package com.ssrs.framework.security;

import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil;
import com.ssrs.framework.security.annotation.Priv;
import com.ssrs.framework.util.JWTTokenUtils;
import com.ssrs.framework.web.ApiException;
import com.ssrs.framework.web.ErrorCodeEnum;
import java.lang.annotation.Annotation;
import org.apache.shiro.ShiroException;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.aop.AuthorizingAnnotationHandler;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:com/ssrs/framework/security/PermissionHandler.class */
public class PermissionHandler extends AuthorizingAnnotationHandler {
    public PermissionHandler() {
        super(Priv.class);
    }

    public void assertAuthorized(Annotation annotation) throws AuthorizationException {
        if (annotation instanceof Priv) {
            Priv priv = (Priv) annotation;
            String[] value = priv.value();
            Subject subject = getSubject();
            if (priv.login()) {
                String str = Convert.toStr(subject.getPrincipal());
                if (StrUtil.isEmpty(str)) {
                    throw new ApiException(ErrorCodeEnum.UNAUTHORIZED);
                }
                if (JWTTokenUtils.isExpired(str)) {
                    throw new ApiException(ErrorCodeEnum.UNAUTHORIZED);
                }
                if (priv.login() && value.length == 0) {
                    if (!subject.isAuthenticated()) {
                        throw new ShiroException("No Authenticated!");
                    }
                    return;
                }
                boolean z = false;
                int length = value.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (subject.isPermitted(value[i])) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (z) {
                    return;
                }
                subject.checkPermission(value[0]);
            }
        }
    }
}
