package com.resolution.samlsso.toolbox.user.samluser;

import com.atlassian.bitbucket.permission.Permission;
import com.atlassian.bitbucket.user.SecurityService;
import com.atlassian.bitbucket.user.UserAdminService;
import com.atlassian.bitbucket.user.UserService;
import com.atlassian.plugin.spring.scanner.annotation.component.BitbucketComponent;
import com.atlassian.plugin.spring.scanner.annotation.imports.BitbucketImport;
import de.resolution.atlasuser.api.user.AtlasUserAdapter;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

@BitbucketComponent
/* loaded from: input_file:com/resolution/samlsso/toolbox/user/samluser/BitbucketSamlUserMigrator.class */
public class BitbucketSamlUserMigrator extends AbstractSamlUserMigrator {
    private static final Logger logger = LoggerFactory.getLogger(BitbucketSamlUserMigrator.class);
    private static final String SAMLSSOGROUPNAME = "createdBySAMLSingleSignOn";
    private final SecurityService securityService;
    private final UserService userService;
    private final UserAdminService userAdminService;

    @Autowired
    public BitbucketSamlUserMigrator(AtlasUserAdapter atlasUserAdapter, @BitbucketImport SecurityService securityService, @BitbucketImport UserService userService, @BitbucketImport UserAdminService userAdminService) {
        super(atlasUserAdapter);
        this.securityService = securityService;
        this.userService = userService;
        this.userAdminService = userAdminService;
    }

    @Override // com.resolution.samlsso.toolbox.user.samluser.SamlUserMigrator
    public boolean isLegacySamlUser(@Nonnull String str) {
        return ((Boolean) this.securityService.withPermission(Permission.SYS_ADMIN, "check user group").call(() -> {
            return Boolean.valueOf(this.userService.isUserInGroup(str, SAMLSSOGROUPNAME));
        })).booleanValue();
    }

    @Override // com.resolution.samlsso.toolbox.user.samluser.SamlUserMigrator
    public boolean removeLegacyAttribute(String str) {
        return ((Boolean) this.securityService.withPermission(Permission.SYS_ADMIN, "remove user group").call(() -> {
            if (this.userService.getUserByName(str) == null) {
                logger.debug("ApplicationUser is null for username {}.", str);
                return false;
            }
            if (!this.userService.existsGroup(SAMLSSOGROUPNAME)) {
                logger.debug("Legacy saml group does not exist");
                return true;
            }
            if (!this.userService.isUserInGroup(str, SAMLSSOGROUPNAME)) {
                logger.debug("user is not in legacy saml group");
                return true;
            }
            this.userAdminService.removeUserFromGroup(SAMLSSOGROUPNAME, str);
            logger.debug("Removed legacy saml group for user {}", str);
            return true;
        })).booleanValue();
    }
}
