package org.wso2.registry.users.accesscontrol;

import java.util.Map;
import org.wso2.registry.i18n.Messages;
import org.wso2.registry.users.Authorizer;
import org.wso2.registry.users.UserStoreAdmin;
import org.wso2.registry.users.UserStoreException;

/* loaded from: input_file:org/wso2/registry/users/accesscontrol/ACLUserStoreAdmin.class */
public class ACLUserStoreAdmin extends ACLUserStoreReader implements UserStoreAdmin {
    private Authorizer authorizer;
    private UserStoreAdmin usAdmin;

    public ACLUserStoreAdmin(Authorizer authorizer, UserStoreAdmin userStoreAdmin, AuthorizingRealmConfig authorizingRealmConfig) {
        super(authorizer, userStoreAdmin, authorizingRealmConfig);
        this.authorizer = null;
        this.usAdmin = null;
        this.authorizer = authorizer;
        this.usAdmin = userStoreAdmin;
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void addUser(String str, Object obj) throws UserStoreException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.USER_RESOURCE, AccessControlConstants.ADD)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.USER_RESOURCE, AccessControlConstants.ADD}));
        }
        this.usAdmin.addUser(str, obj);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void updateUser(String str, Object obj, Object obj2) throws UserStoreException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT}));
        }
        this.usAdmin.updateUser(str, obj, obj2);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void updateUser(String str, Object obj) throws UserStoreException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT}));
        }
        this.usAdmin.updateUser(str, obj);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void deleteUser(String str) throws UserStoreException {
        if (this.config.getAuthenticatedUserName().equals(str) || ACLAdminChecker.isAdminUser(str)) {
            return;
        }
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.USER_RESOURCE, AccessControlConstants.DELETE)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.USER_RESOURCE, AccessControlConstants.DELETE}));
        }
        this.usAdmin.deleteUser(str);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void setUserProperties(String str, Map map) throws UserStoreException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && ((!this.config.getAuthenticatedUserName().equals(str) || !this.config.isCurrentUserEditable()) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT))) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.USER_RESOURCE, AccessControlConstants.EDIT}));
        }
        this.usAdmin.setUserProperties(str, map);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void addRole(String str) throws UserStoreException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.ADD)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.ADD}));
        }
        this.usAdmin.addRole(str);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void deleteRole(String str) throws UserStoreException {
        if (this.config.isEnableAdminBehavior() && this.config.getAdminRoleName().equals(str)) {
            return;
        }
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.DELETE)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.DELETE}));
        }
        this.usAdmin.deleteRole(str);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void setRoleProperties(String str, Map map) throws UserStoreException {
        if (this.config.isEnableAdminBehavior() && this.config.getAdminRoleName().equals(str)) {
            return;
        }
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.EDIT)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.EDIT}));
        }
        this.usAdmin.setRoleProperties(str, map);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void addUserToRole(String str, String str2) throws UserStoreException {
        if (this.config.isEnableAdminBehavior() && this.config.getAdminRoleName().equals(str2)) {
            return;
        }
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.ADD)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.ADD}));
        }
        this.usAdmin.addUserToRole(str, str2);
    }

    @Override // org.wso2.registry.users.UserStoreAdmin
    public void removeUserFromRole(String str, String str2) throws UserStoreException {
        if (this.config.isEnableAdminBehavior() && this.config.getAdminRoleName().equals(str2)) {
            return;
        }
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.DELETE)) {
            throw new UnauthorizedException(Messages.getMessage("unAuthorized", new String[]{AccessControlConstants.ROLE_RESOURCE, AccessControlConstants.DELETE}));
        }
        this.usAdmin.removeUserFromRole(str, str2);
    }
}
