package cn.js.icode.spring.filter;

import cn.js.icode.common.config.Config;
import cn.js.icode.common.config.Constants;
import cn.js.icode.common.data.response.ResponseBase;
import cn.js.icode.common.net.http.HttpClient;
import cn.js.icode.common.utility.CookieUtility;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;

@WebFilter(filterName = "PermissionFilter", urlPatterns = {"*.do"})
/* loaded from: input_file:cn/js/icode/spring/filter/PermissionFilter.class */
public class PermissionFilter implements Filter {

    @Value("${filter.PermissionFilter.parameter.no_validation_modules}")
    private String modules = null;

    @Value("${filter.PermissionFilter.parameter.no_validation_urls}")
    private String urls = null;
    private String[] no_validation_modules = null;
    private String[] no_validation_urls = null;
    private static HttpClient hc = new HttpClient();
    private static String consoleRoot = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        if (this.modules != null && this.modules.trim().length() > 0) {
            this.modules = this.modules.replace(',', ' ');
            this.no_validation_modules = this.modules.split("\\s+");
        }
        if (this.no_validation_modules == null) {
            this.no_validation_modules = new String[0];
        }
        if (this.urls != null && this.urls.trim().length() > 0) {
            this.urls = this.urls.replace(',', ' ');
            this.no_validation_urls = this.urls.split("\\s+");
        }
        if (this.no_validation_urls == null) {
            this.no_validation_urls = new String[0];
        }
        consoleRoot = Config.getProperty("console.root");
        if (consoleRoot == null) {
            consoleRoot = "";
        }
        if (consoleRoot.endsWith("/")) {
            return;
        }
        consoleRoot += "/";
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String substring = httpServletRequest.getRequestURI().trim().substring(httpServletRequest.getContextPath().length());
        JSONObject user = CookieUtility.getUser(httpServletRequest);
        if (user != null) {
            httpServletRequest.setAttribute(Constants.KEY_CURRENT_USER, user);
        }
        if (ignoreValidation(substring)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (user == null) {
            httpServletResponse.sendRedirect(consoleRoot);
            return;
        }
        if (canVisit(httpServletRequest, user.containsKey("id") ? user.getLong("id").longValue() : 0L, substring)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            httpServletResponse.sendRedirect(consoleRoot + "deniedPage.html");
        }
    }

    private boolean canVisit(HttpServletRequest httpServletRequest, long j, String str) {
        String str2 = consoleRoot + "restful/permission/canVisit";
        if (str2.startsWith("/")) {
            String stringBuffer = httpServletRequest.getRequestURL().toString();
            int indexOf = stringBuffer.indexOf(httpServletRequest.getRequestURI());
            str2 = (indexOf > 0 ? stringBuffer.substring(0, indexOf) : "") + str2;
        }
        try {
            return ((ResponseBase) hc.post(str2, new StringBuilder().append("userId=").append(j).append("&url=").append(str).toString(), HttpClient.FormMime).toJavaObject(ResponseBase.class)).getStatusCode() == 100;
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        }
    }

    private boolean ignoreValidation(String str) {
        int lastIndexOf = str.lastIndexOf(".");
        String str2 = str;
        if (lastIndexOf > 0) {
            str2 = str2.substring(0, lastIndexOf);
        }
        if (str2.endsWith("Select") || str2.endsWith("Frame")) {
            return true;
        }
        for (String str3 : this.no_validation_modules) {
            if (str3.indexOf("*") >= 0) {
                if (str.matches("^" + str3.replaceAll("\\*", ".+") + "$")) {
                    return true;
                }
            } else if (str.startsWith(str3)) {
                return true;
            }
        }
        for (String str4 : this.no_validation_urls) {
            if (str4.indexOf("*") >= 0) {
                if (str.matches("^" + str4.replaceAll("\\*", ".+") + "$")) {
                    return true;
                }
            } else if (str.equals(str4)) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }
}
