package org.sonatype.nexus.user;

import org.codehaus.plexus.component.annotations.Component;
import org.codehaus.plexus.component.annotations.Requirement;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.security.SecuritySystem;
import org.sonatype.security.authorization.AuthorizationException;
import org.sonatype.security.usermanagement.NoSuchUserManagerException;
import org.sonatype.security.usermanagement.User;
import org.sonatype.security.usermanagement.UserNotFoundException;

@Component(role = UserAccountManager.class)
/* loaded from: input_file:org/sonatype/nexus/user/DefaultUserAccountManager.class */
public class DefaultUserAccountManager extends AbstractLogEnabled implements UserAccountManager {

    @Requirement
    private SecuritySystem securitySystem;

    @Override // org.sonatype.nexus.user.UserAccountManager
    public User readAccount(String str) throws UserNotFoundException, AuthorizationException {
        checkPermission(str);
        return this.securitySystem.getUser(str);
    }

    @Override // org.sonatype.nexus.user.UserAccountManager
    public User updateAccount(User user) throws InvalidConfigurationException, UserNotFoundException, NoSuchUserManagerException, AuthorizationException {
        checkPermission(user.getUserId());
        return this.securitySystem.updateUser(user);
    }

    protected void checkPermission(String str) throws AuthorizationException {
        if (this.securitySystem.isSecurityEnabled() && !this.securitySystem.getSubject().getPrincipal().equals(str)) {
            this.securitySystem.checkPermission(this.securitySystem.getSubject().getPrincipals(), "security:users");
        }
    }
}
