package com.ibm.ws.security.securitydomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.application.client.ResourceValidationHelper;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.NodeVersionUtils;
import com.ibm.wsspi.security.securitydomain.SecurityDomainChecker;
import com.ibm.wsspi.security.securitydomain.SecurityDomainValidationException;
import java.util.List;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ws/security/securitydomain/DomainCheckerExtension.class */
public class DomainCheckerExtension extends SecurityDomainChecker {
    private static TraceComponent tc = Tr.register((Class<?>) DomainCheckerExtension.class, "security", "com.ibm.ws.security.securitydomain");
    private static final String CELL = "Cell";
    private static final String SERVER = "Server";
    private static final String SERVERCLUSTER = "ServerCluster";
    private static final String CLUSTER = "Cluster";

    @Override // com.ibm.wsspi.security.securitydomain.SecurityDomainChecker
    public boolean handleResource(String str) {
        boolean z = false;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handleResource", str);
        }
        if (str.equals("Server")) {
            z = true;
        } else if (str.equals("Cell")) {
            z = true;
        } else if (str.equals(CLUSTER)) {
            z = true;
        } else if (str.equals("ServerCluster")) {
            z = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handleResource", new Boolean(z));
        }
        return z;
    }

    @Override // com.ibm.wsspi.security.securitydomain.SecurityDomainChecker
    public boolean validateResource(String str, String str2) throws SecurityDomainValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateResource: ", str + " of type: " + str2);
        }
        ConfigService configService = null;
        try {
            try {
                try {
                    Session session = new Session();
                    ConfigService configService2 = CommandMgr.getCommandMgr().getCommandProviderHelper().getConfigService();
                    ObjectName[] resolve = configService2.resolve(session, str);
                    String property = ConfigServiceHelper.getObjectLocation(resolve[0]).getProperty("node");
                    if (property == null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "resource type = ", str2);
                        }
                        if (str2.equals("ServerCluster") || str2.equals(CLUSTER)) {
                            checkClusterMembers(resolve[0], session, configService2);
                        }
                    } else if (!NodeVersionUtils.isNodeValid(property, session, 7, 0)) {
                        throw new SecurityDomainValidationException();
                    }
                    if (session != null) {
                        try {
                            configService2.discard(session);
                        } catch (Exception e) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "caught exception trying to discard a Session object", e.getMessage());
                            }
                        }
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "handleResource", new Boolean(true));
                    }
                    return true;
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.securitydomain.DomainCheckeExtension", "1112");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "exception validating resource", e2);
                    }
                    throw new SecurityDomainValidationException(e2);
                }
            } catch (ConfigServiceException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.securitydomain.DomainCheckeExtension", "1106");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception validating resource", e3);
                }
                throw new SecurityDomainValidationException(e3);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    configService.discard(null);
                } catch (Exception e4) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "caught exception trying to discard a Session object", e4.getMessage());
                    }
                    throw th;
                }
            }
            throw th;
        }
    }

    private void checkClusterMembers(ObjectName objectName, Session session, ConfigService configService) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkClusterMembers", objectName);
        }
        for (AttributeList attributeList : (List) configService.getAttribute(session, objectName, "members")) {
            String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, ResourceValidationHelper.CLUSTER_MEMBER_ATTR);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, ResourceValidationHelper.CLUSTER_MEMBER_ATTR, str);
            }
            String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "nodeName");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "nodeName", str2);
            }
            if (!NodeVersionUtils.isNodeValid(str2, session, 7, 0)) {
                throw new SecurityDomainValidationException();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkClusterMembers");
        }
    }

    @Override // com.ibm.wsspi.security.securitydomain.SecurityDomainChecker
    public boolean acceptSyncFolder(String str, String str2, String str3) {
        return false;
    }

    @Override // com.ibm.wsspi.security.securitydomain.SecurityDomainChecker
    public boolean validateResource(String str, String str2, Object obj) throws SecurityDomainValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateResource: ", str + " of type: " + str2);
        }
        ConfigService configService = null;
        Session session = null;
        try {
            try {
                try {
                    if (obj == null) {
                        session = new Session();
                        obj = session;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "warning: was passed in null session object, a new session is created.");
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "the passed in session object is not null, using it.");
                    }
                    ConfigService configService2 = CommandMgr.getCommandMgr().getCommandProviderHelper().getConfigService();
                    ObjectName[] resolve = configService2.resolve((Session) obj, str);
                    String property = ConfigServiceHelper.getObjectLocation(resolve[0]).getProperty("node");
                    if (property == null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "resource type = ", str2);
                        }
                        if (str2.equals("ServerCluster") || str2.equals(CLUSTER)) {
                            checkClusterMembers(resolve[0], (Session) obj, configService2);
                        }
                    } else if (!NodeVersionUtils.isNodeValid(property, (Session) obj, 7, 0)) {
                        throw new SecurityDomainValidationException();
                    }
                    if (session != null) {
                        try {
                            configService2.discard(session);
                        } catch (Exception e) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "caught exception trying to discard a Session object", e.getMessage());
                            }
                        }
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "handleResource", new Boolean(true));
                    }
                    return true;
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.securitydomain.DomainCheckeExtension", "1112");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "exception validating resource", e2);
                    }
                    throw new SecurityDomainValidationException(e2);
                }
            } catch (ConfigServiceException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.securitydomain.DomainCheckeExtension", "1106");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception validating resource", e3);
                }
                throw new SecurityDomainValidationException(e3);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    configService.discard(null);
                } catch (Exception e4) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "caught exception trying to discard a Session object", e4.getMessage());
                    }
                    throw th;
                }
            }
            throw th;
        }
    }
}
