package com.codingapi.security.node.service.impl;

import com.codingapi.security.client.api.ao.AcquireRolesReq;
import com.codingapi.security.client.api.ao.LoadPermissionReq;
import com.codingapi.security.client.api.ao.LoadPermissionRes;
import com.codingapi.security.client.api.ao.LoadUserUiComponentRes;
import com.codingapi.security.client.api.ao.LoadUserUiComponentsReq;
import com.codingapi.security.client.api.ao.ResourceColumn;
import com.codingapi.security.client.api.ao.UserUiComponent;
import com.codingapi.security.component.common.util.BeanUtils;
import com.codingapi.security.component.common.util.Strings;
import com.codingapi.security.consensus.SecurityResource;
import com.codingapi.security.node.db.ao.ResourceDigest;
import com.codingapi.security.node.db.ao.SsoUserAO;
import com.codingapi.security.node.db.domain.SRoleResource;
import com.codingapi.security.node.db.domain.SRoleResourceColumn;
import com.codingapi.security.node.db.domain.SRoleUser;
import com.codingapi.security.node.db.mapper.SResourceMapper;
import com.codingapi.security.node.db.mapper.SRoleMapper;
import com.codingapi.security.node.db.mapper.SRoleResourceColumnMapper;
import com.codingapi.security.node.db.mapper.SRoleResourceMapper;
import com.codingapi.security.node.db.mapper.SRoleUserMapper;
import com.codingapi.security.node.service.PermService;
import com.google.common.collect.Maps;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.TreeSet;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.PathMatcher;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/codingapi/security/node/service/impl/PermServiceImpl.class */
public class PermServiceImpl implements PermService {
    private static final Logger log = LoggerFactory.getLogger(PermServiceImpl.class);
    private static final Logger LOG = LoggerFactory.getLogger(PermServiceImpl.class);
    private static final String sqlWhereOr = " or ";
    private final SRoleResourceMapper sRoleResourceMapper;
    private final SResourceMapper resourceMapper;
    private final SRoleResourceColumnMapper sRoleResourceColumnMapper;
    private final SRoleUserMapper sRoleUserMapper;
    private final PathMatcher pathMatcher;
    private final SRoleMapper roleMapper;

    public PermServiceImpl(SRoleResourceMapper sRoleResourceMapper, SResourceMapper sResourceMapper, SRoleResourceColumnMapper sRoleResourceColumnMapper, SRoleUserMapper sRoleUserMapper, PathMatcher pathMatcher, SRoleMapper sRoleMapper) {
        this.sRoleResourceMapper = sRoleResourceMapper;
        this.resourceMapper = sResourceMapper;
        this.sRoleResourceColumnMapper = sRoleResourceColumnMapper;
        this.sRoleUserMapper = sRoleUserMapper;
        this.pathMatcher = pathMatcher;
        this.roleMapper = sRoleMapper;
    }

    @Override // com.codingapi.security.node.service.PermService
    public LoadPermissionRes loadPermission(LoadPermissionReq loadPermissionReq) {
        if (this.sRoleUserMapper.getByUserAndRootRole(loadPermissionReq.getSsoUser()) != null) {
            LoadPermissionRes loadPermissionRes = new LoadPermissionRes(true);
            loadPermissionRes.setMessage("超级用户，访问");
            loadPermissionRes.setRoles(Collections.singletonList("SUPER_ADMIN"));
            LOG.info(loadPermissionRes.getMessage());
            return loadPermissionRes;
        }
        SsoUserAO ssoUserAO = new SsoUserAO();
        ssoUserAO.setUserId(loadPermissionReq.getSsoUser().getUserId());
        ssoUserAO.setUserType(loadPermissionReq.getSsoUser().getUserType());
        List<String> findRoleNamesByUserAndAppId = this.sRoleUserMapper.findRoleNamesByUserAndAppId(ssoUserAO.getUserId(), ssoUserAO.getUserType(), loadPermissionReq.getAppId());
        if (findRoleNamesByUserAndAppId.isEmpty() && Objects.nonNull(loadPermissionReq.getAppId())) {
            return LoadPermissionRes.fail("无权访问[" + loadPermissionReq.getAppId() + "]任何API. 申请角色后访问");
        }
        List<SRoleResource> findByApiAndUser = Objects.isNull(loadPermissionReq.getAppId()) ? this.sRoleResourceMapper.findByApiAndUser(loadPermissionReq.getMethod(), loadPermissionReq.getUrl(), ssoUserAO) : this.sRoleResourceMapper.findByApiAndUserAndAppId(loadPermissionReq.getMethod(), loadPermissionReq.getUrl(), ssoUserAO, loadPermissionReq.getAppId());
        if (findByApiAndUser.isEmpty()) {
            findByApiAndUser = Objects.isNull(loadPermissionReq.getAppId()) ? this.sRoleResourceMapper.findByApiAndUser("ANY", loadPermissionReq.getUrl(), ssoUserAO) : this.sRoleResourceMapper.findByApiAndUserAndAppId("ANY", loadPermissionReq.getUrl(), ssoUserAO, loadPermissionReq.getAppId());
        }
        if (findByApiAndUser.size() <= 0) {
            List<String> findUrlByUserAndMethodAndAppId = this.sRoleResourceMapper.findUrlByUserAndMethodAndAppId(ssoUserAO, loadPermissionReq.getMethod(), loadPermissionReq.getAppId());
            findUrlByUserAndMethodAndAppId.addAll(this.sRoleResourceMapper.findUrlByUserAndMethodAndAppId(ssoUserAO, "ANY", loadPermissionReq.getAppId()));
            log.debug("User: {} have [{}] Perm patterns: {}", new Object[]{ssoUserAO, loadPermissionReq.getMethod(), findUrlByUserAndMethodAndAppId});
            Iterator<String> it = findUrlByUserAndMethodAndAppId.iterator();
            while (it.hasNext()) {
                if (this.pathMatcher.match(it.next(), loadPermissionReq.getUrl())) {
                    LoadPermissionRes loadPermissionRes2 = new LoadPermissionRes(true);
                    loadPermissionRes2.setRoles(findRoleNamesByUserAndAppId);
                    loadPermissionRes2.setMessage("批量授权");
                    loadPermissionRes2.setSecurityResource(new SecurityResource(false));
                    return loadPermissionRes2;
                }
            }
            return LoadPermissionRes.fail("您无权访问[" + loadPermissionReq.getMethod() + "] " + loadPermissionReq.getUrl());
        }
        SecurityResource securityResource = new SecurityResource(false);
        StringBuilder sb = new StringBuilder();
        for (SRoleResource sRoleResource : findByApiAndUser) {
            if (!StringUtils.isEmpty(sRoleResource.getExpression())) {
                sb.append(sRoleResource.getExpression()).append(sqlWhereOr);
            }
            List<SRoleResourceColumn> findByRoleResource = this.sRoleResourceColumnMapper.findByRoleResource(sRoleResource.getRoleId(), sRoleResource.getResourceId());
            if (findByRoleResource.size() > 0) {
                findByRoleResource.forEach(sRoleResourceColumn -> {
                    securityResource.put(Strings.underlineToHump(sRoleResourceColumn.getColumn()), "");
                });
                securityResource.setValid(true);
            }
        }
        if (sb.indexOf(sqlWhereOr) != -1) {
            sb.delete(sb.length() - 4, sb.length());
        }
        LoadPermissionRes loadPermissionRes3 = new LoadPermissionRes(true);
        loadPermissionRes3.setExpression(sb.length() > 0 ? sb.toString() : null);
        loadPermissionRes3.setSecurityResource(securityResource);
        loadPermissionRes3.setRoles(new ArrayList(findRoleNamesByUserAndAppId));
        LOG.debug("LoadPermissionRes: {}", loadPermissionRes3);
        return loadPermissionRes3;
    }

    @Override // com.codingapi.security.node.service.PermService
    public LoadUserUiComponentRes userUiComponents(LoadUserUiComponentsReq loadUserUiComponentsReq) {
        boolean z = this.sRoleUserMapper.getByUserAndRootRole(loadUserUiComponentsReq.getSsoUserInfo()) != null;
        List<ResourceDigest> findResourceIdAndTagListByAppId = (z || loadUserUiComponentsReq.isLoadAll()) ? this.resourceMapper.findResourceIdAndTagListByAppId(loadUserUiComponentsReq.getAppId()) : this.resourceMapper.findResourceIdAndTagListBySsoUser((SsoUserAO) BeanUtils.copyPropertiesAndNew(loadUserUiComponentsReq.getSsoUserInfo(), SsoUserAO.class), loadUserUiComponentsReq.getAppId());
        HashMap hashMap = new HashMap((int) (findResourceIdAndTagListByAppId.size() / 0.75d));
        for (ResourceDigest resourceDigest : findResourceIdAndTagListByAppId) {
            List<ResourceColumn> findByResourceAndRoleId = this.sRoleResourceColumnMapper.findByResourceAndRoleId(resourceDigest.getId(), resourceDigest.getRoleId());
            if (hashMap.containsKey(resourceDigest.getTag())) {
                UserUiComponent userUiComponent = (UserUiComponent) hashMap.get(resourceDigest.getTag());
                if (findByResourceAndRoleId.size() > 0) {
                    userUiComponent.getResourceColumns().addAll(findByResourceAndRoleId);
                }
            } else {
                TreeSet treeSet = new TreeSet(Comparator.comparing((v0) -> {
                    return v0.getOrder();
                }));
                treeSet.addAll(findByResourceAndRoleId);
                hashMap.put(resourceDigest.getTag(), new UserUiComponent(resourceDigest.getId(), resourceDigest.getSuperId(), resourceDigest.getTag(), treeSet));
            }
        }
        List list = (List) hashMap.values().stream().sorted(Comparator.comparingLong((v0) -> {
            return v0.getId();
        })).collect(Collectors.toList());
        LOG.debug("components: {}", list);
        return (list.size() == 0 && this.sRoleUserMapper.getByUserAndRootRole(loadUserUiComponentsReq.getSsoUserInfo()) == null) ? new LoadUserUiComponentRes(true, false, 0, (List) null, "无任何权限") : new LoadUserUiComponentRes(true, z, list.size(), list, "ok");
    }

    @Override // com.codingapi.security.node.service.PermService
    @Transactional
    public void acquireRoles(AcquireRolesReq acquireRolesReq) {
        acquireRolesReq.getRolesMap().forEach((str, list) -> {
            log.info("AppId: {}, Roles: {}", str, list);
            this.sRoleUserMapper.deleteByUserAndAppId(acquireRolesReq.getUserId(), acquireRolesReq.getUserType(), str);
            Maps.uniqueIndex(this.roleMapper.findIdsByNames(list, str), (v0) -> {
                return v0.getName();
            }).forEach((str, sRole) -> {
                SRoleUser sRoleUser = new SRoleUser();
                sRoleUser.setUserId(acquireRolesReq.getUserId());
                sRoleUser.setRoleId(sRole.getId());
                sRoleUser.setUserType(acquireRolesReq.getUserType());
                log.info("Saved Role: {}, User: {}[{}]", new Object[]{str, acquireRolesReq.getUserId(), acquireRolesReq.getUserType()});
                this.sRoleUserMapper.save(sRoleUser);
            });
        });
    }
}
