package cn.gtmap.gtc.starter.gscas.expression;

import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.persister.collection.CollectionPropertyNames;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.expression.WebSecurityExpressionRoot;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/gtmap-security-cloud-app-starter-1.2.1.jar:cn/gtmap/gtc/starter/gscas/expression/GtWebSecurityExpressionRoot.class */
public class GtWebSecurityExpressionRoot extends WebSecurityExpressionRoot {
    protected final Log logger;
    private OAuth2RestTemplate template;
    private String username;
    private String requestPath;
    private String url;
    private String clientId;
    private String method;

    public GtWebSecurityExpressionRoot(Authentication authentication, FilterInvocation filterInvocation, OAuth2RestTemplate oAuth2RestTemplate, String str, String str2) {
        super(authentication, filterInvocation);
        this.logger = LogFactory.getLog(GtWebSecurityExpressionRoot.class);
        this.username = authentication.getName();
        this.template = oAuth2RestTemplate;
        this.clientId = str2;
        if (str == null || str.lastIndexOf("/") == str.length() - 1) {
            this.url = str;
        } else {
            this.url = str + "/";
        }
        StringBuilder sb = new StringBuilder();
        if (filterInvocation.getHttpRequest().getServletPath() != null) {
            sb.append(filterInvocation.getHttpRequest().getServletPath());
            if (filterInvocation.getHttpRequest().getPathInfo() != null) {
                sb.append(filterInvocation.getHttpRequest().getPathInfo());
            }
        }
        this.method = filterInvocation.getHttpRequest().getMethod();
        this.requestPath = sb.toString();
    }

    public boolean hasModuleAuthority(String str) {
        return "anonymousUser".equals(this.username) ? hasAnyAuthority(str) : moduleAuth(str);
    }

    public boolean hasUrlAuthority(String str) {
        return "anonymousUser".equals(this.username) ? hasAnyAuthority(str) : urlAuth(str);
    }

    public boolean hasAnyUrlAuthority(String... strArr) {
        if ("anonymousUser".equals(this.username)) {
            return hasAnyAuthority(strArr);
        }
        if (strArr.length == 0) {
            return urlAuth("");
        }
        for (String str : strArr) {
            if (urlAuth(str)) {
                return true;
            }
        }
        return false;
    }

    public boolean hasAnyModuleAuthority(String... strArr) {
        if ("anonymousUser".equals(this.username)) {
            return hasAnyAuthority(strArr);
        }
        for (String str : strArr) {
            if (moduleAuth(str)) {
                return true;
            }
        }
        return false;
    }

    private boolean urlAuth(String str) {
        if (null == this.template || null == this.url) {
            return false;
        }
        StringBuilder sb = new StringBuilder(this.url);
        sb.append("auth/menu/url-authority?username=").append(this.username).append("&path=").append(this.requestPath).append("&clientId=").append(this.clientId).append("&method=").append(this.method);
        Map<String, String> map = (Map) this.template.getForObject(sb.toString(), Map.class, new Object[0]);
        if (CollectionUtils.isEmpty(map)) {
            return false;
        }
        return verifyAuthority(str, map);
    }

    private boolean moduleAuth(String str) {
        if (null == this.template || null == this.url) {
            return false;
        }
        String[] split = str.split(":");
        if (split.length < 1) {
            return false;
        }
        String str2 = split[0];
        String str3 = split.length > 1 ? split[1] : "";
        Map<String, String> map = (Map) this.template.getForObject(this.url + "auth/menu/module-authority?username=" + this.username + "&moduleCode=" + str2 + "&clientId=" + this.clientId, Map.class, new Object[0]);
        if (CollectionUtils.isEmpty(map)) {
            return false;
        }
        return verifyAuthority(str3, map);
    }

    private boolean verifyAuthority(String str, Map<String, String> map) {
        if (StringUtils.isEmpty(map.get("root"))) {
            return false;
        }
        if ("all:all".equals(map.get("root"))) {
            this.request.setAttribute("currentAuthority", map.get("root"));
            this.request.setAttribute("elementAuthorities", map.get(CollectionPropertyNames.COLLECTION_ELEMENTS));
            return true;
        }
        Set<String> commaDelimitedListToSet = StringUtils.commaDelimitedListToSet(str);
        if (!CollectionUtils.isEmpty(commaDelimitedListToSet)) {
            Iterator<String> it = commaDelimitedListToSet.iterator();
            while (it.hasNext()) {
                if (!map.get("root").contains(it.next())) {
                    return false;
                }
            }
        }
        this.request.setAttribute("currentAuthority", map.get("root"));
        this.request.setAttribute("elementAuthorities", map.get(CollectionPropertyNames.COLLECTION_ELEMENTS));
        return true;
    }
}
