package org.beangle.security.blueprint.data.service.internal;

import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.beangle.commons.collection.CollectUtils;
import org.beangle.commons.dao.impl.BaseServiceImpl;
import org.beangle.commons.dao.query.builder.Condition;
import org.beangle.commons.dao.query.builder.Conditions;
import org.beangle.commons.dao.query.builder.OqlBuilder;
import org.beangle.commons.lang.Strings;
import org.beangle.commons.lang.functor.Predicate;
import org.beangle.security.blueprint.Dimension;
import org.beangle.security.blueprint.Profile;
import org.beangle.security.blueprint.Property;
import org.beangle.security.blueprint.Role;
import org.beangle.security.blueprint.User;
import org.beangle.security.blueprint.data.DataPermission;
import org.beangle.security.blueprint.data.model.DataPermissionBean;
import org.beangle.security.blueprint.data.service.DataPermissionService;
import org.beangle.security.blueprint.function.service.FuncPermissionService;
import org.beangle.security.blueprint.service.UserDataResolver;
import org.beangle.security.blueprint.service.UserService;

/* loaded from: input_file:org/beangle/security/blueprint/data/service/internal/DataPermissionServiceImpl.class */
public class DataPermissionServiceImpl extends BaseServiceImpl implements DataPermissionService {
    protected UserService userService;
    protected UserDataResolver dataResolver;
    protected FuncPermissionService permissionService;

    private List<? extends DataPermission> getPermissions(Role role, String str, final String str2) {
        List<? extends DataPermission> search = this.entityDao.search(OqlBuilder.from(DataPermissionBean.class, "dp").where("dp.resource.name=:name", str).cacheable());
        final String name = role.getName();
        final Date date = new Date();
        CollectUtils.filter(search, new Predicate<DataPermissionBean>() { // from class: org.beangle.security.blueprint.data.service.internal.DataPermissionServiceImpl.1
            public Boolean apply(DataPermissionBean dataPermissionBean) {
                if (null != dataPermissionBean.getBeginAt() && date.before(dataPermissionBean.getBeginAt())) {
                    return false;
                }
                if (null == dataPermissionBean.getEndAt() || !date.after(dataPermissionBean.getEndAt())) {
                    return (dataPermissionBean.getRole() == null || dataPermissionBean.getRole().getName().equals(name)) && (dataPermissionBean.getFuncResource() == null || dataPermissionBean.getFuncResource().getName().equals(str2));
                }
                return false;
            }
        });
        Collections.sort(search, new Comparator<DataPermissionBean>() { // from class: org.beangle.security.blueprint.data.service.internal.DataPermissionServiceImpl.2
            static final int general = 4;
            static final int onlyRoleMatch = 3;
            static final int onlyFuncMatch = 2;
            static final int matchAll = 1;

            @Override // java.util.Comparator
            public int compare(DataPermissionBean dataPermissionBean, DataPermissionBean dataPermissionBean2) {
                return getWeight(dataPermissionBean) - getWeight(dataPermissionBean2);
            }

            private int getWeight(DataPermissionBean dataPermissionBean) {
                return (dataPermissionBean.getRole() == null && dataPermissionBean.getFuncResource() == null) ? general : (dataPermissionBean.getRole() == null || dataPermissionBean.getFuncResource() != null) ? (dataPermissionBean.getRole() != null || dataPermissionBean.getFuncResource() == null) ? matchAll : onlyFuncMatch : onlyRoleMatch;
            }
        });
        return search;
    }

    @Override // org.beangle.security.blueprint.data.service.DataPermissionService
    public DataPermission getPermission(User user, String str, String str2) {
        Iterator<Role> it = user.getRoles().iterator();
        while (it.hasNext()) {
            List<? extends DataPermission> permissions = getPermissions(it.next(), str, str2);
            if (!permissions.isEmpty()) {
                return permissions.get(0);
            }
        }
        return null;
    }

    private Object unmarshal(String str, Dimension dimension) {
        try {
            List unmarshal = this.dataResolver.unmarshal(dimension, str);
            if (dimension.isMultiple()) {
                return unmarshal;
            }
            if (1 != unmarshal.size()) {
                return null;
            }
            return unmarshal.get(0);
        } catch (Exception e) {
            this.logger.error("exception with param type:" + dimension.getTypeName() + " value:" + str, e);
            return null;
        }
    }

    @Override // org.beangle.security.blueprint.data.service.DataPermissionService
    public void apply(OqlBuilder<?> oqlBuilder, DataPermission dataPermission, Profile... profileArr) {
        apply(oqlBuilder, dataPermission, Arrays.asList(profileArr));
    }

    @Override // org.beangle.security.blueprint.data.service.DataPermissionService
    public void apply(OqlBuilder<?> oqlBuilder, DataPermission dataPermission, List<Profile> list) {
        List newArrayList = CollectUtils.newArrayList();
        if (Strings.isEmpty(dataPermission.getFilters())) {
            return;
        }
        String[] split = Strings.split(Strings.replace(Strings.replace(dataPermission.getFilters(), "{alias}", oqlBuilder.getAlias()), " and ", "$"), "$");
        List newArrayList2 = CollectUtils.newArrayList();
        for (Profile profile : list) {
            StringBuilder sb = new StringBuilder("(");
            for (int i = 0; i < split.length; i++) {
                String str = split[i];
                for (String str2 : new Condition(str).getParamNames()) {
                    Property property = profile.getProperty(str2);
                    String value = null == property ? null : property.getValue();
                    if (!Strings.isNotEmpty(value)) {
                        throw new RuntimeException(str2 + " had not been initialized");
                    }
                    if (value.equals("*")) {
                        str = "";
                    } else {
                        newArrayList.add(unmarshal(value, property.getDimension()));
                    }
                }
                if (sb.length() > 1 && str.length() > 0) {
                    sb.append(" and ");
                }
                sb.append(str);
            }
            if (sb.length() > 1) {
                sb.append(')');
                Condition condition = new Condition(sb.toString());
                condition.params(newArrayList);
                newArrayList2.add(condition);
            }
        }
        if (newArrayList2.isEmpty()) {
            return;
        }
        oqlBuilder.where(new Condition[]{Conditions.or(newArrayList2)});
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    public void setPermissionService(FuncPermissionService funcPermissionService) {
        this.permissionService = funcPermissionService;
    }

    public void setDataResolver(UserDataResolver userDataResolver) {
        this.dataResolver = userDataResolver;
    }
}
