package org.sonatype.security.realms.tools;

import javax.enterprise.inject.Typed;
import javax.inject.Named;
import javax.inject.Singleton;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.security.model.CRole;
import org.sonatype.security.model.CUserRoleMapping;

@Singleton
@Typed({SecurityConfigurationCleaner.class})
@Named("default")
/* loaded from: input_file:WEB-INF/lib/nexus-security-realms-2.6.3-01.jar:org/sonatype/security/realms/tools/DefaultSecurityConfigurationCleaner.class */
public class DefaultSecurityConfigurationCleaner implements SecurityConfigurationCleaner {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Override // org.sonatype.security.realms.tools.SecurityConfigurationCleaner
    public void privilegeRemoved(EnhancedConfiguration enhancedConfiguration, String str) {
        this.logger.debug("Cleaning privilege id {} from roles.", str);
        for (CRole cRole : enhancedConfiguration.getRoles()) {
            if (cRole.getPrivileges().contains(str)) {
                this.logger.debug("removing privilege {} from role {}", str, cRole.getId());
                cRole.getPrivileges().remove(str);
                enhancedConfiguration.removeRoleById(cRole.getId());
                enhancedConfiguration.addRole(cRole);
            }
        }
    }

    @Override // org.sonatype.security.realms.tools.SecurityConfigurationCleaner
    public void roleRemoved(EnhancedConfiguration enhancedConfiguration, String str) {
        this.logger.debug("Cleaning role id {} from users and roles.", str);
        for (CRole cRole : enhancedConfiguration.getRoles()) {
            if (cRole.getRoles().contains(str)) {
                this.logger.debug("removing ref to role {} from role {}", str, cRole.getId());
                cRole.getRoles().remove(str);
                enhancedConfiguration.removeRoleById(cRole.getId());
                enhancedConfiguration.addRole(cRole);
            }
        }
        for (CUserRoleMapping cUserRoleMapping : enhancedConfiguration.getUserRoleMappings()) {
            if (cUserRoleMapping.getRoles().contains(str)) {
                this.logger.debug("removing ref to role {} from user {}", cUserRoleMapping.getUserId());
                cUserRoleMapping.removeRole(str);
                enhancedConfiguration.removeUserRoleMappingByUserId(cUserRoleMapping.getUserId(), cUserRoleMapping.getSource());
                enhancedConfiguration.addUserRoleMapping(cUserRoleMapping);
            }
        }
    }
}
