package com.evolveum.polygon.connector.ldap;

import com.evolveum.polygon.common.SchemaUtil;
import com.evolveum.polygon.connector.ldap.schema.AbstractSchemaTranslator;
import java.util.List;
import java.util.Map;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.schema.ObjectClass;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.SuggestedValues;
import org.identityconnectors.framework.common.objects.SuggestedValuesBuilder;
import org.identityconnectors.framework.spi.ConnectorClass;

@ConnectorClass(displayNameKey = "connector.ldap.display", configurationClass = LdapConfiguration.class)
/* loaded from: input_file:com/evolveum/polygon/connector/ldap/LdapConnector.class */
public class LdapConnector extends AbstractLdapConnector<LdapConfiguration> {
    private static final Log LOG = Log.getLog(LdapConnector.class);

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected AbstractSchemaTranslator<LdapConfiguration> createSchemaTranslator() {
        return new LdapSchemaTranslator(getSchemaManager(), m30getConfiguration());
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected ErrorHandler createErrorHandler() {
        return new ErrorHandler();
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected void addServerSpecificConfigurationSuggestions(Map<String, SuggestedValues> map) {
        if (isServerOpenLdap()) {
            addOpenLdapConfigurationSuggestions(map);
        }
        if (isServerOpenDj()) {
            addOpenDjConfigurationSuggestions(map);
        }
    }

    private boolean isServerOpenLdap() {
        return LdapUtil.anyValueContainsSubstring(getConnectionManager().getRootDseAttribute("objectClass"), "OpenLDAP");
    }

    private void addOpenLdapConfigurationSuggestions(Map<String, SuggestedValues> map) {
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_USE_PERMISSIVE_MODIFY, SuggestedValuesBuilder.build(new Object[]{"always"}));
        map.put(AbstractLdapConfiguration.PASSWORD_HASH_ALGORITHM_SSHA, SuggestedValuesBuilder.buildOpen(new Object[]{AbstractLdapConfiguration.PASSWORD_HASH_ALGORITHM_SSHA}));
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_VLV_SORT_ATTRIBUTE, SuggestedValuesBuilder.buildOpen(new Object[]{SchemaConstants.UID_AT}));
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_VLV_SORT_ORDERING_RULE, SuggestedValuesBuilder.buildOpen(new Object[]{SchemaConstants.CASE_IGNORE_ORDERING_MATCH_MR_OID}));
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_OPERATIONAL_ATTRIBUTES, SuggestedValuesBuilder.buildOpen(new Object[]{LdapConstants.ATTRIBUTE_MEMBER_OF_NAME, "createTimestamp", "modifyTimestamp"}));
        map.put(LdapConfiguration.CONF_PROP_NAME_LOCKOUT_STRATEGY, SuggestedValuesBuilder.build(new Object[]{LdapConfiguration.LOCKOUT_STRATEGY_OPENLDAP}));
    }

    private boolean isServerOpenDj() {
        return LdapUtil.anyValueContainsSubstring(getConnectionManager().getRootDseAttribute(SchemaConstants.VENDOR_VERSION_AT), "OpenDJ");
    }

    private void addOpenDjConfigurationSuggestions(Map<String, SuggestedValues> map) {
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_VLV_SORT_ATTRIBUTE, SuggestedValuesBuilder.buildOpen(new Object[]{SchemaConstants.UID_AT}));
        map.put(AbstractLdapConfiguration.CONF_PROP_NAME_OPERATIONAL_ATTRIBUTES, SuggestedValuesBuilder.buildOpen(new Object[]{LdapConstants.ATTRIBUTE_IS_MEMBER_OF_NAME, LdapConstants.ATTRIBUTE_OPENDJ_DS_PWP_ACCOUNT_DISABLED_NAME, "createTimestamp", "modifyTimestamp"}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void addAttributeModification(Dn dn, List<Modification> list, ObjectClass objectClass, org.identityconnectors.framework.common.objects.ObjectClass objectClass2, AttributeDelta attributeDelta) {
        if (attributeDelta.is(OperationalAttributes.LOCK_OUT_NAME) && m30getConfiguration().isOpenLdapLockoutStrategy()) {
            Boolean bool = (Boolean) SchemaUtil.getSingleReplaceValue(attributeDelta, Boolean.class);
            if (bool != null && bool.booleanValue()) {
                throw new UnsupportedOperationException("Locking object is not supported (only unlocking is)");
            }
            list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdAccountLockedTime"));
            return;
        }
        if (!attributeDelta.is(OperationalAttributes.ENABLE_NAME) || !m30getConfiguration().isOpenLdapLockoutStrategy()) {
            super.addAttributeModification(dn, list, objectClass, objectClass2, attributeDelta);
            return;
        }
        Boolean bool2 = (Boolean) SchemaUtil.getSingleReplaceValue(attributeDelta, Boolean.class);
        if (bool2 == null || bool2.booleanValue()) {
            list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdAccountLockedTime"));
        } else {
            list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "pwdAccountLockedTime", LdapConstants.ATTRIBUTE_OPENLDAP_PWD_ACCOUNT_LOCKED_TIME_VALUE));
        }
    }
}
