package org.sonatype.security.ldap.usermanagement;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import java.util.Iterator;
import java.util.Set;
import java.util.TreeSet;
import org.codehaus.plexus.component.annotations.Component;
import org.codehaus.plexus.component.annotations.Requirement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.security.ldap.dao.LdapDAOException;
import org.sonatype.security.ldap.dao.LdapUser;
import org.sonatype.security.ldap.dao.NoSuchLdapUserException;
import org.sonatype.security.ldap.realms.LdapManager;
import org.sonatype.security.usermanagement.AbstractReadOnlyUserManager;
import org.sonatype.security.usermanagement.DefaultUser;
import org.sonatype.security.usermanagement.RoleIdentifier;
import org.sonatype.security.usermanagement.User;
import org.sonatype.security.usermanagement.UserManager;
import org.sonatype.security.usermanagement.UserNotFoundException;
import org.sonatype.security.usermanagement.UserNotFoundTransientException;
import org.sonatype.security.usermanagement.UserSearchCriteria;
import org.sonatype.security.usermanagement.UserStatus;

@Component(role = UserManager.class, hint = "LDAP")
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-ldap-realm-plugin-2.6.3-01/dependencies/nexus-ldap-common-2.6.3-01.jar:org/sonatype/security/ldap/usermanagement/LdapUserManager.class */
public class LdapUserManager extends AbstractReadOnlyUserManager {
    private static final Logger logger = LoggerFactory.getLogger(LdapUserManager.class);
    public static final String LDAP_REALM_KEY = "LdapAuthenticatingRealm";
    private static final String USER_SOURCE = "LDAP";

    @Requirement
    private LdapManager ldapManager;

    public LdapUserManager() {
    }

    @VisibleForTesting
    LdapUserManager(LdapManager ldapManager) {
        this.ldapManager = (LdapManager) Preconditions.checkNotNull(ldapManager);
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public User getUser(String str) throws UserNotFoundException {
        if (isEnabled()) {
            try {
                return toPlexusUser(this.ldapManager.getUser(str));
            } catch (LdapDAOException e) {
                logger.debug("User: " + str + " not found, cause: " + e.getMessage(), (Throwable) e);
                throw new UserNotFoundTransientException(str, e.getMessage(), e);
            } catch (NoSuchLdapUserException e2) {
                logger.debug("User: " + str + " not found.", (Throwable) e2);
            }
        }
        throw new UserNotFoundException(str);
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<String> listUserIds() {
        TreeSet treeSet = new TreeSet();
        Iterator<User> it = listUsers().iterator();
        while (it.hasNext()) {
            treeSet.add(it.next().getUserId());
        }
        return treeSet;
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<User> listUsers() {
        TreeSet treeSet = new TreeSet();
        if (isEnabled()) {
            try {
                Iterator<LdapUser> it = this.ldapManager.getAllUsers().iterator();
                while (it.hasNext()) {
                    treeSet.add(toPlexusUser(it.next()));
                }
            } catch (LdapDAOException e) {
                logger.debug("Could not return LDAP users, LDAP Realm must not be configured.", (Throwable) e);
            }
        }
        return treeSet;
    }

    private User toPlexusUser(LdapUser ldapUser) {
        DefaultUser defaultUser = new DefaultUser();
        String email = ldapUser.getEmail();
        if (email != null) {
            email = email.trim();
        }
        defaultUser.setEmailAddress(email);
        defaultUser.setName(ldapUser.getRealName());
        defaultUser.setUserId(ldapUser.getUsername());
        defaultUser.setSource("LDAP");
        defaultUser.setStatus(UserStatus.active);
        Iterator<String> it = ldapUser.getMembership().iterator();
        while (it.hasNext()) {
            defaultUser.addRole(new RoleIdentifier("LDAP", it.next()));
        }
        return defaultUser;
    }

    private boolean isEnabled() {
        return true;
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public String getSource() {
        return "LDAP";
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public Set<User> searchUsers(UserSearchCriteria userSearchCriteria) {
        TreeSet treeSet = new TreeSet();
        if (isEnabled()) {
            try {
                Iterator<LdapUser> it = this.ldapManager.searchUsers(userSearchCriteria.getUserId()).iterator();
                while (it.hasNext()) {
                    treeSet.add(toPlexusUser(it.next()));
                }
            } catch (LdapDAOException e) {
                logger.debug("Could not return LDAP users, LDAP Realm must not be configured.", (Throwable) e);
            }
        }
        return filterListInMemeory(treeSet, userSearchCriteria);
    }

    @Override // org.sonatype.security.usermanagement.UserManager
    public String getAuthenticationRealmName() {
        return LDAP_REALM_KEY;
    }
}
