package com.artfess.base.aop;

import com.artfess.base.constants.CacheKeyConst;
import com.artfess.base.exception.BaseException;
import com.artfess.base.query.FieldRelation;
import com.artfess.base.query.QueryFilter;
import com.artfess.base.query.QueryOP;
import com.artfess.base.util.AuthenticationUtil;
import com.artfess.base.util.BeanUtils;
import com.artfess.base.util.HttpUtil;
import com.artfess.base.util.JsonUtil;
import com.artfess.base.util.StringUtil;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:com/artfess/base/aop/DataPermissionAspect.class */
public class DataPermissionAspect {
    private Logger logger = LoggerFactory.getLogger(DataPermissionAspect.class);
    private static final String LOGIN_USER = "loginUser";
    private static final String LOGIN_USER_ORGS = "loginUserOrgs";
    private static final String LOGIN_USER_SUB_ORGS = "loginUserSubOrgs";
    private static final String CUSTOM_ORGS = "customOrgs";
    public static final String CREATE_BY_ = "CREATE_BY_";
    public static final String CREATE_ORG_ID_ = "CREATE_ORG_ID_";

    @Resource
    AopCacheHelper aopCacheHelper;

    @Around("execution(* *..*Controller.*(..)) && @annotation(com.artfess.base.annotation.DataPermission)")
    public Object dataPermission(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        Object[] args = proceedingJoinPoint.getArgs();
        HttpServletRequest request = HttpUtil.getRequest();
        if (request == null) {
            return proceedingJoinPoint.proceed();
        }
        String requestURI = request.getRequestURI();
        this.logger.debug(" 请求地址   " + requestURI);
        Set<String> currentUserRolesAlias = AuthenticationUtil.getCurrentUserRolesAlias();
        HashMap hashMap = new HashMap();
        Iterator<String> it = currentUserRolesAlias.iterator();
        while (it.hasNext()) {
            getDataPermission(CacheKeyConst.EIP_SYS_DATA_PERMISSION_KEY + it.next() + requestURI, hashMap);
        }
        for (Object obj : args) {
            if (obj instanceof QueryFilter) {
                QueryFilter queryFilter = (QueryFilter) obj;
                if (hashMap.containsKey(CREATE_BY_)) {
                    queryFilter.addFilter(CREATE_BY_, hashMap.get(CREATE_BY_).toString(), QueryOP.EQUAL, FieldRelation.OR, "dataPermission");
                }
                if (hashMap.containsKey(CREATE_ORG_ID_) && BeanUtils.isNotEmpty(hashMap.get(CREATE_ORG_ID_))) {
                    queryFilter.addFilter(CREATE_ORG_ID_, String.join(",", (Set) hashMap.get(CREATE_ORG_ID_)), QueryOP.IN, FieldRelation.OR, "dataPermission");
                }
            }
        }
        AuthenticationUtil.setMapThreadLocal(hashMap);
        Object proceed = proceedingJoinPoint.proceed();
        AuthenticationUtil.removeMapThreadLocal();
        return proceed;
    }

    private void getDataPermission(String str, Map<String, Object> map) {
        String dataPermissionFromCache = this.aopCacheHelper.getDataPermissionFromCache(str);
        try {
            if (StringUtil.isEmpty(dataPermissionFromCache)) {
                return;
            }
            ArrayNode jsonNode = JsonUtil.toJsonNode(dataPermissionFromCache);
            HashSet hashSet = new HashSet();
            Iterator it = jsonNode.iterator();
            while (it.hasNext()) {
                JsonNode jsonNode2 = (JsonNode) it.next();
                String asText = jsonNode2.get("type").asText();
                if (LOGIN_USER.equals(asText) && !map.containsKey(CREATE_BY_)) {
                    map.put(CREATE_BY_, AuthenticationUtil.getCurrentUserId());
                }
                if (LOGIN_USER_ORGS.equals(asText) && AuthenticationUtil.getCurrentUserOrgIds() != null) {
                    hashSet.add(AuthenticationUtil.getCurrentUserOrgIds());
                }
                if (LOGIN_USER_SUB_ORGS.equals(asText) && AuthenticationUtil.getCurrentUserSubOrgIds() != null) {
                    hashSet.add(AuthenticationUtil.getCurrentUserSubOrgIds());
                }
                if (CUSTOM_ORGS.equals(asText)) {
                    Iterator it2 = jsonNode2.get("orgs").iterator();
                    while (it2.hasNext()) {
                        hashSet.add(((JsonNode) it2.next()).get("id").asText());
                    }
                }
            }
            map.put(CREATE_ORG_ID_, hashSet);
        } catch (IOException e) {
            e.printStackTrace();
            throw new BaseException(" 转换数据权限设置失败，未能正确获取数据 ", e);
        }
    }
}
