package org.sonatype.security.usermanagement.xml;

import com.google.common.base.Throwables;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.shiro.authc.credential.PasswordService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.inject.Description;
import org.sonatype.security.SecuritySystem;
import org.sonatype.security.authorization.NoSuchRoleException;
import org.sonatype.security.model.CUser;
import org.sonatype.security.model.CUserRoleMapping;
import org.sonatype.security.realms.XmlAuthenticatingRealm;
import org.sonatype.security.realms.tools.ConfigurationManager;
import org.sonatype.security.realms.tools.ConfigurationManagerAction;
import org.sonatype.security.realms.tools.NoSuchRoleMappingException;
import org.sonatype.security.usermanagement.AbstractUserManager;
import org.sonatype.security.usermanagement.DefaultUser;
import org.sonatype.security.usermanagement.NoSuchUserManagerException;
import org.sonatype.security.usermanagement.RoleIdentifier;
import org.sonatype.security.usermanagement.RoleMappingUserManager;
import org.sonatype.security.usermanagement.User;
import org.sonatype.security.usermanagement.UserManager;
import org.sonatype.security.usermanagement.UserNotFoundException;
import org.sonatype.security.usermanagement.UserSearchCriteria;
import org.sonatype.security.usermanagement.UserStatus;

@Named("default")
@Singleton
@Typed({UserManager.class})
@Description("Default")
/* loaded from: input_file:WEB-INF/lib/nexus-security-realms-2.6.3-01.jar:org/sonatype/security/usermanagement/xml/SecurityXmlUserManager.class */
public class SecurityXmlUserManager extends AbstractUserManager implements RoleMappingUserManager {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    public static final String SOURCE = "default";
    private final ConfigurationManager configuration;
    private final SecuritySystem securitySystem;
    private final PasswordService passwordService;

    @Inject
    public SecurityXmlUserManager(@Named("default") ConfigurationManager configurationManager, SecuritySystem securitySystem, PasswordService passwordService) {
        this.configuration = configurationManager;
        this.securitySystem = securitySystem;
        this.passwordService = passwordService;
    }

    protected CUser toUser(User user) {
        if (user == null) {
            return null;
        }
        CUser cUser = new CUser();
        cUser.setId(user.getUserId());
        cUser.setFirstName(user.getFirstName());
        cUser.setLastName(user.getLastName());
        cUser.setEmail(user.getEmailAddress());
        cUser.setStatus(user.getStatus().name());
        return cUser;
    }

    protected User toUser(CUser cUser) {
        if (cUser == null) {
            return null;
        }
        DefaultUser defaultUser = new DefaultUser();
        defaultUser.setUserId(cUser.getId());
        defaultUser.setFirstName(cUser.getFirstName());
        defaultUser.setLastName(cUser.getLastName());
        defaultUser.setEmailAddress(cUser.getEmail());
        defaultUser.setSource("default");
        defaultUser.setStatus(UserStatus.valueOf(cUser.getStatus()));
        defaultUser.setReadOnly(false);
        try {
            defaultUser.setRoles(getUsersRoles(cUser.getId(), "default"));
        } catch (UserNotFoundException e) {
            this.logger.warn("Could not find user: '" + cUser.getId() + "' of source: 'default' while looking up the users roles.", (Throwable) e);
        }
        return defaultUser;
    }

    protected RoleIdentifier toRole(String str) {
        if (str == null) {
            return null;
        }
        try {
            return new RoleIdentifier("default", this.configuration.readRole(str).getId());
        } catch (NoSuchRoleException e) {
            return null;
        }
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<User> listUsers() {
        HashSet hashSet = new HashSet();
        Iterator<CUser> it = this.configuration.listUsers().iterator();
        while (it.hasNext()) {
            hashSet.add(toUser(it.next()));
        }
        return hashSet;
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<String> listUserIds() {
        HashSet hashSet = new HashSet();
        Iterator<CUser> it = this.configuration.listUsers().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getId());
        }
        return hashSet;
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public User getUser(String str) throws UserNotFoundException {
        return toUser(this.configuration.readUser(str));
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public String getSource() {
        return "default";
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public boolean supportsWrite() {
        return true;
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public User addUser(final User user, String str) throws InvalidConfigurationException {
        final CUser user2 = toUser(user);
        user2.setPassword(hashPassword(str));
        try {
            this.configuration.runWrite(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.1
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    SecurityXmlUserManager.this.configuration.createUser(user2, SecurityXmlUserManager.this.getRoleIdsFromUser(user));
                    SecurityXmlUserManager.this.saveConfiguration();
                }
            });
            return user;
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, InvalidConfigurationException.class);
            throw Throwables.propagate(e);
        }
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public void changePassword(final String str, final String str2) throws UserNotFoundException, InvalidConfigurationException {
        try {
            this.configuration.runWrite(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.2
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    CUser readUser = SecurityXmlUserManager.this.configuration.readUser(str);
                    readUser.setPassword(SecurityXmlUserManager.this.hashPassword(str2));
                    SecurityXmlUserManager.this.configuration.updateUser(readUser);
                    SecurityXmlUserManager.this.saveConfiguration();
                }
            });
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, UserNotFoundException.class, InvalidConfigurationException.class);
            throw Throwables.propagate(e);
        }
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public User updateUser(final User user) throws UserNotFoundException, InvalidConfigurationException {
        try {
            this.configuration.runWrite(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.3
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    CUser readUser = SecurityXmlUserManager.this.configuration.readUser(user.getUserId());
                    CUser user2 = SecurityXmlUserManager.this.toUser(user);
                    user2.setPassword(readUser.getPassword());
                    SecurityXmlUserManager.this.configuration.updateUser(user2, SecurityXmlUserManager.this.getRoleIdsFromUser(user));
                    SecurityXmlUserManager.this.saveConfiguration();
                }
            });
            return user;
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, UserNotFoundException.class, InvalidConfigurationException.class);
            throw Throwables.propagate(e);
        }
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public void deleteUser(final String str) throws UserNotFoundException {
        try {
            this.configuration.runWrite(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.4
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    SecurityXmlUserManager.this.configuration.deleteUser(str);
                    SecurityXmlUserManager.this.saveConfiguration();
                }
            });
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, UserNotFoundException.class);
            throw Throwables.propagate(e);
        }
    }

    @Override // org.sonatype.security.usermanagement.RoleMappingUserManager
    public Set<RoleIdentifier> getUsersRoles(final String str, final String str2) throws UserNotFoundException {
        final HashSet hashSet = new HashSet();
        try {
            this.configuration.runRead(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.5
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    try {
                        CUserRoleMapping readUserRoleMapping = SecurityXmlUserManager.this.configuration.readUserRoleMapping(str, str2);
                        if (readUserRoleMapping != null) {
                            Iterator<String> it = readUserRoleMapping.getRoles().iterator();
                            while (it.hasNext()) {
                                RoleIdentifier role = SecurityXmlUserManager.this.toRole(it.next());
                                if (role != null) {
                                    hashSet.add(role);
                                }
                            }
                        }
                    } catch (NoSuchRoleMappingException e) {
                        SecurityXmlUserManager.this.logger.debug("No user role mapping found for user: " + str);
                    }
                }
            });
            return hashSet;
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, UserNotFoundException.class);
            throw Throwables.propagate(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveConfiguration() {
        this.configuration.save();
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<User> searchUsers(final UserSearchCriteria userSearchCriteria) {
        final HashSet hashSet = new HashSet();
        try {
            this.configuration.runRead(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.6
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    hashSet.addAll(SecurityXmlUserManager.this.filterListInMemeory(SecurityXmlUserManager.this.listUsers(), userSearchCriteria));
                    for (CUserRoleMapping cUserRoleMapping : SecurityXmlUserManager.this.configuration.listUserRoleMappings()) {
                        if (!"default".equals(cUserRoleMapping.getSource()) && SecurityXmlUserManager.this.matchesCriteria(cUserRoleMapping.getUserId(), cUserRoleMapping.getSource(), cUserRoleMapping.getRoles(), userSearchCriteria)) {
                            try {
                                hashSet.add(SecurityXmlUserManager.this.getSecuritySystem().getUser(cUserRoleMapping.getUserId(), cUserRoleMapping.getSource()));
                            } catch (NoSuchUserManagerException e) {
                                SecurityXmlUserManager.this.logger.warn("User: '" + cUserRoleMapping.getUserId() + "' of source: '" + cUserRoleMapping.getSource() + "' could not be found.", (Throwable) e);
                            } catch (UserNotFoundException e2) {
                                SecurityXmlUserManager.this.logger.debug("User: '" + cUserRoleMapping.getUserId() + "' of source: '" + cUserRoleMapping.getSource() + "' could not be found.", (Throwable) e2);
                            }
                        }
                    }
                }
            });
            return hashSet;
        } catch (Exception e) {
            throw Throwables.propagate(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SecuritySystem getSecuritySystem() {
        return this.securitySystem;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String hashPassword(String str) {
        return (str == null || str.trim().length() <= 0) ? str : this.passwordService.encryptPassword(str);
    }

    @Override // org.sonatype.security.usermanagement.RoleMappingUserManager
    public void setUsersRoles(final String str, final String str2, final Set<RoleIdentifier> set) throws UserNotFoundException, InvalidConfigurationException {
        try {
            this.configuration.runWrite(new ConfigurationManagerAction() { // from class: org.sonatype.security.usermanagement.xml.SecurityXmlUserManager.7
                @Override // org.sonatype.security.realms.tools.ConfigurationManagerAction
                public void run() throws Exception {
                    if (set == null || set.isEmpty()) {
                        try {
                            SecurityXmlUserManager.this.configuration.deleteUserRoleMapping(str, str2);
                        } catch (NoSuchRoleMappingException e) {
                            SecurityXmlUserManager.this.logger.debug("User role mapping for user: " + str + " source: " + str2 + " could not be deleted because it does not exist.");
                        }
                    } else {
                        CUserRoleMapping cUserRoleMapping = new CUserRoleMapping();
                        cUserRoleMapping.setUserId(str);
                        cUserRoleMapping.setSource(str2);
                        for (RoleIdentifier roleIdentifier : set) {
                            if (SecurityXmlUserManager.this.getSource().equals(roleIdentifier.getSource())) {
                                cUserRoleMapping.addRole(roleIdentifier.getRoleId());
                            }
                        }
                        try {
                            SecurityXmlUserManager.this.configuration.updateUserRoleMapping(cUserRoleMapping);
                        } catch (NoSuchRoleMappingException e2) {
                            SecurityXmlUserManager.this.logger.debug("Update of user role mapping for user: " + str + " source: " + str2 + " did not exist, creating new one.");
                            SecurityXmlUserManager.this.configuration.createUserRoleMapping(cUserRoleMapping);
                        }
                    }
                    SecurityXmlUserManager.this.saveConfiguration();
                }
            });
        } catch (Exception e) {
            Throwables.propagateIfPossible(e, UserNotFoundException.class, InvalidConfigurationException.class);
            throw Throwables.propagate(e);
        }
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public String getAuthenticationRealmName() {
        return XmlAuthenticatingRealm.ROLE;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Set<String> getRoleIdsFromUser(User user) {
        HashSet hashSet = new HashSet();
        Iterator<RoleIdentifier> it = user.getRoles().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getRoleId());
        }
        return hashSet;
    }
}
