package com.ibm.ws.management.configservice;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.ras.TraceNLS;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.authorizer.AdminAuthorizer;
import com.ibm.websphere.management.authorizer.AdminAuthorizerFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.ws.management.authorizer.AdminAuthzConstants;
import com.ibm.ws.management.configservice.ConfigObjectDelegator;
import com.ibm.ws.profile.WSProfileConstants;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.sm.workspace.metadata.RepositoryMetaDataFactory;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.services.jar:com/ibm/ws/management/configservice/AuthorizationGroupDelegator.class */
public class AuthorizationGroupDelegator extends RootObjectDelegator {
    private static TraceComponent tc = Tr.register(AuthorizationGroupDelegator.class, WSProfileConstants.S_MANAGEMENT_TEMPLATE_TYPE, "com.ibm.ws.management.resources.configservice");

    public AuthorizationGroupDelegator(ConfigServiceImpl configServiceImpl) {
        super(configServiceImpl, RepositoryMetaDataFactory.getRepositoryMetaData().getContextType(AdminAuthzConstants.AUTHORIZATIONGROUP_RES));
    }

    @Override // com.ibm.ws.management.configservice.RootObjectDelegator, com.ibm.ws.management.configservice.ConfigObjectDelegator
    public ObjectName createConfigObject(final Session session, final ObjectName objectName, final ConfigObjectDelegator.ChildTypeInfo childTypeInfo, final AttributeList attributeList) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createConfigObject", new Object[]{session, objectName, childTypeInfo, attributeList});
        }
        checkAccess(objectName);
        try {
            ObjectName objectName2 = (ObjectName) ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return AuthorizationGroupDelegator.this.createConfigObjectAsSystem(session, objectName, childTypeInfo, attributeList);
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "createConfigObject", objectName2);
            }
            return objectName2;
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ObjectName createConfigObjectAsSystem(Session session, ObjectName objectName, ConfigObjectDelegator.ChildTypeInfo childTypeInfo, AttributeList attributeList) throws ConfigServiceException {
        return super.createConfigObject(session, objectName, childTypeInfo, attributeList);
    }

    @Override // com.ibm.ws.management.configservice.ConfigObjectDelegator, com.ibm.ws.management.configservice.ConfigServiceDelegator
    public ObjectName createConfigData(final Session session, final ObjectName objectName, final String str, final AttributeList attributeList) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createConfigData", new Object[]{session, objectName, str, attributeList});
        }
        checkAccess(objectName);
        try {
            ObjectName objectName2 = (ObjectName) ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.2
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return AuthorizationGroupDelegator.this.createConfigDataAsSystem(session, objectName, str, attributeList);
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "createConfigData", objectName2);
            }
            return objectName2;
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ObjectName createConfigDataAsSystem(Session session, ObjectName objectName, String str, AttributeList attributeList) throws ConfigServiceException {
        return super.createConfigData(session, objectName, str, attributeList);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public void setAttributes(final Session session, final ObjectName objectName, final AttributeList attributeList) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setAttributes", new Object[]{session, objectName, attributeList});
        }
        checkAccess(objectName);
        try {
            ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.3
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AuthorizationGroupDelegator.this.setAttributesAsSystem(session, objectName, attributeList);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "setAttributes");
            }
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    public void setAttributesAsSystem(Session session, ObjectName objectName, AttributeList attributeList) throws ConfigServiceException {
        super.setAttributes(session, objectName, attributeList);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public void resetAttributes(final Session session, final ObjectName objectName, final AttributeList attributeList) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "resetAttributes", new Object[]{session, objectName, attributeList});
        }
        checkAccess(objectName);
        try {
            ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.4
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AuthorizationGroupDelegator.this.resetAttributesAsSystem(session, objectName, attributeList);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "resetAttributes");
            }
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    public void resetAttributesAsSystem(Session session, ObjectName objectName, AttributeList attributeList) throws ConfigServiceException {
        super.setAttributes(session, objectName, attributeList);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public void addElement(final Session session, final ObjectName objectName, final String str, final Object obj, final int i) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addElement", new Object[]{session, objectName});
        }
        checkAccess(objectName);
        try {
            ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.5
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AuthorizationGroupDelegator.this.addElementAsSystem(session, objectName, str, obj, i);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addElement");
            }
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addElementAsSystem(Session session, ObjectName objectName, String str, Object obj, int i) throws ConfigServiceException {
        super.addElement(session, objectName, str, obj, i);
    }

    @Override // com.ibm.ws.management.configservice.RootObjectDelegator, com.ibm.ws.management.configservice.ConfigServiceDelegator
    public void deleteConfigData(final Session session, final ObjectName objectName) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "deleteConfigData", new Object[]{session, objectName});
        }
        checkAccess(objectName);
        try {
            ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.6
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AuthorizationGroupDelegator.this.deleteConfigDataAsSystem(session, objectName);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "deleteConfigData");
            }
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void deleteConfigDataAsSystem(Session session, ObjectName objectName) throws ConfigServiceException {
        super.deleteConfigData(session, objectName);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public void unsetAttributes(final Session session, final ObjectName objectName, final String[] strArr) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unsetAttributes", new Object[]{session, objectName, strArr});
        }
        checkAccess(objectName);
        try {
            ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.7
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    AuthorizationGroupDelegator.this.unsetAttributesAsSystem(session, objectName, strArr);
                    return null;
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unsetAttributes");
            }
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void unsetAttributesAsSystem(Session session, ObjectName objectName, String[] strArr) throws ConfigServiceException {
        super.unsetAttributes(session, objectName, strArr);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public AttributeList getAttributes(final Session session, final ObjectName objectName, final String[] strArr, final boolean z) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAttributes", new Object[]{session, objectName});
        }
        if (strArr != null && strArr.length == 1 && !strArr[0].equals("name")) {
            checkAccess(objectName);
        } else if (strArr != null && strArr.length > 1) {
            checkAccess(objectName);
        }
        try {
            AttributeList attributeList = (AttributeList) ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.8
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return AuthorizationGroupDelegator.this.getAttributesAsSystem(session, objectName, strArr, z);
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getAttributes", attributeList);
            }
            return attributeList;
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AttributeList getAttributesAsSystem(Session session, ObjectName objectName, String[] strArr, boolean z) throws ConfigServiceException {
        return super.getAttributes(session, objectName, strArr, z);
    }

    @Override // com.ibm.ws.management.configservice.ConfigServiceDelegator
    public Object getAttribute(final Session session, final ObjectName objectName, final String str) throws ConfigServiceException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAttribute", new Object[]{session, objectName, str});
        }
        if (str != null && !str.equals("name")) {
            checkAccess(objectName);
        }
        try {
            Object runAsSpecified = ContextManagerFactory.getInstance().runAsSpecified(ContextManagerFactory.getInstance().getServerSubject(), new PrivilegedExceptionAction() { // from class: com.ibm.ws.management.configservice.AuthorizationGroupDelegator.9
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return AuthorizationGroupDelegator.this.getAttributeAsSystem(session, objectName, str);
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getAttribute", runAsSpecified);
            }
            return runAsSpecified;
        } catch (PrivilegedActionException e) {
            throw new ConfigServiceException(e.getException());
        } catch (Exception e2) {
            throw new ConfigServiceException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Object getAttributeAsSystem(Session session, ObjectName objectName, String str) throws ConfigServiceException {
        return super.getAttribute(session, objectName, str);
    }

    private void checkAccess(ObjectName objectName) throws ConfigServiceException {
        checkAccess(objectName, "adminsecuritymanager");
    }

    private void checkAccess(ObjectName objectName, String str) throws ConfigServiceException {
        if (objectName == null) {
            return;
        }
        String str2 = "cells/" + ConfigServiceHelper.getObjectLocation(objectName).getProperty("cell");
        AdminAuthorizer adminAuthorizer = AdminAuthorizerFactory.getAdminAuthorizer();
        if (adminAuthorizer != null && !adminAuthorizer.checkAccess(str2, str)) {
            throw new ConfigServiceException(TraceNLS.getFormattedMessage("com.ibm.ws.management.resources.configservice", "ADMG0505E", new Object[]{objectName}, (String) null));
        }
    }
}
