package xyz.erupt.magicapi.interceptor;

import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;
import org.ssssssss.magicapi.core.context.MagicUser;
import org.ssssssss.magicapi.core.exception.MagicLoginException;
import org.ssssssss.magicapi.core.interceptor.Authorization;
import org.ssssssss.magicapi.core.interceptor.AuthorizationInterceptor;
import org.ssssssss.magicapi.core.interceptor.RequestInterceptor;
import org.ssssssss.magicapi.core.model.ApiInfo;
import org.ssssssss.magicapi.core.model.BaseDefinition;
import org.ssssssss.magicapi.core.model.Group;
import org.ssssssss.magicapi.core.model.JsonBean;
import org.ssssssss.magicapi.core.model.MagicEntity;
import org.ssssssss.magicapi.core.model.Options;
import org.ssssssss.magicapi.datasource.model.DataSourceInfo;
import org.ssssssss.magicapi.function.model.FunctionInfo;
import org.ssssssss.script.MagicScriptContext;
import xyz.erupt.core.exception.EruptWebApiRuntimeException;
import xyz.erupt.core.module.MetaUserinfo;
import xyz.erupt.magicapi.EruptMagicApiAutoConfiguration;
import xyz.erupt.upms.service.EruptUserService;

@Component
/* loaded from: input_file:xyz/erupt/magicapi/interceptor/EruptMagicAPIRequestInterceptor.class */
public class EruptMagicAPIRequestInterceptor implements RequestInterceptor, AuthorizationInterceptor {
    private final EruptUserService eruptUserService;
    private final HttpServletRequest request;
    private static final String NO_PERMISSION = "权限不足！";
    private static final String LOGIN_EXPIRE = "登录凭证失效！";

    public Object preHandle(ApiInfo apiInfo, MagicScriptContext magicScriptContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String objects = Objects.toString(apiInfo.getOptionValue(Options.PERMISSION), "");
        String objects2 = Objects.toString(apiInfo.getOptionValue(Options.ROLE), "");
        String objects3 = Objects.toString(apiInfo.getOptionValue(Options.REQUIRE_LOGIN), "");
        boolean z = this.eruptUserService.getCurrentUid() != null;
        if (StringUtils.isNotBlank(objects3) && !z) {
            return new JsonBean(401, LOGIN_EXPIRE);
        }
        if (!StringUtils.isNotBlank(objects2) && !StringUtils.isNotBlank(objects)) {
            return null;
        }
        if (!z) {
            return new JsonBean(401, LOGIN_EXPIRE);
        }
        MetaUserinfo simpleUserInfo = this.eruptUserService.getSimpleUserInfo();
        if (simpleUserInfo.isSuperAdmin()) {
            return null;
        }
        if (StringUtils.isNotBlank(objects) && this.eruptUserService.getEruptMenuByValue(objects) == null) {
            return new JsonBean(403, NO_PERMISSION);
        }
        if (!StringUtils.isNotBlank(objects2)) {
            return null;
        }
        Stream stream = simpleUserInfo.getRoles().stream();
        objects2.getClass();
        if (stream.noneMatch((v1) -> {
            return r1.equals(v1);
        })) {
            return new JsonBean(403, NO_PERMISSION);
        }
        return null;
    }

    public boolean requireLogin() {
        Optional.ofNullable(this.request.getHeader("Magic-Token")).ifPresent(str -> {
            if ("unauthorization".equals(str)) {
                return;
            }
            this.request.setAttribute("MAGIC_API_ATTRIBUTE_USER", getUserByToken(str));
        });
        return false;
    }

    public MagicUser getUserByToken(String str) {
        MetaUserinfo simpleUserInfoByToken = this.eruptUserService.getSimpleUserInfoByToken(str);
        if (null == simpleUserInfoByToken) {
            throw new MagicLoginException(LOGIN_EXPIRE);
        }
        return new MagicUser(simpleUserInfoByToken.getAccount(), simpleUserInfoByToken.getUsername(), str);
    }

    public boolean allowVisit(MagicUser magicUser, HttpServletRequest httpServletRequest, Authorization authorization) {
        if (Authorization.RELOAD == authorization) {
            return true;
        }
        if (this.eruptUserService.getCurrentUid() == null) {
            throw new EruptWebApiRuntimeException(LOGIN_EXPIRE);
        }
        if (null == this.eruptUserService.getEruptMenuByValue(EruptMagicApiAutoConfiguration.MAGIC_API_MENU_PREFIX + authorization.name())) {
            throw new EruptWebApiRuntimeException(NO_PERMISSION);
        }
        return true;
    }

    public boolean allowVisit(MagicUser magicUser, HttpServletRequest httpServletRequest, Authorization authorization, Group group) {
        if (null == this.eruptUserService.getCurrentUid()) {
            throw new EruptWebApiRuntimeException(LOGIN_EXPIRE);
        }
        if (this.eruptUserService.getSimpleUserInfo().isSuperAdmin() || group.getOptions().size() <= 0) {
            return true;
        }
        MetaUserinfo simpleUserInfo = this.eruptUserService.getSimpleUserInfo();
        for (BaseDefinition baseDefinition : group.getOptions()) {
            if (null != baseDefinition.getValue() && StringUtils.isNotBlank(baseDefinition.getValue().toString())) {
                if (Options.ROLE.getValue().equals(baseDefinition.getName())) {
                    return simpleUserInfo.getRoles().stream().anyMatch(str -> {
                        return str.equals(baseDefinition.getValue());
                    });
                }
                if (Options.PERMISSION.getValue().equals(baseDefinition.getName())) {
                    return null != this.eruptUserService.getEruptMenuByValue(baseDefinition.getValue().toString());
                }
            }
        }
        return true;
    }

    public boolean allowVisit(MagicUser magicUser, HttpServletRequest httpServletRequest, Authorization authorization, MagicEntity magicEntity) {
        if (magicEntity instanceof FunctionInfo) {
            if (Authorization.SAVE == authorization || Authorization.DELETE == authorization) {
                return this.eruptUserService.getEruptMenuByValue("ERUPT_MAGIC_FUNCTION") != null;
            }
        } else if ((magicEntity instanceof DataSourceInfo) && (Authorization.SAVE == authorization || Authorization.DELETE == authorization)) {
            return this.eruptUserService.getEruptMenuByValue("ERUPT_MAGIC_DATASOURCE") != null;
        }
        return super.allowVisit(magicUser, httpServletRequest, authorization, magicEntity);
    }

    public EruptMagicAPIRequestInterceptor(EruptUserService eruptUserService, HttpServletRequest httpServletRequest) {
        this.eruptUserService = eruptUserService;
        this.request = httpServletRequest;
    }
}
