package cn.omisheep.authz.core.interceptor;

import cn.omisheep.authz.AuHelper;
import cn.omisheep.authz.annotation.Certificated;
import cn.omisheep.authz.annotation.Perms;
import cn.omisheep.authz.annotation.Roles;
import cn.omisheep.authz.core.NotLoginException;
import cn.omisheep.authz.core.PermissionException;
import cn.omisheep.authz.core.auth.PermLibrary;
import cn.omisheep.authz.core.auth.ipf.HttpMeta;
import cn.omisheep.authz.core.auth.rpd.PermRolesMeta;
import cn.omisheep.authz.core.init.AuCoreInitialization;
import cn.omisheep.commons.util.CollectionUtils;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Optional;
import java.util.Set;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.AnnotatedElementUtils;

@Aspect
/* loaded from: input_file:cn/omisheep/authz/core/interceptor/AuthzMethodPermissionChecker.class */
public class AuthzMethodPermissionChecker {
    private static final Logger log = LoggerFactory.getLogger(AuthzMethodPermissionChecker.class);
    private final PermLibrary permLibrary;
    private final HashMap<String, PermRolesMeta> meta = new HashMap<>();

    public AuthzMethodPermissionChecker(PermLibrary permLibrary) {
        this.permLibrary = permLibrary;
    }

    @Pointcut("@annotation(cn.omisheep.authz.annotation.Roles)")
    public void hasRoles() {
    }

    @Pointcut("@annotation(cn.omisheep.authz.annotation.Perms)")
    public void hasPerms() {
    }

    @Pointcut("@annotation(cn.omisheep.authz.annotation.Certificated)")
    public void hasCertificated() {
    }

    @Pointcut("@within(org.springframework.web.bind.annotation.RequestMapping)")
    public void hasRequestMapping() {
    }

    @Before("!hasRequestMapping() && (hasCertificated()||hasPerms()||hasRoles()) ")
    public void around(JoinPoint joinPoint) {
        try {
            Method method = joinPoint.getSignature().getDeclaringType().getMethod(joinPoint.getSignature().getName(), joinPoint.getSignature().getParameterTypes());
            Certificated certificated = (Certificated) AnnotatedElementUtils.getMergedAnnotation(method, Certificated.class);
            Perms perms = (Perms) AnnotatedElementUtils.getMergedAnnotation(method, Perms.class);
            Roles roles = (Roles) AnnotatedElementUtils.getMergedAnnotation(method, Roles.class);
            PermRolesMeta computeIfAbsent = this.meta.computeIfAbsent(joinPoint.getSignature().toLongString(), str -> {
                return AuCoreInitialization.generatePermRolesMeta(perms, roles);
            });
            HttpMeta httpMeta = AuHelper.getHttpMeta();
            if ((certificated != null || roles != null || perms != null) && !AuHelper.isLogin()) {
                throw new NotLoginException();
            }
            if (roles != null || perms != null) {
                Set set = (Set) Optional.ofNullable(httpMeta.getRoles()).orElse(this.permLibrary.getRolesByUserId(httpMeta.getUserId()));
                if (!CollectionUtils.containsSub(computeIfAbsent.getRequireRoles(), set) || CollectionUtils.containsSub(computeIfAbsent.getExcludeRoles(), set)) {
                    throw new PermissionException();
                }
                if (perms != null) {
                    Set set2 = (Set) Optional.ofNullable(httpMeta.getPermissions()).orElseGet(() -> {
                        HashSet hashSet = new HashSet();
                        set.forEach(str2 -> {
                            hashSet.addAll(this.permLibrary.getPermissionsByRole(str2));
                        });
                        return hashSet;
                    });
                    if (!CollectionUtils.containsSub(computeIfAbsent.getRequirePermissions(), set2) || CollectionUtils.containsSub(computeIfAbsent.getExcludePermissions(), set2)) {
                        throw new PermissionException();
                    }
                }
            }
        } catch (NoSuchMethodException e) {
        }
    }
}
