package com.terracotta.management.security.shiro;

import com.terracotta.management.dao.DataAccessException;
import com.terracotta.management.security.SecurityContextManager;
import com.terracotta.management.security.shiro.realm.TCIniRealm;
import com.terracotta.management.user.UserInfo;
import com.terracotta.management.user.UserRole;
import com.terracotta.management.user.dao.DatastoreNotFoundException;
import com.terracotta.management.user.dao.impl.IniFileUserInfoDao;
import com.terracotta.management.user.impl.DfltUserInfo;
import com.terracotta.management.user.services.UserService;
import org.apache.shiro.authc.SimpleAccount;
import org.terracotta.management.ServiceExecutionException;

/* loaded from: input_file:WEB-INF/classes/com/terracotta/management/security/shiro/ShiroSecurityContextManager.class */
public final class ShiroSecurityContextManager implements SecurityContextManager, UserService {
    private final IniFileUserInfoDao iniUserInfoDao;
    private final TCIniRealm tcIniRealm;

    public ShiroSecurityContextManager(IniFileUserInfoDao iniFileUserInfoDao, TCIniRealm tCIniRealm) {
        this.iniUserInfoDao = iniFileUserInfoDao;
        this.tcIniRealm = tCIniRealm;
    }

    @Override // com.terracotta.management.user.services.UserService
    public synchronized void addUser(UserInfo userInfo) throws ServiceExecutionException {
        try {
            this.iniUserInfoDao.create(userInfo);
            this.tcIniRealm.addAccount(userInfo.getUsername(), userInfo.getPasswordHash(), userInfo.getRoles() == null ? null : (String[]) UserRole.convertRoles(userInfo.getRoles()).toArray(new String[0]));
        } catch (DataAccessException e) {
            throw new ServiceExecutionException(String.format("Unable to create '%s'. Check the configured location of the security ini file and the file permissions for the user that started the application.", userInfo));
        }
    }

    @Override // com.terracotta.management.user.services.UserService
    public synchronized void updateUser(UserInfo userInfo) throws ServiceExecutionException {
        try {
            this.iniUserInfoDao.createOrUpdate(userInfo);
            SimpleAccount account = this.tcIniRealm.getAccount(userInfo.getUsername());
            account.setCredentials(userInfo.getPasswordHash());
            account.setRoles(UserRole.convertRoles(userInfo.getRoles()));
        } catch (DataAccessException e) {
            throw new ServiceExecutionException(String.format("Unable to update '%s'. Check the configured location of the security ini file and the file permissions for the user that started the application.", userInfo));
        }
    }

    @Override // com.terracotta.management.user.services.UserService
    public synchronized void disableUser(String str) {
        SimpleAccount account = this.tcIniRealm.getAccount(str);
        if (account != null) {
            account.setLocked(true);
        }
    }

    @Override // com.terracotta.management.user.services.UserService
    public synchronized void deleteUser(UserInfo userInfo) throws ServiceExecutionException {
        try {
            this.iniUserInfoDao.delete(userInfo);
            this.tcIniRealm.removeAccount(userInfo.getUsername());
        } catch (DataAccessException e) {
            throw new ServiceExecutionException(String.format("Unable to delete '%s'. Check the configured location of the security ini file and the file permissions for the user that started the application.", userInfo));
        }
    }

    @Override // com.terracotta.management.user.services.UserService
    public synchronized UserInfo getUser(String str) {
        SimpleAccount account = this.tcIniRealm.getAccount(str);
        if (account == null) {
            return null;
        }
        return new DfltUserInfo(str, account.getCredentials().toString(), UserRole.convertRoleNames(account.getRoles()));
    }

    @Override // com.terracotta.management.security.SecurityContextManager
    public synchronized boolean hasValidSecurityContext() {
        boolean z = true;
        if (this.tcIniRealm.isEmpty()) {
            z = false;
        }
        if (z) {
            try {
                this.iniUserInfoDao.validate(false);
                z = this.iniUserInfoDao.hasUserInfos();
            } catch (DatastoreNotFoundException e) {
                z = false;
            } catch (DataAccessException e2) {
                throw new RuntimeException(e2);
            }
        }
        return z;
    }
}
