package com.ajaxjs.user.filter;

import com.ajaxjs.framework.Application;
import com.ajaxjs.framework.IComponent;
import com.ajaxjs.user.role.RoleService;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.function.BiFunction;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ajaxjs/user/filter/UserAdminFilter.class */
public class UserAdminFilter implements IComponent {
    private static final String NO_ACCESS = "<title>禁止访问，非法权限</title><meta charset=\"utf-8\" /> 禁止访问，非法权限。Authentication Required <a href=\"%s/admin/login/\">登 录</a>";
    private static final BiFunction<HttpServletRequest, HttpServletResponse, Boolean> checkAdmin = (httpServletRequest, httpServletResponse) -> {
        String contextPath = httpServletRequest.getContextPath();
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.startsWith(contextPath + "/admin")) {
            HttpSession session = httpServletRequest.getSession();
            if (requestURI.equals(contextPath + "/admin/login/")) {
                return true;
            }
            if (!RoleService.check(session, 5)) {
                try {
                    httpServletResponse.setStatus(401);
                    httpServletResponse.setCharacterEncoding(StandardCharsets.UTF_8.toString());
                    httpServletResponse.setContentType("text/html");
                    httpServletResponse.getWriter().append((CharSequence) String.format(NO_ACCESS, httpServletRequest.getContextPath()));
                } catch (IOException e) {
                    e.printStackTrace();
                }
                return false;
            }
        }
        return true;
    };

    static {
        Application.onRequest.add(0, checkAdmin);
    }
}
