package com.founder.common.security.aspect;

import com.founder.common.core.exception.PreAuthorizeException;
import com.founder.common.core.utils.StringUtils;
import com.founder.common.security.annotation.PreAuthorize;
import com.founder.common.security.service.TokenService;
import com.founder.system.api.model.LoginUser;
import java.util.Collection;
import java.util.Set;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PatternMatchUtils;

@Aspect
@Component
/* loaded from: input_file:com/founder/common/security/aspect/PreAuthorizeAspect.class */
public class PreAuthorizeAspect {

    @Autowired
    private TokenService tokenService;
    private static final String ALL_PERMISSION = "*:*:*";
    private static final String SUPER_ADMIN = "admin";
    private static final Integer ARRAY_EMPTY = 0;

    @Around("@annotation(com.founder.common.security.annotation.PreAuthorize)")
    public Object around(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        PreAuthorize preAuthorize = (PreAuthorize) proceedingJoinPoint.getSignature().getMethod().getAnnotation(PreAuthorize.class);
        if (preAuthorize == null) {
            return proceedingJoinPoint.proceed();
        }
        if (StringUtils.isNotEmpty(preAuthorize.hasPermi())) {
            if (hasPermi(preAuthorize.hasPermi())) {
                return proceedingJoinPoint.proceed();
            }
            throw new PreAuthorizeException();
        }
        if (StringUtils.isNotEmpty(preAuthorize.lacksPermi())) {
            if (lacksPermi(preAuthorize.lacksPermi())) {
                return proceedingJoinPoint.proceed();
            }
            throw new PreAuthorizeException();
        }
        if (ARRAY_EMPTY.intValue() < preAuthorize.hasAnyPermi().length) {
            if (hasAnyPermi(preAuthorize.hasAnyPermi())) {
                return proceedingJoinPoint.proceed();
            }
            throw new PreAuthorizeException();
        }
        if (StringUtils.isNotEmpty(preAuthorize.hasRole())) {
            if (hasRole(preAuthorize.hasRole())) {
                return proceedingJoinPoint.proceed();
            }
            throw new PreAuthorizeException();
        }
        if (StringUtils.isNotEmpty(preAuthorize.lacksRole())) {
            if (lacksRole(preAuthorize.lacksRole())) {
                return proceedingJoinPoint.proceed();
            }
            throw new PreAuthorizeException();
        }
        if (ARRAY_EMPTY.intValue() < preAuthorize.hasAnyRoles().length && !hasAnyRoles(preAuthorize.hasAnyRoles())) {
            throw new PreAuthorizeException();
        }
        return proceedingJoinPoint.proceed();
    }

    public boolean hasPermi(String str) {
        LoginUser loginUser = this.tokenService.getLoginUser();
        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
            return false;
        }
        return hasPermissions(loginUser.getPermissions(), str);
    }

    public boolean lacksPermi(String str) {
        return !hasPermi(str);
    }

    public boolean hasAnyPermi(String[] strArr) {
        LoginUser loginUser = this.tokenService.getLoginUser();
        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getPermissions())) {
            return false;
        }
        Set permissions = loginUser.getPermissions();
        for (String str : strArr) {
            if (str != null && hasPermissions(permissions, str)) {
                return true;
            }
        }
        return false;
    }

    public boolean hasRole(String str) {
        LoginUser loginUser = this.tokenService.getLoginUser();
        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getRoles())) {
            return false;
        }
        for (String str2 : loginUser.getRoles()) {
            if (SUPER_ADMIN.equals(str2) || str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    public boolean lacksRole(String str) {
        return !hasRole(str);
    }

    public boolean hasAnyRoles(String[] strArr) {
        LoginUser loginUser = this.tokenService.getLoginUser();
        if (StringUtils.isNull(loginUser) || CollectionUtils.isEmpty(loginUser.getRoles())) {
            return false;
        }
        for (String str : strArr) {
            if (hasRole(str)) {
                return true;
            }
        }
        return false;
    }

    private boolean hasPermissions(Collection<String> collection, String str) {
        return collection.stream().filter(StringUtils::hasText).anyMatch(str2 -> {
            return ALL_PERMISSION.contains(str2) || PatternMatchUtils.simpleMatch(str2, str);
        });
    }
}
