package com.ibm.ws.sib.security.auth.policy;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.repository.ConfigChangeNotifier;
import com.ibm.websphere.management.repository.ConfigRepositoryEvent;
import com.ibm.websphere.plugincfg.generator.ConfigurationParser;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.service.ConfigChangeListener;
import com.ibm.ws.sib.admin.BusConfigDocument;
import com.ibm.ws.sib.admin.JsAdminService;
import com.ibm.ws.sib.admin.JsConstants;
import com.ibm.ws.sib.admin.SIBExceptionBusNotFound;
import com.ibm.ws.sib.security.BusSecurityConstants;
import com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicy;
import com.ibm.ws.sib.security.users.NoSuchGroupException;
import com.ibm.ws.sib.security.users.NoSuchUserException;
import com.ibm.ws.sib.security.users.UncheckedNoSuchGroupException;
import com.ibm.ws.sib.security.users.UncheckedNoSuchUserException;
import com.ibm.ws.sib.security.users.UserRepository;
import com.ibm.ws.sib.security.users.UserRepositoryException;
import com.ibm.ws.sib.security.users.UserRepositoryFactory;
import com.ibm.ws.sib.utils.ras.SibTr;
import com.ibm.ws.util.WSThreadLocal;
import com.ibm.wsspi.runtime.config.ConfigObject;
import com.ibm.wsspi.runtime.config.ConfigScope;
import com.ibm.wsspi.runtime.config.ConfigService;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory.class */
public final class BusAuthorizationPolicyFactory {
    private static final String USER_NAME = "user";
    private static final String GROUP_NAME = "group";
    private static final String IDENTIFIER_NAME = "identifier";
    private static final String UNIQUE_NAME = "uniqueName";
    public static final String $sccsid = "@(#) 1.19 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory.java, SIB.security, WASX.SIB, ww1616.03 08/10/02 12:22:39 [4/26/16 10:14:37]";
    private static final Set<String> EMPTY_SET = new HashSet();
    private static String SEC_URI1 = "buses/";
    private static String SEC_URI2 = "/sib-authorisations.xml";
    private static Map<String, Set<BusAuthorizationPolicy.BusSecurityPolicyListener>> _listeners = new HashMap();
    private static final WSThreadLocal<Boolean> threadLocal = new WSThreadLocal<Boolean>() { // from class: com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.1
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // java.lang.ThreadLocal
        public Boolean initialValue() {
            return Boolean.FALSE;
        }
    };
    private static final TraceComponent _tc = SibTr.register(BusAuthorizationPolicyFactory.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$AuthorisationLoader.class */
    public static abstract class AuthorisationLoader {
        private static final TraceComponent _tc = SibTr.register(AuthorisationLoader.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);
        protected List<ConfigObject> _authList;
        protected String _busName;

        private AuthorisationLoader() {
        }

        protected Set<String> getNames() {
            HashSet hashSet;
            String lookupUniqueName;
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(_tc, "getNames");
            }
            if (this._authList == null) {
                hashSet = new HashSet(0);
            } else {
                hashSet = new HashSet(this._authList.size());
                for (ConfigObject configObject : this._authList) {
                    String string = configObject.isSet(BusAuthorizationPolicyFactory.IDENTIFIER_NAME) ? configObject.getString(BusAuthorizationPolicyFactory.IDENTIFIER_NAME, null) : null;
                    String string2 = configObject.isSet(BusAuthorizationPolicyFactory.UNIQUE_NAME) ? configObject.getString(BusAuthorizationPolicyFactory.UNIQUE_NAME, null) : null;
                    if (string != null) {
                        hashSet.add(string.toLowerCase());
                    }
                    if (string2 != null) {
                        hashSet.add(string2.toLowerCase());
                    } else if (string != null && (lookupUniqueName = lookupUniqueName(string)) != null) {
                        hashSet.add(lookupUniqueName.toLowerCase());
                    }
                }
            }
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "getNames", hashSet);
            }
            return hashSet;
        }

        protected abstract String lookupUniqueName(String str);

        protected void indicateLookupPerformed() {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "indicateLookupPerformed");
            }
            BusAuthorizationPolicyFactory.threadLocal.set(Boolean.TRUE);
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "indicateLookupPerformed");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$BusSecurityConfigChangedListener.class */
    public static class BusSecurityConfigChangedListener implements ConfigChangeListener {
        private static final TraceComponent _tc = SibTr.register(BusSecurityConfigChangedListener.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);
        public static final String $sccsid = "@(#) 1.19 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory.java, SIB.security, WASX.SIB, ww1616.03 08/10/02 12:22:39 [4/26/16 10:14:37]";
        private String _busName;

        public BusSecurityConfigChangedListener(String str) {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "BusSecurityConfigChangedListener", str);
            }
            this._busName = str;
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "BusSecurityConfigChangedListener", this);
            }
        }

        public void configChanged(ConfigRepositoryEvent configRepositoryEvent) {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "configChanged", configRepositoryEvent);
            }
            ConfigChangeNotifier[] changes = configRepositoryEvent.getChanges();
            String str = BusAuthorizationPolicyFactory.SEC_URI1 + this._busName + BusAuthorizationPolicyFactory.SEC_URI2;
            for (int i = 0; i < changes.length; i++) {
                if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                    SibTr.debug(_tc, "change", changes[i]);
                }
                if (changes[i].getUri().endsWith(str) && changes[i].getChangeType() == 2) {
                    synchronized (BusAuthorizationPolicyFactory.class) {
                        Set set = (Set) BusAuthorizationPolicyFactory._listeners.get(this._busName);
                        if (set != null) {
                            Iterator it = set.iterator();
                            while (it.hasNext()) {
                                ((BusAuthorizationPolicy.BusSecurityPolicyListener) it.next()).policyUpdated();
                            }
                        }
                    }
                }
            }
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "configChanged");
            }
        }

        static {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                SibTr.debug(_tc, "Source Info: @(#) 1.19 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory.java, SIB.security, WASX.SIB, ww1616.03 08/10/02 12:22:39 [4/26/16 10:14:37]");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$DestinationPolicyConfigurator.class */
    public static class DestinationPolicyConfigurator implements PolicyConfigurator {
        private BusAuthorizationPolicyImpl _policy;
        private String _destinationName;
        private ResourceType _resourceType;
        private boolean _inheritDefaults;

        private DestinationPolicyConfigurator(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, String str, ResourceType resourceType, boolean z) {
            this._policy = busAuthorizationPolicyImpl;
            this._destinationName = str;
            this._resourceType = resourceType;
            this._inheritDefaults = z;
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
        public void addRole(RoleType roleType, Set<String> set, Set<String> set2) {
            this._policy.setDestinationRole(this._destinationName, roleType, this._resourceType, this._inheritDefaults, set, set2);
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
        public String getBusName() {
            return this._policy.getBusName();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$ForeignDestinationConfigurator.class */
    public static class ForeignDestinationConfigurator implements PolicyConfigurator {
        private BusAuthorizationPolicyImpl _policy;
        private String _destinationName;
        private String _busName;

        private ForeignDestinationConfigurator(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, String str, String str2) {
            this._policy = busAuthorizationPolicyImpl;
            this._destinationName = str2;
            this._busName = str;
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
        public void addRole(RoleType roleType, Set<String> set, Set<String> set2) {
            this._policy.setForeignDestinationRole(this._busName, this._destinationName, roleType, set, set2);
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
        public String getBusName() {
            return this._policy.getBusName();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$GroupAuthorisationLoader.class */
    public static class GroupAuthorisationLoader extends AuthorisationLoader {
        private static final TraceComponent _tc = SibTr.register(GroupAuthorisationLoader.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);

        public GroupAuthorisationLoader(List<ConfigObject> list, String str) {
            super();
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "GroupAuthorisationLoader", new Object[]{list, str});
            }
            this._authList = list;
            this._busName = str;
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "GroupAuthorisationLoader", this);
            }
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.AuthorisationLoader
        protected String lookupUniqueName(String str) {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "lookupUniqueName", str);
            }
            if (str.equalsIgnoreCase("server") || str.equalsIgnoreCase(BusSecurityConstants.ALLAUTHENTICATED) || str.equalsIgnoreCase(BusSecurityConstants.EVERYONE)) {
                if (!TraceComponent.isAnyTracingEnabled() || !_tc.isEntryEnabled()) {
                    return null;
                }
                SibTr.exit(this, _tc, "lookupUniqueName", (Object) null);
                return null;
            }
            String str2 = null;
            try {
                UserRepository userRepository = UserRepositoryFactory.getUserRepository(this._busName, new UserRepositoryFactory.BehaviouralModifiers[0]);
                if (userRepository != null) {
                    str2 = userRepository.getGroup(str).getUniqueName();
                }
            } catch (NoSuchGroupException e) {
            } catch (UncheckedNoSuchGroupException e2) {
            } catch (UserRepositoryException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.GroupAuthorisationLoader.lookupUniqueName", "543");
            }
            indicateLookupPerformed();
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "lookupUniqueName", str2);
            }
            return str2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$PolicyConfigurator.class */
    public interface PolicyConfigurator {
        void addRole(RoleType roleType, Set<String> set, Set<String> set2);

        String getBusName();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory$UserAuthorisationLoader.class */
    public static class UserAuthorisationLoader extends AuthorisationLoader {
        private static final TraceComponent _tc = SibTr.register(UserAuthorisationLoader.class, BusSecurityConstants.TRC_GROUP, BusSecurityConstants.MSG_BUNDLE);

        public UserAuthorisationLoader(List<ConfigObject> list, String str) {
            super();
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "UserAuthorisationLoader", new Object[]{list, str});
            }
            this._authList = list;
            this._busName = str;
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "UserAuthorisationLoader", this);
            }
        }

        @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.AuthorisationLoader
        protected String lookupUniqueName(String str) {
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.entry(this, _tc, "lookupUniqueName", str);
            }
            String str2 = null;
            try {
                UserRepository userRepository = UserRepositoryFactory.getUserRepository(this._busName, UserRepositoryFactory.BehaviouralModifiers.LAZILY_RETRIEVE_ENTITY_DATA);
                if (userRepository != null) {
                    str2 = userRepository.getUser(str).getUniqueName();
                }
            } catch (NoSuchUserException e) {
            } catch (UncheckedNoSuchUserException e2) {
            } catch (UserRepositoryException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.UserAuthorisationLoader.lookupUniqueName", "543");
            }
            indicateLookupPerformed();
            if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
                SibTr.exit(this, _tc, "lookupUniqueName", str2);
            }
            return str2;
        }
    }

    public static BusAuthorizationPolicy getBusSecurityPolicy(String str, BusAuthorizationPolicy.BusSecurityPolicyListener busSecurityPolicyListener) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "getBusSecurityPolicy", new Object[]{str, busSecurityPolicyListener});
        }
        BusAuthorizationPolicyImpl busAuthorizationPolicyImpl = new BusAuthorizationPolicyImpl(str);
        ConfigObject sIBAuthSpace = getSIBAuthSpace(str);
        if (sIBAuthSpace != null) {
            if (sIBAuthSpace.isSet("busConnect")) {
                loadBusConnectorPermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObject("busConnect"));
            } else {
                busAuthorizationPolicyImpl.setBusConnectorRole(EMPTY_SET, EMPTY_SET);
            }
            if (sIBAuthSpace.isSet("default")) {
                loadDefaultPermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObject("default"));
            } else {
                busAuthorizationPolicyImpl.setDefaultDestinationRole(RoleType.BROWSER, EMPTY_SET, EMPTY_SET);
                busAuthorizationPolicyImpl.setDefaultDestinationRole(RoleType.CREATOR, EMPTY_SET, EMPTY_SET);
                busAuthorizationPolicyImpl.setDefaultDestinationRole(RoleType.SENDER, EMPTY_SET, EMPTY_SET);
                busAuthorizationPolicyImpl.setDefaultDestinationRole(RoleType.RECEIVER, EMPTY_SET, EMPTY_SET);
                busAuthorizationPolicyImpl.setDefaultDestinationRole(RoleType.IDENTITY_ADOPTER, EMPTY_SET, EMPTY_SET);
            }
            if (sIBAuthSpace.isSet("queue")) {
                loadQueuePermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObjectList("queue"));
            }
            if (sIBAuthSpace.isSet("topicSpace")) {
                loadTopicSpacePermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObjectList("topicSpace"));
            }
            if (sIBAuthSpace.isSet("alias")) {
                loadAliasesPermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObjectList("alias"));
            }
            if (sIBAuthSpace.isSet("foreignBus")) {
                loadForeignBusPermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObjectList("foreignBus"));
            }
            if (sIBAuthSpace.isSet("foreignDestination")) {
                loadForeignDestinationPermissions(busAuthorizationPolicyImpl, sIBAuthSpace.getObjectList("foreignDestination"));
            }
            if (threadLocal.get().booleanValue()) {
                SibTr.warning(_tc, "AUTHZ_USER_REPOSITORY_LOOKUP_CWSII0269W", str);
                threadLocal.remove();
            }
        }
        synchronized (BusAuthorizationPolicyFactory.class) {
            Set<BusAuthorizationPolicy.BusSecurityPolicyListener> set = _listeners.get(str);
            if (set == null) {
                set = new HashSet();
                _listeners.put(str, set);
                try {
                    JsAdminService.getInstance().getBus(str).addConfigChangeListener(BusConfigDocument.SIB_AUTHORIZATIONS, new BusSecurityConfigChangedListener(str));
                    if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                        SibTr.debug(_tc, "Registered security listener for dynamic updates");
                    }
                } catch (SIBExceptionBusNotFound e) {
                    FFDCFilter.processException(e, "com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.getBusSecurityPolicy", "372");
                    if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                        SibTr.debug(_tc, "Unable to find the bus to register config change listener. Bus Name = " + str, e);
                    }
                }
            }
            set.add(busSecurityPolicyListener);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
            SibTr.debug(_tc, busAuthorizationPolicyImpl.toTraceString());
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "getBusSecurityPolicy", busAuthorizationPolicyImpl);
        }
        return busAuthorizationPolicyImpl;
    }

    private static synchronized ConfigObject getSIBAuthSpace(String str) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "getSIBAuthSpace", str);
        }
        ConfigObject configObject = null;
        try {
            ConfigService configService = (ConfigService) JsAdminService.getInstance().getService(ConfigService.class);
            ConfigScope createScope = configService.createScope(5);
            createScope.set(5, str);
            for (ConfigObject configObject2 : configService.getDocumentObjects(createScope, JsConstants.WCCM_DOC_AUTHORISATIONS)) {
                if (configObject2.instanceOf(ConfigurationParser.CT_SIBMessagingEngine_URI, "SIBAuthSpace")) {
                    configObject = configObject2;
                }
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.getSIBAuthSpace", "423");
            if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
                SibTr.debug(_tc, "It was not possible to load the configuration", e);
            }
            configObject = null;
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "getSIBAuthSpace", configObject);
        }
        return configObject;
    }

    private static void loadAliasesPermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, List<?> list) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadAliasesPermissions", new Object[]{busAuthorizationPolicyImpl, list});
        }
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            loadAliasDestinationPermissions(busAuthorizationPolicyImpl, (ConfigObject) it.next());
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadAliasesPermissions");
        }
    }

    private static void loadBusConnectorPermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, ConfigObject configObject) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadBusConnectorPermissions", new Object[]{busAuthorizationPolicyImpl, configObject});
        }
        busAuthorizationPolicyImpl.setBusConnectorRole(configObject.isSet("user") ? new UserAuthorisationLoader(configObject.getObjectList("user"), busAuthorizationPolicyImpl.getBusName()).getNames() : EMPTY_SET, configObject.isSet("group") ? new GroupAuthorisationLoader(configObject.getObjectList("group"), busAuthorizationPolicyImpl.getBusName()).getNames() : EMPTY_SET);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadBusConnectorPermissions");
        }
    }

    private static void loadDefaultPermissions(final BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, ConfigObject configObject) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadDefaultPermissions", new Object[]{busAuthorizationPolicyImpl, configObject});
        }
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        PolicyConfigurator policyConfigurator = new PolicyConfigurator() { // from class: com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.2
            @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
            public void addRole(RoleType roleType, Set<String> set, Set<String> set2) {
                BusAuthorizationPolicyImpl.this.setDefaultDestinationRole(roleType, set, set2);
            }

            @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
            public String getBusName() {
                return BusAuthorizationPolicyImpl.this.getBusName();
            }
        };
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.BROWSER, configObject, hashSet, hashSet2, policyConfigurator);
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.CREATOR, configObject, null, null, policyConfigurator);
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, configObject, hashSet, hashSet2, policyConfigurator);
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.RECEIVER, configObject, hashSet, hashSet2, policyConfigurator);
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, configObject, null, null, policyConfigurator);
        policyConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadDefaultPermissions");
        }
    }

    private static void loadAliasDestinationPermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, ConfigObject configObject) {
        PolicyConfigurator foreignDestinationConfigurator;
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadAliasDestinationPermissions", new Object[]{busAuthorizationPolicyImpl, configObject});
        }
        String string = configObject.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
        String string2 = configObject.getString("busName", ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
        boolean z = false;
        boolean z2 = false;
        if (string2 == null || string2.length() == 0 || string2.equals(busAuthorizationPolicyImpl.getBusName())) {
            z = configObject.getBoolean("inheritDefaults", true);
            z2 = true;
        }
        Set<String> hashSet = new HashSet<>();
        Set<String> hashSet2 = new HashSet<>();
        if (z2) {
            foreignDestinationConfigurator = new DestinationPolicyConfigurator(busAuthorizationPolicyImpl, string, ResourceType.ALIAS, z);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.BROWSER, configObject, hashSet, hashSet2, foreignDestinationConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.RECEIVER, configObject, hashSet, hashSet2, foreignDestinationConfigurator);
        } else {
            foreignDestinationConfigurator = new ForeignDestinationConfigurator(busAuthorizationPolicyImpl, string2, string);
        }
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, configObject, hashSet, hashSet2, foreignDestinationConfigurator);
        loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, configObject, null, null, foreignDestinationConfigurator);
        foreignDestinationConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        foreignDestinationConfigurator.addRole(RoleType.CREATOR, EMPTY_SET, EMPTY_SET);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadAliasDestinationPermissions");
        }
    }

    private static void loadTopicSpaceDestinationPermissions(ConfigObject configObject, BusAuthorizationPolicyImpl busAuthorizationPolicyImpl) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadTopicSpaceDestinationPermissions", new Object[]{configObject, busAuthorizationPolicyImpl});
        }
        DestinationPolicyConfigurator destinationPolicyConfigurator = new DestinationPolicyConfigurator(busAuthorizationPolicyImpl, configObject.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT), ResourceType.TOPIC_SPACE, configObject.getBoolean("inheritDefaults", true));
        if (configObject.isSet("topicSpaceBase")) {
            ConfigObject object = configObject.getObject("topicSpaceBase");
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, object, hashSet, hashSet2, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.RECEIVER, object, hashSet, hashSet2, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, object, null, null, destinationPolicyConfigurator);
            destinationPolicyConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        } else {
            destinationPolicyConfigurator.addRole(RoleType.IDENTITY_ADOPTER, EMPTY_SET, EMPTY_SET);
            destinationPolicyConfigurator.addRole(RoleType.INQUIRER, EMPTY_SET, EMPTY_SET);
            destinationPolicyConfigurator.addRole(RoleType.SENDER, EMPTY_SET, EMPTY_SET);
            destinationPolicyConfigurator.addRole(RoleType.RECEIVER, EMPTY_SET, EMPTY_SET);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadTopicSpaceDestinationPermissions");
        }
    }

    private static void loadForeignBusPermissions(final BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, List<?> list) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadForeignBusPermissions", new Object[]{busAuthorizationPolicyImpl, list});
        }
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            ConfigObject configObject = (ConfigObject) it.next();
            final String string = configObject.getString("busName", ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
            PolicyConfigurator policyConfigurator = new PolicyConfigurator() { // from class: com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.3
                @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
                public void addRole(RoleType roleType, Set<String> set, Set<String> set2) {
                    BusAuthorizationPolicyImpl.this.setForeignBusRole(string, roleType, set, set2);
                }

                @Override // com.ibm.ws.sib.security.auth.policy.BusAuthorizationPolicyFactory.PolicyConfigurator
                public String getBusName() {
                    return BusAuthorizationPolicyImpl.this.getBusName();
                }
            };
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, configObject, hashSet, hashSet2, policyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, configObject, null, null, policyConfigurator);
            policyConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadForeignBusPermissions");
        }
    }

    private static void loadForeignDestinationPermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, List<?> list) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadForeignDestinationPermissions", new Object[]{busAuthorizationPolicyImpl, list});
        }
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            ConfigObject configObject = (ConfigObject) it.next();
            String string = configObject.getString("destinationName", ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
            String string2 = configObject.getString("busName", ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            ForeignDestinationConfigurator foreignDestinationConfigurator = new ForeignDestinationConfigurator(busAuthorizationPolicyImpl, string2, string);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, configObject, hashSet, hashSet2, foreignDestinationConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, configObject, null, null, foreignDestinationConfigurator);
            foreignDestinationConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadForeignDestinationPermissions");
        }
    }

    private static void loadQueuePermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, List<?> list) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadQueuePermissions", new Object[]{busAuthorizationPolicyImpl, list});
        }
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            ConfigObject configObject = (ConfigObject) it.next();
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            DestinationPolicyConfigurator destinationPolicyConfigurator = new DestinationPolicyConfigurator(busAuthorizationPolicyImpl, configObject.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT), ResourceType.QUEUE, configObject.getBoolean("inheritDefaults", true));
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.BROWSER, configObject, hashSet, hashSet2, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.SENDER, configObject, hashSet, hashSet2, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.RECEIVER, configObject, hashSet, hashSet2, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.CREATOR, configObject, null, null, destinationPolicyConfigurator);
            loadUsersAndGroupsForRoleIntoPolicy(RoleType.IDENTITY_ADOPTER, configObject, null, null, destinationPolicyConfigurator);
            destinationPolicyConfigurator.addRole(RoleType.INQUIRER, hashSet, hashSet2);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadQueuePermissions");
        }
    }

    private static void loadTopicRootPermissions(ConfigObject configObject, BusAuthorizationPolicyImpl busAuthorizationPolicyImpl) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadTopicRootPermissions", new Object[]{configObject, busAuthorizationPolicyImpl});
        }
        ConfigObject object = configObject.getObject("topicSpaceRoot");
        Set<String> set = null;
        Set<String> set2 = null;
        Set<String> set3 = null;
        Set<String> set4 = null;
        if (object != null) {
            ConfigObject object2 = object.getObject("sender");
            ConfigObject object3 = object.getObject("receiver");
            if (object2 != null) {
                set = new UserAuthorisationLoader(object2.getObjectList("user"), busAuthorizationPolicyImpl.getBusName()).getNames();
                set2 = new GroupAuthorisationLoader(object2.getObjectList("group"), busAuthorizationPolicyImpl.getBusName()).getNames();
            }
            if (object3 != null) {
                set3 = new UserAuthorisationLoader(object3.getObjectList("user"), busAuthorizationPolicyImpl.getBusName()).getNames();
                set4 = new GroupAuthorisationLoader(object3.getObjectList("group"), busAuthorizationPolicyImpl.getBusName()).getNames();
            }
        }
        Set<String> set5 = set == null ? EMPTY_SET : set;
        Set<String> set6 = set2 == null ? EMPTY_SET : set2;
        Set<String> set7 = set3 == null ? EMPTY_SET : set3;
        Set<String> set8 = set4 == null ? EMPTY_SET : set4;
        String string = configObject.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
        boolean z = configObject.getBoolean("inheritDefaults", true);
        busAuthorizationPolicyImpl.setTopicRoleDetails(string, "", z, set5, set6, z, set7, set8);
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadTopicRootPermissions");
        }
    }

    private static void loadTopicSpacePermissions(BusAuthorizationPolicyImpl busAuthorizationPolicyImpl, List<?> list) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadTopicSpacePermissions", new Object[]{busAuthorizationPolicyImpl, list});
        }
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            ConfigObject configObject = (ConfigObject) it.next();
            loadTopicSpaceDestinationPermissions(configObject, busAuthorizationPolicyImpl);
            loadTopicRootPermissions(configObject, busAuthorizationPolicyImpl);
            loadTopicsPermissions(configObject, busAuthorizationPolicyImpl);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadTopicSpacePermissions");
        }
    }

    private static void loadTopicsPermissions(ConfigObject configObject, BusAuthorizationPolicyImpl busAuthorizationPolicyImpl) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadTopicsPermissions", new Object[]{configObject, busAuthorizationPolicyImpl});
        }
        String string = configObject.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT);
        List<ConfigObject> objectList = configObject.getObjectList("topic");
        if (objectList != null) {
            for (ConfigObject configObject2 : objectList) {
                Set<String> set = null;
                Set<String> set2 = null;
                Set<String> set3 = null;
                Set<String> set4 = null;
                ConfigObject object = configObject2.getObject("sender");
                ConfigObject object2 = configObject2.getObject("receiver");
                if (object != null) {
                    set = new UserAuthorisationLoader(object.getObjectList("user"), busAuthorizationPolicyImpl.getBusName()).getNames();
                    set2 = new GroupAuthorisationLoader(object.getObjectList("group"), busAuthorizationPolicyImpl.getBusName()).getNames();
                }
                if (object2 != null) {
                    set3 = new UserAuthorisationLoader(object2.getObjectList("user"), busAuthorizationPolicyImpl.getBusName()).getNames();
                    set4 = new GroupAuthorisationLoader(object2.getObjectList("group"), busAuthorizationPolicyImpl.getBusName()).getNames();
                }
                busAuthorizationPolicyImpl.setTopicRoleDetails(string, configObject2.getString(IDENTIFIER_NAME, ConfigurationParser.CT_SIBMessagingEngine_BUSNAME_DEFAULT), configObject2.getBoolean("inheritSender", true), set == null ? EMPTY_SET : set, set2 == null ? EMPTY_SET : set2, configObject2.getBoolean("inheritReceiver", true), set3 == null ? EMPTY_SET : set3, set4 == null ? EMPTY_SET : set4);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadTopicsPermissions");
        }
    }

    private static void loadUsersAndGroupsForRoleIntoPolicy(RoleType roleType, ConfigObject configObject, Set<String> set, Set<String> set2, PolicyConfigurator policyConfigurator) {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.entry(_tc, "loadUsersAndGroupsForRoleIntoPolicy", new Object[]{roleType, configObject, set, set2, policyConfigurator});
        }
        String roleTypeName = roleType.getRoleTypeName();
        if (configObject.isSet(roleTypeName)) {
            ConfigObject object = configObject.getObject(roleTypeName);
            Set<String> names = new UserAuthorisationLoader(object.getObjectList("user"), policyConfigurator.getBusName()).getNames();
            Set<String> names2 = new GroupAuthorisationLoader(object.getObjectList("group"), policyConfigurator.getBusName()).getNames();
            if (set != null) {
                set.addAll(names);
            }
            if (set2 != null) {
                set2.addAll(names2);
            }
            policyConfigurator.addRole(roleType, names, names2);
        } else {
            policyConfigurator.addRole(roleType, EMPTY_SET, EMPTY_SET);
        }
        if (TraceComponent.isAnyTracingEnabled() && _tc.isEntryEnabled()) {
            SibTr.exit(_tc, "loadUsersAndGroupsForRoleIntoPolicy");
        }
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && _tc.isDebugEnabled()) {
            SibTr.debug(_tc, "Source Info: @(#) 1.19 SIB/ws/code/sib.security.impl/src/com/ibm/ws/sib/security/auth/policy/BusAuthorizationPolicyFactory.java, SIB.security, WASX.SIB, ww1616.03 08/10/02 12:22:39 [4/26/16 10:14:37]");
        }
    }
}
