package com.elitescloud.boot.datasecurity.support;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.text.CharSequenceUtil;
import com.elitescloud.boot.auth.util.SecurityContextUtil;
import com.elitescloud.boot.common.CloudtBootLoggerFactory;
import com.elitescloud.boot.datasecurity.common.DataSecurityUtil;
import com.elitescloud.boot.datasecurity.config.DataSecurityProperties;
import com.elitescloud.boot.datasecurity.dpr.content.DprRuleConditionEnum;
import com.elitescloud.boot.datasecurity.dpr.content.DprRuleValueTypeEnum;
import com.elitescloud.boot.filter.UdcFilter;
import com.elitescloud.cloudt.context.util.HttpServletUtil;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import com.elitescloud.cloudt.system.dto.SysDprRoleApiRowColumnRuleDTO;
import com.elitescloud.cloudt.system.dto.SysUdcDTO;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/boot/datasecurity/support/DataSecurityUdcFilter.class */
public class DataSecurityUdcFilter implements UdcFilter {
    private static final Logger logger = CloudtBootLoggerFactory.SECURITY_DATA.getLogger(DataSecurityUdcFilter.class);
    private final DataSecurityProperties properties;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/elitescloud/boot/datasecurity/support/DataSecurityUdcFilter$FilteredUdc.class */
    public static class FilteredUdc {
        private String appCode;
        private String udcCode;
        private List<String> udcValueInclude;
        private List<String> udcValueExclude;

        FilteredUdc() {
        }

        public String getAppCode() {
            return this.appCode;
        }

        public void setAppCode(String str) {
            this.appCode = str;
        }

        public String getUdcCode() {
            return this.udcCode;
        }

        public void setUdcCode(String str) {
            this.udcCode = str;
        }

        public List<String> getUdcValueInclude() {
            return this.udcValueInclude;
        }

        public void setUdcValueInclude(List<String> list) {
            this.udcValueInclude = list;
        }

        public List<String> getUdcValueExclude() {
            return this.udcValueExclude;
        }

        public void setUdcValueExclude(List<String> list) {
            this.udcValueExclude = list;
        }
    }

    public DataSecurityUdcFilter(DataSecurityProperties dataSecurityProperties) {
        this.properties = dataSecurityProperties;
    }

    public void doFilter(List<SysUdcDTO> list) {
        if (support() && !filterUdc(list).isEmpty()) {
            List<FilteredUdc> obtainAuthedUdcValue = obtainAuthedUdcValue();
            if (obtainAuthedUdcValue.isEmpty()) {
                return;
            }
            Map map = (Map) obtainAuthedUdcValue.stream().collect(Collectors.groupingBy(filteredUdc -> {
                return filteredUdc.getAppCode() + ":" + filteredUdc.getUdcCode();
            }));
            if (logger.isDebugEnabled()) {
                logger.debug("可过滤的UDC：{}", String.join(", ", map.keySet()));
            }
            for (SysUdcDTO sysUdcDTO : list) {
                List<FilteredUdc> list2 = (List) map.get(sysUdcDTO.getAppCode() + ":" + sysUdcDTO.getUdcCode());
                if (list2 != null) {
                    HashSet hashSet = new HashSet();
                    HashSet hashSet2 = new HashSet();
                    for (FilteredUdc filteredUdc2 : list2) {
                        if (CollUtil.isNotEmpty(filteredUdc2.getUdcValueInclude())) {
                            hashSet.addAll(filteredUdc2.getUdcValueInclude());
                        }
                        if (CollUtil.isNotEmpty(filteredUdc2.getUdcValueExclude())) {
                            hashSet2.addAll(filteredUdc2.getUdcValueExclude());
                        }
                    }
                    sysUdcDTO.setValueList((List) sysUdcDTO.getValueList().stream().filter(udcValue -> {
                        if (!hashSet2.isEmpty()) {
                            return hashSet.isEmpty() ? !hashSet2.contains(udcValue.getUdcValueCode()) : !hashSet2.contains(udcValue.getUdcValueCode()) && hashSet.contains(udcValue.getUdcValueCode());
                        }
                        if (hashSet.isEmpty()) {
                            return true;
                        }
                        return hashSet.contains(udcValue.getUdcValueCode());
                    }).collect(Collectors.toList()));
                }
            }
        }
    }

    private boolean support() {
        GeneralUserDetails currentUser;
        if (Boolean.FALSE.equals(this.properties.getEnabled()) || Boolean.FALSE.equals(this.properties.getUdc().getEnabled())) {
            logger.debug("数据权限已禁用");
            return false;
        }
        HttpServletRequest currentRequest = HttpServletUtil.currentRequest();
        if (currentRequest == null) {
            return false;
        }
        return Boolean.TRUE.equals((Boolean) currentRequest.getAttribute("cloudt-udc-filter-support")) && StringUtils.hasText(currentRequest.getHeader("menuCode")) && (currentUser = SecurityContextUtil.currentUser()) != null && !CollUtil.isEmpty(currentUser.getUser().getRoles());
    }

    private Map<String, List<SysUdcDTO>> filterUdc(List<SysUdcDTO> list) {
        if (CollUtil.isEmpty(list)) {
            return Collections.emptyMap();
        }
        HashMap hashMap = new HashMap(list.size());
        for (SysUdcDTO sysUdcDTO : list) {
            if (sysUdcDTO != null && !CollUtil.isEmpty(sysUdcDTO.getValueList())) {
                ((List) hashMap.computeIfAbsent(sysUdcDTO.getUdcCode(), str -> {
                    return new ArrayList(4);
                })).add(sysUdcDTO);
            }
        }
        return hashMap;
    }

    private List<FilteredUdc> obtainAuthedUdcValue() {
        SysDprRoleApiRowColumnRuleDTO allDataPermission = DataSecurityUtil.getAllDataPermission();
        if (allDataPermission == null || CollUtil.isEmpty(allDataPermission.getSysDprRoleApiDataRuleListQueryDTO())) {
            return Collections.emptyList();
        }
        HttpServletRequest currentRequest = HttpServletUtil.currentRequest();
        Assert.notNull(currentRequest, "request为空");
        String header = currentRequest.getHeader("menuCode");
        return (List) allDataPermission.getSysDprRoleApiDataRuleListQueryDTO().stream().filter(sysDprRoleApiDataRuleListQueryDTO -> {
            return header.equals(sysDprRoleApiDataRuleListQueryDTO.getMenusCode()) && DprRuleValueTypeEnum.DPR_RULE_VALUE_TYPE_BUSINESS.name().equals(sysDprRoleApiDataRuleListQueryDTO.getDprRuleValueType()) && "UDC".equals(sysDprRoleApiDataRuleListQueryDTO.getDataSet()) && CharSequenceUtil.isAllNotBlank(new CharSequence[]{sysDprRoleApiDataRuleListQueryDTO.getDprRuleValue(), sysDprRoleApiDataRuleListQueryDTO.getBs1(), sysDprRoleApiDataRuleListQueryDTO.getBs2()});
        }).map(sysDprRoleApiDataRuleListQueryDTO2 -> {
            FilteredUdc filteredUdc = new FilteredUdc();
            filteredUdc.setAppCode(sysDprRoleApiDataRuleListQueryDTO2.getBs1());
            filteredUdc.setUdcCode(sysDprRoleApiDataRuleListQueryDTO2.getBs2());
            List<String> asList = Arrays.asList(sysDprRoleApiDataRuleListQueryDTO2.getDprRuleValue().split(","));
            if (DprRuleConditionEnum.Equal.name().equals(sysDprRoleApiDataRuleListQueryDTO2.getDprRuleCondition()) || DprRuleConditionEnum.InList.name().equals(sysDprRoleApiDataRuleListQueryDTO2.getDprRuleCondition())) {
                filteredUdc.setUdcValueInclude(asList);
                filteredUdc.setUdcValueExclude(Collections.emptyList());
            } else if (DprRuleConditionEnum.NotEqual.name().equals(sysDprRoleApiDataRuleListQueryDTO2.getDprRuleCondition()) || DprRuleConditionEnum.NotIn.name().equals(sysDprRoleApiDataRuleListQueryDTO2.getDprRuleCondition())) {
                filteredUdc.setUdcValueInclude(Collections.emptyList());
                filteredUdc.setUdcValueExclude(asList);
            }
            return filteredUdc;
        }).collect(Collectors.toList());
    }
}
