package com.help.web.aop;

import com.help.ITokenContext;
import com.help.LoginInfo;
import com.help.annotation.UnifyAuthorization;
import com.help.common.exception.UnifyErrorCode;
import com.help.common.exception.UnifyException;
import com.help.common.util.StringUtil;
import com.help.config.HelpManageConfig;
import com.help.service.IPermissionService;
import java.lang.reflect.Method;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.Ordered;

@Aspect
/* loaded from: input_file:com/help/web/aop/GlobalAuthorizationCheckAspect.class */
public class GlobalAuthorizationCheckAspect implements Ordered {
    private Logger logger = LoggerFactory.getLogger(GlobalAuthorizationCheckAspect.class);

    @Autowired
    ITokenContext<LoginInfo> iTokenContext;

    @Autowired
    private IPermissionService iPermissionService;

    @Autowired
    HelpManageConfig helpManageConfig;

    @Before("@within(com.help.annotation.UnifyAuthorization) && @within(org.springframework.stereotype.Controller)|| @within(com.help.annotation.UnifyAuthorization) && @within(org.springframework.web.bind.annotation.RestController)|| @annotation(com.help.annotation.UnifyAuthorization)")
    public void execute(JoinPoint joinPoint) {
        String declaringTypeName = joinPoint.getSignature().getDeclaringTypeName();
        Method method = joinPoint.getSignature().getMethod();
        UnifyAuthorization annotation = method.getAnnotation(UnifyAuthorization.class);
        UnifyAuthorization annotation2 = joinPoint.getSignature().getDeclaringType().getAnnotation(UnifyAuthorization.class);
        if ((annotation == null || !annotation.valid()) && !(annotation == null && annotation2 != null && annotation2.valid())) {
            return;
        }
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        boolean z = false;
        if (annotation != null) {
            str = annotation.module();
            str4 = annotation.moduleName();
            str2 = annotation.op();
            str5 = annotation.opName();
            str3 = annotation.system();
            z = annotation.grantToAll();
        }
        if (annotation2 != null) {
            if (StringUtil.isEmpty(str)) {
                str = annotation2.module();
                str4 = annotation2.moduleName();
            }
            if (StringUtil.isEmpty(str2)) {
                str2 = annotation2.op();
                str5 = annotation2.opName();
            }
            if (StringUtil.isEmpty(str3)) {
                str3 = annotation2.system();
            }
            if (annotation == null) {
                z = annotation2.grantToAll();
            }
        }
        this.logger.debug("正在验证[{}]的[{}]调用权限,所属模块:[{}({})],功能:[{}({})]", new Object[]{declaringTypeName, method.getName(), StringUtil.nvl(str4, ""), str, StringUtil.nvl(str5, ""), str2});
        LoginInfo currentToken = this.iTokenContext.getCurrentToken();
        if (currentToken == null) {
            throw new UnifyException(UnifyErrorCode.RQEUIRED_LOGIN);
        }
        if (this.helpManageConfig.isDisablePermission()) {
            return;
        }
        if (z) {
            this.logger.debug("所有用户默认拥有该权限,跳过验证");
            return;
        }
        if (currentToken.getLoginRoles() != null && currentToken.getLoginRoles().stream().anyMatch(str6 -> {
            return str6.equalsIgnoreCase("admin");
        }) && "1".equalsIgnoreCase(str3)) {
            this.logger.debug("系统管理员默认拥有该权限,跳过验证");
        } else if (StringUtil.isNotEmptyAll(new String[]{str, str2}) && !this.iPermissionService.check(currentToken, str, str2)) {
            throw new UnifyException(UnifyErrorCode.UN_AUTHORIZATION);
        }
    }

    public int getOrder() {
        return 100;
    }
}
