package com.ibm.ws.sdo.config.repository.impl;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.ProviderFailureException;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.auth.CredentialDestroyedException;
import com.ibm.websphere.security.auth.WSSubject;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.profile.WSProfileConstants;
import com.ibm.ws.security.audit.utils.DataHelper;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.role.RoleBasedAppException;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.sib.utils.ras.SibTr;
import com.ibm.wsspi.runtime.service.WsServiceRegistry;
import com.ibm.wsspi.sdo.config.repository.RepositoryException;
import com.ibm.wsspi.security.audit.AuditOutcome;
import com.ibm.wsspi.security.audit.AuditService;
import com.ibm.wsspi.security.audit.ContextHandler;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import javax.ejb.CreateException;
import javax.ejb.DuplicateKeyException;
import javax.ejb.EJBException;
import javax.ejb.FinderException;
import javax.ejb.NoSuchObjectLocalException;
import javax.ejb.ObjectNotFoundException;
import javax.ejb.RemoveException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NameNotFoundException;
import javax.naming.NamingException;
import javax.security.auth.login.CredentialExpiredException;

/* loaded from: input_file:lib/com.ibm.ws.sib.server.jar:com/ibm/ws/sdo/config/repository/impl/RepositoryBean.class */
public class RepositoryBean implements SessionBean {
    private static final long serialVersionUID = 8457736769452479948L;
    private static final TraceComponent tc = SibTr.register(RepositoryBean.class, "SIBSdoRepository", "com.ibm.wsspi.sdo.config.CWSJOMessages");
    private static final String REPOSITORY_JNDI_NAME = "java:comp/env/ejb/ByteStore";
    private static final String ENV_VAR_PREFIX = "java:comp/env/";
    private static final String MAX_NAME_SIZE_JNDI_NAME = "java:comp/env/maxNameSize";
    private static final String MAX_VALUE_SIZE_JNDI_NAME = "java:comp/env/maxValueSize";
    private static final boolean READ_ACCESS = true;
    private static final boolean WRITE_ACCESS = false;
    private SessionContext mySessionCtx;
    private int _maxNameLength = -1;
    private int _maxValueLength = -1;
    private transient ByteStoreLocalHome _byteStoreHome = null;

    public SessionContext getSessionContext() {
        return this.mySessionCtx;
    }

    public void setSessionContext(SessionContext sessionContext) {
        this.mySessionCtx = sessionContext;
    }

    public void ejbCreate() throws CreateException {
    }

    public void ejbActivate() {
    }

    public void ejbPassivate() {
    }

    public void ejbRemove() {
    }

    public void register(String str, byte[] bArr, boolean z) throws CheckedNullPointerException, RepositoryException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "register", new Object[]{str, bArr, Boolean.valueOf(z)});
        }
        checkAccess(false);
        nullCheck(str);
        boolean z2 = false;
        if (bArr == null) {
            throw new CheckedNullPointerException(RepositoryException.NLSKEY_CANNOT_REGISTER_NULL_VALUE);
        }
        if (bArr.length == 0) {
            throw new CheckedNullPointerException(RepositoryException.NLSKEY_CANNOT_REGISTER_EMPTY_VALUE);
        }
        if (z) {
            z2 = removeByteStoreEntry(str);
        }
        createByteStoreEntry(str, bArr);
        if (z2) {
            auditEvent("Change", str, "insertResource");
        } else {
            auditEvent("Insert", str, "insertResource");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "register");
        }
    }

    public void registerWithOptimisticUpdate(String str, byte[] bArr, byte[] bArr2) throws CheckedNullPointerException, RepositoryException {
        checkAccess(false);
        if (!Arrays.equals(getBytes(str, true), bArr2)) {
            throw new RepositoryException(RepositoryException.NLSKEY_OPTIMISTIC_UPDATE_FAILED, new Object[]{str});
        }
        if (bArr == null || bArr.length == 0) {
            unregister(str);
        } else {
            register(str, bArr, true);
        }
    }

    protected Context getInitialContext() throws NamingException {
        return new InitialContext();
    }

    private ByteStoreLocalHome getByteStoreHome() {
        if (this._byteStoreHome == null) {
            try {
                this._byteStoreHome = (ByteStoreLocalHome) getInitialContext().lookup(REPOSITORY_JNDI_NAME);
            } catch (NamingException e) {
                FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getByteStoreHome", "154", (Object) this);
                throw new RepositoryRuntimeException((Throwable) e);
            }
        }
        return this._byteStoreHome;
    }

    public byte[] getBytes(String str) throws CheckedNullPointerException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "getBytes", str);
        }
        checkAccess(true);
        byte[] bytes = getBytes(str, false);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "getBytes", bytes);
        }
        return bytes;
    }

    public byte[] getBytes(String str, boolean z) throws CheckedNullPointerException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "getBytes", str);
        }
        nullCheck(str);
        if (str.length() > getMaxNameLength()) {
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            SibTr.exit(tc, "getBytes", (Object) null);
            return null;
        }
        byte[] bArr = null;
        try {
            ByteStoreLocalHome byteStoreHome = getByteStoreHome();
            bArr = (z ? byteStoreHome.findByPrimaryKeyForUpdate(str) : byteStoreHome.findByPrimaryKey(str)).getBytes();
        } catch (ObjectNotFoundException e) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(tc, "byteStoreHome.findByPrimaryKey did not find a result for name: " + str);
            }
        } catch (FinderException e2) {
            FFDCFilter.processException((Throwable) e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getBytes", "179", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e2);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "getBytes", bArr);
        }
        return bArr;
    }

    private void createByteStoreEntry(String str, byte[] bArr) throws RepositoryException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "createByteStoreEntry", new Object[]{str, bArr});
        }
        int maxNameLength = getMaxNameLength();
        int maxValueLength = getMaxValueLength();
        if (str.length() > maxNameLength) {
            throw new RepositoryException(RepositoryException.NLSKEY_NAME_TOO_LONG_CWSJO0045, new Object[]{Integer.valueOf(maxNameLength), str});
        }
        if (bArr.length > maxValueLength) {
            throw new RepositoryException(RepositoryException.NLSKEY_VALUE_TOO_LONG_CWSJO0046, new Object[]{Integer.valueOf(maxNameLength), Integer.valueOf(bArr.length)});
        }
        try {
            ByteStoreLocal create = getByteStoreHome().create(str);
            create.setBytes(bArr);
            create.setTimestamp(System.currentTimeMillis());
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                SibTr.exit(tc, "createByteStoreEntry");
            }
        } catch (DuplicateKeyException e) {
            FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.createByteStoreEntry", "210", (Object) this);
            throw new RepositoryException(RepositoryException.NLSKEY_NAME_ALREADY_USED, new Object[]{str});
        } catch (CreateException e2) {
            FFDCFilter.processException((Throwable) e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.createByteStoreEntry", "215", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e2);
        }
    }

    public void unregister(String str) throws CheckedNullPointerException, RepositoryException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, WSProfileConstants.S_UNREGISTER_PROFILE_ARG, str);
        }
        checkAccess(false);
        nullCheck(str);
        if (removeByteStoreEntry(str)) {
            auditEvent("Delete", str, "deleteResource");
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, WSProfileConstants.S_UNREGISTER_PROFILE_ARG);
        }
    }

    private boolean removeByteStoreEntry(String str) throws RepositoryException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "removeByteStoreEntry", str);
        }
        boolean z = false;
        int maxNameLength = getMaxNameLength();
        if (str.length() > maxNameLength) {
            throw new RepositoryException(RepositoryException.NLSKEY_NAME_TOO_LONG_CWSJO0045, new Object[]{Integer.valueOf(maxNameLength), str});
        }
        try {
            ByteStoreLocalHome byteStoreHome = getByteStoreHome();
            byteStoreHome.findByPrimaryKeyForUpdate(str);
            byteStoreHome.remove(str);
            z = true;
        } catch (RemoveException e) {
            FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.removeByteStoreEntry", "258", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e);
        } catch (NoSuchObjectLocalException e2) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(tc, "byteStoreHome.remove did not find a result to remove for name: " + str);
            }
        } catch (ObjectNotFoundException e3) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(tc, "byteStoreHome.remove did not find a result to remove for name: " + str);
            }
        } catch (EJBException e4) {
            FFDCFilter.processException((Throwable) e4, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.removeByteStoreEntry", "253", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e4);
        } catch (FinderException e5) {
            FFDCFilter.processException((Throwable) e5, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.removeByteStoreEntry", "255", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e5);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.exit(tc, "removeByteStoreEntry", Boolean.valueOf(z));
        }
        return z;
    }

    private void nullCheck(String str) throws CheckedNullPointerException {
        if (str == null) {
            throw new CheckedNullPointerException(RepositoryException.NLSKEY_NULL_NAME);
        }
    }

    public ArrayList getAllNames() {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "getAllNames");
        }
        checkAccess(true);
        try {
            ArrayList arrayList = new ArrayList(getByteStoreHome().getAllKeys());
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                SibTr.exit(tc, "getAllNames", arrayList);
            }
            return arrayList;
        } catch (FinderException e) {
            FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getAllNames", "299", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e);
        }
    }

    public Long getTimestamp(String str) throws CheckedNullPointerException {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, "getTimestamp", str);
        }
        checkAccess(true);
        nullCheck(str);
        if (str.length() > getEnvironmentVariable_Integer(MAX_NAME_SIZE_JNDI_NAME)) {
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isEntryEnabled()) {
                return null;
            }
            SibTr.exit(tc, "getTimestamp", (Object) null);
            return null;
        }
        try {
            Long valueOf = Long.valueOf(getByteStoreHome().findByPrimaryKey(str).getTimestamp());
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                SibTr.exit(tc, "getTimestamp", valueOf);
            }
            return valueOf;
        } catch (ObjectNotFoundException e) {
            FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getTimestamp", "320", (Object) this);
            return null;
        } catch (FinderException e2) {
            FFDCFilter.processException((Throwable) e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getTimestamp", "326", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e2);
        }
    }

    private void checkAccess(boolean z) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
            SibTr.entry(tc, AuditConstants.CHECK_ACCESS, z ? Boolean.TRUE : Boolean.FALSE);
        }
        try {
            SecurityService securityService = (SecurityService) WsServiceRegistry.getService(this, SecurityService.class);
            if (securityService.isSecurityEnabled()) {
                try {
                    try {
                        if (!securityService.getConfigurator().getRoleBasedAuthorizer(Constants.ADMIN_APP, "domain").isGrantedRole(z ? new String[]{"monitor", Constants.CONFIG_ROLE, "operator", Constants.ADMIN_ROLE} : new String[]{Constants.CONFIG_ROLE, "operator", Constants.ADMIN_ROLE}, WSSubject.getCallerSubject())) {
                            throw new EJBException();
                        }
                    } catch (WSSecurityException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.checkAccess", "570", this);
                        throw new EJBException(e);
                    }
                } catch (RoleBasedAppException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.checkAccess", "490", this);
                    throw new EJBException(e2);
                }
            }
            if (TraceComponent.isAnyTracingEnabled() && tc.isEntryEnabled()) {
                SibTr.exit(tc, AuditConstants.CHECK_ACCESS);
            }
        } catch (Exception e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.checkAccess", "487", this);
            throw new EJBException(e3);
        }
    }

    private int getEnvironmentVariable_Integer(String str) {
        try {
            return ((Integer) getInitialContext().lookup(str)).intValue();
        } catch (NameNotFoundException e) {
            FFDCFilter.processException((Throwable) e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getEnvironmentVariable_Integer", "394", (Object) this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(tc, "getEnvironmentVariable_Integer did not find a result for name: " + str);
            }
            throw new RepositoryRuntimeException((Throwable) e);
        } catch (ClassCastException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getEnvironmentVariable_Integer", "406", this);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                SibTr.debug(tc, "getEnvironmentVariable_Integer found a non-Integer result for name: " + str);
            }
            throw new RepositoryRuntimeException(e2);
        } catch (NamingException e3) {
            FFDCFilter.processException((Throwable) e3, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.getEnvironmentVariable_Integer", "400", (Object) this);
            throw new RepositoryRuntimeException((Throwable) e3);
        }
    }

    private int getMaxNameLength() {
        if (this._maxNameLength == -1) {
            this._maxNameLength = getEnvironmentVariable_Integer(MAX_NAME_SIZE_JNDI_NAME);
        }
        return this._maxNameLength;
    }

    private int getMaxValueLength() {
        if (this._maxValueLength == -1) {
            this._maxValueLength = getEnvironmentVariable_Integer(MAX_VALUE_SIZE_JNDI_NAME);
        }
        return this._maxValueLength;
    }

    private void auditEvent(String str, String str2, String str3) {
        AuditService auditService = ContextManagerFactory.getInstance().getAuditService();
        ContextHandler contextHandler = null;
        String str4 = null;
        if (auditService != null) {
            contextHandler = auditService.getContextHandler();
        }
        if (contextHandler != null) {
            try {
                if (WSSubject.getCallerSubject() != null) {
                    str4 = SubjectHelper.getWSCredentialFromSubject(WSSubject.getCallerSubject()).getUniqueSecurityName();
                }
                contextHandler.buildContextObject("MGMT_CONTEXT", DataHelper.buildMgmtData(str, str3, null));
                contextHandler.buildContextObject("SESSION_CONTEXT", DataHelper.buildSessionData(null, null, null, null));
                contextHandler.buildContextObject("EVENT_CONTEXT", DataHelper.buildEventData(null, null, new Date(), 0L));
                contextHandler.buildContextObject("ACCESS_CONTEXT", DataHelper.buildAccessData("SDO Repository", str, str4, null, null, str2, "SDO Repository", 0L, null, null, null, null));
                contextHandler.buildContextObject("PROPAGATION_CONTEXT", DataHelper.buildPropagationData(null, null));
                contextHandler.buildContextObject("PROCESS_CONTEXT", DataHelper.buildProcessData(null, ContextManagerFactory.getInstance().getAdminRealm()));
                contextHandler.buildContextObject("REGISTRY_CONTEXT", DataHelper.buildRegistryData(DataHelper.convertRegistryInfoType(null)));
                try {
                    auditService.sendEvent("SECURITY_MGMT_CONFIG", DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, 0, 0, "SUCCESS", 6L));
                } catch (ProviderFailureException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.auditEvent", "705", this);
                    auditService.processAuditFailure("security.audit.service.sendevent.error", e);
                }
            } catch (CredentialExpiredException e2) {
                FFDCFilter.processException((Throwable) e2, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.auditEvent", "643", (Object) this);
                throw new RepositoryRuntimeException((Throwable) e2);
            } catch (CredentialDestroyedException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.auditEvent", "648", this);
                throw new RepositoryRuntimeException(e3);
            } catch (WSSecurityException e4) {
                FFDCFilter.processException(e4, "com.ibm.ws.sdo.config.repository.impl.RepositoryBean.auditEvent", "653", this);
                throw new RepositoryRuntimeException(e4);
            }
        }
    }
}
