package ru.org.openam.idm;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.idm.AMIdentityRepository;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdSearchResults;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.IdUtils;
import com.sun.identity.security.AdminTokenAction;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/web-14.8.2.1.jar:ru/org/openam/idm/Group.class */
public class Group extends Identity {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) User.class);
    private static final IdType idType = IdType.GROUP;
    private static final String keyField = "cn";
    public String field;

    public Group(AMIdentity aMIdentity) {
        super(aMIdentity);
        this.field = getKeyField();
    }

    public Group(String str, String str2, String str3) {
        super(str, str2, str3);
        this.field = getKeyField();
    }

    @Override // ru.org.openam.idm.Identity
    public boolean initIdentity(Boolean bool) throws SSOException, IdRepoException, UserNotFoundException {
        boolean z = false;
        if (this.identity != null) {
            return false;
        }
        try {
            this.identity = search();
            if (this.identity != null) {
                return false;
            }
        } catch (MultipleFoundException e) {
            throw e;
        } catch (UserNotFoundException e2) {
            if (!bool.booleanValue()) {
                throw new UserNotFoundException();
            }
            create();
            z = true;
        }
        return z;
    }

    public void create() throws SSOException, IdRepoException {
        CaseInsensitiveHashMap caseInsensitiveHashMap = new CaseInsensitiveHashMap();
        HashSet hashSet = new HashSet();
        if (this.field.equalsIgnoreCase(keyField)) {
            hashSet.add(GetUID());
        } else {
            hashSet.add(this.key);
        }
        caseInsensitiveHashMap.put(this.field, hashSet);
        this.identity = new AMIdentityRepository((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), this.realm).createIdentity(idType, GetUID(), caseInsensitiveHashMap);
        logger.info("create group {}: ({})", toString(), caseInsensitiveHashMap.toString());
    }

    private AMIdentity search() throws SSOException, IdRepoException, UserNotFoundException {
        IdSearchResults search;
        HashMap hashMap = new HashMap();
        if (this.field.equals(getKeyField())) {
            String GetUID = GetUID();
            if (StringUtils.startsWith(GetUID, "id=")) {
                return IdUtils.getIdentity((SSOToken) AccessController.doPrivileged((PrivilegedAction) AdminTokenAction.getInstance()), GetUID);
            }
            search = search(GetUID);
        } else {
            hashMap.put(this.field, this.key);
            search = search(hashMap);
        }
        if (search == null) {
            return null;
        }
        Set searchResults = search.getSearchResults();
        if (searchResults != null && searchResults.size() == 1) {
            return (AMIdentity) searchResults.iterator().next();
        }
        if (searchResults == null || searchResults.size() <= 1) {
            if (logger.isDebugEnabled()) {
                logger.debug("found {} by ({})=({}) in ({})", Integer.valueOf(searchResults.size()), this.field, this.key, this.realm);
            }
            throw new UserNotFoundException();
        }
        if (logger.isDebugEnabled()) {
            logger.debug("found {} ", searchResults);
        }
        throw new MultipleFoundException("Multiple result found " + hashMap.toString(), searchResults);
    }

    public void addUser(User user) throws SSOException, IdRepoException {
        this.identity.addMember(user.identity);
        logger.info("added user {} to {}", user, this);
    }

    public void removeUser(User user) throws SSOException, IdRepoException {
        this.identity.removeMember(user.identity);
        logger.info("removed user {} from {}", user, this);
    }

    public void removeAllUsers() throws SSOException, IdRepoException {
        Set members = this.identity.getMembers(IdType.USER);
        this.identity.removeMembers(members);
        logger.info("removed users {} from {}", members, this);
    }

    public final Set<User> getMembers() throws SSOException, IdRepoException, UserNotFoundException {
        Set members = this.identity.getMembers(IdType.USER);
        HashSet hashSet = new HashSet();
        Iterator it = members.iterator();
        while (it.hasNext()) {
            hashSet.add(new User((AMIdentity) it.next()));
        }
        return hashSet;
    }

    @Override // ru.org.openam.idm.Identity
    protected IdType getIdType() {
        return idType;
    }

    @Override // ru.org.openam.idm.Identity
    protected Logger getLogger() {
        return logger;
    }

    @Override // ru.org.openam.idm.Identity
    protected String getKeyField() {
        return keyField;
    }

    @Override // ru.org.openam.idm.Identity
    protected void makeCN(CaseInsensitiveHashMap caseInsensitiveHashMap) throws SSOException, IdRepoException {
    }

    public String toString() {
        try {
            initIdentity(false);
        } catch (Exception e) {
        }
        Object[] objArr = new Object[1];
        objArr[0] = this.identity != null ? this.identity.getUniversalId() : null;
        return MessageFormat.format("cn=({0})", objArr);
    }
}
