package com.zimbra.cs.account.ldap.custom;

import com.zimbra.common.localconfig.KnownKey;
import com.zimbra.common.localconfig.LC;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.StringUtil;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.ZAttrProvisioning;
import com.zimbra.cs.account.ldap.LdapDIT;
import com.zimbra.cs.account.ldap.LdapProvisioning;
import com.zimbra.cs.account.ldap.LdapUtil;
import com.zimbra.cs.account.ldap.SpecialAttrs;
import com.zimbra.cs.mailbox.OperationContextData;
import com.zimbra.cs.service.FileUploadServlet;
import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;

/* loaded from: input_file:com/zimbra/cs/account/ldap/custom/CustomLdapDIT.class */
public class CustomLdapDIT extends LdapDIT {
    private final String DEFAULT_BASE_RDN_DOMAIN = "cn=domains";
    private String BASE_DN_DOMAIN;

    public CustomLdapDIT(LdapProvisioning ldapProvisioning) {
        super(ldapProvisioning);
        this.DEFAULT_BASE_RDN_DOMAIN = "cn=domains";
    }

    private String getLC(KnownKey knownKey, String str) {
        String value = knownKey.value();
        return StringUtil.isNullOrEmpty(value) ? str : value;
    }

    private String getLCAndValidateUnderConfigBranchDN(KnownKey knownKey, String str) {
        String lc = getLC(knownKey, str);
        if (!validateUnderDN(this.BASE_DN_CONFIG_BRANCH, lc)) {
            ZimbraLog.account.warn("dn " + lc + " must be under " + this.BASE_DN_CONFIG_BRANCH + ", localconfig value " + lc + " ignored, using default value " + str);
            lc = str;
        }
        return lc;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    protected void init() {
        this.BASE_DN_CONFIG_BRANCH = getLC(LC.ldap_dit_base_dn_config, "cn=zimbra");
        this.BASE_DN_MAIL_BRANCH = getLC(LC.ldap_dit_base_dn_mail, OperationContextData.GranteeNames.EMPTY_NAME).toLowerCase();
        this.BASE_RDN_ACCOUNT = OperationContextData.GranteeNames.EMPTY_NAME;
        this.NAMING_RDN_ATTR_USER = getLC(LC.ldap_dit_naming_rdn_attr_user, "uid");
        this.NAMING_RDN_ATTR_COS = getLC(LC.ldap_dit_naming_rdn_attr_cos, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_GLOBALCONFIG = getLC(LC.ldap_dit_naming_rdn_attr_globalconfig, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_GLOBALGRANT = getLC(LC.ldap_dit_naming_rdn_attr_globalgrant, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_MIME = getLC(LC.ldap_dit_naming_rdn_attr_mime, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_SERVER = getLC(LC.ldap_dit_naming_rdn_attr_server, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_XMPPCOMPONENT = getLC(LC.ldap_dit_naming_rdn_attr_xmppcomponent, ZAttrProvisioning.A_cn);
        this.NAMING_RDN_ATTR_ZIMLET = getLC(LC.ldap_dit_naming_rdn_attr_zimlet, ZAttrProvisioning.A_cn);
        this.DN_GLOBALCONFIG = this.NAMING_RDN_ATTR_GLOBALCONFIG + "=config" + FileUploadServlet.UPLOAD_DELIMITER + this.BASE_DN_CONFIG_BRANCH;
        this.DN_GLOBALGRANT = this.NAMING_RDN_ATTR_GLOBALGRANT + "=globalgrant" + FileUploadServlet.UPLOAD_DELIMITER + this.BASE_DN_CONFIG_BRANCH;
        this.BASE_DN_ADMIN = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_admin, "cn=admins," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_APPADMIN = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_appadmin, "cn=appaccts," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_COS = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_cos, "cn=cos," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_MIME = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_mime, "cn=mime," + this.DN_GLOBALCONFIG);
        this.BASE_DN_SERVER = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_server, "cn=servers," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_XMPPCOMPONENT = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_xmppcomponent, "cn=xmppcomponents," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_ZIMLET = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_zimlet, "cn=zimlets," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_DOMAIN = getLCAndValidateUnderConfigBranchDN(LC.ldap_dit_base_dn_domain, "cn=domains," + this.BASE_DN_CONFIG_BRANCH);
        this.BASE_DN_ZIMBRA = computeZimbraBaseDN();
    }

    private String computeZimbraBaseDN() {
        String[] split = this.BASE_DN_CONFIG_BRANCH.split(FileUploadServlet.UPLOAD_DELIMITER);
        String[] split2 = this.BASE_DN_MAIL_BRANCH.split(FileUploadServlet.UPLOAD_DELIMITER);
        int length = split.length - 1;
        int length2 = split.length < split2.length ? split.length : split2.length;
        String str = null;
        int i = 0;
        for (int length3 = split2.length - 1; i < length2 && split[length].equalsIgnoreCase(split2[length3]); length3--) {
            str = str == null ? split[length] : split[length] + FileUploadServlet.UPLOAD_DELIMITER + str;
            i++;
            length--;
        }
        return str;
    }

    private ServiceException UNSUPPORTED(String str) {
        return ServiceException.FAILURE(str + " unsupported in " + getClass().getCanonicalName(), (Throwable) null);
    }

    private boolean validateUnderDN(String str, String str2) {
        return isUnder(str, str2);
    }

    private void validateMailBranchEntryDN(String str) throws ServiceException {
        if (!validateUnderDN(this.BASE_DN_MAIL_BRANCH, str)) {
            throw ServiceException.INVALID_REQUEST("dn " + str + " must be under " + this.BASE_DN_MAIL_BRANCH, (Throwable) null);
        }
    }

    private String defaultDomain() throws ServiceException {
        String attr = this.mProv.getConfig().getAttr(ZAttrProvisioning.A_zimbraDefaultDomainName, (String) null);
        if (StringUtil.isNullOrEmpty(attr)) {
            throw UNSUPPORTED("default domain is empty");
        }
        return attr;
    }

    private String acctAndDLDNCreate(String str, Attributes attributes) throws ServiceException, NamingException {
        String str2 = this.NAMING_RDN_ATTR_USER;
        String attrString = LdapUtil.getAttrString(attributes, str2);
        if (attrString == null) {
            throw ServiceException.FAILURE("missing rdn attribute" + str2, (Throwable) null);
        }
        validateMailBranchEntryDN(str);
        return str2 + "=" + LdapUtil.escapeRDNValue(attrString) + FileUploadServlet.UPLOAD_DELIMITER + str;
    }

    public String emailToDN(String str, String str2) throws ServiceException {
        throw UNSUPPORTED("function emailToDN");
    }

    public String emailToDN(String str) throws ServiceException {
        throw UNSUPPORTED("function emailToDN");
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String accountDNCreate(String str, Attributes attributes, String str2, String str3) throws ServiceException, NamingException {
        if (str == null) {
            throw ServiceException.INVALID_REQUEST("base dn is required in DIT impl " + getClass().getCanonicalName(), (Throwable) null);
        }
        return acctAndDLDNCreate(str, attributes);
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String accountDNRename(String str, String str2, String str3) throws ServiceException, NamingException {
        return str;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String dnToEmail(String str, Attributes attributes) throws ServiceException {
        try {
            String attrString = LdapUtil.getAttrString(attributes, "uid");
            if (attrString != null) {
                return attrString + "@" + defaultDomain();
            }
            throw ServiceException.FAILURE("unable to map dn [" + str + "] to email", (Throwable) null);
        } catch (NamingException e) {
            throw ServiceException.FAILURE("unable to map dn [" + str + "] to email", e);
        }
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String filterAccountsByDomain(Domain domain, boolean z) {
        String str = "(zimbraMailDeliveryAddress=*@" + domain.getName() + ")";
        return z ? "(&(objectclass=zimbraAccount)" + str + ")" : str;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String aliasDN(String str, String str2, String str3, String str4) throws ServiceException {
        if (str == null || str2 == null) {
            throw UNSUPPORTED("alias DN without target dn or target domain");
        }
        String defaultDomain = defaultDomain();
        if (!str4.equals(defaultDomain)) {
            throw UNSUPPORTED("alias DN not in default domain(alias domain=" + str4 + ", default domain=" + defaultDomain + ")");
        }
        if (!str2.equals(str4)) {
            throw UNSUPPORTED("alias DN with different target domain and alias domain(alias domain=" + str4 + ", target domain=" + str2 + ")");
        }
        return this.NAMING_RDN_ATTR_USER + "=" + LdapUtil.escapeRDNValue(str3) + FileUploadServlet.UPLOAD_DELIMITER + LdapUtil.dnToRdnAndBaseDn(str)[1];
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String aliasDNRename(String str, String str2, String str3) throws ServiceException {
        if (str == null || str2 == null) {
            throw UNSUPPORTED("alias DN rename without target dn or target domain");
        }
        String defaultDomain = defaultDomain();
        if (str2.equals(defaultDomain)) {
            return str;
        }
        throw UNSUPPORTED("alias DN rename not in default domain(alias domain=" + str2 + ", default domain=" + defaultDomain + ")");
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String filterCalendarResourcesByDomain(Domain domain, boolean z) {
        String str = "(zimbraMailDeliveryAddress=*@" + domain.getName() + ")";
        return z ? "(&(objectclass=zimbraCalendarResource)" + str + ")" : str;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String distributionListDNCreate(String str, Attributes attributes, String str2, String str3) throws ServiceException, NamingException {
        if (str == null) {
            throw ServiceException.INVALID_REQUEST("base dn is required in DIT impl " + getClass().getCanonicalName(), (Throwable) null);
        }
        String defaultDomain = defaultDomain();
        if (str3.equals(defaultDomain)) {
            return acctAndDLDNCreate(str, attributes);
        }
        throw UNSUPPORTED("DL DN not in default domain(DL domain=" + str3 + ", default domain=" + defaultDomain + ")");
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String distributionListDNRename(String str, String str2, String str3) throws ServiceException, NamingException {
        return str;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String domainBaseDN() {
        return this.BASE_DN_DOMAIN;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String[] domainToDNs(String[] strArr) {
        return domainToDNsInternal(strArr, this.BASE_DN_DOMAIN);
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String domainToAccountSearchDN(String str) throws ServiceException {
        return this.BASE_DN_MAIL_BRANCH;
    }

    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public String domainDNToAccountSearchDN(String str) throws ServiceException {
        return this.BASE_DN_MAIL_BRANCH;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.zimbra.cs.account.ldap.LdapDIT
    public SpecialAttrs handleSpecialAttrs(Map<String, Object> map) throws ServiceException {
        if (SpecialAttrs.getSingleValuedAttr(map, SpecialAttrs.PA_ldapBase) == null) {
            throw ServiceException.INVALID_REQUEST("missing required attribute ldap.baseDN", (Throwable) null);
        }
        if (!this.NAMING_RDN_ATTR_USER.equals("uid") && SpecialAttrs.getSingleValuedAttr(map, this.NAMING_RDN_ATTR_USER) == null) {
            throw ServiceException.INVALID_REQUEST("missing required attribute " + this.NAMING_RDN_ATTR_USER, (Throwable) null);
        }
        SpecialAttrs specialAttrs = new SpecialAttrs();
        if (map != null) {
            specialAttrs.handleZimbraId(map);
            specialAttrs.handleLdapBaseDn(map);
        }
        return specialAttrs;
    }
}
