package com.ibm.ws.management.cmdframework.impl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.authorizer.AdminAuthorizer;
import com.ibm.websphere.management.authorizer.AdminAuthorizerFactory;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.commandmetadata.CustomProperties;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import java.util.ArrayList;
import java.util.StringTokenizer;
import javax.management.ObjectName;
import org.eclipse.emf.common.util.EList;

/* loaded from: input_file:bridge.jar:com/ibm/ws/management/cmdframework/impl/CommandSecurityUtil.class */
public class CommandSecurityUtil {
    private static TraceComponent tc;
    private static CommandSecurityUtil cmdSecUtil;
    public static final String REQUIRED_ROLES = "RequiredRoles";
    public static final String DELEGATION_MODE = "DelegationMode";
    public static final String RESOURCE_IDENTIFIER = "ResourceIdentifier";
    public static final String ROLE_DELIM = ":|";
    public static final String RESID_DELIM = "/";
    public static final String PARAM_DELIM = "|";
    public static final String TARGET_OBJECT = "targetObject";
    static Class class$com$ibm$ws$management$cmdframework$impl$CommandSecurityUtil;

    private CommandSecurityUtil() {
    }

    public static CommandSecurityUtil getInstance() {
        return cmdSecUtil;
    }

    public boolean checkAccess(AdminCommand adminCommand) {
        EList value;
        EList value2;
        boolean z = true;
        ArrayList arrayList = new ArrayList();
        String str = new String();
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkAccess", adminCommand);
        }
        AdminAuthorizer adminAuthorizer = AdminAuthorizerFactory.getAdminAuthorizer();
        if (adminAuthorizer == null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkAccess", "No Authorizer (true) ");
            }
            return true;
        }
        EList<CustomProperties> custom = adminCommand.getCommandMetadata().getCustom();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, " custom = ", custom);
        }
        if (custom != null && !custom.isEmpty()) {
            for (CustomProperties customProperties : custom) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, " custom = ", custom);
                }
                if (customProperties.getKey().equals(REQUIRED_ROLES) && (value2 = customProperties.getValue()) != null && !value2.isEmpty()) {
                    StringTokenizer stringTokenizer = new StringTokenizer((String) value2.iterator().next(), ROLE_DELIM);
                    while (stringTokenizer.hasMoreTokens()) {
                        String nextToken = stringTokenizer.nextToken();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, " required role = ", nextToken);
                        }
                        arrayList.add(nextToken);
                    }
                }
                if (customProperties.getKey().equals(RESOURCE_IDENTIFIER) && (value = customProperties.getValue()) != null && !value.isEmpty()) {
                    StringTokenizer stringTokenizer2 = new StringTokenizer((String) value.iterator().next(), "/");
                    boolean z2 = true;
                    while (true) {
                        boolean z3 = z2;
                        if (stringTokenizer2.hasMoreTokens()) {
                            if (!z3) {
                                str = new StringBuffer().append(str).append("/").toString();
                            }
                            str = new StringBuffer().append(str).append(stringTokenizer2.nextToken()).append("/").append(getParamValue(adminCommand, stringTokenizer2.nextToken())).toString();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, " scope = ", str);
                            }
                            z2 = false;
                        }
                    }
                }
            }
            String str2 = (String) arrayList.iterator().next();
            if (!str2.startsWith("Any-")) {
                z = adminAuthorizer.checkAccess(str, str2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkAccess", new Boolean(z));
        }
        return z;
    }

    public String getDelegationMode(AdminCommand adminCommand) {
        EList value;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getDelegationMode", adminCommand);
        }
        String str = "CallerIdentity";
        if (AdminAuthorizerFactory.getAdminAuthorizer() == null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getDelegationMode", "No Authorizer ");
            }
            return str;
        }
        EList<CustomProperties> custom = adminCommand.getCommandMetadata().getCustom();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, " custom = ", custom);
        }
        if (custom != null && !custom.isEmpty()) {
            for (CustomProperties customProperties : custom) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, " custom = ", custom);
                }
                if (customProperties.getKey().equals(DELEGATION_MODE) && (value = customProperties.getValue()) != null && !value.isEmpty()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, " delegation mode = ", value);
                    }
                    str = (String) value.iterator().next();
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getDelegationMode", str);
        }
        return str;
    }

    private String getParamValue(AdminCommand adminCommand, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getParamValue", str);
        }
        String str2 = null;
        try {
            StringTokenizer stringTokenizer = new StringTokenizer(str, PARAM_DELIM);
            boolean z = false;
            String str3 = null;
            while (stringTokenizer.hasMoreTokens()) {
                str3 = stringTokenizer.nextToken();
                if (str3.equals("targetObject")) {
                    str3 = null;
                    z = true;
                }
            }
            if (z) {
                Object targetObject = adminCommand.getTargetObject();
                str2 = targetObject instanceof ObjectName ? ConfigServiceHelper.getDisplayName(ObjectName.getInstance((ObjectName) targetObject)) : (String) targetObject;
            }
            if (str2 == null) {
                str2 = (String) adminCommand.getParameter(str3);
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getParamValue", e.getMessage());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getParamValue", str2);
        }
        return str2;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$management$cmdframework$impl$CommandSecurityUtil == null) {
            cls = class$("com.ibm.ws.management.cmdframework.impl.CommandSecurityUtil");
            class$com$ibm$ws$management$cmdframework$impl$CommandSecurityUtil = cls;
        } else {
            cls = class$com$ibm$ws$management$cmdframework$impl$CommandSecurityUtil;
        }
        tc = Tr.register(cls, "CommandSecurityUtil", "com.ibm.ws.management.cmdframework");
        cmdSecUtil = new CommandSecurityUtil();
    }
}
