package com.sonicsw.mq.components;

import com.sonicsw.mf.common.config.IAttributeChangeHandler;
import java.io.IOException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import progress.message.broker.AgentRegistrar;
import progress.message.broker.Broker;
import progress.message.broker.IClientContextTracker;
import progress.message.broker.RoutingUserAclEntry;
import progress.message.broker.SubjectAclEntry;
import progress.message.security.EPermissionConflict;
import progress.message.security.EUnknownPermission;
import progress.message.security.SecurityCache;
import progress.message.zclient.ProgressGroup;
import progress.message.zclient.ProgressPasswordUser;
import progress.message.zclient.ProgressPrincipal;
import progress.message.zclient.SessionConfig;

/* loaded from: input_file:com/sonicsw/mq/components/RemoveACLChangeHandler.class */
public class RemoveACLChangeHandler implements IAttributeChangeHandler {
    private String m_principalName;
    private String m_principalType;
    private String m_resourceName;
    private String m_aclType;

    public RemoveACLChangeHandler(String str, String str2, String str3, String str4) {
        this.m_principalName = null;
        this.m_principalType = null;
        this.m_resourceName = null;
        this.m_aclType = null;
        this.m_principalName = str;
        this.m_principalType = str2;
        this.m_resourceName = str3;
        this.m_aclType = str4;
    }

    public void itemDeleted() {
        Principal group = this.m_principalType.equalsIgnoreCase(Constants.GROUP) ? AgentRegistrar.getAgentRegistrar().getSecurityBean().getGroup(this.m_principalName) : AgentRegistrar.getAgentRegistrar().getSecurityBean().getUser(this.m_principalName);
        if (group == null) {
            if (this.m_principalType.equalsIgnoreCase(Constants.GROUP)) {
                group = new ProgressGroup(this.m_principalName);
                ((ProgressPrincipal) group).setInternalPrincipal(false);
                ((ProgressPrincipal) group).setCreatedDueToACLEntry(true);
            } else {
                group = new ProgressPasswordUser(this.m_principalName, "");
                ((ProgressPrincipal) group).setInternalPrincipal(false);
                ((ProgressPrincipal) group).setCreatedDueToACLEntry(true);
            }
        }
        if (group != null) {
            if (this.m_aclType.equals(Constants.ROUTING_USER_ACL)) {
                try {
                    AgentRegistrar.getAgentRegistrar().getSecurityBean().delRoutingUserAclEntry(this.m_resourceName, group);
                } catch (IOException e) {
                }
            } else {
                try {
                    SubjectAclEntry subjectAclEntry = new SubjectAclEntry(group);
                    SubjectAclEntry subjectAclEntry2 = new SubjectAclEntry(group);
                    setSubjectACLPermissions(this.m_aclType, Constants.GRANT_PERMISSION, subjectAclEntry);
                    setSubjectACLPermissions(this.m_aclType, Constants.DENY_PERMISSION, subjectAclEntry2);
                    AgentRegistrar.getAgentRegistrar().getSecurityBean().delAclEntry(this.m_resourceName, subjectAclEntry);
                    AgentRegistrar.getAgentRegistrar().getSecurityBean().delAclEntry(this.m_resourceName, subjectAclEntry2);
                } catch (IOException e2) {
                }
            }
            try {
                if (!((ProgressPrincipal) group).isInternalPrincipal()) {
                    removeExternalPrincipal();
                }
            } catch (Exception e3) {
                SessionConfig.logMessage(e3.getMessage(), e3, SessionConfig.getLevelInfo());
            }
            this.m_principalName = null;
            this.m_principalType = null;
            this.m_resourceName = null;
            this.m_aclType = null;
        }
    }

    public void itemModified(Object obj) {
    }

    private final boolean removeExternalPrincipal() {
        SecurityCache securityCache = Broker.getBroker().getSecurityCache();
        if (securityCache == null) {
            return false;
        }
        if (this.m_principalType.equalsIgnoreCase(Constants.GROUP)) {
            if (AgentRegistrar.getAgentRegistrar().getSecurityBean().getGroup(this.m_principalName).isInternalPrincipal()) {
                return false;
            }
        } else if (AgentRegistrar.getAgentRegistrar().getSecurityBean().getUser(this.m_principalName).isInternalPrincipal()) {
            return false;
        }
        boolean z = false;
        Hashtable<String, Vector<SubjectAclEntry>> subjectACLEntries = securityCache.getSubjectACLEntries();
        if (subjectACLEntries != null && !subjectACLEntries.isEmpty()) {
            for (String str : subjectACLEntries.keySet()) {
                if (str != null && !SessionConfig.isSystemSubject(str) && !str.startsWith("SonicMQ.mf")) {
                    try {
                        Vector<SubjectAclEntry> vector = subjectACLEntries.get(str);
                        traceKeyAndValue(str, vector);
                        Enumeration<SubjectAclEntry> elements = vector.elements();
                        while (elements.hasMoreElements()) {
                            SubjectAclEntry nextElement = elements.nextElement();
                            if (nextElement != null) {
                                z = checkAdditionalACLEntry(z, nextElement.getPrincipal());
                            }
                        }
                    } catch (Exception e) {
                    }
                }
                if (z) {
                    break;
                }
            }
        }
        Hashtable<String, Vector<RoutingUserAclEntry>> routingUserACLEntries = securityCache.getRoutingUserACLEntries();
        if (routingUserACLEntries != null && !routingUserACLEntries.isEmpty() && !z) {
            for (String str2 : routingUserACLEntries.keySet()) {
                if (str2 != null && !SessionConfig.isSystemSubject(str2) && !str2.startsWith("SonicMQ.mf")) {
                    try {
                        Vector<RoutingUserAclEntry> vector2 = routingUserACLEntries.get(str2);
                        traceKeyAndValue(str2, vector2);
                        Enumeration<RoutingUserAclEntry> elements2 = vector2.elements();
                        while (elements2.hasMoreElements()) {
                            RoutingUserAclEntry nextElement2 = elements2.nextElement();
                            if (nextElement2 != null) {
                                z = checkAdditionalACLEntry(z, nextElement2.getPrincipal());
                            }
                        }
                    } catch (Exception e2) {
                    }
                }
                if (z) {
                    break;
                }
            }
        }
        if (z) {
            return false;
        }
        if (this.m_principalType.equalsIgnoreCase(Constants.GROUP)) {
            ProgressGroup group = AgentRegistrar.getAgentRegistrar().getSecurityBean().getGroup(this.m_principalName);
            if (group == null || !group.isCreatedDueToACLEntry()) {
                return false;
            }
            try {
                AgentRegistrar.getAgentRegistrar().getSecurityBean().delGroup(this.m_principalName);
                return true;
            } catch (IOException e3) {
                return false;
            }
        }
        ProgressPasswordUser user = AgentRegistrar.getAgentRegistrar().getSecurityBean().getUser(this.m_principalName);
        if (user != null && user.isCreatedDueToACLEntry()) {
            user.setCreatedDueToACLEntry(false);
            Broker.getBroker().getSecurityCache().addUser(user);
        }
        String name = user == null ? null : user.getName();
        IClientContextTracker clientContextTracker = AgentRegistrar.getClientContextTracker();
        if (clientContextTracker == null || clientContextTracker.getCurrentClientContextUsage(name) <= 0) {
            return AgentRegistrar.getAgentRegistrar().removeExternalUserFromSecBean(name);
        }
        return false;
    }

    private void traceKeyAndValue(String str, Object obj) {
    }

    private boolean checkAdditionalACLEntry(boolean z, Principal principal) {
        boolean z2 = z;
        if (principal != null && principal.getName().equals(this.m_principalName)) {
            z2 = true;
        }
        return z2;
    }

    private void setSubjectACLPermissions(String str, String str2, SubjectAclEntry subjectAclEntry) {
        try {
            if (str2.equalsIgnoreCase(Constants.GRANT_PERMISSION)) {
                if (str.equalsIgnoreCase(Constants.PUBLISH_ACL)) {
                    subjectAclEntry.addPermission((byte) 1);
                } else if (str.equalsIgnoreCase(Constants.SUBSCRIBE_ACL)) {
                    subjectAclEntry.addPermission((byte) 2);
                } else if (str.equalsIgnoreCase(Constants.GUARANTEED_ACL)) {
                    subjectAclEntry.addPermission((byte) 4);
                } else if (str.equalsIgnoreCase(Constants.SEND_ACL)) {
                    subjectAclEntry.addPermission((byte) 1);
                } else if (str.equalsIgnoreCase(Constants.RECEIVE_ACL)) {
                    subjectAclEntry.addPermission((byte) 2);
                } else if (str.equalsIgnoreCase(Constants.BROWSE_ACL)) {
                    subjectAclEntry.addPermission((byte) 8);
                } else {
                    BrokerComponent.getComponentContext().logMessage("Unknown ACL type: " + str, 2);
                }
            } else if (str.equalsIgnoreCase(Constants.PUBLISH_ACL)) {
                subjectAclEntry.addPermission((byte) -2);
            } else if (str.equalsIgnoreCase(Constants.SUBSCRIBE_ACL)) {
                subjectAclEntry.addPermission((byte) -3);
            } else if (str.equalsIgnoreCase(Constants.GUARANTEED_ACL)) {
                subjectAclEntry.addPermission((byte) -5);
            } else if (str.equalsIgnoreCase(Constants.SEND_ACL)) {
                subjectAclEntry.addPermission((byte) -2);
            } else if (str.equalsIgnoreCase(Constants.RECEIVE_ACL)) {
                subjectAclEntry.addPermission((byte) -3);
            } else if (str.equalsIgnoreCase(Constants.BROWSE_ACL)) {
                subjectAclEntry.addPermission((byte) -9);
            } else {
                BrokerComponent.getComponentContext().logMessage("Unknown ACL type: " + str, 2);
            }
        } catch (EPermissionConflict e) {
        } catch (EUnknownPermission e2) {
        }
    }
}
