package org.dasein.cloud.aws.identity;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.log4j.Logger;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.ProviderContext;
import org.dasein.cloud.admin.PrepaymentSupport;
import org.dasein.cloud.aws.AWSCloud;
import org.dasein.cloud.aws.compute.EC2ComputeServices;
import org.dasein.cloud.aws.compute.EC2Exception;
import org.dasein.cloud.aws.compute.EC2Method;
import org.dasein.cloud.aws.network.ELBMethod;
import org.dasein.cloud.aws.network.Route53Method;
import org.dasein.cloud.aws.platform.CloudFrontMethod;
import org.dasein.cloud.aws.platform.RDS;
import org.dasein.cloud.aws.platform.SNS;
import org.dasein.cloud.aws.platform.SQS;
import org.dasein.cloud.aws.platform.SimpleDB;
import org.dasein.cloud.aws.storage.S3Method;
import org.dasein.cloud.compute.AutoScalingSupport;
import org.dasein.cloud.compute.MachineImageSupport;
import org.dasein.cloud.compute.SnapshotSupport;
import org.dasein.cloud.compute.VirtualMachineSupport;
import org.dasein.cloud.compute.VolumeSupport;
import org.dasein.cloud.identity.AccessKey;
import org.dasein.cloud.identity.CloudGroup;
import org.dasein.cloud.identity.CloudPermission;
import org.dasein.cloud.identity.CloudPolicy;
import org.dasein.cloud.identity.CloudUser;
import org.dasein.cloud.identity.IdentityAndAccessSupport;
import org.dasein.cloud.identity.ServiceAction;
import org.dasein.cloud.identity.ShellKeySupport;
import org.dasein.cloud.network.DNSSupport;
import org.dasein.cloud.network.FirewallSupport;
import org.dasein.cloud.network.IpAddressSupport;
import org.dasein.cloud.network.LoadBalancerSupport;
import org.dasein.cloud.platform.CDNSupport;
import org.dasein.cloud.platform.KeyValueDatabaseSupport;
import org.dasein.cloud.platform.MQSupport;
import org.dasein.cloud.platform.PushNotificationSupport;
import org.dasein.cloud.platform.RelationalDatabaseSupport;
import org.dasein.cloud.storage.BlobStoreSupport;
import org.dasein.cloud.util.APITrace;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/dasein/cloud/aws/identity/IAM.class */
public class IAM implements IdentityAndAccessSupport {
    private static final Logger logger = AWSCloud.getLogger(IAM.class);
    private AWSCloud provider;

    public IAM(@Nonnull AWSCloud aWSCloud) {
        this.provider = aWSCloud;
    }

    public void addUserToGroups(@Nonnull String str, @Nonnull String... strArr) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.addUserToGroups");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for the attempt at addUserToGroups()");
                throw new InternalException("No context was established for this call.");
            }
            if (logger.isInfoEnabled()) {
                logger.info("Adding " + str + " to " + strArr.length + " groups...");
            }
            for (String str2 : strArr) {
                addUserToGroup(context, str, str2);
            }
            if (logger.isInfoEnabled()) {
                logger.info("User " + str + " successfully added to all groups.");
            }
        } finally {
            APITrace.end();
        }
    }

    private void addUserToGroup(@Nonnull ProviderContext providerContext, @Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        if (logger.isTraceEnabled()) {
            logger.trace("ENTER: " + IAM.class.getName() + ".addUserToGroup(" + providerContext + "," + str + "," + str2 + ")");
        }
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.ADD_USER_TO_GROUP, IAMMethod.VERSION);
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            CloudGroup group = getGroup(str2);
            if (group == null) {
                throw new CloudException("No such group: " + str2);
            }
            standardParameters.put("GroupName", group.getName());
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Adding " + str + " to " + str2 + "...");
                }
                iAMMethod.invoke();
                if (logger.isInfoEnabled()) {
                    logger.info("Added.");
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".addUserToGroup()");
                }
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            if (logger.isTraceEnabled()) {
                logger.trace("EXIT: " + IAM.class.getName() + ".addUserToGroup()");
            }
            throw th;
        }
    }

    @Nonnull
    public CloudGroup createGroup(@Nonnull String str, @Nullable String str2, boolean z) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.createGroup");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for the attempt at createGroup()");
                throw new InternalException("No context was established for this call.");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.CREATE_GROUP, IAMMethod.VERSION);
            String validateName = validateName(str);
            standardParameters.put("GroupName", validateName);
            if (str2 != null) {
                if (!str2.endsWith("/")) {
                    str2 = str2 + "/";
                }
                standardParameters.put("Path", str2);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Creating group " + validateName + " in " + str2 + "...");
                }
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("Group");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudGroup group = toGroup(context, elementsByTagName.item(i));
                    if (logger.isDebugEnabled()) {
                        logger.debug("cloudGroup=" + group);
                    }
                    if (group != null) {
                        if (logger.isInfoEnabled()) {
                            logger.info("Created.");
                        }
                        if (z) {
                            logger.info("Setting up admin group rights for new group " + group);
                            saveGroupPolicy(group.getProviderGroupId(), "AdminGroup", CloudPermission.ALLOW, null, null);
                        }
                        APITrace.end();
                        return group;
                    }
                }
                logger.error("No group was created as a result of the request");
                throw new CloudException("No group was created as a result of the request");
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public CloudUser createUser(@Nonnull String str, @Nullable String str2, @Nullable String... strArr) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.createUser");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for the attempt at createUser()");
                throw new InternalException("No context was established for this call.");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.CREATE_USER, IAMMethod.VERSION);
            standardParameters.put("UserName", str);
            if (str2 != null) {
                if (!str2.endsWith("/")) {
                    str2 = str2 + "/";
                }
                standardParameters.put("Path", str2);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Creating user " + str + " in " + str2 + "...");
                }
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("User");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudUser user = toUser(context, elementsByTagName.item(i));
                    if (logger.isDebugEnabled()) {
                        logger.debug("cloudUser=" + user);
                    }
                    if (user != null) {
                        if (logger.isInfoEnabled()) {
                            logger.info("Created.");
                        }
                        APITrace.end();
                        return user;
                    }
                }
                logger.error("No user was created as a result of the request");
                throw new CloudException("No user was created as a result of the request");
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public AccessKey enableAPIAccess(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "enableAPIAccess");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.CREATE_ACCESS_KEY, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Creating access keys for " + str);
                }
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("AccessKey");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    AccessKey accessKey = toAccessKey(context, elementsByTagName.item(i));
                    if (logger.isDebugEnabled()) {
                        logger.debug("key=" + accessKey);
                    }
                    if (accessKey != null) {
                        if (logger.isInfoEnabled()) {
                            logger.info("Created.");
                        }
                        APITrace.end();
                        return accessKey;
                    }
                }
                logger.error("No access key was created as a result of the request");
                throw new CloudException("No access key was created as a result of the request");
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    public void enableConsoleAccess(@Nonnull String str, @Nonnull byte[] bArr) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.enableConsoleAccess");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.CREATE_LOGIN_PROFILE, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            try {
                standardParameters.put("Password", new String(bArr, "utf-8"));
                if (logger.isDebugEnabled()) {
                    logger.debug("parameters=[omitted due to password sensitivity]");
                }
                IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
                try {
                    if (logger.isInfoEnabled()) {
                        logger.info("Creating console access for " + str);
                    }
                    if (iAMMethod.invoke().getElementsByTagName("LoginProfile").getLength() < 1) {
                        logger.error("No console access was created as a result of the request");
                        throw new CloudException("No console access was created as a result of the request");
                    }
                } catch (EC2Exception e) {
                    logger.error(e.getSummary());
                    throw new CloudException(e);
                }
            } catch (UnsupportedEncodingException e2) {
                throw new InternalException(e2);
            }
        } finally {
            APITrace.end();
        }
    }

    @Nullable
    public CloudGroup getGroup(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.getGroup");
        try {
            for (CloudGroup cloudGroup : listGroups(null)) {
                if (str.equals(cloudGroup.getProviderGroupId())) {
                    APITrace.end();
                    return cloudGroup;
                }
            }
            APITrace.end();
            return null;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nullable
    private CloudPolicy[] getGroupPolicy(@Nonnull CloudGroup cloudGroup, @Nonnull String str) throws CloudException, InternalException {
        if (logger.isTraceEnabled()) {
            logger.trace("ENTER: " + IAM.class.getName() + ".getGroupPolicy(" + cloudGroup + "," + str + ")");
        }
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.GET_GROUP_POLICY, IAMMethod.VERSION);
            standardParameters.put("GroupName", cloudGroup.getName());
            standardParameters.put("PolicyName", str);
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            try {
                NodeList elementsByTagName = new IAMMethod(this.provider, standardParameters).invoke().getElementsByTagName("GetGroupPolicyResult");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    Node item = elementsByTagName.item(i);
                    if (item.hasChildNodes()) {
                        NodeList childNodes = item.getChildNodes();
                        for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                            Node item2 = childNodes.item(i2);
                            if (item2.getNodeName().equalsIgnoreCase("PolicyDocument")) {
                                JSONObject jSONObject = new JSONObject(URLDecoder.decode(item2.getFirstChild().getNodeValue().trim(), "utf-8"));
                                if (jSONObject.has("Statement")) {
                                    CloudPolicy[] policy = toPolicy(str, jSONObject.getJSONArray("Statement"));
                                    if (logger.isTraceEnabled()) {
                                        logger.trace("EXIT: " + IAM.class.getName() + ".getGroupPolicy()");
                                    }
                                    return policy;
                                }
                            }
                        }
                    }
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".getGroupPolicy()");
                }
                return null;
            } catch (UnsupportedEncodingException e) {
                logger.error("Unknown encoding in utf-8: " + e.getMessage());
                throw new InternalException(e);
            } catch (EC2Exception e2) {
                if (e2.getStatus() != 404) {
                    logger.error(e2.getSummary());
                    throw new CloudException(e2);
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".getGroupPolicy()");
                }
                return null;
            } catch (JSONException e3) {
                logger.error("Failed to parse policy statement: " + e3.getMessage());
                throw new CloudException(e3);
            }
        } catch (Throwable th) {
            if (logger.isTraceEnabled()) {
                logger.trace("EXIT: " + IAM.class.getName() + ".getGroupPolicy()");
            }
            throw th;
        }
    }

    @Nullable
    public CloudUser getUser(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.getUser");
        try {
            for (CloudUser cloudUser : listUsersInPath(null)) {
                if (str.equals(cloudUser.getProviderUserId())) {
                    APITrace.end();
                    return cloudUser;
                }
            }
            APITrace.end();
            return null;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nullable
    private CloudUser getUserByName(@Nonnull String str) throws CloudException, InternalException {
        if (logger.isTraceEnabled()) {
            logger.trace("ENTER: " + IAM.class.getName() + ".getUserByName(" + str + ")");
        }
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_USERS, IAMMethod.VERSION);
            standardParameters.put("UserName", str);
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            try {
                NodeList elementsByTagName = new IAMMethod(this.provider, standardParameters).invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudUser user = toUser(context, elementsByTagName.item(i));
                    if (user != null) {
                        if (logger.isDebugEnabled()) {
                            logger.debug("cloudUser=" + user);
                        }
                        if (logger.isTraceEnabled()) {
                            logger.trace("EXIT: " + IAM.class.getName() + ".getUserByName()");
                        }
                        return user;
                    }
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("cloudUser=null");
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".getUserByName()");
                }
                return null;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            if (logger.isTraceEnabled()) {
                logger.trace("EXIT: " + IAM.class.getName() + ".getUserByName()");
            }
            throw th;
        }
    }

    @Nullable
    private CloudPolicy[] getUserPolicy(@Nonnull CloudUser cloudUser, @Nonnull String str) throws CloudException, InternalException {
        if (logger.isTraceEnabled()) {
            logger.trace("ENTER: " + IAM.class.getName() + ".getUserPolicy(" + cloudUser + "," + str + ")");
        }
        try {
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.GET_USER_POLICY, IAMMethod.VERSION);
            standardParameters.put("UserName", cloudUser.getUserName());
            standardParameters.put("PolicyName", str);
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            try {
                NodeList elementsByTagName = new IAMMethod(this.provider, standardParameters).invoke().getElementsByTagName("GetUserPolicyResult");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    Node item = elementsByTagName.item(i);
                    if (item.hasChildNodes()) {
                        NodeList childNodes = item.getChildNodes();
                        for (int i2 = 0; i2 < childNodes.getLength(); i2++) {
                            Node item2 = childNodes.item(i2);
                            if (item2.getNodeName().equalsIgnoreCase("PolicyDocument")) {
                                JSONObject jSONObject = new JSONObject(URLDecoder.decode(item2.getFirstChild().getNodeValue().trim(), "utf-8"));
                                if (jSONObject.has("Statement")) {
                                    CloudPolicy[] policy = toPolicy(str, jSONObject.getJSONArray("Statement"));
                                    if (logger.isTraceEnabled()) {
                                        logger.trace("EXIT: " + IAM.class.getName() + ".getUserPolicy()");
                                    }
                                    return policy;
                                }
                            }
                        }
                    }
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".getUserPolicy()");
                }
                return null;
            } catch (UnsupportedEncodingException e) {
                logger.error("Unknown encoding in utf-8: " + e.getMessage());
                throw new InternalException(e);
            } catch (EC2Exception e2) {
                if (e2.getStatus() != 404) {
                    logger.error(e2.getSummary());
                    throw new CloudException(e2);
                }
                if (logger.isTraceEnabled()) {
                    logger.trace("EXIT: " + IAM.class.getName() + ".getUserPolicy()");
                }
                return null;
            } catch (JSONException e3) {
                logger.error("Failed to parse policy statement: " + e3.getMessage());
                throw new CloudException(e3);
            }
        } catch (Throwable th) {
            if (logger.isTraceEnabled()) {
                logger.trace("EXIT: " + IAM.class.getName() + ".getUserPolicy()");
            }
            throw th;
        }
    }

    public boolean isSubscribed() throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.isSubscribed");
        try {
            EC2ComputeServices m5getComputeServices = this.provider.m5getComputeServices();
            if (m5getComputeServices == null) {
                APITrace.end();
                return false;
            }
            VirtualMachineSupport virtualMachineSupport = m5getComputeServices.getVirtualMachineSupport();
            boolean z = virtualMachineSupport != null && virtualMachineSupport.isSubscribed();
            APITrace.end();
            return z;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudGroup> listGroups(@Nullable String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.listGroups");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_GROUPS, IAMMethod.VERSION);
            if (str != null) {
                standardParameters.put("PathPrefix", str);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudGroup group = toGroup(context, elementsByTagName.item(i));
                    if (group != null) {
                        arrayList.add(group);
                    }
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("groups=" + arrayList);
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudGroup> listGroupsForUser(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.listGroupsForUser");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_GROUPS_FOR_USER, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudGroup group = toGroup(context, elementsByTagName.item(i));
                    if (group != null) {
                        arrayList.add(group);
                    }
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("groups=" + arrayList);
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudPolicy> listPoliciesForGroup(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.listPoliciesForGroup");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_GROUP_POLICIES, IAMMethod.VERSION);
            standardParameters.put("GroupName", group.getName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    Node item = elementsByTagName.item(i);
                    if (item.hasChildNodes()) {
                        String trim = item.getFirstChild().getNodeValue().trim();
                        if (trim.length() > 0) {
                            arrayList.add(trim);
                        }
                    }
                }
                ArrayList arrayList2 = new ArrayList();
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    Collections.addAll(arrayList2, getGroupPolicy(group, (String) it.next()));
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("policies=" + arrayList2);
                }
                APITrace.end();
                return arrayList2;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudPolicy> listPoliciesForUser(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.listPoliciesForUser");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_USER_POLICIES, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    Node item = elementsByTagName.item(i);
                    if (item.hasChildNodes()) {
                        String trim = item.getFirstChild().getNodeValue().trim();
                        if (trim.length() > 0) {
                            arrayList.add(trim);
                        }
                    }
                }
                ArrayList arrayList2 = new ArrayList();
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    Collections.addAll(arrayList2, getUserPolicy(user, (String) it.next()));
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("policies=" + arrayList2);
                }
                APITrace.end();
                return arrayList2;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudUser> listUsersInGroup(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.listUsersInGroup");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.GET_GROUP, IAMMethod.VERSION);
            standardParameters.put("GroupName", group.getName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudUser user = toUser(context, elementsByTagName.item(i));
                    if (user != null) {
                        arrayList.add(user);
                    }
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("users=" + arrayList);
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public Iterable<CloudUser> listUsersInPath(@Nullable String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "listUsersInPath");
        try {
            ProviderContext context = this.provider.getContext();
            if (context == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.LIST_USERS, IAMMethod.VERSION);
            if (str != null) {
                standardParameters.put("PathPrefix", str);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                ArrayList arrayList = new ArrayList();
                NodeList elementsByTagName = iAMMethod.invoke().getElementsByTagName("member");
                for (int i = 0; i < elementsByTagName.getLength(); i++) {
                    CloudUser user = toUser(context, elementsByTagName.item(i));
                    if (user != null) {
                        arrayList.add(user);
                    }
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("users=" + arrayList);
                }
                APITrace.end();
                return arrayList;
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    @Nonnull
    public String[] mapServiceAction(@Nonnull ServiceAction serviceAction) {
        return serviceAction.equals(IdentityAndAccessSupport.ANY) ? new String[]{"iam:*"} : serviceAction.equals(IdentityAndAccessSupport.ADD_GROUP_ACCESS) ? new String[]{"iam:PutGroupPolicy"} : serviceAction.equals(IdentityAndAccessSupport.ADD_USER_ACCESS) ? new String[]{"iam:PutUserPolicy"} : serviceAction.equals(IdentityAndAccessSupport.CREATE_GROUP) ? new String[]{"iam:CreateGroup"} : serviceAction.equals(IdentityAndAccessSupport.CREATE_USER) ? new String[]{"iam:CreateUser"} : serviceAction.equals(IdentityAndAccessSupport.DISABLE_API) ? new String[]{"iam:DeleteAccessKey"} : serviceAction.equals(IdentityAndAccessSupport.DISABLE_CONSOLE) ? new String[]{"iam:DeleteLoginProfile"} : serviceAction.equals(IdentityAndAccessSupport.DROP_FROM_GROUP) ? new String[]{"iam:RemoveUserFromGroup"} : serviceAction.equals(IdentityAndAccessSupport.ENABLE_API) ? new String[]{"iam:CreateAccessKey"} : serviceAction.equals(IdentityAndAccessSupport.ENABLE_CONSOLE) ? new String[]{"iam:CreateLoginProfile"} : serviceAction.equals(IdentityAndAccessSupport.GET_ACCESS_KEY) ? new String[]{"iam:GetAccessKey"} : serviceAction.equals(IdentityAndAccessSupport.GET_GROUP) ? new String[]{"iam:GetGroup"} : serviceAction.equals(IdentityAndAccessSupport.GET_GROUP_POLICY) ? new String[]{"iam:GetGroupPolicy", "iam:ListGroupPolicies"} : serviceAction.equals(IdentityAndAccessSupport.GET_USER) ? new String[]{"iam:GetUser"} : serviceAction.equals(IdentityAndAccessSupport.GET_USER_POLICY) ? new String[]{"iam:GetUserPolicy", "iam:ListUserPolicies"} : serviceAction.equals(IdentityAndAccessSupport.JOIN_GROUP) ? new String[]{"iam:AddUserToGroup"} : serviceAction.equals(IdentityAndAccessSupport.LIST_ACCESS_KEY) ? new String[]{"iam:ListAccessKey"} : serviceAction.equals(IdentityAndAccessSupport.LIST_GROUP) ? new String[]{"iam:ListGroups*"} : serviceAction.equals(IdentityAndAccessSupport.LIST_USER) ? new String[]{"iam:ListUsers"} : serviceAction.equals(IdentityAndAccessSupport.REMOVE_GROUP) ? new String[]{"iam:DeleteGroup"} : serviceAction.equals(IdentityAndAccessSupport.REMOVE_GROUP_ACCESS) ? new String[]{"iam:PutGroupPolicy"} : serviceAction.equals(IdentityAndAccessSupport.REMOVE_USER) ? new String[]{"iam:DeleteUser"} : serviceAction.equals(IdentityAndAccessSupport.REMOVE_USER_ACCESS) ? new String[]{"iam:PutUserPolicy"} : serviceAction.equals(IdentityAndAccessSupport.UPDATE_GROUP) ? new String[]{"iam:UpdateGroup"} : serviceAction.equals(IdentityAndAccessSupport.UPDATE_USER) ? new String[]{"iam:UpdateUser"} : new String[0];
    }

    public void removeAccessKey(@Nonnull String str) throws CloudException, InternalException {
    }

    public void removeAccessKey(@Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeAccessKey");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str2);
            if (user == null) {
                return;
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_ACCESS_KEY, IAMMethod.VERSION);
            standardParameters.put("AccessKeyId", str);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing access key for " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeConsoleAccess(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeConsoleAccess");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_LOGIN_PROFILE, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing console access for " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeGroup(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeGroup");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_GROUP, IAMMethod.VERSION);
            standardParameters.put("GroupName", group.getName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing group " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeGroupPolicy(@Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeGroupPolicy");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_GROUP_POLICY, IAMMethod.VERSION);
            standardParameters.put("GroupName", group.getName());
            standardParameters.put("PolicyName", str2);
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing policy for group " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeUser(@Nonnull String str) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeUser");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_USER, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing user " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeUserPolicy(@Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeUserPolicy");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.DELETE_USER_POLICY, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            standardParameters.put("PolicyName", str2);
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing policy for user " + str);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void removeUserFromGroup(@Nonnull String str, @Nonnull String str2) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.removeUserFromGroup");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            CloudGroup group = getGroup(str2);
            if (group == null) {
                throw new CloudException("No such group: " + str2);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.REMOVE_USER_FROM_GROUP, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            standardParameters.put("GroupName", group.getName());
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Removing user " + str + " from " + str2);
                }
                iAMMethod.invoke();
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public void saveGroup(@Nonnull String str, @Nullable String str2, @Nullable String str3) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.saveGroup");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.UPDATE_GROUP, IAMMethod.VERSION);
            standardParameters.put("GroupName", group.getName());
            if (str2 != null) {
                standardParameters.put("NewGroupName", str);
            }
            if (str3 != null) {
                standardParameters.put("NewPath", str3);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Updating group " + str + " with " + str3 + " - " + str2 + "...");
                }
                if (iAMMethod.invoke().getElementsByTagName("Group").getLength() < 1) {
                    logger.error("No group was updated as a result of the request");
                    throw new CloudException("No group was updated as a result of the request");
                }
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    @Nonnull
    public String[] saveGroupPolicy(@Nonnull String str, @Nonnull String str2, @Nonnull CloudPermission cloudPermission, @Nullable ServiceAction serviceAction, @Nullable String str3) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.saveGroupPolicy");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudGroup group = getGroup(str);
            if (group == null) {
                throw new CloudException("No such group: " + str);
            }
            String[] map = serviceAction == null ? new String[]{"*"} : serviceAction.map(this.provider);
            String[] strArr = new String[map.length];
            int i = 0;
            for (String str4 : map) {
                Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.PUT_GROUP_POLICY, IAMMethod.VERSION);
                String str5 = str2 + "+" + (str4.equals("*") ? "ANY" : str4.replaceAll(":", "_"));
                standardParameters.put("GroupName", group.getName());
                standardParameters.put("PolicyName", str5);
                ArrayList arrayList = new ArrayList();
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                hashMap2.put("Effect", cloudPermission.equals(CloudPermission.ALLOW) ? "Allow" : "Deny");
                hashMap2.put(AWSCloud.P_ACTION, str4);
                hashMap2.put("Resource", str3 == null ? "*" : str3);
                arrayList.add(hashMap2);
                hashMap.put("Statement", arrayList);
                standardParameters.put("PolicyDocument", new JSONObject(hashMap).toString());
                if (logger.isDebugEnabled()) {
                    logger.debug("parameters=" + standardParameters);
                }
                IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
                try {
                    if (logger.isInfoEnabled()) {
                        logger.info("Updating policy for group " + str);
                    }
                    iAMMethod.invoke();
                    int i2 = i;
                    i++;
                    strArr[i2] = str5;
                } catch (EC2Exception e) {
                    logger.error(e.getSummary());
                    throw new CloudException(e);
                }
            }
            APITrace.end();
            return strArr;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    public String[] saveUserPolicy(@Nonnull String str, @Nonnull String str2, @Nonnull CloudPermission cloudPermission, @Nullable ServiceAction serviceAction, @Nullable String str3) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.saveUserPolicy");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for this request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            String[] map = serviceAction == null ? new String[]{"*"} : serviceAction.map(this.provider);
            String[] strArr = new String[map.length];
            int i = 0;
            for (String str4 : map) {
                Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.PUT_USER_POLICY, IAMMethod.VERSION);
                String str5 = str2 + "+" + (str4.equals("*") ? "ANY" : str4.replaceAll(":", "_"));
                standardParameters.put("UserName", user.getUserName());
                standardParameters.put("PolicyName", str5);
                ArrayList arrayList = new ArrayList();
                HashMap hashMap = new HashMap();
                HashMap hashMap2 = new HashMap();
                hashMap2.put("Effect", cloudPermission.equals(CloudPermission.ALLOW) ? "Allow" : "Deny");
                hashMap2.put(AWSCloud.P_ACTION, str4);
                hashMap2.put("Resource", str3 == null ? "*" : str3);
                arrayList.add(hashMap2);
                hashMap.put("Statement", arrayList);
                standardParameters.put("PolicyDocument", new JSONObject(hashMap).toString());
                if (logger.isDebugEnabled()) {
                    logger.debug("parameters=" + standardParameters);
                }
                IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
                try {
                    if (logger.isInfoEnabled()) {
                        logger.info("Updating policy for user " + str);
                    }
                    iAMMethod.invoke();
                    int i2 = i;
                    i++;
                    strArr[i2] = str5;
                } catch (EC2Exception e) {
                    logger.error(e.getSummary());
                    throw new CloudException(e);
                }
            }
            APITrace.end();
            return strArr;
        } catch (Throwable th) {
            APITrace.end();
            throw th;
        }
    }

    public void saveUser(@Nonnull String str, @Nullable String str2, @Nullable String str3) throws CloudException, InternalException {
        APITrace.begin(this.provider, "IAM.saveUser");
        try {
            if (this.provider.getContext() == null) {
                logger.error("No context was established for the request.");
                throw new InternalException("No context was established for this request");
            }
            CloudUser user = getUser(str);
            if (user == null) {
                throw new CloudException("No such user: " + str);
            }
            Map<String, String> standardParameters = this.provider.getStandardParameters(this.provider.getContext(), IAMMethod.UPDATE_USER, IAMMethod.VERSION);
            standardParameters.put("UserName", user.getUserName());
            if (str2 != null) {
                standardParameters.put("NewUserName", str2);
            }
            if (str3 != null) {
                standardParameters.put("NewPath", str3);
            }
            if (logger.isDebugEnabled()) {
                logger.debug("parameters=" + standardParameters);
            }
            IAMMethod iAMMethod = new IAMMethod(this.provider, standardParameters);
            try {
                if (logger.isInfoEnabled()) {
                    logger.info("Updating user " + str + " with " + str3 + " - " + str2 + "...");
                }
                if (iAMMethod.invoke().getElementsByTagName("User").getLength() < 1) {
                    logger.error("No user was updated as a result of the request");
                    throw new CloudException("No user was updated as a result of the request");
                }
            } catch (EC2Exception e) {
                logger.error(e.getSummary());
                throw new CloudException(e);
            }
        } finally {
            APITrace.end();
        }
    }

    public boolean supportsAccessControls() throws CloudException, InternalException {
        return true;
    }

    public boolean supportsConsoleAccess() throws CloudException, InternalException {
        return true;
    }

    public boolean supportsAPIAccess() throws CloudException, InternalException {
        return true;
    }

    @Nullable
    private AccessKey toAccessKey(@Nonnull ProviderContext providerContext, @Nullable Node node) throws CloudException, InternalException {
        if (node == null) {
            return null;
        }
        NodeList childNodes = node.getChildNodes();
        AccessKey accessKey = new AccessKey();
        accessKey.setProviderOwnerId(providerContext.getAccountNumber());
        String str = null;
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String nodeName = item.getNodeName();
            if (nodeName.equalsIgnoreCase("UserName") && item.hasChildNodes()) {
                str = item.getFirstChild().getNodeValue().trim();
            } else if (nodeName.equalsIgnoreCase("AccessKeyId") && item.hasChildNodes()) {
                accessKey.setSharedPart(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equalsIgnoreCase("SecretAccessKey") && item.hasChildNodes()) {
                try {
                    accessKey.setSecretPart(item.getFirstChild().getNodeValue().trim().getBytes("utf-8"));
                } catch (UnsupportedEncodingException e) {
                    throw new InternalException(e);
                }
            } else if (nodeName.equalsIgnoreCase("Status") && (!item.hasChildNodes() || !item.getFirstChild().getNodeValue().trim().equalsIgnoreCase("Active"))) {
                return null;
            }
        }
        if (str != null) {
            CloudUser userByName = getUserByName(str);
            if (userByName == null) {
                logger.warn("Found key " + accessKey.getSharedPart() + " belonging to " + str + ", but no matching user");
                return null;
            }
            String providerUserId = userByName.getProviderUserId();
            if (providerUserId == null) {
                logger.warn("Found key " + accessKey.getSharedPart() + " belonging to " + str + ", but no matching user");
                return null;
            }
            accessKey.setProviderUserId(providerUserId);
        }
        if (accessKey.getSharedPart() == null || accessKey.getSecretPart() == null) {
            return null;
        }
        return accessKey;
    }

    @Nullable
    private CloudGroup toGroup(@Nonnull ProviderContext providerContext, @Nullable Node node) throws CloudException, InternalException {
        if (node == null) {
            return null;
        }
        NodeList childNodes = node.getChildNodes();
        CloudGroup cloudGroup = new CloudGroup();
        cloudGroup.setPath("/");
        cloudGroup.setProviderOwnerId(providerContext.getAccountNumber());
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String nodeName = item.getNodeName();
            if (nodeName.equalsIgnoreCase("Path") && item.hasChildNodes()) {
                cloudGroup.setPath(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equalsIgnoreCase("GroupId") && item.hasChildNodes()) {
                cloudGroup.setProviderGroupId(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equalsIgnoreCase("GroupName") && item.hasChildNodes()) {
                cloudGroup.setName(item.getFirstChild().getNodeValue().trim());
            }
        }
        if (cloudGroup.getName() == null || cloudGroup.getProviderGroupId() == null) {
            return null;
        }
        return cloudGroup;
    }

    @Nullable
    private CloudPolicy[] toPolicy(@Nonnull String str, @Nonnull JSONArray jSONArray) throws JSONException {
        String substring;
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject = jSONArray.getJSONObject(i);
            String string = jSONObject.has("Effect") ? jSONObject.getString("Effect") : null;
            String string2 = jSONObject.has(AWSCloud.P_ACTION) ? jSONObject.getString(AWSCloud.P_ACTION) : null;
            String string3 = jSONObject.has("Resource") ? jSONObject.getString("Resource") : null;
            if (string == null) {
                return null;
            }
            CloudPermission cloudPermission = string.equalsIgnoreCase("allow") ? CloudPermission.ALLOW : CloudPermission.DENY;
            ServiceAction[] serviceActionArr = null;
            String str2 = null;
            if (string2 != null) {
                if (string2.equals("*")) {
                    serviceActionArr = null;
                } else {
                    int indexOf = string2.indexOf(":");
                    if (indexOf < 1) {
                        substring = "ec2";
                        if (indexOf == 0) {
                            string2 = string2.length() > 1 ? string2.substring(1) : "*";
                        }
                    } else if (indexOf == string2.length() - 1) {
                        substring = string2.substring(0, indexOf);
                        string2 = "*";
                    } else {
                        substring = string2.substring(0, indexOf);
                        string2 = string2.substring(indexOf + 1);
                    }
                    if (string2.equals("*")) {
                        string2 = null;
                    }
                    String str3 = substring + ":";
                    serviceActionArr = str3.equals(IAMMethod.IAM_PREFIX) ? string2 == null ? new ServiceAction[]{IdentityAndAccessSupport.ANY} : IAMMethod.asIAMServiceAction(string2) : str3.equals(EC2Method.EC2_PREFIX) ? string2 == null ? new ServiceAction[]{PrepaymentSupport.ANY, VirtualMachineSupport.ANY, MachineImageSupport.ANY, VolumeSupport.ANY, SnapshotSupport.ANY, IpAddressSupport.ANY, FirewallSupport.ANY, ShellKeySupport.ANY} : EC2Method.asEC2ServiceAction(string2) : str3.equals(Route53Method.R53_PREFIX) ? string2 == null ? new ServiceAction[]{DNSSupport.ANY} : Route53Method.asRoute53ServiceAction(string2) : str3.equals(ELBMethod.ELB_PREFIX) ? string2 == null ? new ServiceAction[]{LoadBalancerSupport.ANY} : ELBMethod.asELBServiceAction(string2) : str3.equals(CloudFrontMethod.CF_PREFIX) ? string2 == null ? new ServiceAction[]{CDNSupport.ANY} : CloudFrontMethod.asCloudFrontServiceAction(string2) : str3.equals(EC2Method.AUTOSCALING_PREFIX) ? string2 == null ? new ServiceAction[]{AutoScalingSupport.ANY} : EC2Method.asAutoScalingServiceAction(string2) : str3.equals(EC2Method.RDS_PREFIX) ? string2 == null ? new ServiceAction[]{RelationalDatabaseSupport.ANY} : RDS.asRDSServiceAction(string2) : str3.equals(EC2Method.SDB_PREFIX) ? string2 == null ? new ServiceAction[]{KeyValueDatabaseSupport.ANY} : SimpleDB.asSimpleDBServiceAction(string2) : str3.equals(EC2Method.SNS_PREFIX) ? string2 == null ? new ServiceAction[]{PushNotificationSupport.ANY} : SNS.asSNSServiceAction(string2) : str3.equals(EC2Method.SQS_PREFIX) ? string2 == null ? new ServiceAction[]{MQSupport.ANY} : SQS.asSQSServiceAction(string2) : str3.equals(S3Method.S3_PREFIX) ? string2 == null ? new ServiceAction[]{BlobStoreSupport.ANY} : S3Method.asS3ServiceAction(string2) : new ServiceAction[0];
                }
            }
            if (string3 != null && !string3.equals("*")) {
                str2 = string3;
            }
            if (serviceActionArr == null) {
                return new CloudPolicy[]{CloudPolicy.getInstance(str, str, cloudPermission, (ServiceAction) null, str2)};
            }
            for (ServiceAction serviceAction : serviceActionArr) {
                arrayList.add(CloudPolicy.getInstance(str, str, cloudPermission, serviceAction, str2));
            }
        }
        return (CloudPolicy[]) arrayList.toArray(new CloudPolicy[arrayList.size()]);
    }

    @Nullable
    private CloudUser toUser(@Nonnull ProviderContext providerContext, @Nullable Node node) throws CloudException, InternalException {
        if (node == null) {
            return null;
        }
        NodeList childNodes = node.getChildNodes();
        CloudUser cloudUser = new CloudUser();
        cloudUser.setPath("/");
        cloudUser.setProviderOwnerId(providerContext.getAccountNumber());
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            String nodeName = item.getNodeName();
            if (nodeName.equalsIgnoreCase("Path") && item.hasChildNodes()) {
                cloudUser.setPath(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equalsIgnoreCase("UserId") && item.hasChildNodes()) {
                cloudUser.setProviderUserId(item.getFirstChild().getNodeValue().trim());
            } else if (nodeName.equalsIgnoreCase("UserName") && item.hasChildNodes()) {
                cloudUser.setUserName(item.getFirstChild().getNodeValue().trim());
            }
        }
        if (cloudUser.getUserName() == null || cloudUser.getProviderUserId() == null) {
            return null;
        }
        return cloudUser;
    }

    @Nonnull
    private String validateName(@Nonnull String str) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (Character.isLetterOrDigit(charAt)) {
                sb.append(charAt);
            } else if (charAt == '+' || charAt == '=' || charAt == ',' || charAt == '.' || charAt == '@' || charAt == '_' || charAt == '-') {
                if (i == 0) {
                    sb.append("a");
                }
                sb.append(charAt);
            } else if (charAt == ' ') {
                sb.append("-");
            }
        }
        return sb.length() < 1 ? String.valueOf(System.currentTimeMillis()) : sb.toString();
    }
}
