package com.elitescloud.cloudt.core.security.util;

import com.elitescloud.cloudt.authorization.core.SecurityContextUtil;
import com.elitescloud.cloudt.common.base.QBaseModel;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import com.querydsl.core.types.PathMetadata;
import com.querydsl.core.types.Predicate;
import com.querydsl.core.types.dsl.Expressions;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:com/elitescloud/cloudt/core/security/util/DataSecurityJpaUtil.class */
public class DataSecurityJpaUtil {
    private static boolean dataPermissionEnable = false;
    private static final String ROUTE_KEY = "RouteKey";

    static void setDataPermissionEnable(boolean z) {
        dataPermissionEnable = z;
    }

    public static Predicate dataAuthJpaPredicate(PathMetadata pathMetadata) {
        Predicate preCheck = preCheck(SecurityContextUtil.currentUser(), new QBaseModel(pathMetadata), getRequestSysDataRoute());
        if (preCheck != null) {
            return preCheck;
        }
        return null;
    }

    private static String getRequestSysDataRoute() {
        if (RequestContextHolder.getRequestAttributes() == null) {
            return null;
        }
        return RequestContextHolder.getRequestAttributes().getRequest().getHeader(ROUTE_KEY);
    }

    private static Predicate preCheck(GeneralUserDetails generalUserDetails, QBaseModel qBaseModel, String str) {
        if (!dataPermissionEnable) {
            return Expressions.booleanTemplate("1=1", new Object[0]);
        }
        if (generalUserDetails == null || generalUserDetails.getUser() == null) {
            return Expressions.booleanTemplate("1=1", new Object[0]);
        }
        if (generalUserDetails.isSystemAdmin() || generalUserDetails.isTenantAdmin()) {
            return Expressions.booleanTemplate("1=1", new Object[0]);
        }
        return null;
    }
}
