package net.sf.jguard.core.authorization.policy;

import com.google.inject.Singleton;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.Permission;
import java.security.Policy;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.annotation.Nullable;
import javax.inject.Inject;
import javax.security.auth.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:net/sf/jguard/core/authorization/policy/AccessControllerWrapperImpl.class */
public class AccessControllerWrapperImpl implements AccessControllerWrapper {
    private static final Logger logger = LoggerFactory.getLogger(AccessControllerWrapperImpl.class.getName());
    private static LocalAccessController accessController = null;

    @Inject
    public AccessControllerWrapperImpl(@Nullable Policy policy) {
        if (policy != null) {
            accessController = new LocalAccessController(policy);
        }
    }

    @Override // net.sf.jguard.core.authorization.policy.AccessControllerWrapper
    public boolean hasPermission(Subject subject, Permission permission) {
        try {
            checkPermission(subject, permission);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // net.sf.jguard.core.authorization.policy.AccessControllerWrapper
    public void checkPermission(Subject subject, final Permission permission) throws AccessControlException, PrivilegedActionException {
        if (subject == null && logger.isDebugEnabled()) {
            logger.debug(" subject is null");
        }
        try {
            Subject.doAs(subject, new PrivilegedExceptionAction() { // from class: net.sf.jguard.core.authorization.policy.AccessControllerWrapperImpl.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() {
                    if (AccessControllerWrapperImpl.accessController == null) {
                        AccessController.checkPermission(permission);
                        return null;
                    }
                    AccessControllerWrapperImpl.accessController.checkPermission(permission);
                    return null;
                }
            });
            if (logger.isDebugEnabled()) {
                logger.debug("user has got the permission ", permission);
            }
        } catch (AccessControlException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("AccessControlException ", e);
            }
            throw e;
        } catch (PrivilegedActionException e2) {
            if (logger.isDebugEnabled()) {
                logger.debug("PrivilegedActionException ", e2);
            }
            throw e2;
        }
    }
}
