package com.jhscale.security.node.service.impl;

import com.jhscale.common.content.JHContents;
import com.jhscale.common.utils.JSONUtils;
import com.jhscale.common.utils.PojoUtils;
import com.jhscale.security.component.consensus.map.SecurityResource;
import com.jhscale.security.component.consensus.message.SsoUserInfo;
import com.jhscale.security.component.consensus.model.AcquireRolesReq;
import com.jhscale.security.component.consensus.model.LoadPermissionReq;
import com.jhscale.security.component.consensus.model.LoadPermissionRes;
import com.jhscale.security.component.consensus.model.LoadUserUiComponentRes;
import com.jhscale.security.component.consensus.model.LoadUserUiComponentsReq;
import com.jhscale.security.component.consensus.model.ResourceColumn;
import com.jhscale.security.component.consensus.model.UserUiComponent;
import com.jhscale.security.component.tools.utils.Strings;
import com.jhscale.security.framework.node.dto.ResourceScopes;
import com.jhscale.security.framework.node.dto.RoleInfo;
import com.jhscale.security.framework.node.dto.ScopeInfo;
import com.jhscale.security.framework.node.em.RoleScopeEnum;
import com.jhscale.security.node.SecurityNodeConstants;
import com.jhscale.security.node.SubNodeAssistService;
import com.jhscale.security.node.ato.resource.ScopeInfoFull;
import com.jhscale.security.node.ato.role.Role;
import com.jhscale.security.node.compont.scope.ScopeTypeChildEvent;
import com.jhscale.security.node.dto.DeleteRoleUserByUserAndAppId;
import com.jhscale.security.node.dto.ResourceAndRole;
import com.jhscale.security.node.dto.ResourceDigest;
import com.jhscale.security.node.dto.RoleNameByUserAndAppId;
import com.jhscale.security.node.dto.RoleResource;
import com.jhscale.security.node.dto.RoleResourceByMethodUrlUser;
import com.jhscale.security.node.dto.RoleResourceByUserAndAppId;
import com.jhscale.security.node.exp.SecurityNodeException;
import com.jhscale.security.node.exp.SecurityNodeInternational;
import com.jhscale.security.node.mapper.SResourceMapper;
import com.jhscale.security.node.mapper.SRoleResourceColumnMapper;
import com.jhscale.security.node.mapper.SRoleResourceMapper;
import com.jhscale.security.node.mapper.SRoleUserMapper;
import com.jhscale.security.node.mapper.SSubUserMapper;
import com.jhscale.security.node.pojo.SRoleResourceColumn;
import com.jhscale.security.node.pojo.SRoleResourceColumnExample;
import com.jhscale.security.node.pojo.SRoleUser;
import com.jhscale.security.node.pojo.SRoleUserExample;
import com.jhscale.security.node.pojo.SSubUser;
import com.jhscale.security.node.pojo.SSubUserExample;
import com.jhscale.security.node.service.PermService;
import com.ysscale.framework.em.DataStateEnum;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import java.util.TreeSet;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PathMatcher;

@Service
/* loaded from: input_file:com/jhscale/security/node/service/impl/PermServiceImpl.class */
public class PermServiceImpl implements PermService {
    private static final Logger log = LoggerFactory.getLogger(PermServiceImpl.class);

    @Autowired
    private SResourceMapper resourceMapper;

    @Autowired
    private SRoleUserMapper roleUserMapper;

    @Autowired
    private SSubUserMapper subUserMapper;

    @Autowired
    private SRoleResourceMapper roleResourceMapper;

    @Autowired
    private SRoleResourceColumnMapper roleResourceColumnMapper;

    @Autowired
    private PathMatcher pathMatcher;

    @Autowired
    private ScopeTypeChildEvent scopeTypeChildEvent;

    @Autowired
    private SubNodeAssistService subNodeAssistService;

    @Override // com.jhscale.security.node.service.PermService
    public LoadPermissionRes loadPermission(LoadPermissionReq loadPermissionReq) throws SecurityNodeException {
        SsoUserInfo ssoUser = loadPermissionReq.getSsoUser();
        String userType = ssoUser.getUserType();
        Boolean listScope = loadPermissionReq.getListScope();
        if (!userType.startsWith("SA")) {
            loadPermissionReq.setListScope(false);
            return doLoadPermission(loadPermissionReq);
        }
        SSubUserExample sSubUserExample = new SSubUserExample();
        sSubUserExample.createCriteria().andSubSignEqualTo(ssoUser.getUserId()).andStateEqualTo(DataStateEnum.NORMAL.getState());
        List<SSubUser> selectByExample = this.subUserMapper.selectByExample(sSubUserExample);
        if (CollectionUtils.isEmpty(selectByExample)) {
            throw new SecurityNodeException(SecurityNodeInternational.f57);
        }
        SSubUser sSubUser = selectByExample.get(0);
        ssoUser.setUserId(sSubUser.getUserSign());
        ssoUser.setUserType(userType.substring(2, userType.length()));
        loadPermissionReq.setListScope(false);
        LoadPermissionRes doLoadPermission = doLoadPermission(loadPermissionReq);
        if (Objects.isNull(doLoadPermission) || !doLoadPermission.getPass().booleanValue()) {
            log.debug("主账号 {} 无权限", ssoUser.getUserType());
            return doLoadPermission;
        }
        ssoUser.setUserId(sSubUser.getSubSign());
        ssoUser.setUserType(userType);
        loadPermissionReq.setListScope(listScope);
        return doLoadPermission(loadPermissionReq);
    }

    private LoadPermissionRes doLoadPermission(LoadPermissionReq loadPermissionReq) throws SecurityNodeException {
        String url = loadPermissionReq.getUrl();
        SsoUserInfo ssoUser = loadPermissionReq.getSsoUser();
        SRoleUserExample sRoleUserExample = new SRoleUserExample();
        SRoleUserExample.Criteria andRoleIdEqualTo = sRoleUserExample.createCriteria().andUserIdEqualTo(ssoUser.getUserId()).andRoleIdEqualTo(JHContents.DEFAULT_ADMIN_ROLE);
        if (StringUtils.isNotBlank(ssoUser.getUserType())) {
            andRoleIdEqualTo.andUserTypeEqualTo(ssoUser.getUserType());
        }
        RoleResourceByMethodUrlUser roleResourceByMethodUrlUser = new RoleResourceByMethodUrlUser(ssoUser.getUserId(), ssoUser.getUserType(), loadPermissionReq.getAppId(), loadPermissionReq.getMethod(), loadPermissionReq.getUrl());
        List<RoleResource> roleResourceByMethodUrlUser2 = this.roleResourceMapper.getRoleResourceByMethodUrlUser(roleResourceByMethodUrlUser);
        if (CollectionUtils.isEmpty(roleResourceByMethodUrlUser2)) {
            roleResourceByMethodUrlUser.setUrl(url.substring(0, url.lastIndexOf("/")) + "/*");
            roleResourceByMethodUrlUser2 = this.roleResourceMapper.getRoleResourceByMethodUrlUser(roleResourceByMethodUrlUser);
        }
        if (CollectionUtils.isEmpty(roleResourceByMethodUrlUser2)) {
            roleResourceByMethodUrlUser.setUrl(url);
            roleResourceByMethodUrlUser.setMethod("ANY");
            roleResourceByMethodUrlUser2 = this.roleResourceMapper.getRoleResourceByMethodUrlUser(roleResourceByMethodUrlUser);
        }
        if (CollectionUtils.isEmpty(roleResourceByMethodUrlUser2)) {
            throw new SecurityNodeException(SecurityNodeInternational.f6);
        }
        if (this.roleUserMapper.countByExample(sRoleUserExample) > 0) {
            LoadPermissionRes loadPermissionRes = new LoadPermissionRes(true);
            loadPermissionRes.setMessage("超级用户，访问");
            loadPermissionRes.setRoles(Collections.singletonList("SUPER_ADMIN"));
            loadPermissionRes.setInternational(roleResourceByMethodUrlUser2.get(0).getInternational());
            loadPermissionRes.setResponseType(roleResourceByMethodUrlUser2.get(0).getResponseType());
            log.debug(loadPermissionRes.getMessage());
            return loadPermissionRes;
        }
        List<Role> roleByUserAndAppId = this.roleUserMapper.getRoleByUserAndAppId(new RoleNameByUserAndAppId(loadPermissionReq.getAppId(), ssoUser.getUserId(), ssoUser.getUserType()));
        if (CollectionUtils.isEmpty(roleByUserAndAppId) && StringUtils.isNotBlank(loadPermissionReq.getAppId())) {
            throw new SecurityNodeException(SecurityNodeInternational.f28);
        }
        List list = (List) roleByUserAndAppId.stream().map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toList());
        if (!CollectionUtils.isEmpty(roleResourceByMethodUrlUser2)) {
            SecurityResource securityResource = new SecurityResource(false);
            StringBuilder sb = new StringBuilder();
            roleResourceByMethodUrlUser2.forEach(roleResource -> {
                if (StringUtils.isNotBlank(roleResource.getExpression())) {
                    sb.append(roleResource.getExpression() + SecurityNodeConstants.EXPRESSION_SPLIT);
                }
                SRoleResourceColumnExample sRoleResourceColumnExample = new SRoleResourceColumnExample();
                sRoleResourceColumnExample.createCriteria().andRoleIdEqualTo(roleResource.getRoleId()).andResourceIdEqualTo(roleResource.getResourceId());
                List<SRoleResourceColumn> selectByExample = this.roleResourceColumnMapper.selectByExample(sRoleResourceColumnExample);
                if (CollectionUtils.isEmpty(selectByExample)) {
                    return;
                }
                selectByExample.forEach(sRoleResourceColumn -> {
                    securityResource.put(Strings.underlineToHump(sRoleResourceColumn.getDbcolumn()), "");
                });
                securityResource.setValid(true);
            });
            if (sb.indexOf(SecurityNodeConstants.EXPRESSION_SPLIT) != -1) {
                sb.delete(sb.length() - 4, sb.length());
            }
            LoadPermissionRes loadPermissionRes2 = new LoadPermissionRes(true);
            loadPermissionRes2.setExpression(StringUtils.isNoneBlank(new CharSequence[]{sb}) ? sb.toString() : null);
            loadPermissionRes2.setSecurityResource(securityResource);
            loadPermissionRes2.setRoles(list);
            loadPermissionRes2.setInternational(roleResourceByMethodUrlUser2.get(0).getInternational());
            loadPermissionRes2.setResponseType(roleResourceByMethodUrlUser2.get(0).getResponseType());
            loadPermissionRes2.setResourceScopes(getScopeInfo(ssoUser, loadPermissionReq.getListScope(), roleByUserAndAppId));
            log.debug("LoadPermissionRes: {}", loadPermissionRes2);
            return loadPermissionRes2;
        }
        List<RoleResource> roleResourceByMethodUser = this.roleResourceMapper.getRoleResourceByMethodUser(new RoleResourceByMethodUrlUser(ssoUser.getUserId(), ssoUser.getUserType(), loadPermissionReq.getAppId(), loadPermissionReq.getMethod()));
        log.debug("User: {} have [{}] Perm patterns: {}", new Object[]{JSONUtils.objectToJSON(ssoUser), loadPermissionReq.getMethod(), JSONUtils.objectToJSON(roleResourceByMethodUser)});
        if (!CollectionUtils.isEmpty(roleResourceByMethodUser)) {
            for (RoleResource roleResource2 : roleResourceByMethodUser) {
                if (this.pathMatcher.match(roleResource2.getUrl(), loadPermissionReq.getUrl())) {
                    LoadPermissionRes loadPermissionRes3 = new LoadPermissionRes(true);
                    loadPermissionRes3.setRoles(list);
                    loadPermissionRes3.setMessage("批量授权");
                    loadPermissionRes3.setSecurityResource(new SecurityResource(false));
                    loadPermissionRes3.setInternational(roleResource2.getInternational());
                    loadPermissionRes3.setResponseType(roleResource2.getResponseType());
                    loadPermissionRes3.setResourceScopes(getScopeInfo(ssoUser, loadPermissionReq.getListScope(), roleByUserAndAppId));
                    return loadPermissionRes3;
                }
            }
        }
        throw new SecurityNodeException(SecurityNodeInternational.f29, loadPermissionReq.getUrl(), loadPermissionReq.getMethod());
    }

    @Override // com.jhscale.security.node.service.PermService
    public LoadUserUiComponentRes userUiComponents(LoadUserUiComponentsReq loadUserUiComponentsReq) throws SecurityNodeException {
        SsoUserInfo ssoUser = loadUserUiComponentsReq.getSsoUser();
        String userType = ssoUser.getUserType();
        if (!userType.startsWith("SA")) {
            return doUserUiComponents(loadUserUiComponentsReq);
        }
        SSubUserExample sSubUserExample = new SSubUserExample();
        sSubUserExample.createCriteria().andSubSignEqualTo(ssoUser.getUserId()).andStateEqualTo(DataStateEnum.NORMAL.getState());
        List<SSubUser> selectByExample = this.subUserMapper.selectByExample(sSubUserExample);
        if (CollectionUtils.isEmpty(selectByExample)) {
            throw new SecurityNodeException(SecurityNodeInternational.f57);
        }
        SSubUser sSubUser = selectByExample.get(0);
        ssoUser.setUserId(sSubUser.getUserSign());
        ssoUser.setUserType(userType.substring(2, userType.length()));
        LoadUserUiComponentRes doUserUiComponents = doUserUiComponents(loadUserUiComponentsReq);
        if (Objects.isNull(doUserUiComponents) || CollectionUtils.isEmpty(doUserUiComponents.getUserUiComponents())) {
            log.debug("主账号 {} 无资源", ssoUser.getUserType());
            return doUserUiComponents;
        }
        ssoUser.setUserId(sSubUser.getSubSign());
        ssoUser.setUserType(userType);
        LoadUserUiComponentRes doUserUiComponents2 = doUserUiComponents(loadUserUiComponentsReq);
        if (Objects.isNull(doUserUiComponents2) || CollectionUtils.isEmpty(doUserUiComponents2.getUserUiComponents())) {
            log.debug("子账号 {} 无资源", ssoUser.getUserType());
            return doUserUiComponents2;
        }
        List<UserUiComponent> userUiComponents = doUserUiComponents.getUserUiComponents();
        List<UserUiComponent> userUiComponents2 = doUserUiComponents2.getUserUiComponents();
        HashMap hashMap = new HashMap();
        for (UserUiComponent userUiComponent : userUiComponents) {
            hashMap.put(userUiComponent.getId(), userUiComponent);
        }
        LinkedList linkedList = new LinkedList();
        for (UserUiComponent userUiComponent2 : userUiComponents2) {
            if (Objects.nonNull(hashMap.get(userUiComponent2.getId()))) {
                linkedList.add(userUiComponent2);
            }
        }
        doUserUiComponents2.setUiComponentSize(linkedList.size());
        doUserUiComponents2.setUserUiComponents(linkedList);
        return doUserUiComponents2;
    }

    private LoadUserUiComponentRes doUserUiComponents(LoadUserUiComponentsReq loadUserUiComponentsReq) {
        SsoUserInfo ssoUser = loadUserUiComponentsReq.getSsoUser();
        SRoleUserExample sRoleUserExample = new SRoleUserExample();
        SRoleUserExample.Criteria andRoleIdEqualTo = sRoleUserExample.createCriteria().andUserIdEqualTo(ssoUser.getUserId()).andRoleIdEqualTo(JHContents.DEFAULT_ADMIN_ROLE);
        if (StringUtils.isNotBlank(ssoUser.getUserType())) {
            andRoleIdEqualTo.andUserTypeEqualTo(ssoUser.getUserType());
        }
        boolean z = this.roleUserMapper.countByExample(sRoleUserExample) > 0;
        List<ResourceDigest> resourcesByAppOrUser = (z || loadUserUiComponentsReq.isLoadAll()) ? this.resourceMapper.getResourcesByAppOrUser(new RoleResourceByUserAndAppId(loadUserUiComponentsReq.getAppId())) : this.resourceMapper.getResourcesByAppOrUser(new RoleResourceByUserAndAppId(loadUserUiComponentsReq.getAppId(), ssoUser.getUserId(), ssoUser.getUserType()));
        if (CollectionUtils.isEmpty(resourcesByAppOrUser)) {
            return new LoadUserUiComponentRes(true, false, 0, (List) null, "无任何权限");
        }
        HashMap hashMap = new HashMap((int) (resourcesByAppOrUser.size() / 0.75d));
        SRoleResourceColumnExample sRoleResourceColumnExample = new SRoleResourceColumnExample();
        for (ResourceDigest resourceDigest : resourcesByAppOrUser) {
            sRoleResourceColumnExample.clear();
            sRoleResourceColumnExample.createCriteria().andResourceIdEqualTo(resourceDigest.getId()).andRoleIdEqualTo(resourceDigest.getRoleId());
            List<ResourceColumn> selectResourceColumnByExample = this.roleResourceColumnMapper.selectResourceColumnByExample(sRoleResourceColumnExample);
            if (hashMap.containsKey(resourceDigest.getJsName()) && !CollectionUtils.isEmpty(selectResourceColumnByExample)) {
                ((UserUiComponent) hashMap.get(resourceDigest.getJsName())).getResourceColumns().addAll(selectResourceColumnByExample);
            }
            TreeSet treeSet = new TreeSet(Comparator.comparing((v0) -> {
                return v0.getOrder();
            }));
            treeSet.addAll(selectResourceColumnByExample);
            hashMap.put(resourceDigest.getId(), new UserUiComponent(resourceDigest.getId(), resourceDigest.getSuperId(), resourceDigest.getName(), resourceDigest.getJsName(), resourceDigest.getNum(), resourceDigest.getTag(), resourceDigest.getResType(), treeSet));
        }
        List list = (List) hashMap.values().stream().sorted(Comparator.comparingInt((v0) -> {
            return v0.getId();
        })).collect(Collectors.toList());
        log.debug("components: {}", list);
        return (!CollectionUtils.isEmpty(list) || z) ? new LoadUserUiComponentRes(true, z, list.size(), list, "SUCCESS") : new LoadUserUiComponentRes(true, false, 0, (List) null, "无任何权限");
    }

    @Override // com.jhscale.security.node.service.PermService
    public boolean acquireRoles(AcquireRolesReq acquireRolesReq) {
        this.roleUserMapper.deleteByUserAndAppId(new DeleteRoleUserByUserAndAppId(acquireRolesReq.getUserId(), acquireRolesReq.getUserType()));
        ArrayList arrayList = new ArrayList();
        acquireRolesReq.getRoles().forEach(num -> {
            SRoleUser sRoleUser = new SRoleUser();
            PojoUtils.init(sRoleUser);
            sRoleUser.setRoleId(num);
            sRoleUser.setUserId(acquireRolesReq.getUserId());
            sRoleUser.setUserType(acquireRolesReq.getUserType());
            arrayList.add(sRoleUser);
        });
        return this.roleUserMapper.batchInsert(arrayList) == arrayList.size();
    }

    private ResourceScopes getScopeInfo(SsoUserInfo ssoUserInfo, Boolean bool, List<Role> list) {
        if (!bool.booleanValue() || CollectionUtils.isEmpty(list)) {
            return null;
        }
        Long userId = ssoUserInfo.getUserId();
        List<ResourceAndRole> listResourceAndRole = this.resourceMapper.listResourceAndRole(userId, (List) list.stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList()));
        if (CollectionUtils.isEmpty(listResourceAndRole)) {
            return null;
        }
        log.debug("添加资源对应角色范围   {}-----------{}------------------{}", new Object[]{userId, bool, Integer.valueOf(listResourceAndRole.size())});
        HashMap hashMap = new HashMap();
        for (Role role : list) {
            RoleInfo roleInfo = new RoleInfo();
            roleInfo.setId(role.getId());
            roleInfo.setScope(role.getScope());
            if (StringUtils.isNotBlank(role.getSubScopes())) {
                roleInfo.setSubScopeList(JSONUtils.jsonToList(role.getSubScopes(), String.class));
            }
            if (RoleScopeEnum.用户范围.getScope().equals(role.getScope())) {
                roleInfo.setScopeInfoList(Arrays.asList(this.subNodeAssistService.getMainUser(ssoUserInfo)));
            } else if (StringUtils.isNotBlank(role.getScopeInfo()) || !"[]".equals(role.getScopeInfo())) {
                List jsonToList = JSONUtils.jsonToList(role.getScopeInfo(), ScopeInfoFull.class);
                if (!CollectionUtils.isEmpty(jsonToList)) {
                    roleInfo.setScopeInfoList((List) jsonToList.stream().map(scopeInfoFull -> {
                        ScopeInfo scopeInfo = new ScopeInfo();
                        scopeInfo.setI(scopeInfoFull.getScopeId());
                        scopeInfo.setScopeSign(scopeInfoFull.getScopeSign());
                        return scopeInfo;
                    }).collect(Collectors.toList()));
                }
            }
            hashMap.put(role.getId(), roleInfo);
        }
        return this.scopeTypeChildEvent.getScopeInfo(ssoUserInfo, listResourceAndRole, hashMap);
    }
}
