package org.wso2.usermanager.acl.realm;

import java.util.Map;
import org.wso2.usermanager.Authorizer;
import org.wso2.usermanager.UserManagerConstants;
import org.wso2.usermanager.UserManagerException;
import org.wso2.usermanager.UserStoreReader;

/* loaded from: input_file:WEB-INF/lib/usermanager-core-0.61.jar:org/wso2/usermanager/acl/realm/ACLUserStoreReader.class */
public class ACLUserStoreReader implements UserStoreReader {
    private Authorizer authorizer;
    private UserStoreReader usReader;
    protected AuthorizingRealmConfig config;
    protected boolean isAdmin;

    public ACLUserStoreReader(Authorizer authorizer, UserStoreReader userStoreReader, AuthorizingRealmConfig authorizingRealmConfig) {
        this.authorizer = null;
        this.usReader = null;
        this.config = null;
        this.isAdmin = false;
        this.authorizer = authorizer;
        this.config = authorizingRealmConfig;
        this.usReader = userStoreReader;
        if (this.config.isEnableAdminBehavior() && ACLAdminChecker.isAdminUser(this.config.getAuthenticatedUserName())) {
            this.isAdmin = true;
        }
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getAllUserNames() throws UserManagerException {
        doAuthorizationToReadUser();
        return this.usReader.getAllUserNames();
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getUserNamesWithPropertyValue(String str, String str2) throws UserManagerException {
        doAuthorizationToReadUser();
        return this.usReader.getUserNamesWithPropertyValue(str, str2);
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public Map getUserProperties(String str) throws UserManagerException {
        if (!this.config.getAuthenticatedUserName().equals(str) || !this.config.isCurrentUserReadable()) {
            doAuthorizationToReadUser();
        }
        return this.usReader.getUserProperties(str);
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getUserPropertyNames() throws UserManagerException {
        doAuthorizationToReadUser();
        return this.usReader.getUserPropertyNames();
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public boolean isExistingUser(String str) throws UserManagerException {
        doAuthorizationToReadUser();
        return this.usReader.isExistingUser(str);
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getAllRoleNames() throws UserManagerException {
        doAuthorizationToReadRole();
        return this.usReader.getAllRoleNames();
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public Map getRoleProperties(String str) throws UserManagerException {
        doAuthorizationToReadRole();
        return this.usReader.getRoleProperties(str);
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getUserRoles(String str) throws UserManagerException {
        doAuthorizationToReadRole();
        return this.usReader.getUserRoles(str);
    }

    @Override // org.wso2.usermanager.UserStoreReader
    public String[] getUsersInRole(String str) throws UserManagerException {
        doAuthorizationToReadRole();
        return this.usReader.getUsersInRole(str);
    }

    protected void doAuthorizationToReadRole() throws UserManagerException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), UserManagerConstants.ROLE_RESOURCE, UserManagerConstants.READ)) {
            throw new UnauthorizedException("unAuthorized", new String[]{UserManagerConstants.ROLE_RESOURCE, UserManagerConstants.READ});
        }
    }

    protected void doAuthorizationToReadUser() throws UserManagerException {
        if ((!this.config.isEnableAdminBehavior() || !this.isAdmin) && !this.authorizer.isUserAuthorized(this.config.getAuthenticatedUserName(), "user", UserManagerConstants.READ)) {
            throw new UnauthorizedException("unAuthorized", new String[]{"user", UserManagerConstants.READ});
        }
    }
}
