package com.ibm.ws.management.configarchive;

import com.ibm.ISecurityUtilityImpl.MechanismFactory;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.CommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigDataNotFoundException;
import com.ibm.websphere.management.metadata.ManagedObjectMetadataHelper;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.serverindex.ServerIndex;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.configservice.MOFUtil;
import com.ibm.ws.management.configservice.WorkspaceHelper;
import com.ibm.ws.management.metadata.ManagedObjectMetadataUtilities;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.common.util.MergeSecurityConfig;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.metadata.RepositoryMetaData;
import com.ibm.ws.sm.workspace.metadata.RepositoryMetaDataFactory;
import com.ibm.ws.ssl.config.ManagementScopeManager;
import com.ibm.ws.workspace.query.WorkSpaceQueryUtil;
import com.ibm.wsspi.configarchive.ConfigArchiveException;
import com.ibm.wsspi.configarchive.ImportStep;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.management.AttributeList;
import javax.management.ObjectName;
import org.eclipse.osgi.framework.internal.core.Constants;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.services.jar:com/ibm/ws/management/configarchive/AddNodeSecurityExt.class */
public class AddNodeSecurityExt extends ImportStep {
    private static TraceComponent tc = Tr.register(AddNodeSecurityExt.class, "configarchive", "com.ibm.ws.management.resources.configarchive");

    public AddNodeSecurityExt(AbstractTaskCommand abstractTaskCommand, CommandMetadata commandMetadata) {
        super(abstractTaskCommand, commandMetadata);
    }

    public AddNodeSecurityExt(AbstractTaskCommand abstractTaskCommand, CommandData commandData) throws CommandNotFoundException {
        super(abstractTaskCommand, commandData);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractCommandStep
    public void executeStep() {
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) this.taskCmd.getTaskCommandResult();
        if (taskCommandResultImpl.isSuccessful()) {
            try {
                super.executeStep();
                Session configSession = getConfigSession();
                Session configArchiveSession = getConfigArchiveSession();
                Security security = getSecurity(configSession);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cellSecurity: ", security);
                }
                Security security2 = getSecurity(configArchiveSession);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "nodeSecurity: ", security2);
                }
                String hostName = getServerIndex(configArchiveSession).getHostName();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "nodeHostName: ", hostName);
                }
                String str = (String) this.taskCmd.getParameter("nodeName");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "nodeName: ", str);
                }
                String path = WorkspaceHelper.getWorkspace(configSession).getPath();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "workspace path: ", path);
                }
                String path2 = WorkspaceHelper.getWorkspace(configArchiveSession).getPath();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "workspace (archive) path: ", path2);
                }
                ManagedObjectMetadataHelper metadataHelper = WorkspaceHelper.getWorkspace(configSession).getMetadataHelper();
                String nodePlatformOS = metadataHelper.getNodePlatformOS(str);
                String property = System.getProperty(Constants.JVM_OS_NAME);
                if (property != null) {
                    property = ManagedObjectMetadataUtilities.normalizeOSName(property);
                }
                if (property == null) {
                    property = "windows";
                }
                if (nodePlatformOS == null) {
                    nodePlatformOS = property;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "nodeOS", nodePlatformOS);
                }
                Properties properties = (Properties) this.taskCmd.getParameter("options");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "adminProperties: " + properties);
                }
                String property2 = properties.getProperty("oldCellName");
                String property3 = properties.getProperty("excludesecuritydomains");
                boolean z = false;
                if (metadataHelper.compareNodeVersion(str, MechanismFactory.UnauthenticatedOverSSL) == -1) {
                    z = true;
                }
                String nodeBaseProductVersion = metadataHelper.getNodeBaseProductVersion(str);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "isOlderThan61Node ", Boolean.toString(z));
                }
                MergeSecurityConfig.merge(path2, path, security, security2, str, hostName, property, nodePlatformOS, z, AdminServiceFactory.getAdminService().getNodeName(), nodeBaseProductVersion);
                security.eResource().save(Collections.EMPTY_MAP);
                if (property3 == null || !property3.equals("true")) {
                    changeSecurityDomainInfo(configArchiveSession, property2);
                }
                copyWasPolicies(configSession, configArchiveSession);
            } catch (Throwable th) {
                FFDCFilter.processException(th, "com.ibm.ws.management.configarchive.AddNodeSecurityExt.executeStep", "48");
                taskCommandResultImpl.setException(new ConfigArchiveException(th, "mergeSecurity step failed"));
            }
        }
    }

    private void copyWasPolicies(Session session, Session session2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "copyWasPolicies", new Object[]{session, session2});
        }
        RepositoryContext repositoryContext = null;
        WorkSpace workspace = WorkspaceHelper.getWorkspace(session2);
        WorkSpace workspace2 = WorkspaceHelper.getWorkspace(session);
        RepositoryMetaData repositoryMetaData = RepositoryMetaDataFactory.getRepositoryMetaData();
        Collection findContext = workspace.getRootContext().findContext(repositoryMetaData.getContextType("waspolicies"));
        if (findContext != null && findContext.size() > 0) {
            repositoryContext = (RepositoryContext) findContext.iterator().next();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "policies context in archive ", repositoryContext);
        }
        if (repositoryContext != null) {
            Collection findContext2 = workspace2.getRootContext().findContext(repositoryMetaData.getContextType("waspolicies"));
            if (findContext2 == null || findContext2.size() <= 0) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "copying policies context from archive ", repositoryContext);
                }
                ConfigArchiveUtils.copyContext(workspace2.getRootContext(), repositoryContext, "default");
            } else {
                RepositoryContext repositoryContext2 = (RepositoryContext) findContext2.iterator().next();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "policies context in dmgr ", repositoryContext2);
                }
                Collection<RepositoryContext> findContext3 = repositoryContext.findContext(repositoryMetaData.getContextType("securitydomains"));
                if (findContext3 != null) {
                    for (RepositoryContext repositoryContext3 : findContext3) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "securitydomain context in archive ", repositoryContext3);
                        }
                        if (contextExists(repositoryMetaData, repositoryContext3.getName(), repositoryContext2, "securitydomains")) {
                            throw new Exception("SecurityDomain already exists in dmgr : " + repositoryContext3.getName());
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "copying securitydomain context from archive ", repositoryContext3.getName());
                        }
                        ConfigArchiveUtils.copyContext(repositoryContext2, repositoryContext3, repositoryContext3.getName());
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "copyWasPolicies");
        }
    }

    private boolean contextExists(RepositoryMetaData repositoryMetaData, String str, RepositoryContext repositoryContext, String str2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "contextExists", new Object[]{str, repositoryContext, str2});
        }
        boolean z = false;
        Collection findContext = repositoryContext.findContext(repositoryMetaData.getContextType(str2));
        if (findContext != null) {
            Iterator it = findContext.iterator();
            while (it.hasNext()) {
                if (((RepositoryContext) it.next()).getName().equals(str)) {
                    z = true;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "contextExists", new Boolean(z));
        }
        return z;
    }

    private void changeSecurityDomainInfo(Session session, String str) throws Exception {
        int indexOf;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "changeSecurityDomainInfo");
        }
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            ObjectName[] resolve = configService.resolve(session, "SecurityDomain");
            if (tc.isDebugEnabled() && resolve != null && resolve.length > 0) {
                Tr.debug(tc, "number of security domains = " + resolve.length);
            }
            for (ObjectName objectName : resolve) {
                List<AttributeList> list = null;
                try {
                    list = (List) configService.getAttribute(session, objectName, "members");
                } catch (ConfigDataNotFoundException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception getting resource names " + e);
                    }
                    FFDCFilter.processException(e, "com.ibm.ws.management.configarchive.AddNodeSecurityExt.changeSecurityDomainInfo", "252");
                }
                if (list != null) {
                    for (AttributeList attributeList : list) {
                        String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, CommonConstants.RESOURCE_NAME);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "resourceName = " + str2);
                        }
                        if (str2 != null && str2.contains(str)) {
                            String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, CommonConstants.RESOURCE_TYPE);
                            if (str3 != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "resourceType " + str3);
                                }
                                configService.deleteConfigData(session, ConfigServiceHelper.createObjectName(attributeList));
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "deletedOldConfigData");
                                }
                                String cellName = ManagementScopeManager.getInstance().getCellName();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "new cellName = " + cellName);
                                }
                                String replaceFirst = str2.replaceFirst(str, cellName);
                                if (str3.equalsIgnoreCase("Cell")) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "about to handle case of a cell-wide domain from the added node");
                                    }
                                    String str4 = ConfigArchiveUtils.addNodeServerName;
                                    if (str4 != null && str4.length() > 0 && (indexOf = str4.indexOf("/nodes/")) >= 0) {
                                        replaceFirst = replaceFirst + str4.substring(indexOf);
                                        str3 = "Server";
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "changed resource type in the domain mapping file to: " + str3);
                                        }
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "changed resource name in the domain mapping file to: " + replaceFirst);
                                        }
                                    }
                                }
                                AttributeList attributeList2 = new AttributeList();
                                ConfigServiceHelper.setAttributeValue(attributeList2, CommonConstants.RESOURCE_NAME, replaceFirst);
                                ConfigServiceHelper.setAttributeValue(attributeList2, CommonConstants.RESOURCE_TYPE, str3);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "creating new configData using " + replaceFirst);
                                }
                                configService.createConfigData(session, objectName, "members", "SecurityDomainMember", attributeList2);
                            }
                        }
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "changeSecurityDomainInfo");
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.management.configarchive.AddNodeSecurityExt.changeSecurityDomainInfo", "312");
            throw e2;
        }
    }

    private Security getSecurity(Session session) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurity");
        }
        Security security = (Security) MOFUtil.convertToEObject(session, ConfigServiceFactory.getConfigService().resolve(session, null, "Cell=:Security=")[0]);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurity", security);
        }
        return security;
    }

    private ServerIndex getServerIndex(Session session) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerIndex");
        }
        ConfigService configService = ConfigServiceFactory.getConfigService();
        ServerIndex serverIndex = (ServerIndex) MOFUtil.convertToEObject(session, configService.getRelationship(session, configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Node"), null)[0], WorkSpaceQueryUtil.SERVER_INDEX_TYPE)[0]);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerIndex", serverIndex);
        }
        return serverIndex;
    }
}
