package com.xforceplus.aop;

import com.google.common.base.Objects;
import com.xforceplus.business.tenant.service.UserService;
import com.xforceplus.dao.OrgStructDao;
import com.xforceplus.domain.exception.InvalidDataException;
import com.xforceplus.domain.user.view.ExtraInfo;
import com.xforceplus.entity.OrgStruct;
import com.xforceplus.entity.User;
import com.xforceplus.tenant.security.core.context.UserInfoHolder;
import com.xforceplus.tenant.security.core.domain.IAuthorizedUser;
import java.text.MessageFormat;
import java.util.Collection;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:com/xforceplus/aop/SimplePermissionAspect.class */
public class SimplePermissionAspect {
    private final UserService userService;
    private final OrgStructDao orgStructDao;
    private static final String ORG_ID = "orgId";
    private static final String ORG_STRUCT_ID = "orgStructId";

    public SimplePermissionAspect(UserService userService, OrgStructDao orgStructDao) {
        this.userService = userService;
        this.orgStructDao = orgStructDao;
    }

    @Pointcut("@annotation(com.xforceplus.annotation.OrgAdmin)")
    public void beforePointCut() {
    }

    @Before("beforePointCut()")
    public void checkOrgAdmin(JoinPoint joinPoint) {
        String str;
        Object[] args = joinPoint.getArgs();
        String[] parameterNames = joinPoint.getSignature().getParameterNames();
        if (parameterNames == null || (str = (String) Stream.of((Object[]) parameterNames).filter(str2 -> {
            return ORG_ID.equals(str2) || ORG_STRUCT_ID.equals(str2);
        }).findFirst().orElse(null)) == null) {
            return;
        }
        IAuthorizedUser iAuthorizedUser = UserInfoHolder.get();
        if (iAuthorizedUser == null) {
            throw new InvalidDataException("没有合法用户上下文");
        }
        int indexOf = ArrayUtils.indexOf(parameterNames, str);
        if (indexOf != -1) {
            Long l = (Long) args[indexOf];
            User findByTenantIdAndUserIdAndLoginId = this.userService.findByTenantIdAndUserIdAndLoginId(iAuthorizedUser.getTenantId(), iAuthorizedUser.getId().longValue(), iAuthorizedUser.getLoginId(), iAuthorizedUser.getModules(), Integer.valueOf(ExtraInfo.parentOrgs.value()));
            boolean booleanValue = Boolean.FALSE.booleanValue();
            Set parentOrgs = findByTenantIdAndUserIdAndLoginId.getParentOrgs();
            if (CollectionUtils.isNotEmpty(parentOrgs)) {
                Optional findAny = parentOrgs.stream().filter(orgStruct -> {
                    return ((Long) orgStruct.getId()).equals(l);
                }).findAny();
                String parentIds = findAny.isPresent() ? ((OrgStruct) findAny.get()).getParentIds() : (String) this.orgStructDao.findParentIdsByOrgIds((Collection) Stream.of(l).collect(Collectors.toSet())).stream().findAny().orElse(null);
                if (parentIds == null) {
                    throw new InvalidDataException(MessageFormat.format("组织({0})不存在", l));
                }
                String str3 = parentIds;
                booleanValue = parentOrgs.stream().anyMatch(orgStruct2 -> {
                    return Objects.equal(orgStruct2.getSign(), 2) && StringUtils.startsWith(str3, orgStruct2.getParentIds());
                });
            }
            if (!booleanValue) {
                throw new InvalidDataException("当前用户不是管理员，禁止操作");
            }
        }
    }
}
