package org.apache.jetspeed.serializer;

import java.security.Principal;
import java.sql.Date;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.jetspeed.security.Credential;
import org.apache.jetspeed.security.CredentialPasswordEncoder;
import org.apache.jetspeed.security.GroupManager;
import org.apache.jetspeed.security.JetspeedPermission;
import org.apache.jetspeed.security.JetspeedPrincipal;
import org.apache.jetspeed.security.JetspeedPrincipalAssociationType;
import org.apache.jetspeed.security.JetspeedPrincipalManager;
import org.apache.jetspeed.security.JetspeedPrincipalManagerProvider;
import org.apache.jetspeed.security.JetspeedPrincipalType;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.PermissionManager;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.SecurityAttributes;
import org.apache.jetspeed.security.SecurityDomain;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.impl.SecurityDomainImpl;
import org.apache.jetspeed.security.spi.SecurityDomainAccessManager;
import org.apache.jetspeed.security.spi.SecurityDomainStorageManager;
import org.apache.jetspeed.security.spi.impl.SynchronizationStateAccess;
import org.apache.jetspeed.serializer.objects.JSGroup;
import org.apache.jetspeed.serializer.objects.JSNVPElement;
import org.apache.jetspeed.serializer.objects.JSPermission;
import org.apache.jetspeed.serializer.objects.JSPrincipal;
import org.apache.jetspeed.serializer.objects.JSPrincipalAssociation;
import org.apache.jetspeed.serializer.objects.JSRole;
import org.apache.jetspeed.serializer.objects.JSSecurityAttributes;
import org.apache.jetspeed.serializer.objects.JSSecurityDomain;
import org.apache.jetspeed.serializer.objects.JSSnapshot;
import org.apache.jetspeed.serializer.objects.JSUser;
import org.apache.jetspeed.serializer.objects.JSUserAttributes;
import org.apache.jetspeed.serializer.objects.JSUserGroups;
import org.apache.jetspeed.serializer.objects.JSUserRoles;
import org.apache.jetspeed.serializer.objects.JSUserUsers;
import org.eclipse.jdt.internal.compiler.impl.CompilerOptions;
import org.slf4j.Logger;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.2.2.jar:org/apache/jetspeed/serializer/JetspeedSecuritySerializer.class */
public class JetspeedSecuritySerializer extends AbstractJetspeedComponentSerializer {
    private static String ENCODING_STRING = "JETSPEED-SERIALIZER-ENCODING";
    private static String JETSPEED = "JETSPEED";
    private static final String USER_INFO_SUBSITE = "subsite";
    protected SecurityDomainStorageManager domainStorageManager;
    protected SecurityDomainAccessManager domainAccessManager;
    protected JetspeedPrincipalManagerProvider principalManagerProvider;
    protected GroupManager groupManager;
    protected RoleManager roleManager;
    protected UserManager userManager;
    protected CredentialPasswordEncoder cpe;
    protected PermissionManager pm;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.2.2.jar:org/apache/jetspeed/serializer/JetspeedSecuritySerializer$ExportRefs.class */
    public static class ExportRefs {
        private HashMap<String, HashMap<String, JSPrincipal>> principalMapByType;

        private ExportRefs() {
            this.principalMapByType = new HashMap<>();
        }

        public HashMap<String, JSPrincipal> getPrincipalMap(String str) {
            HashMap<String, JSPrincipal> hashMap = this.principalMapByType.get(str);
            if (hashMap == null) {
                hashMap = new HashMap<>();
                this.principalMapByType.put(str, hashMap);
            }
            return hashMap;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.2.2.jar:org/apache/jetspeed/serializer/JetspeedSecuritySerializer$ImportRefs.class */
    public static class ImportRefs {
        private HashMap<String, HashMap<String, Principal>> principalMapByType;

        private ImportRefs() {
            this.principalMapByType = new HashMap<>();
        }

        public HashMap<String, Principal> getPrincipalMap(String str) {
            HashMap<String, Principal> hashMap = this.principalMapByType.get(str);
            if (hashMap == null) {
                hashMap = new HashMap<>();
                this.principalMapByType.put(str, hashMap);
            }
            return hashMap;
        }
    }

    public JetspeedSecuritySerializer(JetspeedPrincipalManagerProvider jetspeedPrincipalManagerProvider, GroupManager groupManager, RoleManager roleManager, UserManager userManager, CredentialPasswordEncoder credentialPasswordEncoder, PermissionManager permissionManager, SecurityDomainStorageManager securityDomainStorageManager, SecurityDomainAccessManager securityDomainAccessManager) {
        this.principalManagerProvider = jetspeedPrincipalManagerProvider;
        this.groupManager = groupManager;
        this.roleManager = roleManager;
        this.userManager = userManager;
        this.cpe = credentialPasswordEncoder;
        this.pm = permissionManager;
        this.domainAccessManager = securityDomainAccessManager;
        this.domainStorageManager = securityDomainStorageManager;
    }

    @Override // org.apache.jetspeed.serializer.AbstractJetspeedComponentSerializer
    protected void processExport(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, JetspeedSerializer.KEY_PROCESS_USERS)) {
            try {
                logger.info("collecting principals and principal associations");
                ExportRefs exportRefs = new ExportRefs();
                exportJetspeedPrincipals(exportRefs, jSSnapshot, map, logger);
                exportJetspeedPrincipalAssociations(exportRefs, jSSnapshot, map, logger);
                if (isSettingSet(map, JetspeedSerializer.KEY_PROCESS_PERMISSIONS)) {
                    logger.info("collecting permissions");
                    exportPermissions(exportRefs, jSSnapshot, map, logger);
                }
            } catch (SecurityException e) {
                throw new SerializerException(e);
            }
        }
    }

    @Override // org.apache.jetspeed.serializer.AbstractJetspeedComponentSerializer
    protected void processImport(JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, JetspeedSerializer.KEY_PROCESS_USERS)) {
            logger.info("creating principals and permissions");
            try {
                SynchronizationStateAccess.setSynchronizing(Boolean.TRUE);
                ImportRefs importRefs = new ImportRefs();
                recreateSecurityDomains(importRefs, jSSnapshot, map, logger);
                recreateJetspeedPrincipals(importRefs, jSSnapshot, map, logger);
                recreateJetspeedPrincipalAssociations(importRefs, jSSnapshot, map, logger);
                if (isSettingSet(map, JetspeedSerializer.KEY_PROCESS_PERMISSIONS)) {
                    logger.info("creating permissions");
                    recreatePermissions(importRefs, jSSnapshot, map, logger);
                }
                SynchronizationStateAccess.setSynchronizing(Boolean.FALSE);
            } catch (Throwable th) {
                SynchronizationStateAccess.setSynchronizing(Boolean.FALSE);
                throw th;
            }
        }
    }

    @Override // org.apache.jetspeed.serializer.AbstractJetspeedComponentSerializer
    protected void deleteData(Map map, Logger logger) throws SerializerException {
        if (isSettingSet(map, JetspeedSerializer.KEY_PROCESS_USERS)) {
            logger.info("deleting users/roles/groups and permissions");
            try {
                try {
                    SynchronizationStateAccess.setSynchronizing(Boolean.TRUE);
                    Iterator<JetspeedPermission> it = this.pm.getPermissions().iterator();
                    while (it.hasNext()) {
                        this.pm.removePermission(it.next());
                    }
                    String anonymousUser = this.userManager.getAnonymousUser();
                    for (JetspeedPrincipalType jetspeedPrincipalType : this.principalManagerProvider.getPrincipalTypeMap().values()) {
                        boolean equals = "user".equals(jetspeedPrincipalType.getName());
                        JetspeedPrincipalManager manager = this.principalManagerProvider.getManager(jetspeedPrincipalType);
                        for (JetspeedPrincipal jetspeedPrincipal : manager.getPrincipals("")) {
                            if (!equals || !anonymousUser.equals(jetspeedPrincipal.getName())) {
                                manager.removePrincipal(jetspeedPrincipal);
                            }
                        }
                    }
                    SynchronizationStateAccess.setSynchronizing(Boolean.FALSE);
                } catch (Exception e) {
                    throw new SerializerException(e);
                }
            } catch (Throwable th) {
                SynchronizationStateAccess.setSynchronizing(Boolean.FALSE);
                throw th;
            }
        }
    }

    protected SecurityDomain checkDomainExistsOtherwiseCreate(String str) throws SecurityException {
        SecurityDomain domainByName = this.domainAccessManager.getDomainByName(str);
        if (domainByName == null) {
            SecurityDomainImpl securityDomainImpl = new SecurityDomainImpl();
            securityDomainImpl.setName(str);
            securityDomainImpl.setEnabled(true);
            securityDomainImpl.setRemote(false);
            this.domainStorageManager.addDomain(securityDomainImpl);
            domainByName = this.domainAccessManager.getDomainByName(str);
        }
        return domainByName;
    }

    private void recreateSecurityDomains(ImportRefs importRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        logger.debug("recreateSecurityDomains");
        try {
            Long domainId = checkDomainExistsOtherwiseCreate(SecurityDomain.DEFAULT_NAME).getDomainId();
            Long domainId2 = checkDomainExistsOtherwiseCreate(SecurityDomain.SYSTEM_NAME).getDomainId();
            if (jSSnapshot.getSecurityDomains() == null || jSSnapshot.getSecurityDomains().size() <= 0) {
                return;
            }
            ArrayList arrayList = new ArrayList(jSSnapshot.getSecurityDomains());
            Collections.sort(arrayList, new Comparator<JSSecurityDomain>() { // from class: org.apache.jetspeed.serializer.JetspeedSecuritySerializer.1
                @Override // java.util.Comparator
                public int compare(JSSecurityDomain jSSecurityDomain, JSSecurityDomain jSSecurityDomain2) {
                    boolean z = jSSecurityDomain.getOwnerDomain() != null;
                    if (z == (jSSecurityDomain2.getOwnerDomain() != null)) {
                        return 0;
                    }
                    return z ? 1 : -1;
                }
            });
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                JSSecurityDomain jSSecurityDomain = (JSSecurityDomain) it.next();
                if (jSSecurityDomain.getName().equals(SecurityDomain.SYSTEM_NAME) || jSSecurityDomain.getName().equals(SecurityDomain.DEFAULT_NAME)) {
                    return;
                }
                if (jSSecurityDomain.getName().length() == 0) {
                    throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"SecurityDomain", "Name of Security Domain must not be empty!"}));
                }
                Long l = null;
                if (jSSecurityDomain.getOwnerDomain() != null) {
                    if (jSSecurityDomain.getOwnerDomain().equals(SecurityDomain.SYSTEM_NAME)) {
                        l = domainId;
                    } else if (jSSecurityDomain.getOwnerDomain().equals(SecurityDomain.SYSTEM_NAME)) {
                        l = domainId2;
                    } else {
                        SecurityDomain domainByName = this.domainAccessManager.getDomainByName(jSSecurityDomain.getOwnerDomain());
                        if (domainByName == null) {
                            throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"SecurityDomain", "Could not find owner domain with name " + jSSecurityDomain.getOwnerDomain() + "for domain with name " + jSSecurityDomain.getName()}));
                        }
                        l = domainByName.getDomainId();
                    }
                } else if (jSSecurityDomain.isRemote()) {
                    l = domainId;
                }
                SecurityDomainImpl securityDomainImpl = new SecurityDomainImpl();
                securityDomainImpl.setName(jSSecurityDomain.getName());
                securityDomainImpl.setOwnerDomainId(l);
                securityDomainImpl.setRemote(jSSecurityDomain.isRemote());
                securityDomainImpl.setEnabled(jSSecurityDomain.isEnabled());
                try {
                    this.domainStorageManager.addDomain(securityDomainImpl);
                } catch (Exception e) {
                    throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"SecurityDomain", e.getMessage()}), e);
                }
            }
        } catch (Exception e2) {
            throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"SecurityDomains", "Could not create default and / or system domains!\n" + e2.getMessage()}), e2);
        }
    }

    private void recreateJetspeedPrincipals(ImportRefs importRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        logger.debug("recreateJetspeedPrincipals");
        logger.debug("processing old groups");
        Iterator<JSGroup> it = jSSnapshot.getOldGroups().iterator();
        while (it.hasNext()) {
            String name = it.next().getName();
            try {
                if (!this.groupManager.groupExists(name)) {
                    this.groupManager.addGroup(name);
                }
                importRefs.getPrincipalMap("group").put(name, this.groupManager.getGroup(name));
            } catch (Exception e) {
                throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"Group", e.getMessage()}), e);
            }
        }
        logger.debug("recreateOldGroups - done");
        logger.debug("processing old roles");
        Iterator<JSRole> it2 = jSSnapshot.getOldRoles().iterator();
        while (it2.hasNext()) {
            String name2 = it2.next().getName();
            try {
                if (!this.roleManager.roleExists(name2)) {
                    this.roleManager.addRole(name2);
                }
                importRefs.getPrincipalMap("role").put(name2, this.roleManager.getRole(name2));
            } catch (Exception e2) {
                throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"Role", e2.getMessage()}));
            }
        }
        logger.debug("recreateOldRoles - done");
        int compareCurrentSecurityProvider = compareCurrentSecurityProvider(jSSnapshot);
        logger.debug("processing old users");
        Iterator<JSUser> it3 = jSSnapshot.getOldUsers().iterator();
        while (it3.hasNext()) {
            JSUser next = it3.next();
            try {
                User user = this.userManager.userExists(next.getName()) ? this.userManager.getUser(next.getName()) : null;
                if (isSettingSet(map, JetspeedSerializer.KEY_OVERWRITE_EXISTING) || user == null) {
                    boolean z = next.getPwData() != null;
                    if (user == null) {
                        logger.debug("add User " + next.getName());
                        user = this.userManager.addUser(next.getName());
                        if (z) {
                            String pwDataValue = next.getPwDataValue("password");
                            String recreatePassword = recreatePassword(pwDataValue != null ? pwDataValue.toCharArray() : null);
                            if (recreatePassword != null && recreatePassword.length() > 0) {
                                PasswordCredential passwordCredential = this.userManager.getPasswordCredential(user);
                                passwordCredential.setPassword(recreatePassword, compareCurrentSecurityProvider == 1);
                                logger.debug("storing password for User " + next.getName());
                                this.userManager.storePasswordCredential(passwordCredential);
                            }
                        }
                        logger.debug("add User done ");
                    }
                    if (z) {
                        try {
                            PasswordCredential passwordCredential2 = this.userManager.getPasswordCredential(user);
                            passwordCredential2.setEnabled(next.getPwDataValueAsBoolean(CompilerOptions.ENABLED));
                            passwordCredential2.setUpdateRequired(next.getPwDataValueAsBoolean("requiresUpdate"));
                            Date pwExpirationDate = next.getPwExpirationDate();
                            if (pwExpirationDate != null) {
                                passwordCredential2.setExpirationDate(pwExpirationDate);
                            }
                            this.userManager.storePasswordCredential(passwordCredential2);
                        } catch (Exception e3) {
                            logger.error("setting userinfo for " + next.getName() + " failed because of " + e3.getLocalizedMessage());
                        }
                    }
                    Subject subject = this.userManager.getSubject(user);
                    List<Credential> privateCredentials = next.getPrivateCredentials();
                    if (privateCredentials != null && privateCredentials.size() > 0) {
                        Iterator<Credential> it4 = privateCredentials.iterator();
                        while (it4.hasNext()) {
                            subject.getPrivateCredentials().add(it4.next());
                        }
                    }
                    List<Credential> publicCredentials = next.getPublicCredentials();
                    if (publicCredentials != null && publicCredentials.size() > 0) {
                        Iterator<Credential> it5 = publicCredentials.iterator();
                        while (it5.hasNext()) {
                            subject.getPublicCredentials().add(it5.next());
                        }
                    }
                    JSUserGroups groupString = next.getGroupString();
                    List<String> tokens = groupString != null ? getTokens(groupString.toString()) : null;
                    if (tokens != null && tokens.size() > 0) {
                        Iterator<String> it6 = tokens.iterator();
                        while (it6.hasNext()) {
                            this.groupManager.addUserToGroup(next.getName(), it6.next());
                        }
                    }
                    JSUserRoles roleString = next.getRoleString();
                    List<String> tokens2 = roleString != null ? getTokens(roleString.toString()) : null;
                    if (tokens2 != null && tokens2.size() > 0) {
                        Iterator<String> it7 = tokens2.iterator();
                        while (it7.hasNext()) {
                            this.roleManager.addRoleToUser(next.getName(), it7.next());
                        }
                    }
                    JSUserAttributes userInfo = next.getUserInfo();
                    if (userInfo != null) {
                        SecurityAttributes securityAttributes = user.getSecurityAttributes();
                        for (JSNVPElement jSNVPElement : userInfo.getValues()) {
                            String key = jSNVPElement.getKey();
                            String str = key;
                            if (key.equals(USER_INFO_SUBSITE)) {
                                str = User.JETSPEED_USER_SUBSITE_ATTRIBUTE;
                            }
                            securityAttributes.getAttribute(str, true).setStringValue(jSNVPElement.getValue());
                        }
                    }
                    JSSecurityAttributes securityAttributes2 = next.getSecurityAttributes();
                    if (securityAttributes2 != null && securityAttributes2.getValues() != null) {
                        SecurityAttributes securityAttributes3 = user.getSecurityAttributes();
                        for (JSNVPElement jSNVPElement2 : securityAttributes2.getValues()) {
                            securityAttributes3.getAttribute(jSNVPElement2.getKey(), true).setStringValue(jSNVPElement2.getValue());
                        }
                    }
                    importRefs.getPrincipalMap("user").put(next.getName(), user);
                    this.userManager.updateUser(user);
                }
            } catch (Exception e4) {
                e4.printStackTrace();
                throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"User", e4.getMessage()}));
            }
        }
        logger.debug("recreateOldUsers - done");
        logger.debug("processing jetspeed principals");
        Iterator<JSPrincipal> it8 = jSSnapshot.getPrincipals().iterator();
        while (it8.hasNext()) {
            JSPrincipal next2 = it8.next();
            String type = next2.getType();
            if ("user".equals(type)) {
                recreateUserPrincipal(importRefs, jSSnapshot, map, logger, next2, compareCurrentSecurityProvider);
            } else {
                String name3 = next2.getName();
                try {
                    JetspeedPrincipalManager manager = this.principalManagerProvider.getManager(this.principalManagerProvider.getPrincipalType(type));
                    if (!manager.principalExists(name3)) {
                        JetspeedPrincipal newPrincipal = manager.newPrincipal(name3, next2.isMapped());
                        JSSecurityAttributes securityAttributes4 = next2.getSecurityAttributes();
                        if (securityAttributes4 != null) {
                            for (JSNVPElement jSNVPElement3 : securityAttributes4.getValues()) {
                                newPrincipal.getSecurityAttributes().getAttribute(jSNVPElement3.getKey(), true).setStringValue(jSNVPElement3.getValue());
                            }
                        }
                        manager.addPrincipal(newPrincipal, null);
                    }
                    importRefs.getPrincipalMap(type).put(name3, manager.getPrincipal(name3));
                } catch (Exception e5) {
                    e5.printStackTrace();
                    throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{type, e5.getMessage()}), e5);
                }
            }
        }
        logger.debug("recreate jetspeed principals - done");
    }

    private void recreateUserPrincipal(ImportRefs importRefs, JSSnapshot jSSnapshot, Map map, Logger logger, JSPrincipal jSPrincipal, int i) throws SerializerException {
        try {
            User user = this.userManager.userExists(jSPrincipal.getName()) ? this.userManager.getUser(jSPrincipal.getName()) : null;
            if (isSettingSet(map, JetspeedSerializer.KEY_OVERWRITE_EXISTING) || user == null) {
                boolean z = jSPrincipal.getPwData() != null;
                if (user == null) {
                    logger.debug("add User " + jSPrincipal.getName());
                    user = this.userManager.addUser(jSPrincipal.getName(), jSPrincipal.isMapped());
                    if (z) {
                        String pwDataValue = jSPrincipal.getPwDataValue("password");
                        String recreatePassword = recreatePassword(pwDataValue != null ? pwDataValue.toCharArray() : null);
                        if (recreatePassword != null && recreatePassword.length() > 0) {
                            PasswordCredential passwordCredential = this.userManager.getPasswordCredential(user);
                            passwordCredential.setPassword(recreatePassword, i == 1);
                            logger.debug("storing password for " + jSPrincipal.getName());
                            this.userManager.storePasswordCredential(passwordCredential);
                        }
                    }
                    logger.debug("add User done ");
                }
                if (z) {
                    try {
                        PasswordCredential passwordCredential2 = this.userManager.getPasswordCredential(user);
                        passwordCredential2.setEnabled(jSPrincipal.getPwDataValueAsBoolean(CompilerOptions.ENABLED));
                        passwordCredential2.setUpdateRequired(jSPrincipal.getPwDataValueAsBoolean("requiresUpdate"));
                        Date pwDataValueAsDate = jSPrincipal.getPwDataValueAsDate("expirationDate");
                        if (pwDataValueAsDate != null) {
                            passwordCredential2.setExpirationDate(pwDataValueAsDate);
                        }
                        this.userManager.storePasswordCredential(passwordCredential2);
                    } catch (Exception e) {
                        logger.error("setting userinfo for " + jSPrincipal.getName() + " failed because of " + e.getLocalizedMessage());
                    }
                }
                Subject subject = this.userManager.getSubject(user);
                List<Credential> privateCredentials = jSPrincipal.getPrivateCredentials();
                if (privateCredentials != null && privateCredentials.size() > 0) {
                    Iterator<Credential> it = privateCredentials.iterator();
                    while (it.hasNext()) {
                        subject.getPrivateCredentials().add(it.next());
                    }
                }
                List<Credential> publicCredentials = jSPrincipal.getPublicCredentials();
                if (publicCredentials != null && publicCredentials.size() > 0) {
                    Iterator<Credential> it2 = publicCredentials.iterator();
                    while (it2.hasNext()) {
                        subject.getPublicCredentials().add(it2.next());
                    }
                }
                JSSecurityAttributes securityAttributes = jSPrincipal.getSecurityAttributes();
                if (securityAttributes != null) {
                    for (JSNVPElement jSNVPElement : securityAttributes.getValues()) {
                        user.getSecurityAttributes().getAttribute(jSNVPElement.getKey(), true).setStringValue(jSNVPElement.getValue());
                    }
                }
                importRefs.getPrincipalMap("user").put(jSPrincipal.getName(), user);
                this.userManager.updateUser(user);
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"User", e2.getMessage()}));
        }
    }

    private void recreateJetspeedPrincipalAssociations(ImportRefs importRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        logger.debug("recreateJetspeedPrincipalAssociations");
        Map<String, JetspeedPrincipalType> principalTypeMap = this.principalManagerProvider.getPrincipalTypeMap();
        try {
            Iterator<JSPrincipalAssociation> it = jSSnapshot.getPrincipalAssociations().iterator();
            while (it.hasNext()) {
                JSPrincipalAssociation next = it.next();
                JetspeedPrincipalManager manager = this.principalManagerProvider.getManager(principalTypeMap.get(next.getToType()));
                manager.addAssociation(this.principalManagerProvider.getManager(principalTypeMap.get(next.getFromType())).getPrincipal(next.getFromName()), manager.getPrincipal(next.getToName()), next.getName());
            }
            logger.debug("recreateJetspeedPrincipalAssociations - done");
        } catch (Exception e) {
            e.printStackTrace();
            throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create((Object[]) new String[]{"User", e.getMessage()}));
        }
    }

    private void recreatePermissions(ImportRefs importRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException {
        logger.debug("recreatePermissions - started");
        try {
            Iterator<JSPermission> it = jSSnapshot.getPermissions().iterator();
            while (it.hasNext()) {
                JSPermission next = it.next();
                JetspeedPermission newPermission = next.getType().equals(JSPermission.TYPE_PORTAL) ? this.pm.newPermission("portlet", next.getResource(), next.getActions()) : this.pm.newPermission(next.getType(), next.getResource(), next.getActions());
                if (newPermission != null && !this.pm.permissionExists(newPermission)) {
                    try {
                        this.pm.addPermission(newPermission);
                        List<String> list = null;
                        JSUserGroups groupString = next.getGroupString();
                        if (groupString != null) {
                            list = getTokens(groupString.toString());
                        }
                        if (list != null && list.size() > 0) {
                            Iterator<String> it2 = list.iterator();
                            while (it2.hasNext()) {
                                JetspeedPrincipal jetspeedPrincipal = (JetspeedPrincipal) importRefs.getPrincipalMap("group").get(it2.next());
                                if (jetspeedPrincipal != null) {
                                    this.pm.grantPermission(newPermission, jetspeedPrincipal);
                                }
                            }
                        }
                        JSUserRoles roleString = next.getRoleString();
                        List<String> tokens = roleString != null ? getTokens(roleString.toString()) : null;
                        if (tokens != null && tokens.size() > 0) {
                            Iterator<String> it3 = tokens.iterator();
                            while (it3.hasNext()) {
                                JetspeedPrincipal jetspeedPrincipal2 = (JetspeedPrincipal) importRefs.getPrincipalMap("role").get(it3.next());
                                if (jetspeedPrincipal2 != null) {
                                    this.pm.grantPermission(newPermission, jetspeedPrincipal2);
                                }
                            }
                        }
                        JSUserUsers userString = next.getUserString();
                        List<String> tokens2 = userString != null ? getTokens(userString.toString()) : null;
                        if (tokens2 != null && tokens2.size() > 0) {
                            Iterator<String> it4 = tokens2.iterator();
                            while (it4.hasNext()) {
                                JetspeedPrincipal jetspeedPrincipal3 = (JetspeedPrincipal) importRefs.getPrincipalMap("user").get(it4.next());
                                if (jetspeedPrincipal3 != null) {
                                    this.pm.grantPermission(newPermission, jetspeedPrincipal3);
                                }
                            }
                        }
                    } catch (Exception e) {
                        throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create((Object[]) new String[]{"Permissions", e.getMessage()}));
                    }
                }
            }
            logger.debug("recreatePermissions - done");
        } catch (Exception e2) {
            throw new SerializerException(SerializerException.GET_EXISTING_OBJECTS.create((Object[]) new String[]{"Permissions", e2.getMessage()}));
        }
    }

    protected int compareCurrentSecurityProvider(JSSnapshot jSSnapshot) {
        String encryption = jSSnapshot.getEncryption();
        return (encryption == null || encryption.length() == 0 || !encryption.equals(getEncryptionString())) ? 0 : 1;
    }

    private String getEncryptionString() {
        if (this.cpe == null) {
            System.err.println("Error!!! CredentialPasswordEncoder not available");
            return ENCODING_STRING;
        }
        try {
            return this.cpe.encode(JETSPEED, ENCODING_STRING);
        } catch (SecurityException e) {
            e.printStackTrace();
            return ENCODING_STRING;
        }
    }

    protected String recreatePassword(char[] cArr) {
        if (cArr == null) {
            return null;
        }
        return new String(cArr);
    }

    private void exportJetspeedPrincipals(ExportRefs exportRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException, SecurityException {
        jSSnapshot.setEncryption(getEncryptionString());
        Iterator<Map.Entry<String, JetspeedPrincipalType>> it = this.principalManagerProvider.getPrincipalTypeMap().entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            Iterator<? extends JetspeedPrincipal> it2 = this.principalManagerProvider.getManager(this.principalManagerProvider.getPrincipalType(key)).getPrincipals("").iterator();
            while (it2.hasNext()) {
                try {
                    JSPrincipal createJSPrincipal = createJSPrincipal(it2.next());
                    exportRefs.getPrincipalMap(key).put(createJSPrincipal.getName(), createJSPrincipal);
                    jSSnapshot.getPrincipals().add(createJSPrincipal);
                } catch (Exception e) {
                    throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create((Object[]) new String[]{key, e.getMessage()}));
                }
            }
        }
    }

    private void exportJetspeedPrincipalAssociations(ExportRefs exportRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SecurityException, SerializerException {
        Map<String, JetspeedPrincipalType> principalTypeMap = this.principalManagerProvider.getPrincipalTypeMap();
        HashMap hashMap = new HashMap(principalTypeMap);
        Iterator<String> it = principalTypeMap.keySet().iterator();
        while (it.hasNext()) {
            JetspeedPrincipalManager manager = this.principalManagerProvider.getManager(this.principalManagerProvider.getPrincipalType(it.next()));
            for (JetspeedPrincipal jetspeedPrincipal : manager.getPrincipals("")) {
                HashSet hashSet = new HashSet();
                Iterator<JetspeedPrincipalAssociationType> it2 = manager.getAssociationTypes().iterator();
                while (it2.hasNext()) {
                    String associationName = it2.next().getAssociationName();
                    if (hashSet.add(associationName)) {
                        Iterator it3 = hashMap.keySet().iterator();
                        while (it3.hasNext()) {
                            Iterator<? extends JetspeedPrincipal> it4 = this.principalManagerProvider.getManager(this.principalManagerProvider.getPrincipalType((String) it3.next())).getAssociatedFrom(jetspeedPrincipal.getName(), jetspeedPrincipal.getType(), associationName).iterator();
                            while (it4.hasNext()) {
                                jSSnapshot.addPrincipalAssociation(createJSPrincipalAssociation(associationName, jetspeedPrincipal, it4.next()));
                            }
                        }
                    }
                }
            }
        }
    }

    private JSPrincipalAssociation createJSPrincipalAssociation(String str, JetspeedPrincipal jetspeedPrincipal, JetspeedPrincipal jetspeedPrincipal2) {
        JSPrincipalAssociation jSPrincipalAssociation = new JSPrincipalAssociation();
        jSPrincipalAssociation.setName(str);
        jSPrincipalAssociation.setFromType(jetspeedPrincipal.getType().getName());
        jSPrincipalAssociation.setFromName(jetspeedPrincipal.getName());
        jSPrincipalAssociation.setToType(jetspeedPrincipal2.getType().getName());
        jSPrincipalAssociation.setToName(jetspeedPrincipal2.getName());
        return jSPrincipalAssociation;
    }

    private void exportPermissions(ExportRefs exportRefs, JSSnapshot jSSnapshot, Map map, Logger logger) throws SerializerException, SecurityException {
        for (JetspeedPermission jetspeedPermission : this.pm.getPermissions()) {
            try {
                JSPermission jSPermission = new JSPermission();
                jSPermission.setResource(jetspeedPermission.getName());
                jSPermission.setActions(jetspeedPermission.getActions());
                jSPermission.setType(jetspeedPermission.getType());
                for (JetspeedPrincipal jetspeedPrincipal : this.pm.getPrincipals(jetspeedPermission)) {
                    String name = jetspeedPrincipal.getType().getName();
                    JSPrincipal jSPrincipal = exportRefs.getPrincipalMap(name).get(jetspeedPrincipal.getName());
                    if (jSPrincipal != null) {
                        if ("role".equals(name)) {
                            jSPermission.addRole(jSPrincipal);
                        } else if ("group".equals(name)) {
                            jSPermission.addGroup(jSPrincipal);
                        } else if ("user".equals(name)) {
                            jSPermission.addUser(jSPrincipal);
                        }
                    }
                }
                jSSnapshot.getPermissions().add(jSPermission);
            } catch (Exception e) {
                throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create((Object[]) new String[]{"Permissions", e.getMessage()}));
            }
        }
    }

    private void addJSPrincipalCredentials(boolean z, JSPrincipal jSPrincipal, Credential credential) {
        if (credential == null) {
            return;
        }
        if (credential instanceof PasswordCredential) {
            PasswordCredential passwordCredential = (PasswordCredential) credential;
            jSPrincipal.setCredential(passwordCredential.getUserName(), passwordCredential.getPassword() != null ? passwordCredential.getPassword().toCharArray() : null, passwordCredential.getExpirationDate(), passwordCredential.isEnabled(), passwordCredential.isExpired(), passwordCredential.isUpdateRequired());
        } else if (z) {
            jSPrincipal.addPublicCredential(credential);
        } else {
            jSPrincipal.addPrivateCredential(credential);
        }
    }

    private JSPrincipal createJSPrincipal(JetspeedPrincipal jetspeedPrincipal) throws SecurityException {
        JSPrincipal jSPrincipal = new JSPrincipal();
        jSPrincipal.setPrincipal(jetspeedPrincipal);
        jSPrincipal.setType(jetspeedPrincipal.getType().getName());
        jSPrincipal.setName(jetspeedPrincipal.getName());
        jSPrincipal.setMapped(jetspeedPrincipal.isMapped());
        jSPrincipal.setEnabled(jetspeedPrincipal.isEnabled());
        jSPrincipal.setReadonly(jetspeedPrincipal.isReadOnly());
        jSPrincipal.setRemovable(jetspeedPrincipal.isRemovable());
        jSPrincipal.setExtendable(jetspeedPrincipal.isExtendable());
        if ("user".equals(jetspeedPrincipal.getType().getName())) {
            PasswordCredential passwordCredential = this.userManager.getPasswordCredential((User) jetspeedPrincipal);
            Subject subject = this.userManager.getSubject((User) jetspeedPrincipal);
            if (passwordCredential != null) {
                addJSPrincipalCredentials(true, jSPrincipal, passwordCredential);
            }
            Iterator<Object> it = subject.getPublicCredentials().iterator();
            while (it.hasNext()) {
                addJSPrincipalCredentials(true, jSPrincipal, (Credential) it.next());
            }
            Iterator<Object> it2 = subject.getPrivateCredentials().iterator();
            while (it2.hasNext()) {
                addJSPrincipalCredentials(false, jSPrincipal, (Credential) it2.next());
            }
        }
        jSPrincipal.setSecurityAttributes(jetspeedPrincipal.getSecurityAttributes().getAttributeMap());
        return jSPrincipal;
    }
}
