDN(str)) {
            throw new AMInvalidDNException(AMSDKBundle.getString("157"), "157");
        }
        SSOTokenManager.getInstance().validateToken(sSOToken);
        new String[1][0] = "objectClass";
        HashSet hashSet = new HashSet(1);
        hashSet.add(SMSEntry.ATTR_OBJECTCLASS);
        Map attributes = getAttributes(sSOToken, str, hashSet, AMObject.UNDETERMINED_OBJECT_TYPE);
        if (attributes.size() != 1) {
            throw new AMException(AMSDKBundle.getString("151"), "151");
        }
        Iterator it = ((Set) attributes.get(SMSEntry.ATTR_OBJECTCLASS)).iterator();
        int i = -1;
        while (it.hasNext()) {
            int objectType = AMObjectClassManager.getObjectType((String) it.next());
            if (objectType == 6) {
                i = objectType;
            } else if (objectType != -1) {
                return objectType;
            }
        }
        if (i != -1) {
            return i;
        }
        throw new AMException(AMSDKBundle.getString("156"), "156");
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getDCTreeAttributes(SSOToken sSOToken, String str, Set set, boolean z, int i) throws AMException, SSOException {
        String str2 = AMStoreConnection.rootSuffix;
        if (!this.dcTree.isRequired() || i != 2 || CommonUtils.formatToRFC(str).equalsIgnoreCase(str2) || this.dcTree.getCanonicalDomain(this.internalToken, str) == null) {
            return null;
        }
        return CommonUtils.attrSetToMap(this.dcTree.getDomainAttributes(this.internalToken, str, set == null ? null : (String[]) set.toArray(new String[set.size()])), z);
    }

    private void checkComplianceAttributes(AttrSet attrSet, boolean z) throws AMException {
        if (z || !this.compl.isComplianceUserDeletionEnabled()) {
            return;
        }
        this.compl.verifyAttributes(attrSet);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributes(SSOToken sSOToken, String str, int i) throws AMException, SSOException {
        return getAttributes(sSOToken, str, true, false, i);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributes(SSOToken sSOToken, String str, Set set, int i) throws AMException, SSOException {
        return getAttributes(sSOToken, str, set, true, false, i);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributesByteValues(SSOToken sSOToken, String str, int i) throws AMException, SSOException {
        return getAttributes(sSOToken, str, true, true, i);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributesByteValues(SSOToken sSOToken, String str, Set set, int i) throws AMException, SSOException {
        return getAttributes(sSOToken, str, set, true, true, i);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributes(SSOToken sSOToken, String str, boolean z, boolean z2, int i) throws AMException, SSOException {
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            AttrSet attributes = objectHandle.getAttributes(objectHandle.getAttributeNames());
            checkComplianceAttributes(attributes, z);
            AMHashMap aMHashMap = (AMHashMap) CommonUtils.attrSetToMap(attributes, z2);
            aMHashMap.copy(getDCTreeAttributes(sSOToken, str, null, z2, i));
            return aMHashMap;
        } catch (UMSException e) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.getProfileAttribute(): Unable to get attributes: ", e);
            }
            throw new AMException(AMSDKBundle.getString("330", CommonUtils.getUserLocale(sSOToken)), "330");
        } catch (IllegalArgumentException e2) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.getProfileAttribute(): Unable to get attributes: ", e2);
            }
            throw new AMException(AMSDKBundle.getString("330", CommonUtils.getUserLocale(sSOToken)), "330");
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getAttributes(SSOToken sSOToken, String str, Set set, boolean z, boolean z2, int i) throws AMException, SSOException {
        if (set == null) {
            return getAttributes(sSOToken, str, z, z2, i);
        }
        try {
            String[] strArr = (String[]) set.toArray(new String[set.size()]);
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            AMHashMap aMHashMap = (AMHashMap) CommonUtils.attrSetToMap((z || !this.compl.isComplianceUserDeletionEnabled()) ? objectHandle.getAttributes(strArr) : this.compl.verifyAndGetAttributes(objectHandle, strArr), z2);
            set.iterator();
            aMHashMap.copy(getDCTreeAttributes(sSOToken, str, set, z2, i));
            return aMHashMap;
        } catch (UMSException e) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.getProfileAttribute(): Unable to get attributes: ", e);
            }
            throw new AMException(AMSDKBundle.getString("330", CommonUtils.getUserLocale(sSOToken)), "330");
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getOrgSearchFilter(String str) {
        String searchFilter = AMSearchFilterManager.getSearchFilter(2, str, null, true);
        String searchFilter2 = AMSearchFilterManager.getSearchFilter(3, str, null, true);
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(|").append(searchFilter).append(searchFilter2);
        stringBuffer.append(")");
        return stringBuffer.toString();
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getOrganizationDN(SSOToken sSOToken, String str) throws AMException {
        if (str.equals("") || !DN.isDN(str)) {
            debug.error(new StringBuffer().append("DirectoryManager.getOrganizationDN() Invalid DN: ").append(str).toString());
            throw new AMException(sSOToken, "157");
        }
        DN dn = new DN(str);
        String[] strArr = {SMSEntry.ATTR_OBJECTCLASS};
        SearchControl searchControl = new SearchControl();
        searchControl.setSearchScope(0);
        String str2 = "";
        boolean z = false;
        boolean z2 = false;
        while (!z && !z2) {
            try {
                PersistentObject objectHandle = UMSObject.getObjectHandle(this.internalToken, new Guid(dn.toString()));
                SearchResults search = objectHandle.search(getOrgSearchFilter(str), strArr, searchControl);
                if (search.hasMoreElements()) {
                    z2 = true;
                    while (search.hasMoreElements()) {
                        search.next();
                    }
                    str2 = objectHandle.getGuid().toString().toLowerCase();
                } else if (dn.countRDNs() == 1) {
                    z = true;
                    debug.error("DirectoryManager.getOrganizationDN(): Reached root suffix. Unable to get parent Org");
                } else {
                    dn = dn.getParent();
                }
            } catch (InvalidSearchFilterException e) {
                z = true;
                debug.error("DirectoryManager.getOrganizationDN(): Invalid search filter, unable to get Parent Organization: ", e);
            } catch (UMSException e2) {
                z = true;
                if (debug.warningEnabled()) {
                    debug.warning("DirectoryManager.getOrganizationDN(): Unable to Obtain Parent Organization", e2);
                }
                int lDAPResultCode = ((LDAPException) e2.getRootCause()).getLDAPResultCode();
                if (retryErrorCodes.contains(new StringBuffer().append("").append(lDAPResultCode).toString())) {
                    throw new AMException(sSOToken, Integer.toString(lDAPResultCode));
                }
            }
        }
        if (z) {
            throw new AMException(AMSDKBundle.getString("124", CommonUtils.getUserLocale(sSOToken)), "124");
        }
        return str2;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Map getExternalAttributes(SSOToken sSOToken, String str, Set set, int i) throws AMException {
        SSOToken internalToken = CommonUtils.getInternalToken();
        String dn = i == 1 ? new DN(str).getParent().toString() : str;
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        return AMCallBackImpl.getAttributes(sSOToken, str, set, this.amdm.getOrganizationDN(internalToken, dn));
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void updateUserAttribute(SSOToken sSOToken, Set set, String str, boolean z) throws AMException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.updateUserAttribute(): groupDN:").append(str).append(", toAdd: ").append(z).append(" members: ").append(set).toString());
        }
        Attr attr = new Attr(AMConstants.STATIC_GROUP_DN_ATTRIBUTE, str);
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            try {
                PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str2));
                if (z) {
                    objectHandle.modify(attr, 0);
                } else {
                    objectHandle.modify(attr, 1);
                }
                objectHandle.save();
            } catch (UMSException e) {
                debug.error(new StringBuffer().append("DirectoryManager.updateUserAttribute(): Failed while trying to set the static groupDN ").append(str).append(" for user: ").append(str2).toString(), e);
                throw new AMException(sSOToken, "351", e);
            }
        }
    }

    private void makeNamingFirst(AttrSet attrSet, String str, String str2) {
        int indexOf = attrSet.indexOf(str);
        if (indexOf == -1) {
            attrSet.add(new Attr(str, str2));
            return;
        }
        Attr elementAt = attrSet.elementAt(indexOf);
        elementAt.removeValue(str2);
        String[] stringValues = elementAt.getStringValues();
        Attr attr = new Attr(str, str2);
        attr.addValues(stringValues);
        attrSet.replace(attr);
    }

    private AttrSet combineOCs(CreationTemplate creationTemplate, AttrSet attrSet) {
        Attr attribute = attrSet.getAttribute(SMSEntry.ATTR_OBJECTCLASS);
        Set combineOCs = CommonUtils.combineOCs(attribute != null ? CommonUtils.stringArrayToSet(attribute.getStringValues()) : new HashSet(), CommonUtils.stringArrayToSet(creationTemplate.getAttribute(SMSEntry.ATTR_OBJECTCLASS).getStringValues()));
        attrSet.remove(SMSEntry.ATTR_OBJECTCLASS);
        attrSet.add(new Attr(SMSEntry.ATTR_OBJECTCLASS, (String[]) combineOCs.toArray(new String[combineOCs.size()])));
        return attrSet;
    }

    private void createUser(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMEntryExistsException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(1)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 1, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(1), str);
        try {
            new AMUserPasswordValidationImpl(sSOToken, organizationDN).validate(CommonUtils.attrSetToMap(mapToAttrSet));
            CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicUser", new Guid(organizationDN), 1);
            AttrSet combineOCs = combineOCs(creationTemplate, mapToAttrSet);
            PersistentObject persistentObject2 = new PersistentObject(creationTemplate, combineOCs);
            try {
                persistentObject.addChild(persistentObject2);
            } catch (AccessRightsException e) {
                if (debug.warningEnabled()) {
                    debug.warning("DirectoryManager.createUser(): Insufficient Access rights to create user", e);
                }
                throw new AMException(sSOToken, "460");
            } catch (EntryAlreadyExistsException e2) {
                if (this.compl.isComplianceUserDeletionEnabled()) {
                    this.compl.checkIfDeletedUser(sSOToken, persistentObject2.getDN());
                }
                if (debug.warningEnabled()) {
                    debug.warning("DirectoryManager.createUser() User already exists: ", e2);
                }
                throw new AMEntryExistsException(sSOToken, "328", e2);
            } catch (UMSException e3) {
                if (debug.warningEnabled()) {
                    debug.warning("DirectoryManager.createUser(): Internal Error occurred. Unable to create User Entry", e3);
                }
                processInternalException(sSOToken, e3, "324");
            }
            AMCallBackImpl.postProcess(sSOToken, persistentObject2.getDN(), organizationDN, (Map) null, preProcess, 1, 1, false);
            AMUserEntryProcessed userPostPlugin = getUserPostPlugin();
            if (userPostPlugin != null) {
                userPostPlugin.processUserAdd(sSOToken, persistentObject2.getDN(), CommonUtils.attrSetToMap(combineOCs));
            }
            AMEmailNotification aMEmailNotification = new AMEmailNotification(persistentObject2.getDN());
            aMEmailNotification.setUserCreateNotificationList();
            aMEmailNotification.sendUserCreateNotification(preProcess);
        } catch (AMException e4) {
            debug.error("DirectoryManager.createUser(): Invalid characters for user", e4);
            throw e4;
        }
    }

    private void createEntity(SSOToken sSOToken, PersistentObject persistentObject, int i, Map map, String str) throws UMSException, AMEntryExistsException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        new StringBuffer().append(AMNamingAttrManager.getNamingAttr(i)).append("=").append(str).append(",").append(persistentObject.getDN()).toString();
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(i), str);
        String creationTemplateName = getCreationTemplateName(i);
        if (creationTemplateName == null) {
            creationTemplateName = "BasicUser";
        }
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate(creationTemplateName, new Guid(organizationDN), 1);
        PersistentObject persistentObject2 = new PersistentObject(creationTemplate, combineOCs(creationTemplate, mapToAttrSet));
        try {
            persistentObject.addChild(persistentObject2);
        } catch (AccessRightsException e) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.createEntity(): Insufficient Access rights to create entity", e);
            }
            throw new AMException(sSOToken, "460");
        } catch (EntryAlreadyExistsException e2) {
            if (this.compl.isComplianceUserDeletionEnabled()) {
                this.compl.checkIfDeletedUser(sSOToken, persistentObject2.getDN());
            }
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.createEntity() Entity already exists: ", e2);
            }
            throw new AMEntryExistsException(sSOToken, "462", e2);
        } catch (UMSException e3) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.createEntity(): Internal Error occurred. Unable to create User Entry", e3);
            }
            processInternalException(sSOToken, e3, "324");
        }
    }

    private void createResource(PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(21), str);
        TemplateManager templateManager = TemplateManager.getTemplateManager();
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        persistentObject.addChild(new Resource(templateManager.getCreationTemplate(RESOURCE_CREATION_TEMPLATE, new Guid(this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN())), 1), mapToAttrSet));
    }

    private void createRole(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(6)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 6, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(6), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicManagedRole", new Guid(organizationDN), 1);
        ManagedRole managedRole = new ManagedRole(creationTemplate, combineOCs(creationTemplate, mapToAttrSet));
        persistentObject.addChild(managedRole);
        AMCallBackImpl.postProcess(sSOToken, managedRole.getDN(), organizationDN, (Map) null, preProcess, 1, 6, false);
    }

    private void createOrganization(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        Organization organization;
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        String stringBuffer = new StringBuffer().append(AMNamingAttrManager.getNamingAttr(2)).append("=").append(str).append(",").append(persistentObject.getDN()).toString();
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, stringBuffer, organizationDN, (Map) null, map, 1, 2, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(2), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicOrganization", new Guid(organizationDN), 1);
        AttrSet combineOCs = combineOCs(creationTemplate, mapToAttrSet);
        if (this.dcTree.isRequired()) {
            organization = new Organization(creationTemplate, this.dcTree.splitAttrSet(persistentObject.getDN(), combineOCs)[0]);
            this.dcTree.createDomain(sSOToken, new Guid(stringBuffer), combineOCs);
        } else {
            organization = new Organization(creationTemplate, combineOCs);
        }
        try {
            persistentObject.addChild(organization);
            if (this.compl.isAdminGroupsEnabled(organization.getDN())) {
                this.compl.createAdminGroups(sSOToken, organization);
            }
            AMCallBackImpl.postProcess(sSOToken, organization.getDN(), organizationDN, (Map) null, preProcess, 1, 2, false);
        } catch (UMSException e) {
            if (this.dcTree.isRequired()) {
                this.dcTree.removeDomain(sSOToken, stringBuffer);
            }
            if (this.compl.isComplianceUserDeletionEnabled()) {
                this.compl.checkIfDeletedOrg(sSOToken, organization.getDN());
            }
            throw e;
        }
    }

    private void createGroup(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(9)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 9, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(9), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicGroup", new Guid(organizationDN), 1);
        AttrSet combineOCs = combineOCs(creationTemplate, mapToAttrSet);
        StaticGroup staticGroup = new StaticGroup(creationTemplate, combineOCs);
        persistentObject.addChild(staticGroup);
        Attr attribute = combineOCs.getAttribute(AMConstants.UNIQUE_MEMBER_ATTRIBUTE);
        if (attribute != null) {
            String[] stringValues = attribute.getStringValues();
            HashSet hashSet = new HashSet();
            for (String str2 : stringValues) {
                hashSet.add(str2);
            }
            updateUserAttribute(sSOToken, hashSet, staticGroup.getDN(), true);
        }
        AMCallBackImpl.postProcess(sSOToken, staticGroup.getDN(), organizationDN, (Map) null, preProcess, 1, 9, false);
    }

    private void createAssignDynamicGroup(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        String stringBuffer = new StringBuffer().append(AMNamingAttrManager.getNamingAttr(9)).append("=").append(str).append(",").append(persistentObject.getDN()).toString();
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, stringBuffer, organizationDN, (Map) null, map, 1, 12, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(12), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate(ASSIGANABLE_DYNAMIC_GROUP_CREATION_TEMPLATE, new Guid(organizationDN), 1);
        AssignableDynamicGroup assignableDynamicGroup = new AssignableDynamicGroup(creationTemplate, combineOCs(creationTemplate, mapToAttrSet));
        assignableDynamicGroup.setSearchFilter(new StringBuffer().append("(memberof=").append(stringBuffer).append(")").toString());
        assignableDynamicGroup.setSearchScope(2);
        assignableDynamicGroup.setSearchBase(new Guid(organizationDN));
        persistentObject.addChild(assignableDynamicGroup);
        AMCallBackImpl.postProcess(sSOToken, assignableDynamicGroup.getDN(), organizationDN, (Map) null, preProcess, 1, 12, false);
    }

    private void createDynamicGroup(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(9)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 11, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(11), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicDynamicGroup", new Guid(organizationDN), 1);
        DynamicGroup dynamicGroup = new DynamicGroup(creationTemplate, combineOCs(creationTemplate, mapToAttrSet));
        persistentObject.getDN();
        if (LDAPUrl.defaultFilter.equalsIgnoreCase(dynamicGroup.getSearchFilter())) {
            dynamicGroup.setSearchFilter(AMSearchFilterManager.getSearchFilter(1, organizationDN));
        }
        dynamicGroup.setSearchScope(2);
        dynamicGroup.setSearchBase(new Guid(organizationDN));
        persistentObject.addChild(dynamicGroup);
        AMCallBackImpl.postProcess(sSOToken, dynamicGroup.getDN(), organizationDN, (Map) null, preProcess, 1, 11, false);
    }

    private void createPeopleContainer(PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(5), str);
        TemplateManager templateManager = TemplateManager.getTemplateManager();
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        CreationTemplate creationTemplate = templateManager.getCreationTemplate("BasicPeopleContainer", new Guid(this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN())), 1);
        persistentObject.addChild(new PeopleContainer(creationTemplate, combineOCs(creationTemplate, mapToAttrSet)));
    }

    private void createOrganizationalUnit(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(3)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 3, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(3), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicOrganizationalUnit", new Guid(organizationDN), 1);
        OrganizationalUnit organizationalUnit = new OrganizationalUnit(creationTemplate, combineOCs(creationTemplate, mapToAttrSet));
        persistentObject.addChild(organizationalUnit);
        AMCallBackImpl.postProcess(sSOToken, organizationalUnit.getDN(), organizationDN, (Map) null, preProcess, 1, 3, false);
    }

    private void createGroupContainer(PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(4), str);
        TemplateManager templateManager = TemplateManager.getTemplateManager();
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        persistentObject.addChild(new OrganizationalUnit(templateManager.getCreationTemplate(GROUP_CONTAINER_CREATION_TEMPLATE, new Guid(this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN())), 1), mapToAttrSet));
    }

    private void createFilteredRole(SSOToken sSOToken, PersistentObject persistentObject, Map map, String str) throws UMSException, AMException {
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, persistentObject.getDN());
        Map preProcess = AMCallBackImpl.preProcess(sSOToken, new StringBuffer().append(AMNamingAttrManager.getNamingAttr(8)).append("=").append(str).append(",").append(persistentObject.getDN()).toString(), organizationDN, (Map) null, map, 1, 8, false);
        AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(preProcess);
        makeNamingFirst(mapToAttrSet, AMNamingAttrManager.getNamingAttr(8), str);
        CreationTemplate creationTemplate = TemplateManager.getTemplateManager().getCreationTemplate("BasicFilteredRole", new Guid(organizationDN), 1);
        AttrSet combineOCs = combineOCs(creationTemplate, mapToAttrSet);
        if (!combineOCs.contains("nsRoleFilter")) {
            combineOCs.add(new Attr("nsRoleFilter", AMSearchFilterManager.getSearchFilter(1, organizationDN)));
        }
        FilteredRole filteredRole = new FilteredRole(creationTemplate, combineOCs);
        persistentObject.addChild(filteredRole);
        AMCallBackImpl.postProcess(sSOToken, filteredRole.getDN(), organizationDN, (Map) null, preProcess, 1, 8, false);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void createEntry(SSOToken sSOToken, String str, int i, String str2, Map map) throws AMEntryExistsException, AMException {
        if (str != null) {
            try {
                if (!str.equals("")) {
                    if (str2 == null) {
                        throw new AMException(sSOToken, "322");
                    }
                    validateAttributeUniqueness(new StringBuffer().append(AMNamingAttrManager.getNamingAttr(i)).append("=").append(str).append(",").append(str2).toString(), i, true, map);
                    PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str2));
                    switch (i) {
                        case AMObject.UNDETERMINED_OBJECT_TYPE /* -9999 */:
                        case -1:
                            throw new AMException(sSOToken, "326");
                        case 1:
                            createUser(sSOToken, objectHandle, map, str);
                            break;
                        case 2:
                            createOrganization(sSOToken, objectHandle, map, str);
                            break;
                        case 3:
                            createOrganizationalUnit(sSOToken, objectHandle, map, str);
                            break;
                        case 4:
                            createGroupContainer(objectHandle, map, str);
                            break;
                        case 5:
                            createPeopleContainer(objectHandle, map, str);
                            break;
                        case 6:
                        case 7:
                            createRole(sSOToken, objectHandle, map, str);
                            break;
                        case 8:
                            createFilteredRole(sSOToken, objectHandle, map, str);
                            break;
                        case 9:
                        case 10:
                            createGroup(sSOToken, objectHandle, map, str);
                            break;
                        case 11:
                            createDynamicGroup(sSOToken, objectHandle, map, str);
                            break;
                        case 12:
                            createAssignDynamicGroup(sSOToken, objectHandle, map, str);
                            break;
                        case 21:
                            createResource(objectHandle, map, str);
                            break;
                        default:
                            createEntity(sSOToken, objectHandle, i, map, str);
                            break;
                    }
                    return;
                }
            } catch (AccessRightsException e) {
                if (debug.warningEnabled()) {
                    debug.warning(new StringBuffer().append("DirectoryManager.createEntry() Insufficient access rights to create entry: ").append(str).toString(), e);
                }
                throw new AMException(sSOToken, "460");
            } catch (EntryAlreadyExistsException e2) {
                if (debug.warningEnabled()) {
                    debug.warning(new StringBuffer().append("DirectoryManager.createEntry() Entry: ").append(str).append("already exists: ").toString(), e2);
                }
                String entryExistsMsgID = getEntryExistsMsgID(i);
                Object[] objArr = {getEntryName(e2)};
                throw new AMException(AMSDKBundle.getString(entryExistsMsgID, objArr), entryExistsMsgID, objArr);
            } catch (UMSException e3) {
                if (debug.warningEnabled()) {
                    debug.warning(new StringBuffer().append("DirectoryManager.createEntry() Unable to create entry: ").append(str).toString(), e3);
                }
                throw new AMException(sSOToken, "324", e3);
            }
        }
        throw new AMException(sSOToken, "320");
    }

    private void processPreDeleteCallBacks(SSOToken sSOToken, String str, Map map, String str2, int i, boolean z) throws AMException, SSOException {
        if (i == 5 || i == 4) {
            return;
        }
        String str3 = str2;
        if ((i == 2 || i == 3) && !new DN(AMStoreConnection.rootSuffix).equals(new DN(str2))) {
            String dn = new DN(str2).getParent().toString();
            if (this.amdm == null) {
                this.amdm = AMDirectoryWrapper.getInstance();
            }
            str3 = this.amdm.getOrganizationDN(this.internalToken, dn);
        }
        if (map == null) {
            map = getAttributes(sSOToken, str, i);
        }
        AMCallBackImpl.preProcess(sSOToken, str, str3, map, (Map) null, 2, i, z);
    }

    private void processPostDeleteCallBacks(SSOToken sSOToken, String str, Map map, String str2, int i, boolean z) throws AMException {
        if (i == 5 || i == 4) {
            return;
        }
        String str3 = str2;
        if ((i == 2 || i == 3) && !new DN(AMStoreConnection.rootSuffix).equals(new DN(str2))) {
            String dn = new DN(str2).getParent().toString();
            if (this.amdm == null) {
                this.amdm = AMDirectoryWrapper.getInstance();
            }
            str3 = this.amdm.getOrganizationDN(this.internalToken, dn);
        }
        AMCallBackImpl.postProcess(sSOToken, str, str3, map, (Map) null, 2, i, z);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void removeEntry(SSOToken sSOToken, String str, int i, boolean z, boolean z2) throws AMException, SSOException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.removeEntry(): Removing: ").append(str).append(" & recursive: ").append(z).toString());
        }
        if (z) {
            removeSubtree(sSOToken, str, z2);
        } else {
            removeSingleEntry(sSOToken, str, i, z2);
        }
    }

    private void removeSingleEntry(SSOToken sSOToken, String str, int i, boolean z) throws AMException, SSOException {
        Map map = null;
        AMEmailNotification aMEmailNotification = null;
        String str2 = str;
        if (i == 1) {
            str2 = new DN(str).getParent().toRFCString();
        }
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, str2);
        if (i == 1) {
            try {
                aMEmailNotification = new AMEmailNotification(str);
                aMEmailNotification.setUserDeleteNotificationList();
            } catch (AccessRightsException e) {
                debug.error(new StringBuffer().append("DirectoryManager.removeEntry() Insufficient access rights to remove entry: ").append(str).toString(), e);
                throw new AMException(sSOToken, "460");
            } catch (EntryNotFoundException e2) {
                String entryName = getEntryName(e2);
                debug.error(new StringBuffer().append("DirectoryManager.removeEntry() Entry not found: ").append(entryName).toString(), e2);
                String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
                Object[] objArr = {entryName};
                throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr, CommonUtils.getUserLocale(sSOToken)), entryNotFoundMsgID, objArr);
            } catch (UMSException e3) {
                debug.error("DirectoryManager.removeEntry() Unable to remove:  Internal error occurred: ", e3);
                throw new AMException(sSOToken, "325", e3);
            }
        }
        if (getUserPostPlugin() != null || (aMEmailNotification != null && aMEmailNotification.isPresentUserDeleteNotificationList())) {
            map = getAttributes(sSOToken, str, i);
        }
        processPreDeleteCallBacks(sSOToken, str, map, organizationDN, i, z);
        if (this.dcTree.isRequired()) {
            this.dcTree.removeDomain(this.internalToken, CommonUtils.formatToRFC(str));
        }
        UMSObject.removeObject(sSOToken, new Guid(str));
        processPostDeleteCallBacks(sSOToken, str, map, organizationDN, i, z);
        if (i == 1) {
            AMUserEntryProcessed userPostPlugin = getUserPostPlugin();
            if (userPostPlugin != null) {
                userPostPlugin.processUserDelete(sSOToken, str, map);
            }
            if (aMEmailNotification == null || !aMEmailNotification.isPresentUserDeleteNotificationList()) {
                return;
            }
            aMEmailNotification.sendUserDeleteNotification(map);
        }
    }

    private void removeSubtree(SSOToken sSOToken, String str, boolean z) throws AMException, SSOException {
        int i = -1;
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(this.internalToken, new Guid(str));
            SearchControl searchControl = new SearchControl();
            searchControl.setSearchScope(2);
            ArrayList arrayList = new ArrayList();
            int countRDNs = new DN(str).countRDNs();
            int i2 = countRDNs;
            SearchResults children = objectHandle.getChildren("(|(objectclass=*)(objectclass=ldapsubEntry))", searchControl);
            while (children.hasMoreElements()) {
                PersistentObject next = children.next();
                DN dn = new DN(next.getDN());
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("DirectoryManager.removeEntry(): found child: ").append(next.getDN()).toString());
                }
                int countRDNs2 = dn.countRDNs();
                if (countRDNs2 > i2) {
                    i2 = countRDNs2;
                }
                arrayList.add(dn);
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.removeEntry(): max RDNs: ").append(i2).toString());
            }
            int size = arrayList.size();
            for (int i3 = i2; i3 >= countRDNs; i3--) {
                int i4 = 0;
                while (i4 < size) {
                    DN dn2 = (DN) arrayList.get(i4);
                    if (dn2.countRDNs() == i3) {
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("DirectoryManager.removeEntry(): del ").append(dn2.toRFCString()).toString());
                        }
                        String rFCString = dn2.toRFCString();
                        i = -1;
                        try {
                            i = getObjectType(this.internalToken, rFCString);
                        } catch (AMException e) {
                            UMSObject.removeObject(sSOToken, new Guid(rFCString));
                        }
                        if (i != -1 && i != -9999) {
                            try {
                                removeSingleEntry(sSOToken, rFCString, i, z);
                            } catch (AMPreCallBackException e2) {
                                debug.error(new StringBuffer().append("DirectoryManager.removeSubTree: Aborting delete of: ").append(rFCString).append(" due to pre-callback exception").toString(), e2);
                            }
                        }
                        arrayList.remove(i4);
                        i4--;
                        size--;
                    }
                    i4++;
                }
            }
        } catch (AccessRightsException e3) {
            debug.error(new StringBuffer().append("DirectoryManager.removeEntry() Insufficient access rights to remove entry: ").append(str).toString(), e3);
            throw new AMException(sSOToken, "460");
        } catch (EntryNotFoundException e4) {
            String entryName = getEntryName(e4);
            debug.error(new StringBuffer().append("DirectoryManager.removeEntry() Entry not found: ").append(entryName).toString(), e4);
            String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
            Object[] objArr = {entryName};
            throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr, CommonUtils.getUserLocale(sSOToken)), entryNotFoundMsgID, objArr);
        } catch (UMSException e5) {
            debug.error("DirectoryManager.removeEntry() Unable to remove:  Internal error occurred: ", e5);
            throw new AMException(sSOToken, "325", e5);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void removeAdminRole(SSOToken sSOToken, String str, boolean z) throws SSOException, AMException {
        Set<String> hashSet;
        SSOTokenManager.getInstance().validateToken(sSOToken);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.removeAdminRole() dn: ").append(str).append(" recursive: ").append(z).toString());
        }
        DN dn = new DN(str);
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(sSOToken, dn.getParent().toString());
        String replace = str.replace(',', '_');
        String namingAttr = AMNamingAttrManager.getNamingAttr(6);
        String stringBuffer = new StringBuffer().append(namingAttr).append("=").append(replace).append(",").append(organizationDN).toString();
        Set set = Collections.EMPTY_SET;
        if (z) {
            String searchFilter = AMSearchFilterManager.getSearchFilter(6, organizationDN);
            StringBuffer stringBuffer2 = new StringBuffer();
            stringBuffer2.append("(&").append(searchFilter).append("(");
            stringBuffer2.append(namingAttr).append("=*").append(replace).append("))");
            hashSet = search(sSOToken, organizationDN, stringBuffer2.toString(), 1);
        } else {
            hashSet = new HashSet();
            hashSet.add(stringBuffer);
        }
        for (String str2 : hashSet) {
            try {
                ((ManagedRole) UMSObject.getObject(sSOToken, new Guid(str2))).removeAllMembers();
                new AMStoreConnection(this.internalToken).getRole(str2).delete(z);
            } catch (Exception e) {
                if (debug.messageEnabled()) {
                    debug.message("DirectoryManager.removeAdminRole() Unable to  admin roles:", e);
                }
            }
        }
    }

    private Set searchResultsToSet(SearchResults searchResults) throws UMSException {
        OrderedSet orderedSet = new OrderedSet();
        if (searchResults != null) {
            while (searchResults.hasMoreElements()) {
                orderedSet.add(searchResults.next().getGuid().toString());
            }
        }
        return orderedSet;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Set search(SSOToken sSOToken, String str, String str2, int i) throws AMException {
        Set set = Collections.EMPTY_SET;
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            SearchControl searchControl = new SearchControl();
            searchControl.setSearchScope(i);
            set = searchResultsToSet(objectHandle.search(str2, searchControl));
        } catch (UMSException e) {
            int lDAPResultCode = ((LDAPException) e.getRootCause()).getLDAPResultCode();
            if (retryErrorCodes.contains(new StringBuffer().append("").append(lDAPResultCode).toString())) {
                throw new AMException(sSOToken, Integer.toString(lDAPResultCode));
            }
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("DirectoryManager.search(token:, entryDN: ").append(str).append(", searchFilter: ").append(str2).append("searchScope: ").append(i).append(" error occurred: ").toString(), e);
            }
            processInternalException(sSOToken, e, "341");
        }
        return set;
    }

    private AMSearchResults getSearchResults(SearchResults searchResults, SortKey sortKey, String[] strArr, Collator collator, boolean z) throws UMSException {
        TreeMap treeMap = null;
        TreeSet treeSet = null;
        if (sortKey != null) {
            treeMap = new TreeMap(collator);
            treeSet = new TreeSet();
        }
        OrderedSet orderedSet = new OrderedSet();
        HashMap hashMap = new HashMap();
        int i = 0;
        if (searchResults != null) {
            while (searchResults.hasMoreElements()) {
                try {
                    PersistentObject next = searchResults.next();
                    String guid = next.getGuid().toString();
                    if (treeMap != null) {
                        Attr attribute = next.getAttribute(sortKey.attributeName);
                        if (attribute != null) {
                            String str = attribute.getStringValues()[0];
                            Object obj = treeMap.get(str);
                            if (obj == null) {
                                treeMap.put(str, guid);
                            } else if (obj instanceof String) {
                                TreeSet treeSet2 = new TreeSet();
                                treeSet2.add(obj);
                                treeSet2.add(guid);
                                treeMap.put(str, treeSet2);
                            } else {
                                ((TreeSet) obj).add(guid);
                            }
                        } else {
                            treeSet.add(guid);
                        }
                    } else {
                        orderedSet.add(guid);
                    }
                    AttrSet attrSet = new AttrSet();
                    if (strArr != null) {
                        attrSet = next.getAttributes(strArr, true);
                    } else if (z) {
                        attrSet = next.getAttributes(next.getAttributeNames(), true);
                    }
                    hashMap.put(guid, CommonUtils.attrSetToMap(attrSet));
                } catch (SizeLimitExceededException e) {
                    i = 1;
                } catch (TimeLimitExceededException e2) {
                    i = 2;
                }
            }
        }
        Integer num = (Integer) searchResults.get(SearchResults.VLVRESPONSE_CONTENT_COUNT);
        int intValue = num == null ? -1 : num.intValue();
        if (treeMap != null) {
            Object[] array = treeMap.values().toArray();
            if (sortKey.reverse) {
                for (int i2 = r0 - 1; i2 >= 0; i2--) {
                    Object obj2 = array[i2];
                    if (obj2 instanceof String) {
                        orderedSet.add(obj2);
                    } else {
                        orderedSet.addAll((Collection) obj2);
                    }
                }
            } else {
                for (Object obj3 : array) {
                    if (obj3 instanceof String) {
                        orderedSet.add(obj3);
                    } else {
                        orderedSet.addAll((Collection) obj3);
                    }
                }
            }
            Iterator it = treeSet.iterator();
            while (it.hasNext()) {
                orderedSet.add(it.next());
            }
        }
        return new AMSearchResults(intValue, orderedSet, i, hashMap);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public AMSearchResults search(SSOToken sSOToken, String str, String str2, SearchControl searchControl, String[] strArr) throws AMException {
        SearchControl searchControl2;
        SearchResults search;
        AMSearchResults aMSearchResults = null;
        try {
            SortKey[] sortKeys = searchControl.getSortKeys();
            SortKey sortKey = null;
            if (sortKeys != null && sortKeys.length > 0 && sortKeys[0].attributeName != null) {
                sortKey = sortKeys[0];
            }
            String userLocale = CommonUtils.getUserLocale(sSOToken);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.search() search with searchcontrol locale = ").append(userLocale).toString());
            }
            Collator collator = Collator.getInstance(Locale.getLocale(userLocale));
            if (sortKey != null) {
                searchControl2 = new SearchControl();
                searchControl2.setMaxResults(searchControl.getMaxResults());
                searchControl2.setSearchScope(searchControl.getSearchScope());
                searchControl2.setTimeOut(searchControl.getTimeOut());
            } else {
                searchControl2 = searchControl;
            }
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            if (strArr == null) {
                search = sortKey == null ? objectHandle.search(str2, searchControl2) : objectHandle.search(str2, new String[]{sortKey.attributeName}, searchControl2);
            } else if (sortKey == null) {
                search = objectHandle.search(str2, strArr, searchControl2);
            } else {
                String[] strArr2 = new String[strArr.length + 1];
                System.arraycopy(strArr, 0, strArr2, 0, strArr.length);
                strArr2[strArr.length] = sortKey.attributeName;
                search = objectHandle.search(str2, strArr2, searchControl2);
            }
            aMSearchResults = getSearchResults(search, sortKey, strArr, collator, searchControl2.isGetAllReturnAttributesEnabled());
        } catch (UMSException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("DirectoryManager.search() with search control entryDN: ").append(str).append(" Search Filter: ").append(str2).append(" Error occurred: ").toString(), e);
            }
            processInternalException(sSOToken, e, "341");
        }
        return aMSearchResults;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Set getMembers(SSOToken sSOToken, String str, int i) throws AMException {
        try {
            switch (i) {
                case 6:
                case 7:
                    return searchResultsToSet(((ManagedRole) UMSObject.getObject(sSOToken, new Guid(str))).getMemberIDs());
                case 8:
                    return searchResultsToSet(((FilteredRole) UMSObject.getObject(sSOToken, new Guid(str))).getMemberIDs());
                case 9:
                case 10:
                    return searchResultsToSet(((StaticGroup) UMSObject.getObject(sSOToken, new Guid(str))).getMemberIDs());
                case 11:
                    return searchResultsToSet(((DynamicGroup) UMSObject.getObject(sSOToken, new Guid(str))).getMemberIDs());
                case 12:
                    new AssignableDynamicGroup();
                    return searchResultsToSet(((AssignableDynamicGroup) UMSObject.getObject(sSOToken, new Guid(str))).getMemberIDs());
                default:
                    throw new AMException(sSOToken, AMAuthErrorCode.AUTH_TYPE_DENIED);
            }
        } catch (EntryNotFoundException e) {
            debug.error(new StringBuffer().append("DirectoryManager.getMembers() entryDN ").append(str).append(" objectType: ").append(i).append(" Unable to get members: ").toString(), e);
            String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
            Object[] objArr = {getEntryName(e)};
            throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr), entryNotFoundMsgID, objArr);
        } catch (UMSException e2) {
            debug.error(new StringBuffer().append("DirectoryManager.getMembers() entryDN ").append(str).append(" objectType: ").append(i).append(" Unable to get members: ").toString(), e2);
            throw new AMException(sSOToken, "454", e2);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String renameEntry(SSOToken sSOToken, int i, String str, String str2, boolean z) throws AMException {
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            objectHandle.rename(new StringBuffer().append(AMNamingAttrManager.getNamingAttr(i)).append("=").append(str2).toString(), z);
            return objectHandle.getDN();
        } catch (AccessRightsException e) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.renameEntry(): User does not have sufficient access rights ", e);
            }
            throw new AMException(sSOToken, "460");
        } catch (EntryNotFoundException e2) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.renameEntry(): Entry not found: ", e2);
            }
            String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
            Object[] objArr = {getEntryName(e2)};
            throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr), entryNotFoundMsgID, objArr);
        } catch (UMSException e3) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.renameEntry(): Unable to rename entry: ", e3);
            }
            throw new AMException(sSOToken, "360");
        }
    }

    private Map setDCTreeAttributes(SSOToken sSOToken, String str, Map map, int i) throws AMException {
        if (i == 2 && this.dcTree.isRequired() && !str.equals(AMStoreConnection.rootSuffix)) {
            AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
            String value = mapToAttrSet.getValue("inetdomainstatus");
            if (value != null) {
                this.dcTree.updateDomainStatus(sSOToken, str, value);
            }
            AttrSet[] splitAttrSet = this.dcTree.splitAttrSet(str, mapToAttrSet);
            map = CommonUtils.attrSetToMap(splitAttrSet[0]);
            this.dcTree.setDomainAttributes(sSOToken, str, splitAttrSet[1]);
        }
        return map;
    }

    private void processPostModifyCallBacks(SSOToken sSOToken, String str, Map map, Map map2, String str2, int i) throws AMException {
        if (i == 5 || i == 4) {
            return;
        }
        String str3 = str2;
        if ((i == 2 || i == 3) && !new DN(AMStoreConnection.rootSuffix).equals(new DN(str2))) {
            String dn = new DN(str2).getParent().toString();
            if (this.amdm == null) {
                this.amdm = AMDirectoryWrapper.getInstance();
            }
            str3 = this.amdm.getOrganizationDN(this.internalToken, dn);
        }
        AMCallBackImpl.postProcess(sSOToken, str, str3, map, map2, 3, i, false);
    }

    private Map processPreModifyCallBacks(SSOToken sSOToken, String str, Map map, Map map2, String str2, int i) throws AMException, SSOException {
        if (i != 5 && i != 4) {
            String str3 = str2;
            if ((i == 2 || i == 3) && !new DN(AMStoreConnection.rootSuffix).equals(new DN(str2))) {
                String dn = new DN(str2).getParent().toString();
                if (this.amdm == null) {
                    this.amdm = AMDirectoryWrapper.getInstance();
                }
                str3 = this.amdm.getOrganizationDN(this.internalToken, dn);
            }
            if (map == null) {
                map = getAttributes(sSOToken, str, map2.keySet(), i);
            }
            map2 = AMCallBackImpl.preProcess(sSOToken, str, str3, map, map2, 3, i, false);
        }
        return map2;
    }

    private void modifyPersistentObject(PersistentObject persistentObject, Attr attr, boolean z) {
        if (attr.size() == 0) {
            persistentObject.modify(attr, 1);
        } else if (z) {
            persistentObject.modify(attr, 0);
        } else {
            persistentObject.modify(attr, 2);
        }
    }

    private void modifyAndSaveEntry(SSOToken sSOToken, String str, Map map, Map map2, boolean z) throws AccessRightsException, EntryNotFoundException, UMSException {
        PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
        if (map != null && !map.isEmpty()) {
            for (String str2 : map.keySet()) {
                Set set = (Set) map.get(str2);
                modifyPersistentObject(objectHandle, new Attr(str2, set == null ? null : (String[]) set.toArray(new String[set.size()])), z);
            }
        }
        if (map2 != null && !map2.isEmpty()) {
            for (String str3 : map2.keySet()) {
                modifyPersistentObject(objectHandle, new Attr(str3, (byte[][]) map2.get(str3)), z);
            }
        }
        objectHandle.save();
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void setAttributes(SSOToken sSOToken, String str, int i, Map map, Map map2, boolean z) throws AMException, SSOException {
        Map map3 = null;
        AMEmailNotification aMEmailNotification = null;
        validateAttributeUniqueness(str, i, false, map);
        String str2 = str;
        if (i == 1) {
            str2 = new DN(str).getParent().toString();
        }
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(this.internalToken, str2);
        try {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.setAttributes() entryDN: ").append(str).toString());
            }
            if (i == 1) {
                try {
                    new AMUserPasswordValidationImpl(sSOToken, organizationDN).validate(map);
                    aMEmailNotification = new AMEmailNotification(str);
                    aMEmailNotification.setUserModifyNotificationList();
                } catch (AMException e) {
                    debug.error("DirectoryManager.setAttributes(): Invalid characters for user", e);
                    throw e;
                }
            }
            if (getUserPostPlugin() != null || (aMEmailNotification != null && aMEmailNotification.isPresentUserModifyNotificationList())) {
                map3 = getAttributes(sSOToken, str, map.keySet(), i);
            }
            map = processPreModifyCallBacks(sSOToken, str, map3, map, organizationDN, i);
            setDCTreeAttributes(sSOToken, str, map, i);
            modifyAndSaveEntry(sSOToken, str, map, map2, z);
        } catch (AccessRightsException e2) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.setAttributes() User does not have sufficient access rights: ", e2);
            }
            throw new AMException(sSOToken, "460");
        } catch (EntryNotFoundException e3) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.setAttributes() Entry not found: ", e3);
            }
            String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
            Object[] objArr = {getEntryName(e3)};
            throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr), entryNotFoundMsgID, objArr);
        } catch (UMSException e4) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.setAttributes() Internal error occurred", e4);
            }
            processInternalException(sSOToken, e4, "452");
        }
        processPostModifyCallBacks(sSOToken, str, map3, map, organizationDN, i);
        if (i == 1) {
            AMUserEntryProcessed userPostPlugin = getUserPostPlugin();
            if (userPostPlugin != null) {
                userPostPlugin.processUserModify(sSOToken, str, map3, map);
            }
            if (aMEmailNotification == null || !aMEmailNotification.isPresentUserModifyNotificationList()) {
                return;
            }
            aMEmailNotification.sendUserModifyNotification(sSOToken, map, map3);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String[] getGroupFilterAndScope(SSOToken sSOToken, String str, int i) throws SSOException, AMException {
        String[] strArr = new String[3];
        try {
            DynamicGroup dynamicGroup = (DynamicGroup) UMSObject.getObject(sSOToken, new Guid(str));
            int searchScope = dynamicGroup.getSearchScope();
            String dn = dynamicGroup.getSearchBase().getDn();
            String searchFilter = dynamicGroup.getSearchFilter();
            strArr[0] = Integer.toString(searchScope);
            strArr[1] = dn;
            strArr[2] = searchFilter;
            return strArr;
        } catch (EntryNotFoundException e) {
            debug.error("AMGroupImpl.searchUsers", e);
            String entryNotFoundMsgID = getEntryNotFoundMsgID(i);
            Object[] objArr = {getEntryName(e)};
            throw new AMException(AMSDKBundle.getString(entryNotFoundMsgID, objArr), entryNotFoundMsgID, objArr);
        } catch (UMSException e2) {
            debug.message("AMGroupImpl.searchUsers", e2);
            throw new AMException(AMSDKBundle.getString("341"), "341");
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void setGroupFilter(SSOToken sSOToken, String str, String str2) throws AMException, SSOException {
        try {
            DynamicGroup dynamicGroup = (DynamicGroup) UMSObject.getObject(sSOToken, new Guid(str));
            dynamicGroup.setSearchFilter(str2);
            dynamicGroup.save();
        } catch (UMSException e) {
            debug.message("AMDynamicGroup.setSearchFilter() - Unable to setFilter()", e);
            throw new AMException(sSOToken, "352", e);
        }
    }

    private void modifyRoleMembership(SSOToken sSOToken, String str, Set set, int i, int i2) throws UMSException, AMException {
        try {
            ManagedRole managedRole = (ManagedRole) UMSObject.getObject(sSOToken, new Guid(str));
            String dn = managedRole.getParentGuid().getDn();
            if (this.amdm == null) {
                this.amdm = AMDirectoryWrapper.getInstance();
            }
            String organizationDN = this.amdm.getOrganizationDN(sSOToken, dn);
            if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
                set = AMCallBackImpl.preProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
                if (set == null || set.isEmpty()) {
                    return;
                }
            }
            switch (i) {
                case 1:
                    Guid[] guidArray = CommonUtils.toGuidArray(set);
                    managedRole.addMembers(guidArray);
                    set.iterator();
                    if (this.compl.isAdminGroupsEnabled(dn)) {
                        this.compl.verifyAndLinkRoleToGroup(sSOToken, guidArray, str);
                        break;
                    }
                    break;
                case 2:
                    for (Object obj : set.toArray()) {
                        managedRole.removeMember(new Guid((String) obj));
                    }
                    if (this.compl.isAdminGroupsEnabled(dn)) {
                        this.compl.verifyAndUnLinkRoleToGroup(sSOToken, set, str);
                        break;
                    }
                    break;
                default:
                    throw new AMException(sSOToken, AMAuthErrorCode.AUTH_TYPE_DENIED);
            }
            if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
                AMCallBackImpl.postProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
            }
        } catch (ClassCastException e) {
            debug.message("DirectoryManager.modifyRoleMembership() - Unable to modify role membership", e);
            throw new AMException(sSOToken, "350");
        }
    }

    private void modifyGroupMembership(SSOToken sSOToken, String str, Set set, int i, int i2) throws UMSException, AMException {
        StaticGroup staticGroup = (StaticGroup) UMSObject.getObject(sSOToken, new Guid(str));
        String dn = staticGroup.getParentGuid().getDn();
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(sSOToken, dn);
        if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
            set = AMCallBackImpl.preProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
            if (set == null || set.isEmpty()) {
                return;
            }
        }
        switch (i) {
            case 1:
                staticGroup.addMembers(CommonUtils.toGuidArray(set));
                updateUserAttribute(sSOToken, set, str, true);
                break;
            case 2:
                for (Object obj : set.toArray()) {
                    staticGroup.removeMember(new Guid((String) obj));
                }
                updateUserAttribute(sSOToken, set, str, false);
                break;
            default:
                throw new AMException(sSOToken, AMAuthErrorCode.AUTH_TYPE_DENIED);
        }
        if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
            AMCallBackImpl.postProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
        }
    }

    private void modifyAssignDynamicGroupMembership(SSOToken sSOToken, String str, Set set, int i, int i2) throws UMSException, AMException {
        new AssignableDynamicGroup();
        AssignableDynamicGroup assignableDynamicGroup = (AssignableDynamicGroup) UMSObject.getObject(sSOToken, new Guid(str));
        String dn = assignableDynamicGroup.getParentGuid().getDn();
        if (this.amdm == null) {
            this.amdm = AMDirectoryWrapper.getInstance();
        }
        String organizationDN = this.amdm.getOrganizationDN(sSOToken, dn);
        if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
            set = AMCallBackImpl.preProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
            if (set == null || set.isEmpty()) {
                return;
            }
        }
        switch (i) {
            case 1:
                Guid[] guidArray = CommonUtils.toGuidArray(set);
                assignableDynamicGroup.addMembers(CommonUtils.toGuidArray(set));
                if (this.compl.isAdminGroupsEnabled(AMStoreConnection.rootSuffix)) {
                    this.compl.verifyAndLinkGroupToRole(sSOToken, guidArray, str);
                    break;
                }
                break;
            case 2:
                for (Object obj : set.toArray()) {
                    assignableDynamicGroup.removeMember(new Guid((String) obj));
                }
                if (this.compl.isAdminGroupsEnabled(AMStoreConnection.rootSuffix)) {
                    this.compl.verifyAndUnLinkGroupToRole(sSOToken, set, str);
                    break;
                }
                break;
            default:
                throw new AMException(sSOToken, AMAuthErrorCode.AUTH_TYPE_DENIED);
        }
        if (AMCallBackImpl.isExistsPrePostPlugins(organizationDN)) {
            AMCallBackImpl.postProcessModifyMemberShip(sSOToken, str, organizationDN, set, i, i2);
        }
    }

    private AMException generateMemberShipException(SSOToken sSOToken, String str, int i, EntryNotFoundException entryNotFoundException) {
        DN exceptionDN = getExceptionDN(entryNotFoundException);
        DN dn = new DN(str);
        if (exceptionDN == null) {
            debug.error("DirectoryManager.modMemberShip", entryNotFoundException);
            Object[] objArr = {str};
            return new AMException(AMSDKBundle.getString("461", objArr, CommonUtils.getUserLocale(sSOToken)), "461", objArr);
        }
        String str2 = ((RDN) exceptionDN.getRDNs().firstElement()).getValues()[0];
        String str3 = null;
        if (exceptionDN.equals(dn)) {
            switch (i) {
                case 6:
                case 7:
                    str3 = "465";
                    break;
                case 9:
                case 10:
                case 12:
                    str3 = "466";
                    break;
            }
        } else {
            str3 = "468";
        }
        debug.error(new StringBuffer().append("DirectoryManager.modMemberShip() - Entry not found ").append(str).toString(), entryNotFoundException);
        Object[] objArr2 = {str2};
        return new AMException(AMSDKBundle.getString(str3, objArr2), str3, objArr2);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void modifyMemberShip(SSOToken sSOToken, Set set, String str, int i, int i2) throws AMException {
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.modifyMemberShip: targetDN = <").append(str).append(">, Members: ").append(set).append(", object Type = ").append(i).append("Operation = ").append(i2).toString());
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            if (str2.equals("") || !DN.isDN(str2)) {
                debug.error(new StringBuffer().append("DirectoryManager.modifyMemberShip() Invalid DN: ").append(str2).toString());
                throw new AMException(sSOToken, "157");
            }
        }
        try {
            switch (i) {
                case 6:
                case 7:
                    modifyRoleMembership(sSOToken, str, set, i2, i);
                    break;
                case 8:
                case 11:
                default:
                    throw new AMException(sSOToken, AMAuthErrorCode.AUTH_TYPE_DENIED);
                case 9:
                case 10:
                    modifyGroupMembership(sSOToken, str, set, i2, i);
                    break;
                case 12:
                    modifyAssignDynamicGroupMembership(sSOToken, str, set, i2, i);
                    break;
            }
        } catch (AccessRightsException e) {
            debug.error("DirectoryManager.modMemberShip() - Insufficient access rights: ", e);
            throw new AMException(sSOToken, "460");
        } catch (EntryNotFoundException e2) {
            throw generateMemberShipException(sSOToken, str, i, e2);
        } catch (UMSException e3) {
            debug.message("DirectoryManager.modMemberShip() - Unable to modify membership", e3);
            throw new AMException(sSOToken, "350", e3);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Set getRegisteredServiceNames(SSOToken sSOToken, String str) throws AMException {
        try {
            HashSet hashSet = new HashSet(1);
            hashSet.add(AMConstants.SERVICE_STATUS_ATTRIBUTE);
            Map attributes = getAttributes(this.internalToken, str, hashSet, AMObject.UNDETERMINED_OBJECT_TYPE);
            Set set = Collections.EMPTY_SET;
            if (attributes.size() == 1) {
                set = (Set) attributes.get(AMConstants.SERVICE_STATUS_ATTRIBUTE);
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.getRegisteredServiceNames() Registered Service Names for entryDN: ").append(str).append(" are: ").append(set).toString());
            }
            return set;
        } catch (Exception e) {
            debug.error("DirectoryManager.getRegisteredService", e);
            throw new AMException(sSOToken, "455");
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void registerService(SSOToken sSOToken, String str, String str2) throws AMException, SSOException {
        try {
            Set serviceAttributesWithQualifier = getServiceAttributesWithQualifier(sSOToken, str2);
            if (serviceAttributesWithQualifier != null && !serviceAttributesWithQualifier.isEmpty()) {
                COSManager.getCOSManager(sSOToken, UMSObject.getObjectHandle(sSOToken, new Guid(str)).getGuid()).addDefinition(createCOSDefinition(str2, serviceAttributesWithQualifier));
            }
        } catch (AccessRightsException e) {
            debug.error(new StringBuffer().append("DirectoryManager.registerService() Insufficient access rights to register service: ").append(str2).toString(), e);
            throw new AMException(sSOToken, "460");
        } catch (EntryAlreadyExistsException e2) {
            debug.error(new StringBuffer().append("DirectoryManager.registerService() Service ").append(str2).append(" already registered").toString(), e2);
            Object[] objArr = {str2};
            throw new AMException(AMSDKBundle.getString("464", objArr, CommonUtils.getUserLocale(sSOToken)), "464", objArr);
        } catch (UMSException e3) {
            debug.error(new StringBuffer().append("DirectoryManager.registerService() Unable to register service: ").append(str2).toString(), e3);
            throw new AMException(sSOToken, "914", e3);
        } catch (SMSException e4) {
            debug.error(new StringBuffer().append("DirectoryManager.registerService() Unable to register service: ").append(str2).toString(), e4);
            throw new AMException(sSOToken, "914");
        }
    }

    private Set getServiceAttributesWithQualifier(SSOToken sSOToken, String str) throws SMSException, SSOException {
        ServiceSchema serviceSchema = null;
        try {
            serviceSchema = new ServiceSchemaManager(str, sSOToken).getSchema(SchemaType.DYNAMIC);
        } catch (SMSException e) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.getServiceNames(): No schema defined for SchemaType.DYNAMIC type");
            }
        }
        if (serviceSchema == null) {
            return Collections.EMPTY_SET;
        }
        HashSet hashSet = new HashSet();
        for (String str2 : serviceSchema.getAttributeSchemaNames()) {
            hashSet.add(new StringBuffer().append(str2).append(" ").append(serviceSchema.getAttributeSchema(str2).getCosQualifier()).toString());
        }
        return hashSet;
    }

    private DirectCOSDefinition createCOSDefinition(String str, Set set) throws UMSException {
        AttrSet attrSet = new AttrSet();
        attrSet.add(new Attr("cn", str));
        attrSet.add(new Attr(ICOSDefinition.COSSPECIFIER, "nsrole"));
        Attr attr = new Attr(ICOSDefinition.COSATTRIBUTE);
        Iterator it = set.iterator();
        while (it.hasNext()) {
            attr.addValue((String) it.next());
        }
        attrSet.add(attr);
        return new DirectCOSDefinition(attrSet);
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void unRegisterService(SSOToken sSOToken, String str, int i, String str2, AMTemplate aMTemplate, int i2) throws AMException {
        COSManager cOSManager;
        if (i2 != 301) {
            if (i2 == 302) {
                try {
                    aMTemplate.delete();
                    return;
                } catch (SSOException e) {
                    debug.error("DirectoryManager.unRegisterService: Unable to unregister service ", e);
                    throw new AMException(sSOToken, "855");
                }
            }
            return;
        }
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            switch (i) {
                case 2:
                case 3:
                case 5:
                    cOSManager = COSManager.getCOSManager(sSOToken, objectHandle.getGuid());
                    break;
                case 4:
                case 7:
                default:
                    throw new AMException(sSOToken, "450");
                case 6:
                case 8:
                    cOSManager = COSManager.getCOSManager(sSOToken, objectHandle.getParentGuid());
                    break;
            }
            try {
                ((DirectCOSDefinition) cOSManager.getDefinition(str2)).removeCOSTemplates();
                cOSManager.removeDefinition(str2);
            } catch (COSNotFoundException e2) {
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("DirectoryManager.unRegisterService() No COSDefinition found for service: ").append(str2).toString());
                }
                Object[] objArr = {str2};
                throw new AMException(AMSDKBundle.getString("463", objArr, CommonUtils.getUserLocale(sSOToken)), "463", objArr);
            }
        } catch (AccessRightsException e3) {
            debug.error("DirectoryManager.unRegisterService() Insufficient Access rights to unRegister service: ", e3);
            throw new AMException(sSOToken, "460");
        } catch (UMSException e4) {
            debug.error("DirectoryManager.unRegisterService: Unable to unregister service ", e4);
            throw new AMException(sSOToken, "855", e4);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getAMTemplateDN(SSOToken sSOToken, String str, int i, String str2, int i2) throws AMException {
        try {
            switch (i) {
                case 2:
                case 3:
                case 5:
                    return new StringBuffer().append("cn=\"").append(new StringBuffer().append("cn=ContainerDefaultTemplateRole,").append(str).toString()).append("\",cn=").append(str2).append(",").append(str).toString();
                case 4:
                case 7:
                default:
                    throw new AMException(sSOToken, "450");
                case 6:
                case 8:
                    return new StringBuffer().append("cn=\"").append(str).append("\",cn=").append(str2).append(",").append(UMSObject.getObjectHandle(sSOToken, new Guid(str)).getParentGuid().toString()).toString();
            }
        } catch (UMSException e) {
            debug.error(new StringBuffer().append("DirectoryManager.getAMTemplateDN() Unable to get AMTemplate DN for service: ").append(str2).append(" entryDN: ").append(str).toString(), e);
            throw new AMException(sSOToken, "349", e);
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String createAMTemplate(SSOToken sSOToken, String str, int i, String str2, Map map, int i2) throws AMException {
        String stringBuffer;
        DirectCOSDefinition directCOSDefinition;
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(sSOToken, new Guid(str));
            switch (i) {
                case 2:
                case 3:
                case 5:
                    stringBuffer = new StringBuffer().append("cn=ContainerDefaultTemplateRole,").append(str).toString();
                    directCOSDefinition = (DirectCOSDefinition) COSManager.getCOSManager(sSOToken, objectHandle.getGuid()).getDefinition(str2);
                    break;
                case 4:
                case 7:
                default:
                    throw new AMException(sSOToken, "450");
                case 6:
                case 8:
                    stringBuffer = str;
                    directCOSDefinition = (DirectCOSDefinition) COSManager.getCOSManager(sSOToken, objectHandle.getParentGuid()).getDefinition(str2);
                    break;
            }
            AttrSet mapToAttrSet = CommonUtils.mapToAttrSet(map);
            if (i2 != -1) {
                Attr attr = new Attr("cospriority");
                attr.addValue(new StringBuffer().append("").append(i2).toString());
                mapToAttrSet.add(attr);
            }
            COSTemplate createCOSTemplate = createCOSTemplate(str2, mapToAttrSet, stringBuffer);
            directCOSDefinition.addCOSTemplate(createCOSTemplate);
            return createCOSTemplate.getGuid().toString();
        } catch (AccessRightsException e) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("DirectoryManager.createAMTemplate() Insufficient access rights to create template for: ").append(str2).append(" & entryDN: ").append(str).toString(), e);
            }
            throw new AMException(sSOToken, "460");
        } catch (EntryAlreadyExistsException e2) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.createAMTemplate: template already exists for ").append(str2).toString(), e2);
            }
            String[] strArr = {str2};
            throw new AMException(AMSDKBundle.getString("854", strArr, CommonUtils.getUserLocale(sSOToken)), "854", strArr);
        } catch (COSNotFoundException e3) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.createAMTemplate() COSDefinition for service: ").append(str2).append(" not found: ").toString(), e3);
            }
            throw new AMException(AMSDKBundle.getString("459", CommonUtils.getUserLocale(sSOToken)), "459", new Object[]{str2});
        } catch (UMSException e4) {
            if (debug.warningEnabled()) {
                debug.warning(new StringBuffer().append("DirectoryManager.createAMTemplate() Unable to create AMTemplate for: ").append(str2).append(" & entryDN: ").append(str).toString(), e4);
            }
            throw new AMException(AMSDKBundle.getString("459", CommonUtils.getUserLocale(sSOToken)), "459", new Object[]{str2}, e4);
        } catch (Exception e5) {
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.createAMTemplate", e5);
            }
            throw new AMException(sSOToken, "451");
        }
    }

    private COSTemplate createCOSTemplate(String str, AttrSet attrSet, String str2) throws UMSException {
        COSTemplate cOSTemplate = new COSTemplate(TemplateManager.getTemplateManager().getCreationTemplate(DefaultTemplates.BASIC_COSTEMPLATE_TEMPLATE, (Guid) null), new StringBuffer().append("\"").append(str2).append("\"").toString());
        cOSTemplate.addTemplateAttribute(SMSEntry.ATTR_OBJECTCLASS, "extensibleObject");
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("DirectoryManager.newCOSTemplate: cn = ").append(str2).append(" COSTemplate = ").append(cOSTemplate).toString());
        }
        int size = attrSet.size();
        for (int i = 0; i < size; i++) {
            cOSTemplate.modify(attrSet.elementAt(i), 0);
        }
        return cOSTemplate;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getNamingAttr(int i, String str) {
        try {
            if (templateMgr == null) {
                templateMgr = TemplateManager.getTemplateManager();
            }
            String creationTemplateName = getCreationTemplateName(i);
            if (creationTemplateName == null) {
                debug.warning(new StringBuffer().append("AMNamingAttrMgr.getNamingAttr(objectType, orgDN): (").append(i).append(",").append(str).append(")Could not ").append("determine creation template name. Returning <empty> ").append("value").toString());
                return "";
            }
            String namingAttribute = templateMgr.getCreationTemplate(creationTemplateName, str == null ? null : new Guid(str), 1).getNamingAttribute();
            if (namingAttribute == null) {
                debug.error(new StringBuffer().append("AMNamingAttrManager.getNamingAttr() Naming attribute for Object Type:").append(i).append(" Org DN: ").append(str).append(" is null").toString());
            } else if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("AMNamingAttrManager.getNamingAttr(): Naming attribute for Object type= ").append(i).append(": ").append(namingAttribute).toString());
            }
            return namingAttribute;
        } catch (UMSException e) {
            String defaultNamingAttr = getDefaultNamingAttr(i);
            debug.warning(new StringBuffer().append("Unable to get the naming attribute for ").append(i).append(" Using default ").append(defaultNamingAttr).toString());
            return defaultNamingAttr;
        }
    }

    private String getDefaultNamingAttr(int i) {
        switch (i) {
            case 1:
                return "uid";
            case 2:
                return "o";
            case 3:
                return SMSEntry.PLACEHOLDER_RDN;
            case 4:
                return SMSEntry.PLACEHOLDER_RDN;
            case 5:
                return SMSEntry.PLACEHOLDER_RDN;
            case 6:
                return "cn";
            case 7:
            case 10:
            case 13:
            case 14:
            case 15:
            case 16:
            case 17:
            case 18:
            case 19:
            case 20:
            default:
                debug.warning("AMNamingAttrMgr.getDefaultNamingAttr(): Unknown object type is passed. Returning <empty> value");
                return "";
            case 8:
                return "cn";
            case 9:
                return "cn";
            case 11:
                return "cn";
            case 12:
                return "cn";
            case 21:
                return "uid";
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getCreationTemplateName(int i) {
        String str = (String) CommonUtils.creationtemplateMap.get(Integer.toString(i));
        if (str != null) {
            return str;
        }
        switch (i) {
            case 1:
                return "BasicUser";
            case 2:
                return "BasicOrganization";
            case 3:
                return "BasicOrganizationalUnit";
            case 4:
                return GROUP_CONTAINER_CREATION_TEMPLATE;
            case 5:
                return "BasicPeopleContainer";
            case 6:
                return "BasicManagedRole";
            case 7:
            case 10:
            case 13:
            case 14:
            case 15:
            case 16:
            case 17:
            case 18:
            case 19:
            case 20:
            default:
                debug.warning("AMNamingAttrMgr.getCreationTemplateName(): Unknown object type is passed. Returning null value");
                return null;
            case 8:
                return "BasicFilteredRole";
            case 9:
                return "BasicGroup";
            case 11:
                return "BasicDynamicGroup";
            case 12:
                return ASSIGANABLE_DYNAMIC_GROUP_CREATION_TEMPLATE;
            case 21:
                return RESOURCE_CREATION_TEMPLATE;
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getObjectClassFromDS(int i) {
        String globalSearchFilter = AMSearchFilterManager.getGlobalSearchFilter(i);
        int indexOf = globalSearchFilter.indexOf("objectclass=");
        String str = null;
        if (indexOf != -1) {
            int length = indexOf + "objectclass=".length();
            int indexOf2 = globalSearchFilter.indexOf(41, length);
            if (indexOf2 != -1) {
                str = globalSearchFilter.substring(length, indexOf2);
            }
        } else {
            str = getDefaultObjectClass(i);
        }
        return str.toLowerCase();
    }

    private static String getDefaultObjectClass(int i) {
        switch (i) {
            case 1:
                return DEFAULT_USER_OBJECT_CLASS;
            case 2:
                return DEFAULT_ORGANIZATION_OBJECT_CLASS;
            case 3:
                return "organizationalunit";
            case 4:
                return DEFAULT_GROUP_CONTAINER_OBJECT_CLASS;
            case 5:
                return DEFAULT_PEOPLE_CONTAINER_OBJECT_CLASS;
            case 6:
                return DEFAULT_ROLE_OBJECT_CLASS;
            case 7:
            case 10:
            case 13:
            case 14:
            case 15:
            case 16:
            case 17:
            case 18:
            case 19:
            case 20:
            default:
                return "";
            case 8:
                return DEFAULT_FILTERED_ROLE_OBJECT_CLASS;
            case 9:
                return DEFAULT_GROUP_OBJECT_CLASS;
            case 11:
                return DEFAULT_DYNAMIC_GROUP_OBJECT_CLASS;
            case 12:
                return DEFAULT_ASSIGNABLE_DYNAMIC_GROUP_OBJECT_CLASS;
            case 21:
                return DEFAULT_RESOURCE_OBJECT_CLASS;
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Set getAttributesForSchema(String str) {
        try {
            return new HashSet(SchemaManager.getSchemaManager(this.internalToken).getAttributes(str));
        } catch (UMSException e) {
            return Collections.EMPTY_SET;
        }
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String getSearchFilterFromTemplate(int i, String str, String str2) {
        String str3;
        String searchTemplateName;
        SearchTemplate searchTemplate = null;
        if (str2 == null) {
            try {
                searchTemplateName = getSearchTemplateName(i);
            } catch (UMSException e) {
                str3 = "(objectclass=*)";
            }
        } else {
            searchTemplateName = str2;
        }
        String str4 = searchTemplateName;
        if (str4 == null) {
            debug.warning("AMSearchFilterManager.getSearchFilterFromTemplate(): Search template name is nullUnable to retrieve search filter. Returning <empty> value.");
            return "";
        }
        searchTemplate = TemplateManager.getTemplateManager().getSearchTemplate(str4, str == null ? null : new Guid(str), 1);
        str3 = searchTemplate.getSearchFilter();
        if (!str3.startsWith("(") || !str3.endsWith(")")) {
            str3 = new StringBuffer().append("(").append(str3).append(")").toString();
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("AMSearchFilterManager.getSearchFilterFromTemplate() SearchTemplate Name = ").append(searchTemplate.getName()).append(", objectType = ").append(i).append(", orgDN = ").append(str).append(", Obtained Filter = ").append(searchTemplate.getSearchFilter()).append(", Modified Filter = ").append(str3).toString());
        }
        return str3;
    }

    private static String modifyFilter(String str, int i) {
        switch (i) {
            case 6:
            case 8:
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("(&").append(str);
                stringBuffer.append("(objectClass=ldapsubentry)").append("(!(cn=");
                stringBuffer.append(AMConstants.CONTAINER_DEFAULT_TEMPLATE_ROLE);
                stringBuffer.append(")))");
                return stringBuffer.toString();
            default:
                return str;
        }
    }

    private static String getDefaultSearchFilter(int i) {
        switch (i) {
            case 1:
                return DEFAULT_USER_SEARCH_FILTER;
            case 2:
                return DEFAULT_ORGANIZATION_SEARCH_FILTER;
            case 3:
                return DEFAULT_ORGANIZATIONAL_UNIT_SEARCH_FILTER;
            case 4:
                return DEFAULT_GROUP_CONTAINER_SEARCH_FILTER;
            case 5:
                return DEFAULT_PEOPLE_CONTAINER_SEARCH_FILTER;
            case 6:
                return DEFAULT_ROLE_SEARCH_FILTER;
            case 7:
            case 10:
            default:
                debug.warning("AMSearchFilterManager.getDefaultSearchFilter(): Unknown object type is passed. Returning <empty> value");
                return "";
            case 8:
                return DEFAULT_FILTERED_ROLE_SEARCH_FILTER;
            case 9:
                return DEFAULT_GROUP_SEARCH_FILTER;
            case 11:
                return DEFAULT_DYNAMIC_GROUP_SEARCH_FILTER;
            case 12:
                return DEFAULT_ASSIGNABLE_DYNAMIC_GROUP_SEARCH_FILTER;
        }
    }

    private static String getSearchTemplateName(int i) {
        String str = (String) CommonUtils.searchtemplateMap.get(Integer.toString(i));
        if (str != null) {
            return str;
        }
        switch (i) {
            case 1:
                return "BasicUserSearch";
            case 2:
                return "BasicOrganizationSearch";
            case 3:
                return "BasicOrganizationalUnitSearch";
            case 4:
                return GROUP_CONTAINER_SEARCH_TEMPLATE;
            case 5:
                return "BasicPeopleContainerSearch";
            case 6:
                return "BasicManagedRoleSearch";
            case 7:
            case 10:
            case 13:
            case 14:
            case 15:
            case 16:
            case 17:
            case 18:
            case 19:
            case 20:
            default:
                debug.warning("AMSearchFilterManager.getSearchTemplateName(): Unknown object type is passed. Returning null value");
                return null;
            case 8:
                return "BasicFilteredRoleSearch";
            case 9:
                return "BasicGroupSearch";
            case 11:
                return "BasicDynamicGroupSearch";
            case 12:
                return ASSIGNABLE_DYNAMIC_GROUP_SEARCH_TEMPLATE;
            case 21:
                return RESOURCE_SEARCH_TEMPLATE;
        }
    }

    void validateAttributeUniqueness(String str, int i, boolean z, Map map) throws AMException {
        boolean z2 = false;
        if (i == 301 || i == 302 || i == 300) {
            return;
        }
        try {
            DN dn = new DN(str);
            String str2 = ((RDN) dn.getRDNs().firstElement()).getValues()[0];
            String[] explodeDN = dn.explodeDN(false);
            int length = explodeDN.length;
            if (length < 2) {
                return;
            }
            String str3 = explodeDN[length - 1];
            AMStoreConnection aMStoreConnection = new AMStoreConnection(CommonUtils.getInternalToken());
            DN dn2 = new DN(AMStoreConnection.rootSuffix);
            DN dn3 = new DN(str3);
            for (int i2 = length - 2; i2 >= 0; i2--) {
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("AMObjectImpl.validateAttributeUniqueness: try DN = ").append(str3).toString());
                }
                int i3 = -1;
                if (!dn2.isDescendantOf(dn3)) {
                    try {
                        i3 = aMStoreConnection.getAMObjectType(str3);
                    } catch (AMException e) {
                        if (debug.warningEnabled()) {
                            debug.warning(new StringBuffer().append("AMObjectImpl.validateAttributeUniqueness: Unable to determine object type of ").append(str3).append(" :Attribute uniqueness check aborted..").toString(), e);
                            return;
                        }
                        return;
                    }
                }
                Set set = null;
                AMOrganization aMOrganization = null;
                if (i3 == 2) {
                    AMOrganization organization = aMStoreConnection.getOrganization(str3);
                    set = organization.getAttribute(AMConstants.UNIQUE_ATTRIBUTE_LIST_ATTRIBUTE);
                    aMOrganization = organization;
                } else if (i3 == 3) {
                    AMOrganizationalUnit organizationalUnit = aMStoreConnection.getOrganizationalUnit(str3);
                    set = organizationalUnit.getAttribute(AMConstants.UNIQUE_ATTRIBUTE_LIST_ATTRIBUTE);
                    aMOrganization = organizationalUnit;
                }
                if (set != null && !set.isEmpty()) {
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("AMObjectImpl.validateAttributeUniqueness: list = ").append(set).toString());
                    }
                    Iterator it = set.iterator();
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("(|");
                    while (it.hasNext()) {
                        String[] attrList = getAttrList((String) it.next());
                        Set attrValues = getAttrValues(attrList, map);
                        for (String str4 : attrList) {
                            if (str4.equals(AMNamingAttrManager.getNamingAttr(i)) && z) {
                                if (i == 6 || i == 7 || i == 8) {
                                    stringBuffer.append("(&");
                                    stringBuffer.append("(objectclass=ldapsubentry)");
                                    stringBuffer.append("(objectclass=nsroledefinition)");
                                    z2 = true;
                                } else if (i == 9 || i == 10 || i == 12 || i == 11) {
                                    stringBuffer.append("(&");
                                    stringBuffer.append("(objectclass=iplanet-am-managed-group)");
                                    stringBuffer.append(DEFAULT_GROUP_SEARCH_FILTER);
                                    z2 = true;
                                }
                                stringBuffer.append("(").append(explodeDN[0]).append(")");
                            }
                            if (attrValues != null) {
                                Iterator it2 = attrValues.iterator();
                                while (it2.hasNext()) {
                                    stringBuffer.append("(").append(str4);
                                    stringBuffer.append("=").append((String) it2.next());
                                    stringBuffer.append(")");
                                }
                            }
                        }
                    }
                    if (stringBuffer.length() <= 2) {
                        continue;
                    } else {
                        if (z2) {
                            stringBuffer.append(")");
                            stringBuffer.append(")");
                        } else {
                            stringBuffer.append(")");
                        }
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("AMObjectImpl.validateAttributeUniqueness: filter = ").append(stringBuffer.toString()).toString());
                        }
                        Set search = aMOrganization.search(2, stringBuffer.toString());
                        if (search != null && search.size() == 1 && new DN((String) search.iterator().next()).equals(new DN(str))) {
                            return;
                        }
                        if (search != null && !search.isEmpty()) {
                            throw new AMException(AMSDKBundle.getString("162"), "162");
                        }
                    }
                }
                str3 = new StringBuffer().append(explodeDN[i2]).append(",").append(str3).toString();
                dn3 = new DN(str3);
            }
        } catch (SSOException e2) {
            if (debug.warningEnabled()) {
                debug.warning("Unable to validate attribute uniqneness", e2);
            }
        }
    }

    private String[] getAttrList(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        int countTokens = stringTokenizer.countTokens();
        String[] strArr = new String[countTokens];
        for (int i = 0; i < countTokens; i++) {
            strArr[i] = stringTokenizer.nextToken().trim();
        }
        return strArr;
    }

    private Set getAttrValues(String[] strArr, Map map) {
        HashSet hashSet = new HashSet();
        for (String str : strArr) {
            Set set = (Set) map.get(str);
            if (set != null && !set.isEmpty()) {
                hashSet.addAll(set);
            }
        }
        return hashSet;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public Set getTopLevelContainers(SSOToken sSOToken) throws AMException, SSOException {
        String name = sSOToken.getPrincipal().getName();
        AMStoreConnection aMStoreConnection = new AMStoreConnection(this.internalToken);
        AMUser user = aMStoreConnection.getUser(name);
        Set<String> hashSet = new HashSet();
        Set<String> roleDNs = user.getRoleDNs();
        roleDNs.addAll(user.getFilteredRoleDNs());
        for (String str : roleDNs) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("DirectoryManager.getTopLevelContainers: roleDN=").append(str).toString());
            }
            hashSet.addAll(aMStoreConnection.getRole(str).getAttribute("iplanet-am-role-managed-container-dn"));
        }
        if (hashSet.isEmpty()) {
            hashSet = search(sSOToken, AMStoreConnection.rootSuffix, new StringBuffer().append("(|").append(AMSearchFilterManager.getGlobalSearchFilter(2)).append(AMSearchFilterManager.getGlobalSearchFilter(3)).append(AMSearchFilterManager.getGlobalSearchFilter(5)).append(AMSearchFilterManager.getGlobalSearchFilter(11)).append(AMSearchFilterManager.getGlobalSearchFilter(12)).append(AMSearchFilterManager.getGlobalSearchFilter(9)).append(")").toString(), 2);
        }
        HashSet hashSet2 = new HashSet();
        for (String str2 : hashSet) {
            DN dn = new DN(str2);
            Iterator it = hashSet2.iterator();
            HashSet hashSet3 = new HashSet();
            boolean z = true;
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String str3 = (String) it.next();
                DN dn2 = new DN(str3);
                if (dn.isDescendantOf(dn2)) {
                    z = false;
                    hashSet3.add(str3);
                    break;
                }
                if (!dn2.isDescendantOf(dn)) {
                    hashSet3.add(str3);
                }
            }
            if (z) {
                hashSet3.add(str2);
            }
            hashSet2 = hashSet3;
        }
        if (debug.messageEnabled()) {
            debug.message("DirectoryManager.getTopLevelContainers");
            Iterator it2 = hashSet2.iterator();
            StringBuffer stringBuffer = new StringBuffer();
            while (it2.hasNext()) {
                stringBuffer.append((String) it2.next()).append("\n");
            }
            debug.message(new StringBuffer().append("containerDNs\n").append(stringBuffer.toString()).toString());
        }
        return hashSet2;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public String verifyAndGetOrgDN(SSOToken sSOToken, String str, String str2) throws AMException {
        if (str.equals("") || !DN.isDN(str)) {
            debug.error(new StringBuffer().append("DirectoryManager.verifyAndGetOrgDN() Invalid DN: ").append(str).toString());
            throw new AMException(sSOToken, "157");
        }
        String str3 = "";
        boolean z = false;
        try {
            PersistentObject objectHandle = UMSObject.getObjectHandle(this.internalToken, new Guid(str2));
            SearchResults search = objectHandle.search(getOrgSearchFilter(str), this.aName, this.scontrol);
            if (search.hasMoreElements()) {
                while (search.hasMoreElements()) {
                    search.next();
                }
                str3 = objectHandle.getGuid().toString().toLowerCase();
            }
        } catch (InvalidSearchFilterException e) {
            z = true;
            debug.error("DirectoryManager.verifyAndGetOrgDN(): Invalid search filter, unable to get Parent Organization: ", e);
        } catch (UMSException e2) {
            z = true;
            if (debug.warningEnabled()) {
                debug.warning("DirectoryManager.verifyAndGetOrgDN(): Unable to Obtain Parent Organization", e2);
            }
            int lDAPResultCode = ((LDAPException) e2.getRootCause()).getLDAPResultCode();
            if (retryErrorCodes.contains(new StringBuffer().append("").append(lDAPResultCode).toString())) {
                throw new AMException(sSOToken, Integer.toString(lDAPResultCode));
            }
        }
        if (z) {
            throw new AMException(AMSDKBundle.getString("124", CommonUtils.getUserLocale(sSOToken)), "124");
        }
        return str3;
    }

    @Override // com.iplanet.am.sdk.DirectoryManagerInterface
    public void addListener(SSOToken sSOToken, AMObjectListener aMObjectListener, Map map) throws AMEventManagerException {
        try {
            SSOTokenManager.getInstance().validateToken(sSOToken);
            synchronized (listeners) {
                listeners.put(aMObjectListener, map);
                if (eventManager == null) {
                    eventManager = new AMEventManager(listeners);
                    eventManager.start();
                }
            }
        } catch (SSOException e) {
            throw new AMEventManagerException(e.getMessage(), "902");
        }
    }

    static {
        String str = SystemProperties.get("com.iplanet.am.ldap.connection.ldap.error.codes.retries");
        if (str != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                retryErrorCodes.add(stringTokenizer.nextToken().trim());
            }
        }
    }
}
