package org.codehaus.plexus.redback.struts2.action;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.redback.policy.PasswordRuleViolationException;
import org.codehaus.plexus.redback.rbac.Permission;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.redback.integration.model.UserCredentials;
import org.codehaus.redback.integration.role.RoleConstants;
import org.codehaus.redback.integration.util.RoleSorter;

/* loaded from: input_file:WEB-INF/lib/redback-struts2-integration-1.2.8.jar:org/codehaus/plexus/redback/struts2/action/AbstractUserCredentialsAction.class */
public abstract class AbstractUserCredentialsAction extends AbstractSecurityAction {
    private RBACManager manager;
    protected SecuritySystem securitySystem;
    protected UserCredentials internalUser;
    protected final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";

    public RBACManager getManager() {
        return this.manager;
    }

    public void setManager(RBACManager rBACManager) {
        this.manager = rBACManager;
    }

    public SecuritySystem getSecuritySystem() {
        return this.securitySystem;
    }

    public void setSecuritySystem(SecuritySystem securitySystem) {
        this.securitySystem = securitySystem;
    }

    public void validateCredentialsLoose() {
        if (StringUtils.isEmpty(this.internalUser.getUsername())) {
            addFieldError("user.username", getText("username.required"));
        } else if (!this.internalUser.getUsername().matches("[a-zA-Z_0-9\\-.@]*")) {
            addFieldError("user.username", getText("username.invalid.characters"));
        }
        if (StringUtils.isEmpty(this.internalUser.getFullName())) {
            addFieldError("user.fullName", getText("fullName.required"));
        }
        if (StringUtils.isEmpty(this.internalUser.getEmail())) {
            addFieldError("user.email", getText("email.required"));
        }
        if (!StringUtils.equals(this.internalUser.getPassword(), this.internalUser.getConfirmPassword())) {
            addFieldError("user.confirmPassword", getText("passwords.does.not.match"));
        }
        try {
            if (!StringUtils.isEmpty(this.internalUser.getEmail())) {
                new InternetAddress(this.internalUser.getEmail(), true);
            }
        } catch (AddressException e) {
            addFieldError("user.email", getText("email.invalid"));
        }
    }

    public void validateCredentialsStrict() {
        validateCredentialsLoose();
        try {
            this.securitySystem.getPolicy().validatePassword(this.internalUser.createUser(this.securitySystem.getUserManager()));
        } catch (PasswordRuleViolationException e) {
            processPasswordRuleViolations(e);
        }
        if (StringUtils.isEmpty(this.internalUser.getPassword())) {
            addFieldError("user.password", getText("password.required"));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Role> filterRolesForCurrentUserAccess(List<Role> list) throws RbacManagerException {
        String currentUser = getCurrentUser();
        ArrayList arrayList = new ArrayList();
        Map<String, List<Permission>> assignedPermissionMap = this.manager.getAssignedPermissionMap(currentUser);
        ArrayList<String> arrayList2 = new ArrayList();
        if (!assignedPermissionMap.containsKey(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            return Collections.emptyList();
        }
        for (Permission permission : assignedPermissionMap.get(RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION)) {
            if (permission.getResource().getIdentifier().equals("*")) {
                return list;
            }
            arrayList2.add(permission.getResource().getIdentifier());
        }
        for (Role role : list) {
            int indexOf = role.getName().indexOf(ArchivaRoleConstants.DELIMITER);
            for (String str : arrayList2) {
                if (role.getName().indexOf(str) != -1 && indexOf != -1 && role.getName().substring(indexOf + ArchivaRoleConstants.DELIMITER.length()).equals(str)) {
                    arrayList.add(role);
                }
            }
        }
        Collections.sort(arrayList, new RoleSorter());
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Role> getFilteredRolesForCurrentUserAccess() throws RbacManagerException {
        List<Role> allRoles = this.manager.getAllRoles();
        return allRoles == null ? Collections.emptyList() : filterRolesForCurrentUserAccess(allRoles);
    }
}
