package com.atlassian.crowd.service.soap;

import com.atlassian.crowd.integration.SearchContext;
import com.atlassian.crowd.integration.authentication.ApplicationAuthenticationContext;
import com.atlassian.crowd.integration.authentication.AuthenticatedToken;
import com.atlassian.crowd.integration.authentication.PasswordCredential;
import com.atlassian.crowd.integration.authentication.UserAuthenticationContext;
import com.atlassian.crowd.integration.authentication.ValidationFactor;
import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException;
import com.atlassian.crowd.integration.exception.ApplicationPermissionException;
import com.atlassian.crowd.integration.exception.BulkAddFailedException;
import com.atlassian.crowd.integration.exception.DirectoryAccessException;
import com.atlassian.crowd.integration.exception.ExpiredCredentialException;
import com.atlassian.crowd.integration.exception.InactiveAccountException;
import com.atlassian.crowd.integration.exception.InvalidAuthenticationException;
import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException;
import com.atlassian.crowd.integration.exception.InvalidCredentialException;
import com.atlassian.crowd.integration.exception.InvalidEmailAddressException;
import com.atlassian.crowd.integration.exception.InvalidGroupException;
import com.atlassian.crowd.integration.exception.InvalidRoleException;
import com.atlassian.crowd.integration.exception.InvalidTokenException;
import com.atlassian.crowd.integration.exception.InvalidUserException;
import com.atlassian.crowd.integration.exception.MembershipNotFoundException;
import com.atlassian.crowd.integration.exception.ObjectNotFoundException;
import com.atlassian.crowd.integration.model.group.Group;
import com.atlassian.crowd.integration.model.group.GroupTemplate;
import com.atlassian.crowd.integration.model.group.GroupType;
import com.atlassian.crowd.integration.model.group.GroupWithAttributes;
import com.atlassian.crowd.integration.model.user.User;
import com.atlassian.crowd.integration.model.user.UserTemplate;
import com.atlassian.crowd.integration.model.user.UserTemplateWithCredentialAndAttributes;
import com.atlassian.crowd.integration.service.soap.ObjectTranslator;
import com.atlassian.crowd.integration.service.soap.server.SecurityServer;
import com.atlassian.crowd.integration.soap.SOAPAttribute;
import com.atlassian.crowd.integration.soap.SOAPCookieInfo;
import com.atlassian.crowd.integration.soap.SOAPGroup;
import com.atlassian.crowd.integration.soap.SOAPNestableGroup;
import com.atlassian.crowd.integration.soap.SOAPPrincipal;
import com.atlassian.crowd.integration.soap.SOAPPrincipalWithCredential;
import com.atlassian.crowd.integration.soap.SOAPRole;
import com.atlassian.crowd.integration.soap.SearchRestriction;
import com.atlassian.crowd.manager.application.AliasManager;
import com.atlassian.crowd.manager.application.ApplicationManager;
import com.atlassian.crowd.manager.application.ApplicationService;
import com.atlassian.crowd.manager.directory.DirectoryManager;
import com.atlassian.crowd.manager.property.PropertyManager;
import com.atlassian.crowd.manager.property.PropertyManagerException;
import com.atlassian.crowd.model.application.Application;
import com.atlassian.crowd.model.application.DirectoryMapping;
import com.atlassian.crowd.model.application.GroupMapping;
import com.atlassian.crowd.model.token.Token;
import com.atlassian.crowd.search.EntityDescriptor;
import com.atlassian.crowd.search.builder.Combine;
import com.atlassian.crowd.search.builder.QueryBuilder;
import com.atlassian.crowd.search.builder.Restriction;
import com.atlassian.crowd.search.query.entity.EntityQuery;
import com.atlassian.crowd.search.query.entity.GroupQuery;
import com.atlassian.crowd.search.query.entity.UserQuery;
import com.atlassian.crowd.search.query.entity.restriction.MultiTermRestriction;
import com.atlassian.crowd.search.query.entity.restriction.NullRestriction;
import com.atlassian.crowd.search.query.entity.restriction.TermRestriction;
import com.atlassian.crowd.search.query.entity.restriction.constants.AliasTermKeys;
import com.atlassian.crowd.search.query.entity.restriction.constants.GroupTermKeys;
import com.atlassian.crowd.search.query.entity.restriction.constants.UserTermKeys;
import com.google.common.collect.Sets;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.SortedSet;
import java.util.TreeSet;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/atlassian/crowd/service/soap/SecurityServerGeneric.class */
public class SecurityServerGeneric implements SecurityServer {
    private static final Logger logger = Logger.getLogger(SecurityServerGeneric.class);
    private final SOAPService soapService;
    private final ApplicationManager applicationManager;
    private final ApplicationService applicationService;
    private final AliasManager aliasManager;
    private final DirectoryManager directoryManager;
    private final PropertyManager propertyManager;

    /* renamed from: com.atlassian.crowd.service.soap.SecurityServerGeneric$1, reason: invalid class name */
    /* loaded from: input_file:com/atlassian/crowd/service/soap/SecurityServerGeneric$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$atlassian$crowd$integration$SearchContext$PopulateMemberships = new int[SearchContext.PopulateMemberships.values().length];

        static {
            try {
                $SwitchMap$com$atlassian$crowd$integration$SearchContext$PopulateMemberships[SearchContext.PopulateMemberships.NONE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$atlassian$crowd$integration$SearchContext$PopulateMemberships[SearchContext.PopulateMemberships.DIRECT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public SecurityServerGeneric(SOAPService sOAPService, ApplicationManager applicationManager, ApplicationService applicationService, AliasManager aliasManager, DirectoryManager directoryManager, PropertyManager propertyManager) {
        this.soapService = sOAPService;
        this.applicationManager = applicationManager;
        this.applicationService = applicationService;
        this.aliasManager = aliasManager;
        this.directoryManager = directoryManager;
        this.propertyManager = propertyManager;
    }

    public String createPrincipalToken(AuthenticatedToken authenticatedToken, String str, ValidationFactor[] validationFactorArr) throws InvalidAuthorizationTokenException, InactiveAccountException, RemoteException, InvalidAuthenticationException, ApplicationAccessDeniedException {
        try {
            Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
            UserAuthenticationContext userAuthenticationContext = new UserAuthenticationContext();
            userAuthenticationContext.setApplication(authenticatedToken.getName());
            userAuthenticationContext.setCredential(new PasswordCredential((String) null));
            userAuthenticationContext.setValidationFactors(validationFactorArr);
            userAuthenticationContext.setName(this.aliasManager.findUsernameByAlias(validateSOAPService, str));
            return this.applicationService.authenticateUserWithoutValidatingPassword(userAuthenticationContext).getRandomHash();
        } catch (com.atlassian.crowd.manager.application.ApplicationAccessDeniedException e) {
            throw new ApplicationAccessDeniedException(e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public String authenticatePrincipalSimple(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException, InactiveAccountException, ApplicationAccessDeniedException, ExpiredCredentialException {
        try {
            Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
            UserAuthenticationContext userAuthenticationContext = new UserAuthenticationContext();
            userAuthenticationContext.setApplication(authenticatedToken.getName());
            userAuthenticationContext.setCredential(new PasswordCredential(str2));
            userAuthenticationContext.setValidationFactors(new ValidationFactor[0]);
            userAuthenticationContext.setName(this.aliasManager.findUsernameByAlias(validateSOAPService, str));
            return this.applicationService.authenticateUser(userAuthenticationContext).getRandomHash();
        } catch (com.atlassian.crowd.manager.application.ApplicationAccessDeniedException e) {
            throw new ApplicationAccessDeniedException(e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public AuthenticatedToken authenticateApplication(ApplicationAuthenticationContext applicationAuthenticationContext) throws RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException {
        applicationAuthenticationContext.setValidationFactors(this.soapService.getApplicationClientValidationFactors(applicationAuthenticationContext.getName()));
        Token authenticateApplication = this.applicationService.authenticateApplication(applicationAuthenticationContext);
        AuthenticatedToken authenticatedToken = new AuthenticatedToken(authenticateApplication.getName(), authenticateApplication.getRandomHash());
        this.soapService.validateSOAPService(authenticatedToken);
        return authenticatedToken;
    }

    public String authenticatePrincipal(AuthenticatedToken authenticatedToken, UserAuthenticationContext userAuthenticationContext) throws RemoteException, InvalidAuthenticationException, InactiveAccountException, InvalidAuthorizationTokenException, ApplicationAccessDeniedException, ExpiredCredentialException {
        try {
            userAuthenticationContext.setName(this.aliasManager.findUsernameByAlias(this.soapService.validateSOAPService(authenticatedToken), userAuthenticationContext.getName()));
            return this.applicationService.authenticateUser(userAuthenticationContext).getRandomHash();
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        } catch (com.atlassian.crowd.manager.application.ApplicationAccessDeniedException e2) {
            throw new ApplicationAccessDeniedException(e2);
        }
    }

    public boolean isValidPrincipalToken(AuthenticatedToken authenticatedToken, String str, ValidationFactor[] validationFactorArr) throws RemoteException, InvalidAuthorizationTokenException, ApplicationAccessDeniedException {
        try {
            this.applicationService.validateUserToken(str, validationFactorArr, this.soapService.validateSOAPService(authenticatedToken).getName());
            return true;
        } catch (InvalidTokenException e) {
            return false;
        } catch (com.atlassian.crowd.manager.application.ApplicationAccessDeniedException e2) {
            throw new ApplicationAccessDeniedException(e2);
        } catch (DirectoryAccessException e3) {
            logger.info(e3.getMessage(), e3);
            throw new RemoteException(e3.getMessage(), e3);
        }
    }

    public void invalidatePrincipalToken(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException {
        this.soapService.validateSOAPService(authenticatedToken);
        this.directoryManager.invalidateToken(str);
    }

    public SOAPGroup[] searchGroups(AuthenticatedToken authenticatedToken, SearchRestriction[] searchRestrictionArr) throws RemoteException, InvalidAuthorizationTokenException {
        List<String> searchNestedGroupRelationships;
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        SearchContext.PopulateMemberships populateMemberships = SearchContext.PopulateMemberships.ALL;
        String str = null;
        String str2 = null;
        Boolean bool = null;
        if (searchRestrictionArr != null) {
            for (SearchRestriction searchRestriction : searchRestrictionArr) {
                if (StringUtils.isNotBlank(searchRestriction.getName()) && StringUtils.isNotBlank(searchRestriction.getValue())) {
                    if (searchRestriction.getName().equals("group.populate.direct.sub.groups") || searchRestriction.getName().equals("group.populate.memberships") || searchRestriction.getName().equals("role.populate.memberships")) {
                        populateMemberships = SearchContext.PopulateMemberships.parseString(searchRestriction.getValue());
                    } else if (searchRestriction.getName().equals("group.name")) {
                        str = searchRestriction.getValue().toLowerCase();
                    } else if (searchRestriction.getName().equals("group.active")) {
                        bool = Boolean.valueOf(searchRestriction.getValue().toLowerCase());
                    } else if (searchRestriction.getName().equals("group.principal.member")) {
                        str2 = searchRestriction.getValue();
                    }
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        if (str2 != null) {
            try {
                Iterator it = this.applicationService.searchNestedGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group()).membershipsOf(EntityDescriptor.user()).withName(str2).startingAt(0).returningAtMost(-1)).iterator();
                while (it.hasNext()) {
                    arrayList.add(new SOAPGroup(((Group) it.next()).getName(), new String[0]));
                }
            } catch (DirectoryAccessException e) {
                throw new RemoteException(e.getMessage(), e);
            }
        } else {
            ArrayList arrayList2 = new ArrayList();
            if (str != null) {
                arrayList2.add(Restriction.on(GroupTermKeys.NAME).containing(str));
            }
            if (bool != null) {
                arrayList2.add(Restriction.on(GroupTermKeys.ACTIVE).exactlyMatching(bool));
            }
            try {
                List<Group> searchGroups = this.applicationService.searchGroups(validateSOAPService, arrayList2.isEmpty() ? new GroupQuery(GroupType.GROUP, new NullRestriction(), 0, -1) : new GroupQuery(new MultiTermRestriction(MultiTermRestriction.BooleanLogic.AND, (com.atlassian.crowd.search.query.entity.restriction.SearchRestriction[]) arrayList2.toArray(new TermRestriction[arrayList2.size()])), 0, -1));
                boolean isAliasingEnabled = validateSOAPService.isAliasingEnabled();
                for (Group group : searchGroups) {
                    switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$integration$SearchContext$PopulateMemberships[populateMemberships.ordinal()]) {
                        case 1:
                            searchNestedGroupRelationships = Collections.emptyList();
                            break;
                        case 2:
                            try {
                                searchNestedGroupRelationships = this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(group.getName()).returningAtMost(-1).asNames());
                                break;
                            } catch (DirectoryAccessException e2) {
                                logger.info(e2.getMessage(), e2);
                                throw new RemoteException(e2.getMessage(), e2);
                            }
                        default:
                            try {
                                searchNestedGroupRelationships = this.applicationService.searchNestedGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(group.getName()).returningAtMost(-1).asNames());
                                break;
                            } catch (DirectoryAccessException e3) {
                                logger.info(e3.getMessage(), e3);
                                throw new RemoteException(e3.getMessage(), e3);
                            }
                    }
                    if (!searchNestedGroupRelationships.isEmpty() && isAliasingEnabled) {
                        searchNestedGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchNestedGroupRelationships);
                    }
                    arrayList.add(new SOAPGroup(group.getName(), (String[]) searchNestedGroupRelationships.toArray(new String[searchNestedGroupRelationships.size()])));
                }
            } catch (DirectoryAccessException e4) {
                logger.info(e4.getMessage(), e4);
                throw new RemoteException(e4.getMessage(), e4);
            }
        }
        return ObjectTranslator.processSOAPGroupAndMemberNames((SOAPGroup[]) arrayList.toArray(new SOAPGroup[arrayList.size()]), validateSOAPService.isLowerCaseOutput());
    }

    private List<String> getAliasedNamesForUsers(Application application, List<String> list) {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(this.aliasManager.findAliasByUsername(application, it.next()));
        }
        return arrayList;
    }

    public SOAPPrincipal[] searchPrincipals(AuthenticatedToken authenticatedToken, SearchRestriction[] searchRestrictionArr) throws RemoteException, InvalidAuthorizationTokenException {
        List<User> searchUsers;
        List<User> searchAliasedUsers;
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        UserQuery buildUserQuery = buildUserQuery(validateSOAPService, searchRestrictionArr);
        if (validateSOAPService.isAliasingEnabled()) {
            SearchRestriction findUsernameSearchRestriction = findUsernameSearchRestriction(searchRestrictionArr);
            if (findUsernameSearchRestriction != null) {
                try {
                    searchAliasedUsers = searchAliasedUsers(validateSOAPService, buildUserQuery, findUsernameSearchRestriction);
                } catch (DirectoryAccessException e) {
                    logger.info(e.getMessage(), e);
                    throw new RemoteException(e.getMessage(), e);
                }
            } else {
                try {
                    searchAliasedUsers = this.applicationService.searchUsers(validateSOAPService, buildUserQuery);
                } catch (DirectoryAccessException e2) {
                    logger.info(e2.getMessage(), e2);
                    throw new RemoteException(e2.getMessage(), e2);
                }
            }
            searchUsers = buildAliasedUsers(validateSOAPService, searchAliasedUsers);
        } else {
            try {
                searchUsers = this.applicationService.searchUsers(validateSOAPService, buildUserQuery);
            } catch (DirectoryAccessException e3) {
                logger.info(e3.getMessage(), e3);
                throw new RemoteException(e3.getMessage(), e3);
            }
        }
        return ObjectTranslator.processUsers(searchUsers, validateSOAPService.isLowerCaseOutput());
    }

    protected List<User> searchAliasedUsers(Application application, UserQuery userQuery, SearchRestriction searchRestriction) throws DirectoryAccessException {
        TreeSet newTreeSet = Sets.newTreeSet(this.applicationService.searchUsers(application, userQuery.asNames()));
        SortedSet<String> amalgamateAliasedUsernames = amalgamateAliasedUsernames(application, newTreeSet, Sets.newTreeSet(this.aliasManager.search(buildAliasQuery(application, searchRestriction))), Sets.newTreeSet(this.applicationService.searchUsers(application, QueryBuilder.queryFor(EntityDescriptor.user()).with(Restriction.on(UserTermKeys.USERNAME).containing(searchRestriction.getValue().toLowerCase())).returningAtMost(-1).asNames())));
        ArrayList arrayList = new ArrayList(newTreeSet.size());
        Iterator<String> it = amalgamateAliasedUsernames.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(this.applicationService.findUserByName(application, it.next()));
            } catch (ObjectNotFoundException e) {
            }
        }
        return arrayList;
    }

    protected List<User> buildAliasedUsers(Application application, List<User> list) {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<User> it = list.iterator();
        while (it.hasNext()) {
            UserTemplate userTemplate = new UserTemplate(it.next());
            userTemplate.setName(this.aliasManager.findAliasByUsername(application, userTemplate.getName()));
            arrayList.add(userTemplate);
        }
        return arrayList;
    }

    protected SortedSet<String> amalgamateAliasedUsernames(Application application, SortedSet<String> sortedSet, SortedSet<String> sortedSet2, SortedSet<String> sortedSet3) {
        sortedSet.addAll(sortedSet2);
        Iterator<String> it = sortedSet3.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!this.aliasManager.findAliasByUsername(application, next).equals(next)) {
                it.remove();
            }
        }
        sortedSet.addAll(sortedSet3);
        return sortedSet;
    }

    protected SearchRestriction findUsernameSearchRestriction(SearchRestriction... searchRestrictionArr) {
        SearchRestriction searchRestriction = null;
        int length = searchRestrictionArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            SearchRestriction searchRestriction2 = searchRestrictionArr[i];
            if (("principal.name".equals(searchRestriction2.getName()) || "username".equals(searchRestriction2.getName())) && StringUtils.isNotBlank(searchRestriction2.getValue())) {
                searchRestriction = searchRestriction2;
                break;
            }
            i++;
        }
        return searchRestriction;
    }

    protected EntityQuery buildAliasQuery(Application application, SearchRestriction searchRestriction) {
        EntityQuery entityQuery = null;
        if ("principal.name".equals(searchRestriction.getName()) || "username".equals(searchRestriction.getName())) {
            entityQuery = QueryBuilder.queryFor(EntityDescriptor.alias()).with(Combine.allOf(new com.atlassian.crowd.search.query.entity.restriction.SearchRestriction[]{Restriction.on(AliasTermKeys.ALIAS).containing(searchRestriction.getValue().toLowerCase()), Restriction.on(AliasTermKeys.APPLICATION_ID).exactlyMatching(application.getId())})).returningAtMost(-1).asNames();
        }
        return entityQuery;
    }

    protected UserQuery buildUserQuery(Application application, SearchRestriction... searchRestrictionArr) {
        boolean isAliasingEnabled = application.isAliasingEnabled();
        String str = null;
        String str2 = null;
        String str3 = null;
        Boolean bool = null;
        if (searchRestrictionArr != null) {
            for (SearchRestriction searchRestriction : searchRestrictionArr) {
                if (StringUtils.isNotBlank(searchRestriction.getName()) && StringUtils.isNotBlank(searchRestriction.getValue())) {
                    if ((!isAliasingEnabled && searchRestriction.getName().equals("principal.name")) || searchRestriction.getName().equals("username")) {
                        str = searchRestriction.getValue().toLowerCase();
                    } else if (searchRestriction.getName().equals("principal.active")) {
                        bool = Boolean.valueOf(searchRestriction.getValue().toLowerCase());
                    } else if (searchRestriction.getName().equals("principal.email") || searchRestriction.getName().equals("mail")) {
                        str2 = searchRestriction.getValue().toLowerCase();
                    } else if (searchRestriction.getName().equals("principal.fullname") || searchRestriction.getName().equals("displayName")) {
                        str3 = searchRestriction.getValue().toLowerCase();
                    }
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            arrayList.add(Restriction.on(UserTermKeys.USERNAME).containing(str));
        }
        if (bool != null) {
            arrayList.add(Restriction.on(UserTermKeys.ACTIVE).exactlyMatching(bool));
        }
        if (str2 != null) {
            arrayList.add(Restriction.on(UserTermKeys.EMAIL).containing(str2));
        }
        if (str3 != null) {
            arrayList.add(Restriction.on(UserTermKeys.DISPLAY_NAME).containing(str3));
        }
        return arrayList.isEmpty() ? new UserQuery(new NullRestriction(), 0, -1) : new UserQuery(new MultiTermRestriction(MultiTermRestriction.BooleanLogic.AND, (com.atlassian.crowd.search.query.entity.restriction.SearchRestriction[]) arrayList.toArray(new TermRestriction[arrayList.size()])), 0, -1);
    }

    public SOAPRole[] searchRoles(AuthenticatedToken authenticatedToken, SearchRestriction[] searchRestrictionArr) throws RemoteException, InvalidAuthorizationTokenException {
        List<String> searchDirectGroupRelationships;
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        SearchContext.PopulateMemberships populateMemberships = SearchContext.PopulateMemberships.ALL;
        String str = null;
        Boolean bool = null;
        if (searchRestrictionArr != null) {
            for (SearchRestriction searchRestriction : searchRestrictionArr) {
                if (StringUtils.isNotBlank(searchRestriction.getName()) && StringUtils.isNotBlank(searchRestriction.getValue())) {
                    if (searchRestriction.getName().equals("group.populate.direct.sub.groups") || searchRestriction.getName().equals("group.populate.memberships") || searchRestriction.getName().equals("role.populate.memberships")) {
                        populateMemberships = SearchContext.PopulateMemberships.parseString(searchRestriction.getValue());
                    } else if (searchRestriction.getName().equals("role.name")) {
                        str = searchRestriction.getValue().toLowerCase();
                    } else if (searchRestriction.getName().equals("role.active")) {
                        bool = Boolean.valueOf(searchRestriction.getValue().toLowerCase());
                    }
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            arrayList.add(Restriction.on(GroupTermKeys.NAME).containing(str));
        }
        if (bool != null) {
            arrayList.add(Restriction.on(GroupTermKeys.ACTIVE).exactlyMatching(bool));
        }
        try {
            List<Group> searchGroups = this.applicationService.searchGroups(validateSOAPService, arrayList.isEmpty() ? new GroupQuery(GroupType.LEGACY_ROLE, new NullRestriction(), 0, -1) : new GroupQuery(new MultiTermRestriction(MultiTermRestriction.BooleanLogic.AND, (com.atlassian.crowd.search.query.entity.restriction.SearchRestriction[]) arrayList.toArray(new TermRestriction[arrayList.size()])), 0, -1));
            ArrayList arrayList2 = new ArrayList(searchGroups.size());
            boolean isAliasingEnabled = validateSOAPService.isAliasingEnabled();
            for (Group group : searchGroups) {
                switch (AnonymousClass1.$SwitchMap$com$atlassian$crowd$integration$SearchContext$PopulateMemberships[populateMemberships.ordinal()]) {
                    case 1:
                        searchDirectGroupRelationships = Collections.emptyList();
                        break;
                    default:
                        try {
                            searchDirectGroupRelationships = this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.LEGACY_ROLE)).withName(group.getName()).returningAtMost(-1).asNames());
                            break;
                        } catch (DirectoryAccessException e) {
                            logger.info(e.getMessage(), e);
                            throw new RemoteException(e.getMessage(), e);
                        }
                }
                if (!searchDirectGroupRelationships.isEmpty() && isAliasingEnabled) {
                    searchDirectGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchDirectGroupRelationships);
                }
                arrayList2.add(new SOAPRole(group.getName(), (String[]) searchDirectGroupRelationships.toArray(new String[searchDirectGroupRelationships.size()])));
            }
            return ObjectTranslator.processSOAPRoleAndMemberNames((SOAPRole[]) arrayList2.toArray(new SOAPRole[arrayList2.size()]), validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public SOAPGroup addGroup(AuthenticatedToken authenticatedToken, SOAPGroup sOAPGroup) throws RemoteException, InvalidAuthorizationTokenException, InvalidGroupException, ApplicationPermissionException {
        try {
            Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
            Group addGroup = this.applicationService.addGroup(validateSOAPService, ObjectTranslator.processGroup(sOAPGroup));
            List<String> searchNestedGroupRelationships = this.applicationService.searchNestedGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(addGroup.getName()).returningAtMost(-1).asNames());
            if (!searchNestedGroupRelationships.isEmpty() && validateSOAPService.isAliasingEnabled()) {
                searchNestedGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchNestedGroupRelationships);
            }
            return ObjectTranslator.processGroup(addGroup, searchNestedGroupRelationships, validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void updateGroup(AuthenticatedToken authenticatedToken, String str, String str2, boolean z) throws RemoteException, InvalidAuthorizationTokenException, ApplicationPermissionException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        GroupTemplate groupTemplate = new GroupTemplate(str, (Long) null, GroupType.GROUP);
        groupTemplate.setActive(z);
        groupTemplate.setDescription(str2);
        try {
            this.applicationService.updateGroup(validateSOAPService, groupTemplate);
        } catch (InvalidGroupException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public SOAPGroup findGroupByName(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            Group findGroupByName = this.applicationService.findGroupByName(validateSOAPService, str);
            if (findGroupByName.getType() != GroupType.GROUP) {
                throw new ObjectNotFoundException(Group.class, str);
            }
            List<String> searchNestedGroupRelationships = this.applicationService.searchNestedGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(findGroupByName.getName()).returningAtMost(-1).asNames());
            if (!searchNestedGroupRelationships.isEmpty() && validateSOAPService.isAliasingEnabled()) {
                searchNestedGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchNestedGroupRelationships);
            }
            return ObjectTranslator.processGroup(findGroupByName, searchNestedGroupRelationships, validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPGroup findGroupWithAttributesByName(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            GroupWithAttributes findGroupWithAttributesByName = this.applicationService.findGroupWithAttributesByName(validateSOAPService, str);
            if (findGroupWithAttributesByName.getType() != GroupType.GROUP) {
                throw new ObjectNotFoundException(Group.class, str);
            }
            List<String> searchNestedGroupRelationships = this.applicationService.searchNestedGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(findGroupWithAttributesByName.getName()).returningAtMost(-1).asNames());
            if (!searchNestedGroupRelationships.isEmpty() && validateSOAPService.isAliasingEnabled()) {
                searchNestedGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchNestedGroupRelationships);
            }
            return ObjectTranslator.processGroupWithAttributes(findGroupWithAttributesByName, searchNestedGroupRelationships, validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPRole addRole(AuthenticatedToken authenticatedToken, SOAPRole sOAPRole) throws RemoteException, InvalidAuthorizationTokenException, InvalidRoleException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            Group addGroup = this.applicationService.addGroup(validateSOAPService, ObjectTranslator.processRole(sOAPRole));
            List<String> searchDirectGroupRelationships = this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.LEGACY_ROLE)).withName(addGroup.getName()).returningAtMost(-1).asNames());
            if (!searchDirectGroupRelationships.isEmpty() && validateSOAPService.isAliasingEnabled()) {
                searchDirectGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchDirectGroupRelationships);
            }
            return ObjectTranslator.processRole(addGroup, searchDirectGroupRelationships, validateSOAPService.isLowerCaseOutput());
        } catch (InvalidGroupException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public SOAPRole findRoleByName(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            Group findGroupByName = this.applicationService.findGroupByName(validateSOAPService, str);
            if (findGroupByName.getType() != GroupType.LEGACY_ROLE) {
                throw new ObjectNotFoundException(Group.class, str);
            }
            List<String> searchDirectGroupRelationships = this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).membersOf(EntityDescriptor.group(GroupType.LEGACY_ROLE)).withName(findGroupByName.getName()).returningAtMost(-1).asNames());
            if (!searchDirectGroupRelationships.isEmpty() && validateSOAPService.isAliasingEnabled()) {
                searchDirectGroupRelationships = getAliasedNamesForUsers(validateSOAPService, searchDirectGroupRelationships);
            }
            return ObjectTranslator.processRole(findGroupByName, searchDirectGroupRelationships, validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPPrincipal findPrincipalByToken(AuthenticatedToken authenticatedToken, String str) throws InvalidAuthorizationTokenException, RemoteException, InvalidTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            User findUserByToken = this.directoryManager.findUserByToken(str);
            SOAPPrincipal processUser = ObjectTranslator.processUser(findUserByToken, validateSOAPService.isLowerCaseOutput());
            processUser.setName(ObjectTranslator.processDirectoryEntityName(this.aliasManager.findAliasByUsername(validateSOAPService, findUserByToken.getName()), validateSOAPService.isLowerCaseOutput()));
            return processUser;
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void updatePrincipalAttribute(AuthenticatedToken authenticatedToken, String str, SOAPAttribute sOAPAttribute) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            storePrincipalAttribute(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str), sOAPAttribute);
        } catch (InvalidUserException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public void updateGroupAttribute(AuthenticatedToken authenticatedToken, String str, SOAPAttribute sOAPAttribute) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            storeCustomGroupAttribute(validateSOAPService, this.applicationService.findGroupByName(validateSOAPService, str).getName(), sOAPAttribute);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPPrincipal findPrincipalByName(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        try {
            Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
            SOAPPrincipal processUser = ObjectTranslator.processUser(this.applicationService.findUserByName(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str)), validateSOAPService.isLowerCaseOutput());
            processUser.setName(ObjectTranslator.processDirectoryEntityName(str, validateSOAPService.isLowerCaseOutput()));
            return processUser;
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPPrincipal findPrincipalWithAttributesByName(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        try {
            Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
            SOAPPrincipal processUserWithAttributes = ObjectTranslator.processUserWithAttributes(this.applicationService.findUserWithAttributesByName(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str)), validateSOAPService.isLowerCaseOutput());
            processUserWithAttributes.setName(ObjectTranslator.processDirectoryEntityName(str, validateSOAPService.isLowerCaseOutput()));
            return processUserWithAttributes;
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPPrincipal addPrincipal(AuthenticatedToken authenticatedToken, SOAPPrincipal sOAPPrincipal, PasswordCredential passwordCredential) throws InvalidAuthorizationTokenException, RemoteException, InvalidCredentialException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            User addUser = this.applicationService.addUser(validateSOAPService, ObjectTranslator.processUser(sOAPPrincipal), passwordCredential);
            SOAPPrincipal processUser = ObjectTranslator.processUser(addUser, validateSOAPService.isLowerCaseOutput());
            Map buildUserAttributeMap = ObjectTranslator.buildUserAttributeMap(sOAPPrincipal);
            if (!buildUserAttributeMap.isEmpty()) {
                this.applicationService.storeUserAttributes(validateSOAPService, addUser.getName(), buildUserAttributeMap);
                processUser = ObjectTranslator.processUserWithAttributes(this.applicationService.findUserWithAttributesByName(validateSOAPService, addUser.getName()), validateSOAPService.isLowerCaseOutput());
            }
            return processUser;
        } catch (ObjectNotFoundException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        } catch (InvalidUserException e3) {
            logger.info(e3.getMessage(), e3);
            throw new RemoteException(e3.getMessage(), e3);
        }
    }

    public void addAllPrincipals(AuthenticatedToken authenticatedToken, SOAPPrincipalWithCredential[] sOAPPrincipalWithCredentialArr) throws InvalidAuthorizationTokenException, RemoteException, ApplicationPermissionException, BulkAddFailedException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        ArrayList arrayList = new ArrayList();
        for (SOAPPrincipalWithCredential sOAPPrincipalWithCredential : sOAPPrincipalWithCredentialArr) {
            SOAPPrincipal principal = sOAPPrincipalWithCredential.getPrincipal();
            arrayList.add(new UserTemplateWithCredentialAndAttributes(ObjectTranslator.processUser(principal), ObjectTranslator.processUserAttributes(principal), sOAPPrincipalWithCredential.getPasswordCredential()));
        }
        try {
            this.applicationService.addAllUsers(validateSOAPService, arrayList);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void addPrincipalToGroup(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            this.applicationService.addUserToGroup(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str), str2);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void updatePrincipalCredential(AuthenticatedToken authenticatedToken, String str, PasswordCredential passwordCredential) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, InvalidCredentialException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            this.applicationService.updateUserCredential(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str), passwordCredential);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void resetPrincipalCredential(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidEmailAddressException, InvalidAuthorizationTokenException, InvalidCredentialException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            this.applicationService.resetUserCredential(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str));
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void removeGroup(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        try {
            this.applicationService.removeGroup(this.soapService.validateSOAPService(authenticatedToken), str);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void removeRole(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        removeGroup(authenticatedToken, str);
    }

    public void removePrincipal(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            this.applicationService.removeUser(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str));
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void addPrincipalToRole(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        addPrincipalToGroup(authenticatedToken, str, str2);
    }

    public boolean isGroupMember(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            return this.applicationService.isUserNestedGroupMember(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str2), str);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public boolean isRoleMember(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException {
        return isGroupMember(authenticatedToken, str2, str);
    }

    public void removePrincipalFromGroup(AuthenticatedToken authenticatedToken, String str, String str2) throws InvalidAuthorizationTokenException, RemoteException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            this.applicationService.removeUserFromGroup(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str), str2);
        } catch (MembershipNotFoundException e) {
            logger.info(e.getMessage(), e);
            throw new ObjectNotFoundException(e);
        } catch (DirectoryAccessException e2) {
            logger.info(e2.getMessage(), e2);
            throw new RemoteException(e2.getMessage(), e2);
        }
    }

    public void removePrincipalFromRole(AuthenticatedToken authenticatedToken, String str, String str2) throws InvalidAuthorizationTokenException, RemoteException, ObjectNotFoundException, ApplicationPermissionException {
        removePrincipalFromGroup(authenticatedToken, str, str2);
    }

    private boolean isPrimaryUserAttribute(String str) {
        return "givenName".equals(str) || "sn".equals(str) || "displayName".equals(str) || "mail".equals(str) || "iconLocation".equals(str) || "active".equals(str);
    }

    private void updatePrimaryUserAttribute(Application application, String str, SOAPAttribute sOAPAttribute) throws ObjectNotFoundException, DirectoryAccessException, ApplicationPermissionException, InvalidUserException {
        String str2;
        UserTemplate userTemplate = new UserTemplate(this.applicationService.findUserByName(application, str));
        if ((sOAPAttribute.getValues() == null || sOAPAttribute.getValues().length > 0) && (str2 = sOAPAttribute.getValues()[0]) != null) {
            if ("givenName".equals(sOAPAttribute.getName())) {
                userTemplate.setFirstName(str2);
            } else if ("sn".equals(sOAPAttribute.getName())) {
                userTemplate.setLastName(str2);
            } else if ("displayName".equals(sOAPAttribute.getName())) {
                userTemplate.setDisplayName(str2);
            } else if ("mail".equals(sOAPAttribute.getName())) {
                userTemplate.setEmailAddress(str2);
            } else if ("iconLocation".equals(sOAPAttribute.getName())) {
                userTemplate.setIconLocation(str2);
            } else if ("active".equals(sOAPAttribute.getName())) {
                userTemplate.setActive(Boolean.valueOf(str2).booleanValue());
            }
            this.applicationService.updateUser(application, userTemplate);
        }
    }

    private void storeCustomUserAttribute(Application application, String str, SOAPAttribute sOAPAttribute) throws ApplicationPermissionException, ObjectNotFoundException, DirectoryAccessException {
        HashMap hashMap = new HashMap();
        hashMap.put(sOAPAttribute.getName(), Arrays.asList(sOAPAttribute.getValues()));
        this.applicationService.storeUserAttributes(application, str, hashMap);
    }

    private void storeCustomGroupAttribute(Application application, String str, SOAPAttribute sOAPAttribute) throws ApplicationPermissionException, ObjectNotFoundException, DirectoryAccessException {
        HashMap hashMap = new HashMap();
        hashMap.put(sOAPAttribute.getName(), Arrays.asList(sOAPAttribute.getValues()));
        this.applicationService.storeGroupAttributes(application, str, hashMap);
    }

    private void storePrincipalAttribute(Application application, String str, SOAPAttribute sOAPAttribute) throws ObjectNotFoundException, DirectoryAccessException, ApplicationPermissionException, InvalidUserException {
        if (isPrimaryUserAttribute(sOAPAttribute.getName())) {
            updatePrimaryUserAttribute(application, str, sOAPAttribute);
        } else {
            storeCustomUserAttribute(application, str, sOAPAttribute);
        }
    }

    private void removePrincipalAttribute(Application application, String str, String str2) throws RemoteException, ApplicationPermissionException, ObjectNotFoundException, DirectoryAccessException {
        if (isPrimaryUserAttribute(str2)) {
            throw new RemoteException("Cannot remove the attribute <" + str2 + "> as it is a primary attribute");
        }
        this.applicationService.removeUserAttributes(application, str, str2);
    }

    private void removeGroupAttribute(Application application, String str, String str2) throws RemoteException, ApplicationPermissionException, ObjectNotFoundException, DirectoryAccessException {
        this.applicationService.removeGroupAttributes(application, str, str2);
    }

    public void addAttributeToPrincipal(AuthenticatedToken authenticatedToken, String str, SOAPAttribute sOAPAttribute) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        updatePrincipalAttribute(authenticatedToken, str, sOAPAttribute);
    }

    public void addAttributeToGroup(AuthenticatedToken authenticatedToken, String str, SOAPAttribute sOAPAttribute) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        updateGroupAttribute(authenticatedToken, str, sOAPAttribute);
    }

    public void removeAttributeFromPrincipal(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            removePrincipalAttribute(validateSOAPService, this.aliasManager.findUsernameByAlias(validateSOAPService, str), str2);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public void removeAttributeFromGroup(AuthenticatedToken authenticatedToken, String str, String str2) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException, ApplicationPermissionException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            removeGroupAttribute(validateSOAPService, this.applicationService.findGroupByName(validateSOAPService, str).getName(), str2);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public long getCacheTime(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        try {
            this.soapService.validateSOAPService(authenticatedToken);
            return this.propertyManager.getCacheTime();
        } catch (PropertyManagerException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public boolean isCacheEnabled(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        this.soapService.validateSOAPService(authenticatedToken);
        return this.propertyManager.isCacheEnabled();
    }

    public String getDomain(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        try {
            this.soapService.validateSOAPService(authenticatedToken);
            return this.propertyManager.getDomain();
        } catch (PropertyManagerException e) {
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public String[] findAllPrincipalNames(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            List<String> searchUsers = this.applicationService.searchUsers(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.user()).returningAtMost(-1).asNames());
            ArrayList arrayList = new ArrayList(searchUsers.size());
            boolean isAliasingEnabled = validateSOAPService.isAliasingEnabled();
            boolean isLowerCaseOutput = validateSOAPService.isLowerCaseOutput();
            for (String str : searchUsers) {
                if (isAliasingEnabled) {
                    str = this.aliasManager.findAliasByUsername(validateSOAPService, str);
                }
                arrayList.add(ObjectTranslator.processDirectoryEntityName(str, isLowerCaseOutput));
            }
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public String[] findAllGroupNames(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            List searchGroups = this.applicationService.searchGroups(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group(GroupType.GROUP)).returningAtMost(-1).asNames());
            ArrayList arrayList = new ArrayList(searchGroups.size());
            boolean isLowerCaseOutput = validateSOAPService.isLowerCaseOutput();
            Iterator it = searchGroups.iterator();
            while (it.hasNext()) {
                arrayList.add(ObjectTranslator.processDirectoryEntityName((String) it.next(), isLowerCaseOutput));
            }
            return (String[]) arrayList.toArray(new String[arrayList.size()]);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public SOAPNestableGroup[] findAllGroupRelationships(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            List<Group> searchGroups = this.applicationService.searchGroups(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group(GroupType.GROUP)).returningAtMost(-1));
            ArrayList arrayList = new ArrayList();
            for (Group group : searchGroups) {
                List searchDirectGroupRelationships = this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group(GroupType.GROUP)).membersOf(EntityDescriptor.group(GroupType.GROUP)).withName(group.getName()).returningAtMost(-1).asNames());
                arrayList.add(new SOAPNestableGroup(group.getName(), (String[]) searchDirectGroupRelationships.toArray(new String[searchDirectGroupRelationships.size()])));
            }
            return ObjectTranslator.processSOAPNestableGroupAndMemberNames(arrayList, validateSOAPService.isLowerCaseOutput());
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public String[] findAllRoleNames(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        return findAllGroupNames(authenticatedToken);
    }

    public String[] findGroupMemberships(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            List processDirectoryEntityNames = ObjectTranslator.processDirectoryEntityNames(this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group(GroupType.GROUP)).membershipsOf(EntityDescriptor.user()).withName(this.aliasManager.findUsernameByAlias(validateSOAPService, str)).returningAtMost(-1).asNames()), validateSOAPService.isLowerCaseOutput());
            return (String[]) processDirectoryEntityNames.toArray(new String[processDirectoryEntityNames.size()]);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public String[] findRoleMemberships(AuthenticatedToken authenticatedToken, String str) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        try {
            List processDirectoryEntityNames = ObjectTranslator.processDirectoryEntityNames(this.applicationService.searchDirectGroupRelationships(validateSOAPService, QueryBuilder.queryFor(EntityDescriptor.group(GroupType.LEGACY_ROLE)).membershipsOf(EntityDescriptor.user()).withName(this.aliasManager.findUsernameByAlias(validateSOAPService, str)).returningAtMost(-1).asNames()), validateSOAPService.isLowerCaseOutput());
            return (String[]) processDirectoryEntityNames.toArray(new String[processDirectoryEntityNames.size()]);
        } catch (DirectoryAccessException e) {
            logger.info(e.getMessage(), e);
            throw new RemoteException(e.getMessage(), e);
        }
    }

    public String[] getGrantedAuthorities(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        Application validateSOAPService = this.soapService.validateSOAPService(authenticatedToken);
        HashSet hashSet = new HashSet();
        Iterator it = validateSOAPService.getDirectoryMappings().iterator();
        while (it.hasNext()) {
            Iterator it2 = ((DirectoryMapping) it.next()).getAuthorisedGroups().iterator();
            while (it2.hasNext()) {
                hashSet.add(((GroupMapping) it2.next()).getGroupName());
            }
        }
        List processDirectoryEntityNames = ObjectTranslator.processDirectoryEntityNames(hashSet, validateSOAPService.isLowerCaseOutput());
        return (String[]) processDirectoryEntityNames.toArray(new String[processDirectoryEntityNames.size()]);
    }

    public SOAPCookieInfo getCookieInfo(AuthenticatedToken authenticatedToken) throws RemoteException, InvalidAuthorizationTokenException {
        this.soapService.validateSOAPService(authenticatedToken);
        SOAPCookieInfo sOAPCookieInfo = new SOAPCookieInfo();
        try {
            sOAPCookieInfo.setDomain(this.propertyManager.getDomain());
            sOAPCookieInfo.setSecure(this.propertyManager.isSecureCookie());
            return sOAPCookieInfo;
        } catch (PropertyManagerException e) {
            throw new RemoteException(e.getMessage(), e);
        }
    }

    protected boolean isLowerCaseOutput(AuthenticatedToken authenticatedToken) {
        boolean z = false;
        if (authenticatedToken != null && authenticatedToken.getName() != null) {
            try {
                z = this.applicationManager.findByName(authenticatedToken.getName()).isLowerCaseOutput();
            } catch (ObjectNotFoundException e) {
            }
        }
        return z;
    }
}
