package weblogic.security.service;

import com.bea.common.security.service.RoleDeploymentService;
import com.bea.common.security.service.RoleMappingService;
import com.bea.security.css.CSS;
import com.oracle.weblogic.rcm.framework.spi.ManagedAccountingContext;
import java.security.AccessController;
import java.util.Map;
import weblogic.management.security.ProviderMBean;
import weblogic.security.SecurityLogger;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.internal.ApplicationVersioningService;
import weblogic.security.service.internal.RoleDeploymentService;
import weblogic.security.shared.LoggerWrapper;
import weblogic.security.spi.Resource;
import weblogic.security.utils.SecurityUtils;

/* loaded from: input_file:weblogic/security/service/RoleManagerImpl.class */
public class RoleManagerImpl implements SecurityService, RoleManager {
    private RealmServices realmServices = null;
    private ApplicationVersioningService appVerService = null;
    private RoleMappingService roleMappingService = null;
    private RoleDeploymentService roleDeploymentService = null;
    private boolean initialized;
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static LoggerWrapper log = LoggerWrapper.getInstance("SecurityRoleMap");

    /* loaded from: input_file:weblogic/security/service/RoleManagerImpl$HandlerAdaptor.class */
    private static class HandlerAdaptor implements RealmServicesCleanup, RoleDeploymentService.DeploymentHandler {
        private volatile RoleDeploymentService.DeploymentHandler cssHandler;

        public HandlerAdaptor(RoleDeploymentService.DeploymentHandler deploymentHandler) {
            this.cssHandler = deploymentHandler;
        }

        @Override // weblogic.security.service.RealmServicesCleanup
        public void cleanup() {
            this.cssHandler = null;
        }

        @Override // weblogic.security.service.internal.RoleDeploymentService.DeploymentHandler
        public void deployRole(Resource resource, String str, String[] strArr) throws RoleCreationException {
            RoleDeploymentService.DeploymentHandler deploymentHandler = this.cssHandler;
            if (deploymentHandler != null) {
                deploymentHandler.deployRole(resource, str, strArr);
            }
        }

        @Override // weblogic.security.service.internal.RoleDeploymentService.DeploymentHandler
        public void endDeployRoles() throws RoleCreationException {
            RoleDeploymentService.DeploymentHandler deploymentHandler = this.cssHandler;
            if (deploymentHandler != null) {
                deploymentHandler.endDeployRoles();
            }
        }

        @Override // weblogic.security.service.internal.RoleDeploymentService.DeploymentHandler
        public void undeployAllRoles() throws RoleRemovalException {
            RoleDeploymentService.DeploymentHandler deploymentHandler = this.cssHandler;
            if (deploymentHandler != null) {
                deploymentHandler.undeployAllRoles();
            }
        }
    }

    private void assertNotUsingCommon() {
        throw new AssertionError("This code should never be called when using common security");
    }

    public RoleManagerImpl() {
    }

    public RoleManagerImpl(RealmServices realmServices, ProviderMBean[] providerMBeanArr) {
        initialize(realmServices, providerMBeanArr);
    }

    public void initialize(RealmServices realmServices, ProviderMBean[] providerMBeanArr) {
        if (null == realmServices) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getValidRealmNameMustBeSpecifed());
        }
        this.realmServices = realmServices;
        if (providerMBeanArr == null || providerMBeanArr.length == 0) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getNoProviderMBeans());
        }
        if (log.isDebugEnabled()) {
            log.debug("RoleManager initializing for realm: " + realmServices.getRealmName());
        }
        if (log.isDebugEnabled()) {
            log.debug("RoleManager will use common security");
        }
        try {
            CSS css = realmServices.getCSS();
            this.roleMappingService = (RoleMappingService) css.getService(CSS.ROLE_MAPPING_SERVICE);
            this.roleDeploymentService = (com.bea.common.security.service.RoleDeploymentService) css.getService(CSS.ROLE_DEPLOYMENT_SERVICE);
            this.appVerService = (ApplicationVersioningService) css.getService("ApplicationVersioningService");
            this.initialized = true;
        } catch (Exception e) {
            if (log.isDebugEnabled()) {
                SecurityLogger.logStackTrace(e);
            }
            SecurityServiceRuntimeException securityServiceRuntimeException = new SecurityServiceRuntimeException(SecurityLogger.getExceptionObtainingService("Common RoleMappingService", e.toString()));
            securityServiceRuntimeException.initCause(e);
            throw securityServiceRuntimeException;
        }
    }

    @Override // weblogic.security.service.SecurityService
    public void start() {
    }

    @Override // weblogic.security.service.SecurityService
    public void suspend() {
    }

    @Override // weblogic.security.service.SecurityService
    public void shutdown() {
        this.roleMappingService = null;
        this.roleDeploymentService = null;
        this.realmServices = null;
    }

    @Override // weblogic.security.service.RoleManager
    public Map getRoles(AuthenticatedSubject authenticatedSubject, Resource resource, ContextHandler contextHandler) {
        if (!this.initialized) {
            throw new NotYetInitializedException(SecurityLogger.getRoleMgrNotYetInitialized());
        }
        if (null == authenticatedSubject || null == resource) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getReqParamNotSuppliedIsAccess());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common RoleMappingService");
        }
        return this.roleMappingService.getRoles(IdentityUtility.authenticatedSubjectToIdentity(authenticatedSubject), resource, contextHandler);
    }

    @Override // weblogic.security.service.RoleManager
    public RoleManagerDeployHandle startDeployRoles(SecurityApplicationInfo securityApplicationInfo) throws DeployHandleCreationException {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.startDeployRoles");
        }
        if (null == securityApplicationInfo) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getApplicationInformationNotSupplied());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common RoleDeploymentService.startDeployRoles");
        }
        try {
            ManagedAccountingContext accountingContextAsGlobal = SecurityUtils.getResourceContextManager().setAccountingContextAsGlobal();
            Throwable th = null;
            try {
                try {
                    HandlerAdaptor handlerAdaptor = new HandlerAdaptor(this.roleDeploymentService.startDeployRoles(securityApplicationInfo));
                    this.realmServices.registerCleanupHandler(handlerAdaptor);
                    RoleManagerDeployHandleImpl roleManagerDeployHandleImpl = new RoleManagerDeployHandleImpl(handlerAdaptor);
                    if (accountingContextAsGlobal != null) {
                        if (0 != 0) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                    return roleManagerDeployHandleImpl;
                } finally {
                }
            } finally {
            }
        } catch (DeployHandleCreationException e) {
            throw e;
        } catch (Exception e2) {
            throw SecurityUtils.wrapRCMCloseException(e2);
        }
    }

    @Override // weblogic.security.service.RoleManager
    public void deployRole(RoleManagerDeployHandle roleManagerDeployHandle, Resource resource, String str, String[] strArr) throws RoleCreationException {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.deployRole");
        }
        if (null == roleManagerDeployHandle) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getDeployHandleNotSupplied());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common deployRole");
        }
        try {
            ManagedAccountingContext accountingContextAsGlobal = SecurityUtils.getResourceContextManager().setAccountingContextAsGlobal();
            Throwable th = null;
            try {
                try {
                    roleManagerDeployHandle.getRoleDeploymentHandler().deployRole(resource, str, strArr);
                    if (accountingContextAsGlobal != null) {
                        if (0 != 0) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (accountingContextAsGlobal != null) {
                    if (th != null) {
                        try {
                            accountingContextAsGlobal.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        accountingContextAsGlobal.close();
                    }
                }
                throw th3;
            }
        } catch (RoleCreationException e) {
            throw e;
        } catch (Exception e2) {
            throw SecurityUtils.wrapRCMCloseException(e2);
        }
    }

    @Override // weblogic.security.service.RoleManager
    public void endDeployRoles(RoleManagerDeployHandle roleManagerDeployHandle) throws RoleCreationException {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.endDeployRoles");
        }
        if (null == roleManagerDeployHandle) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getDeployHandleNotSupplied());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common endDeployRoles");
        }
        try {
            ManagedAccountingContext accountingContextAsGlobal = SecurityUtils.getResourceContextManager().setAccountingContextAsGlobal();
            Throwable th = null;
            try {
                try {
                    roleManagerDeployHandle.getRoleDeploymentHandler().endDeployRoles();
                    if (accountingContextAsGlobal != null) {
                        if (0 != 0) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (accountingContextAsGlobal != null) {
                    if (th != null) {
                        try {
                            accountingContextAsGlobal.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        accountingContextAsGlobal.close();
                    }
                }
                throw th3;
            }
        } catch (RoleCreationException e) {
            throw e;
        } catch (Exception e2) {
            throw SecurityUtils.wrapRCMCloseException(e2);
        }
    }

    @Override // weblogic.security.service.RoleManager
    public void undeployAllRoles(RoleManagerDeployHandle roleManagerDeployHandle) throws RoleRemovalException {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.undeployAllRoles");
        }
        if (null == roleManagerDeployHandle) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getDeployHandleNotSupplied());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common undeployAllRoles");
        }
        try {
            ManagedAccountingContext accountingContextAsGlobal = SecurityUtils.getResourceContextManager().setAccountingContextAsGlobal();
            Throwable th = null;
            try {
                try {
                    RoleDeploymentService.DeploymentHandler roleDeploymentHandler = roleManagerDeployHandle.getRoleDeploymentHandler();
                    if (roleDeploymentHandler instanceof HandlerAdaptor) {
                        this.realmServices.removeCleanupHandler((HandlerAdaptor) roleDeploymentHandler);
                    }
                    roleManagerDeployHandle.getRoleDeploymentHandler().undeployAllRoles();
                    if (accountingContextAsGlobal != null) {
                        if (0 != 0) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (RoleRemovalException e) {
            throw e;
        } catch (Exception e2) {
            throw SecurityUtils.wrapRCMCloseException(e2);
        }
    }

    @Override // weblogic.security.service.RoleManager
    public void deleteApplicationRoles(SecurityApplicationInfo securityApplicationInfo) throws RoleRemovalException {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.deleteApplicationRoles");
        }
        if (null == securityApplicationInfo) {
            throw new com.bea.common.engine.InvalidParameterException(SecurityLogger.getApplicationInformationNotSupplied());
        }
        if (log.isDebugEnabled()) {
            log.debug("Using Common deleteApplicationRoles");
        }
        try {
            ManagedAccountingContext accountingContextAsGlobal = SecurityUtils.getResourceContextManager().setAccountingContextAsGlobal();
            Throwable th = null;
            try {
                try {
                    this.roleDeploymentService.deleteApplicationRoles(securityApplicationInfo);
                    if (accountingContextAsGlobal != null) {
                        if (0 != 0) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (RoleRemovalException e) {
            throw e;
        } catch (Exception e2) {
            throw SecurityUtils.wrapRCMCloseException(e2);
        }
    }

    @Override // weblogic.security.service.RoleManager
    public boolean isVersionableApplicationSupported() {
        if (log.isDebugEnabled()) {
            log.debug("RoleManager.isVersionableApplicationSupported");
        }
        return this.appVerService.isApplicationVersioningSupported();
    }

    @Override // weblogic.security.service.RoleManager
    public void createApplicationVersion(String str, String str2) throws ApplicationVersionCreationException {
        assertNotUsingCommon();
    }

    @Override // weblogic.security.service.RoleManager
    public void deleteApplicationVersion(String str) throws ApplicationVersionRemovalException {
        assertNotUsingCommon();
    }

    @Override // weblogic.security.service.RoleManager
    public void deleteApplication(String str) throws ApplicationRemovalException {
        assertNotUsingCommon();
    }

    @Override // weblogic.security.service.RoleManager
    public boolean isUserInRole(AuthenticatedSubject authenticatedSubject, String str, Resource resource, ContextHandler contextHandler) {
        Map roles = getRoles(authenticatedSubject, resource, contextHandler);
        return (roles == null || str == null || roles.get(str) == null) ? false : true;
    }
}
