package cn.com.yusys.yusp.commons.data.authority.web.filter;

import cn.com.yusys.yusp.commons.data.authority.DataAuthorityConstants;
import cn.com.yusys.yusp.commons.data.authority.DataAuthorityContext;
import cn.com.yusys.yusp.commons.data.authority.DataAuthorizationInfo;
import cn.com.yusys.yusp.commons.data.authority.DataAuthorizationService;
import cn.com.yusys.yusp.commons.data.authority.Placeholder;
import cn.com.yusys.yusp.commons.data.authority.UserInformation;
import cn.com.yusys.yusp.commons.data.authority.UserInformationService;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:cn/com/yusys/yusp/commons/data/authority/web/filter/DataAuthorityWebFilter.class */
public class DataAuthorityWebFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(DataAuthorityWebFilter.class);
    private static final Map<String, DataAuthorizationInfo> NOT_FOUND_DATA_AUTHORIZATION_INFO = new ConcurrentHashMap();
    public static final String INIT_IGNORE_URLS_KEY = "ignoreUrls";
    private final DataAuthorizationService dataAuthorizationService;
    private final UserInformationService userService;
    private final UrlPathHelper pathHelper = new UrlPathHelper();
    private final AntPathMatcher matcher = new AntPathMatcher();
    private List<String> ignoreUrls;

    public DataAuthorityWebFilter(DataAuthorizationService dataAuthorizationService, UserInformationService userInformationService) {
        this.dataAuthorizationService = dataAuthorizationService;
        this.userService = userInformationService;
    }

    public void init(FilterConfig filterConfig) {
        log.info("Create access permission interceptor!");
        if (null == filterConfig.getInitParameter(INIT_IGNORE_URLS_KEY)) {
            return;
        }
        this.ignoreUrls = Collections.unmodifiableList((List) Arrays.asList(filterConfig.getInitParameter(INIT_IGNORE_URLS_KEY).split(",")).parallelStream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList()));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String method = httpServletRequest.getMethod();
        String lookupPathForRequest = this.pathHelper.getLookupPathForRequest(httpServletRequest);
        boolean z = true;
        if (null != this.ignoreUrls && !this.ignoreUrls.isEmpty()) {
            z = !this.ignoreUrls.parallelStream().anyMatch(str -> {
                return this.matcher.match(str, lookupPathForRequest);
            });
        }
        if (z) {
            UserInformation userInformation = this.userService.getUserInformation();
            if (!Objects.nonNull(userInformation) || userInformation.getUserId() == null) {
                log.debug("The current request API[{}] does not obtain information about the logged in user", lookupPathForRequest);
            } else {
                List<DataAuthorizationInfo> matching = this.dataAuthorizationService.matching(lookupPathForRequest, method, userInformation.getUserId());
                if (!Objects.nonNull(matching) || matching.isEmpty()) {
                    log.debug("The current request API[{}], The login user[{}] is not configured with the corresponding data authorization information", lookupPathForRequest, userInformation.getUserId());
                } else {
                    DataAuthorityContext.getCurrentContext().set(DataAuthorityConstants.SQL_DATA_AUTHORITY_TEMPLATES, matching);
                    addUserInformationToContext(userInformation);
                }
            }
        }
        try {
            addEmptyDataAuthorization4PlaceHolder();
            filterChain.doFilter(servletRequest, servletResponse);
            DataAuthorityContext.getCurrentContext().unset();
        } catch (Throwable th) {
            DataAuthorityContext.getCurrentContext().unset();
            throw th;
        }
    }

    private void addUserInformationToContext(UserInformation userInformation) {
        DataAuthorityContext currentContext = DataAuthorityContext.getCurrentContext();
        currentContext.set(DataAuthorityConstants.CONTEXT_USER_ID_KEY, userInformation.getUserId());
        currentContext.set(DataAuthorityConstants.CONTEXT_DEPT_IDS_KEY, userInformation.getDepartmentIds());
        currentContext.set(DataAuthorityConstants.CONTEXT_ORG_IDS_KEY, userInformation.getOrganizationIds());
        currentContext.set(DataAuthorityConstants.CONTEXT_POST_IDS_KEY, userInformation.getPostIds());
        currentContext.set(DataAuthorityConstants.CONTEXT_ROLE_IDS_KEY, userInformation.getRoleIds());
        currentContext.set(DataAuthorityConstants.CONTEXT_FINC_INST_IDS_KEY, userInformation.getFinancialInstitutionIds());
        currentContext.set("_userCode", userInformation.getUserId());
        currentContext.set("_orgCode", userInformation.getOrganizationIds());
    }

    private void addEmptyDataAuthorization4PlaceHolder() {
        if (Placeholder.getAllPlaceholder().isEmpty()) {
            return;
        }
        List list = (List) DataAuthorityContext.getCurrentContext().get(DataAuthorityConstants.SQL_DATA_AUTHORITY_TEMPLATES);
        LinkedList linkedList = Objects.isNull(list) ? new LinkedList() : new LinkedList(list);
        Set set = (Set) linkedList.stream().map((v0) -> {
            return v0.getSqlPlaceholder();
        }).collect(Collectors.toSet());
        for (String str : Placeholder.getAllPlaceholder()) {
            if (!set.contains(str)) {
                linkedList.add(getNotFoundDataAuthorizationInfo(str));
            }
        }
        DataAuthorityContext.getCurrentContext().set(DataAuthorityConstants.SQL_DATA_AUTHORITY_TEMPLATES, Collections.unmodifiableList(linkedList));
    }

    private DataAuthorizationInfo getNotFoundDataAuthorizationInfo(String str) {
        if (!NOT_FOUND_DATA_AUTHORIZATION_INFO.containsKey(str)) {
            NOT_FOUND_DATA_AUTHORIZATION_INFO.putIfAbsent(str, new DataAuthorizationInfo(null, null, 0, "", str));
        }
        return NOT_FOUND_DATA_AUTHORIZATION_INFO.get(str);
    }
}
