package oracle.security.jazn.oc4j;

import com.evermind.security.Group;
import com.evermind.security.User;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNInitException;
import oracle.security.jazn.JAZNRuntimeException;
import oracle.security.jazn.action.GetJAZNConfigPropertyAction;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RealmUser;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.util.Dbg;
import oracle.security.jazn.util.Env;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:oracle/security/jazn/oc4j/CachingRealmUserAdaptor.class */
public class CachingRealmUserAdaptor extends RealmUserAdaptor {
    private Realm _realm;
    private RealmUser _realmUser;
    private Set _grantedRoles;
    private Set _oc4jGroups;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CachingRealmUserAdaptor(GenericUserManager genericUserManager, RealmUser realmUser) {
        super(genericUserManager, realmUser.getName());
        this._realm = realmUser.getRealm();
        this._realmUser = realmUser;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CachingRealmUserAdaptor(GenericUserManager genericUserManager, String str) {
        super(genericUserManager, str);
        try {
            this._realm = this._userMgr.getJAZNConfig().getRealmManager().getRealm(this._prInfo.realmName);
            this._realmUser = this._realm.getUserManager().getUser(str);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNInitException(th.getMessage(), th);
        }
    }

    private String getJAZNProperty(String str) {
        return getJAZNProperty(str, null);
    }

    private String getJAZNProperty(String str, String str2) {
        return (String) AccessController.doPrivileged((PrivilegedAction) new GetJAZNConfigPropertyAction(getJAZNConfig(), str, str2));
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser
    public Realm getRealm() {
        return this._realm;
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser
    public RealmUser getRealmUser() {
        return this._realmUser;
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor
    protected RealmUser getRealmUserInternal() {
        return getRealmUser();
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser
    public boolean hasPermission(Permission permission) {
        try {
            HashSet hashSet = (HashSet) ((HashSet) getGrantedRoles()).clone();
            hashSet.add(getRealmUser());
            boolean hasPermission = getJAZNConfig().getPolicy().hasPermission(new Grantee(hashSet, (CodeSource) null), permission);
            if (Dbg.LOG && !hasPermission) {
                System.out.println(new StringBuffer().append("JAAS-OC4J: Permission check for permission: ").append(permission).append(" failed for user: ").append(getName()).toString());
            }
            return hasPermission;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser
    public boolean isMemberOf(Group group) {
        if (!(group instanceof JAZNGroupAdaptor)) {
            return super.isMemberOf(group);
        }
        try {
            return getGrantedRoles().contains(((JAZNGroupAdaptor) group).getRealmRole());
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            if (!Dbg.LOG) {
                return false;
            }
            System.out.println(new StringBuffer().append("JAAS-OC4J: Membership check for group: ").append(group.getName()).append(" failed for user: ").append(getName()).toString());
            return false;
        }
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.AbstractUser
    public synchronized Set getGroups() throws UnsupportedOperationException {
        if (this._oc4jGroups != null) {
            return this._oc4jGroups;
        }
        try {
            HashSet hashSet = new HashSet();
            Iterator it = getGrantedRoles().iterator();
            while (it.hasNext()) {
                hashSet.add(new JAZNGroupAdaptor(new CachingRealmGroupAdaptor(getUserManager(), (RealmRole) it.next())));
            }
            this._oc4jGroups = hashSet;
            return hashSet;
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNRuntimeException(e.getMessage(), e);
        }
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor
    protected synchronized Set getGrantedRoles() throws JAZNException {
        if (this._grantedRoles != null) {
            return this._grantedRoles;
        }
        RoleManager roleManager = getRealm().getRoleManager();
        boolean z = true;
        try {
            z = Boolean.valueOf(getJAZNProperty(Env.RBAC_HIERARCHY, Env.RBAC_HIERARCHY_DEFAULT)).booleanValue();
        } catch (Exception e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
        }
        Set grantedRoles = roleManager.getGrantedRoles(getRealmUser(), !z);
        if (this._userMgr.isCacheEnabled()) {
            this._grantedRoles = grantedRoles;
        }
        return grantedRoles;
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser, java.security.Principal
    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof User)) {
            return false;
        }
        return getName().equals(((User) obj).getName());
    }

    @Override // oracle.security.jazn.oc4j.RealmUserAdaptor, oracle.security.jazn.oc4j.GenericUser, oracle.security.jazn.oc4j.AbstractUser, java.security.Principal
    public String toString() {
        return new StringBuffer().append("[CachingRealmUserAdaptor: ").append(this._name).append("]").toString();
    }
}
