package com.esen.eacl.action;

import com.esen.eacl.Login;
import com.esen.eacl.PmChecker;
import com.esen.eacl.WebUtils;
import com.esen.eacl.org.OrgConst;
import com.esen.eacl.resource.EaclResourceConst;
import com.esen.eacl.user.UserConst;
import com.esen.ecore.resource.ResourceId;
import com.esen.ecore.resource.ResourceUtil;
import com.esen.eres.ResourceOper;
import com.esen.eweb.ClientResult;
import com.esen.eweb.action.Action_Js;
import com.esen.util.ArrayFunc;
import com.esen.util.ExceptionHandler;
import com.esen.util.JsonUtils;
import com.esen.util.StrFunc;
import com.esen.util.security.SecurityFunc;
import javax.servlet.http.HttpServletRequest;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/eacl/pmcheck"})
@Controller
/* loaded from: input_file:com/esen/eacl/action/ActionPmChecker.class */
public class ActionPmChecker extends Action_Js {
    private static final Logger SLF4J = LoggerFactory.getLogger(ActionPmChecker.class);

    private Login getLogin() {
        return WebUtils.getLogin();
    }

    protected String jsexecute(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        String parameter = httpServletRequest.getParameter("action");
        if ("getlogininfo".equalsIgnoreCase(parameter)) {
            doGetLogininfo(httpServletRequest, clientResult);
            return null;
        }
        if ("check".equalsIgnoreCase(parameter)) {
            doCheck(httpServletRequest, clientResult);
            return null;
        }
        if ("multicheck".equalsIgnoreCase(parameter)) {
            doMultiCheck(httpServletRequest, clientResult);
            return null;
        }
        if (!"getOrgpm".equalsIgnoreCase(parameter)) {
            return null;
        }
        doGetOrgpm(httpServletRequest, clientResult);
        return null;
    }

    private void doGetLogininfo(HttpServletRequest httpServletRequest, ClientResult clientResult) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        Login login = getLogin();
        jSONObject.put("LOGINID", login.getId());
        jSONObject.put("LOGINNAME", login.getName());
        jSONObject.put("ISADMIN", login.isAdmin());
        if (login.getOrg() != null) {
            parseUserJson(login, jSONObject);
            parseOrgJson(login, jSONObject);
        }
        clientResult.getWriter().write(jSONObject.toString());
    }

    private void parseUserJson(Login login, JSONObject jSONObject) throws JSONException {
        JSONObject jSONObject2 = new JSONObject(JsonUtils.toJSONString(login.getUserInfo()));
        jSONObject2.remove(UserConst.PROP_PASSW0RD);
        jSONObject.put("USER", jSONObject2);
    }

    private void parseOrgJson(Login login, JSONObject jSONObject) {
        jSONObject.put("ORG", new JSONObject(JsonUtils.toJSONString(login.getOrg())));
    }

    protected void doCheck(HttpServletRequest httpServletRequest, ClientResult clientResult) {
        String parameter = httpServletRequest.getParameter("rid");
        SecurityFunc.checkXSSParam(parameter);
        String parameter2 = httpServletRequest.getParameter("oper");
        SecurityFunc.checkXSSParam(parameter2);
        Login login = getLogin();
        PmChecker pmChecker = login.getPmChecker();
        String[] split = parameter.split(",");
        String[] split2 = parameter2.split(",");
        String[] strArr = new String[split2.length];
        int length = split.length;
        if (length != 1 && split.length != split2.length) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionpmchecker.error", "资源id大于1时与操作数不匹配！");
        }
        if (login.isAdmin()) {
            for (int i = 0; i < split2.length; i++) {
                strArr[i] = String.valueOf(true);
            }
        } else {
            ResourceId resource = ResourceUtil.getResource(split[0]);
            for (int i2 = 0; i2 < split2.length; i2++) {
                if (split2[i2].indexOf(38) > -1) {
                    boolean z = true;
                    for (String str : split2[i2].split("&")) {
                        if (str.indexOf(45) > -1) {
                            String[] split3 = str.split(OrgConst.LEVEL_NULL);
                            z = length == 1 ? pmChecker.check(resource, split3[0], StrFunc.parseInt(split3[1], 0)) : pmChecker.check(split[i2], split3[0], StrFunc.parseInt(split3[1], 0));
                        } else {
                            z = length == 1 ? pmChecker.check(resource, str) : pmChecker.check(split[i2], str);
                        }
                        if (!z) {
                            break;
                        }
                    }
                    strArr[i2] = String.valueOf(z);
                } else if (split2[i2].indexOf(45) > -1) {
                    String[] split4 = split2[i2].split(OrgConst.LEVEL_NULL);
                    if (split.length == 1) {
                        strArr[i2] = String.valueOf(pmChecker.check(resource, split4[0], StrFunc.parseInt(split4[1], 0)));
                    } else {
                        strArr[i2] = String.valueOf(pmChecker.check(split[i2], split4[0], StrFunc.parseInt(split4[1], 0)));
                    }
                } else if (split.length == 1) {
                    strArr[i2] = String.valueOf(pmChecker.check(resource, split2[i2]));
                } else {
                    strArr[i2] = String.valueOf(pmChecker.check(split[i2], split2[i2]));
                }
            }
        }
        clientResult.getWriter().print(ArrayFunc.join(strArr, ","));
    }

    private void doMultiCheck(HttpServletRequest httpServletRequest, ClientResult clientResult) {
        String parameter = httpServletRequest.getParameter("rid");
        SecurityFunc.checkXSSParam(parameter);
        String parameter2 = httpServletRequest.getParameter("oper");
        SecurityFunc.checkXSSParam(parameter2);
        Login login = getLogin();
        PmChecker pmChecker = login.getPmChecker();
        String[] split = parameter.split(",");
        String[] split2 = parameter2.split(",");
        String[] strArr = new String[split2.length];
        if (login.isAdmin()) {
            for (int i = 0; i < split2.length; i++) {
                strArr[i] = String.valueOf(true);
            }
        } else {
            for (int i2 = 0; i2 < split2.length; i2++) {
                if (split2[i2].indexOf(45) > -1) {
                    String[] split3 = split2[i2].split(OrgConst.LEVEL_NULL);
                    if (split.length == 1) {
                        strArr[i2] = String.valueOf(pmChecker.check(split[0], split3[0], StrFunc.parseInt(split3[1], 0)));
                    } else {
                        strArr[i2] = String.valueOf(_checkPm(pmChecker, split, split3[0], StrFunc.parseInt(split3[1], 0)));
                    }
                } else if (split.length == 1) {
                    strArr[i2] = String.valueOf(pmChecker.check(split[0], split2[i2]));
                } else {
                    strArr[i2] = String.valueOf(_checkPm(pmChecker, split, split2[i2], 0));
                }
            }
        }
        clientResult.getWriter().print(ArrayFunc.join(strArr, ","));
    }

    private boolean _checkPm(PmChecker pmChecker, String[] strArr, String str, int i) {
        for (int i2 = 0; i2 < strArr.length; i2++) {
            if (i == 0) {
                if (!pmChecker.check(strArr[i2], str)) {
                    return false;
                }
            } else if (!pmChecker.check(strArr[i2], str, i)) {
                return false;
            }
        }
        return true;
    }

    private void doGetOrgpm(HttpServletRequest httpServletRequest, ClientResult clientResult) {
        Login login = getLogin();
        if (login.isAdmin()) {
            clientResult.getWriter().print("true,true");
            return;
        }
        PmChecker pmChecker = login.getPmChecker();
        String parameter = httpServletRequest.getParameter("oper");
        SecurityFunc.checkXSSParam(parameter);
        String str = null;
        if (StrFunc.isNull(parameter) || StrFunc.compareStr("grant", parameter)) {
            str = String.valueOf(pmChecker.check(EaclResourceConst.RES_USERORG, ResourceOper.AUTHORIZE.getOperId()));
        }
        if (StrFunc.isNull(parameter) || StrFunc.compareStr("denygrant", parameter)) {
            boolean check = pmChecker.check(EaclResourceConst.RES_USERORG, ResourceOper.DENYAUTHORIZE.getOperId());
            str = StrFunc.isNull(str) ? String.valueOf(check) : str + "," + String.valueOf(check);
        }
        clientResult.getWriter().print(str);
    }
}
