package com.ibm.ws.security.profiletask;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.SystemAttributes;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import java.util.ArrayList;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:com/ibm/ws/security/profiletask/ApplyProfileSecuritySettings.class */
public class ApplyProfileSecuritySettings extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(ApplyProfileSecuritySettings.class, "ApplyProfileSecuritySettings", "com.ibm.ws.security.profiletask");
    String enableAdmin;
    Boolean enableAdminSec;
    String adminUser;
    String adminPwd;
    static final String wimUR = "WIMUserRegistry";

    public ApplyProfileSecuritySettings(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.enableAdmin = null;
        this.enableAdminSec = new Boolean(false);
        this.adminUser = null;
        this.adminPwd = null;
    }

    public ApplyProfileSecuritySettings(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.enableAdmin = null;
        this.enableAdminSec = new Boolean(false);
        this.adminUser = null;
        this.adminPwd = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        ConfigServiceFactory.getConfigService();
        getConfigSession();
        this.enableAdmin = (String) getParameter("enableAdmin");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "enableAdmin = " + this.enableAdmin);
        }
        if (this.enableAdmin.equalsIgnoreCase("true")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "enableAdminSec = true");
            }
            this.enableAdminSec = new Boolean(true);
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "enableAdminSec = false");
            }
            this.enableAdminSec = new Boolean(false);
        }
        if (this.enableAdmin.equalsIgnoreCase("true")) {
            this.adminUser = (String) getParameter("adminUser");
            this.adminPwd = (String) getParameter("adminPwd");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "enableAdmin: " + this.enableAdminSec.toString());
            if (this.adminUser != null && this.adminPwd != null) {
                Tr.debug(tc, "adminUser: " + this.adminUser);
                Tr.debug(tc, "adminPwd: " + this.adminPwd);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AuditConstants.VALIDATE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        Boolean bool = new Boolean(false);
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            ObjectName createObjectName = ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security");
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            ObjectName objectName = configService.resolve(configSession, "Cell=")[0];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "cell = " + objectName.toString());
            }
            ObjectName objectName2 = objectName != null ? configService.queryConfigObjects(configSession, objectName, createObjectName, null)[0] : null;
            AttributeList attributeList = new AttributeList();
            attributeList.add(new Attribute("enabled", this.enableAdminSec));
            configService.setAttributes(configSession, objectName2, attributeList);
            if (this.enableAdminSec.booleanValue()) {
                AttributeList attributeList2 = new AttributeList();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "enableAdminSec = true, setting application security to false");
                }
                attributeList2.add(new Attribute(SecurityConfig.APP_SECURITY_ENABLED, bool));
                ArrayList arrayList = (ArrayList) configService.getAttribute(configSession, objectName2, "userRegistries");
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList3 = (AttributeList) arrayList.get(i);
                    if (ConfigServiceHelper.getAttributeValue(attributeList3, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE).toString().equals("WIMUserRegistry")) {
                        attributeList2.add(new Attribute("activeUserRegistry", configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName(attributeList3), null)[0]));
                    }
                }
                configService.setAttributes(configSession, objectName2, attributeList2);
                ObjectName objectName3 = (ObjectName) configService.getAttribute(configSession, objectName2, "activeUserRegistry");
                AttributeList attributeList4 = new AttributeList();
                attributeList4.add(new Attribute("realm", CommonConstants.DEFAULT_WIM_FILEBASEDREALM));
                configService.setAttributes(configSession, objectName3, attributeList4);
                AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("addAdminIdToUserRegObj");
                createCommand.setConfigSession(configSession);
                createCommand.setParameter("adminUser", this.adminUser);
                createCommand.setParameter(CommonConstants.REGISTRY_TYPE, "WIMUserRegistry");
                createCommand.execute();
                CommandResult commandResult = createCommand.getCommandResult();
                if (!commandResult.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Could not successfully set adminId in user registry object");
                    }
                    taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.profiletask.FailedAddAdminId", null));
                    taskCommandResultImpl.setResult(new Boolean(false));
                    return;
                }
                if (!((Boolean) commandResult.getResult()).booleanValue()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Could not successfully set adminId in user registry object");
                    }
                    taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.profiletask.FailedAddAdminId", null));
                    taskCommandResultImpl.setResult(new Boolean(false));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Successfully set adminId in user registry object");
                }
                AdminCommand createCommand2 = CommandMgr.getCommandMgr().createCommand("setUseRegistryServerId");
                createCommand2.setConfigSession(configSession);
                createCommand2.setParameter("userRegistryType", "WIMUserRegistry");
                createCommand2.setParameter("useRegistryServerId", new Boolean(false));
                createCommand2.execute();
                CommandResult commandResult2 = createCommand2.getCommandResult();
                if (!commandResult2.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Could not successfully set useRegistryServerId to false");
                    }
                    taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.admintask.ExceptionUseRegistryServerId", null));
                    taskCommandResultImpl.setResult(new Boolean(false));
                    return;
                }
                if (!((Boolean) commandResult2.getResult()).booleanValue()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Could not successfully set useRegistryServerId to false");
                    }
                    taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.admintask.ExceptionUseRegistryServerId", null));
                    taskCommandResultImpl.setResult(new Boolean(false));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Successfully set useRegistryServerId to false");
                }
                if (this.adminUser != null && this.adminUser.length() != 0 && this.adminPwd != null && this.adminPwd.length() != 0) {
                    try {
                        AdminCommand createCommand3 = CommandMgr.getCommandMgr().createCommand("addFileRegistryAccount");
                        createCommand3.setConfigSession(configSession);
                        createCommand3.setParameter(CommandConstants.CACLIENT_USERID, this.adminUser);
                        createCommand3.setParameter("password", this.adminPwd);
                        createCommand3.execute();
                        if (!createCommand3.getCommandResult().isSuccessful()) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "user " + this.adminUser + " not added toWIM UR");
                            }
                            taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.profiletask.failAddingAdminToWim", null));
                            taskCommandResultImpl.setResult(new Boolean(false));
                            return;
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "user " + this.adminUser + " added to WIM UR");
                        }
                        taskCommandResultImpl.setResult(new Boolean(true));
                    } catch (Exception e) {
                        taskCommandResultImpl.setResult(new Boolean(false));
                        taskCommandResultImpl.setException(new CommandException(e, getMsg(resBundle, "security.profiletask.failAddingAdminToWim", null)));
                        return;
                    }
                }
            }
            taskCommandResultImpl.setResult(new Boolean(true));
        } catch (Throwable th) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, th.toString());
                Tr.debug(tc, th.getMessage());
            }
            taskCommandResultImpl.addWarnings(getMsg(resBundle, "security.profiletask.failAddingAdminToWim", null));
            taskCommandResultImpl.setResult(new Boolean(false));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "afterStepsExecuted");
        }
    }
}
