package org.sonatype.security.rest;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.codehaus.plexus.component.annotations.Requirement;
import org.restlet.data.Reference;
import org.restlet.data.Request;
import org.restlet.data.Status;
import org.sonatype.configuration.validation.InvalidConfigurationException;
import org.sonatype.configuration.validation.ValidationMessage;
import org.sonatype.configuration.validation.ValidationResponse;
import org.sonatype.plexus.rest.ReferenceFactory;
import org.sonatype.plexus.rest.resource.AbstractPlexusResource;
import org.sonatype.plexus.rest.resource.PlexusResourceException;
import org.sonatype.plexus.rest.resource.error.ErrorMessage;
import org.sonatype.plexus.rest.resource.error.ErrorResponse;
import org.sonatype.security.SecuritySystem;
import org.sonatype.security.authorization.NoSuchAuthorizationManager;
import org.sonatype.security.authorization.NoSuchRoleException;
import org.sonatype.security.authorization.Role;
import org.sonatype.security.rest.model.PlexusRoleResource;
import org.sonatype.security.rest.model.PlexusUserResource;
import org.sonatype.security.rest.model.UserResource;
import org.sonatype.security.usermanagement.DefaultUser;
import org.sonatype.security.usermanagement.RoleIdentifier;
import org.sonatype.security.usermanagement.User;
import org.sonatype.security.usermanagement.UserStatus;

/* loaded from: input_file:org/sonatype/security/rest/AbstractSecurityPlexusResource.class */
public abstract class AbstractSecurityPlexusResource extends AbstractPlexusResource {

    @Requirement
    private SecuritySystem securitySystem;
    protected static final String DEFAULT_SOURCE = "default";

    @Requirement
    protected ReferenceFactory referenceFactory;

    /* JADX INFO: Access modifiers changed from: protected */
    public SecuritySystem getSecuritySystem() {
        return this.securitySystem;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ErrorResponse getErrorResponse(String str, String str2) {
        ErrorResponse errorResponse = new ErrorResponse();
        ErrorMessage errorMessage = new ErrorMessage();
        errorMessage.setId(str);
        errorMessage.setMsg(str2);
        errorResponse.addError(errorMessage);
        return errorResponse;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void handleInvalidConfigurationException(InvalidConfigurationException invalidConfigurationException) throws PlexusResourceException {
        ErrorResponse errorResponse;
        getLogger().warn("Configuration error!", invalidConfigurationException);
        ValidationResponse validationResponse = invalidConfigurationException.getValidationResponse();
        if (validationResponse == null || validationResponse.getValidationErrors().size() <= 0) {
            errorResponse = getErrorResponse("*", invalidConfigurationException.getMessage());
        } else {
            ValidationMessage validationMessage = (ValidationMessage) validationResponse.getValidationErrors().get(0);
            errorResponse = getErrorResponse(validationMessage.getKey(), validationMessage.getShortMessage());
        }
        throw new PlexusResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Configuration error.", errorResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserResource securityToRestModel(User user, Request request, boolean z) {
        UserResource userResource = new UserResource();
        userResource.setEmail(user.getEmailAddress());
        userResource.setName(user.getName());
        userResource.setStatus(user.getStatus().name());
        userResource.setUserId(user.getUserId());
        userResource.setResourceURI(createChildReference(request, z ? userResource.getUserId() : "").toString());
        userResource.setUserManaged(!user.isReadOnly());
        Iterator it = user.getRoles().iterator();
        while (it.hasNext()) {
            userResource.addRole(((RoleIdentifier) it.next()).getRoleId());
        }
        return userResource;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public User restToSecurityModel(User user, UserResource userResource) throws InvalidConfigurationException {
        if (user == null) {
            user = new DefaultUser();
        }
        checkUsersStatus(userResource.getStatus());
        user.setEmailAddress(userResource.getEmail());
        user.setName(userResource.getName());
        user.setStatus(UserStatus.valueOf(userResource.getStatus()));
        user.setUserId(userResource.getUserId());
        user.setSource(DEFAULT_SOURCE);
        HashSet hashSet = new HashSet();
        Iterator<String> it = userResource.getRoles().iterator();
        while (it.hasNext()) {
            hashSet.add(new RoleIdentifier(DEFAULT_SOURCE, it.next()));
        }
        user.setRoles(hashSet);
        return user;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PlexusUserResource securityToRestModel(User user) {
        PlexusUserResource plexusUserResource = new PlexusUserResource();
        plexusUserResource.setUserId(user.getUserId());
        plexusUserResource.setSource(user.getSource());
        plexusUserResource.setName(user.getName());
        plexusUserResource.setEmail(user.getEmailAddress());
        Iterator it = user.getRoles().iterator();
        while (it.hasNext()) {
            plexusUserResource.addRole(securityToRestModel((RoleIdentifier) it.next()));
        }
        return plexusUserResource;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PlexusRoleResource securityToRestModel(Role role) {
        PlexusRoleResource plexusRoleResource = new PlexusRoleResource();
        plexusRoleResource.setRoleId(role.getRoleId());
        plexusRoleResource.setName(role.getName());
        plexusRoleResource.setSource(role.getSource());
        return plexusRoleResource;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<PlexusUserResource> securityToRestModel(Set<User> set) {
        ArrayList arrayList = new ArrayList();
        Iterator<User> it = set.iterator();
        while (it.hasNext()) {
            arrayList.add(securityToRestModel(it.next()));
        }
        return arrayList;
    }

    protected PlexusRoleResource securityToRestModel(RoleIdentifier roleIdentifier) {
        String roleId = roleIdentifier.getRoleId();
        try {
            roleId = getSecuritySystem().getAuthorizationManager(DEFAULT_SOURCE).getRole(roleIdentifier.getRoleId()).getName();
        } catch (NoSuchRoleException e) {
            if (DEFAULT_SOURCE.equals(roleIdentifier.getSource())) {
                getLogger().warn("Failed to lookup the users Role: " + roleIdentifier.getRoleId() + " source: " + roleIdentifier.getSource() + " but the user has this role.", e);
            } else {
                getLogger().debug("Failed to lookup the users Role: " + roleIdentifier.getRoleId() + " source: " + roleIdentifier.getSource() + " falling back to the roleId for the role's name.");
            }
        } catch (NoSuchAuthorizationManager e2) {
            getLogger().warn("Failed to lookup the users Role: " + roleIdentifier.getRoleId() + " source: " + roleIdentifier.getSource() + " but the user has this role.", e2);
        }
        PlexusRoleResource plexusRoleResource = new PlexusRoleResource();
        plexusRoleResource.setRoleId(roleIdentifier.getRoleId());
        plexusRoleResource.setName(roleId);
        plexusRoleResource.setSource(roleIdentifier.getSource());
        return plexusRoleResource;
    }

    protected Reference getContextRoot(Request request) {
        return this.referenceFactory.getContextRoot(request);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Reference createChildReference(Request request, String str) {
        return this.referenceFactory.createChildReference(request, str);
    }

    protected void checkUsersStatus(String str) throws InvalidConfigurationException {
        boolean z = false;
        for (UserStatus userStatus : UserStatus.values()) {
            if (userStatus.name().equals(str)) {
                z = true;
            }
        }
        if (z) {
            return;
        }
        ValidationResponse validationResponse = new ValidationResponse();
        validationResponse.addValidationError(new ValidationMessage("status", "Users status is not valid."));
        throw new InvalidConfigurationException(validationResponse);
    }
}
