package cn.com.yusys.yusp.common.filter;

import cn.com.yusys.yusp.common.dataauth.DataAuthHandler;
import cn.com.yusys.yusp.common.dto.def.DataContr;
import cn.com.yusys.yusp.common.dto.def.User;
import cn.com.yusys.yusp.common.util.IcspSessionUtils;
import java.io.IOException;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:cn/com/yusys/yusp/common/filter/DataAuthFilter.class */
public class DataAuthFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(DataAuthFilter.class);
    public static final String UTF8 = "UTF-8";
    private AntPathMatcher matcher = new AntPathMatcher();
    private UrlPathHelper pathHelper = new UrlPathHelper();

    @Value("${application.web.ignore-urls}")
    private String ignoreUrlStrs = null;
    private List<String> ignoreUrls;

    public void init(FilterConfig filterConfig) throws ServletException {
        logger.info("Create access permission interceptor!");
        if (null == this.ignoreUrlStrs) {
            return;
        }
        this.ignoreUrls = (List) Arrays.asList(this.ignoreUrlStrs.split(",")).stream().map(str -> {
            return str.trim();
        }).collect(Collectors.toList());
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String lookupPathForRequest = this.pathHelper.getLookupPathForRequest(httpServletRequest);
        if (logger.isDebugEnabled()) {
            logger.debug("DataAuthFilter enter utl:{}", lookupPathForRequest);
        }
        boolean z = false;
        if (null != this.ignoreUrls) {
            z = this.ignoreUrls.stream().anyMatch(str -> {
                return this.matcher.match(str, lookupPathForRequest);
            });
        }
        if (!z) {
            String loginCode = IcspSessionUtils.getLoginCode();
            if (logger.isDebugEnabled()) {
                logger.debug("loginCode:{};", loginCode);
            }
            String header = httpServletRequest.getHeader("SysId");
            if (null == loginCode || header == null) {
                logger.error("用户[{}]或SysId[{}]为空，无法获取用户基本信息，记录集权限不生效", loginCode, header);
            } else {
                User userInfo = IcspSessionUtils.getUserInfo();
                if (userInfo == null) {
                    logger.error("用户[{}]为空，会话信息查询失败，记录集权限不生效", loginCode);
                } else {
                    addDataAuthInfo(loginCode, header, userInfo, lookupPathForRequest);
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
        cleanDataAuthInfo();
    }

    public void destroy() {
    }

    private void cleanDataAuthInfo() {
        DataAuthHandler.dataAuthTemplate.remove();
        DataAuthHandler.dataAuthParams.remove();
    }

    private void addDataAuthInfo(String str, String str2, User user, String str3) {
        List dataControl = IcspSessionUtils.getDataControl(str2);
        if (dataControl == null || dataControl.isEmpty()) {
            if (logger.isDebugEnabled()) {
                logger.debug("用户[{}]角色下没有数据权限模板", str);
                return;
            }
            return;
        }
        List list = (List) dataControl.stream().filter(dataContr -> {
            return str3.equals(dataContr.getContrUrl());
        }).collect(Collectors.toList());
        DataContr dataContr2 = null;
        if (list == null || list.size() == 0) {
            if (logger.isDebugEnabled()) {
                logger.debug("用户[{}]访问的控制点{}使用默认模板.", str, str3);
            }
            List list2 = (List) dataControl.stream().filter(dataContr3 -> {
                return "*".equals(dataContr3.getContrId());
            }).collect(Collectors.toList());
            if (list2 != null && list2.size() > 0) {
                dataContr2 = (DataContr) list2.get(0);
            }
        } else if (list.size() > 0) {
            if (logger.isDebugEnabled()) {
                logger.debug("用户[{}]访问的控制点{}使用特定模板,特定模板有[{}]条", new Object[]{str, str3, Integer.valueOf(list.size())});
            }
            dataContr2 = (DataContr) list.stream().min(Comparator.comparing((v0) -> {
                return v0.getPriority();
            })).orElseGet(() -> {
                logger.warn("数据集合为空");
                return null;
            });
        }
        if (dataContr2 != null) {
            String sqlString = dataContr2.getSqlString();
            logger.info("数据权限模板:{};数据权限参数:{}", sqlString, user);
            DataAuthHandler.dataAuthTemplate.set(sqlString);
            DataAuthHandler.dataAuthParams.set(getAuthParams(user));
        }
    }

    private Map<String, Object> getAuthParams(User user) {
        HashMap hashMap = new HashMap();
        try {
            hashMap.put("_userCode", user.getLoginCode());
            hashMap.put("_orgCode", user.getOwnOrg().getOrgCode());
            if (user.getOwnOrg() != null) {
                hashMap.put("_ownOrgId", user.getOwnOrg().getOrgId());
                hashMap.put("_ownOrgCode", user.getOwnOrg().getOrgCode());
                hashMap.put("_ownCheckOrgId", user.getOwnOrg().getCheckOrgId());
                hashMap.put("_ownUpOrgId", user.getOwnOrg().getUpOrgId());
                hashMap.put("_ownOrgType", user.getOwnOrg().getOrgType());
                hashMap.put("_ownBranchCode", user.getOwnOrg().getBranchCode());
            }
            if (user.getCurrentOrg() != null) {
                hashMap.put("_currentOrgId", user.getCurrentOrg().getOrgId());
                hashMap.put("_currentOrgCode", user.getCurrentOrg().getOrgCode());
                hashMap.put("_currentCheckOrgId", user.getCurrentOrg().getCheckOrgId());
                hashMap.put("_currentUpOrgId", user.getCurrentOrg().getUpOrgId());
                hashMap.put("_currentOrgType", user.getCurrentOrg().getOrgType());
                hashMap.put("_currentBranchCode", user.getCurrentOrg().getBranchCode());
            }
            logger.debug("用户[{}]使用数据模板参数为: {}", user.getLoginCode(), hashMap);
        } catch (Exception e) {
            logger.error("数据权限模板参数获取异常", e);
            e.printStackTrace();
        }
        return hashMap;
    }
}
