package cn.gtmap.landsale.security;

import cn.gtmap.egovplat.core.util.RequestUtils;
import cn.gtmap.landsale.Constants;
import cn.gtmap.landsale.model.TransUser;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.google.common.collect.Sets;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PathMatcher;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:cn/gtmap/landsale/security/SecUtil.class */
public class SecUtil {
    static final String USER_ID_KEY = "_USER_ID";
    static final String USER_NAME_KEY = "_USER_VIEW_NAME";
    static final String USER_REGIONS = "_USER_REGION_CODE";
    static final String USER_RESOURCES = "_USER_RESOURCE_PRIVILEGE";
    static final PathMatcher pathMatcher = RequestUtils.PATH_MATCHER;

    public static boolean isLogin() {
        return StringUtils.isNoneBlank(new CharSequence[]{getLoginUserId()});
    }

    public static String getLoginUserId() {
        return SecurityContext.getContext().getAttr().getAttr(USER_ID_KEY);
    }

    public static String getLoginUserViewName() {
        return SecurityContext.getContext().getAttr().getAttr(USER_NAME_KEY);
    }

    public static void setLoginUserIdToLocal(String str, String str2) {
        SecurityContext.getContext().getAttr().setAttr(USER_ID_KEY, str);
        SecurityContext.getContext().getAttr().setAttr(USER_NAME_KEY, str2);
    }

    public static void setLoginUserIdToSession(HttpServletRequest httpServletRequest, TransUser transUser) {
        WebUtils.setSessionAttribute(httpServletRequest, USER_ID_KEY, transUser);
    }

    public static boolean login4Session(HttpServletRequest httpServletRequest) {
        Object sessionAttribute = WebUtils.getSessionAttribute(httpServletRequest, USER_ID_KEY);
        if (sessionAttribute != null) {
            setLoginUserToLocal((TransUser) sessionAttribute);
            return true;
        }
        clearContextAttr(false);
        return false;
    }

    public static void setLoginUserToLocal(TransUser transUser) {
        SecurityContext.getContext().getAttr().setAttr(USER_ID_KEY, transUser.getUserId());
        SecurityContext.getContext().getAttr().setAttr(USER_NAME_KEY, transUser.getViewName());
        String privilege = transUser.getPrivilege();
        if (StringUtils.isNotBlank(privilege)) {
            JSONObject parseObject = JSON.parseObject(privilege);
            if (parseObject.containsKey("regions")) {
                SecurityContext.getContext().getAttr().setAttr(USER_REGIONS, Sets.newHashSet((List) parseObject.get("regions")));
            }
            if (parseObject.containsKey("resources")) {
                SecurityContext.getContext().getAttr().setAttr(USER_RESOURCES, parseObject.get("resources"));
            }
        }
    }

    public static void logout4Session(HttpServletRequest httpServletRequest) {
        WebUtils.setSessionAttribute(httpServletRequest, USER_ID_KEY, (Object) null);
        clearContextAttr(true);
    }

    private static void clearContextAttr(boolean z) {
        SecurityContext.getContext().getAttr().removeAttr(USER_ID_KEY);
        SecurityContext.getContext().getAttr().removeAttr(USER_NAME_KEY);
        SecurityContext.getContext().getAttr().removeAttr(USER_REGIONS);
        SecurityContext.getContext().getAttr().removeAttr(USER_RESOURCES);
        if (z) {
            SecurityContext.clearContext();
        }
    }

    public static boolean isAdmin() {
        return Constants.USER_ADMIN_ID.equals(getLoginUserId());
    }

    public static boolean isAdminType(TransUser transUser) {
        return transUser.getType() == Constants.UserType.MANAGER;
    }

    public static boolean isPermitted(String str, Collection<String> collection) {
        if (CollectionUtils.isEmpty(collection)) {
            return false;
        }
        Set<String> permittedOperations = getPermittedOperations(str);
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            if (!permittedOperations.contains(it.next())) {
                return false;
            }
        }
        return true;
    }

    public static boolean isPermitted(String str, String str2, Collection<String> collection) {
        if (CollectionUtils.isEmpty(collection)) {
            return false;
        }
        Set<String> permittedOperations = getPermittedOperations(str, str2);
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            if (!permittedOperations.contains(it.next())) {
                return false;
            }
        }
        return true;
    }

    public static Set<String> getPermittedOperations(String str, String str2) {
        HashSet newHashSet = Sets.newHashSet();
        String str3 = (String) SecurityContext.getContext().getAttr().getAttr(USER_RESOURCES, String.class, (Object) null);
        if (StringUtils.isNotBlank(str3)) {
            for (Map map : (List) JSON.parseObject(str3, List.class)) {
                if (StringUtils.isBlank(str2)) {
                    if (pathMatcher.match(String.valueOf(map.get("url")), str)) {
                        newHashSet.add(String.valueOf(map.get("operation")));
                    }
                } else if (pathMatcher.match(String.valueOf(map.get("url")), str) && str2.equals(map.get("name"))) {
                    newHashSet.add(String.valueOf(map.get("operation")));
                }
            }
        }
        return newHashSet;
    }

    public static Set<String> getPermittedOperations(String str) {
        return getPermittedOperations(str, null);
    }

    public static Set<String> getPermittedRegions() {
        String str = (String) SecurityContext.getContext().getAttr().getAttr(USER_REGIONS, String.class, (Object) null);
        if (StringUtils.isBlank(str)) {
            return Sets.newHashSet(new String[]{"-999"});
        }
        Set<String> set = (Set) JSON.parseObject(str, Set.class);
        return (set == null || set.isEmpty()) ? Sets.newHashSet(new String[]{"-999"}) : set;
    }
}
