package com.xforceplus.aop;

import com.xforceplus.business.tenant.service.OrgService;
import com.xforceplus.domain.exception.InvalidDataException;
import com.xforceplus.tenant.security.core.context.UserInfoHolder;
import com.xforceplus.tenant.security.core.domain.IAuthorizedUser;
import java.util.stream.Stream;
import org.apache.commons.lang3.ArrayUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:com/xforceplus/aop/SimplePermissionAspect.class */
public class SimplePermissionAspect {
    private final OrgService orgService;
    private static final String ORG_ID = "orgId";
    private static final String ORG_STRUCT_ID = "orgStructId";

    public SimplePermissionAspect(OrgService orgService) {
        this.orgService = orgService;
    }

    @Pointcut("@annotation(com.xforceplus.annotation.OrgAdmin)")
    public void beforePointCut() {
    }

    @Pointcut("@annotation(com.xforceplus.annotation.Current)")
    public void beforeCurrent() {
    }

    @Before("beforePointCut()")
    public void checkOrgAdmin(JoinPoint joinPoint) {
        String str;
        Object[] args = joinPoint.getArgs();
        String[] parameterNames = joinPoint.getSignature().getParameterNames();
        if (parameterNames == null || (str = (String) Stream.of((Object[]) parameterNames).filter(str2 -> {
            return str2.equals(ORG_ID) || str2.equals(ORG_STRUCT_ID);
        }).findFirst().orElse(null)) == null) {
            return;
        }
        IAuthorizedUser currentUser = UserInfoHolder.currentUser();
        if (currentUser == null) {
            throw new InvalidDataException("没有合法用户上下文");
        }
        int indexOf = ArrayUtils.indexOf(parameterNames, str);
        if (indexOf != -1) {
            if (!this.orgService.checkUserOrgPermission((Long) args[indexOf], currentUser.getTenantId(), currentUser.getId()).booleanValue()) {
                throw new InvalidDataException("当前用户不是管理员，禁止操作");
            }
        }
    }

    @Before("beforeCurrent()")
    public void checkCurrent(JoinPoint joinPoint) {
        if (UserInfoHolder.currentUser() == null) {
            throw new InvalidDataException("没有合法用户上下文");
        }
    }
}
