package com.sun.netstorage.samqfs.web.util;

import com.iplanet.jato.RequestManager;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOTokenManager;
import com.sun.management.services.authorization.AuthorizationException;
import com.sun.management.services.authorization.AuthorizationService;
import com.sun.management.services.authorization.AuthorizationServiceFactory;
import com.sun.management.services.authorization.SolarisRbacPermission;
import com.sun.netstorage.samqfs.mgmt.SamFSException;
import com.sun.netstorage.samqfs.web.model.fs.DumpSched;
import javax.security.auth.Subject;

/* loaded from: input_file:122807-03/SUNWfsmgrr/root/opt/SUNWfsmgr/samqfsui/WEB-INF/lib/fsmgr.jar:com/sun/netstorage/samqfs/web/util/RBACSecurityManagerImpl.class */
public class RBACSecurityManagerImpl implements SecurityManager {
    private int currentAuthorization;
    private String authorizationString;

    /* JADX INFO: Access modifiers changed from: package-private */
    public RBACSecurityManagerImpl() {
        initAuthorization();
    }

    protected void initAuthorization() {
        Authorization[] authorizationArr = {Authorization.CONFIG, Authorization.MEDIA_OPERATOR, Authorization.SAM_CONTROL, Authorization.FILE_OPERATOR, Authorization.FILESYSTEM_OPERATOR};
        this.currentAuthorization = 0;
        try {
            Subject subject = SSOTokenManager.getInstance().createSSOToken(RequestManager.getRequest()).getSubject();
            AuthorizationService authorizationService = AuthorizationServiceFactory.getAuthorizationService("SolarisRbac");
            if (authorizationService == null) {
                throw new SamFSException((String) null, -2200);
            }
            for (int i = 0; i < authorizationArr.length; i++) {
                if (authorizationService.checkPermission(subject, new SolarisRbacPermission(authorizationArr[i].toString()))) {
                    this.currentAuthorization |= authorizationArr[i].intValue();
                    if (this.authorizationString == null) {
                        this.authorizationString = SamUtil.getResourceString(authorizationArr[i].toString());
                    } else {
                        this.authorizationString = this.authorizationString.concat(DumpSched.EXCLUDE_DIRS_DELIMITER).concat(SamUtil.getResourceString(authorizationArr[i].toString()));
                    }
                }
            }
            if (authorizationService.checkPermission(subject, new SolarisRbacPermission(SecurityUtil.WRITE))) {
                this.currentAuthorization = Authorization.CONFIG.intValue();
            }
        } catch (SamFSException e) {
        } catch (SSOException e2) {
        } catch (AuthorizationException e3) {
        }
    }

    @Override // com.sun.netstorage.samqfs.web.util.SecurityManager
    public boolean hasAuthorization(Authorization authorization) {
        return (this.currentAuthorization & authorization.intValue()) == authorization.intValue();
    }

    @Override // com.sun.netstorage.samqfs.web.util.SecurityManager
    public String getCurrentAuthorization() {
        return this.authorizationString;
    }
}
