package org.cboard.services.role;

import com.alibaba.fastjson.JSONObject;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.cboard.acl.DummyExtAclService;
import org.cboard.acl.ExtAclService;
import org.cboard.dao.RoleDao;
import org.cboard.dto.ExtAclInfo;
import org.cboard.services.AclService;
import org.cboard.services.AuthenticationService;
import org.cboard.services.BasicService;
import org.cboard.services.FolderService;
import org.cboard.services.ServiceStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/cboard/services/role/BaseRoleService.class */
public abstract class BaseRoleService extends BasicService {
    private final Logger LOG = LoggerFactory.getLogger(getClass());

    @Autowired
    protected AuthenticationService authenticationService;

    @Autowired
    protected FolderService folderService;

    @Autowired
    protected AclService aclService;

    @Autowired
    protected RoleDao roleDao;

    @Value("${acl.class:#{null}}")
    protected String aclClass;

    @Autowired
    protected ExtAclService extAclService;

    public List<Long> getResIds(String str, AclService.ResType resType) {
        return getResIds(str, resType, AclService.Permission.READ);
    }

    public List<Long> getResIds(String str, AclService.ResType resType, AclService.Permission permission) {
        return this.aclService.getResId(str, resType, permission);
    }

    public List<Long> getResIdsOfRoleAdmin(String str, AclService.ResType resType) {
        return this.roleDao.getResIdOfRoleAdmin(str, resType.toString(), AclService.Permission.READ.toString());
    }

    public RoleAuthResult checkFolderAuth(String str, String str2) {
        int intValue = JSONObject.parseObject(str).getInteger("folderId").intValue();
        RoleAuthResult roleAuthResult = new RoleAuthResult();
        boolean checkFolderAuth = this.folderService.checkFolderAuth(getLoginUserId(), intValue, str2);
        if (needCheckExtAcl()) {
            checkFolderAuth = checkExtAcl(AclService.ResType.FOLDER, "" + intValue, str2);
        }
        if (checkFolderAuth) {
            roleAuthResult.setValid(true);
        } else {
            roleAuthResult.setMsg(String.format("folder: %s, permission: %s", this.folderService.getFolderPath(intValue), RolePermission.getPermissionName(str2)));
        }
        return roleAuthResult;
    }

    public Object baseSave(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        RoleAuthResult checkFolderAuth = checkFolderAuth((String) proceedingJoinPoint.getArgs()[1], RolePermission.PATTERN_EDIT);
        return checkFolderAuth.isValid() ? proceedingJoinPoint.proceed() : new ServiceStatus(ServiceStatus.Status.Fail, "[No Permission]: " + checkFolderAuth.getMsg());
    }

    public String getLoginUserId() {
        return this.authenticationService.getCurrentUser().getUserId();
    }

    abstract boolean checkAuth(String str, Long l, String str2);

    public abstract AclService.ResType getResType();

    public Object baseUpdate(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        JSONObject parseObject = JSONObject.parseObject((String) proceedingJoinPoint.getArgs()[1]);
        return checkAuth(this.authenticationService.getCurrentUser().getUserId(), parseObject.getLong("id"), RolePermission.PATTERN_EDIT, parseObject.getInteger("folderId").intValue()) ? proceedingJoinPoint.proceed() : new ServiceStatus(ServiceStatus.Status.Fail, "No Permission");
    }

    public Object baseDelete(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        return checkAuth(getLoginUserId(), (Long) proceedingJoinPoint.getArgs()[1], RolePermission.PATTERN_DELETE) ? proceedingJoinPoint.proceed() : new ServiceStatus(ServiceStatus.Status.Fail, "No Permission");
    }

    public boolean checkAuth(String str, Long l, String str2, int i) {
        return checkAuth(str, l, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean needCheckExtAcl() {
        HttpServletRequest request = getRequest();
        return (request == null || !StringUtils.isNotBlank(request.getHeader("bus_token")) || (this.extAclService instanceof DummyExtAclService)) ? false : true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkExtAcl(AclService.ResType resType, String str, String str2) {
        String header = getRequest().getHeader("bus_token");
        if (StringUtils.isBlank(header) || (this.extAclService instanceof DummyExtAclService)) {
            return false;
        }
        try {
            this.LOG.info("[Check External Acl] busToken: {}, resType: {}, resId: {}, permission: {}", new Object[]{header, resType.toString(), str, str2});
            ExtAclInfo extAclInfo = new ExtAclInfo(header, str);
            extAclInfo.setPermission(str2);
            extAclInfo.setUserId(getLoginUserId());
            extAclInfo.setResType(resType.toString());
            return this.extAclService.checkAcl(extAclInfo);
        } catch (Exception e) {
            this.LOG.warn("[Check External Acl] Exception: {}", e.getMessage());
            return false;
        }
    }
}
