package org.alfresco.utility.data.auth;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.alfresco.utility.TasProperties;
import org.alfresco.utility.exception.TestStepException;
import org.alfresco.utility.model.GroupModel;
import org.alfresco.utility.model.TestGroup;
import org.alfresco.utility.model.UserModel;
import org.alfresco.utility.report.log.Step;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
import org.testng.Assert;

@Scope("prototype")
@Service
/* loaded from: input_file:org/alfresco/utility/data/auth/DataLDAP.class */
public class DataLDAP {

    @Autowired
    private TasProperties tasProperties;
    private DirContext context;

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataLDAP$Builder.class */
    public class Builder implements UserManageable, GroupManageable {
        private String searchBase;

        public Builder() throws NamingException {
            this.searchBase = "";
            Properties properties = new Properties();
            properties.put("java.naming.factory.initial", DataLDAP.this.tasProperties.getAuthContextFactory());
            properties.put("java.naming.provider.url", DataLDAP.this.tasProperties.getLdapURL());
            properties.put("java.naming.security.authentication", DataLDAP.this.tasProperties.getSecurityAuth());
            properties.put("java.naming.security.principal", DataLDAP.this.tasProperties.getLdapSecurityPrincipal());
            properties.put("java.naming.security.credentials", DataLDAP.this.tasProperties.getLdapSecurityCredentials());
            this.searchBase = DataLDAP.this.tasProperties.getLdapSearchBase();
            DataLDAP.this.context = new InitialDirContext(properties);
        }

        public Builder(String str, String str2, String str3, String str4) throws NamingException {
            this.searchBase = "";
            Properties properties = new Properties();
            properties.put("java.naming.factory.initial", DataLDAP.this.tasProperties.getAuthContextFactory());
            properties.put("java.naming.provider.url", str);
            properties.put("java.naming.security.authentication", DataLDAP.this.tasProperties.getSecurityAuth());
            properties.put("java.naming.security.principal", str2);
            properties.put("java.naming.security.credentials", str3);
            this.searchBase = str4;
            DataLDAP.this.context = new InitialDirContext(properties);
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder createUser(UserModel userModel) throws NamingException, UnsupportedEncodingException {
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute("objectClass", ObjectType.user.toString());
            BasicAttribute basicAttribute2 = new BasicAttribute("sn", userModel.getLastName());
            BasicAttribute basicAttribute3 = new BasicAttribute("givenName", userModel.getFirstName());
            BasicAttribute basicAttribute4 = new BasicAttribute("samAccountName", userModel.getUsername());
            BasicAttribute basicAttribute5 = new BasicAttribute("userAccountControl");
            basicAttribute5.add(Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.PASSWD_NOTREQD.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue()));
            basicAttributes.put(basicAttribute);
            basicAttributes.put(basicAttribute2);
            basicAttributes.put(basicAttribute3);
            basicAttributes.put(basicAttribute4);
            basicAttributes.put(basicAttribute5);
            DataLDAP.this.context.createSubcontext(String.format(this.searchBase, userModel.getUsername()), basicAttributes);
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("unicodePwd", String.format("\"%s\"", userModel.getPassword()).getBytes("UTF-16LE"))), new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue())))});
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder deleteUser(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Delete user %s", userModel.getUsername()));
            DataLDAP.this.context.destroySubcontext(String.format(this.searchBase, userModel.getUsername()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder updateUser(UserModel userModel, HashMap<String, String> hashMap) throws NamingException, UnsupportedEncodingException {
            Step.STEP(String.format("[LDAP-AD] Update user %s", userModel.getUsername()));
            ModificationItem[] modificationItemArr = new ModificationItem[hashMap.size()];
            int i = 0;
            for (Map.Entry<String, String> entry : hashMap.entrySet()) {
                BasicAttribute basicAttribute = new BasicAttribute(entry.getKey());
                if (entry.getKey().equals("unicodePwd")) {
                    basicAttribute.add(String.format("\"%s\"", entry.getValue()).getBytes("UTF-16LE"));
                } else {
                    basicAttribute.add(entry.getValue());
                }
                modificationItemArr[i] = new ModificationItem(2, basicAttribute);
                i++;
            }
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, userModel.getUsername()), modificationItemArr);
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public Builder createGroup(GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Create group %s", groupModel.getDisplayName()));
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute("objectClass");
            BasicAttribute basicAttribute2 = new BasicAttribute("samAccountName");
            BasicAttribute basicAttribute3 = new BasicAttribute("name");
            basicAttribute.add(ObjectType.group.toString());
            basicAttribute2.add(groupModel.getDisplayName());
            basicAttribute3.add(groupModel.getDisplayName());
            basicAttributes.put(basicAttribute);
            basicAttributes.put(basicAttribute2);
            basicAttributes.put(basicAttribute3);
            DataLDAP.this.context.createSubcontext(String.format(this.searchBase, groupModel.getDisplayName()), basicAttributes);
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public Builder deleteGroup(GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Delete group %s", groupModel.getDisplayName()));
            DataLDAP.this.context.destroySubcontext(String.format(this.searchBase, groupModel.getDisplayName()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public Builder addUserToGroup(UserModel userModel, GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Add user %s to group %s", userModel.getUsername(), groupModel.getDisplayName()));
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, groupModel.getDisplayName()), new ModificationItem[]{new ModificationItem(1, new BasicAttribute("member", String.format(this.searchBase, userModel.getUsername())))});
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public Builder removeUserFromGroup(UserModel userModel, GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Remove user %s from group %s", userModel.getUsername(), groupModel.getDisplayName()));
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, groupModel.getDisplayName()), new ModificationItem[]{new ModificationItem(3, new BasicAttribute("member", String.format(this.searchBase, userModel.getUsername())))});
            return this;
        }

        public Builder disableUser(UserModel userModel) throws NamingException {
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.ACCOUNTDISABLE.getValue() + UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.PASSWD_NOTREQD.getValue())))});
            return this;
        }

        public Builder enableUser(UserModel userModel) throws NamingException {
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.PASSWD_NOTREQD.getValue())))});
            return this;
        }

        public SearchResult searchForObjectClass(String str, ObjectType objectType) throws NamingException {
            String format = String.format("(objectClass=%s)", objectType.toString());
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            try {
                NamingEnumeration search = DataLDAP.this.context.search(String.format(this.searchBase, str), format, searchControls);
                if (search.hasMoreElements()) {
                    return (SearchResult) search.nextElement();
                }
                return null;
            } catch (NameNotFoundException e) {
                return null;
            }
        }

        public Builder createDisabledUser(UserModel userModel) throws NamingException {
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute("objectClass");
            BasicAttribute basicAttribute2 = new BasicAttribute("sn");
            BasicAttribute basicAttribute3 = new BasicAttribute("samAccountName");
            BasicAttribute basicAttribute4 = new BasicAttribute("userPassword");
            BasicAttribute basicAttribute5 = new BasicAttribute("userAccountControl");
            basicAttribute.add(ObjectType.user.toString());
            basicAttribute2.add(userModel.getLastName());
            basicAttribute3.add(userModel.getUsername());
            basicAttribute4.add(userModel.getPassword());
            basicAttribute5.add(Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.PASSWORD_EXPIRED.getValue() + UserAccountStatus.ACCOUNTDISABLE.getValue()));
            basicAttributes.put(basicAttribute);
            basicAttributes.put(basicAttribute2);
            basicAttributes.put(basicAttribute3);
            basicAttributes.put(basicAttribute5);
            DataLDAP.this.context.createSubcontext(String.format(this.searchBase, userModel.getUsername()), basicAttributes);
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder assertUserExists(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert user %s exists", userModel.getUsername()));
            Assert.assertNotNull(searchForObjectClass(userModel.getUsername(), ObjectType.user));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public UserManageable assertUserDoesNotExist(UserModel userModel) throws NamingException, TestStepException {
            Step.STEP(String.format("[LDAP-AD] Assert user %s does not exist", userModel.getUsername()));
            Assert.assertNull(searchForObjectClass(userModel.getUsername(), ObjectType.user));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public GroupManageable assertGroupExists(GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert group %s exists", groupModel.getDisplayName()));
            Assert.assertNotNull(searchForObjectClass(groupModel.getDisplayName(), ObjectType.group));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public GroupManageable assertGroupDoesNotExist(GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert group %s does not exist", groupModel.getDisplayName()));
            Assert.assertNull(searchForObjectClass(groupModel.getDisplayName(), ObjectType.group));
            return this;
        }

        public Builder assertUserIsDisabled(UserModel userModel, UserAccountControlValue userAccountControlValue) throws NamingException {
            Attributes attributes = DataLDAP.this.context.getAttributes(String.format(this.searchBase, userModel.getUsername()), new String[]{"userAccountControl"});
            Assert.assertTrue(attributes.toString().contains(userAccountControlValue.toString()), String.format("User account control value expected %s but found %s", userAccountControlValue.toString(), attributes.toString()));
            return this;
        }

        public Builder assertUserIsEnabled(UserModel userModel, UserAccountControlValue userAccountControlValue) throws NamingException {
            Attributes attributes = DataLDAP.this.context.getAttributes(String.format(this.searchBase, userModel.getUsername()), new String[]{"userAccountControl"});
            Assert.assertTrue(attributes.toString().contains(userAccountControlValue.toString()), String.format("User account value expected %s but found %s ", userAccountControlValue.toString(), attributes.toString()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public GroupManageable assertUserIsMemberOfGroup(UserModel userModel, GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert user %s is member of group %s", userModel.getUsername(), groupModel.getDisplayName()));
            Assert.assertTrue(DataLDAP.this.context.getAttributes(String.format(this.searchBase, groupModel.getDisplayName()), new String[]{"member"}).toString().contains(String.format(this.searchBase, userModel.getUsername())), String.format("User %s is not member of group %s", userModel.getUsername().toString(), groupModel.getDisplayName().toString()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.GroupManageable
        public GroupManageable assertUserIsNotMemberOfGroup(UserModel userModel, GroupModel groupModel) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert user %s is not member of group %s", userModel.getUsername(), groupModel.getDisplayName()));
            Assert.assertFalse(DataLDAP.this.context.getAttributes(String.format(this.searchBase, groupModel.getDisplayName()), new String[]{"member"}).toString().contains(String.format(this.searchBase, userModel.getUsername())), String.format("User %s is member of group %s", userModel.getUsername().toString(), groupModel.getDisplayName().toString()));
            return this;
        }

        public Builder addBulkUsersInGroups(int i, int i2) throws NamingException, UnsupportedEncodingException {
            Step.STEP(String.format("[LDAP-AD] Add %s groups with %s users in each group", Integer.valueOf(i), Integer.valueOf(i2)));
            HashMap hashMap = new HashMap();
            for (int i3 = 0; i3 < i; i3++) {
                GroupModel randomGroupModel = GroupModel.getRandomGroupModel();
                createGroup(randomGroupModel).assertGroupExists(randomGroupModel);
                ArrayList arrayList = new ArrayList();
                for (int i4 = 0; i4 < i2; i4++) {
                    UserModel randomUserModel = UserModel.getRandomUserModel();
                    randomUserModel.setPassword("Password1234!");
                    createUser(randomUserModel).addUserToGroup(randomUserModel, randomGroupModel);
                    arrayList.add(randomUserModel);
                }
                hashMap.put(randomGroupModel, arrayList);
            }
            return this;
        }

        private SearchResult searchGeneratedData(String str, ObjectType objectType) throws NamingException {
            String format = String.format("(&(objectClass=%s)(%s*))", objectType.toString(), str);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            try {
                NamingEnumeration search = DataLDAP.this.context.search(this.searchBase.replace("CN=%s,", ""), format, searchControls);
                if (search.hasMoreElements()) {
                    return (SearchResult) search.nextElement();
                }
                return null;
            } catch (NameNotFoundException e) {
                return null;
            }
        }

        public Builder deleteBulkUsers() throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Delete all users which start with 'user-'", new Object[0]));
            SearchResult searchGeneratedData = searchGeneratedData("cn=user-", ObjectType.user);
            while (true) {
                SearchResult searchResult = searchGeneratedData;
                if (searchResult == null) {
                    return this;
                }
                DataLDAP.this.context.destroySubcontext(searchResult.getNameInNamespace());
                searchGeneratedData = searchGeneratedData("cn=user-", ObjectType.user);
            }
        }

        public Builder deleteBulkGroups() throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Delete all groups which start with 'group-'", new Object[0]));
            SearchResult searchGeneratedData = searchGeneratedData("cn=group-", ObjectType.group);
            while (true) {
                SearchResult searchResult = searchGeneratedData;
                if (searchResult == null) {
                    return this;
                }
                DataLDAP.this.context.destroySubcontext(searchResult.getNameInNamespace());
                searchGeneratedData = searchGeneratedData("cn=group-", ObjectType.group);
            }
        }

        public Builder addGroupAsMemberOfAnotherGroup(GroupModel groupModel, GroupModel groupModel2) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Add group %s as member of group %s", groupModel.getDisplayName(), groupModel2.getDisplayName()));
            DataLDAP.this.context.modifyAttributes(String.format(this.searchBase, groupModel2.getDisplayName()), new ModificationItem[]{new ModificationItem(1, new BasicAttribute("memberUID", String.format(this.searchBase, groupModel.getDisplayName())))});
            return this;
        }

        public Builder assertGroupIsMemberOfGroup(GroupModel groupModel, GroupModel groupModel2) throws NamingException {
            Step.STEP(String.format("[LDAP-AD] Assert group %s is member of group %s", groupModel.getDisplayName(), groupModel2.getDisplayName()));
            Assert.assertTrue(DataLDAP.this.context.getAttributes(String.format(this.searchBase, groupModel2.getDisplayName()), new String[]{"memberUid"}).toString().contains(String.format(this.searchBase, groupModel.getDisplayName())));
            return this;
        }

        public String getUserId(UserModel userModel) throws NamingException {
            String[] split = this.searchBase.split(",DC=");
            return String.format("%s@%s.%s", userModel.getUsername(), split[1], split[2]);
        }

        public String getUserDCId(UserModel userModel) throws NamingException {
            return String.format(this.searchBase, userModel.getUsername());
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public /* bridge */ /* synthetic */ UserManageable updateUser(UserModel userModel, HashMap hashMap) throws Exception {
            return updateUser(userModel, (HashMap<String, String>) hashMap);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/alfresco/utility/data/auth/DataLDAP$ObjectType.class */
    public enum ObjectType {
        user(TestGroup.USER),
        group("group");

        private final String objectType;

        ObjectType(String str) {
            this.objectType = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.objectType;
        }
    }

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataLDAP$UserAccountControlValue.class */
    public enum UserAccountControlValue {
        enabled("512"),
        disabled("514"),
        enabledPasswordNotRequired("544"),
        disabledPasswordNotRequired("546");

        private final String userAccountControlValue;

        UserAccountControlValue(String str) {
            this.userAccountControlValue = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.userAccountControlValue;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/alfresco/utility/data/auth/DataLDAP$UserAccountStatus.class */
    public enum UserAccountStatus {
        ACCOUNTDISABLE(2),
        NORMAL_ACCOUNT(512),
        PASSWD_NOTREQD(32),
        PASSWORD_EXPIRED(8388608),
        DONT_EXPIRE_PASSWD(65536);

        private final int value;

        UserAccountStatus(int i) {
            this.value = i;
        }

        public int getValue() {
            return this.value;
        }
    }

    public Builder perform() throws NamingException {
        return new Builder();
    }

    public Builder performLdap2() throws NamingException {
        return new Builder(this.tasProperties.getLdap2URL(), this.tasProperties.getLdap2SecurityPrincipal(), this.tasProperties.getLdap2SecurityCredentials(), this.tasProperties.getLdapSearchBase2());
    }
}
