package org.sonatype.security.rest.users;

import org.apache.shiro.realm.text.IniRealm;
import org.restlet.data.Request;
import org.restlet.data.Status;
import org.restlet.resource.Representation;
import org.restlet.resource.ResourceException;
import org.sonatype.plexus.rest.resource.PlexusResourceException;
import org.sonatype.security.rest.AbstractSecurityPlexusResource;
import org.sonatype.security.rest.model.UserResource;
import org.sonatype.security.usermanagement.User;

/* loaded from: input_file:WEB-INF/plugin-repository/nexus-restlet1x-plugin-2.14.16-01/nexus-restlet1x-plugin-2.14.16-01.jar:org/sonatype/security/rest/users/AbstractUserPlexusResource.class */
public abstract class AbstractUserPlexusResource extends AbstractSecurityPlexusResource {
    public static final String USER_ID_KEY = "userId";
    public static final String USER_EMAIL_KEY = "email";
    private static final String ROLE_VALIDATION_ERROR = "The user cannot have zero roles!";

    protected boolean validateFields(UserResource userResource, Representation representation) throws PlexusResourceException {
        if (userResource.getRoles() != null && userResource.getRoles().size() != 0) {
            return true;
        }
        getLogger().info("The userId (" + userResource.getUserId() + ") cannot have 0 roles!");
        throw new PlexusResourceException(Status.CLIENT_ERROR_BAD_REQUEST, ROLE_VALIDATION_ERROR, getErrorResponse(IniRealm.USERS_SECTION_NAME, ROLE_VALIDATION_ERROR));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isAnonymousUser(String str, Request request) throws ResourceException {
        return getSecuritySystem().isAnonymousAccessEnabled() && getSecuritySystem().getAnonymousUsername().equals(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validateUserContainment(User user) throws ResourceException {
        if (user.getRoles().size() == 0) {
            throw new PlexusResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Configuration error.", getErrorResponse("roles", "User requires one or more roles."));
        }
    }
}
