package com.sun.emp.security.server;

import com.sun.emp.security.AdminPermission;
import com.sun.emp.security.BasePermission;
import com.sun.emp.security.CICSApplicationPermission;
import com.sun.emp.security.CICSCommandPermission;
import com.sun.emp.security.CICSFilePermission;
import com.sun.emp.security.CICSJournalPermission;
import com.sun.emp.security.CICSProgramPermission;
import com.sun.emp.security.CICSTempStoragePermission;
import com.sun.emp.security.CICSTerminalPermission;
import com.sun.emp.security.CICSTransientDataPermission;
import com.sun.emp.security.CICSTxAttachPermission;
import com.sun.emp.security.CICSTxStartPermission;
import com.sun.emp.security.ObjectRefPermission;
import com.sun.emp.security.RBACSecurityException;
import com.sun.emp.security.runtime.Principal;
import com.sun.emp.security.utilities.SecurityLog;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.util.Iterator;
import javax.security.auth.Subject;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: SecurityServer.java */
/* loaded from: input_file:117624-02/MSF1.0.1p2/lib/secrtpa.jar:com/sun/emp/security/server/SecurityServerAction.class */
public class SecurityServerAction implements PrivilegedExceptionAction {
    private String _resourceType;
    private String _resourceName;
    private String _permissions;

    public SecurityServerAction(String str, String str2, String str3) {
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "Constructor", new StringBuffer().append("Resource Type: ").append(str).append(" Name: ").append(str2).append(" Permissions: ").append(str3).toString());
        }
        this._resourceType = str;
        this._resourceName = str2;
        this._permissions = str3.toLowerCase();
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.exit(5L, (Object) this, "Constructor");
        }
    }

    @Override // java.security.PrivilegedExceptionAction
    public Object run() throws Exception {
        BasePermission basePermission;
        if (SecurityLog.trc.isLogging) {
            SecurityLog.trc.entry(5L, (Object) this, "run", new StringBuffer().append("Checking: ").append(this._resourceType).append(" ").append(this._resourceName).append(" ").append(this._permissions).toString());
        }
        try {
            if (SecurityLog.trc.isLogging) {
                Iterator it = Subject.getSubject(AccessController.getContext()).getPrincipals(Class.forName("com.sun.emp.security.runtime.Principal")).iterator();
                while (it.hasNext()) {
                    SecurityLog.trc.text(10L, this, "run", new StringBuffer().append("JAAS Subject contains authenticated user Principal: ").append(((Principal) it.next()).getName()).toString());
                }
            }
            try {
                synchronized (SecurityServer.m_permsCreated) {
                    BasePermission basePermission2 = (BasePermission) SecurityServer.m_permsCreated.get(new StringBuffer().append(this._resourceType).append(" ").append(this._resourceName).append(":").append(this._permissions).toString());
                    basePermission = basePermission2;
                    if (null == basePermission2) {
                        if (this._resourceType.startsWith("KIX_REGION")) {
                            basePermission = new CICSApplicationPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_COMMAND")) {
                            basePermission = new CICSCommandPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_FILE")) {
                            basePermission = new CICSFilePermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_JOURNAL")) {
                            basePermission = new CICSJournalPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_PROGRAM")) {
                            basePermission = new CICSProgramPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_TSQUEUE")) {
                            basePermission = new CICSTempStoragePermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_TERMINAL")) {
                            basePermission = new CICSTerminalPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_TDQUEUE")) {
                            basePermission = new CICSTransientDataPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_ATTACH_TRANS")) {
                            basePermission = new CICSTxAttachPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("KIX_START_TRANS")) {
                            basePermission = new CICSTxStartPermission(this._resourceName, this._permissions);
                        } else if (this._resourceType.startsWith("ObjectRef")) {
                            basePermission = new ObjectRefPermission(this._resourceName, this._permissions);
                        } else {
                            if (!this._resourceType.startsWith("AdministrationFramework")) {
                                throw new AccessControlException("Unrecognized SecurityServer resource");
                            }
                            basePermission = new AdminPermission(this._resourceName, this._permissions);
                        }
                        SecurityServer.m_permsCreated.put(new StringBuffer().append(this._resourceType).append(" ").append(this._resourceName).append(":").append(this._permissions).toString(), basePermission);
                    }
                }
                AccessController.checkPermission(basePermission);
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "run", new StringBuffer().append("Authorized: ").append(toString()).toString());
                }
                return AccessController.getContext();
            } catch (AccessControlException e) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exit(6L, (Object) this, "run", new StringBuffer().append(toString()).append(" AccessControlException: ").append(e).toString());
                }
                throw new RBACSecurityException(new StringBuffer().append("Permission ").append(this._permissions).append(" denied, for access to \"").append(this._resourceType).append("\" ").append(this._resourceName).toString(), "AccessControlException");
            } catch (Exception e2) {
                if (SecurityLog.trc.isLogging) {
                    SecurityLog.trc.exception(7L, this, "run", e2);
                }
                throw new RBACSecurityException(new StringBuffer().append("Permission ").append(this._permissions).append(" denied, for access to CICSResource \"").append(this._resourceType).append("\" ").append(this._resourceName).toString(), new StringBuffer().append("UnexpectedException ").append(e2).toString());
            }
        } catch (Exception e3) {
            if (SecurityLog.trc.isLogging) {
                SecurityLog.trc.exception(7L, this, "run", e3);
            }
            throw e3;
        }
    }
}
