package com.esen.eacl.action;

import com.esen.eacl.Login;
import com.esen.eacl.PmChecker;
import com.esen.eacl.PmService;
import com.esen.eacl.WebUtils;
import com.esen.eacl.datalevelpm.DataLevelPmEntity;
import com.esen.eacl.datalevelpm.DatarangeExtendPmService;
import com.esen.eacl.permission.ExtendPmManager;
import com.esen.eacl.permission.ExtendPmService;
import com.esen.eacl.permission.Permission;
import com.esen.eacl.permission.PmHost;
import com.esen.eacl.resource.EaclResourceConst;
import com.esen.ecluster.api.Cluster;
import com.esen.ecluster.api.lock.ResLockManager;
import com.esen.ecore.resource.ResourceId;
import com.esen.ecore.resource.ResourceUtil;
import com.esen.util.ExceptionHandler;
import com.esen.util.JsonUtils;
import com.esen.util.StrFunc;
import com.esen.util.i18n.I18N;
import com.esen.util.security.SecurityFunc;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/api/eacl/permission"})
@Controller
/* loaded from: input_file:com/esen/eacl/action/ActionApiPermission.class */
public class ActionApiPermission {
    public static final String AUTH = "auth";

    @Autowired
    private PmService pmService;

    @Autowired
    private Cluster cluster;

    @Autowired
    private ExtendPmManager extendPmManager;

    @RequestMapping(params = {"action=save"})
    @ResponseBody
    public void savePms(HttpServletRequest httpServletRequest) {
        Login login = WebUtils.getLogin();
        PmChecker pmChecker = login.getPmChecker();
        boolean parseBoolean = StrFunc.parseBoolean(httpServletRequest.getParameter("noauth"), false);
        if (!parseBoolean && pmChecker.check(EaclResourceConst.RES_USERORG, AUTH)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.noauthopererror", "您没有用户权限的授权权限，无法使用该操作，操作失败。");
        }
        String checkResID = SecurityFunc.checkResID(httpServletRequest.getParameter("resourceid"));
        ResourceId resource = ResourceUtil.getResource(checkResID, true);
        String checkXSSParam = SecurityFunc.checkXSSParam(httpServletRequest, "operations");
        if (StrFunc.isNull(checkXSSParam)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.operationsisnull", "operations参数不能为空，操作失败。");
        }
        String checkXSSParam2 = SecurityFunc.checkXSSParam(httpServletRequest, "authids");
        if (StrFunc.isNull(checkXSSParam2)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.authidsisnull", "authids参数不能为空，操作失败。");
        }
        String[] split = checkXSSParam2.split(",");
        String checkXSSParam3 = SecurityFunc.checkXSSParam(httpServletRequest, "operareas");
        if (StrFunc.isNull(checkXSSParam3)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.operareasisnull", "operareas参数不能为空，操作失败。");
        }
        String[] split2 = checkXSSParam.split(",");
        for (String str : split2) {
            if (this.extendPmManager.getExpOperPermissionByOper(str) == null) {
                boolean check = pmChecker.check(checkResID, str);
                if (!login.isAdmin() && !parseBoolean && !check) {
                    ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.nooperauth", "您没有operations参数中的【{0}】操作的权限，无法进行该操作！", new Object[]{str});
                }
            }
        }
        String[] split3 = checkXSSParam3.split(",");
        if (split2.length != split3.length) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.operationsoperareasissame", "operations和operareas参数长度不一致，操作失败。");
        }
        int parseInt = StrFunc.parseInt(httpServletRequest.getParameter("authType"), 0);
        boolean parseBoolean2 = StrFunc.parseBoolean(httpServletRequest.getParameter("deny"), false);
        String checkXSSParam4 = SecurityFunc.checkXSSParam(httpServletRequest, "pmProperty");
        ArrayList arrayList = new ArrayList();
        try {
            String checkXSSParam5 = SecurityFunc.checkXSSParam(httpServletRequest, "extpms");
            if (!StrFunc.isNull(checkXSSParam5)) {
                for (Permission permission : JsonUtils.readArray(checkXSSParam5, Permission.class)) {
                    String operation = permission.getOperation();
                    String resourceid = permission.getResourceid();
                    ResourceId resource2 = ResourceUtil.getResource(resourceid, true);
                    String moduleId = resource2.getModuleId();
                    int type = resource2.getType();
                    permission.setModuleType(moduleId);
                    permission.setResourceType(type);
                    boolean check2 = pmChecker.check(resourceid, operation);
                    if (!login.isAdmin() && !parseBoolean && !check2) {
                        ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.extpmsnooperauth", "您没有extpms参数中：【{0}】资源的【{1}】操作权限，无法进行该操作！", new Object[]{resourceid, operation});
                    }
                    for (String str2 : split) {
                        Permission m47clone = permission.m47clone();
                        m47clone.setAuthid(str2);
                        arrayList.add(m47clone);
                    }
                }
            }
            Map<String, Collection<Permission>> operPermissionMap = this.extendPmManager.getOperPermissionMap();
            ResLockManager resLockManager = this.cluster.getResLockManager();
            resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.actionapipermission.savepmbyreslock", "保存权限资源操作上锁"), login.getId());
            try {
                String moduleId2 = resource.getModuleId();
                int type2 = resource.getType();
                for (String str3 : split) {
                    int length = split2.length;
                    for (int i = 0; i < length; i++) {
                        String str4 = split2[i];
                        Permission permission2 = new Permission(checkResID, str4, str3, parseInt, login.getId());
                        permission2.setDeny(parseBoolean2);
                        permission2.setOperarea(StrFunc.parseInt(split3[i], 0));
                        permission2.setModuleType(moduleId2);
                        permission2.setResourceType(type2);
                        permission2.setPmProperty(checkXSSParam4);
                        if (this.extendPmManager.getExpOperPermissionByOper(str4) == null) {
                            boolean check3 = pmChecker.check(checkResID, str4);
                            if (!login.isAdmin() && !parseBoolean && !check3) {
                                ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.nooperauth", "您没有operations参数中的【{0}】操作的权限，无法进行该操作！", new Object[]{str4});
                            }
                            arrayList.add(permission2);
                        } else {
                            Collection<Permission> collection = operPermissionMap.get(str4);
                            if (collection == null) {
                                collection = new ArrayList();
                                operPermissionMap.put(str4, collection);
                            }
                            collection.add(permission2);
                        }
                    }
                }
                if (!arrayList.isEmpty()) {
                    int size = arrayList.size();
                    if (size > 200) {
                        ArrayList arrayList2 = new ArrayList();
                        for (int i2 = 0; i2 < size; i2++) {
                            arrayList2.add((Permission) arrayList.get(i2));
                            if ((i2 + 1) % 200 == 0) {
                                this.pmService.addCoverPms(arrayList2);
                                arrayList2 = new ArrayList();
                            }
                        }
                        if (arrayList2.size() > 0) {
                            this.pmService.addCoverPms(arrayList2);
                            new ArrayList();
                        }
                    } else {
                        this.pmService.addCoverPms(arrayList);
                    }
                }
                saveExtendPms(operPermissionMap);
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            } catch (Throwable th) {
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
                throw th;
            }
        } catch (Exception e) {
            ExceptionHandler.rethrowRuntimeException(e, "com.esen.eacl.actionapipermission.batchaddpmserror", "批量新增权限出现异常，原因如下：");
        }
    }

    private void saveExtendPms(Map<String, Collection<Permission>> map) {
        for (String str : map.keySet()) {
            HashSet hashSet = new HashSet();
            Collection<Permission> collection = map.get(str);
            if (!collection.isEmpty()) {
                Map<String, List<Permission>> hostPms = getHostPms(collection, hashSet);
                ExtendPmService expOperPermissionByOper = this.extendPmManager.getExpOperPermissionByOper(str);
                Map<String, List<Permission>> hostPms2 = getHostPms(expOperPermissionByOper.listPms(hashSet), null);
                for (PmHost pmHost : hashSet) {
                    if (StrFunc.compareStr(str, "formfieldpm")) {
                        String str2 = pmHost.getAuthType() + "." + pmHost.getAuthid();
                        List<Permission> list = hostPms.get(str2);
                        if (hostPms2.containsKey(str2)) {
                            list.addAll(hostPms2.get(str2));
                        }
                        ArrayList arrayList = new ArrayList();
                        ArrayList arrayList2 = new ArrayList();
                        for (Permission permission : list) {
                            String pmProperty = permission.getPmProperty();
                            if (!StrFunc.isNull(pmProperty)) {
                                JsonNode node = JsonUtils.readObj(pmProperty).getNode();
                                if (node instanceof ArrayNode) {
                                    Iterator elements = node.elements();
                                    while (elements.hasNext()) {
                                        JsonNode jsonNode = (JsonNode) elements.next();
                                        String str3 = jsonNode.get("wid").asText() + "." + jsonNode.get("name").asText();
                                        if (!arrayList.contains(str3)) {
                                            Permission m47clone = permission.m47clone();
                                            m47clone.setPmProperty(jsonNode.toString());
                                            arrayList.add(str3);
                                            arrayList2.add(m47clone);
                                        }
                                    }
                                } else if (node instanceof ObjectNode) {
                                    String str4 = node.get("wid").asText() + "." + node.get("name").asText();
                                    if (!arrayList.contains(str4)) {
                                        arrayList.add(str4);
                                        arrayList2.add(permission);
                                    }
                                }
                            }
                        }
                        expOperPermissionByOper.saveExpPermission(arrayList2, pmHost);
                    } else if (StrFunc.compareStr(str, "formdatapm")) {
                        expOperPermissionByOper.saveExpPermission(hostPms.get(pmHost.getAuthType() + "." + pmHost.getAuthid()), pmHost);
                    } else if (StrFunc.compareStr(str, DatarangeExtendPmService.OPER)) {
                        String str5 = pmHost.getAuthType() + "." + pmHost.getAuthid();
                        HashSet hashSet2 = new HashSet();
                        for (Permission permission2 : hostPms.get(str5)) {
                            JsonNode node2 = JsonUtils.readObj(permission2.getPmProperty()).getNode();
                            if (node2 instanceof ArrayNode) {
                                Iterator elements2 = node2.elements();
                                while (elements2.hasNext()) {
                                    JsonNode jsonNode2 = (JsonNode) elements2.next();
                                    DataLevelPmEntity dataLevelPmEntity = new DataLevelPmEntity(permission2);
                                    dataLevelPmEntity.setPmProperty(jsonNode2.toString());
                                    hashSet2.add(dataLevelPmEntity);
                                }
                            } else {
                                DataLevelPmEntity dataLevelPmEntity2 = new DataLevelPmEntity(permission2);
                                dataLevelPmEntity2.setPmProperty(permission2.getPmProperty());
                                hashSet2.add(dataLevelPmEntity2);
                            }
                        }
                        if (hostPms2.containsKey(str5)) {
                            hashSet2.addAll(hostPms2.get(str5));
                        }
                        expOperPermissionByOper.saveExpPermission(hashSet2, pmHost);
                    } else {
                        expOperPermissionByOper.saveExpPermission(hostPms.get(pmHost.getAuthType() + "." + pmHost.getAuthid()), pmHost);
                    }
                }
            }
        }
    }

    private Map<String, List<Permission>> getHostPms(Collection<? extends Permission> collection, Set<PmHost> set) {
        HashMap hashMap = new HashMap();
        for (Permission permission : collection) {
            String authid = permission.getAuthid();
            int authType = permission.getAuthType();
            PmHost createPmHost = PmHost.createPmHost(authid, authType);
            if (set != null) {
                set.add(createPmHost);
            }
            String str = authType + "." + authid;
            if (hashMap.containsKey(str)) {
                ((List) hashMap.get(str)).add(permission);
            } else {
                ArrayList arrayList = new ArrayList();
                arrayList.add(permission);
                hashMap.put(str, arrayList);
            }
        }
        return hashMap;
    }

    @RequestMapping(params = {"action=delete"})
    @ResponseBody
    public void delPms(HttpServletRequest httpServletRequest) {
        Login login = WebUtils.getLogin();
        PmChecker pmChecker = login.getPmChecker();
        if (!StrFunc.parseBoolean(httpServletRequest.getParameter("noauth"), false) && pmChecker.check(EaclResourceConst.RES_USERORG, AUTH)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.noauthopererror", "您没有用户权限的授权权限，无法使用该操作，操作失败。");
        }
        String checkResID = SecurityFunc.checkResID(httpServletRequest.getParameter("resourceid"));
        String checkXSSParam = SecurityFunc.checkXSSParam(httpServletRequest, "operations");
        if (StrFunc.isNull(checkXSSParam)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.operationsisnull", "operations参数不能为空，操作失败。");
        }
        String[] split = checkXSSParam.split(",");
        String checkXSSParam2 = SecurityFunc.checkXSSParam(httpServletRequest, "authids");
        if (StrFunc.isNull(checkXSSParam2)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.authidsisnull", "authids参数不能为空，操作失败。");
        }
        String[] split2 = checkXSSParam2.split(",");
        String[] split3 = SecurityFunc.checkXSSParam(httpServletRequest, "operareas").split(",");
        if (split.length != split3.length) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.actionapipermission.operationsoperareasissame", "operations和operareas参数长度不一致，操作失败。");
        }
        int parseInt = StrFunc.parseInt(httpServletRequest.getParameter("authType"), 0);
        String checkXSSParam3 = SecurityFunc.checkXSSParam(httpServletRequest, "pmProperty");
        ArrayList arrayList = new ArrayList();
        try {
            String checkXSSParam4 = SecurityFunc.checkXSSParam(httpServletRequest, "extpms");
            if (!StrFunc.isNull(checkXSSParam4)) {
                for (Permission permission : JsonUtils.readArray(checkXSSParam4, Permission.class)) {
                    for (String str : split2) {
                        Permission m47clone = permission.m47clone();
                        m47clone.setAuthid(str);
                        arrayList.add(m47clone);
                    }
                }
            }
            Map<String, Collection<Permission>> operPermissionMap = this.extendPmManager.getOperPermissionMap();
            ResLockManager resLockManager = this.cluster.getResLockManager();
            resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.actionapipermission.deletepmbyreslock", "删除权限资源操作上锁"), login.getId());
            try {
                for (String str2 : split2) {
                    int length = split.length;
                    for (int i = 0; i < length; i++) {
                        String str3 = split[i];
                        Permission permission2 = new Permission(checkResID, str3, str2, parseInt, null);
                        permission2.setOperarea(StrFunc.parseInt(split3[i], 0));
                        permission2.setPmProperty(checkXSSParam3);
                        if (this.extendPmManager.getExpOperPermissionByOper(str3) == null) {
                            arrayList.add(permission2);
                        } else {
                            Collection<Permission> collection = operPermissionMap.get(str3);
                            if (collection == null) {
                                collection = new ArrayList();
                                operPermissionMap.put(str3, collection);
                            }
                            collection.add(permission2);
                        }
                    }
                }
                if (!arrayList.isEmpty()) {
                    this.pmService.removeCoverPms(arrayList);
                }
                delExtendPms(operPermissionMap);
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            } catch (Throwable th) {
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
                throw th;
            }
        } catch (Exception e) {
            ExceptionHandler.rethrowRuntimeException(e, "com.esen.eacl.actionapipermission.batchdeletepmserror", "批量删除权限出现异常，原因如下：");
        }
    }

    private void delExtendPms(Map<String, Collection<Permission>> map) {
        for (String str : map.keySet()) {
            HashSet hashSet = new HashSet();
            Collection<Permission> collection = map.get(str);
            if (!collection.isEmpty()) {
                Map<String, List<Permission>> hostPms = getHostPms(collection, hashSet);
                ExtendPmService expOperPermissionByOper = this.extendPmManager.getExpOperPermissionByOper(str);
                Map<String, List<Permission>> hostPms2 = getHostPms(expOperPermissionByOper.listPms(hashSet), null);
                for (PmHost pmHost : hashSet) {
                    if (StrFunc.compareStr(str, "formfieldpm")) {
                        ArrayList arrayList = new ArrayList();
                        HashSet hashSet2 = new HashSet();
                        String authid = pmHost.getAuthid();
                        int authType = pmHost.getAuthType();
                        String str2 = authType + "." + authid;
                        if (hostPms2.containsKey(str2)) {
                            List<Permission> list = hostPms2.get(str2);
                            for (Permission permission : hostPms.get(str2)) {
                                String resourceid = permission.getResourceid();
                                String pmProperty = permission.getPmProperty();
                                if (StrFunc.isNull(pmProperty)) {
                                    break;
                                }
                                JsonNode node = JsonUtils.readObj(pmProperty).getNode();
                                if (node instanceof ArrayNode) {
                                    Iterator elements = node.elements();
                                    while (elements.hasNext()) {
                                        JsonNode jsonNode = (JsonNode) elements.next();
                                        hashSet2.add(jsonNode.get("wid").asText() + "." + jsonNode.get("name").asText() + "." + resourceid);
                                    }
                                } else if (node instanceof ObjectNode) {
                                    hashSet2.add(node.get("wid").asText() + "." + node.get("name").asText() + "." + resourceid);
                                }
                            }
                            for (Permission permission2 : list) {
                                String pmProperty2 = permission2.getPmProperty();
                                String resourceid2 = permission2.getResourceid();
                                if (!StrFunc.isNull(pmProperty2)) {
                                    JsonNode node2 = JsonUtils.readObj(pmProperty2).getNode();
                                    if (!hashSet2.contains(node2.get("wid").asText() + "." + node2.get("name").asText() + "." + resourceid2)) {
                                        arrayList.add(permission2);
                                    }
                                }
                            }
                            if (arrayList.size() == 0) {
                                expOperPermissionByOper.deleteExtPermission(authType, authid);
                            } else {
                                expOperPermissionByOper.saveExpPermission(arrayList, pmHost);
                            }
                        }
                    } else if (StrFunc.compareStr(str, "formdatapm")) {
                        expOperPermissionByOper.saveExpPermission(new ArrayList(), pmHost);
                    } else if (StrFunc.compareStr(str, DatarangeExtendPmService.OPER)) {
                        String authid2 = pmHost.getAuthid();
                        int authType2 = pmHost.getAuthType();
                        String str3 = authType2 + "." + authid2;
                        if (hostPms2.containsKey(str3)) {
                            List<Permission> list2 = hostPms2.get(str3);
                            HashSet hashSet3 = new HashSet();
                            List<Permission> list3 = hostPms.get(str3);
                            HashSet hashSet4 = new HashSet();
                            for (Permission permission3 : list3) {
                                String pmProperty3 = permission3.getPmProperty();
                                if (StrFunc.isNull(pmProperty3)) {
                                    break;
                                }
                                JsonNode node3 = JsonUtils.readObj(pmProperty3).getNode();
                                if (node3 instanceof ArrayNode) {
                                    Iterator elements2 = node3.elements();
                                    while (elements2.hasNext()) {
                                        JsonNode jsonNode2 = (JsonNode) elements2.next();
                                        DataLevelPmEntity dataLevelPmEntity = new DataLevelPmEntity(permission3);
                                        dataLevelPmEntity.setPmProperty(jsonNode2.toString());
                                        hashSet4.add(dataLevelPmEntity);
                                    }
                                } else {
                                    DataLevelPmEntity dataLevelPmEntity2 = new DataLevelPmEntity(permission3);
                                    dataLevelPmEntity2.setPmProperty(pmProperty3);
                                    hashSet4.add(dataLevelPmEntity2);
                                }
                            }
                            for (Permission permission4 : list2) {
                                if (!list3.contains(permission4)) {
                                    hashSet3.add(permission4);
                                }
                            }
                            if (hashSet3.size() == 0) {
                                expOperPermissionByOper.deleteExtPermission(authType2, authid2);
                            } else {
                                expOperPermissionByOper.saveExpPermission(hashSet3, pmHost);
                            }
                        }
                    } else {
                        expOperPermissionByOper.saveExpPermission(new ArrayList(), pmHost);
                    }
                }
            }
        }
    }
}
