package com.artfess.base.interceptor;

import com.alibaba.fastjson.JSONObject;
import com.artfess.base.aop.DataPermissionAspect;
import com.artfess.base.exception.ApplicationException;
import com.artfess.base.util.AppUtil;
import com.artfess.base.util.AuthenticationUtil;
import com.artfess.base.util.BeanUtils;
import com.artfess.base.util.StringUtil;
import com.artfess.base.util.string.StringPool;
import com.baomidou.mybatisplus.core.enums.IEnum;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.baomidou.mybatisplus.extension.handlers.AbstractSqlParserHandler;
import java.sql.Connection;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.ParameterMapping;
import org.apache.ibatis.mapping.ParameterMode;
import org.apache.ibatis.mapping.SqlCommandType;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.ibatis.plugin.Intercepts;
import org.apache.ibatis.plugin.Invocation;
import org.apache.ibatis.plugin.Plugin;
import org.apache.ibatis.plugin.Signature;
import org.apache.ibatis.reflection.DefaultReflectorFactory;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.reflection.SystemMetaObject;
import org.apache.ibatis.session.Configuration;
import org.apache.ibatis.type.TypeHandlerRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.ResultSetExtractor;
import org.springframework.jdbc.support.rowset.SqlRowSet;
import org.springframework.jdbc.support.rowset.SqlRowSetMetaData;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class, Integer.class})})
/* loaded from: input_file:com/artfess/base/interceptor/DataPermissionInterceptor.class */
public class DataPermissionInterceptor extends AbstractSqlParserHandler implements Interceptor {
    private static final Logger log = LoggerFactory.getLogger(DataPermissionInterceptor.class);
    private Logger logger = LoggerFactory.getLogger(DataPermissionInterceptor.class);

    public Object intercept(Invocation invocation) throws Throwable {
        StatementHandler statementHandler = (StatementHandler) invocation.getTarget();
        MetaObject forObject = MetaObject.forObject(statementHandler, SystemMetaObject.DEFAULT_OBJECT_FACTORY, SystemMetaObject.DEFAULT_OBJECT_WRAPPER_FACTORY, new DefaultReflectorFactory());
        MappedStatement mappedStatement = (MappedStatement) forObject.getValue("delegate.mappedStatement");
        BoundSql boundSql = statementHandler.getBoundSql();
        try {
            ServletRequestAttributes currentRequestAttributes = RequestContextHolder.currentRequestAttributes();
            if (!"field".equals(currentRequestAttributes.getRequest().getParameter("export"))) {
                String sql = boundSql.getSql();
                forObject.setValue("delegate.boundSql.sql", sql);
                Map<String, Object> mapThreadLocal = AuthenticationUtil.getMapThreadLocal();
                if (!BeanUtils.isEmpty(mapThreadLocal) && mappedStatement.getSqlCommandType().compareTo(SqlCommandType.SELECT) != 0) {
                    String str = StringPool.EMPTY;
                    String str2 = StringPool.EMPTY;
                    if (mapThreadLocal.containsKey(DataPermissionAspect.CREATE_BY_)) {
                        str = " CREATE_BY_ =  " + mapThreadLocal.get(DataPermissionAspect.CREATE_BY_);
                    }
                    if (mapThreadLocal.containsKey(DataPermissionAspect.CREATE_ORG_ID_)) {
                        str2 = getInSql(DataPermissionAspect.CREATE_ORG_ID_, (Set) mapThreadLocal.get(DataPermissionAspect.CREATE_ORG_ID_));
                    }
                    if (StringUtil.isNotEmpty(str)) {
                        str2 = str + " or " + str2;
                    }
                    if (StringUtil.isNotEmpty(str2)) {
                        sql = sql + " and ( " + str2 + ") ";
                    }
                    this.logger.debug(" custom sql " + sql);
                    forObject.setValue("delegate.boundSql.sql", sql);
                    return invocation.proceed();
                }
                return invocation.proceed();
            }
            HttpServletResponse response = currentRequestAttributes.getResponse();
            String lowerCase = boundSql.getSql().replaceAll("\\s+", StringPool.SPACE).toLowerCase();
            ArrayList<ParameterMapping> arrayList = new ArrayList(boundSql.getParameterMappings());
            Object parameterObject = boundSql.getParameterObject();
            Configuration configuration = mappedStatement.getConfiguration();
            TypeHandlerRegistry typeHandlerRegistry = configuration.getTypeHandlerRegistry();
            try {
                sqlParser(forObject);
                String str3 = StringPool.NULL;
                MetaObject newMetaObject = configuration.newMetaObject(parameterObject);
                for (ParameterMapping parameterMapping : arrayList) {
                    if (parameterMapping.getMode() != ParameterMode.OUT) {
                        String property = parameterMapping.getProperty();
                        if (typeHandlerRegistry.hasTypeHandler(parameterObject.getClass())) {
                            str3 = getParameterValue(parameterObject);
                        } else if (newMetaObject.hasGetter(property)) {
                            str3 = getParameterValue(newMetaObject.getValue(property));
                        } else if (boundSql.hasAdditionalParameter(property)) {
                            str3 = getParameterValue(boundSql.getAdditionalParameter(property));
                        }
                        lowerCase = lowerCase.replaceFirst("\\?", str3);
                    }
                }
            } catch (Exception e) {
                log.error(String.format("intercept sql error: [%s]", lowerCase), e);
            }
            List<TableField> sqlFields = getSqlFields((JdbcTemplate) AppUtil.getBean(JdbcTemplate.class), lowerCase);
            ServletOutputStream outputStream = response.getOutputStream();
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("fields", sqlFields);
            outputStream.write(jSONObject.toString().getBytes());
            outputStream.flush();
            return null;
        } catch (Exception e2) {
            return invocation.proceed();
        }
    }

    public Object plugin(Object obj) {
        return Plugin.wrap(obj, this);
    }

    public void setProperties(Properties properties) {
        this.logger.debug(" properties " + properties.toString());
    }

    private String getInSql(String str, Set<String> set) {
        StringBuffer stringBuffer = new StringBuffer(" (");
        ArrayList arrayList = new ArrayList();
        int i = 1;
        for (String str2 : set) {
            if (i > 500) {
                stringBuffer.append(str + " in (" + String.join(",", arrayList) + StringPool.RIGHT_BRACKET);
                arrayList = new ArrayList();
                i = 1;
            }
            arrayList.add(str2);
            i++;
        }
        if (BeanUtils.isNotEmpty(arrayList)) {
            stringBuffer.append(str + " in (" + String.join(",", arrayList) + StringPool.RIGHT_BRACKET);
        }
        stringBuffer.append(StringPool.RIGHT_BRACKET);
        return stringBuffer.toString();
    }

    public ResultSetExtractor<?> getResultSetExtractor() {
        return new SQLRowSetOracleResultSetExtractor();
    }

    public List<TableField> getSqlFields(JdbcTemplate jdbcTemplate, String str) {
        if (str.indexOf("update ") != -1 || str.indexOf("delete ") != -1 || str.indexOf("truncate ") != -1 || str.indexOf("create ") != -1 || str.indexOf("select") != 0) {
            throw new ApplicationException("SQL语句只能是查询语句。");
        }
        SqlRowSet sqlRowSet = (SqlRowSet) jdbcTemplate.query("select * from (" + str + ") t limit 1", getResultSetExtractor());
        ArrayList arrayList = new ArrayList();
        try {
            SqlRowSetMetaData metaData = sqlRowSet.getMetaData();
            for (int i = 1; i < metaData.getColumnCount() + 1; i++) {
                String lowerCase = metaData.getColumnName(i).toLowerCase();
                String lowerCase2 = metaData.getTableName(i).toLowerCase();
                String lowerCase3 = metaData.getColumnTypeName(i).toLowerCase();
                metaData.getCatalogName(i).toLowerCase();
                String str2 = StringPool.EMPTY;
                try {
                    str2 = (String) jdbcTemplate.queryForObject("select column_comment from information_schema.columns where table_schema ='yhxt' and table_name=? and column_name=?", new Object[]{lowerCase2, lowerCase}, String.class);
                } catch (EmptyResultDataAccessException e) {
                    System.out.println("**********" + lowerCase);
                }
                TableField tableField = new TableField();
                tableField.setFieldDesc(str2);
                tableField.setTableName(lowerCase2);
                tableField.setDataType(lowerCase3);
                tableField.setFieldName(lowerCase);
                arrayList.add(tableField);
            }
            return arrayList;
        } catch (Exception e2) {
            throw new ApplicationException("解析SQL出错" + e2.getMessage());
        }
    }

    private static String getParameterValue(Object obj) {
        if (obj == null) {
            return StringPool.NULL;
        }
        if (obj instanceof Number) {
            return obj.toString();
        }
        String str = null;
        if (obj instanceof String) {
            str = obj.toString();
        } else if (!(obj instanceof Date)) {
            str = obj instanceof IEnum ? String.valueOf(((IEnum) obj).getValue()) : obj.toString();
        }
        return StringUtils.quotaMark(str);
    }
}
