package com.kdgcsoft.uframe.web.module.aspect;

import cn.hutool.core.collection.CollUtil;
import com.kdgcsoft.uframe.common.enums.LogType;
import com.kdgcsoft.uframe.web.base.entity.BaseOptLog;
import com.kdgcsoft.uframe.web.base.enums.LogStatus;
import com.kdgcsoft.uframe.web.base.event.OptLogEvent;
import com.kdgcsoft.uframe.web.base.service.BaseRoleUserService;
import com.kdgcsoft.uframe.web.common.util.HttpUtil;
import com.kdgcsoft.uframe.web.config.security.LoginUser;
import com.kdgcsoft.uframe.web.module.entity.BaseMenu;
import com.kdgcsoft.uframe.web.module.service.BaseMenuService;
import java.io.IOException;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;

@Aspect
@Component
/* loaded from: input_file:com/kdgcsoft/uframe/web/module/aspect/UFramePermissionAspect.class */
public class UFramePermissionAspect {
    private static final Logger log = LoggerFactory.getLogger(UFramePermissionAspect.class);
    private static final String SUPER_ADMIN = "SUPERADMIN";

    @Autowired
    private BaseRoleUserService roleUserService;

    @Autowired
    private BaseMenuService menuService;

    @Autowired
    private ApplicationEventPublisher publisher;

    @Before("execution(public * com.kdgcsoft..*Controller.*(..))")
    public void auth(JoinPoint joinPoint) throws IOException {
        RequiresPages requiresPages;
        Method method = joinPoint.getSignature().getMethod();
        if (!Modifier.isPublic(method.getModifiers()) || Modifier.isStatic(method.getModifiers()) || null == (requiresPages = (RequiresPages) method.getDeclaredAnnotation(RequiresPages.class))) {
            return;
        }
        String[] value = requiresPages.value();
        if (value.length == 0) {
            return;
        }
        LoginUser loginUser = getLoginUser();
        List<String> roles = loginUser.getRoles();
        if (CollUtil.isEmpty(roles)) {
            unauthorized();
            return;
        }
        if (roles.contains(SUPER_ADMIN)) {
            return;
        }
        List<BaseMenu> findMenusByUserId1 = this.menuService.findMenusByUserId1(loginUser.getUserId());
        boolean z = false;
        if (CollUtil.isNotEmpty(findMenusByUserId1)) {
            z = findMenusByUserId1.stream().anyMatch(baseMenu -> {
                for (String str : value) {
                    if (baseMenu.getCode().equals(str)) {
                        return true;
                    }
                }
                return false;
            });
        }
        if (z) {
            return;
        }
        unauthorized();
    }

    private void unauthorized() throws IOException {
        HttpServletResponse response = RequestContextHolder.getRequestAttributes().getResponse();
        if (null != response) {
            BaseOptLog baseOptLog = new BaseOptLog();
            LoginUser loginUser = getLoginUser();
            if (null != loginUser) {
                baseOptLog.setUserId(loginUser.getUserId());
                baseOptLog.setUserName(loginUser.getUsername());
            } else {
                baseOptLog.setUserId(0L);
                baseOptLog.setUserName("未认证用户");
            }
            baseOptLog.setOptStatus(LogStatus.ERROR);
            baseOptLog.setOptType(LogType.UNAUTHORIZED_ACCESS);
            baseOptLog.setTitle("越权访问");
            baseOptLog.setHttpMethod(HttpUtil.getRequest().getMethod());
            baseOptLog.setOptUrl(HttpUtil.getRequest().getRequestURI());
            baseOptLog.setOptIp(HttpUtil.getIp());
            baseOptLog.setOptTime(new Date());
            baseOptLog.setOptTimecost(0L);
            baseOptLog.setOptResult("禁止访问");
            this.publisher.publishEvent(new OptLogEvent(baseOptLog));
            response.sendError(403, "权限不足");
        }
    }

    private LoginUser getLoginUser() {
        return (LoginUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }
}
