package com.baomidou.mybatisplus.extension.plugins.inner;

import com.baomidou.mybatisplus.core.metadata.TableInfo;
import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import com.baomidou.mybatisplus.core.toolkit.Assert;
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
import java.sql.Connection;
import net.sf.jsqlparser.expression.BinaryExpression;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
import net.sf.jsqlparser.expression.operators.relational.NotEqualsTo;
import net.sf.jsqlparser.statement.delete.Delete;
import net.sf.jsqlparser.statement.update.Update;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.SqlCommandType;

/* loaded from: input_file:BOOT-INF/lib/mybatis-plus-extension-3.4.3.3.jar:com/baomidou/mybatisplus/extension/plugins/inner/BlockAttackInnerInterceptor.class */
public class BlockAttackInnerInterceptor extends JsqlParserSupport implements InnerInterceptor {
    @Override // com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor
    public void beforePrepare(StatementHandler statementHandler, Connection connection, Integer num) {
        PluginUtils.MPStatementHandler mpStatementHandler = PluginUtils.mpStatementHandler(statementHandler);
        MappedStatement mappedStatement = mpStatementHandler.mappedStatement();
        SqlCommandType sqlCommandType = mappedStatement.getSqlCommandType();
        if ((sqlCommandType == SqlCommandType.UPDATE || sqlCommandType == SqlCommandType.DELETE) && !InterceptorIgnoreHelper.willIgnoreBlockAttack(mappedStatement.getId())) {
            parserMulti(mpStatementHandler.boundSql().getSql(), null);
        }
    }

    @Override // com.baomidou.mybatisplus.extension.parser.JsqlParserSupport
    protected void processDelete(Delete delete, int i, String str, Object obj) {
        checkWhere(delete.getTable().getName(), delete.getWhere(), "Prohibition of full table deletion");
    }

    @Override // com.baomidou.mybatisplus.extension.parser.JsqlParserSupport
    protected void processUpdate(Update update, int i, String str, Object obj) {
        checkWhere(update.getTable().getName(), update.getWhere(), "Prohibition of table update operation");
    }

    protected void checkWhere(String str, Expression expression, String str2) {
        Assert.isFalse(fullMatch(expression, getTableLogicField(str)), str2, new Object[0]);
    }

    private boolean fullMatch(Expression expression, String str) {
        if (expression == null) {
            return true;
        }
        if (StringUtils.isNotBlank(str) && (expression instanceof BinaryExpression)) {
            BinaryExpression binaryExpression = (BinaryExpression) expression;
            if (StringUtils.equals(binaryExpression.getLeftExpression().toString(), str) || StringUtils.equals(binaryExpression.getRightExpression().toString(), str)) {
                return true;
            }
        }
        if (expression instanceof EqualsTo) {
            EqualsTo equalsTo = (EqualsTo) expression;
            return StringUtils.equals(equalsTo.getLeftExpression().toString(), equalsTo.getRightExpression().toString());
        }
        if (expression instanceof NotEqualsTo) {
            NotEqualsTo notEqualsTo = (NotEqualsTo) expression;
            return !StringUtils.equals(notEqualsTo.getLeftExpression().toString(), notEqualsTo.getRightExpression().toString());
        }
        if (expression instanceof OrExpression) {
            OrExpression orExpression = (OrExpression) expression;
            return fullMatch(orExpression.getLeftExpression(), str) || fullMatch(orExpression.getRightExpression(), str);
        }
        if (expression instanceof AndExpression) {
            AndExpression andExpression = (AndExpression) expression;
            return fullMatch(andExpression.getLeftExpression(), str) && fullMatch(andExpression.getRightExpression(), str);
        }
        if (expression instanceof Parenthesis) {
            return fullMatch(((Parenthesis) expression).getExpression(), str);
        }
        return false;
    }

    private String getTableLogicField(String str) {
        TableInfo tableInfo;
        return (StringUtils.isBlank(str) || (tableInfo = TableInfoHelper.getTableInfo(str)) == null || !tableInfo.isWithLogicDelete() || tableInfo.getLogicDeleteFieldInfo() == null) ? "" : tableInfo.getLogicDeleteFieldInfo().getColumn();
    }
}
