package com.elitescloud.boot.datasecurity.support;

import com.elitescloud.boot.common.annotation.BusinessObjectOperation;
import com.elitescloud.boot.datasecurity.common.DataSecurityUtil;
import com.elitescloud.cloudt.context.util.HttpServletUtil;
import javax.servlet.http.HttpServletRequest;
import org.springframework.core.MethodParameter;
import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.lang.NonNull;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

@ControllerAdvice
@Order(Integer.MAX_VALUE)
/* loaded from: input_file:com/elitescloud/boot/datasecurity/support/FieldPermissionInterceptor.class */
public class FieldPermissionInterceptor implements ResponseBodyAdvice<Object> {
    public boolean supports(@NonNull MethodParameter methodParameter, @NonNull Class<? extends HttpMessageConverter<?>> cls) {
        BusinessObjectOperation businessObjectOperation;
        HttpServletRequest currentRequest = HttpServletUtil.currentRequest();
        return currentRequest != null && (businessObjectOperation = (BusinessObjectOperation) currentRequest.getAttribute("cloudt-businessObject-operation")) != null && businessObjectOperation.dataPermissionEnabled() && businessObjectOperation.fieldPermissionAutoFilter();
    }

    public Object beforeBodyWrite(Object obj, @NonNull MethodParameter methodParameter, @NonNull MediaType mediaType, @NonNull Class<? extends HttpMessageConverter<?>> cls, @NonNull ServerHttpRequest serverHttpRequest, @NonNull ServerHttpResponse serverHttpResponse) {
        DataSecurityUtil.eraseByFieldPermission(obj);
        return obj;
    }
}
