package com.digiwin.dap.middle.console.api;

import com.digiwin.dap.middle.console.domain.admin.SqlRequest;
import com.digiwin.dap.middle.console.serice.CountSqlBuilder;
import com.digiwin.dap.middle.console.serice.SqlSafeValidator;
import com.digiwin.dap.middle.console.serice.SqlWhitelistLoader;
import com.digiwin.dap.middleware.commons.crypto.AES;
import com.digiwin.dap.middleware.commons.crypto.SignUtils;
import com.digiwin.dap.middleware.commons.util.EncryptUtils;
import com.digiwin.dap.middleware.commons.util.StrUtils;
import com.digiwin.dap.middleware.constant.GlobalConstants;
import com.digiwin.dap.middleware.domain.CommonCode;
import com.digiwin.dap.middleware.domain.CommonErrorCode;
import com.digiwin.dap.middleware.domain.DapEnv;
import com.digiwin.dap.middleware.domain.DeployAreaEnum;
import com.digiwin.dap.middleware.domain.PageData;
import com.digiwin.dap.middleware.domain.StdData;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.exception.ThirdCallException;
import com.digiwin.dap.middleware.support.EnvSupport;
import com.digiwin.dap.middleware.util.JsonUtils;
import com.digiwin.dap.middleware.util.UserUtils;
import com.digiwin.dap.middleware.util.VerifyUtils;
import java.util.Collections;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;

@RequestMapping({"/api/${spring.application.name}/v2/admin/sql"})
@RestController
/* loaded from: input_file:com/digiwin/dap/middle/console/api/AdminSQLController.class */
public class AdminSQLController {

    @Autowired
    private DapEnv dapEnv;

    @Autowired
    private EnvSupport envSupport;

    @Autowired
    private JdbcTemplate jdbcTemplate;

    @Autowired
    private RestTemplate restTemplate;

    @PostMapping({"/query"})
    public StdData<?> query(@RequestBody SqlRequest sqlRequest) {
        String decrypt = AES.decrypt(sqlRequest.getSql(), com.digiwin.dap.middle.kms.constants.KeyConstant.WECHAT_UNION_ID);
        if (StringUtils.isEmpty(decrypt)) {
            return StdData.ok(Collections.emptyMap());
        }
        if (CommonCode.BOSS.name().equals(this.dapEnv.getAppName().toUpperCase())) {
            SqlSafeValidator.build(SqlWhitelistLoader.load(this.jdbcTemplate)).validate(decrypt);
            if (!CommonCode.IAM.name().equalsIgnoreCase(sqlRequest.getApp()) && !CommonCode.BOSS.name().equalsIgnoreCase(sqlRequest.getApp())) {
                sqlRequest.setSign(EncryptUtils.sign(com.digiwin.dap.middle.kms.constants.KeyConstant.OTHER, Collections.singletonMap("sql", decrypt)));
                return querySql(sqlRequest);
            }
        } else {
            SqlRequest sqlRequest2 = (SqlRequest) SqlRequest.get(sqlRequest.getSign(), SqlRequest.class);
            sqlRequest2.setSql(decrypt);
            VerifyUtils.sign(sqlRequest2, () -> {
                return true;
            });
            SignUtils.verify(JsonUtils.objToMap(sqlRequest2), com.digiwin.dap.middle.kms.constants.KeyConstant.OTHER, new Map[0]);
        }
        String buildCountSql = CountSqlBuilder.buildCountSql(decrypt);
        Object[] array = sqlRequest.getParams() == null ? new Object[0] : sqlRequest.getParams().toArray();
        if (buildCountSql == null) {
            return StdData.ok(this.jdbcTemplate.queryForList(decrypt, array));
        }
        Long l = (Long) this.jdbcTemplate.queryForObject(buildCountSql, Long.class, array);
        if (StrUtils.isEmpty(l)) {
            return StdData.ok(PageData.zero());
        }
        return StdData.ok(PageData.data(l.longValue(), this.jdbcTemplate.queryForList(decrypt, array)));
    }

    private StdData<?> querySql(SqlRequest sqlRequest) {
        CommonCode ofName = CommonCode.ofName(sqlRequest.getApp());
        String str = (DeployAreaEnum.isDev(this.dapEnv.getDeployArea()) ? this.envSupport.getUri(ofName) : this.envSupport.getLocalUri(ofName)) + ("/api/" + ofName.getPath() + "/v2/admin/sql/query");
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.setContentType(MediaType.APPLICATION_JSON);
            httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, UserUtils.getToken());
            return (StdData) this.restTemplate.postForObject(str, new HttpEntity(sqlRequest, httpHeaders), StdData.class, new Object[0]);
        } catch (Exception e) {
            throw new BusinessException(CommonErrorCode.BUSINESS, e.getMessage());
        } catch (HttpStatusCodeException e2) {
            throw new ThirdCallException(CommonErrorCode.REMOTE_UNEXPECTED, str, e2);
        }
    }
}
