package org.sonatype.security.usermanagement.xml;

import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.inject.Description;
import org.sonatype.security.SecuritySystem;
import org.sonatype.security.authorization.NoSuchRoleException;
import org.sonatype.security.model.CUser;
import org.sonatype.security.model.CUserRoleMapping;
import org.sonatype.security.realms.XmlAuthenticatingRealm;
import org.sonatype.security.realms.tools.ConfigurationManager;
import org.sonatype.security.realms.tools.NoSuchRoleMappingException;
import org.sonatype.security.usermanagement.AbstractUserManager;
import org.sonatype.security.usermanagement.DefaultUser;
import org.sonatype.security.usermanagement.NoSuchUserManagerException;
import org.sonatype.security.usermanagement.RoleIdentifier;
import org.sonatype.security.usermanagement.RoleMappingUserManager;
import org.sonatype.security.usermanagement.StringDigester;
import org.sonatype.security.usermanagement.User;
import org.sonatype.security.usermanagement.UserManager;
import org.sonatype.security.usermanagement.UserNotFoundException;
import org.sonatype.security.usermanagement.UserSearchCriteria;
import org.sonatype.security.usermanagement.UserStatus;

@Named("default")
@Singleton
@Typed({UserManager.class})
@Description("Default")
/* loaded from: input_file:org/sonatype/security/usermanagement/xml/SecurityXmlUserManager.class */
public class SecurityXmlUserManager extends AbstractUserManager implements RoleMappingUserManager {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    public static final String SOURCE = "default";
    private final ConfigurationManager configuration;
    private final SecuritySystem securitySystem;

    @Inject
    public SecurityXmlUserManager(@Named("resourceMerging") ConfigurationManager configurationManager, SecuritySystem securitySystem) {
        this.configuration = configurationManager;
        this.securitySystem = securitySystem;
    }

    protected CUser toUser(User user) {
        if (user == null) {
            return null;
        }
        CUser cUser = new CUser();
        cUser.setId(user.getUserId());
        cUser.setFirstName(user.getFirstName());
        cUser.setLastName(user.getLastName());
        cUser.setEmail(user.getEmailAddress());
        cUser.setStatus(user.getStatus().name());
        return cUser;
    }

    protected User toUser(CUser cUser) {
        if (cUser == null) {
            return null;
        }
        DefaultUser defaultUser = new DefaultUser();
        defaultUser.setUserId(cUser.getId());
        defaultUser.setFirstName(cUser.getFirstName());
        defaultUser.setLastName(cUser.getLastName());
        defaultUser.setEmailAddress(cUser.getEmail());
        defaultUser.setSource("default");
        defaultUser.setStatus(UserStatus.valueOf(cUser.getStatus()));
        defaultUser.setReadOnly(false);
        try {
            defaultUser.setRoles(getUsersRoles(cUser.getId(), "default"));
        } catch (UserNotFoundException e) {
            this.logger.warn("Could not find user: '" + cUser.getId() + "' of source: 'default' while looking up the users roles.", e);
        }
        return defaultUser;
    }

    protected RoleIdentifier toRole(String str) {
        if (str == null) {
            return null;
        }
        try {
            return new RoleIdentifier("default", this.configuration.readRole(str).getId());
        } catch (NoSuchRoleException e) {
            return null;
        }
    }

    public Set<User> listUsers() {
        HashSet hashSet = new HashSet();
        Iterator<CUser> it = this.configuration.listUsers().iterator();
        while (it.hasNext()) {
            hashSet.add(toUser(it.next()));
        }
        return hashSet;
    }

    public Set<String> listUserIds() {
        HashSet hashSet = new HashSet();
        Iterator<CUser> it = this.configuration.listUsers().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getId());
        }
        return hashSet;
    }

    public User getUser(String str) throws UserNotFoundException {
        return toUser(this.configuration.readUser(str));
    }

    public String getSource() {
        return "default";
    }

    public boolean supportsWrite() {
        return true;
    }

    public User addUser(User user, String str) throws InvalidConfigurationException {
        CUser user2 = toUser(user);
        user2.setPassword(hashPassword(str));
        this.configuration.createUser(user2, getRoleIdsFromUser(user));
        saveConfiguration();
        return user;
    }

    public void changePassword(String str, String str2) throws UserNotFoundException, InvalidConfigurationException {
        CUser readUser = this.configuration.readUser(str);
        HashSet hashSet = new HashSet();
        try {
            hashSet.addAll(this.configuration.readUserRoleMapping(str, "default").getRoles());
        } catch (NoSuchRoleMappingException e) {
            this.logger.debug("User: " + str + " has no roles.");
        }
        readUser.setPassword(hashPassword(str2));
        this.configuration.updateUser(readUser, new HashSet(hashSet));
        saveConfiguration();
    }

    public User updateUser(User user) throws UserNotFoundException, InvalidConfigurationException {
        CUser readUser = this.configuration.readUser(user.getUserId());
        CUser user2 = toUser(user);
        user2.setPassword(readUser.getPassword());
        this.configuration.updateUser(user2, getRoleIdsFromUser(user));
        saveConfiguration();
        return user;
    }

    public void deleteUser(String str) throws UserNotFoundException {
        this.configuration.deleteUser(str);
        saveConfiguration();
    }

    public Set<RoleIdentifier> getUsersRoles(String str, String str2) throws UserNotFoundException {
        HashSet hashSet = new HashSet();
        try {
            CUserRoleMapping readUserRoleMapping = this.configuration.readUserRoleMapping(str, str2);
            if (readUserRoleMapping != null) {
                Iterator it = readUserRoleMapping.getRoles().iterator();
                while (it.hasNext()) {
                    RoleIdentifier role = toRole((String) it.next());
                    if (role != null) {
                        hashSet.add(role);
                    }
                }
            }
        } catch (NoSuchRoleMappingException e) {
            this.logger.debug("No user role mapping found for user: " + str);
        }
        return hashSet;
    }

    private void saveConfiguration() {
        this.configuration.save();
    }

    public Set<User> searchUsers(UserSearchCriteria userSearchCriteria) {
        HashSet hashSet = new HashSet();
        hashSet.addAll(filterListInMemeory(listUsers(), userSearchCriteria));
        for (CUserRoleMapping cUserRoleMapping : this.configuration.listUserRoleMappings()) {
            if (!"default".equals(cUserRoleMapping.getSource()) && matchesCriteria(cUserRoleMapping.getUserId(), cUserRoleMapping.getSource(), cUserRoleMapping.getRoles(), userSearchCriteria)) {
                try {
                    hashSet.add(getSecuritySystem().getUser(cUserRoleMapping.getUserId(), cUserRoleMapping.getSource()));
                } catch (UserNotFoundException e) {
                    this.logger.debug("User: '" + cUserRoleMapping.getUserId() + "' of source: '" + cUserRoleMapping.getSource() + "' could not be found.", e);
                } catch (NoSuchUserManagerException e2) {
                    this.logger.warn("User: '" + cUserRoleMapping.getUserId() + "' of source: '" + cUserRoleMapping.getSource() + "' could not be found.", e2);
                }
            }
        }
        return hashSet;
    }

    private SecuritySystem getSecuritySystem() {
        return this.securitySystem;
    }

    private String hashPassword(String str) {
        return (str == null || str.trim().length() <= 0) ? str : StringDigester.getSha1Digest(str);
    }

    public void setUsersRoles(String str, String str2, Set<RoleIdentifier> set) throws UserNotFoundException, InvalidConfigurationException {
        if (set == null || set.isEmpty()) {
            try {
                this.configuration.deleteUserRoleMapping(str, str2);
            } catch (NoSuchRoleMappingException e) {
                this.logger.debug("User role mapping for user: " + str + " source: " + str2 + " could not be deleted because it does not exist.");
            }
        } else {
            CUserRoleMapping cUserRoleMapping = new CUserRoleMapping();
            cUserRoleMapping.setUserId(str);
            cUserRoleMapping.setSource(str2);
            for (RoleIdentifier roleIdentifier : set) {
                if (getSource().equals(roleIdentifier.getSource())) {
                    cUserRoleMapping.addRole(roleIdentifier.getRoleId());
                }
            }
            try {
                this.configuration.updateUserRoleMapping(cUserRoleMapping);
            } catch (NoSuchRoleMappingException e2) {
                this.logger.debug("Update of user role mapping for user: " + str + " source: " + str2 + " did not exist, creating new one.");
                this.configuration.createUserRoleMapping(cUserRoleMapping);
            }
        }
        saveConfiguration();
    }

    public String getAuthenticationRealmName() {
        return XmlAuthenticatingRealm.ROLE;
    }

    private Set<String> getRoleIdsFromUser(User user) {
        HashSet hashSet = new HashSet();
        Iterator it = user.getRoles().iterator();
        while (it.hasNext()) {
            hashSet.add(((RoleIdentifier) it.next()).getRoleId());
        }
        return hashSet;
    }
}
