package com.liuqi.vanasframework.security.access;

import com.liuqi.vanasframework.core.Vanas;
import com.liuqi.vanasframework.security.entity.SecurityPermission;
import com.liuqi.vanasframework.security.service.VanasSecurityDaoService;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/liuqi/vanasframework/security/access/SecurityMetadataSource.class */
public class SecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
    private Map<AntPathRequestMatcher, Collection<ConfigAttribute>> permissionMap;
    private VanasSecurityDaoService vanasSecurityAdapter;

    public SecurityMetadataSource(VanasSecurityDaoService vanasSecurityDaoService) {
        Assert.notNull(vanasSecurityDaoService, "an vanasSecurityAdapter is require!");
        this.vanasSecurityAdapter = vanasSecurityDaoService;
    }

    private void loadPermissionMap() {
        List<SecurityPermission> allPermission = this.vanasSecurityAdapter.getAllPermission();
        this.permissionMap = new HashMap();
        for (SecurityPermission securityPermission : allPermission) {
            if (!StringUtils.isEmpty(securityPermission.getUrl())) {
                this.permissionMap.put(new AntPathRequestMatcher(securityPermission.getUrl()), SecurityConfig.createList(new String[]{securityPermission.getUnKey()}));
            }
        }
    }

    public Collection<ConfigAttribute> getAttributes(Object obj) throws IllegalArgumentException {
        if (this.permissionMap == null) {
            loadPermissionMap();
        }
        FilterInvocation filterInvocation = (FilterInvocation) obj;
        if (isWriteList(filterInvocation.getRequest())) {
            return null;
        }
        Assert.notNull(this.permissionMap, "PermissionMap can`t be Null.check your code");
        for (AntPathRequestMatcher antPathRequestMatcher : this.permissionMap.keySet()) {
            if (antPathRequestMatcher.matches(filterInvocation.getRequest())) {
                return this.permissionMap.get(antPathRequestMatcher);
            }
        }
        throw new AccessDeniedException("No Permission");
    }

    private boolean isWriteList(HttpServletRequest httpServletRequest) {
        String[] permitUrl = Vanas.customerConfig.getSecurity().getPermitUrl();
        Assert.notNull(permitUrl, "URL WriteList can`t be Null.check your `application-customer.yaml`. 【vanas.security.permit-url】 value");
        for (String str : permitUrl) {
            if (new AntPathRequestMatcher(str).matches(httpServletRequest)) {
                return true;
            }
        }
        return false;
    }

    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    public boolean supports(Class<?> cls) {
        return FilterInvocation.class.isAssignableFrom(cls);
    }
}
