package edu.internet2.middleware.ldappc.synchronize;

import edu.internet2.middleware.grouper.Group;
import edu.internet2.middleware.grouper.Member;
import edu.internet2.middleware.grouper.SubjectFinder;
import edu.internet2.middleware.grouper.exception.AttributeNotFoundException;
import edu.internet2.middleware.grouper.exception.GroupNotFoundException;
import edu.internet2.middleware.ldappc.Ldappc;
import edu.internet2.middleware.ldappc.LdappcConfig;
import edu.internet2.middleware.ldappc.LdappcOptions;
import edu.internet2.middleware.ldappc.exception.ConfigurationException;
import edu.internet2.middleware.ldappc.exception.LdappcException;
import edu.internet2.middleware.ldappc.ldap.OrganizationalUnit;
import edu.internet2.middleware.ldappc.util.LdapUtil;
import edu.internet2.middleware.ldappc.util.PSPUtil;
import edu.internet2.middleware.shibboleth.common.attribute.AttributeRequestException;
import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute;
import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext;
import edu.internet2.middleware.subject.Source;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.vt.middleware.ldap.SearchFilter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.apache.directory.shared.ldap.ldif.LdifUtils;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/internet2/middleware/ldappc/synchronize/GroupEntrySynchronizer.class */
public class GroupEntrySynchronizer {
    private static final Logger LOG = LoggerFactory.getLogger(GroupEntrySynchronizer.class);
    private Ldappc ldappc;
    private static final int DEFAULT_HASH_SIZE = 100000;
    private Set<Name> deleteOus;
    private Set<Name> processedOus;
    private Set<Name> deleteGroups;
    private Set<Name> processedGroups;
    private AttributeModifier objectClassMods;
    private AttributeModifier memberDnMods;
    private AttributeModifier memberNameMods;
    private AttributeModifier rdnMods;
    private BasicAttributes mappedLdapAttributes;

    public GroupEntrySynchronizer(Ldappc ldappc, boolean z) throws NamingException, ConfigurationException {
        this.ldappc = ldappc;
        int groupHashEstimate = ldappc.getConfig().getGroupHashEstimate();
        groupHashEstimate = groupHashEstimate == 0 ? DEFAULT_HASH_SIZE : groupHashEstimate;
        LOG.debug("Group initial cache size = " + groupHashEstimate);
        this.deleteOus = new HashSet(groupHashEstimate);
        this.processedOus = new HashSet(groupHashEstimate);
        this.deleteGroups = new HashSet(groupHashEstimate);
        this.processedGroups = new HashSet(groupHashEstimate);
        this.mappedLdapAttributes = new BasicAttributes(true);
        if (LdappcConfig.GroupDNStructure.flat.equals(ldappc.getConfig().getGroupDnStructure()) && ldappc.getConfig().getGroupDnGrouperAttribute() == null) {
            throw new ConfigurationException("Group DN grouper attribute is not defined.");
        }
        if (ldappc.getConfig().getGroupDnObjectClass() == null) {
            throw new ConfigurationException("Group ldap entry object class is not defined.");
        }
        String groupDnRdnAttribute = ldappc.getConfig().getGroupDnRdnAttribute();
        if (groupDnRdnAttribute == null || "ou".equalsIgnoreCase(groupDnRdnAttribute)) {
            throw new ConfigurationException("Group ldap entry RDN attribute name is invalid.");
        }
        this.rdnMods = new AttributeModifier(groupDnRdnAttribute);
        this.objectClassMods = new AttributeModifier(LdapUtil.OBJECT_CLASS_ATTRIBUTE);
        this.memberDnMods = null;
        if (ldappc.getConfig().isGroupMembersDnListed()) {
            String groupMembersDnListAttribute = ldappc.getConfig().getGroupMembersDnListAttribute();
            if (groupMembersDnListAttribute == null) {
                throw new ConfigurationException("Group members DN list attribute name is not defined.");
            }
            if (z) {
                this.memberDnMods = new DnAttributeModifier(groupMembersDnListAttribute, ldappc.getConfig().getGroupMembersDnListEmptyValue());
            }
        }
        this.memberNameMods = null;
        if (ldappc.getConfig().isGroupMembersNameListed()) {
            String groupMembersNameListAttribute = ldappc.getConfig().getGroupMembersNameListAttribute();
            if (groupMembersNameListAttribute == null) {
                throw new ConfigurationException("Group members name list attribute name is not defined.");
            }
            if (z) {
                this.memberNameMods = new AttributeModifier(groupMembersNameListAttribute, ldappc.getConfig().getGroupMembersNameListEmptyValue());
            }
        }
        Map<String, List<String>> groupAttributeMapping = ldappc.getConfig().getGroupAttributeMapping();
        Iterator<String> it = groupAttributeMapping.keySet().iterator();
        while (it.hasNext()) {
            for (String str : groupAttributeMapping.get(it.next())) {
                if (str.equalsIgnoreCase(this.objectClassMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.objectClassMods.getAttributeName() + "'");
                }
                if (this.memberDnMods != null && str.equalsIgnoreCase(this.memberDnMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.memberDnMods.getAttributeName() + "'");
                }
                if (this.memberNameMods != null && str.equalsIgnoreCase(this.memberNameMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.memberNameMods.getAttributeName() + "'");
                }
                if (this.mappedLdapAttributes.get(str) == null) {
                    this.mappedLdapAttributes.put(str, new AttributeModifier(str, ldappc.getConfig().getGroupAttributeMappingLdapEmptyValue(str)));
                }
            }
        }
        Map<String, List<String>> attributeResolverMapping = ldappc.getConfig().getAttributeResolverMapping();
        Iterator<String> it2 = attributeResolverMapping.keySet().iterator();
        while (it2.hasNext()) {
            for (String str2 : attributeResolverMapping.get(it2.next())) {
                if (str2.equalsIgnoreCase(this.objectClassMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.objectClassMods.getAttributeName() + "'");
                }
                if (this.memberDnMods != null && str2.equalsIgnoreCase(this.memberDnMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.memberDnMods.getAttributeName() + "'");
                }
                if (this.memberNameMods != null && str2.equalsIgnoreCase(this.memberNameMods.getAttributeName())) {
                    throw new LdappcException("Unable to map an attribute whose name matches '" + this.memberNameMods.getAttributeName() + "'");
                }
                if (this.mappedLdapAttributes.get(str2) == null) {
                    this.mappedLdapAttributes.put(str2, new AttributeModifier(str2, ldappc.getConfig().getAttributeResolverMappingLdapEmptyValue(str2)));
                }
            }
        }
    }

    public void synchronize(Set<Group> set) throws NamingException, LdappcException {
        initialize();
        for (Group group : set) {
            performInclude(group, this.ldappc.determineStatus(group), set);
        }
        commit();
    }

    public String calculateLdif(Group group, Set<Group> set) throws LdappcException, NamingException {
        initializeInclude(group);
        Name calculateGroupDn = this.ldappc.calculateGroupDn(group);
        this.rdnMods.store(new Rdn(calculateGroupDn.get(calculateGroupDn.size() - 1)).getValue().toString());
        storeGroupData(group, set);
        BasicAttributes basicAttributes = new BasicAttributes(true);
        basicAttributes.put(this.objectClassMods.getAdditions());
        if (this.memberDnMods != null) {
            basicAttributes.put(this.memberDnMods.getAdditions());
        }
        if (this.memberNameMods != null) {
            basicAttributes.put(this.memberNameMods.getAdditions());
        }
        basicAttributes.put(this.rdnMods.getAdditions());
        NamingEnumeration all = this.mappedLdapAttributes.getAll();
        while (all.hasMore()) {
            Attribute additions = ((AttributeModifier) ((Attribute) all.next()).get()).getAdditions();
            if (additions.size() > 0) {
                Attribute attribute = basicAttributes.get(additions.getID());
                if (attribute == null) {
                    basicAttributes.put(additions);
                } else {
                    NamingEnumeration all2 = additions.getAll();
                    while (all2.hasMoreElements()) {
                        attribute.add(all2.next());
                    }
                }
            }
        }
        return LdifUtils.convertToLdif(basicAttributes, new LdapDN(calculateGroupDn));
    }

    protected void performInclude(Group group, int i, Set<Group> set) throws NamingException, LdappcException {
        LOG.debug("Starting include of group {}", group.getName());
        initializeInclude(group);
        Name buildGroupDn = buildGroupDn(group);
        if (this.processedGroups.contains(buildGroupDn)) {
            LOG.error("Group entry identified by {} has already been encountered, and will not be processed another time.", buildGroupDn);
            return;
        }
        if (!this.deleteGroups.remove(buildGroupDn)) {
            addGroupEntry(buildGroupDn, group, set);
        } else if (i == 0 || i == 1 || i == 3) {
            updateGroupEntry(buildGroupDn, group, set);
        }
        updateProcessedOus(buildGroupDn);
        this.processedGroups.add(buildGroupDn);
    }

    protected void updateGroupEntry(Name name, Group group, Set<Group> set) throws NamingException {
        initGroupData(name);
        storeGroupData(group, set);
        Vector vector = new Vector();
        vector.add(this.objectClassMods);
        if (this.memberDnMods != null) {
            if (this.memberDnMods.getRetainedValues().size() == 0 && this.memberDnMods.getAdds().size() == 0 && this.memberDnMods.getNoValue() != null) {
                this.memberDnMods.store(this.memberDnMods.getNoValue());
            }
            vector.add(this.memberDnMods);
        }
        if (this.memberNameMods != null) {
            if (this.memberNameMods.getRetainedValues().size() == 0 && this.memberNameMods.getAdds().size() == 0 && this.memberNameMods.getNoValue() != null) {
                this.memberNameMods.store(this.memberNameMods.getNoValue());
            }
            vector.add(this.memberNameMods);
        }
        NamingEnumeration all = this.mappedLdapAttributes.getAll();
        while (all.hasMore()) {
            vector.add((AttributeModifier) ((Attribute) all.next()).get());
        }
        Vector vector2 = new Vector();
        Iterator it = vector.iterator();
        while (it.hasNext()) {
            for (ModificationItem modificationItem : ((AttributeModifier) it.next()).getModifications()) {
                vector2.add(modificationItem);
            }
        }
        ModificationItem[] modificationItemArr = new ModificationItem[vector2.size()];
        for (int i = 0; i < modificationItemArr.length; i++) {
            modificationItemArr[i] = (ModificationItem) vector2.get(i);
        }
        if (modificationItemArr.length > 0) {
            if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.DRYRUN)) {
                if (this.ldappc.getConfig().getBundleModifications()) {
                    LdapUtil.writeLdif(this.ldappc.getWriter(), LdapUtil.getLdifModify(new LdapDN(name), modificationItemArr));
                } else {
                    for (ModificationItem modificationItem2 : modificationItemArr) {
                        LdapUtil.writeLdif(this.ldappc.getWriter(), LdapUtil.getLdifModify(new LdapDN(name), new ModificationItem[]{modificationItem2}));
                    }
                }
            }
            if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.PROVISION)) {
                if (this.ldappc.getConfig().getBundleModifications()) {
                    String str = "Modify '" + name + "' " + Arrays.asList(modificationItemArr);
                    if (this.ldappc.getOptions().getLogLdif()) {
                        str = str + "\n\n" + LdapUtil.getLdifModify(new LdapDN(name), modificationItemArr);
                    }
                    LOG.info(str);
                    this.ldappc.getContext().modifyAttributes(LdapUtil.escapeForwardSlash(name.toString()), modificationItemArr);
                    return;
                }
                for (ModificationItem modificationItem3 : modificationItemArr) {
                    ModificationItem[] modificationItemArr2 = {modificationItem3};
                    String str2 = "Modify '" + name + "' " + Arrays.asList(modificationItemArr2);
                    if (this.ldappc.getOptions().getLogLdif()) {
                        str2 = str2 + "\n\n" + LdapUtil.getLdifModify(new LdapDN(name), modificationItemArr2);
                    }
                    LOG.info(str2);
                    this.ldappc.getContext().modifyAttributes(LdapUtil.escapeForwardSlash(name.toString()), modificationItemArr2);
                }
            }
        }
    }

    protected void initGroupData(Name name) throws NamingException {
        Vector vector = new Vector();
        vector.add(this.rdnMods.getAttributeName());
        if (this.memberDnMods != null) {
            vector.add(this.memberDnMods.getAttributeName());
        }
        if (this.memberNameMods != null) {
            vector.add(this.memberNameMods.getAttributeName());
        }
        NamingEnumeration iDs = this.mappedLdapAttributes.getIDs();
        while (iDs.hasMore()) {
            vector.add(iDs.next());
        }
        vector.add(this.objectClassMods.getAttributeName());
        LOG.debug("get group attributes '" + name + "' attrs " + vector);
        Attributes searchAttributes = LdapUtil.searchAttributes(this.ldappc.getContext(), LdapUtil.escapeForwardSlash(name.toString()), (String[]) vector.toArray(new String[0]));
        populateAttrModifier(searchAttributes, this.rdnMods);
        if (this.memberDnMods != null) {
            populateAttrModifier(searchAttributes, this.memberDnMods);
        }
        if (this.memberNameMods != null) {
            populateAttrModifier(searchAttributes, this.memberNameMods);
        }
        NamingEnumeration all = this.mappedLdapAttributes.getAll();
        while (all.hasMore()) {
            populateAttrModifier(searchAttributes, (AttributeModifier) ((Attribute) all.next()).get());
        }
        populateAttrModifier(searchAttributes, this.objectClassMods);
        this.objectClassMods.retainAll();
    }

    private void populateAttrModifier(Attributes attributes, AttributeModifier attributeModifier) throws NamingException {
        Attribute attribute = attributes.get(attributeModifier.getAttributeName());
        if (attribute != null) {
            attributeModifier.init(attribute);
            attributes.remove(attributeModifier.getAttributeName());
        }
    }

    protected void storeGroupData(Group group, Set<Group> set) throws NamingException, LdappcException {
        Subject subject;
        Set<Name> findSubjectDn;
        Group group2;
        String str;
        storeObjectClassData();
        Set<Member> members = group.getMembers();
        if (members.isEmpty()) {
            if (this.memberDnMods != null && this.memberDnMods.getNoValue() != null) {
                this.memberDnMods.store(this.memberDnMods.getNoValue());
            }
            if (this.memberNameMods != null && this.memberNameMods.getNoValue() != null) {
                this.memberNameMods.store(this.memberNameMods.getNoValue());
            }
        } else {
            for (Member member : members) {
                try {
                    subject = member.getSubject();
                } catch (SubjectNotFoundException e) {
                    LOG.warn("Subject not found", e);
                }
                if (!this.ldappc.getConfig().getProvisionMemberGroupsIgnoreQueries() && subject.getSourceId().equals(SubjectFinder.internal_getGSA().getId())) {
                    try {
                        group2 = member.toGroup();
                    } catch (GroupNotFoundException e2) {
                        LOG.warn("Unable to find group for member " + member, e2);
                    }
                    if (!set.contains(group2)) {
                        LOG.debug("Ignoring member group not in group-queries " + group2);
                    }
                }
                if (this.memberDnMods != null && (findSubjectDn = this.ldappc.getSubjectCache().findSubjectDn(member)) != null) {
                    Iterator<Name> it = findSubjectDn.iterator();
                    while (it.hasNext()) {
                        this.memberDnMods.store(it.next().toString());
                    }
                }
                if (this.memberNameMods != null) {
                    try {
                        Source source = subject.getSource();
                        if (source == null) {
                            throw new LdappcException("Source is null");
                        }
                        String groupMembersNameListNamingAttribute = this.ldappc.getConfig().getGroupMembersNameListNamingAttribute(source.getId());
                        if (groupMembersNameListNamingAttribute == null) {
                            throw new LdappcException("No group members name list naming attribute defined for source id [" + source.getId() + "]");
                        }
                        String attributeValue = subject.getAttributeValue(groupMembersNameListNamingAttribute);
                        if (attributeValue == null) {
                            if (groupMembersNameListNamingAttribute.equalsIgnoreCase(LdappcConfig.GROUPER_ID_ATTRIBUTE)) {
                                attributeValue = subject.getId();
                            }
                            if (groupMembersNameListNamingAttribute.equalsIgnoreCase(LdappcConfig.GROUPER_NAME_ATTRIBUTE)) {
                                attributeValue = subject.getName();
                            }
                        }
                        if (attributeValue == null) {
                            throw new LdappcException("Naming attribute [" + groupMembersNameListNamingAttribute + "] is not defined.");
                        }
                        this.memberNameMods.store(attributeValue);
                    } catch (Exception e3) {
                        LOG.warn(getErrorData(subject), e3);
                    }
                } else {
                    continue;
                }
            }
        }
        Map<String, List<String>> groupAttributeMapping = this.ldappc.getConfig().getGroupAttributeMapping();
        for (String str2 : groupAttributeMapping.keySet()) {
            try {
                str = group.getAttributeOrFieldValue(str2, false, false);
            } catch (AttributeNotFoundException e4) {
                str = null;
            }
            Iterator<String> it2 = groupAttributeMapping.get(str2).iterator();
            while (it2.hasNext()) {
                AttributeModifier attributeModifier = (AttributeModifier) this.mappedLdapAttributes.get(it2.next()).get();
                if (str != null && str.length() > 0) {
                    attributeModifier.store(str);
                } else if (attributeModifier.getNoValue() != null) {
                    attributeModifier.store(attributeModifier.getNoValue());
                }
            }
        }
        Map<String, List<String>> attributeResolverMapping = this.ldappc.getConfig().getAttributeResolverMapping();
        if (attributeResolverMapping.isEmpty()) {
            return;
        }
        try {
            BaseSAMLProfileRequestContext baseSAMLProfileRequestContext = new BaseSAMLProfileRequestContext();
            baseSAMLProfileRequestContext.setPrincipalName(group.getName());
            Map attributes = this.ldappc.getAttributeAuthority().getAttributes(baseSAMLProfileRequestContext);
            if (LOG.isDebugEnabled()) {
                for (String str3 : attributes.keySet()) {
                    Iterator it3 = ((BaseAttribute) attributes.get(str3)).getValues().iterator();
                    while (it3.hasNext()) {
                        LOG.trace("resolver returned '{}' : {}", str3, PSPUtil.getString(it3.next()));
                    }
                }
            }
            for (String str4 : attributeResolverMapping.keySet()) {
                BaseAttribute baseAttribute = (BaseAttribute) attributes.get(str4);
                if (baseAttribute == null) {
                    LOG.trace("No attribute was returned from the resolver for '{}'", str4);
                } else {
                    Collection values = baseAttribute.getValues();
                    ArrayList arrayList = new ArrayList();
                    for (Object obj : values) {
                        if (obj != null && (obj instanceof String) && ((String) obj).length() > 0) {
                            arrayList.add(obj.toString());
                        }
                    }
                    Iterator<String> it4 = attributeResolverMapping.get(str4).iterator();
                    while (it4.hasNext()) {
                        AttributeModifier attributeModifier2 = (AttributeModifier) this.mappedLdapAttributes.get(it4.next()).get();
                        if (!arrayList.isEmpty() || attributeModifier2.getNoValue() == null) {
                            Iterator it5 = arrayList.iterator();
                            while (it5.hasNext()) {
                                attributeModifier2.store((String) it5.next());
                            }
                        } else {
                            attributeModifier2.store(attributeModifier2.getNoValue());
                        }
                    }
                }
            }
        } catch (AttributeRequestException e5) {
            LOG.error("Unable to resolve attributes : " + e5.getMessage(), e5);
            throw new LdappcException("Unable to resolve attributes", e5);
        }
    }

    protected void storeObjectClassData() throws NamingException {
        String groupMembersNameListObjectClass;
        String groupMembersDnListObjectClass;
        this.objectClassMods.store(this.ldappc.getConfig().getGroupDnObjectClass());
        if (this.memberDnMods != null && (groupMembersDnListObjectClass = this.ldappc.getConfig().getGroupMembersDnListObjectClass()) != null) {
            this.objectClassMods.store(groupMembersDnListObjectClass);
        }
        if (this.memberNameMods != null && (groupMembersNameListObjectClass = this.ldappc.getConfig().getGroupMembersNameListObjectClass()) != null) {
            this.objectClassMods.store(groupMembersNameListObjectClass);
        }
        Set<String> groupAttributeMappingObjectClass = this.ldappc.getConfig().getGroupAttributeMappingObjectClass();
        if (groupAttributeMappingObjectClass != null) {
            Iterator<String> it = groupAttributeMappingObjectClass.iterator();
            while (it.hasNext()) {
                this.objectClassMods.store(it.next());
            }
        }
        Set<String> attributeResolverMappingObjectClass = this.ldappc.getConfig().getAttributeResolverMappingObjectClass();
        if (attributeResolverMappingObjectClass != null) {
            Iterator<String> it2 = attributeResolverMappingObjectClass.iterator();
            while (it2.hasNext()) {
                this.objectClassMods.store(it2.next());
            }
        }
    }

    protected void addGroupEntry(Name name, Group group, Set<Group> set) throws NamingException {
        storeGroupData(group, set);
        Vector vector = new Vector();
        vector.add(this.objectClassMods);
        vector.add(this.rdnMods);
        NamingEnumeration all = this.mappedLdapAttributes.getAll();
        while (all.hasMore()) {
            vector.add((AttributeModifier) ((Attribute) all.next()).get());
        }
        Vector vector2 = new Vector();
        if (this.memberDnMods != null) {
            if (this.memberDnMods.getAdditions().size() == 0 && this.memberDnMods.getNoValue() != null) {
                this.memberDnMods.store(this.memberDnMods.getNoValue());
            }
            vector2.add(this.memberDnMods);
        } else if (this.ldappc.getConfig().isGroupMembersDnListed() && this.ldappc.getConfig().getGroupMembersDnListEmptyValue() != null) {
            DnAttributeModifier dnAttributeModifier = new DnAttributeModifier(this.ldappc.getConfig().getGroupMembersDnListAttribute(), this.ldappc.getConfig().getGroupMembersDnListEmptyValue());
            dnAttributeModifier.store(dnAttributeModifier.getNoValue());
            vector2.add(dnAttributeModifier);
        }
        if (this.memberNameMods != null) {
            if (this.memberNameMods.getAdditions().size() == 0 && this.memberNameMods.getNoValue() != null) {
                this.memberNameMods.store(this.memberNameMods.getNoValue());
            }
            vector2.add(this.memberNameMods);
        } else if (this.ldappc.getConfig().isGroupMembersNameListed() && this.ldappc.getConfig().getGroupMembersNameListEmptyValue() != null) {
            AttributeModifier attributeModifier = new AttributeModifier(this.ldappc.getConfig().getGroupMembersNameListAttribute(), this.ldappc.getConfig().getGroupMembersNameListEmptyValue());
            attributeModifier.store(attributeModifier.getNoValue());
            vector2.add(attributeModifier);
        }
        BasicAttributes basicAttributes = new BasicAttributes(true);
        Iterator it = vector.iterator();
        while (it.hasNext()) {
            Attribute additions = ((AttributeModifier) it.next()).getAdditions();
            if (additions.size() > 0) {
                Attribute attribute = basicAttributes.get(additions.getID());
                if (attribute == null) {
                    basicAttributes.put(additions);
                } else {
                    NamingEnumeration all2 = additions.getAll();
                    while (all2.hasMoreElements()) {
                        attribute.add(all2.next());
                    }
                }
            }
        }
        if (!this.ldappc.getConfig().getCreateGroupThenModifyMembers()) {
            Iterator it2 = vector2.iterator();
            while (it2.hasNext()) {
                Attribute additions2 = ((AttributeModifier) it2.next()).getAdditions();
                if (additions2.size() > 0) {
                    basicAttributes.put(additions2);
                }
            }
        }
        if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.DRYRUN)) {
            LdapUtil.writeLdif(this.ldappc.getWriter(), LdapUtil.getLdifAdd(new LdapDN(name), basicAttributes));
        }
        if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.PROVISION)) {
            String str = "Creating '" + name + "' attrs " + basicAttributes;
            if (this.ldappc.getOptions().getLogLdif()) {
                str = str + "\n\n" + LdapUtil.getLdifAdd(new LdapDN(name), basicAttributes);
            }
            LOG.info(str);
            this.ldappc.getContext().create(LdapUtil.escapeForwardSlash(name.toString()), basicAttributes);
        }
        if (this.ldappc.getConfig().getCreateGroupThenModifyMembers()) {
            Vector vector3 = new Vector();
            Iterator it3 = vector2.iterator();
            while (it3.hasNext()) {
                for (ModificationItem modificationItem : ((AttributeModifier) it3.next()).getModifications()) {
                    vector3.add(modificationItem);
                }
            }
            if (vector3.isEmpty()) {
                return;
            }
            if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.DRYRUN)) {
                LdapUtil.writeLdif(this.ldappc.getWriter(), LdapUtil.getLdifModify(new LdapDN(name), (ModificationItem[]) vector3.toArray(new ModificationItem[0])));
            }
            if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.PROVISION)) {
                String str2 = "Modify '" + name + "' " + vector3;
                if (this.ldappc.getOptions().getLogLdif()) {
                    str2 = str2 + "\n\n" + LdapUtil.getLdifModify(new LdapDN(name), (ModificationItem[]) vector3.toArray(new ModificationItem[0]));
                }
                LOG.info(str2);
                this.ldappc.getContext().modifyAttributes(LdapUtil.escapeForwardSlash(name.toString()), (ModificationItem[]) vector3.toArray(new ModificationItem[0]));
            }
        }
    }

    protected Name buildGroupDn(Group group) throws NamingException, LdappcException {
        if (LdappcConfig.GroupDNStructure.bushy.equals(this.ldappc.getConfig().getGroupDnStructure())) {
            buildStemOuEntries(group);
        }
        Name calculateGroupDn = this.ldappc.calculateGroupDn(group);
        this.rdnMods.store(new Rdn(calculateGroupDn.get(calculateGroupDn.size() - 1)).getValue().toString());
        return calculateGroupDn;
    }

    protected void buildStemOuEntries(Group group) throws NamingException {
        for (Name name : this.ldappc.calculateStemDns(group)) {
            if (!this.processedOus.contains(name) && !this.deleteOus.contains(name)) {
                BasicAttributes calculateStemAttributes = this.ldappc.calculateStemAttributes(name);
                if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.DRYRUN)) {
                    LdapUtil.writeLdif(this.ldappc.getWriter(), LdapUtil.getLdifAdd(new LdapDN(name), calculateStemAttributes));
                }
                if (this.ldappc.getOptions().getMode().equals(LdappcOptions.ProvisioningMode.PROVISION)) {
                    String str = "Creating '" + name + "' attrs " + calculateStemAttributes;
                    if (this.ldappc.getOptions().getLogLdif()) {
                        str = str + "\n\n" + LdapUtil.getLdifAdd(new LdapDN(name), calculateStemAttributes);
                    }
                    LOG.info(str);
                    this.ldappc.getContext().create(LdapUtil.escapeForwardSlash(name.toString()), calculateStemAttributes);
                }
                this.deleteOus.add((Name) name.clone());
            }
        }
    }

    protected void updateProcessedOus(Name name) {
        for (int size = this.ldappc.getRootDn().size() + 1; size < name.size(); size++) {
            Name prefix = name.getPrefix(size);
            this.deleteOus.remove(prefix);
            this.processedOus.add(prefix);
        }
    }

    protected void initialize() throws NamingException, LdappcException {
        this.processedOus.clear();
        this.deleteOus.clear();
        this.processedGroups.clear();
        this.deleteGroups.clear();
        clearRoot();
        populate();
    }

    protected void clearRoot() throws NamingException {
        String str = "(objectClass=" + this.ldappc.getConfig().getGroupDnObjectClass() + ")";
        if (LdappcConfig.GroupDNStructure.bushy.equals(this.ldappc.getConfig().getGroupDnStructure())) {
            str = "(|" + str + "(" + LdapUtil.OBJECT_CLASS_ATTRIBUTE + "=" + OrganizationalUnit.OBJECT_CLASS + "))";
        }
        String str2 = "(!" + str + ")";
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(0L);
        LOG.debug("search base '" + this.ldappc.getRootDn() + "' filter '" + str2 + "'");
        Iterator search = this.ldappc.getContext().search(LdapUtil.escapeForwardSlash(this.ldappc.getRootDn().toString()), new SearchFilter(str2), searchControls);
        while (search.hasNext()) {
            SearchResult searchResult = (SearchResult) search.next();
            if (searchResult.isRelative()) {
                String name = searchResult.getName();
                if (name.length() != 0) {
                    LdapName ldapName = new LdapName(name);
                    if (!this.ldappc.getRootDn().equals(ldapName)) {
                        try {
                            this.ldappc.getContext().list(LdapUtil.escapeForwardSlash(ldapName.toString()));
                            try {
                                LdapUtil.delete(this.ldappc, ldapName);
                            } catch (Exception e) {
                                LOG.warn("Unable to delete " + ldapName, e);
                            }
                        } catch (NamingException e2) {
                        }
                    }
                }
            } else {
                LOG.error("Unable to handle LDAP URL references: {}", searchResult.getName());
            }
        }
    }

    protected void populate() throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(0L);
        searchControls.setReturningAttributes(new String[0]);
        populateDns(this.deleteGroups, "(objectClass=" + this.ldappc.getConfig().getGroupDnObjectClass() + ")", searchControls);
        LOG.debug("found " + this.deleteGroups.size() + " groups");
        if (LdappcConfig.GroupDNStructure.bushy.equals(this.ldappc.getConfig().getGroupDnStructure())) {
            populateDns(this.deleteOus, "(objectClass=organizationalUnit)", searchControls);
            LOG.debug("found " + this.deleteOus.size() + " ous");
        }
    }

    protected void populateDns(Set<Name> set, String str, SearchControls searchControls) throws NamingException {
        LOG.debug("search base '{}' filter '{}'", this.ldappc.getRootDn(), str);
        Iterator search = this.ldappc.getContext().search(LdapUtil.escapeForwardSlash(this.ldappc.getRootDn().toString()), new SearchFilter(str), searchControls);
        while (search.hasNext()) {
            SearchResult searchResult = (SearchResult) search.next();
            if (searchResult.isRelative()) {
                String name = searchResult.getName();
                if (name.length() != 0) {
                    LdapName ldapName = new LdapName(name);
                    if (!this.ldappc.getRootDn().equals(ldapName)) {
                        set.add(ldapName);
                    }
                }
            } else {
                LOG.error("Unable to handle LDAP URL references: {}", searchResult.getName());
            }
        }
    }

    protected void initializeInclude(Group group) throws NamingException {
        this.objectClassMods.clear();
        this.rdnMods.clear();
        if (this.memberDnMods != null) {
            this.memberDnMods.clear();
        }
        if (this.memberNameMods != null) {
            this.memberNameMods.clear();
        }
        NamingEnumeration all = this.mappedLdapAttributes.getAll();
        while (all.hasMore()) {
            ((AttributeModifier) ((Attribute) all.next()).get()).clear();
        }
    }

    protected void commit() throws NamingException, LdappcException {
        Iterator<Name> it = this.deleteGroups.iterator();
        while (it.hasNext()) {
            LdapUtil.delete(this.ldappc, it.next());
        }
        for (Name name : this.deleteOus) {
            try {
                this.ldappc.getContext().list(LdapUtil.escapeForwardSlash(name.toString()));
                LdapUtil.delete(this.ldappc, name);
            } catch (NamingException e) {
            }
        }
    }

    protected String getErrorData(Subject subject) {
        return "SUBJECT[" + this.ldappc.getSubjectCache().getSubjectData(subject) + "]";
    }

    protected String getErrorData(Group group) {
        return "GROUP[" + Ldappc.getGroupData(group) + "]";
    }

    protected String getErrorData(Member member) {
        return "MEMBER[" + Ldappc.getMemberData(member) + "]";
    }
}
