package org.beangle.security.blueprint.function.service.internal;

import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.beangle.commons.collection.CollectUtils;
import org.beangle.commons.dao.Operation;
import org.beangle.commons.dao.impl.BaseServiceImpl;
import org.beangle.commons.dao.query.builder.OqlBuilder;
import org.beangle.security.blueprint.Role;
import org.beangle.security.blueprint.User;
import org.beangle.security.blueprint.event.RoleAuthorityEvent;
import org.beangle.security.blueprint.function.FuncPermission;
import org.beangle.security.blueprint.function.FuncResource;
import org.beangle.security.blueprint.function.model.FuncPermissionBean;
import org.beangle.security.blueprint.function.model.FuncResourceBean;
import org.beangle.security.blueprint.function.service.FuncPermissionService;
import org.beangle.security.blueprint.service.UserService;

/* loaded from: input_file:org/beangle/security/blueprint/function/service/internal/FuncPermissionServiceImpl.class */
public class FuncPermissionServiceImpl extends BaseServiceImpl implements FuncPermissionService {
    protected UserService userService;

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public FuncResource getResource(String str) {
        OqlBuilder from = OqlBuilder.from(FuncResource.class, "r");
        from.where("r.name=:name", str).cacheable();
        return (FuncResource) this.entityDao.uniqueResult(from);
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public List<FuncPermission> getPermissions(User user) {
        if (null == user) {
            return Collections.emptyList();
        }
        List<FuncPermission> newArrayList = CollectUtils.newArrayList();
        Iterator<Role> it = user.getRoles().iterator();
        while (it.hasNext()) {
            newArrayList.addAll(getPermissions(it.next()));
        }
        return newArrayList;
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public List<FuncResource> getResources(User user) {
        Set newHashSet = CollectUtils.newHashSet();
        Map newHashMap = CollectUtils.newHashMap();
        String str = "select distinct fp.resource from " + FuncPermission.class.getName() + " fp where fp.role.id = :roleId";
        newHashMap.clear();
        Iterator<Role> it = user.getRoles().iterator();
        while (it.hasNext()) {
            newHashMap.put("roleId", it.next().getId());
            newHashSet.addAll(this.entityDao.search(str, newHashMap));
        }
        return CollectUtils.newArrayList(newHashSet);
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public Set<String> getResourceNamesByRole(Integer num) {
        return new HashSet(this.entityDao.search(OqlBuilder.hql("select a.resource.name from " + FuncPermission.class.getName() + " as a where a.role.id= :roleId and a.resource.enabled = true").param("roleId", num).cacheable()));
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public Set<String> getResourceNamesByScope(FuncResource.Scope scope) {
        return new HashSet(this.entityDao.search(OqlBuilder.from(FuncResource.class, "r").where("r.scope=:scope", scope).select("r.name").cacheable()));
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public void authorize(Role role, Set<FuncResource> set) {
        Set newHashSet = CollectUtils.newHashSet();
        List<FuncPermission> permissions = getPermissions(role);
        for (FuncPermission funcPermission : permissions) {
            if (set.contains(funcPermission.getResource())) {
                set.remove(funcPermission.getResource());
            } else {
                newHashSet.add(funcPermission);
            }
        }
        permissions.removeAll(newHashSet);
        Iterator<FuncResource> it = set.iterator();
        while (it.hasNext()) {
            permissions.add(new FuncPermissionBean(role, it.next(), null));
        }
        this.entityDao.execute(Operation.remove(newHashSet).saveOrUpdate(permissions).saveOrUpdate(new Object[]{role}));
        publish(new RoleAuthorityEvent(role));
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public void updateState(Integer[] numArr, boolean z) {
        OqlBuilder from = OqlBuilder.from(FuncResourceBean.class, "resource");
        from.where("resource.id in (:ids)", numArr);
        List search = this.entityDao.search(from);
        Iterator it = search.iterator();
        while (it.hasNext()) {
            ((FuncResourceBean) it.next()).setEnabled(z);
        }
        this.entityDao.saveOrUpdate(search);
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public List<FuncPermission> getPermissions(Role role) {
        return this.entityDao.search(OqlBuilder.from(FuncPermission.class, "fp").where("fp.role=:role", role));
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public List<FuncResource> getResources(Role role) {
        OqlBuilder hql = OqlBuilder.hql("select distinct m from " + Role.class.getName() + " as r join r.permissions as a join a.resource as m where  r.id = :roleId and m.enabled = true");
        hql.param("roleId", role.getId()).cacheable();
        return this.entityDao.search(hql);
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public String extractResource(String str) {
        int i = -1;
        for (int i2 = 0; i2 < str.length(); i2++) {
            char charAt = str.charAt(i2);
            if (charAt == '.' || charAt == '!') {
                i = i2;
                break;
            }
        }
        if (i < 0) {
            i = str.length();
        }
        return str.substring(0, i);
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    @Override // org.beangle.security.blueprint.function.service.FuncPermissionService
    public UserService getUserService() {
        return this.userService;
    }
}
