package vip.mate.core.auth.aspect;

import java.util.Collection;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.util.PatternMatchUtils;
import org.springframework.util.StringUtils;
import vip.mate.core.auth.annotation.PreAuth;
import vip.mate.core.common.entity.LoginUser;
import vip.mate.core.common.exception.TokenException;
import vip.mate.core.common.util.SecurityUtil;
import vip.mate.core.redis.core.RedisService;

@Aspect
@Component
/* loaded from: input_file:vip/mate/core/auth/aspect/PreAuthAspect.class */
public class PreAuthAspect {
    private static final Logger log = LoggerFactory.getLogger(PreAuthAspect.class);
    private static final String ALL_PERMISSION = "*:*:*";
    private final HttpServletRequest request;
    private final RedisService redisService;

    @Around("@annotation(vip.mate.core.auth.annotation.PreAuth)")
    public Object around(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        PreAuth preAuth = (PreAuth) proceedingJoinPoint.getSignature().getMethod().getAnnotation(PreAuth.class);
        if (!ObjectUtils.isEmpty(preAuth) && !hasPerm(preAuth.hasPerm())) {
            throw new TokenException("权限验证不通过");
        }
        return proceedingJoinPoint.proceed();
    }

    public boolean hasPerm(String str) {
        LoginUser username = SecurityUtil.getUsername(this.request);
        if (StringUtils.isEmpty(username)) {
            return false;
        }
        if ((StringUtils.isEmpty(username) || !StringUtils.isEmpty(str)) && !username.getAccount().equalsIgnoreCase("admin")) {
            return hasPermissions((List) ((Map) this.redisService.get("mate.permission." + username.getAccount() + "." + username.getRoleId())).get("permissions"), str);
        }
        return true;
    }

    private boolean hasPermissions(Collection<String> collection, String str) {
        return collection.stream().filter(StringUtils::hasText).anyMatch(str2 -> {
            return ALL_PERMISSION.contains(str2) || PatternMatchUtils.simpleMatch(str, str2);
        });
    }

    public PreAuthAspect(HttpServletRequest httpServletRequest, RedisService redisService) {
        this.request = httpServletRequest;
        this.redisService = redisService;
    }
}
