package de.tsl2.nano.serviceaccess.aas.principal;

import de.tsl2.nano.action.CommonAction;
import de.tsl2.nano.action.IActivable;
import de.tsl2.nano.core.log.LogFactory;
import de.tsl2.nano.serviceaccess.ServiceFactory;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Collection;
import javax.security.auth.Subject;
import javax.security.auth.SubjectDomainCombiner;
import org.apache.commons.logging.Log;

/* loaded from: input_file:tsl2.nano.serviceaccess-2.4.2.jar:de/tsl2/nano/serviceaccess/aas/principal/AbstractPrincipalAction.class */
public abstract class AbstractPrincipalAction<RETURNTYPE> extends CommonAction<RETURNTYPE> {
    private static final long serialVersionUID = 2906676372188531019L;
    private static final Log LOG = LogFactory.getLog(AbstractPrincipalAction.class);

    public AbstractPrincipalAction() {
    }

    public AbstractPrincipalAction(String str, String str2, String str3, IActivable iActivable, Collection<String> collection) {
        super(str, str2, str3, iActivable, collection);
    }

    public AbstractPrincipalAction(String str, String str2, String str3, IActivable iActivable) {
        super(str, str2, str3, iActivable);
    }

    public AbstractPrincipalAction(String str, String str2, String str3) {
        super(str, str2, str3);
    }

    @Override // de.tsl2.nano.action.CommonAction, de.tsl2.nano.action.IAction
    public RETURNTYPE activate() {
        if (isPermitted()) {
            return (RETURNTYPE) Subject.doAs(ServiceFactory.instance().getSubject(), new PrivilegedAction<RETURNTYPE>() { // from class: de.tsl2.nano.serviceaccess.aas.principal.AbstractPrincipalAction.1
                @Override // java.security.PrivilegedAction
                public RETURNTYPE run() {
                    this.run();
                    return (RETURNTYPE) this.getLastResult();
                }
            });
        }
        throw new SecurityException("the current user is not allowed to start the action " + getId());
    }

    public boolean isPermitted() {
        try {
            new AccessControlContext(AccessController.getContext(), new SubjectDomainCombiner(ServiceFactory.instance().getSubject())).checkPermission(new APermission(getId(), null));
            return true;
        } catch (SecurityException e) {
            LOG.error("", e);
            return false;
        }
    }
}
