package com.ibm.ws.security.policy;

import com.ibm.ejs.models.base.extensions.ejbext.EnterpriseBeanExtension;
import com.ibm.ejs.models.base.extensions.ejbext.RunAsSpecifiedIdentity;
import com.ibm.ejs.models.base.extensions.ejbext.SecurityIdentity;
import com.ibm.ejs.models.base.extensions.ejbext.UseCallerIdentity;
import com.ibm.ejs.models.base.extensions.ejbext.UseSystemIdentity;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.csi.EJBConfigData;
import com.ibm.websphere.csi.EJBMethodInfo;
import com.ibm.ws.security.ejb.BeanPermissionRoleMap;
import com.ibm.ws.security.ejb.EJBUtil;
import com.ibm.ws.security.ejb.EnterpriseBeanExtensionWrapper;
import com.ibm.ws.security.ejb.RunAsModeWrapper;
import com.ibm.ws.security.ejb.SecurityIdentityWrapper;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import java.util.Iterator;
import java.util.List;
import org.eclipse.emf.common.util.EList;

/* loaded from: input_file:com/ibm/ws/security/policy/RunAsPolicyExtensionImpl.class */
public class RunAsPolicyExtensionImpl implements RunAsPolicyExtension {
    private static TraceComponent tc = Tr.register((Class<?>) RunAsPolicyExtensionImpl.class, AdminConstants.MSG_BUNDLE_NAME);
    private Object adaptableObject;
    private EJBConfigData ejbConfigData;
    private EJBMethodInfo ejbMethod;
    private EnterpriseBeanExtensionWrapper ejbExtWrapper = null;
    private boolean isIdentityCached = false;
    private SecurityIdentity securityIdentity = null;
    private SecurityIdentityWrapper securityIdentityWrapper = null;

    public RunAsPolicyExtensionImpl(Object obj) {
        this.adaptableObject = obj;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public EJBConfigData getEjbConfigData() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getEjbConfigData()");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getEjbConfigData()", this.ejbConfigData);
        }
        return this.ejbConfigData;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public void setEjbConfigData(EJBConfigData eJBConfigData) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setEjbConfigData(EJBConfigData)");
        }
        this.ejbConfigData = eJBConfigData;
        if (EJBUtil.isReleaseEjbReference()) {
            String str = null;
            if (eJBConfigData != null) {
                if (eJBConfigData.getJ2EEName() != null) {
                    str = eJBConfigData.getJ2EEName().getComponent();
                }
                this.ejbExtWrapper = EnterpriseBeanExtensionWrapper.createEnterpriseBeanExtensionWrapper(str, (EnterpriseBeanExtension) eJBConfigData.getDeploymentExtn());
                this.ejbConfigData = null;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Reference to ejbConfigData is released.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ejbConfigData is null.");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setEjbConfigData(EJBConfigData)", eJBConfigData);
        }
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public EJBMethodInfo getEJBMethodInfo() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getEJBMethodInfo()");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getEJBMethodInfo()", this.ejbMethod);
        }
        return this.ejbMethod;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public void setEJBMethodInfo(EJBMethodInfo eJBMethodInfo) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setEJBMethodInfo(EJBMethodInfo)");
        }
        this.ejbMethod = eJBMethodInfo;
        if (EJBUtil.isReleaseEjbReference()) {
            this.ejbMethod = null;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Reference to ejbMethod is released.");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setEJBMethodInfo(EJBMethodInfo)", eJBMethodInfo);
        }
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public boolean isRunAsCallerIdentity(String str) {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRunAsCallerIdentity()");
        }
        boolean z = false;
        if (EJBUtil.isReleaseEjbReference()) {
            SecurityIdentityWrapper securityIdentityWrapper = getSecurityIdentityWrapper(str);
            if (securityIdentityWrapper != null && (str2 = securityIdentityWrapper.runAsMode) != null && str2.equals(RunAsModeWrapper.CALLER)) {
                z = true;
            }
        } else {
            SecurityIdentity securityIdentity = getSecurityIdentity(str);
            z = securityIdentity != null ? securityIdentity.getRunAsMode() instanceof UseCallerIdentity : false;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isRunAsCallerIdentity()", Boolean.valueOf(z));
        }
        return z;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public boolean isRunAsSystemIdentity(String str) {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRunAsSystemIdentity()");
        }
        boolean z = false;
        if (EJBUtil.isReleaseEjbReference()) {
            SecurityIdentityWrapper securityIdentityWrapper = getSecurityIdentityWrapper(str);
            if (securityIdentityWrapper != null && (str2 = securityIdentityWrapper.runAsMode) != null && str2.equals(RunAsModeWrapper.SYSTEM)) {
                z = true;
            }
        } else {
            SecurityIdentity securityIdentity = getSecurityIdentity(str);
            z = securityIdentity != null ? securityIdentity.getRunAsMode() instanceof UseSystemIdentity : false;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isRunAsSystemIdentity()", Boolean.valueOf(z));
        }
        return z;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public boolean isRunAsSpecifiedIdentity(String str) {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRunAsSpecifiedIdentity()");
        }
        boolean z = false;
        if (EJBUtil.isReleaseEjbReference()) {
            SecurityIdentityWrapper securityIdentityWrapper = getSecurityIdentityWrapper(str);
            if (securityIdentityWrapper != null && (str2 = securityIdentityWrapper.runAsMode) != null && str2.equals(RunAsModeWrapper.SPECIFIED)) {
                z = true;
            }
        } else {
            SecurityIdentity securityIdentity = getSecurityIdentity(str);
            z = securityIdentity != null ? securityIdentity.getRunAsMode() instanceof RunAsSpecifiedIdentity : false;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "isRunAsSpecifiedIdentity()", Boolean.valueOf(z));
        }
        return z;
    }

    @Override // com.ibm.ws.security.policy.RunAsPolicyExtension
    public String getRunAsSpecifiedIdentity(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRunAsSpecifiedIdentity()");
        }
        String str2 = null;
        if (EJBUtil.isReleaseEjbReference()) {
            if (isRunAsSpecifiedIdentity(str)) {
                str2 = getSecurityIdentityWrapper(str).roleName;
            }
        } else if (isRunAsSpecifiedIdentity(str) && this.securityIdentity != null) {
            str2 = ((RunAsSpecifiedIdentity) this.securityIdentity.getRunAsMode()).getRunAsSpecifiedIdentity().getRoleName();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRunAsSpecifiedIdentity()", str2);
        }
        return str2;
    }

    private SecurityIdentityWrapper getSecurityIdentityWrapper(String str) {
        SecurityIdentityWrapper securityIdentityWrapper = null;
        String str2 = null;
        List<SecurityIdentityWrapper> list = null;
        if (this.ejbExtWrapper != null) {
            str2 = this.ejbExtWrapper.ejbName;
            list = this.ejbExtWrapper.securityIdentities;
            if (tc.isEntryEnabled()) {
                Tr.entry(tc, "getSecurityIdentityWrapper methodName=" + str + " ejbName=" + str2 + " idWrappers=" + list);
            }
        } else if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityIdentityWrapper methodName=" + str + "ejbExtWrapper is null");
        }
        if (this.isIdentityCached) {
            securityIdentityWrapper = this.securityIdentityWrapper;
        } else if (list != null && !list.isEmpty()) {
            Iterator<SecurityIdentityWrapper> it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SecurityIdentityWrapper next = it.next();
                EList eList = next.methodElements;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Check if method matches RunAsSettings", new Object[]{next, next.runAsMode, eList});
                }
                if (BeanPermissionRoleMap.findMatchingMethod(str2, str, eList)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "RunAsSettings match found.");
                    }
                    securityIdentityWrapper = next;
                    this.securityIdentityWrapper = next;
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "RunAsSettings match was not found.");
                }
            }
            this.isIdentityCached = true;
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security identity list is null ");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityIdentityWrapper", securityIdentityWrapper);
        }
        return securityIdentityWrapper;
    }

    private SecurityIdentity getSecurityIdentity(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecurityIdentity()");
        }
        SecurityIdentity securityIdentity = null;
        if (this.isIdentityCached) {
            securityIdentity = this.securityIdentity;
        } else if (this.ejbConfigData != null && this.ejbMethod != null) {
            EnterpriseBeanExtension enterpriseBeanExtension = (EnterpriseBeanExtension) this.ejbConfigData.getDeploymentExtn();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "EnterpriseBeanExtension = " + enterpriseBeanExtension);
            }
            if (enterpriseBeanExtension != null) {
                String component = this.ejbConfigData.getJ2EEName().getComponent();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "ejbName = " + component + " methodName = " + str);
                }
                EList runAsSettings = enterpriseBeanExtension.getRunAsSettings();
                if (runAsSettings != null && !runAsSettings.isEmpty()) {
                    Iterator it = runAsSettings.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        SecurityIdentity securityIdentity2 = (SecurityIdentity) it.next();
                        EList methodElements = securityIdentity2.getMethodElements();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Check if method matches RunAsSettings", new Object[]{securityIdentity2, securityIdentity2.getRunAsMode(), methodElements});
                        }
                        if (BeanPermissionRoleMap.findMatchingMethod(component, str, methodElements)) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "RunAsSettings match found.");
                            }
                            securityIdentity = securityIdentity2;
                            this.securityIdentity = securityIdentity2;
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "RunAsSettings match was not found.");
                        }
                    }
                    this.isIdentityCached = true;
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "RunAsSettings list is null or empty, list=" + runAsSettings);
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "EnterpriseBeanExtension is null");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "ejbConfigData=" + this.ejbConfigData + " ejbMethod=" + this.ejbMethod);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityIdentity()", securityIdentity);
        }
        return securityIdentity;
    }

    public String toString() {
        return super.toString() + " {WSPolicy=" + this.adaptableObject + " EJBConfigData=" + this.ejbConfigData + " EJBMethodInfo=" + this.ejbMethod + '}';
    }
}
