package com.iplanet.am.console.base.model;

import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:120091-08/SUNWamconsdk/reloc/usr/share/lib/identity/console-war/WEB-INF/lib/am_console.jar:com/iplanet/am/console/base/model/AMAdminTypes.class */
public class AMAdminTypes implements AMAdminConstants {
    private AMStoreConnection dpsc;
    private AMUser userObj;
    private SSOToken token;
    private String dn;

    public AMAdminTypes(SSOToken sSOToken) {
        this.dpsc = null;
        this.userObj = null;
        this.token = null;
        this.dn = null;
        this.token = sSOToken;
        try {
            this.dpsc = (AMStoreConnection) AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.iplanet.am.console.base.model.AMAdminTypes.1
                private final AMAdminTypes this$0;

                {
                    this.this$0 = this;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    try {
                        return AMAdminUtils.getStoreConnAsAdmin();
                    } catch (AMConsoleException e) {
                        AMModelBase.debug.error("AMAdminTypes", e);
                        return null;
                    }
                }
            });
            this.dn = sSOToken.getPrincipal().getName();
            if (AMModelBase.debug.messageEnabled()) {
                AMModelBase.debug.message(new StringBuffer().append("AMAdminTypes - dn = ").append(this.dn).toString());
            }
            this.userObj = this.dpsc.getUser(this.dn);
        } catch (Exception e) {
            AMModelBase.debug.error("getting users dn from token", e);
        }
    }

    public int getRoleType(String str) throws AMException, SSOException {
        if (this.dpsc != null) {
            return this.dpsc.getRole(str).getRoleType();
        }
        return -1;
    }

    public int getUserType() throws SSOException {
        int userHighestAdminRole;
        AMAdminTypesManager.getInstance();
        if (this.dn.equalsIgnoreCase(AMAdminTypesManager.superAdmin)) {
            AMModelBase.debug.message("user dn equals super admin dn");
            userHighestAdminRole = 1;
        } else {
            Integer num = (Integer) AMAdminTypesManager.getEntry(this.token);
            if (num != null) {
                AMModelBase.debug.message("returning hashed user type");
                userHighestAdminRole = num.intValue();
            } else {
                String userAdminStartDN = getUserAdminStartDN();
                if (userAdminStartDN == null || userAdminStartDN.length() == 0 || userAdminStartDN.equalsIgnoreCase(this.dn)) {
                    userHighestAdminRole = getUserHighestAdminRole();
                } else {
                    AMModelBase.debug.message("start dn is assigned to user");
                    userHighestAdminRole = 2;
                }
            }
        }
        if (userHighestAdminRole == 3) {
            AMModelBase.debug.message("user has no admin privilege, end user admin page is shown");
        }
        AMAdminTypesManager.addEntry(this.token, new Integer(userHighestAdminRole));
        return userHighestAdminRole;
    }

    private String getUserAdminStartDN() {
        String str = null;
        try {
            str = this.userObj.getStringAttribute(AMAdminConstants.ADMIN_START_DN_ATTR);
            if (AMModelBase.debug.messageEnabled()) {
                AMModelBase.debug.message(new StringBuffer().append("AMAdminTypes, iplanet-am-user-admin-start-dn = ").append(str).toString());
                AMModelBase.debug.message(new StringBuffer().append("AMAdminTypes, user-dn = ").append(this.dn).toString());
            }
        } catch (AMException e) {
            if (AMModelBase.debug.warningEnabled()) {
                AMModelBase.debug.warning("AMAdminTypes.getUserAdminStartDN, user admin start-dn was null");
            }
        } catch (SSOException e2) {
            if (AMModelBase.debug.warningEnabled()) {
                AMModelBase.debug.warning("AMAdminTypes.getUserAdminStartDN, couldn't get user admin start-dn");
            }
        }
        return str;
    }

    private int getUserHighestAdminRole() {
        int i = 3;
        AMModelBase.debug.message("checking if user has any admin roles");
        if (this.dpsc != null) {
            try {
                Set roleDNs = this.userObj.getRoleDNs();
                roleDNs.addAll(this.userObj.getFilteredRoleDNs());
                Iterator it = roleDNs.iterator();
                while (it.hasNext() && i != 1) {
                    try {
                        int roleType = this.dpsc.getRole((String) it.next()).getRoleType();
                        if (roleType != 3) {
                            if (AMModelBase.debug.warningEnabled()) {
                                AMModelBase.debug.warning("AMAdminTypes.getUserOtherAdminRole, user is an administrator");
                            }
                            i = roleType;
                        }
                    } catch (AMException e) {
                        AMModelBase.debug.warning("AMAdminTypes.getUserHighestAdminRole", e);
                    }
                }
            } catch (AMException e2) {
                AMModelBase.debug.error("AMAdminTypes.getUserHighestAdminRole", e2);
            } catch (SSOException e3) {
                AMModelBase.debug.error("AMAdminTypes.getUserHighestAdminRole", e3);
            }
        }
        return i;
    }
}
