package com.digiwin.dap.middleware.lmc.support.aspect;

import com.digiwin.dap.middleware.auth.AuthoredUser;
import com.digiwin.dap.middleware.constant.GlobalConstants;
import com.digiwin.dap.middleware.domain.CommonCode;
import com.digiwin.dap.middleware.domain.DeployAreaEnum;
import com.digiwin.dap.middleware.lmc.constant.LmcConstant;
import com.digiwin.dap.middleware.lmc.constant.enums.DataSourceEnum;
import com.digiwin.dap.middleware.lmc.constant.enums.LogTypeEnum;
import com.digiwin.dap.middleware.lmc.domain.EnvProperties;
import com.digiwin.dap.middleware.lmc.domain.page.Page;
import com.digiwin.dap.middleware.lmc.domain.remote.FieldValue;
import com.digiwin.dap.middleware.lmc.support.remote.IamService;
import com.digiwin.dap.middleware.util.EnvUtils;
import com.digiwin.dap.middleware.util.UserUtils;
import com.mongodb.BasicDBList;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.mongodb.core.query.Criteria;
import org.springframework.data.mongodb.core.query.Query;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Aspect
@Component
/* loaded from: input_file:WEB-INF/classes/com/digiwin/dap/middleware/lmc/support/aspect/DataPolicyAspect.class */
public class DataPolicyAspect {

    @Autowired
    private IamService iamService;

    @Autowired
    private EnvProperties envProperties;
    private static final List<String> OPERATOR = Arrays.asList("and", "or");
    private static final List<String> INTERNAL_APP_LIST = Arrays.asList("dev", "devConsole", "ISV", GlobalConstants.DigiwinCloud_APP, "Athena");
    private static final List<String> INTERNAL_MANAGEMENT_LIST = Arrays.asList("BOSS", "MMC", "devOM", "troubleshoot");

    @Pointcut("@annotation(com.digiwin.dap.middleware.lmc.support.aspect.DataPolicy)")
    public void dataPolicyPointCut() {
    }

    @Before("dataPolicyPointCut()")
    public void doBefore(JoinPoint joinPoint) {
        handleDataPolicy(joinPoint);
    }

    protected void handleDataPolicy(JoinPoint joinPoint) {
        DataPolicy annotationLog;
        if (Boolean.FALSE.equals(this.envProperties.getDataPolicy()) || (annotationLog = getAnnotationLog(joinPoint)) == null) {
            return;
        }
        AuthoredUser authoredUser = UserUtils.getAuthoredUser();
        String str = null;
        if (authoredUser == null) {
            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
            String str2 = (String) request.getAttribute(LmcConstant.SOURCE_AUTH_USER_TOKEN);
            DeployAreaEnum deployAreaEnum = (DeployAreaEnum) request.getAttribute(LmcConstant.SOURCE_DEPLOY_AREA);
            if (StringUtils.hasLength(str2) && deployAreaEnum != null) {
                str = EnvUtils.getUri(CommonCode.IAM, deployAreaEnum);
                authoredUser = this.iamService.getUserInfo(str2, str);
            }
        }
        dataPolicyFilter(joinPoint, authoredUser, str, annotationLog.dataSource(), Arrays.asList(annotationLog.logType()));
    }

    public void dataPolicyFilter(JoinPoint joinPoint, AuthoredUser authoredUser, String str, DataSourceEnum dataSourceEnum, List<LogTypeEnum> list) {
        List list2;
        Object obj = joinPoint.getArgs()[0];
        String sysId = UserUtils.getSysId();
        if (authoredUser == null || ObjectUtils.isEmpty(authoredUser.getTenantId())) {
            notDataPolicy(dataSourceEnum, obj);
            return;
        }
        List list3 = (List) Optional.ofNullable(this.envProperties.getInternalApp()).filter(str2 -> {
            return !ObjectUtils.isEmpty(str2);
        }).map(str3 -> {
            return Arrays.asList(this.envProperties.getInternalApp().split(String.valueOf(';')));
        }).orElse(INTERNAL_APP_LIST);
        List list4 = (List) Optional.ofNullable(this.envProperties.getInternalManagementApp()).filter(str4 -> {
            return !ObjectUtils.isEmpty(str4);
        }).map(str5 -> {
            return Arrays.asList(this.envProperties.getInternalManagementApp().split(String.valueOf(';')));
        }).orElse(INTERNAL_MANAGEMENT_LIST);
        String str6 = (String) Optional.ofNullable(this.envProperties.getHostTenantId()).filter(str7 -> {
            return !ObjectUtils.isEmpty(str7);
        }).orElse(LmcConstant.TENANT_ID_DIGIWIN);
        List list5 = (List) Optional.ofNullable(this.envProperties.getAthenaApp()).map(str8 -> {
            return Arrays.asList(str8.split(String.valueOf(';')));
        }).orElse(Collections.emptyList());
        if (list4.contains(sysId)) {
            if (!str6.equals(authoredUser.getTenantId())) {
                notDataPolicy(dataSourceEnum, obj);
                return;
            }
            Map<String, Object> rowPermission = this.iamService.getRowPermission(authoredUser.getToken(), str);
            if (CollectionUtils.isEmpty(rowPermission)) {
                notDataPolicy(dataSourceEnum, obj);
                return;
            }
            if (Boolean.TRUE.equals((Boolean) rowPermission.get(GlobalConstants.SUPERADMIN))) {
                return;
            }
            Object obj2 = rowPermission.get("rowPermission");
            if (!(obj2 instanceof Map) || CollectionUtils.isEmpty((Map<?, ?>) obj2)) {
                notDataPolicy(dataSourceEnum, obj);
                return;
            }
            Object sql = getSql(obj2, null, dataSourceEnum);
            if (sql == null) {
                notDataPolicy(dataSourceEnum, obj);
                return;
            }
            if (!DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
                if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
                    ((List) ((Map) ((Map) ((Map) obj).get("query")).get("bool")).computeIfAbsent("filter", str9 -> {
                        return new ArrayList();
                    })).add((Map) sql);
                    return;
                }
                return;
            }
            if (obj instanceof Page) {
                Query queryFilter = ((Page) obj).queryFilter();
                if (!queryFilter.getQueryObject().containsKey("$and")) {
                    queryFilter.addCriteria(new Criteria().andOperator(new Criteria[0]));
                }
                ((BasicDBList) queryFilter.getQueryObject().get((Object) "$and", BasicDBList.class)).add(((Criteria) sql).getCriteriaObject());
                return;
            }
            return;
        }
        if (list.contains(LogTypeEnum.DEV_LOG)) {
            List list6 = (List) this.iamService.getCurrentTenantDevApp(authoredUser.getToken(), str).stream().map((v0) -> {
                return v0.getId();
            }).collect(Collectors.toList());
            list6.addAll(list5);
            List list7 = (List) list6.stream().distinct().filter(StringUtils::hasLength).collect(Collectors.toList());
            if (CollectionUtils.isEmpty(list7)) {
                notDataPolicy(dataSourceEnum, obj);
                return;
            }
            if (!DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
                if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
                    ((List) ((Map) ((Map) ((Map) obj).get("query")).get("bool")).computeIfAbsent("filter", str10 -> {
                        return new ArrayList();
                    })).add(Collections.singletonMap("terms", Collections.singletonMap(LmcConstant.APP_ID, list7)));
                    return;
                }
                return;
            }
            if (obj instanceof Page) {
                Query queryFilter2 = ((Page) obj).queryFilter();
                if (!queryFilter2.getQueryObject().containsKey("$and")) {
                    queryFilter2.addCriteria(new Criteria().andOperator(new Criteria[0]));
                }
                ((BasicDBList) queryFilter2.getQueryObject().get((Object) "$and", BasicDBList.class)).add(Criteria.where(LmcConstant.APP_ID).in(list7).getCriteriaObject());
                return;
            }
            return;
        }
        if (!list.contains(LogTypeEnum.OP_LOG)) {
            if (list.contains(LogTypeEnum.EVENT_LOG)) {
                List list8 = (List) this.iamService.getCurrentTenantDevApp(authoredUser.getToken(), str).stream().map((v0) -> {
                    return v0.getId();
                }).collect(Collectors.toList());
                if (DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
                    if (obj instanceof Page) {
                        Query queryFilter3 = ((Page) obj).queryFilter();
                        if (!queryFilter3.getQueryObject().containsKey("$and")) {
                            queryFilter3.addCriteria(new Criteria().andOperator(new Criteria[0]));
                        }
                        ((BasicDBList) queryFilter3.getQueryObject().get((Object) "$and", BasicDBList.class)).add((LmcConstant.IAM.equals((String) queryFilter3.getQueryObject().get((Object) LmcConstant.APP_ID, String.class)) ? Criteria.where("tenantId").in(Collections.singletonList(authoredUser.getTenantId())) : new Criteria().orOperator(Criteria.where(LmcConstant.APP_ID).in(list8), Criteria.where("tenantId").in(Collections.singletonList(authoredUser.getTenantId())))).getCriteriaObject());
                        return;
                    }
                    return;
                }
                if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
                    Map map = (Map) ((Map) ((Map) obj).get("query")).get("bool");
                    boolean anyMatch = ((List) map.computeIfAbsent("filter", str11 -> {
                        return new ArrayList();
                    })).stream().anyMatch(map2 -> {
                        Object obj3 = map2.get("term");
                        return (obj3 instanceof Map) && LmcConstant.IAM.equals(((Map) obj3).get(LmcConstant.APP_ID));
                    });
                    Object obj3 = map.get(LmcConstant.MUST);
                    if (obj3 == null) {
                        list2 = new ArrayList();
                        map.put(LmcConstant.MUST, list2);
                    } else {
                        list2 = (List) obj3;
                    }
                    if (anyMatch) {
                        list2.add(Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.MUST, Collections.singletonList(Collections.singletonMap("match_phrase", Collections.singletonMap("tenantId", authoredUser.getTenantId()))))));
                        return;
                    } else {
                        list2.add(Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.SHOULD, Arrays.asList(Collections.singletonMap("terms", Collections.singletonMap(LmcConstant.APP_ID, list8)), Collections.singletonMap("match_phrase", Collections.singletonMap("tenantId", authoredUser.getTenantId()))))));
                        return;
                    }
                }
                return;
            }
            return;
        }
        if (!list3.contains(sysId)) {
            List list9 = (List) this.iamService.getCurrentTenantDevApp(authoredUser.getToken(), str).stream().map((v0) -> {
                return v0.getId();
            }).collect(Collectors.toList());
            if (!DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
                if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
                    Object obj4 = ((Map) ((Map) ((Map) obj).get("query")).get("bool")).get(LmcConstant.MUST);
                    (obj4 == null ? new ArrayList() : (List) obj4).add(Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.SHOULD, Arrays.asList(Collections.singletonMap("terms", Collections.singletonMap(LmcConstant.APP_ID, list9)), Collections.singletonMap("match_phrase", Collections.singletonMap("tenantId", authoredUser.getTenantId()))))));
                    return;
                }
                return;
            }
            if (obj instanceof Page) {
                Query queryFilter4 = ((Page) obj).queryFilter();
                if (!queryFilter4.getQueryObject().containsKey("$and")) {
                    queryFilter4.addCriteria(new Criteria().andOperator(new Criteria[0]));
                }
                ((BasicDBList) queryFilter4.getQueryObject().get((Object) "$and", BasicDBList.class)).add(new Criteria().orOperator(Criteria.where(LmcConstant.APP_ID).in(list9), Criteria.where("tenantId").in(Collections.singletonList(authoredUser.getTenantId()))).getCriteriaObject());
                return;
            }
            return;
        }
        if (DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
            if (obj instanceof Page) {
                Query queryFilter5 = ((Page) obj).queryFilter();
                if (!queryFilter5.getQueryObject().containsKey("$and")) {
                    queryFilter5.addCriteria(new Criteria().andOperator(new Criteria[0]));
                }
                BasicDBList basicDBList = (BasicDBList) queryFilter5.getQueryObject().get((Object) "$and", BasicDBList.class);
                basicDBList.add(Criteria.where("tenantId").in(Collections.singletonList(authoredUser.getTenantId())).getCriteriaObject());
                basicDBList.add(Criteria.where(LmcConstant.APP_ID).in((Collection<?>) list3.stream().flatMap(str12 -> {
                    return Stream.of((Object[]) new String[]{str12, str12.toLowerCase()});
                }).collect(Collectors.toSet())).getCriteriaObject());
                return;
            }
            return;
        }
        if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
            Map map3 = (Map) ((Map) ((Map) obj).get("query")).get("bool");
            List list10 = (List) map3.computeIfAbsent("filter", str13 -> {
                return new ArrayList();
            });
            Object obj5 = map3.get(LmcConstant.MUST);
            (obj5 == null ? new ArrayList() : (List) obj5).add(Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.MUST, Collections.singletonList(Collections.singletonMap("match_phrase", Collections.singletonMap("tenantId", authoredUser.getTenantId()))))));
            list10.add(Collections.singletonMap("terms", Collections.singletonMap(LmcConstant.APP_ID, list3.stream().flatMap(str14 -> {
                return Stream.of((Object[]) new String[]{str14, str14.toLowerCase()});
            }).collect(Collectors.toSet()))));
        }
    }

    private Object getSql(Object obj, String str, DataSourceEnum dataSourceEnum) {
        if (null == obj) {
            return null;
        }
        if (obj instanceof Map) {
            Map map = (Map) obj;
            if (map.isEmpty()) {
                return null;
            }
            FieldValue fieldValue = new FieldValue(map);
            return OPERATOR.contains(fieldValue.getFilterType()) ? getSql(fieldValue.getFilterValue(), fieldValue.getFilterType(), dataSourceEnum) : fieldValue.getCondition(dataSourceEnum);
        }
        if (!(obj instanceof List)) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = ((List) obj).iterator();
        while (it.hasNext()) {
            Object sql = getSql(it.next(), null, dataSourceEnum);
            if (sql != null) {
                arrayList.add(sql);
            }
        }
        int size = arrayList.size();
        if (size == 0) {
            return null;
        }
        if (size == 1) {
            return arrayList.get(0);
        }
        if (DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
            if ("or".equals(str)) {
                return new Criteria().orOperator((Criteria[]) arrayList.toArray(new Criteria[0]));
            }
            if ("and".equals(str)) {
                return new Criteria().andOperator((Criteria[]) arrayList.toArray(new Criteria[0]));
            }
            return null;
        }
        if (!DataSourceEnum.ES_API.equals(dataSourceEnum)) {
            return null;
        }
        if ("or".equals(str)) {
            return Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.SHOULD, arrayList));
        }
        if ("and".equals(str)) {
            return Collections.singletonMap("bool", Collections.singletonMap(LmcConstant.MUST, arrayList));
        }
        return null;
    }

    private void notDataPolicy(DataSourceEnum dataSourceEnum, Object obj) {
        String uuid = UUID.randomUUID().toString();
        if (DataSourceEnum.MONGODB.equals(dataSourceEnum)) {
            if (obj instanceof Page) {
                ((Page) obj).queryFilter().addCriteria(Criteria.where(uuid).is(uuid));
            }
        } else if (DataSourceEnum.ES_API.equals(dataSourceEnum) && (obj instanceof Map)) {
            ((List) ((Map) ((Map) ((Map) obj).get("query")).get("bool")).computeIfAbsent("filter", str -> {
                return new ArrayList();
            })).add(Collections.singletonMap("terms", Collections.singletonMap(LmcConstant.APP_ID, Collections.singletonList(uuid))));
        }
    }

    private DataPolicy getAnnotationLog(JoinPoint joinPoint) {
        Method method = ((MethodSignature) joinPoint.getSignature()).getMethod();
        if (method != null) {
            return (DataPolicy) method.getAnnotation(DataPolicy.class);
        }
        return null;
    }
}
