package com.ibm.ws.security.admintask.migrate;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.CommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand;
import com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.websphere.models.config.security.SecurityCommon;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.commands.properties.PropertiesBasedConfigConstants;
import com.ibm.ws.management.configservice.MOFUtil;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/migrate/ServerSecurityMigrate.class */
public class ServerSecurityMigrate extends SimpleCommandProvider {
    private static TraceComponent tc = Tr.register((Class<?>) ServerSecurityMigrate.class, "ServerSecurityMigrate", "com.ibm.ws.security.adminTasks.migrate");
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand createCommand(CommandMetadata commandMetadata) throws CommandNotFoundException {
        return super.createCommand(commandMetadata);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand loadCommand(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        return super.loadCommand(commandData);
    }

    public String convertServerSecurityToSecurityDomain(AbstractAdminCommand abstractAdminCommand) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertServerSecurityToSecurityDomain", new Object[]{abstractAdminCommand});
        }
        ConfigService configService = getCommandProviderHelper().getConfigService();
        Session configSession = abstractAdminCommand.getConfigSession();
        AttributeList attributeList = new AttributeList();
        new AttributeList();
        new AttributeList();
        try {
            String str = (String) abstractAdminCommand.getParameter("serverResource");
            String str2 = (String) abstractAdminCommand.getParameter("securityDomain");
            String str3 = (String) abstractAdminCommand.getParameter("securityDomainDescription");
            Boolean bool = (Boolean) abstractAdminCommand.getParameter("deleteServer");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "serverResource: " + str);
                Tr.debug(tc, "securityDomain: " + str2);
                Tr.debug(tc, "securityDomainDescription: " + str3);
                Tr.debug(tc, "deleteServer: " + bool);
            }
            ObjectName[] resolve = configService.resolve(configSession, str);
            if (resolve.length != 1) {
                if (tc.isEntryEnabled()) {
                    Tr.debug(tc, "Resource is not a server type.");
                }
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.notServerType.SECJ7797E", null));
            }
            String configDataId = ConfigServiceHelper.getConfigDataId(resolve[0]).toString();
            String configDataType = ConfigServiceHelper.getConfigDataType(resolve[0]);
            String substring = (configDataId == null || configDataId.lastIndexOf(124) <= 0) ? configDataId : configDataId.substring(0, configDataId.lastIndexOf(124));
            isResourceInADomain(configSession, configService, substring);
            if (!configDataType.equals("Server")) {
                if (tc.isEntryEnabled()) {
                    Tr.debug(tc, "Resource is not a server type.");
                }
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.notServerType.SECJ7797E", null));
            }
            ObjectName[] queryConfigObjects = configService.queryConfigObjects(configSession, resolve[0], ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security"), null);
            if (queryConfigObjects.length <= 0) {
                if (tc.isEntryEnabled()) {
                    Tr.debug(tc, "Server level security configuration does not exist.");
                }
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.multidomain.oldServerSecurity.SECJ7789E", new Object[]{str}));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Server security object found: " + queryConfigObjects);
            }
            ObjectName objectName = queryConfigObjects[0];
            SecurityCommon securityCommon = (SecurityCommon) MOFUtil.convertToEObject(configSession, objectName);
            Boolean bool2 = (Boolean) configService.getAttribute(configSession, objectName, SecurityConfig.USE_DOMAIN_QUALIFIED_USER_NAMES);
            if (bool2 != null && securityCommon.isSetUseDomainQualifiedUserNames()) {
                attributeList.add(new Attribute(SecurityConfig.USE_DOMAIN_QUALIFIED_USER_NAMES, bool2));
            }
            Integer num = (Integer) configService.getAttribute(configSession, objectName, SecurityConfig.CACHE_TIMEOUT);
            if (num != null && securityCommon.isSetCacheTimeout()) {
                attributeList.add(new Attribute(SecurityConfig.CACHE_TIMEOUT, num));
            }
            Boolean bool3 = (Boolean) configService.getAttribute(configSession, objectName, SecurityConfig.ISSUE_PERMISSION_WARNING);
            if (bool3 != null && securityCommon.isSetIssuePermissionWarning()) {
                attributeList.add(new Attribute(SecurityConfig.ISSUE_PERMISSION_WARNING, bool3));
            }
            Boolean bool4 = (Boolean) configService.getAttribute(configSession, objectName, SecurityConfig.ENFORCE_JAVA2_SECURITY);
            if (bool4 != null && securityCommon.isSetEnforceJava2Security()) {
                attributeList.add(new Attribute(SecurityConfig.ENFORCE_JAVA2_SECURITY, bool4));
            }
            Boolean bool5 = (Boolean) configService.getAttribute(configSession, objectName, SecurityConfig.APP_SECURITY_ENABLED);
            if (bool5 != null && securityCommon.isSetAppEnabled()) {
                attributeList.add(new Attribute(SecurityConfig.APP_SECURITY_ENABLED, bool5));
            }
            Boolean bool6 = (Boolean) configService.getAttribute(configSession, objectName, SecurityConfig.ENFORCE_FINE_GRAINED_JCA_SECURITY);
            if (bool6 != null && securityCommon.isSetEnforceFineGrainedJCASecurity()) {
                attributeList.add(new Attribute(SecurityConfig.ENFORCE_FINE_GRAINED_JCA_SECURITY, bool6));
            }
            AttributeList attributes = configService.getAttributes(configSession, objectName, new String[]{"CSI"}, true);
            AttributeList attributes2 = configService.getAttributes(configSession, objectName, new String[]{"properties"}, true);
            AttributeList attributeList2 = new AttributeList();
            ConfigServiceHelper.setAttributeValue(attributeList2, "name", str2);
            ConfigServiceHelper.setAttributeValue(attributeList2, "description", str3);
            ObjectName createConfigData = configService.createConfigData(configSession, getCellObjectName(configSession, configService), "SecurityDomain", "SecurityDomain", attributeList2);
            attributeList2.clear();
            ObjectName createConfigData2 = configService.createConfigData(configSession, createConfigData, PropertiesBasedConfigConstants.APPSECURITY_RESOURCE_TYPE, PropertiesBasedConfigConstants.APPSECURITY_RESOURCE_TYPE, attributeList2);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security domain created : " + createConfigData2);
            }
            HashMap hashMap = new HashMap();
            hashMap.put(CommonConstants.COPYIDMGRFILESFORDOMAIN_DESTINATION_DOMAIN, str2);
            hashMap.put(CommonConstants.COPYIDMGRFILESFORDOMAIN_SOURCE_DOMAIN, "global");
            CommandResult executeCommand = executeCommand(configSession, CommonConstants.COPYIDMGRFILESFORDOMAIN_CMD, hashMap);
            if (!executeCommand.isSuccessful()) {
                Throwable exception = executeCommand.getException();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "copyIdMgrFilesForDomain did not execute.", new Object[]{exception});
                }
                throw new Exception(exception);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "copyIdMgrFilesForDomain executed successfully");
            }
            if (!attributeList.isEmpty()) {
                configService.setAttributes(configSession, createConfigData2, attributeList);
            }
            if (!attributes.isEmpty()) {
                configService.setAttributes(configSession, createConfigData2, attributes);
            }
            if (!attributes2.isEmpty()) {
                configService.setAttributes(configSession, createConfigData2, attributes2);
            }
            attributeList2.clear();
            ConfigServiceHelper.setAttributeValue(attributeList2, CommonConstants.RESOURCE_NAME, substring);
            ConfigServiceHelper.setAttributeValue(attributeList2, CommonConstants.RESOURCE_TYPE, configDataType);
            configService.createConfigData(configSession, createConfigData, "members", "SecurityDomainMember", attributeList2);
            if (bool.booleanValue()) {
                configService.deleteConfigData(configSession, objectName);
            }
            return ConfigServiceHelper.getConfigDataId(createConfigData2).toString();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.adminTask.migrate.ServerSecurityMigrate", "235");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e.getMessage());
            }
            throw e;
        }
    }

    private boolean isResourceInADomain(Session session, ConfigService configService, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isResourceInADomain");
        }
        for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
            Iterator it = ((List) configService.getAttribute(session, objectName, "members")).iterator();
            while (it.hasNext()) {
                if (str.equals(ConfigServiceHelper.getAttributeValue((AttributeList) it.next(), CommonConstants.RESOURCE_NAME))) {
                    String str2 = (String) configService.getAttribute(session, objectName, "name");
                    if (tc.isEntryEnabled()) {
                        Tr.debug(tc, "Error: " + str + " already exists in the " + str2 + " domain.");
                    }
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.scope.in.domain.SECJ7703E", new Object[]{str, str2}));
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isResouceInADomain");
        }
        return false;
    }

    private ObjectName getCellObjectName(Session session, ConfigService configService) throws ConfigServiceException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCellObjectName", new Object[]{session, configService, this});
        }
        ObjectName objectName = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Policy"), null)[0];
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Cell ObjectName is " + objectName + ". Cell Name is " + ConfigServiceHelper.getDisplayName(objectName));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCellObjectName", objectName);
        }
        return objectName;
    }

    private static CommandResult executeCommand(Session session, String str, HashMap hashMap) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "executeCommand", new Object[]{session, str, hashMap});
        }
        AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand(str);
        for (String str2 : hashMap.keySet()) {
            createCommand.setParameter(str2, hashMap.get(str2));
        }
        createCommand.setConfigSession(session);
        createCommand.execute();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "executeCommand", createCommand.getCommandResult());
        }
        return createCommand.getCommandResult();
    }
}
