package com.fr.decision.webservice.aspect;

import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.authority.AuthorityType;
import com.fr.decision.authority.controller.AuthorityController;
import com.fr.decision.authority.controller.DefaultAuthorityController;
import com.fr.decision.webservice.annotation.DecisionEntryChecker;
import com.fr.decision.webservice.annotation.DecisionUserChecker;
import com.fr.decision.webservice.annotation.RoleCheckerType;
import com.fr.decision.webservice.bean.entry.EntryChecker;
import com.fr.decision.webservice.bean.user.RoleChecker;
import com.fr.decision.webservice.exception.general.NoPrivilegeException;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.stable.StringUtils;
import com.fr.third.aspectj.lang.JoinPoint;
import com.fr.third.aspectj.lang.annotation.Aspect;
import com.fr.third.aspectj.lang.annotation.Before;
import com.fr.third.aspectj.lang.annotation.Pointcut;
import com.fr.third.springframework.stereotype.Component;
import com.fr.third.springframework.web.context.request.RequestContextHolder;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

@Aspect
@Component
/* loaded from: input_file:com/fr/decision/webservice/aspect/DecisionAuthorityAspect.class */
public class DecisionAuthorityAspect {
    @Pointcut("@annotation(com.fr.decision.webservice.annotation.DecisionEntryChecker)")
    public void entryCheckPoint() {
    }

    @Pointcut("@annotation(com.fr.decision.webservice.annotation.DecisionUserChecker)")
    public void userCheckPoint() {
    }

    @Pointcut("@annotation(com.fr.decision.webservice.annotation.DecisionConfigChecker)")
    public void configCheckPoint() {
    }

    @Before("configCheckPoint()")
    public void configCheck(JoinPoint joinPoint) throws Exception {
        String currentUserId = getCurrentUserId();
        if (StringUtils.isEmpty(currentUserId) || !UserService.getInstance().isAdmin(currentUserId)) {
            throw new NoPrivilegeException();
        }
    }

    @Before("entryCheckPoint() && @annotation(checker)")
    public void entryCheck(JoinPoint joinPoint, DecisionEntryChecker decisionEntryChecker) throws Exception {
        DefaultAuthorityController authorityController = AuthorityContext.getInstance().getAuthorityController();
        if (authorityController != null) {
            String currentUserId = getCurrentUserId();
            if (StringUtils.isEmpty(currentUserId) || UserService.getInstance().isAdmin(currentUserId)) {
                return;
            }
            List<String> entryCheckerIds = getEntryCheckerIds(joinPoint, decisionEntryChecker.targetIndex());
            for (int i : decisionEntryChecker.authorityType()) {
                batchCheckAuthority(currentUserId, entryCheckerIds, AuthorityType.fromInteger(i), authorityController);
            }
        }
    }

    @Before("userCheckPoint() && @annotation(checker)")
    public void userCheck(JoinPoint joinPoint, DecisionUserChecker decisionUserChecker) throws Exception {
        String currentUserId = getCurrentUserId();
        if (StringUtils.isEmpty(currentUserId) || UserService.getInstance().isAdmin(currentUserId)) {
            return;
        }
        RoleCheckerType roleCheckerType = decisionUserChecker.roleCheckerType();
        int[] targetIndex = decisionUserChecker.targetIndex();
        Object[] args = joinPoint.getArgs();
        int length = args.length;
        for (int i : targetIndex) {
            if (i - 1 < length) {
                Object obj = args[i - 1];
                if (obj instanceof RoleChecker) {
                    RoleChecker roleChecker = (RoleChecker) obj;
                    checkAuthority(currentUserId, roleChecker.createUserCheckerIds(), RoleCheckerType.USER);
                    checkAuthority(currentUserId, roleChecker.createCustomRoleCheckerIds(), RoleCheckerType.CUSTOM_ROLE);
                    checkAuthority(currentUserId, roleChecker.createDepartmentCheckerIds(), RoleCheckerType.DEPARTMENT);
                } else if ((obj instanceof String) && !roleCheckerType.checkAuthority(currentUserId, (String) obj)) {
                    throw new NoPrivilegeException();
                }
            }
        }
    }

    private void checkAuthority(String str, List<String> list, RoleCheckerType roleCheckerType) throws Exception {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (!roleCheckerType.checkAuthority(str, it.next())) {
                throw new NoPrivilegeException();
            }
        }
    }

    private List<String> getEntryCheckerIds(JoinPoint joinPoint, int[] iArr) {
        ArrayList arrayList = new ArrayList();
        Object[] args = joinPoint.getArgs();
        int length = args.length;
        for (int i : iArr) {
            if (i - 1 < length) {
                Object obj = args[i - 1];
                if (obj instanceof EntryChecker) {
                    arrayList.addAll(((EntryChecker) obj).createEntryCheckerIds());
                } else if (obj instanceof String) {
                    arrayList.add((String) obj);
                }
            }
        }
        return arrayList;
    }

    private String getCurrentUserId() {
        try {
            return UserService.getInstance().getCurrentUserIdFromCookie(RequestContextHolder.getRequestAttributes().getRequest());
        } catch (Exception e) {
            return null;
        }
    }

    private void batchCheckAuthority(String str, List<String> list, AuthorityType authorityType, AuthorityController authorityController) throws Exception {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (!authorityController.doesUserHaveAuthority(str, it.next(), authorityType)) {
                throw new NoPrivilegeException();
            }
        }
    }
}
