package com.sun.identity.console.idm.model;

import com.iplanet.am.util.Locale;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.console.base.model.AMAdminConstants;
import com.sun.identity.console.base.model.AMAdminUtils;
import com.sun.identity.console.base.model.AMConsoleException;
import com.sun.identity.console.base.model.AMFormatUtils;
import com.sun.identity.console.base.model.AMModelBase;
import com.sun.identity.console.delegation.model.DelegationConfig;
import com.sun.identity.console.property.PropertyXMLBuilder;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdOperation;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchControl;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.sm.AttributeSchema;
import com.sun.identity.sm.RequiredValueValidator;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.SchemaType;
import com.sun.identity.sm.ServiceManager;
import com.sun.identity.sm.ServiceSchema;
import com.sun.identity.sm.ServiceSchemaManager;
import java.text.MessageFormat;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:120955-01/SUNWamcon/reloc/SUNWam/console.war:WEB-INF/lib/console.jar:com/sun/identity/console/idm/model/EntitiesModelImpl.class */
public class EntitiesModelImpl extends AMModelBase implements EntitiesModel {
    private boolean endUser;
    private static SSOToken adminSSOToken = AMAdminUtils.getSuperAdminSSOToken();
    private static RequiredValueValidator reqValidator = new RequiredValueValidator();
    private Map requiredAttributeNames;

    public EntitiesModelImpl(HttpServletRequest httpServletRequest, Map map) {
        super(httpServletRequest, map);
        this.endUser = false;
        this.requiredAttributeNames = new HashMap();
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void setEndUser(boolean z) {
        this.endUser = z;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public IdSearchResults getEntityNames(String str, String str2, String str3) throws AMConsoleException {
        if (str == null) {
            str = "/";
        }
        int searchResultLimit = getSearchResultLimit();
        int searchTimeOutLimit = getSearchTimeOutLimit();
        String[] strArr = {str, str2, str3, Integer.toString(searchResultLimit), Integer.toString(searchTimeOutLimit)};
        try {
            AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(getUserSSOToken(), str);
            IdType type = IdUtils.getType(str2);
            IdSearchControl idSearchControl = new IdSearchControl();
            idSearchControl.setRecursive(true);
            idSearchControl.setMaxResults(searchResultLimit);
            idSearchControl.setTimeOut(searchTimeOutLimit);
            logEvent("ATTEMPT_SEARCH_IDENTITY", strArr);
            IdSearchResults searchIdentities = aMIdentityRepository.searchIdentities(type, str3, idSearchControl);
            logEvent("SUCCEED_SEARCH_IDENTITY", strArr);
            return searchIdentities;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_SEARCH_IDENTITY", new String[]{str, str2, str3, Integer.toString(searchResultLimit), Integer.toString(searchTimeOutLimit), getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getEntityNames", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_SEARCH_IDENTITY", new String[]{str, str2, str3, Integer.toString(searchResultLimit), Integer.toString(searchTimeOutLimit), getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getEntityNames", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getSpecialIdentities(String str, String str2) {
        HashSet hashSet = null;
        try {
            Set searchResults = new AMIdentityRepository(getUserSSOToken(), str).getSpecialIdentities(IdUtils.getType(str2)).getSearchResults();
            if (searchResults != null && !searchResults.isEmpty()) {
                hashSet = new HashSet(searchResults.size() * 2);
                Iterator it = searchResults.iterator();
                while (it.hasNext()) {
                    hashSet.add(((AMIdentity) it.next()).getName().toLowerCase());
                }
            }
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getSpecialIdentities", e);
        } catch (IdRepoException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getSpecialIdentities", e2);
        }
        return hashSet == null ? Collections.EMPTY_SET : hashSet;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getAttributeValues(String str, boolean z) throws AMConsoleException {
        String[] strArr = {str, "*"};
        logEvent("ATTEMPT_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            CaseInsensitiveHashMap caseInsensitiveHashMap = new CaseInsensitiveHashMap();
            caseInsensitiveHashMap.putAll(identity.getAttributes());
            HashMap hashMap = new HashMap();
            Set attributeSchemas = getAttributeSchemas(identity.getType().getName(), z);
            HashSet hashSet = new HashSet();
            Iterator it = attributeSchemas.iterator();
            while (it.hasNext()) {
                String name = ((AttributeSchema) it.next()).getName();
                if (caseInsensitiveHashMap.containsKey(name)) {
                    hashMap.put(name, caseInsensitiveHashMap.get(name));
                } else {
                    hashMap.put(name, Collections.EMPTY_SET);
                }
                hashSet.add(name);
            }
            Iterator it2 = hashMap.keySet().iterator();
            while (it2.hasNext()) {
                if (!hashSet.contains((String) it2.next())) {
                    it2.remove();
                }
            }
            logEvent("SUCCEED_READ_IDENTITY_ATTRIBUTE_VALUE", strArr);
            return hashMap;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, "*", getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAttributeValues", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, "*", getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAttributeValues", e2);
            throw new AMConsoleException(getErrorString(e2));
        } catch (SMSException e3) {
            logEvent("SMS_EXCEPTION_READ_IDENTITY_ATTRIBUTE_VALUE", new String[]{str, "*", getErrorString(e3)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAttributeValues", e3);
            throw new AMConsoleException(getErrorString(e3));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public String getPropertyXMLString(String str, String str2, boolean z, String str3) throws AMConsoleException {
        setLocationDN(str);
        String str4 = null;
        try {
            Set attributeSchemas = getAttributeSchemas(str2, z);
            PropertyXMLBuilder propertyXMLBuilder = new PropertyXMLBuilder(getSvcNameForIdType(str2), this, attributeSchemas);
            cacheAttributeValidators(attributeSchemas);
            if (!z && !DelegationConfig.getInstance().hasPermission(str, (String) null, "MODIFY", this, str3)) {
                propertyXMLBuilder.setAllAttributeReadOnly(true);
            }
            str4 = propertyXMLBuilder.getXML();
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getPropertyXMLString", e);
        } catch (AMConsoleException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getPropertyXMLString", e2);
        } catch (IdRepoException e3) {
            AMModelBase.debug.warning("EntitiesModelImpl.getPropertyXMLString", e3);
        } catch (SMSException e4) {
            AMModelBase.debug.warning("EntitiesModelImpl.getPropertyXMLString", e4);
        }
        if (z) {
            String stringFromInputStream = AMAdminUtils.getStringFromInputStream(getClass().getClassLoader().getResourceAsStream("com/sun/identity/console/propertyEntitiesAdd.xml"));
            return str4 != null ? PropertyXMLBuilder.prependXMLProperty(str4, stringFromInputStream) : PropertyXMLBuilder.formPropertySheetXML(stringFromInputStream);
        }
        String stringFromInputStream2 = AMAdminUtils.getStringFromInputStream(getClass().getClassLoader().getResourceAsStream("com/sun/identity/console/propertyEntitiesEdit.xml"));
        return str4 != null ? PropertyXMLBuilder.appendXMLProperty(str4, stringFromInputStream2) : PropertyXMLBuilder.formPropertySheetXML(stringFromInputStream2, true);
    }

    private void cacheAttributeValidators(Set set) {
        if (set == null || set.isEmpty()) {
            return;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            AttributeSchema attributeSchema = (AttributeSchema) it.next();
            if (isRequiredAttribute(attributeSchema)) {
                this.requiredAttributeNames.put(attributeSchema.getName(), attributeSchema);
            }
        }
    }

    private boolean isRequiredAttribute(AttributeSchema attributeSchema) {
        boolean z = false;
        String any = attributeSchema.getAny();
        if (any != null && any.trim().length() > 0) {
            StringTokenizer stringTokenizer = new StringTokenizer(any, "|");
            while (stringTokenizer.hasMoreTokens() && !z) {
                z = stringTokenizer.nextToken().equals("required");
            }
        }
        return z;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getDefaultAttributeValues(String str, boolean z) throws AMConsoleException {
        try {
            Set<AttributeSchema> attributeSchemas = getAttributeSchemas(str, z);
            HashMap hashMap = new HashMap(attributeSchemas.size() * 2);
            for (AttributeSchema attributeSchema : attributeSchemas) {
                hashMap.put(attributeSchema.getName(), attributeSchema.getDefaultValues());
            }
            return hashMap;
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultAttributeValues", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultAttributeValues", e2);
            throw new AMConsoleException(getErrorString(e2));
        } catch (SMSException e3) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultAttributeValues", e3);
            throw new AMConsoleException(getErrorString(e3));
        }
    }

    private Set getAttributeSchemas(String str, boolean z) throws SMSException, SSOException, IdRepoException {
        Set set = null;
        String svcNameForIdType = getSvcNameForIdType(str);
        if (svcNameForIdType != null) {
            ServiceSchema schema = new ServiceSchemaManager(svcNameForIdType, getUserSSOToken()).getSchema(str);
            set = schema != null ? schema.getAttributeSchemas() : Collections.EMPTY_SET;
            if (z) {
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    Set delimitedValues = AMAdminUtils.getDelimitedValues(((AttributeSchema) it.next()).getAny(), "|");
                    if (!delimitedValues.contains("required") && !delimitedValues.contains("optional")) {
                        it.remove();
                    }
                }
            }
            if (this.endUser) {
                Iterator it2 = set.iterator();
                while (it2.hasNext()) {
                    if (AMAdminUtils.getDelimitedValues(((AttributeSchema) it2.next()).getAny(), "|").contains("adminDisplay")) {
                        it2.remove();
                    }
                }
            }
            PropertyXMLBuilder.filterHiddenAttributes(set);
            beforeDisplay(str, set);
        }
        return set != null ? set : Collections.EMPTY_SET;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void createEntity(String str, String str2, String str3, Map map) throws AMConsoleException {
        if (str2.trim().length() == 0) {
            throw new AMConsoleException(MessageFormat.format(getLocalizedString("entities.missing.entityName"), getLocalizedString(str3)));
        }
        if (str == null) {
            str = "/";
        }
        validateAttributes(map);
        try {
            String[] strArr = {str2, str3, str};
            logEvent("ATTEMPT_IDENTITY_CREATION", strArr);
            AMIdentityRepository aMIdentityRepository = new AMIdentityRepository(getUserSSOToken(), str);
            beforeCreate(str3, str2, map);
            aMIdentityRepository.createIdentity(IdUtils.getType(str3), str2, map);
            logEvent("IDENTITY_CREATED", strArr);
        } catch (SSOException e) {
            String errorString = getErrorString(e);
            logEvent("SSO_EXCEPTION_IDENTITY_CREATION", new String[]{str2, str3, str, errorString});
            throw new AMConsoleException(errorString);
        } catch (IdRepoException e2) {
            String errorString2 = getErrorString(e2);
            logEvent("IDM_EXCEPTION_IDENTITY_CREATION", new String[]{str2, str3, str, errorString2});
            throw new AMConsoleException(errorString2);
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void modifyEntity(String str, String str2, Map map) throws AMConsoleException {
        if (map == null || map.isEmpty()) {
            return;
        }
        validateAttributes(map);
        String string = AMAdminUtils.getString(map.keySet(), ",", false);
        String[] strArr = {str2, string};
        try {
            logEvent("ATTEMPT_MODIFY_IDENTITY_ATTRIBUTE_VALUE", strArr);
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str2);
            beforeModify(identity.getType().getName(), identity.getName(), map);
            identity.setAttributes(map);
            identity.store();
            logEvent("SUCCEED_MODIFY_IDENTITY_ATTRIBUTE_VALUE", strArr);
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_MODIFY_IDENTITY_ATTRIBUTE_VALUE", new String[]{str2, string, getErrorString(e)});
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_MODIFY_IDENTITY_ATTRIBUTE_VALUE", new String[]{str2, string, getErrorString(e2)});
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    private void validateAttributes(Map map) throws AMConsoleException {
        for (String str : map.keySet()) {
            if (this.requiredAttributeNames.keySet().contains(str) && !reqValidator.validate((Set) map.get(str))) {
                AttributeSchema attributeSchema = (AttributeSchema) this.requiredAttributeNames.get(str);
                throw new AMConsoleException(MessageFormat.format(getLocalizedString("entity-values-missing"), Locale.getString(getServiceResourceBundle(attributeSchema.getServiceSchema().getServiceName()), attributeSchema.getI18NKey(), AMModelBase.debug)));
            }
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void deleteEntities(String str, String str2, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            return;
        }
        String commaSeparatedFormat = AMFormatUtils.toCommaSeparatedFormat(set);
        String[] strArr = {str, commaSeparatedFormat};
        logEvent("ATTEMPT_DELETE_IDENTITY", strArr);
        try {
            new AMIdentityRepository(getUserSSOToken(), str).deleteIdentities(IdUtils.getType(str2), getAMIdentity(set));
            logEvent("SUCCEED_DELETE_IDENTITY", strArr);
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_DELETE_IDENTITY", new String[]{str, commaSeparatedFormat, getErrorString(e)});
            AMModelBase.debug.error("EntitiesModelImpl.deleteEntities", e);
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_DELETE_IDENTITY", new String[]{str, commaSeparatedFormat, getErrorString(e2)});
            AMModelBase.debug.error("EntitiesModelImpl.deleteEntities", e2);
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public boolean canAssignService(String str, String str2) {
        boolean z = false;
        try {
            z = new AMIdentityRepository(adminSSOToken, str).getAllowedIdOperations(IdUtils.getType(str2)).contains(IdOperation.SERVICE);
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.canAssignService", e);
        } catch (IdRepoException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.canAssignService", e2);
        }
        return z;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getIdTypeMemberOf(String str, String str2) throws AMConsoleException {
        try {
            IdType type = IdUtils.getType(str2);
            HashSet hashSet = new HashSet();
            hashSet.addAll(type.canBeMemberOf());
            discardUnsupportedIdType(str, hashSet);
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                if (!((IdType) it.next()).canAddMembers().contains(type)) {
                    it.remove();
                }
            }
            return hashSet;
        } catch (IdRepoException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getIdTypeMemberOf", e);
            throw new AMConsoleException(getErrorString(e));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getIdTypeBeMemberOf(String str, String str2) throws AMConsoleException {
        try {
            IdType type = IdUtils.getType(str2);
            HashSet hashSet = new HashSet();
            hashSet.addAll(type.canHaveMembers());
            discardUnsupportedIdType(str, hashSet);
            return hashSet;
        } catch (IdRepoException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getIdTypeBeMemberOf", e);
            throw new AMConsoleException(getErrorString(e));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public boolean canAddMember(String str, String str2, String str3) throws AMConsoleException {
        try {
            return IdUtils.getType(str2).canAddMembers().contains(IdUtils.getType(str3));
        } catch (IdRepoException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.canAddMember", e);
            throw new AMConsoleException(getErrorString(e));
        }
    }

    private void discardUnsupportedIdType(String str, Set set) {
        if (set == null || set.isEmpty()) {
            return;
        }
        Set keySet = getSupportedEntityTypes(str).keySet();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            if (!keySet.contains(((IdType) it.next()).getName())) {
                it.remove();
            }
        }
    }

    private Set getAMIdentity(Set set) throws IdRepoException {
        HashSet hashSet = new HashSet(set.size() * 2);
        SSOToken userSSOToken = getUserSSOToken();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(IdUtils.getIdentity(userSSOToken, (String) it.next()));
        }
        return hashSet;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public String getServiceNameForIdType(String str) {
        String str2 = null;
        try {
            str2 = getSvcNameForIdType(str);
        } catch (IdRepoException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getServiceNameForIdType", e);
        }
        return str2;
    }

    private String getSvcNameForIdType(String str) throws IdRepoException {
        String serviceName = IdUtils.getServiceName(IdUtils.getType(str));
        if ((serviceName == null || serviceName.trim().length() == 0) && ServiceManager.isCoexistenceMode()) {
            serviceName = BackwardCompSupport.getInstance().getServiceName(str);
        }
        return serviceName;
    }

    private void beforeDisplay(String str, Set set) throws IdRepoException {
        BackwardCompSupport.getInstance().beforeDisplay(str, set);
    }

    private void beforeModify(String str, String str2, Map map) throws IdRepoException {
    }

    private void beforeCreate(String str, String str2, Map map) throws IdRepoException {
        BackwardCompSupport.getInstance().beforeCreate(str, str2, map);
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getMembership(String str, String str2, String str3) throws AMConsoleException {
        String[] strArr = {str2, str3};
        logEvent("ATTEMPT_READ_IDENTITY_MEMBERSHIP", strArr);
        try {
            Set memberships = IdUtils.getIdentity(getUserSSOToken(), str2).getMemberships(IdUtils.getType(str3));
            logEvent("SUCCEED_READ_IDENTITY_MEMBERSHIP", strArr);
            return memberships;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_MEMBERSHIP", new String[]{str2, str3, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getMembership", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_MEMBERSHIP", new String[]{str2, str3, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getMembership", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getMembers(String str, String str2, String str3) throws AMConsoleException {
        String[] strArr = {str2, str3};
        logEvent("ATTEMPT_READ_IDENTITY_MEMBER", strArr);
        try {
            Set members = IdUtils.getIdentity(getUserSSOToken(), str2).getMembers(IdUtils.getType(str3));
            logEvent("SUCCEED_READ_IDENTITY_MEMBER", strArr);
            return members;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_MEMBER", new String[]{str2, str3, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getMembers", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_MEMBER", new String[]{str2, str3, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getMembers", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void addMemberships(String str, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            throw new AMConsoleException("entities.membership.add.no.selection.message");
        }
        SSOToken userSSOToken = getUserSSOToken();
        String str2 = "";
        try {
            AMIdentity identity = IdUtils.getIdentity(userSSOToken, str);
            String[] strArr = new String[2];
            strArr[1] = str;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                AMIdentity identity2 = IdUtils.getIdentity(userSSOToken, str3);
                str2 = str3;
                strArr[0] = str3;
                logEvent("ATTEMPT_ADD_IDENTITY_MEMBER", strArr);
                identity2.addMember(identity);
                logEvent("SUCCEED_ADD_IDENTITY_MEMBER", strArr);
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_ADD_IDENTITY_MEMBER", new String[]{str2, str, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.addMemberships", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_ADD_IDENTITY_MEMBER", new String[]{str2, str, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.addMemberships", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void addMembers(String str, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            throw new AMConsoleException("entities.members.add.no.selection.message");
        }
        SSOToken userSSOToken = getUserSSOToken();
        String str2 = "";
        try {
            AMIdentity identity = IdUtils.getIdentity(userSSOToken, str);
            String[] strArr = new String[2];
            strArr[0] = str;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                AMIdentity identity2 = IdUtils.getIdentity(userSSOToken, str3);
                str2 = str3;
                strArr[1] = str3;
                logEvent("ATTEMPT_ADD_IDENTITY_MEMBER", strArr);
                identity.addMember(identity2);
                logEvent("SUCCEED_ADD_IDENTITY_MEMBER", strArr);
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_ADD_IDENTITY_MEMBER", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.addMembers", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_ADD_IDENTITY_MEMBER", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.addMembers", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void removeMemberships(String str, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            throw new AMConsoleException("entities.membership.remove.no.selection.message");
        }
        SSOToken userSSOToken = getUserSSOToken();
        String str2 = "";
        try {
            AMIdentity identity = IdUtils.getIdentity(userSSOToken, str);
            String[] strArr = new String[2];
            strArr[1] = str;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                AMIdentity identity2 = IdUtils.getIdentity(userSSOToken, str3);
                str2 = str3;
                strArr[0] = str3;
                logEvent("ATTEMPT_REMOVE_IDENTITY_MEMBER", strArr);
                identity2.removeMember(identity);
                logEvent("SUCCEED_REMOVE_IDENTITY_MEMBER", strArr);
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_REMOVE_IDENTITY_MEMBER", new String[]{str2, str, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.removeMemberships", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_REMOVE_IDENTITY_MEMBER", new String[]{str2, str, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.removeMemberships", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void removeMembers(String str, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            throw new AMConsoleException("entities.members.remove.no.selection.message");
        }
        SSOToken userSSOToken = getUserSSOToken();
        String str2 = "";
        try {
            AMIdentity identity = IdUtils.getIdentity(userSSOToken, str);
            String[] strArr = new String[2];
            strArr[0] = str;
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                AMIdentity identity2 = IdUtils.getIdentity(userSSOToken, str3);
                str2 = str3;
                strArr[1] = str3;
                logEvent("ATTEMPT_REMOVE_IDENTITY_MEMBER", strArr);
                identity.removeMember(identity2);
                logEvent("SUCCEED_REMOVE_IDENTITY_MEMBER", strArr);
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_REMOVE_IDENTITY_MEMBER", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.removeMembers", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_REMOVE_IDENTITY_MEMBER", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.removeMembers", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getAssignedMemberships(String str, Set set) throws AMConsoleException {
        HashSet hashSet = new HashSet(set.size() * 2);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Iterator it = set.iterator();
            while (it.hasNext()) {
                AMIdentity aMIdentity = (AMIdentity) it.next();
                if (identity.isMember(aMIdentity)) {
                    hashSet.add(aMIdentity);
                }
            }
            return hashSet;
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedMemberships", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedMemberships", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Set getAssignedMembers(String str, Set set) throws AMConsoleException {
        HashSet hashSet = new HashSet(set.size() * 2);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Iterator it = set.iterator();
            while (it.hasNext()) {
                AMIdentity aMIdentity = (AMIdentity) it.next();
                if (aMIdentity.isMember(identity)) {
                    hashSet.add(aMIdentity);
                }
            }
            return hashSet;
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedMembers", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedMembers", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getAssignedServiceNames(String str) throws AMConsoleException {
        String[] strArr = {str};
        logEvent("ATTEMPT_READ_IDENTITY_ASSIGNED_SERVICE", strArr);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Set assignedServices = identity.getAssignedServices();
            if (identity.getType().equals(IdType.USER)) {
                assignedServices.remove(AMAdminConstants.USER_SERVICE);
                assignedServices.remove("iPlanetAMAuthConfiguration");
            }
            Map localizedServiceNames = getLocalizedServiceNames(assignedServices);
            logEvent("SUCCEED_READ_IDENTITY_ASSIGNED_SERVICE", strArr);
            return localizedServiceNames != null ? localizedServiceNames : Collections.EMPTY_MAP;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_ASSIGNED_SERVICE", new String[]{str, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedServiceNames", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_ASSIGNED_SERVICE", new String[]{str, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignedServiceNames", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getAssignableServiceNames(String str) throws AMConsoleException {
        String[] strArr = {str};
        logEvent("ATTEMPT_READ_IDENTITY_ASSIGNABLE_SERVICE", strArr);
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Set assignableServices = identity.getAssignableServices();
            if (identity.getType().equals(IdType.USER)) {
                assignableServices.remove(AMAdminConstants.USER_SERVICE);
                assignableServices.remove("iPlanetAMAuthConfiguration");
                assignableServices.remove("iPlanetAMSAMLService");
            }
            discardServicesWithoutAttributeSchema(assignableServices, identity);
            Map localizedServiceNames = getLocalizedServiceNames(assignableServices);
            logEvent("SUCCEED_READ_IDENTITY_ASSIGNABLE_SERVICE", strArr);
            return localizedServiceNames != null ? localizedServiceNames : Collections.EMPTY_MAP;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_READ_IDENTITY_ASSIGNABLE_SERVICE", new String[]{str, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignableServiceNames", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_READ_IDENTITY_ASSIGNABLE_SERVICE", new String[]{str, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getAssignableServiceNames", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    private void discardServicesWithoutAttributeSchema(Set set, AMIdentity aMIdentity) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (getServicePropertiesViewBeanURL(str) == null) {
                Set attributeSchemas = AMAdminUtils.getSchemaSchema(str, aMIdentity.getType()).getAttributeSchemas();
                if (attributeSchemas == null || attributeSchemas.isEmpty()) {
                    it.remove();
                } else if (!hasI18nKeys(attributeSchemas)) {
                    it.remove();
                }
            }
        }
    }

    private boolean hasI18nKeys(Set set) {
        boolean z = false;
        Iterator it = set.iterator();
        while (it.hasNext() && !z) {
            String i18NKey = ((AttributeSchema) it.next()).getI18NKey();
            z = i18NKey != null && i18NKey.length() > 0;
        }
        return z;
    }

    private Map getLocalizedServiceNames(Set set) {
        HashMap hashMap = null;
        if (set != null && !set.isEmpty()) {
            hashMap = new HashMap(set.size() * 2);
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                String localizedServiceName = getLocalizedServiceName(str);
                if (!localizedServiceName.equals(str)) {
                    hashMap.put(str, localizedServiceName);
                }
            }
        }
        return hashMap == null ? Collections.EMPTY_MAP : hashMap;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public String getServicePropertySheetXML(String str, String str2, IdType idType, boolean z, String str3) throws AMConsoleException {
        setLocationDN(str);
        DelegationConfig delegationConfig = DelegationConfig.getInstance();
        try {
            ServiceSchema schemaSchema = AMAdminUtils.getSchemaSchema(str2, idType);
            HashSet hashSet = new HashSet(2);
            hashSet.add(schemaSchema.getServiceType());
            PropertyXMLBuilder propertyXMLBuilder = new PropertyXMLBuilder(str2, hashSet, this);
            if (!z && !delegationConfig.hasPermission(str, str2, "MODIFY", this, str3)) {
                propertyXMLBuilder.setAllAttributeReadOnly(true);
            }
            return propertyXMLBuilder.getXML();
        } catch (SSOException e) {
            throw new AMConsoleException(getErrorString(e));
        } catch (SMSException e2) {
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void assignService(String str, String str2, Map map) throws AMConsoleException {
        try {
            String[] strArr = {str, str2};
            logEvent("ATTEMPT_IDENTITY_ASSIGN_SERVICE", strArr);
            IdUtils.getIdentity(getUserSSOToken(), str).assignService(str2, map);
            logEvent("SUCCEED_IDENTITY_ASSIGN_SERVICE", strArr);
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_IDENTITY_ASSIGN_SERVICE", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.assignService", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            AMModelBase.debug.error("EntitiesModelImpl.assignService", e2);
            logEvent("IDM_EXCEPTION_IDENTITY_ASSIGN_SERVICE", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.assignService", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getDefaultValues(String str, String str2) throws AMConsoleException {
        try {
            ServiceSchemaManager serviceSchemaManager = new ServiceSchemaManager(str2, getUserSSOToken());
            Set<AttributeSchema> attributeSchemas = serviceSchemaManager.getSchema(serviceSchemaManager.getSchema(str).getServiceType()).getAttributeSchemas();
            HashMap hashMap = new HashMap(attributeSchemas.size() * 2);
            for (AttributeSchema attributeSchema : attributeSchemas) {
                String i18NKey = attributeSchema.getI18NKey();
                if (i18NKey != null && i18NKey.trim().length() > 0) {
                    Set defaultValues = attributeSchema.getDefaultValues();
                    if (defaultValues == null || defaultValues.isEmpty()) {
                        hashMap.put(attributeSchema.getName(), Collections.EMPTY_SET);
                    } else {
                        hashMap.put(attributeSchema.getName(), defaultValues);
                    }
                }
            }
            return hashMap != null ? hashMap : Collections.EMPTY_MAP;
        } catch (SSOException e) {
            throw new AMConsoleException(getErrorString(e));
        } catch (SMSException e2) {
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void unassignServices(String str, Set set) throws AMConsoleException {
        if (set == null || set.isEmpty()) {
            return;
        }
        String[] strArr = new String[2];
        strArr[0] = str;
        String str2 = "";
        try {
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Iterator it = set.iterator();
            while (it.hasNext()) {
                str2 = (String) it.next();
                strArr[1] = str2;
                logEvent("ATTEMPT_IDENTITY_UNASSIGN_SERVICE", strArr);
                identity.unassignService(str2);
                logEvent("SUCCEED_IDENTITY_UNASSIGN_SERVICE", strArr);
            }
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_IDENTITY_UNASSIGN_SERVICE", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.unassignServices", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_IDENTITY_UNASSIGN_SERVICE", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.unassignServices", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public String getPropertiesViewBean(String str) {
        String str2 = null;
        try {
            Iterator it = new ServiceSchemaManager(str, adminSSOToken).getSchema(SchemaType.USER).getAttributeSchemas().iterator();
            while (it.hasNext() && str2 == null) {
                AttributeSchema attributeSchema = (AttributeSchema) it.next();
                if (attributeSchema.getName().equals(str)) {
                    str2 = attributeSchema.getPropertiesViewBeanURL();
                }
            }
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultValues", e);
        } catch (SMSException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultValues", e2);
        }
        return str2;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public Map getServiceAttributeValues(String str, String str2) throws AMConsoleException {
        try {
            String[] strArr = {str, str2};
            logEvent("ATTEMPT_IDENTITY_READ_SERVICE_ATTRIBUTE_VALUES", strArr);
            AMIdentity identity = IdUtils.getIdentity(getUserSSOToken(), str);
            Map correctAttributeNames = correctAttributeNames(identity, str2, identity.getServiceAttributes(str2));
            logEvent("SUCCEED_IDENTITY_READ_SERVICE_ATTRIBUTE_VALUES", strArr);
            return correctAttributeNames != null ? correctAttributeNames : Collections.EMPTY_MAP;
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_IDENTITY_READ_SERVICE_ATTRIBUTE_VALUES", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.getServiceAttributeValues", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_IDENTITY_READ_SERVICE_ATTRIBUTE_VALUES", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.getServiceAttributeValues", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    private Map correctAttributeNames(AMIdentity aMIdentity, String str, Map map) {
        HashMap hashMap = new HashMap(map.size());
        Set attributeSchemas = AMAdminUtils.getSchemaSchema(str, aMIdentity.getType()).getAttributeSchemas();
        new HashSet().add("");
        if (attributeSchemas != null && !attributeSchemas.isEmpty()) {
            Iterator it = attributeSchemas.iterator();
            while (it.hasNext()) {
                String name = ((AttributeSchema) it.next()).getName();
                Object obj = map.get(name.toLowerCase());
                if (obj != null) {
                    hashMap.put(name, obj);
                }
            }
        }
        return hashMap;
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public void setServiceAttributeValues(String str, String str2, Map map) throws AMConsoleException {
        if (map == null || map.isEmpty()) {
            return;
        }
        try {
            String[] strArr = {str, str2};
            logEvent("ATTEMPT_IDENTITY_WRITE_SERVICE_ATTRIBUTE_VALUES", strArr);
            IdUtils.getIdentity(getUserSSOToken(), str).modifyService(str2, map);
            logEvent("SUCCEED_IDENTITY_WRITE_SERVICE_ATTRIBUTE_VALUES", strArr);
        } catch (SSOException e) {
            logEvent("SSO_EXCEPTION_IDENTITY_WRITE_SERVICE_ATTRIBUTE_VALUES", new String[]{str, str2, getErrorString(e)});
            AMModelBase.debug.warning("EntitiesModelImpl.setServiceAttributeValues", e);
            throw new AMConsoleException(getErrorString(e));
        } catch (IdRepoException e2) {
            logEvent("IDM_EXCEPTION_IDENTITY_WRITE_SERVICE_ATTRIBUTE_VALUES", new String[]{str, str2, getErrorString(e2)});
            AMModelBase.debug.warning("EntitiesModelImpl.setServiceAttributeValues", e2);
            throw new AMConsoleException(getErrorString(e2));
        }
    }

    @Override // com.sun.identity.console.idm.model.EntitiesModel
    public boolean hasUserAttributeSchema(String str) {
        Set attributeSchemas;
        boolean z = false;
        try {
            ServiceSchema schema = new ServiceSchemaManager(str, getUserSSOToken()).getSchema(SchemaType.USER);
            if (schema != null && (attributeSchemas = schema.getAttributeSchemas()) != null && !attributeSchemas.isEmpty()) {
                Iterator it = attributeSchemas.iterator();
                while (it.hasNext() && !z) {
                    String i18NKey = ((AttributeSchema) it.next()).getI18NKey();
                    z = i18NKey != null && i18NKey.trim().length() > 0;
                }
            }
        } catch (SSOException e) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultValues", e);
        } catch (SMSException e2) {
            AMModelBase.debug.warning("EntitiesModelImpl.getDefaultValues", e2);
        }
        return z;
    }
}
