package org.exoplatform.services.organization.ldap;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SchemaViolationException;
import javax.naming.ldap.BasicControl;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import org.exoplatform.commons.utils.LazyPageList;
import org.exoplatform.commons.utils.ListAccess;
import org.exoplatform.commons.utils.SecurityHelper;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.ldap.ObjectClassAttribute;
import org.exoplatform.services.organization.CacheHandler;
import org.exoplatform.services.organization.DisabledUserException;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.Query;
import org.exoplatform.services.organization.User;
import org.exoplatform.services.organization.UserEventListener;
import org.exoplatform.services.organization.UserEventListenerHandler;
import org.exoplatform.services.organization.UserHandler;
import org.exoplatform.services.organization.impl.UserImpl;
import org.exoplatform.services.security.PermissionConstants;

/* loaded from: input_file:org/exoplatform/services/organization/ldap/UserDAOImpl.class */
public class UserDAOImpl extends BaseDAO implements UserHandler, UserEventListenerHandler {
    static final int UF_ACCOUNTDISABLE = 2;
    private final List<UserEventListener> listeners;
    private final OrganizationService os;

    public UserDAOImpl(LDAPAttributeMapping lDAPAttributeMapping, LDAPService lDAPService, CacheHandler cacheHandler, OrganizationService organizationService) throws Exception {
        super(lDAPAttributeMapping, lDAPService, cacheHandler);
        this.listeners = new ArrayList(5);
        if (lDAPAttributeMapping.userAccountControlAttr == null || lDAPAttributeMapping.userAccountControlAttr.isEmpty()) {
            setDefaultUserAccountControlAttr(lDAPAttributeMapping);
        }
        if (lDAPAttributeMapping.userAccountControlFilter == null || lDAPAttributeMapping.userAccountControlFilter.isEmpty()) {
            setDefaultUserAccountControlFilter(lDAPAttributeMapping);
        }
        this.os = organizationService;
    }

    public void addUserEventListener(UserEventListener userEventListener) {
        SecurityHelper.validateSecurityPermission(PermissionConstants.MANAGE_LISTENERS);
        this.listeners.add(userEventListener);
    }

    public void removeUserEventListener(UserEventListener userEventListener) {
        SecurityHelper.validateSecurityPermission(PermissionConstants.MANAGE_LISTENERS);
        this.listeners.remove(userEventListener);
    }

    public User createUserInstance() {
        return new UserImpl();
    }

    public User createUserInstance(String str) {
        return new UserImpl(str);
    }

    public void createUser(User user, boolean z) throws Exception {
        String str = this.ldapAttrMapping.userDNKey + "=" + getDNKeyValue(user) + "," + this.ldapAttrMapping.userURL;
        Attributes userToAttributes = this.ldapAttrMapping.userToAttributes(user);
        LdapContext ldapContext = this.ldapService.getLdapContext();
        int i = 0;
        while (true) {
            if (z) {
                try {
                    preSave(user, true);
                } catch (NamingException e) {
                    try {
                        ldapContext = reloadCtx(ldapContext, i, e);
                        i++;
                    } finally {
                        this.ldapService.release(ldapContext);
                    }
                }
            }
            ldapContext.createSubcontext(str, userToAttributes).close();
            if (z) {
                postSave(user, true);
            }
            this.cacheHandler.put(user.getUserName(), user, CacheHandler.CacheType.USER);
            return;
        }
    }

    public void saveUser(User user, boolean z) throws Exception {
        if (user != null && !user.isEnabled()) {
            throw new DisabledUserException(user.getUserName());
        }
        LdapContext ldapContext = this.ldapService.getLdapContext();
        int i = 0;
        while (true) {
            try {
                try {
                    String dNFromUsername = getDNFromUsername(ldapContext, user.getUserName());
                    if (dNFromUsername == null) {
                        this.ldapService.release(ldapContext);
                        return;
                    }
                    User userFromUsername = getUserFromUsername(ldapContext, user.getUserName());
                    ModificationItem[] createUserModification = createUserModification(user, userFromUsername);
                    if (z) {
                        preSave(user, false);
                    }
                    ldapContext.modifyAttributes(dNFromUsername, createUserModification);
                    if (z) {
                        postSave(user, false);
                    }
                    this.cacheHandler.put(user.getUserName(), user, CacheHandler.CacheType.USER);
                    if (userFromUsername == null || user.getPassword().equals(userFromUsername.getPassword())) {
                        return;
                    }
                    saveUserPassword(user, dNFromUsername);
                    return;
                } catch (NamingException e) {
                    ldapContext = reloadCtx(ldapContext, i, e);
                    i++;
                }
            } finally {
                this.ldapService.release(ldapContext);
            }
        }
    }

    protected void saveUserPassword(User user, String str) throws Exception {
        ModificationItem[] modificationItemArr = {new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userPassword, user.getPassword()))};
        LdapContext ldapContext = this.ldapService.getLdapContext();
        int i = 0;
        while (true) {
            try {
                try {
                    ldapContext.modifyAttributes(str, modificationItemArr);
                    return;
                } catch (NamingException e) {
                    ldapContext = reloadCtx(ldapContext, i, e);
                    i++;
                }
            } finally {
                this.ldapService.release(ldapContext);
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x00a1, code lost:
    
        r6.ldapService.release(r9);
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x00ac, code lost:
    
        return r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.exoplatform.services.organization.User removeUser(java.lang.String r7, boolean r8) throws java.lang.Exception {
        /*
            r6 = this;
            r0 = r6
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            javax.naming.ldap.LdapContext r0 = r0.getLdapContext()
            r9 = r0
            r0 = 0
            r10 = r0
        Ld:
            r0 = r6
            r1 = r9
            r2 = r7
            org.exoplatform.services.organization.User r0 = r0.getUserFromUsername(r1, r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r11 = r0
            r0 = r11
            if (r0 != 0) goto L2a
            r0 = 0
            r12 = r0
            r0 = r6
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r12
            return r0
        L2a:
            r0 = r6
            r1 = r9
            r2 = r7
            java.lang.String r0 = r0.getDNFromUsername(r1, r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r12 = r0
            r0 = r8
            if (r0 == 0) goto L3c
            r0 = r6
            r1 = r11
            r0.preDelete(r1)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
        L3c:
            r0 = r9
            r1 = r12
            r0.destroySubcontext(r1)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0 = r6
            org.exoplatform.services.organization.OrganizationService r0 = r0.os     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            org.exoplatform.services.organization.UserProfileHandler r0 = r0.getUserProfileHandler()     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r1 = r7
            r2 = 0
            org.exoplatform.services.organization.UserProfile r0 = r0.removeUserProfile(r1, r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0 = r6
            org.exoplatform.services.organization.OrganizationService r0 = r0.os     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            org.exoplatform.services.organization.MembershipHandler r0 = r0.getMembershipHandler()     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            org.exoplatform.services.organization.ldap.MembershipDAOImpl r0 = (org.exoplatform.services.organization.ldap.MembershipDAOImpl) r0     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r1 = r9
            r2 = r7
            r3 = r12
            r4 = 0
            java.util.Collection r0 = r0.removeMembershipByUserDN(r1, r2, r3, r4)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0 = r6
            org.exoplatform.services.organization.CacheHandler r0 = r0.cacheHandler     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r1 = r7
            org.exoplatform.services.organization.CacheHandler$CacheType r2 = org.exoplatform.services.organization.CacheHandler.CacheType.USER     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0.remove(r1, r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0 = r6
            org.exoplatform.services.organization.CacheHandler r0 = r0.cacheHandler     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r2 = r1
            r2.<init>()     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            java.lang.String r2 = "u="
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r2 = r7
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            java.lang.String r1 = r1.toString()     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            org.exoplatform.services.organization.CacheHandler$CacheType r2 = org.exoplatform.services.organization.CacheHandler.CacheType.MEMBERSHIP     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0.remove(r1, r2)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
            r0 = r8
            if (r0 == 0) goto L9c
            r0 = r6
            r1 = r11
            r0.postDelete(r1)     // Catch: javax.naming.NamingException -> Lad java.lang.Throwable -> Lbf
        L9c:
            r0 = r11
            r13 = r0
            r0 = r6
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r13
            return r0
        Lad:
            r11 = move-exception
            r0 = r6
            r1 = r9
            r2 = r10
            r3 = r11
            javax.naming.ldap.LdapContext r0 = r0.reloadCtx(r1, r2, r3)     // Catch: java.lang.Throwable -> Lbf
            r9 = r0
            int r10 = r10 + 1
            goto Ld
        Lbf:
            r14 = move-exception
            r0 = r6
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r14
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.exoplatform.services.organization.ldap.UserDAOImpl.removeUser(java.lang.String, boolean):org.exoplatform.services.organization.User");
    }

    public User findUserByName(String str) throws Exception {
        return findUserByName(str, true);
    }

    /* renamed from: findUsersByGroup, reason: merged with bridge method [inline-methods] */
    public LazyPageList<User> m13findUsersByGroup(String str) throws Exception {
        return new LazyPageList<>(findUsersByGroupId(str), 10);
    }

    public ListAccess<User> findUsersByGroupId(String str) throws Exception {
        return findUsersByGroupId(str, true);
    }

    /* renamed from: getUserPageList, reason: merged with bridge method [inline-methods] */
    public LazyPageList<User> m12getUserPageList(int i) throws Exception {
        return new LazyPageList<>(findAllUsers(), 10);
    }

    public ListAccess<User> findAllUsers() throws Exception {
        return findAllUsers(true);
    }

    /* renamed from: findUsers, reason: merged with bridge method [inline-methods] */
    public LazyPageList<User> m11findUsers(Query query) throws Exception {
        return new LazyPageList<>(findUsersByQuery(query), 10);
    }

    public ListAccess<User> findUsersByQuery(Query query) throws Exception {
        return findUsersByQuery(query, true);
    }

    private String addAsterisks(String str) {
        StringBuffer stringBuffer = new StringBuffer(str);
        if (!str.startsWith("*")) {
            stringBuffer.insert(0, "*");
        }
        if (!str.endsWith("*")) {
            stringBuffer.append("*");
        }
        return stringBuffer.toString();
    }

    public boolean authenticate(String str, String str2) throws Exception {
        String dNFromUsername = getDNFromUsername(str, true);
        if (dNFromUsername == null) {
            return false;
        }
        try {
            return this.ldapService.authenticate(dNFromUsername, str2);
        } catch (NamingException e) {
            return false;
        }
    }

    private String getDNKeyValue(User user) {
        String userName = user.getUserName();
        if (!this.ldapAttrMapping.userDNKey.equals(this.ldapAttrMapping.userUsernameAttr)) {
            if (this.ldapAttrMapping.userDNKey.equals(this.ldapAttrMapping.userLastNameAttr)) {
                userName = user.getLastName();
            } else if (this.ldapAttrMapping.userDNKey.equals(this.ldapAttrMapping.userFirstNameAttr)) {
                userName = user.getFirstName();
            } else if (this.ldapAttrMapping.userDNKey.equals(this.ldapAttrMapping.userMailAttr)) {
                userName = user.getEmail();
            } else if (this.ldapAttrMapping.userDNKey.equals(this.ldapAttrMapping.userDisplayNameAttr)) {
                userName = user.getFullName();
            }
        }
        return userName;
    }

    private ModificationItem[] createUserModification(User user, User user2) {
        ArrayList arrayList = new ArrayList();
        if (!user.getFullName().equals(user2.getFullName())) {
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userDisplayNameAttr, user.getFullName())));
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.ldapDescriptionAttr, user.getFullName())));
        }
        if (!user.getUserName().equals(user2.getUserName())) {
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userUsernameAttr, user.getUserName())));
        }
        if (!user.getLastName().equals(user2.getLastName())) {
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userLastNameAttr, user.getLastName())));
        }
        if (!user.getFirstName().equals(user2.getFirstName())) {
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userFirstNameAttr, user.getFirstName())));
        }
        if (!user.getEmail().equals(user2.getEmail())) {
            arrayList.add(new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userMailAttr, user.getEmail())));
        }
        return (ModificationItem[]) arrayList.toArray(new ModificationItem[arrayList.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void preSave(User user, boolean z) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().preSave(user, z);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void postSave(User user, boolean z) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().postSave(user, z);
        }
    }

    protected void preDelete(User user) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().preDelete(user);
        }
    }

    protected void postDelete(User user) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().postDelete(user);
        }
    }

    protected void preSetEnabled(User user) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().preSetEnabled(user);
        }
    }

    protected void postSetEnabled(User user) throws Exception {
        Iterator<UserEventListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().postSetEnabled(user);
        }
    }

    public List<UserEventListener> getUserListeners() {
        return Collections.unmodifiableList(this.listeners);
    }

    /* JADX WARN: Finally extract failed */
    public User setEnabled(String str, boolean z, boolean z2) throws Exception {
        LDAPUserImpl userFromUsername;
        if (!this.ldapAttrMapping.hasUserAccountControl()) {
            throw new UnsupportedOperationException();
        }
        LdapContext ldapContext = this.ldapService.getLdapContext();
        int i = 0;
        while (true) {
            try {
                try {
                    userFromUsername = getUserFromUsername(ldapContext, str);
                    break;
                } finally {
                    this.ldapService.release(ldapContext);
                }
            } catch (NamingException e) {
                ldapContext = reloadCtx(ldapContext, i, e);
                i++;
            }
        }
        if (userFromUsername == null || userFromUsername.isEnabled() == z) {
            return userFromUsername;
        }
        String dNFromUsername = getDNFromUsername(ldapContext, str);
        if (dNFromUsername == null) {
            this.ldapService.release(ldapContext);
            return userFromUsername;
        }
        ModificationItem[] createSetEnabledModification = createSetEnabledModification(userFromUsername.getUserAccountControl(), z);
        userFromUsername.setEnabled(Boolean.valueOf(z));
        if (z2) {
            preSetEnabled(userFromUsername);
        }
        try {
            ldapContext.modifyAttributes(dNFromUsername, createSetEnabledModification);
        } catch (SchemaViolationException e2) {
            ModificationItem[] modificationItemArr = new ModificationItem[createSetEnabledModification.length + 1];
            modificationItemArr[0] = new ModificationItem(UF_ACCOUNTDISABLE, new ObjectClassAttribute(LDAPAttributeMapping.USER_LDAP_CLASSES));
            System.arraycopy(createSetEnabledModification, 0, modificationItemArr, 1, createSetEnabledModification.length);
            ldapContext.setRequestControls(new Control[]{new BasicControl("1.3.6.1.4.1.4203.666.5.12")});
            try {
                ldapContext.modifyAttributes(dNFromUsername, modificationItemArr);
                ldapContext.setRequestControls((Control[]) null);
            } catch (Throwable th) {
                ldapContext.setRequestControls((Control[]) null);
                throw th;
            }
        }
        if (z2) {
            postSetEnabled(userFromUsername);
        }
        this.cacheHandler.put(userFromUsername.getUserName(), userFromUsername, CacheHandler.CacheType.USER);
        this.ldapService.release(ldapContext);
        return userFromUsername;
    }

    protected ModificationItem[] createSetEnabledModification(int i, boolean z) {
        ModificationItem[] modificationItemArr = new ModificationItem[1];
        modificationItemArr[0] = new ModificationItem(UF_ACCOUNTDISABLE, new BasicAttribute(this.ldapAttrMapping.userAccountControlAttr, Integer.toString(z ? 0 : UF_ACCOUNTDISABLE)));
        return modificationItemArr;
    }

    /* JADX WARN: Code restructure failed: missing block: B:22:0x005e, code lost:
    
        r0 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0072, code lost:
    
        return r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.exoplatform.services.organization.User findUserByName(java.lang.String r6, boolean r7) throws java.lang.Exception {
        /*
            r5 = this;
            r0 = r5
            org.exoplatform.services.organization.CacheHandler r0 = r0.cacheHandler
            r1 = r6
            org.exoplatform.services.organization.CacheHandler$CacheType r2 = org.exoplatform.services.organization.CacheHandler.CacheType.USER
            java.lang.Object r0 = r0.get(r1, r2)
            org.exoplatform.services.organization.User r0 = (org.exoplatform.services.organization.User) r0
            r8 = r0
            r0 = r8
            if (r0 == 0) goto L26
            r0 = r7
            if (r0 == 0) goto L20
            r0 = r8
            boolean r0 = r0.isEnabled()
            if (r0 == 0) goto L24
        L20:
            r0 = r8
            goto L25
        L24:
            r0 = 0
        L25:
            return r0
        L26:
            r0 = r5
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            javax.naming.ldap.LdapContext r0 = r0.getLdapContext()
            r9 = r0
            r0 = 0
            r10 = r0
        L34:
            r0 = r5
            r1 = r9
            r2 = r6
            org.exoplatform.services.organization.User r0 = r0.getUserFromUsername(r1, r2)     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            r8 = r0
            r0 = r8
            if (r0 == 0) goto L73
            r0 = r5
            org.exoplatform.services.organization.CacheHandler r0 = r0.cacheHandler     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            r1 = r8
            java.lang.String r1 = r1.getUserName()     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            r2 = r8
            org.exoplatform.services.organization.CacheHandler$CacheType r3 = org.exoplatform.services.organization.CacheHandler.CacheType.USER     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            r0.put(r1, r2, r3)     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            r0 = r7
            if (r0 == 0) goto L5e
            r0 = r8
            boolean r0 = r0.isEnabled()     // Catch: javax.naming.NamingException -> L84 java.lang.Throwable -> L98
            if (r0 == 0) goto L62
        L5e:
            r0 = r8
            goto L63
        L62:
            r0 = 0
        L63:
            r11 = r0
            r0 = r5
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r11
            return r0
        L73:
            r0 = r8
            r11 = r0
            r0 = r5
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r11
            return r0
        L84:
            r11 = move-exception
            r0 = r5
            r1 = r9
            r2 = r10
            r3 = r11
            javax.naming.ldap.LdapContext r0 = r0.reloadCtx(r1, r2, r3)     // Catch: java.lang.Throwable -> L98
            r9 = r0
            int r10 = r10 + 1
            goto L34
        L98:
            r12 = move-exception
            r0 = r5
            org.exoplatform.services.ldap.LDAPService r0 = r0.ldapService
            r1 = r9
            r0.release(r1)
            r0 = r12
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.exoplatform.services.organization.ldap.UserDAOImpl.findUserByName(java.lang.String, boolean):org.exoplatform.services.organization.User");
    }

    public ListAccess<User> findUsersByGroupId(String str, boolean z) throws Exception {
        return new ByGroupLdapUserListAccess(this.ldapAttrMapping, this.ldapService, getGroupDNFromGroupId(str), this.ldapAttrMapping.membershipObjectClassFilter, z);
    }

    public ListAccess<User> findAllUsers(boolean z) throws Exception {
        String str;
        String str2 = this.ldapAttrMapping.userURL;
        if (z && this.ldapAttrMapping.hasUserAccountControl()) {
            str = "(&(" + this.ldapAttrMapping.userObjectClassFilter + ")(" + this.ldapAttrMapping.userAccountControlFilter + "))";
        } else {
            str = this.ldapAttrMapping.userObjectClassFilter;
        }
        return new SimpleLdapUserListAccess(this.ldapAttrMapping, this.ldapService, str2, str);
    }

    public ListAccess<User> findUsersByQuery(Query query, boolean z) throws Exception {
        String str;
        ArrayList arrayList = new ArrayList();
        if (query.getUserName() != null && query.getUserName().length() > 0) {
            arrayList.add("(" + this.ldapAttrMapping.userUsernameAttr + "=" + addAsterisks(query.getUserName()) + ")");
        }
        if (query.getFirstName() != null && query.getFirstName().length() > 0) {
            arrayList.add("(" + this.ldapAttrMapping.userFirstNameAttr + "=" + query.getFirstName() + ")");
        }
        if (query.getLastName() != null && query.getLastName().length() > 0) {
            arrayList.add("(" + this.ldapAttrMapping.userLastNameAttr + "=" + query.getLastName() + ")");
        }
        if (query.getEmail() != null && query.getEmail().length() > 0) {
            arrayList.add("(" + this.ldapAttrMapping.userMailAttr + "=" + query.getEmail() + ")");
        }
        if (z && this.ldapAttrMapping.hasUserAccountControl()) {
            arrayList.add("(" + this.ldapAttrMapping.userAccountControlFilter + ")");
        }
        if (arrayList.size() > 0) {
            StringBuilder sb = new StringBuilder();
            sb.append("(&");
            for (int i = 0; i < arrayList.size(); i++) {
                sb.append((String) arrayList.get(i));
            }
            sb.append("(" + this.ldapAttrMapping.userObjectClassFilter + "))");
            str = sb.toString();
        } else {
            str = "(" + this.ldapAttrMapping.userObjectClassFilter + ")";
        }
        return new SimpleLdapUserListAccess(this.ldapAttrMapping, this.ldapService, this.ldapAttrMapping.userURL, str);
    }

    protected void setDefaultUserAccountControlAttr(LDAPAttributeMapping lDAPAttributeMapping) {
        lDAPAttributeMapping.userAccountControlAttr = null;
    }

    protected void setDefaultUserAccountControlFilter(LDAPAttributeMapping lDAPAttributeMapping) {
        if (lDAPAttributeMapping.hasUserAccountControl()) {
            lDAPAttributeMapping.userAccountControlFilter = "!(" + lDAPAttributeMapping.userAccountControlAttr + "=" + UF_ACCOUNTDISABLE + ")";
        }
    }
}
