package cn.spatiotemporal.web.core.permission;

import cn.spatiotemporal.web.core.constants.enums.ReturnEnum;
import cn.spatiotemporal.web.core.domain.entity.admin.User;
import cn.spatiotemporal.web.core.exception.BaseBusinessException;
import java.util.List;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:cn/spatiotemporal/web/core/permission/PermissionAspect.class */
public class PermissionAspect {
    private static final Logger log = LoggerFactory.getLogger(PermissionAspect.class);

    @Pointcut("execution( * cn.spatiotemporal.web..*controller..*Controller*.*(..))")
    public void pointCut() {
    }

    @Around("pointCut()")
    public Object doAround(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        PermissionSource permissionSource = (PermissionSource) proceedingJoinPoint.getSignature().getMethod().getAnnotation(PermissionSource.class);
        if (permissionSource != null) {
            log.info(permissionSource.code());
            String code = permissionSource.code();
            if (code.contains(".")) {
                code = code.substring(0, code.indexOf("."));
            }
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication == null || (authentication.getPrincipal() instanceof String)) {
                throw new BaseBusinessException(ReturnEnum.ERROR_NO_AUTHORITY);
            }
            List<String> permissions = ((User) authentication.getPrincipal()).getPermissions();
            if (!permissions.contains(code) && !permissions.contains(permissionSource.code())) {
                throw new BaseBusinessException(ReturnEnum.ERROR_PERMISSION_DENIED);
            }
        }
        return proceedingJoinPoint.proceed();
    }
}
