package cn.featherfly.permission.web.springmvc.interceptor;

import cn.featherfly.common.lang.LangUtils;
import cn.featherfly.common.locale.ResourceBundleUtils;
import cn.featherfly.permission.Privilege;
import cn.featherfly.permission.web.WebPrivilegeFacotry;
import cn.featherfly.permission.web.login.WebApplicationLoginManager;
import cn.featherfly.web.servlet.ServletUtils;
import cn.featherfly.web.spring.servlet.view.Result;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:cn/featherfly/permission/web/springmvc/interceptor/PermissionInterceptor.class */
public class PermissionInterceptor implements HandlerInterceptor {
    private String redirectURL;
    private boolean autoRedirect;
    private WebPrivilegeFacotry facotry;
    private WebApplicationLoginManager applicationLoginManager;
    protected Logger logger = LoggerFactory.getLogger(getClass());
    private ObjectMapper objectMapper = new ObjectMapper();
    private String charset = "UTF-8";
    private Collection<String> excludes = new HashSet();
    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        Privilege create;
        Result result = new Result();
        result.setStatus(0);
        String requestURI = ServletUtils.getRequestURI(httpServletRequest);
        this.logger.debug("uri -> {}", requestURI);
        boolean z = false;
        Iterator<String> it = this.excludes.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (this.antPathMatcher.match(it.next(), requestURI)) {
                z = true;
                break;
            }
        }
        if (z || (create = this.facotry.create(httpServletRequest)) == null || this.applicationLoginManager.getLoginInfo(httpServletRequest).getActor().hasPrivilege(create)) {
            return true;
        }
        String name = create.getName();
        if (LangUtils.isEmpty(name)) {
            name = httpServletRequest.getMethod().toUpperCase() + ":" + requestURI;
        }
        result.setMessage(ResourceBundleUtils.getString("@permission#privilege.not.auth", new Object[]{name}));
        if (httpServletRequest.getHeader("Accept").contains("application/json")) {
            httpServletResponse.setStatus(403);
            render(httpServletResponse, result);
            return false;
        }
        String str = this.redirectURL;
        if (LangUtils.isEmpty(str)) {
            str = httpServletRequest.getHeader("Referer");
        }
        if (this.autoRedirect && LangUtils.isNotEmpty(str)) {
            httpServletResponse.sendRedirect(str);
            return false;
        }
        httpServletResponse.sendError(403, result.getMessage());
        return false;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    private void render(HttpServletResponse httpServletResponse, Object obj) {
        try {
            httpServletResponse.setContentType("application/json;charset=" + this.charset);
            httpServletResponse.setCharacterEncoding(this.charset);
            this.objectMapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY).writerFor(obj.getClass()).writeValue(httpServletResponse.getOutputStream(), obj);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public void setRedirectURL(String str) {
        this.redirectURL = str;
    }

    public void setCharset(String str) {
        this.charset = str;
    }

    public void setFacotry(WebPrivilegeFacotry webPrivilegeFacotry) {
        this.facotry = webPrivilegeFacotry;
    }

    public boolean isAutoRedirect() {
        return this.autoRedirect;
    }

    public void setAutoRedirect(boolean z) {
        this.autoRedirect = z;
    }

    public Collection<String> getExcludes() {
        return this.excludes;
    }

    public void setExcludes(Collection<String> collection) {
        this.excludes = collection;
    }

    public String getCharset() {
        return this.charset;
    }

    public WebPrivilegeFacotry getFacotry() {
        return this.facotry;
    }

    public void setApplicationLoginManager(WebApplicationLoginManager webApplicationLoginManager) {
        this.applicationLoginManager = webApplicationLoginManager;
    }
}
