package org.apache.derby.iapi.security;

import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.HashSet;
import javax.security.auth.Subject;
import org.apache.derby.authentication.SystemPrincipal;
import org.apache.derby.iapi.error.StandardException;
import org.apache.derby.iapi.util.IdUtil;

/* loaded from: input_file:META-INF/lib/derby-10.5.3.0_1.jar:org/apache/derby/iapi/security/SecurityUtil.class */
public class SecurityUtil {
    public static Subject createSystemPrincipalSubject(String str) {
        HashSet hashSet = new HashSet();
        if (str != null) {
            hashSet.add(new SystemPrincipal(str));
            hashSet.add(new SystemPrincipal(getAuthorizationId(str)));
        }
        HashSet hashSet2 = new HashSet();
        return new Subject(true, hashSet, hashSet2, hashSet2);
    }

    private static String getAuthorizationId(String str) {
        if (str == null) {
            throw new NullPointerException("name can't be null");
        }
        if (str.length() == 0) {
            throw new IllegalArgumentException("name can't be empty");
        }
        try {
            return IdUtil.getUserAuthorizationId(str);
        } catch (StandardException e) {
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public static void checkSubjectHasPermission(Subject subject, Permission permission) {
        AccessController.doPrivileged(new PrivilegedAction(subject, new PrivilegedAction(permission) { // from class: org.apache.derby.iapi.security.SecurityUtil.1
            private final Permission val$perm;

            {
                this.val$perm = permission;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                AccessController.checkPermission(this.val$perm);
                return null;
            }
        }) { // from class: org.apache.derby.iapi.security.SecurityUtil.2
            private final Subject val$subject;
            private final PrivilegedAction val$runCheck;

            {
                this.val$subject = subject;
                this.val$runCheck = r5;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                Subject.doAsPrivileged(this.val$subject, this.val$runCheck, (AccessControlContext) null);
                return null;
            }
        });
    }

    public static void checkUserHasPermission(String str, Permission permission) {
        if (System.getSecurityManager() == null) {
            return;
        }
        checkSubjectHasPermission(createSystemPrincipalSubject(str), permission);
    }
}
