package com.digiwin.athena.auth.aspect;

import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.ReflectUtil;
import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSONObject;
import com.digiwin.athena.auth.annotation.FuncAuth;
import com.digiwin.athena.auth.annotation.FuncAuth4Assign;
import com.digiwin.athena.auth.domain.QueryAuthParam;
import com.digiwin.athena.auth.metadata.enums.AuthModeEnum;
import com.digiwin.athena.auth.metadata.enums.PermissionPolicyEnum;
import com.digiwin.athena.auth.service.AuthApiService;
import com.digiwin.athena.auth.service.AuthService;
import com.digiwin.athena.auth.service.MongoDataService;
import com.digiwin.athena.auth.service.UserService;
import com.digiwin.athena.auth.util.AuthHelper;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import jodd.util.StringPool;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:WEB-INF/lib/auth-1.2.jar:com/digiwin/athena/auth/aspect/FuncAuth4AssignAspect.class */
public class FuncAuth4AssignAspect {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) FuncAuth4AssignAspect.class);

    @Autowired(required = false)
    @Lazy
    private AuthService authService;

    @Autowired(required = false)
    @Lazy
    private MongoDataService mongoDataService;

    @Autowired
    @Lazy
    private UserService userService;

    @Autowired
    @Lazy
    private AuthHelper authHelper;

    @Value("${designer.auth.mode:FORBID}")
    private String authMode;

    @Value("${designer.domain:default}")
    private String designerDomain;

    @Autowired
    private AuthApiService authApiService;

    /* JADX WARN: Multi-variable type inference failed */
    @Before("@annotation(funcAuth4Assign)")
    public void funcAuthCheck(JoinPoint joinPoint, FuncAuth4Assign funcAuth4Assign) {
        if (AuthModeEnum.FORBID.name().equals(this.authMode)) {
            return;
        }
        FuncAuth[] funcAuth = funcAuth4Assign.funcAuth();
        String operate = funcAuth4Assign.operate();
        HashMap hashMap = new HashMap();
        for (FuncAuth funcAuth2 : funcAuth) {
            String resourceId = funcAuth2.resourceId();
            String[] actions = funcAuth2.actions();
            Object[] args = joinPoint.getArgs();
            String resourceType = getResourceType(funcAuth2, args);
            if (StrUtil.isNumeric(resourceId)) {
                resourceId = ((List) Arrays.stream(args).filter(obj -> {
                    return obj != null;
                }).collect(Collectors.toList())).size() > Convert.toInt(resourceId).intValue() ? String.valueOf(args[Convert.toInt(resourceId).intValue()]) : null;
            } else if (resourceId.startsWith(AuthHelper.VAR_PREFIX)) {
                resourceId = this.authHelper.getVarValue(args, resourceId);
            } else if (resourceId.startsWith(AuthHelper.PRIMARY_PREFIX)) {
                resourceId = getPkValue(args, resourceId, funcAuth2.primaryKey());
            } else if (resourceId.startsWith(AuthHelper.JSON_PREFIX)) {
                resourceId = this.authHelper.getJSONValue(resourceId, args);
            }
            List arrayList = new ArrayList();
            if (AuthModeEnum.LOCAL.name().equals(this.authMode)) {
                arrayList = this.authService.queryFuncAuthPolicy(new QueryAuthParam().setUserId(this.userService.getCurrentUser()).setResourceType(resourceType).setResourceId(resourceId));
            }
            hashMap.put(funcAuth2.resourceId(), this.authApiService.verifyAuthByQueryPolicy(arrayList, actions, resourceType, this.userService.getTenantId()));
        }
        boolean z = false;
        if (StringPool.AND.equals(operate)) {
            Iterator it = hashMap.values().iterator();
            while (it.hasNext()) {
                z = z && ((Boolean) it.next()).booleanValue();
            }
        } else {
            Iterator it2 = hashMap.values().iterator();
            while (it2.hasNext()) {
                z = z || ((Boolean) it2.next()).booleanValue();
            }
        }
        if (!z) {
            throw new RuntimeException("无权访问该接口!");
        }
    }

    private String getEntityPkValue(String str, Object[] objArr) {
        return str.startsWith(AuthHelper.VAR_PREFIX) ? this.authHelper.getVarValue(objArr, str) : str.startsWith(AuthHelper.JSON_PREFIX) ? this.authHelper.getJSONValue(str, objArr) : String.valueOf(objArr[Convert.toInt(str).intValue()]);
    }

    private String getResourceType(FuncAuth funcAuth, Object[] objArr) {
        String resourceType = funcAuth.resourceType();
        if (resourceType.startsWith(AuthHelper.VAR_PREFIX)) {
            String[] split = resourceType.substring(resourceType.indexOf(":") + 1, resourceType.length()).split("#");
            String str = split[0];
            String str2 = split[1];
            int length = objArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Object obj = objArr[i];
                if (obj.getClass().getSimpleName().equals(str)) {
                    resourceType = PermissionPolicyEnum.getResourceTypeByRole(String.valueOf(ReflectUtil.getFieldValue(obj, str2)));
                    break;
                }
                i++;
            }
        } else if (StrUtil.isNumeric(resourceType)) {
            resourceType = String.valueOf(objArr[Convert.toInt(resourceType).intValue()]);
        } else if (resourceType.startsWith(AuthHelper.JSON_PREFIX)) {
            resourceType = PermissionPolicyEnum.getResourceTypeByRole(this.authHelper.getJSONValue(resourceType, objArr));
        }
        return resourceType;
    }

    private String getPkValue(Object[] objArr, String str, String str2) {
        if (this.mongoDataService == null) {
            throw new RuntimeException("请实现com.digiwin.athena.auth.service.MongoDataService接口!");
        }
        String entityPkValue = getEntityPkValue(str2, objArr);
        String[] split = str.substring(str.indexOf(":") + 1, str.length()).split(AuthHelper.OR_OPERATOR);
        String str3 = null;
        int length = split.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String[] split2 = split[i].split("#");
            String str4 = split2[0];
            String str5 = split2[1];
            String str6 = split2[2];
            JSONObject queryOne = this.mongoDataService.queryOne(str4, str5, entityPkValue);
            if (queryOne != null) {
                str3 = queryOne.getString(str6);
                break;
            }
            i++;
        }
        if (StrUtil.isBlank(str3)) {
            throw new RuntimeException("找不到该实体对应的应用!");
        }
        return str3;
    }
}
