package com.iplanet.im.server;

import com.iplanet.am.sdk.AMRole;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.internal.AuthContext;
import com.sun.identity.authentication.internal.AuthPrincipal;
import com.sun.identity.policy.Policy;
import com.sun.identity.policy.PolicyManager;
import com.sun.identity.policy.SubjectTypeManager;
import com.sun.identity.policy.interfaces.Subject;
import com.sun.im.identity.util.Auth;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.util.HashSet;
import java.util.StringTokenizer;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPException;
import org.mozilla.jss.tests.ModifyTrust;

/* JADX WARN: Classes with same name are omitted:
  input_file:118641-08/Collaboration/collab-upgrade.nbm:netbeans/modules/collab-upgrade.jar:com/sun/tools/ide/collab/server/upgrade/resources/files/im-patch2-linux.zip:private/share/lib/xmppd.jar:com/iplanet/im/server/MigrateAcl.class
  input_file:118641-08/Collaboration/collab-upgrade.nbm:netbeans/modules/collab-upgrade.jar:com/sun/tools/ide/collab/server/upgrade/resources/files/im-patch2-sol.zip:usr/share/lib/xmpp/xmppd.jar:com/iplanet/im/server/MigrateAcl.class
 */
/* loaded from: input_file:118641-08/Collaboration/collab-upgrade.nbm:netbeans/modules/collab-upgrade.jar:com/sun/tools/ide/collab/server/upgrade/resources/files/im-patch2-win.zip:lib/xmppd.jar:com/iplanet/im/server/MigrateAcl.class */
public final class MigrateAcl {
    public static final String IM_SERVICE = "SunIM";
    public static final String PRESENCE_SERVICE = "SunPresence";
    private static String _instanceDir;
    static final String EXT = ".acl";
    static final String SUBDIR = "acls";
    private static String _configFile = "../config/iim.conf";
    private static boolean _migrated = false;
    private static PolicyManager pm = null;
    private static AuthContext lc = null;
    private static LDAPConnection ld = null;
    private static String searchBase = null;
    private static String uidSearchFilter = null;
    private static String groupSearchFilter = null;
    private static SSOToken token = null;

    static SSOToken getToken() {
        try {
            String adminDN = Auth.getAdminDN();
            token = SSOTokenManager.getInstance().createSSOToken(new AuthPrincipal(adminDN), Auth.getAdminPassword());
        } catch (Exception e) {
            Log.error(new StringBuffer().append("(MigrateAcl) getToken exception: ").append(e.toString()).toString());
        }
        return token;
    }

    private static String getConfigDir() {
        return new StringBuffer().append(_instanceDir).append(File.separator).append("config").toString();
    }

    private static File getFile(String str) {
        return new File(new File(getConfigDir(), "acls"), new StringBuffer().append(str).append(EXT).toString());
    }

    private static boolean init() {
        String substring;
        int parseInt;
        Log.debug("(MigrateAcl) init");
        ServerConfig serverConfig = ServerConfig.getServerConfig();
        _instanceDir = serverConfig.getSetting(NMS.INSTANCEDIR, ".");
        if (serverConfig.getSetting(NMS.ACLSTORE, "identity").equals("identity")) {
            _migrated = true;
            return true;
        }
        searchBase = LDAPRealm.removeSpaces(serverConfig.getSetting("iim_ldap.searchbase", ""));
        uidSearchFilter = serverConfig.getSetting("iim_ldap.loginfilter", "(&(objectclass=inetorgperson)(uid={0}))");
        groupSearchFilter = serverConfig.getSetting("iim_ldap.groupbrowsefilter", "(objectclass=groupofuniquenames)");
        Log.debug(new StringBuffer().append("(MigrateAcl) searchBase: ").append(searchBase).toString());
        Log.debug(new StringBuffer().append("(MigrateAcl) uidSearchFilter: ").append(uidSearchFilter).toString());
        Log.debug(new StringBuffer().append("(MigrateAcl) groupSearchFilter: ").append(groupSearchFilter).toString());
        try {
            token = getToken();
            pm = new PolicyManager(token);
            try {
                String setting = serverConfig.getSetting("iim_ldap.host", "");
                int indexOf = setting.indexOf(58);
                if (indexOf <= 0) {
                    substring = setting;
                    parseInt = 389;
                } else {
                    substring = setting.substring(0, indexOf);
                    parseInt = Integer.parseInt(setting.substring(indexOf + 1));
                }
                Log.debug(new StringBuffer().append("(MigrateAcl) ldapHost: ").append(substring).toString());
                Log.debug(new StringBuffer().append("(MigrateAcl) ldapPort: ").append(parseInt).toString());
                ld = new LDAPConnection();
                ld.connect(3, substring, parseInt, Auth.getAdminDN(), Auth.getAdminPassword());
                return true;
            } catch (LDAPException e) {
                Log.error(new StringBuffer().append("(MigrateAcl) Failed to init ldap host : ").append(e.toString()).toString());
                return false;
            } catch (Exception e2) {
                Log.error(new StringBuffer().append("(MigrateAcl) Failed to init ldap host : ").append(e2.toString()).toString());
                return false;
            }
        } catch (Exception e3) {
            Log.error(new StringBuffer().append("(MigrateAcl) init exception: ").append(e3.toString()).toString());
            return false;
        }
    }

    private static void done() {
        if (ld == null || !ld.isConnected()) {
            return;
        }
        try {
            ld.disconnect();
        } catch (LDAPException e) {
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x0089, code lost:
    
        r8 = r0.getDN();
        com.iplanet.im.server.Log.debug(new java.lang.StringBuffer().append("(MigrateAcl) Found userDN: ").append(r8).toString());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String getUserDN(java.lang.String r7) {
        /*
            r0 = 0
            r8 = r0
            r0 = 2
            r9 = r0
            r0 = 2
            java.lang.String[] r0 = new java.lang.String[r0]
            r1 = r0
            r2 = 0
            java.lang.String r3 = "cn"
            r1[r2] = r3
            r1 = r0
            r2 = 1
            java.lang.String r3 = "uid"
            r1[r2] = r3
            r10 = r0
            java.lang.String r0 = "{0}"
            r1 = r7
            java.lang.String r1 = com.sun.im.service.util.StringUtility.unquoteSpecialCharacters(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r2 = com.iplanet.im.server.MigrateAcl.uidSearchFilter     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r0 = com.sun.im.service.util.StringUtility.replaceString(r0, r1, r2)     // Catch: netscape.ldap.LDAPException -> Lae
            r11 = r0
            java.lang.StringBuffer r0 = new java.lang.StringBuffer     // Catch: netscape.ldap.LDAPException -> Lae
            r1 = r0
            r1.<init>()     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r1 = "(MigrateAcl) searchfilter: "
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            r1 = r11
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r0 = r0.toString()     // Catch: netscape.ldap.LDAPException -> Lae
            com.iplanet.im.server.Log.debug(r0)     // Catch: netscape.ldap.LDAPException -> Lae
            netscape.ldap.LDAPConnection r0 = com.iplanet.im.server.MigrateAcl.ld     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r1 = com.iplanet.im.server.MigrateAcl.searchBase     // Catch: netscape.ldap.LDAPException -> Lae
            r2 = r9
            r3 = r11
            r4 = r10
            r5 = 0
            netscape.ldap.LDAPSearchResults r0 = r0.search(r1, r2, r3, r4, r5)     // Catch: netscape.ldap.LDAPException -> Lae
            r12 = r0
        L48:
            r0 = r12
            boolean r0 = r0.hasMoreElements()     // Catch: netscape.ldap.LDAPException -> Lae
            if (r0 == 0) goto Lab
            r0 = r12
            netscape.ldap.LDAPEntry r0 = r0.next()     // Catch: netscape.ldap.LDAPException -> Lae
            r13 = r0
            r0 = r13
            java.lang.String r1 = "uid"
            netscape.ldap.LDAPAttribute r0 = r0.getAttribute(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            r14 = r0
            r0 = r14
            java.util.Enumeration r0 = r0.getStringValues()     // Catch: netscape.ldap.LDAPException -> Lae
            r15 = r0
            r0 = 0
            r16 = r0
            r0 = r15
            if (r0 == 0) goto L7b
            r0 = r15
            java.lang.Object r0 = r0.nextElement()     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r0 = (java.lang.String) r0     // Catch: netscape.ldap.LDAPException -> Lae
            r16 = r0
        L7b:
            r0 = r16
            if (r0 == 0) goto La8
            r0 = r16
            r1 = r7
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            if (r0 == 0) goto La8
            r0 = r13
            java.lang.String r0 = r0.getDN()     // Catch: netscape.ldap.LDAPException -> Lae
            r8 = r0
            java.lang.StringBuffer r0 = new java.lang.StringBuffer     // Catch: netscape.ldap.LDAPException -> Lae
            r1 = r0
            r1.<init>()     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r1 = "(MigrateAcl) Found userDN: "
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            r1 = r8
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> Lae
            java.lang.String r0 = r0.toString()     // Catch: netscape.ldap.LDAPException -> Lae
            com.iplanet.im.server.Log.debug(r0)     // Catch: netscape.ldap.LDAPException -> Lae
            goto Lab
        La8:
            goto L48
        Lab:
            goto Ld3
        Lae:
            r11 = move-exception
            java.lang.StringBuffer r0 = new java.lang.StringBuffer
            r1 = r0
            r1.<init>()
            java.lang.String r1 = "(MigrateAcl) Failed to search for uid - "
            java.lang.StringBuffer r0 = r0.append(r1)
            r1 = r7
            java.lang.StringBuffer r0 = r0.append(r1)
            java.lang.String r1 = " : "
            java.lang.StringBuffer r0 = r0.append(r1)
            r1 = r11
            java.lang.String r1 = r1.toString()
            java.lang.StringBuffer r0 = r0.append(r1)
            java.lang.String r0 = r0.toString()
            com.iplanet.im.server.Log.error(r0)
        Ld3:
            r0 = r8
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.iplanet.im.server.MigrateAcl.getUserDN(java.lang.String):java.lang.String");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0048, code lost:
    
        r8 = r0;
        com.iplanet.im.server.Log.debug(new java.lang.StringBuffer().append("(MigrateAcl) Found groupDN: ").append(r8).toString());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String getGroupDN(java.lang.String r7) {
        /*
            r0 = 0
            r8 = r0
            r0 = 2
            r9 = r0
            r0 = 2
            java.lang.String[] r0 = new java.lang.String[r0]
            r1 = r0
            r2 = 0
            java.lang.String r3 = "cn"
            r1[r2] = r3
            r1 = r0
            r2 = 1
            java.lang.String r3 = "dn"
            r1[r2] = r3
            r10 = r0
            netscape.ldap.LDAPConnection r0 = com.iplanet.im.server.MigrateAcl.ld     // Catch: netscape.ldap.LDAPException -> L6a
            java.lang.String r1 = com.iplanet.im.server.MigrateAcl.searchBase     // Catch: netscape.ldap.LDAPException -> L6a
            r2 = r9
            java.lang.String r3 = com.iplanet.im.server.MigrateAcl.groupSearchFilter     // Catch: netscape.ldap.LDAPException -> L6a
            r4 = r10
            r5 = 0
            netscape.ldap.LDAPSearchResults r0 = r0.search(r1, r2, r3, r4, r5)     // Catch: netscape.ldap.LDAPException -> L6a
            r11 = r0
        L24:
            r0 = r11
            boolean r0 = r0.hasMoreElements()     // Catch: netscape.ldap.LDAPException -> L6a
            if (r0 == 0) goto L67
            r0 = r11
            netscape.ldap.LDAPEntry r0 = r0.next()     // Catch: netscape.ldap.LDAPException -> L6a
            r12 = r0
            r0 = r12
            java.lang.String r0 = r0.getDN()     // Catch: netscape.ldap.LDAPException -> L6a
            r13 = r0
            r0 = r13
            if (r0 == 0) goto L64
            r0 = r13
            r1 = r7
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: netscape.ldap.LDAPException -> L6a
            if (r0 == 0) goto L64
            r0 = r13
            r8 = r0
            java.lang.StringBuffer r0 = new java.lang.StringBuffer     // Catch: netscape.ldap.LDAPException -> L6a
            r1 = r0
            r1.<init>()     // Catch: netscape.ldap.LDAPException -> L6a
            java.lang.String r1 = "(MigrateAcl) Found groupDN: "
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> L6a
            r1 = r8
            java.lang.StringBuffer r0 = r0.append(r1)     // Catch: netscape.ldap.LDAPException -> L6a
            java.lang.String r0 = r0.toString()     // Catch: netscape.ldap.LDAPException -> L6a
            com.iplanet.im.server.Log.debug(r0)     // Catch: netscape.ldap.LDAPException -> L6a
            goto L67
        L64:
            goto L24
        L67:
            goto L8f
        L6a:
            r11 = move-exception
            java.lang.StringBuffer r0 = new java.lang.StringBuffer
            r1 = r0
            r1.<init>()
            java.lang.String r1 = "(MigrateAcl) Failed to search for group - "
            java.lang.StringBuffer r0 = r0.append(r1)
            r1 = r7
            java.lang.StringBuffer r0 = r0.append(r1)
            java.lang.String r1 = " : "
            java.lang.StringBuffer r0 = r0.append(r1)
            r1 = r11
            java.lang.String r1 = r1.toString()
            java.lang.StringBuffer r0 = r0.append(r1)
            java.lang.String r0 = r0.toString()
            com.iplanet.im.server.Log.error(r0)
        L8f:
            r0 = r8
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.iplanet.im.server.MigrateAcl.getGroupDN(java.lang.String):java.lang.String");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:70:0x032c
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private static void migrate(java.io.File r7, java.lang.String r8, java.lang.String r9, java.lang.String r10, java.lang.String r11) {
        /*
            Method dump skipped, instructions count: 817
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.iplanet.im.server.MigrateAcl.migrate(java.io.File, java.lang.String, java.lang.String, java.lang.String, java.lang.String):void");
    }

    static void migrateTopicsAddDel() {
        migrate(getFile("sysTopicsAdd"), "SunIM", IdentityRealm.TOPICS_ATTR, IdentityRealm.TOPICS_POLICY, IdentityRealm.TOPICS_ROLE);
    }

    static void migrateSendAlerts() {
        migrate(getFile("sysSendAlerts"), "SunIM", IdentityRealm.SENDALERTS_ATTR, IdentityRealm.SENDALERTS_POLICY, IdentityRealm.SENDALERTS_ROLE);
    }

    static void migrateRoomsAddDel() {
        migrate(getFile("sysRoomsAdd"), "SunIM", IdentityRealm.ROOMS_ATTR, IdentityRealm.ROOMS_POLICY, IdentityRealm.ROOMS_ROLE);
    }

    static void migrateSaveUserSettings() {
        migrate(getFile("sysSaveUserSettings"), "SunIM", IdentityRealm.SAVEUSERSETTINGS_ATTR, IdentityRealm.SAVEUSERSETTINGS_POLICY, IdentityRealm.SAVEUSERSETTINGS_ROLE);
    }

    static void migrateWatch() {
        migrate(getFile("sysWatch"), "SunPresence", IdentityRealm.WATCH_ATTR, IdentityRealm.WATCH_POLICY, IdentityRealm.WATCH_ROLE);
    }

    static void migrateAdmin() {
        String groupDN;
        Log.debug("(MigrateAcl) migrating sysAdmin");
        HashSet hashSet = new HashSet();
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(getFile("sysAdmin")));
            AMRole role = new AMStoreConnection(token).getRole(new StringBuffer().append("cn=IMAdminUser,").append(searchBase).toString());
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                String trim = readLine.trim();
                if (!trim.equals("")) {
                    StringTokenizer stringTokenizer = new StringTokenizer(trim, ":");
                    if (stringTokenizer.countTokens() >= 2) {
                        String trim2 = stringTokenizer.nextToken().trim();
                        String trim3 = stringTokenizer.nextToken().trim();
                        if (trim2.equals(ModifyTrust.USER)) {
                            String userDN = getUserDN(trim3);
                            if (userDN != null) {
                                hashSet.add(userDN);
                            }
                        } else if (trim2.equals("g") && (groupDN = getGroupDN(trim3)) != null) {
                            SubjectTypeManager subjectTypeManager = pm.getSubjectTypeManager();
                            Policy policy = pm.getPolicy(IdentityRealm.ADMIN_POLICY);
                            Subject subject = subjectTypeManager.getSubject("LDAPGroups");
                            HashSet hashSet2 = new HashSet();
                            hashSet2.add(groupDN);
                            subject.setValues(hashSet2);
                            policy.addSubject("ldapgroups", subject);
                            pm.replacePolicy(policy);
                        }
                    }
                }
            }
            if (hashSet != null && !hashSet.isEmpty()) {
                role.addUsers(hashSet);
            }
        } catch (Exception e) {
            Log.error(new StringBuffer().append("(MigrateAcl) migrateAdmin exception: ").append(e.toString()).toString());
        }
    }

    public static void main(String[] strArr) {
        Log.init();
        Settings.getSettings();
        int i = 0;
        while (i < strArr.length) {
            if (strArr[i].equals("-c") && i + 1 < strArr.length) {
                i++;
                _configFile = strArr[i];
                Log.debug(new StringBuffer().append("(MigrateAcl) config file: ").append(_configFile).toString());
            }
            i++;
        }
        if (!init()) {
            Log.error("(MigrateAcl) init fails");
            System.exit(1);
            return;
        }
        if (_migrated) {
            System.out.println("Access control files already migrated to Identity Server.  In order to re-migrate, change iim.policy.store to \"file\"");
        } else {
            migrateTopicsAddDel();
            migrateSendAlerts();
            migrateRoomsAddDel();
            migrateSaveUserSettings();
            migrateWatch();
            migrateAdmin();
            done();
        }
        System.exit(0);
    }
}
