package cn.omisheep.authz.core.interceptor;

import cn.omisheep.authz.core.auth.ipf.HttpMeta;
import cn.omisheep.authz.core.auth.rpd.DataPermRolesMeta;
import cn.omisheep.authz.core.auth.rpd.FieldDataPermRolesMeta;
import cn.omisheep.authz.core.util.ArgsParser;
import cn.omisheep.commons.util.CollectionUtils;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Stream;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.parser.CCJSqlParserUtil;
import net.sf.jsqlparser.statement.select.PlainSelect;

/* loaded from: input_file:cn/omisheep/authz/core/interceptor/DefaultDataSecurityInterceptor.class */
public class DefaultDataSecurityInterceptor implements DataFinderSecurityInterceptor {
    @Override // cn.omisheep.authz.core.interceptor.DataFinderSecurityInterceptor
    public String sqlChange(HttpMeta httpMeta, List<DataPermRolesMeta> list, Class<?> cls, String str) throws JSQLParserException {
        if (list == null || list.size() == 0) {
            return str;
        }
        Set<String> roles = httpMeta.getRoles();
        Set<String> permissions = httpMeta.getPermissions();
        Iterator it = list.stream().filter(dataPermRolesMeta -> {
            return (dataPermRolesMeta.non() && httpMeta.hasToken()) || CollectionUtils.containsSub(dataPermRolesMeta.getRequireRoles(), roles) || CollectionUtils.containsSub(dataPermRolesMeta.getRequirePermissions(), permissions) || !CollectionUtils.containsSub(dataPermRolesMeta.getExcludeRoles(), roles) || !CollectionUtils.containsSub(dataPermRolesMeta.getExcludePermissions(), permissions);
        }).map(ArgsParser::parse).iterator();
        if (!it.hasNext()) {
            return str;
        }
        PlainSelect selectBody = CCJSqlParserUtil.parse(str).getSelectBody();
        Expression where = selectBody.getWhere();
        StringBuilder sb = new StringBuilder();
        sb.append(" ( ");
        while (it.hasNext()) {
            sb.append((String) it.next());
            if (it.hasNext()) {
                sb.append(" OR ");
            } else if (where != null) {
                sb.append(" ) AND ").append(where);
            } else {
                sb.append(" ) ");
            }
        }
        return selectBody.withWhere(CCJSqlParserUtil.parseCondExpression(sb.toString())).toString();
    }

    @Override // cn.omisheep.authz.core.interceptor.DataFinderSecurityInterceptor
    public Object dataTrim(HttpMeta httpMeta, Map<String, FieldDataPermRolesMeta> map, Class<?> cls, Object obj) {
        try {
            Set<String> roles = httpMeta.getRoles();
            Set<String> permissions = httpMeta.getPermissions();
            ArrayList arrayList = new ArrayList();
            Stream<R> map2 = map.entrySet().stream().filter(entry -> {
                return (((FieldDataPermRolesMeta) entry.getValue()).non() && !httpMeta.hasToken()) || !CollectionUtils.containsSub(((FieldDataPermRolesMeta) entry.getValue()).getRoles().getRequire(), roles) || !CollectionUtils.containsSub(((FieldDataPermRolesMeta) entry.getValue()).getPermissions().getRequire(), permissions) || CollectionUtils.containsSub(((FieldDataPermRolesMeta) entry.getValue()).getRoles().getExclude(), roles) || CollectionUtils.containsSub(((FieldDataPermRolesMeta) entry.getValue()).getPermissions().getExclude(), permissions);
            }).map((v0) -> {
                return v0.getKey();
            });
            arrayList.getClass();
            map2.forEach((v1) -> {
                r1.add(v1);
            });
            if (obj instanceof Collection) {
                ((Collection) obj).forEach(obj2 -> {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        try {
                            Field declaredField = cls.getDeclaredField((String) it.next());
                            declaredField.setAccessible(true);
                            declaredField.set(obj2, null);
                        } catch (Exception e) {
                        }
                    }
                });
            }
            return obj;
        } catch (Exception e) {
            return obj;
        }
    }
}
