package com.resolution.atlasplugins.samlsso.confluence;

import com.atlassian.confluence.user.AuthenticatedUserThreadLocal;
import com.atlassian.confluence.user.ConfluenceUser;
import com.atlassian.confluence.user.UserAccessor;
import com.atlassian.user.Group;
import com.atlassian.user.impl.DefaultUser;
import com.atlassian.user.security.password.Credential;
import com.google.common.base.Objects;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/resolution/atlasplugins/samlsso/confluence/UserModificatorImpl.class */
public class UserModificatorImpl implements UserModificator {
    private static final Logger logger = LoggerFactory.getLogger(UserModificatorImpl.class);
    private final UserAccessor userAccessor;

    public UserModificatorImpl(UserAccessor userAccessor) {
        this.userAccessor = userAccessor;
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public ConfluenceUser createUser(String str, String str2, String str3) throws UserModificatorException {
        impersonateExecutionUser();
        DefaultUser defaultUser = new DefaultUser();
        defaultUser.setName(str);
        defaultUser.setFullName(str2);
        defaultUser.setEmail(str3);
        ConfluenceUser createUser = this.userAccessor.createUser(defaultUser, Credential.NONE);
        this.userAccessor.getPropertySet(createUser).setBoolean(UserModificator.SAMLSSOATTRIBUTEKEY, true);
        this.userAccessor.saveUser(createUser);
        return createUser;
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public boolean updateUser(ConfluenceUser confluenceUser, String str, String str2) throws UserModificatorException {
        impersonateExecutionUser();
        boolean z = false;
        DefaultUser defaultUser = new DefaultUser(confluenceUser);
        if (!Objects.equal(confluenceUser.getFullName(), str)) {
            z = true;
            defaultUser.setFullName(str);
        }
        if (!Objects.equal(confluenceUser.getEmail(), str2)) {
            z = true;
            defaultUser.setEmail(str2);
        }
        if (z) {
            this.userAccessor.saveUser(defaultUser);
        }
        return z;
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public boolean updateUserGroups(ConfluenceUser confluenceUser, Collection<String> collection, boolean z) throws UserModificatorException {
        impersonateExecutionUser();
        List<String> groupNames = this.userAccessor.getGroupNames(confluenceUser);
        ArrayList<String> arrayList = new ArrayList();
        ArrayList<String> arrayList2 = new ArrayList();
        if (z) {
            for (String str : groupNames) {
                if (!collection.contains(str)) {
                    arrayList.add(str);
                }
            }
        }
        for (String str2 : collection) {
            if (!groupNames.contains(str2)) {
                arrayList2.add(str2);
            }
        }
        if (arrayList2.isEmpty() && arrayList.isEmpty()) {
            return false;
        }
        for (String str3 : arrayList2) {
            Group group = this.userAccessor.getGroup(str3);
            if (group != null) {
                this.userAccessor.addMembership(group, confluenceUser);
            } else {
                logger.warn("Group {} does not exist.", str3);
            }
        }
        for (String str4 : arrayList) {
            Group group2 = this.userAccessor.getGroup(str4);
            if (group2 != null) {
                this.userAccessor.removeMembership(group2, confluenceUser);
            } else {
                logger.warn("Group {} does not exist.", str4);
            }
        }
        return true;
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public boolean enableUser(ConfluenceUser confluenceUser) throws UserModificatorException {
        impersonateExecutionUser();
        if (!this.userAccessor.isDeactivated(confluenceUser)) {
            return false;
        }
        this.userAccessor.reactivateUser(confluenceUser);
        return true;
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public boolean disableUser(ConfluenceUser confluenceUser) throws UserModificatorException {
        impersonateExecutionUser();
        if (this.userAccessor.isDeactivated(confluenceUser)) {
            return false;
        }
        this.userAccessor.deactivateUser(confluenceUser);
        return true;
    }

    private void impersonateExecutionUser() {
        Iterator it = this.userAccessor.getMembers(this.userAccessor.getGroup("confluence-administrators")).iterator();
        if (!it.hasNext()) {
            logger.error("No admin user found, not impersonating.");
            return;
        }
        ConfluenceUser confluenceUser = (ConfluenceUser) it.next();
        logger.debug("Impersonating admin user {}.", confluenceUser.getName());
        AuthenticatedUserThreadLocal.set(confluenceUser);
    }

    @Override // com.resolution.atlasplugins.samlsso.confluence.UserModificator
    public boolean isSAMLCreated(ConfluenceUser confluenceUser) {
        return this.userAccessor.getPropertySet(confluenceUser).getBoolean(UserModificator.SAMLSSOATTRIBUTEKEY);
    }
}
