package com.ibm.wps.ac.impl;

import com.ibm.portal.ListModel;
import com.ibm.portal.ModelException;
import com.ibm.portal.ObjectID;
import com.ibm.portal.ResourceType;
import com.ibm.wps.ac.ACPrincipal;
import com.ibm.wps.ac.AccessControlUserContext;
import com.ibm.wps.ac.Action;
import com.ibm.wps.ac.ActionSet;
import com.ibm.wps.ac.AuthorizationDataException;
import com.ibm.wps.ac.Entitlements;
import com.ibm.wps.ac.Permission;
import com.ibm.wps.ac.PermissionCollection;
import com.ibm.wps.ac.factories.ACAdministrationPermissionFactory;
import com.ibm.wps.ac.factories.ActionFactory;
import com.ibm.wps.ac.factories.CategoryPermissionFactory;
import com.ibm.wps.ac.factories.CredentialVaultPermissionFactory;
import com.ibm.wps.ac.factories.MarkupPermissionFactory;
import com.ibm.wps.ac.factories.NodePermissionFactory;
import com.ibm.wps.ac.factories.PortalSettingsPermissionFactory;
import com.ibm.wps.ac.factories.PortletApplicationDefinitionPermissionFactory;
import com.ibm.wps.ac.factories.PortletDefinitionPermissionFactory;
import com.ibm.wps.ac.factories.PortletEntityPermissionFactory;
import com.ibm.wps.ac.factories.PropertyBrokerPermissionFactory;
import com.ibm.wps.ac.factories.UDDIRegistryPermissionFactory;
import com.ibm.wps.ac.factories.URLMappingPermissionFactory;
import com.ibm.wps.ac.factories.UserGroupPermissionFactory;
import com.ibm.wps.ac.factories.UserPermissionFactory;
import com.ibm.wps.ac.factories.WSRPConsumerPermissionFactory;
import com.ibm.wps.ac.factories.WSRPProducerPermissionFactory;
import com.ibm.wps.ac.factories.WebModulePermissionFactory;
import com.ibm.wps.logging.LogManager;
import com.ibm.wps.logging.Logger;
import com.ibm.wps.puma.Principal;
import com.ibm.wps.services.ServiceManager;
import com.ibm.wps.services.ac.ACPrincipalFactory;
import com.ibm.wps.services.ac.AccessControlService;
import com.ibm.wps.services.ac.PermissionFactory;
import com.ibm.wps.services.ac.ProtectedActivityList;
import com.ibm.wps.services.ac.VirtualResources;
import com.ibm.wps.util.ObjectIDUtils;
import com.ibm.wps.util.Properties;
import java.util.Collection;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;

/* loaded from: input_file:plugins/com.ibm.wps_v5_5.0.2/wps.jar:com/ibm/wps/ac/impl/AccessControlImpl.class */
public final class AccessControlImpl extends AccessControlService {
    private static final String COPYRIGHT = "Licensed Materials - Property of IBM, 5724-E76 and 5724-E77, (C) Copyright IBM Corp. 2001, 2003 - All Rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static Logger logger;
    private ResourceManager resourceManager;
    private RoleManager roleManager;
    private Engine engine;
    private PermissionFactory permissionFactory;
    private ACPrincipalFactory principalFactory;
    private VirtualResourcesImpl virtualResources;
    private static final AccessControlUserContext ACCESS_CONTROL_CONTEXT_NULL;
    static Class class$com$ibm$wps$ac$impl$AccessControlImpl;
    static Class class$com$ibm$wps$services$ac$ACPrincipalFactoryService;
    static Class class$com$ibm$wps$services$ac$PermissionFactoryService;

    private void checkParameter(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(str);
        }
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public Entitlements checkEntitlements(ACPrincipal aCPrincipal, ResourceType resourceType, Collection collection) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "checkEntitlements", new Object[]{aCPrincipal, resourceType, collection});
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(resourceType, "resourceType must not be null");
        checkParameter(collection, "resourceIDs must not be null");
        Entitlements checkEntitlements = this.engine.getCheckEntitlements(aCPrincipal, resourceType, collection);
        if (isLogging) {
            logger.exit(110, "checkEntitlements", checkEntitlements);
        }
        return checkEntitlements;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public Collection filterResources(ACPrincipal aCPrincipal, ResourceType resourceType, Collection collection, ActionSet actionSet) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "filterResources", new Object[]{aCPrincipal, resourceType, collection, actionSet});
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(resourceType, "resourceType must not be null");
        checkParameter(collection, "resources must not be null");
        checkParameter(actionSet, "actionSet must not be null");
        Collection filterResources = this.engine.filterResources(aCPrincipal, resourceType, collection, actionSet);
        if (isLogging) {
            logger.exit(110, "filterResources", collection);
        }
        return filterResources;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public Entitlements getEntitlements(ACPrincipal aCPrincipal, ResourceType resourceType) throws AuthorizationDataException {
        return getEntitlements(aCPrincipal, resourceType, ACCESS_CONTROL_CONTEXT_NULL);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public Entitlements getEntitlements(AccessControlUserContext accessControlUserContext, ResourceType resourceType) throws AuthorizationDataException {
        return getEntitlements(((AccessControlUserContextImpl) accessControlUserContext).getPrincipal(), resourceType, accessControlUserContext);
    }

    private Entitlements getEntitlements(ACPrincipal aCPrincipal, ResourceType resourceType, AccessControlUserContext accessControlUserContext) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "getEntitlements3", new Object[]{aCPrincipal, resourceType, accessControlUserContext});
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(resourceType, "resourceType must not be null");
        verifyEntitlementsResourceType(resourceType);
        Entitlements entitlements = this.engine.getEntitlements(aCPrincipal, resourceType, (AccessControlUserContextImpl) accessControlUserContext);
        if (isLogging) {
            logger.exit(110, "getEntitlements", entitlements);
        }
        return entitlements;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public Entitlements getEntitlements(ACPrincipal aCPrincipal, ResourceType resourceType, ObjectID objectID) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "getEntitlements", new Object[]{aCPrincipal, resourceType, ObjectIDUtils.dump(objectID)});
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(resourceType, "resourceType must not be null");
        checkParameter(objectID, "parentResourceID must not be null");
        verifyEntitlementsResourceType(resourceType);
        Entitlements filteredEntitlements = this.engine.getFilteredEntitlements(aCPrincipal, resourceType, objectID);
        if (isLogging) {
            logger.exit(110, "getEntitlements", filteredEntitlements);
        }
        return filteredEntitlements;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public boolean hasExplicitPermission(ACPrincipal aCPrincipal, Permission permission) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "hasExplicitPermission, principal: {0}, permission: {1}", aCPrincipal, permission);
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(permission, "permission must not be null");
        if (aCPrincipal == null) {
            throw new IllegalArgumentException("principal must not be null");
        }
        if (permission == null) {
            throw new IllegalArgumentException("permission must not be null");
        }
        PermissionCollection createPermissionCollection = createPermissionCollection();
        createPermissionCollection.add(permission);
        boolean hasExplicitPermission = this.engine.hasExplicitPermission(aCPrincipal, createPermissionCollection);
        if (isLogging) {
            logger.exit(110, "hasExplicitPermission: ", hasExplicitPermission);
        }
        return hasExplicitPermission;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public boolean hasExplicitPermission(ACPrincipal aCPrincipal, PermissionCollection permissionCollection) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "hasExplicitPermission", aCPrincipal, permissionCollection);
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(permissionCollection, "permissionCollection must not be null");
        boolean hasExplicitPermission = this.engine.hasExplicitPermission(aCPrincipal, permissionCollection);
        if (isLogging) {
            logger.exit(110, "hasExplicitPermission: ", hasExplicitPermission);
        }
        return hasExplicitPermission;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public boolean hasPermission(ACPrincipal aCPrincipal, PermissionCollection permissionCollection) throws AuthorizationDataException {
        return hasPermission(aCPrincipal, permissionCollection, null);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public boolean hasPermission(AccessControlUserContext accessControlUserContext, PermissionCollection permissionCollection) throws AuthorizationDataException {
        return hasPermission(((AccessControlUserContextImpl) accessControlUserContext).getPrincipal(), permissionCollection, accessControlUserContext);
    }

    private boolean hasPermission(ACPrincipal aCPrincipal, PermissionCollection permissionCollection, AccessControlUserContext accessControlUserContext) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "hasPermission", new Object[]{aCPrincipal, permissionCollection, accessControlUserContext});
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(permissionCollection, "permissionCollection must not be null");
        boolean hasPermission = this.engine.hasPermission(aCPrincipal, permissionCollection, (AccessControlUserContextImpl) accessControlUserContext);
        if (isLogging) {
            logger.exit(110, "hasPermission: ", hasPermission);
        }
        return hasPermission;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public boolean hasPermission(ACPrincipal aCPrincipal, Permission permission) throws AuthorizationDataException {
        boolean isLogging = logger.isLogging(110);
        if (isLogging) {
            logger.entry(110, "hasPermission, principal: {0}, permission: {1}", aCPrincipal, permission);
        }
        checkParameter(aCPrincipal, "principal must not be null");
        checkParameter(permission, "permission must not be null");
        PermissionCollection createPermissionCollection = createPermissionCollection();
        createPermissionCollection.add(permission);
        boolean hasPermission = this.engine.hasPermission(aCPrincipal, createPermissionCollection, null);
        if (isLogging) {
            logger.exit(110, "hasPermission: ", hasPermission);
        }
        return hasPermission;
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.AccessControl
    public AccessControlUserContext createAccessControlUserContext(ACPrincipal aCPrincipal) {
        return new AccessControlUserContextImpl(aCPrincipal);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal createPrincipal(ObjectID objectID) throws AuthorizationDataException {
        return this.principalFactory.createPrincipal(objectID);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal createPrincipal(Principal principal) {
        return this.principalFactory.createPrincipal(principal);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal createPrincipal(String str, ResourceType resourceType) throws AuthorizationDataException {
        return this.principalFactory.createPrincipal(str, resourceType);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal getAllAuthenticatedUserGroup() {
        return this.principalFactory.getAllAuthenticatedUserGroup();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal getAllUserGroups() {
        return this.principalFactory.getAllUserGroups();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal getAnonymousUser() {
        return this.principalFactory.getAnonymousUser();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.ACPrincipalFactory
    public ACPrincipal getXmlAccessScriptingUser(ObjectID objectID) {
        return this.principalFactory.getXmlAccessScriptingUser(objectID);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public ActionSet createActionSet(Collection collection) {
        return this.permissionFactory.createActionSet(collection);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public Permission createPermission(Action action, ObjectID objectID) {
        return this.permissionFactory.createPermission(action, objectID);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PermissionCollection createPermissionCollection() {
        return this.permissionFactory.createPermissionCollection();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public CategoryPermissionFactory getCategoryPermissionFactory() {
        return this.permissionFactory.getCategoryPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public CredentialVaultPermissionFactory getCredentialVaultPermissionFactory() {
        return this.permissionFactory.getCredentialVaultPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public MarkupPermissionFactory getMarkupPermissionFactory() {
        return this.permissionFactory.getMarkupPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public NodePermissionFactory getNodePermissionFactory() {
        return this.permissionFactory.getNodePermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PortalSettingsPermissionFactory getPortalSettingsPermissionFactory() {
        return this.permissionFactory.getPortalSettingsPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PortletApplicationDefinitionPermissionFactory getPortletApplicationDefinitionPermissionFactory() {
        return this.permissionFactory.getPortletApplicationDefinitionPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PortletDefinitionPermissionFactory getPortletDefinitionPermissionFactory() {
        return this.permissionFactory.getPortletDefinitionPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PortletEntityPermissionFactory getPortletEntityPermissionFactory() {
        return this.permissionFactory.getPortletEntityPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public UDDIRegistryPermissionFactory getUDDIRegistryPermissionFactory() {
        return this.permissionFactory.getUDDIRegistryPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public URLMappingPermissionFactory getURLMappingPermissionFactory() {
        return this.permissionFactory.getURLMappingPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public UserGroupPermissionFactory getUserGroupPermissionFactory() {
        return this.permissionFactory.getUserGroupPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public UserPermissionFactory getUserPermissionFactory() {
        return this.permissionFactory.getUserPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public WebModulePermissionFactory getWebModulePermissionFactory() {
        return this.permissionFactory.getWebModulePermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public WSRPConsumerPermissionFactory getWSRPConsumerPermissionFactory() {
        return this.permissionFactory.getWSRPConsumerPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public WSRPProducerPermissionFactory getWSRPProdcuerPermissionFactory() {
        return this.permissionFactory.getWSRPProdcuerPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public ACAdministrationPermissionFactory getAccessControlAdministrationPermissionFactory() {
        return this.permissionFactory.getAccessControlAdministrationPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PropertyBrokerPermissionFactory getPropertyBrokerPermissionFactory() {
        return this.permissionFactory.getPropertyBrokerPermissionFactory();
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public PermissionCollection getProtectedActivityListPermissions(ProtectedActivityList protectedActivityList) throws ModelException {
        return this.permissionFactory.getProtectedActivityListPermissions(protectedActivityList);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.PermissionFactory
    public ActionFactory getActionFactory() {
        return this.permissionFactory.getActionFactory();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.wps.services.Service
    public void init(ServletConfig servletConfig, Properties properties) throws Exception {
        super.init(servletConfig, properties);
        init(properties);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.wps.services.Service
    public void init(ServletContext servletContext, Properties properties) throws Exception {
        super.init(servletContext, properties);
        init(properties);
    }

    @Override // com.ibm.wps.services.Service
    protected void init(Properties properties) throws Exception {
        Class cls;
        Class cls2;
        boolean isWPCPEnabled = AccessControlDataManagement.isWPCPEnabled();
        boolean isWCSEnabled = AccessControlDataManagement.isWCSEnabled();
        boolean isLWPEnabled = AccessControlDataManagement.isLWPEnabled();
        this.roleManager = AccessControlDataManagement.getRoleManager();
        this.resourceManager = AccessControlDataManagement.getResourceManager();
        this.engine = AccessControlDataManagement.getEngine();
        if (class$com$ibm$wps$services$ac$ACPrincipalFactoryService == null) {
            cls = class$("com.ibm.wps.services.ac.ACPrincipalFactoryService");
            class$com$ibm$wps$services$ac$ACPrincipalFactoryService = cls;
        } else {
            cls = class$com$ibm$wps$services$ac$ACPrincipalFactoryService;
        }
        this.principalFactory = (ACPrincipalFactory) ServiceManager.getService(cls, true);
        if (class$com$ibm$wps$services$ac$PermissionFactoryService == null) {
            cls2 = class$("com.ibm.wps.services.ac.PermissionFactoryService");
            class$com$ibm$wps$services$ac$PermissionFactoryService = cls2;
        } else {
            cls2 = class$com$ibm$wps$services$ac$PermissionFactoryService;
        }
        this.permissionFactory = (PermissionFactory) ServiceManager.getService(cls2, true);
        this.virtualResources = new VirtualResourcesImpl(isWPCPEnabled, isWCSEnabled, isLWPEnabled);
        AccessControlDataManagement.getResourceManager().buildCaches(this.virtualResources);
        new PACDump(properties);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.VirtualResources
    public ObjectID getVirtualResourceOID(VirtualResources.Key key) {
        return this.virtualResources.getVirtualResourceOID(key);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.VirtualResources
    public String getVirtualResourceInternalName(ObjectID objectID) throws AuthorizationDataException {
        return this.virtualResources.getVirtualResourceInternalName(objectID);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.VirtualResources
    public ObjectID getVirtualResourceOID(String str) throws AuthorizationDataException {
        return this.virtualResources.getVirtualResourceOID(str);
    }

    @Override // com.ibm.wps.services.ac.AccessControlService, com.ibm.wps.services.ac.VirtualResources
    public ListModel getVirtualResourceOIDs() {
        return this.virtualResources.getVirtualResourceOIDs();
    }

    private void verifyEntitlementsResourceType(ResourceType resourceType) {
        if (resourceType == ResourceType.USER) {
            throw new IllegalArgumentException(new StringBuffer().append("This operation is not supported for ResourceType: ").append(resourceType).toString());
        }
    }

    private boolean isProtectedType(ResourceType resourceType) {
        return AccessControlDataManagement.getActiveProtectedResourceTypesCollection().contains(resourceType);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        LogManager logManager = LogManager.getLogManager();
        if (class$com$ibm$wps$ac$impl$AccessControlImpl == null) {
            cls = class$("com.ibm.wps.ac.impl.AccessControlImpl");
            class$com$ibm$wps$ac$impl$AccessControlImpl = cls;
        } else {
            cls = class$com$ibm$wps$ac$impl$AccessControlImpl;
        }
        logger = logManager.getLogger(cls);
        ACCESS_CONTROL_CONTEXT_NULL = null;
    }
}
