package cn.cerc.mis.security;

import cn.cerc.core.DataSet;
import cn.cerc.core.ISession;
import cn.cerc.core.KeyValue;
import cn.cerc.core.Utils;
import cn.cerc.db.core.IHandle;
import cn.cerc.mis.core.Application;
import cn.cerc.mis.core.IService;
import cn.cerc.mis.core.ServiceException;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:cn/cerc/mis/security/SecurityPolice.class */
public class SecurityPolice {
    private static final Logger log = LoggerFactory.getLogger(SecurityPolice.class);

    public final boolean checkClass(IHandle iHandle) {
        return checkClass(iHandle, iHandle.getClass());
    }

    public final boolean checkClass(IHandle iHandle, Object obj) {
        return checkClass(iHandle, obj.getClass());
    }

    public final boolean checkClass(IHandle iHandle, Class<?> cls) {
        boolean checkValue = checkValue(iHandle.getSession().getPermissions(), getPermission(cls, iHandle));
        log.debug("{}, check class:{}", cls.getName(), checkValue ? "pass" : "stop");
        return checkValue;
    }

    public final boolean checkMethod(IHandle iHandle, Method method) {
        return checkMethod(iHandle, iHandle.getClass(), method);
    }

    public final boolean checkMethod(IHandle iHandle, Class<?> cls, Method method) {
        boolean checkClass;
        boolean z = false;
        String str = Permission.USERS;
        for (Annotation annotation : method.getDeclaredAnnotations()) {
            if (annotation instanceof Permission) {
                str = ((Permission) annotation).value();
                if ("".equals(str)) {
                    str = Permission.USERS;
                }
                z = true;
            }
        }
        if (!z) {
            for (Annotation annotation2 : cls.getDeclaredAnnotations()) {
                if (annotation2 instanceof Permission) {
                    str = ((Permission) annotation2).value();
                    if ("".equals(str)) {
                        str = Permission.USERS;
                    }
                    z = true;
                }
            }
        }
        if (z) {
            for (Annotation annotation3 : method.getDeclaredAnnotations()) {
                if (annotation3 instanceof Operators) {
                    StringBuffer stringBuffer = new StringBuffer(str);
                    stringBuffer.append("[");
                    int i = 0;
                    for (String str2 : ((Operators) annotation3).value()) {
                        if (i > 0) {
                            stringBuffer.append(",");
                        }
                        stringBuffer.append(str2);
                        i++;
                    }
                    stringBuffer.append("]");
                    str = stringBuffer.toString();
                }
            }
            checkClass = checkValue(iHandle.getSession().getPermissions(), str);
            Logger logger = log;
            Object[] objArr = new Object[3];
            objArr[0] = cls.getName();
            objArr[1] = method.getName();
            objArr[2] = checkClass ? "pass" : "stop";
            logger.debug("{}.{}, check method:{}", objArr);
        } else {
            checkClass = checkClass(iHandle, cls);
        }
        return checkClass;
    }

    public final boolean checkValue(String str, String str2) {
        log.debug("{}:{}", str2, str);
        if (str == null) {
            return true;
        }
        String str3 = str;
        int indexOf = str.indexOf("#");
        if (indexOf > -1) {
            str3 = str.substring(0, indexOf);
        }
        String str4 = str2;
        int indexOf2 = str2.indexOf("#");
        if (indexOf2 > -1) {
            str4 = str2.substring(0, indexOf2);
        }
        if (indexOf > -1 && indexOf2 > -1) {
            String trim = str.substring(indexOf + 1, str.length()).trim();
            String trim2 = str2.substring(indexOf2 + 1, str2.length()).trim();
            if (trim.length() > 0 && trim2.length() > 0) {
                boolean z = false;
                String[] split = trim2.split("\\,");
                int length = split.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (trim.equals(split[i].trim())) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (!z) {
                    log.debug("检查版本授权不通过, {}:{}", trim, trim2);
                    return false;
                }
            }
        }
        if (Utils.isEmpty(str3) || Utils.isEmpty(str4)) {
            return true;
        }
        if (str4.equals(Permission.USERS)) {
            return !str3.equals(Permission.GUEST);
        }
        if (str3.equals(Permission.ADMIN) || str3.equals(str4)) {
            return true;
        }
        for (String str5 : str3.split(";")) {
            if (str5.startsWith("-") && (compareMaster(str4, str5.substring(1)) || compareDetail(str4, str5.substring(1)))) {
                return false;
            }
        }
        for (String str6 : str3.split(";")) {
            if (!str6.startsWith("-") && (compareMaster(str6, str4) || compareDetail(str6, str4))) {
                return true;
            }
        }
        return false;
    }

    public DataSet call(IHandle iHandle, IService iService, DataSet dataSet, KeyValue keyValue) throws ServiceException {
        String permission = getPermission(iService.getClass(), iHandle);
        if (allowGuestUser(permission)) {
            return iService.call(iHandle, dataSet, keyValue);
        }
        ISession session = iHandle.getSession();
        return (session == null || !session.logon()) ? new DataSet().setMessage("请您先登入系统").setState(-2) : !checkValue(iHandle.getSession().getPermissions(), permission) ? new DataSet().setMessage("您的执行权限不足").setState(-2) : iService.call(iHandle, dataSet, keyValue);
    }

    private final boolean compareMaster(String str, String str2) {
        if (str.equals(Permission.ADMIN) || str2.equals(Permission.GUEST) || str2.equals(Permission.USERS) || str2.equals(str)) {
            return true;
        }
        if (!str.endsWith(".*")) {
            return false;
        }
        String substring = str.substring(0, str.length() - 2);
        return str2.length() >= substring.length() && str2.substring(0, substring.length()).equals(substring);
    }

    private final boolean allowGuestUser(String str) {
        if (Permission.GUEST.length() > str.length()) {
            return false;
        }
        return str.startsWith(Permission.GUEST);
    }

    private final boolean compareDetail(String str, String str2) {
        String str3 = str;
        int indexOf = str.indexOf("[");
        String[] strArr = new String[0];
        if (indexOf > 0 && str.endsWith("]")) {
            str3 = str.substring(0, indexOf);
            strArr = str.substring(indexOf + 1, str.length() - 1).split(",");
        }
        String str4 = str2;
        int indexOf2 = str2.indexOf("[");
        String[] strArr2 = new String[0];
        if (indexOf2 > 0 && str2.endsWith("]")) {
            str4 = str2.substring(0, indexOf2);
            strArr2 = str2.substring(indexOf2 + 1, str2.length() - 1).split(",");
        }
        if (!compareMaster(str3, str4)) {
            return false;
        }
        if (strArr.length == 0 || strArr2.length == 0) {
            return true;
        }
        if (strArr.length == 1 && strArr[0].equals("*")) {
            return true;
        }
        boolean z = true;
        String[] strArr3 = strArr2;
        int length = strArr3.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str5 = strArr3[i];
            if (!"".equals(str5) && !inArray(str5, strArr)) {
                z = false;
                break;
            }
            i++;
        }
        return z;
    }

    private final boolean inArray(String str, String[] strArr) {
        for (String str2 : strArr) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    private final String getPermission(Class<?> cls, IHandle iHandle) {
        SecurityService securityService;
        boolean z = false;
        String str = Permission.USERS;
        for (Annotation annotation : cls.getDeclaredAnnotations()) {
            if (annotation instanceof Permission) {
                str = ((Permission) annotation).value();
                if ("".equals(str)) {
                    str = Permission.USERS;
                }
                z = true;
            }
        }
        if (z) {
            for (Annotation annotation2 : cls.getDeclaredAnnotations()) {
                if (annotation2 instanceof Operators) {
                    StringBuffer stringBuffer = new StringBuffer(str);
                    stringBuffer.append("[");
                    int i = 0;
                    for (String str2 : ((Operators) annotation2).value()) {
                        if (i > 0) {
                            stringBuffer.append(",");
                        }
                        stringBuffer.append(str2);
                        i++;
                    }
                    stringBuffer.append("]");
                    str = stringBuffer.toString();
                }
            }
        } else if (iHandle != null && (securityService = (SecurityService) Application.getBean(SecurityService.class)) != null) {
            String[] split = cls.getName().split("\\.");
            KeyValue key = new KeyValue(str).key(split[split.length - 1]);
            securityService.loadPermission(iHandle, key);
            str = key.asString();
        }
        log.debug("{}={}", cls.getName(), str);
        return str;
    }

    public static void main(String[] strArr) {
        SecurityPolice securityPolice = new SecurityPolice();
        System.out.println(securityPolice.checkValue("base.account.update;base.default;base.product.manage;other.addressbook;other.product.repair;other.vipcard.manage;sell.base.manage[insert,update,delete,nullify];sell.discount.manage;sell.order.wholesale[insert,update,delete,final,cancel,nullify];sell.report.process[export];sell.report.total[export];sell.stock.out.retail[insert,update,delete,final,cancel,nullify];sell.stock.out.scanner[insert,update,delete,final,cancel,nullify];sell.stock.out.wholesale[insert,update,delete,final,cancel,nullify];sell.stock.return[insert,update,delete,final,cancel,nullify];stock.report.inout", "sell.stock.return"));
        System.out.println(securityPolice.checkValue("base.account.update;base.default;base.product.manage;other.addressbook;other.product.repair;other.vipcard.manage;sell.base.manage[insert,update,delete,nullify];sell.discount.manage;sell.order.wholesale[insert,update,delete,final,cancel,nullify];sell.report.process[export];sell.report.total[export];sell.stock.out.retail[insert,update,delete,final,cancel,nullify];sell.stock.out.scanner[insert,update,delete,final,cancel,nullify];sell.stock.out.wholesale[insert,update,delete,final,cancel,nullify];sell.stock.return[insert,update,delete,final,cancel,nullify];stock.report.inout", "sell.stock.return[insert]"));
    }
}
