package com.ibm.ws.scheduler;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.csi.J2EEName;
import com.ibm.ws.runtime.metadata.ComponentMetaData;
import com.ibm.ws.scheduler.resources.Messages;
import com.ibm.ws.scheduler.spi.TaskInfo;
import com.ibm.ws.scheduler.spi.TaskInfoRegistryUI;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.threadContext.ComponentMetaDataAccessorImpl;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/scheduler/SecurityControlImpl.class */
public class SecurityControlImpl {
    private static final TraceComponent tc = Tr.register((Class<?>) SecurityControlImpl.class, Messages.TR_GROUP_NAME, Messages.RESOURCE_BUNDLE);
    public static final int OWNERTOKEN_MAXLEN = 200;
    public static final String OWNERTOKEN_ADMIN = "ADMIN";

    public static void checkAccess(TaskInfo taskInfo, long j) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.CHECK_ACCESS, new Object[]{taskInfo.getTaskId(), SchedulerImpl.getMethodNameFromOperation(j)});
        }
        try {
            checkTaskOperationAccess(j, taskInfo);
            if (j != TaskInfoRegistryUI.OP_SCHEDULER_CREATETASK) {
                checkJ2EENameOfCaller(taskInfo);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, AuditConstants.CHECK_ACCESS);
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, AuditConstants.CHECK_ACCESS);
            }
            throw th;
        }
    }

    public static void checkJ2EENameOfCaller(TaskInfo taskInfo) {
        boolean isDebugEnabled = tc.isDebugEnabled();
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkJ2EENameOfCaller", new Object[]{taskInfo.getTaskId()});
        }
        try {
            J2EEName currentJ2EEName = getCurrentJ2EEName();
            J2EEName j2EEName = taskInfo.getJ2EEName();
            String ownerToken = getOwnerToken(currentJ2EEName);
            if (ownerToken.equals(OWNERTOKEN_ADMIN) || ownerToken.equals(getOwnerToken(j2EEName))) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkJ2EENameOfCaller");
                }
            } else {
                if (isDebugEnabled) {
                    Tr.debug(tc, "Denying Access. J2EENames do not match.", new Object[]{currentJ2EEName.getApplication(), j2EEName != null ? j2EEName.getApplication().toString() : null});
                }
                throw new SecurityException(Messages.getMessage(Messages.SCHD0127E));
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkJ2EENameOfCaller");
            }
            throw th;
        }
    }

    public static J2EEName getCurrentJ2EEName() {
        J2EEName j2EEName = null;
        ComponentMetaData componentMetaData = ComponentMetaDataAccessorImpl.getComponentMetaDataAccessor().getComponentMetaData();
        if (componentMetaData != null) {
            j2EEName = componentMetaData.getJ2EEName();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "ComponentMetaData, J2EEName for thread:", new Object[]{componentMetaData, j2EEName});
        }
        return j2EEName;
    }

    public static String getCurrentOwnerToken() {
        return getOwnerToken(getCurrentJ2EEName());
    }

    public static String getOwnerToken(J2EEName j2EEName) {
        if (j2EEName == null) {
            return OWNERTOKEN_ADMIN;
        }
        String application = j2EEName.getApplication();
        if (application.startsWith(SchedulerImpl.J2EENAME_PREFIX)) {
            return OWNERTOKEN_ADMIN;
        }
        if (application.length() <= 200) {
            return application;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "WARNING:  OwnerToken truncated.  It is greater than 200 characters.");
        }
        String upperCase = Integer.toHexString(application.hashCode()).toUpperCase();
        return application.substring(0, 200 - upperCase.length()) + upperCase;
    }

    public void method() {
    }

    public static void checkMethodAccess(String str) throws SecurityException {
        if (!SchedulerServiceImpl.instance().getRoleBasedAuthorizer().checkAccess("WASScheduler", "WASScheduler", str)) {
            throw new SecurityException(Messages.getMessage(Messages.SCHD0096E, str));
        }
    }

    public static void checkTaskOperationAccess(long j, TaskInfo taskInfo) {
        if (!((SchedulerServiceImpl) SchedulerServiceImpl.instance()).isTaskOperationSupported(2L, j, taskInfo)) {
            throw new SecurityException(Messages.getMessage(Messages.SCHD0097E, (Object[]) new String[]{SchedulerImpl.getMethodNameFromOperation(j), taskInfo.getClass().getName()}));
        }
    }
}
