package cn.ibizlab.util.adapter.security;

import cn.ibizlab.util.adapter.service.SysRuntimeModelService;
import cn.ibizlab.util.adapter.util.helper.CachedBeanCopier;
import cn.ibizlab.util.domain.IEntity;
import cn.ibizlab.util.filter.FilterBase;
import cn.ibizlab.util.filter.ISearchContext;
import cn.ibizlab.util.security.AuthenticationUser;
import cn.ibizlab.util.security.SpringContextHolder;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import net.ibizsys.central.cloud.core.ServiceSystemRuntime;
import net.ibizsys.central.cloud.core.spring.rt.ServiceHub;
import net.ibizsys.central.dataentity.IDataEntityRuntime;
import net.ibizsys.central.dataentity.security.IDataEntityAccessManager;
import net.ibizsys.central.dataentity.service.IDEServiceAPIRuntime;
import net.ibizsys.central.service.ISysServiceAPIRuntime;
import net.ibizsys.central.util.IEntityDTO;
import net.ibizsys.central.util.ISearchContextDTO;
import net.ibizsys.model.dataentity.defield.IPSDEField;
import net.ibizsys.model.dataentity.service.IPSDEServiceAPIMethod;
import net.ibizsys.model.dataentity.service.IPSDEServiceAPIRS;
import net.ibizsys.model.service.IPSSysServiceAPI;
import net.ibizsys.runtime.security.UserContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.expression.SecurityExpressionRoot;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:cn/ibizlab/util/adapter/security/DefaultAdapterMethodSecurityExpression.class */
public class DefaultAdapterMethodSecurityExpression extends SecurityExpressionRoot implements MethodSecurityExpressionOperations {
    private static final Logger log = LoggerFactory.getLogger(DefaultAdapterMethodSecurityExpression.class);
    private Object filterObject;
    private Object returnObject;
    private Object target;
    private SysRuntimeModelService sysRuntimeModelService;

    public boolean isEnablePermissionValid() {
        return ((Boolean) SpringContextHolder.getApplicationContext().getEnvironment().getProperty("ibiz.enablePermissionValid", Boolean.class, false)).booleanValue();
    }

    public DefaultAdapterMethodSecurityExpression(Authentication authentication) {
        super(authentication);
    }

    public boolean hasPermission(Object obj, Object obj2) {
        return hasPermission(null, null, obj, obj2);
    }

    public boolean hasPermission(String str, Serializable serializable, Object obj, Object obj2) {
        Authentication authentication = getAuthentication();
        if (!isEnablePermissionValid()) {
            return true;
        }
        Object principal = authentication.getPrincipal();
        if (ObjectUtils.isEmpty(principal)) {
            return false;
        }
        if ((principal instanceof AuthenticationUser) && ((AuthenticationUser) authentication.getPrincipal()).isSuperUser()) {
            return true;
        }
        String[] split = String.valueOf(obj2).split("-|:");
        String str2 = split.length >= 2 ? split[1] : "";
        String str3 = split.length >= 3 ? split[2] : "";
        if (!(obj instanceof ArrayList) || ((ArrayList) obj).isEmpty() || !(((ArrayList) obj).get(0) instanceof IEntity)) {
            if ((obj instanceof ISearchContext) || (obj instanceof IEntity)) {
                return test(str, serializable, str2, str3, obj);
            }
            return true;
        }
        Iterator it = ((List) obj).iterator();
        while (it.hasNext()) {
            if (!test(str, null, str2, str3, (IEntity) it.next())) {
                return false;
            }
        }
        return true;
    }

    protected boolean test(String str, Serializable serializable, String str2, String str3, Object obj) {
        IPSDEField parentIdPSDEField;
        ServiceSystemRuntime serviceSystemRuntime = (ServiceSystemRuntime) ((ServiceHub) SpringContextHolder.getBean(ServiceHub.class)).getSystemRuntime(ServiceSystemRuntime.class, true);
        if (serviceSystemRuntime == null) {
            log.error("无法获取系统Runtime");
            return false;
        }
        List<IPSSysServiceAPI> allPSSysServiceAPIs = serviceSystemRuntime.getPSSystem().getAllPSSysServiceAPIs();
        if (allPSSysServiceAPIs == null) {
            return false;
        }
        for (IPSSysServiceAPI iPSSysServiceAPI : allPSSysServiceAPIs) {
            ISysServiceAPIRuntime sysServiceAPIRuntime = serviceSystemRuntime.getSysServiceAPIRuntime(iPSSysServiceAPI.getCodeName(), true);
            if (sysServiceAPIRuntime != null) {
                IDataEntityRuntime dataEntityRuntime = getSysRuntimeModelService().getDataEntityRuntime(str2, true);
                IDEServiceAPIRuntime dEServiceAPIRuntime = getSysRuntimeModelService().getDEServiceAPIRuntime(sysServiceAPIRuntime, str2, true);
                if (dataEntityRuntime != null && dEServiceAPIRuntime != null) {
                    IPSDEServiceAPIMethod pSDEServiceAPIMethod = getSysRuntimeModelService().getPSDEServiceAPIMethod(dEServiceAPIRuntime, str3, false);
                    String dataAccessAction = pSDEServiceAPIMethod.getDataAccessAction();
                    IDataEntityRuntime dataEntityRuntime2 = !ObjectUtils.isEmpty(str) ? getSysRuntimeModelService().getDataEntityRuntime(str, true) : null;
                    IDataEntityAccessManager dataEntityAccessManager = dataEntityRuntime.getDataEntityAccessManager();
                    String valueOf = serializable == null ? null : String.valueOf(serializable);
                    if (obj instanceof IEntity) {
                        IEntity iEntity = (IEntity) obj;
                        String codeName = dataEntityRuntime.getKeyPSDEField().getCodeName();
                        Object obj2 = ObjectUtils.isEmpty(codeName) ? "" : iEntity.get(codeName);
                        IEntityDTO createEntity = dataEntityRuntime.createEntity();
                        CachedBeanCopier.copyEntity2Dto(iEntity, createEntity);
                        if (dataEntityRuntime2 != null && (parentIdPSDEField = ((IPSDEServiceAPIRS) iPSSysServiceAPI.getPSDEServiceAPIRSs().stream().filter(iPSDEServiceAPIRS -> {
                            return iPSDEServiceAPIRS.getMajorPSDEServiceAPI().getPSDataEntity().getName().equals(dataEntityRuntime2.getName()) && iPSDEServiceAPIRS.getMinorPSDEServiceAPI().getPSDataEntity().getName().equals(dataEntityRuntime.getName());
                        }).findFirst().orElse(null)).getParentIdPSDEField()) != null) {
                            createEntity.set(parentIdPSDEField.getCodeName(), serializable);
                        }
                        return dataEntityAccessManager.testDataAccessAction(UserContext.getCurrent(), dataEntityRuntime2, valueOf, pSDEServiceAPIMethod.isNeedResourceKey() ? obj2 : null, createEntity, dataAccessAction);
                    }
                    try {
                        if (obj instanceof FilterBase) {
                            final FilterBase filterBase = (FilterBase) obj;
                            ISearchContextDTO createSearchContext = dataEntityRuntime.createSearchContext(new HashMap() { // from class: cn.ibizlab.util.adapter.security.DefaultAdapterMethodSecurityExpression.1
                                {
                                    put("page", Integer.valueOf(filterBase.getPage()));
                                    put("size", Integer.valueOf(filterBase.getSize()));
                                    put("sort", filterBase.getSort());
                                }
                            });
                            boolean testDataAccessAction = dataEntityAccessManager.testDataAccessAction(UserContext.getCurrent(), dataEntityRuntime2, valueOf, createSearchContext, dataAccessAction);
                            if (testDataAccessAction) {
                                CachedBeanCopier.copyFilterDto2Entity(createSearchContext, filterBase);
                            }
                            return testDataAccessAction;
                        }
                    } catch (Exception e) {
                        log.error("数据权限检查失败:" + e.getMessage(), e);
                        return false;
                    }
                }
            }
        }
        return false;
    }

    public void setFilterObject(Object obj) {
        this.filterObject = obj;
    }

    public Object getFilterObject() {
        return this.filterObject;
    }

    public void setReturnObject(Object obj) {
        this.returnObject = obj;
    }

    public Object getReturnObject() {
        return this.returnObject;
    }

    public Object getThis() {
        return this.target;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setThis(Object obj) {
        this.target = obj;
    }

    public SysRuntimeModelService getSysRuntimeModelService() {
        return this.sysRuntimeModelService;
    }

    public void setSysRuntimeModelService(SysRuntimeModelService sysRuntimeModelService) {
        this.sysRuntimeModelService = sysRuntimeModelService;
    }
}
