package com.gccloud.starter.common.filter;

import com.gccloud.starter.common.config.GlobalConfig;
import com.gccloud.starter.common.config.bean.DemoEnv;
import com.gccloud.starter.common.constant.GlobalConst;
import com.gccloud.starter.common.vo.R;
import com.google.common.collect.Sets;
import com.google.gson.Gson;
import java.io.IOException;
import java.util.Iterator;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMethod;

@ConditionalOnProperty(prefix = "gc.starter.demoEnv", name = {"enable"}, havingValue = "true")
@Order(2)
@Component
/* loaded from: input_file:com/gccloud/starter/common/filter/DemoEnvFilter.class */
public class DemoEnvFilter implements Filter {

    @Resource
    private GlobalConfig globalConfig;
    private static final Logger log = LoggerFactory.getLogger(DemoEnvFilter.class);
    private static final Set<String> POST_URL_PASS_SET = Sets.newHashSet(new String[]{"/sys/login", "/sys/user/repeat", "/sys/dict/repeat", "/sys/dict-item/repeat", "/sys/category/repeat/name", "/sys/category/repeat/code", "/sys/config/repeat", "/sys/org/list/byId"});
    private static final Set<String> DELETE_URL_PASS_SET = Sets.newHashSet(new String[]{"/sys/logout"});

    @PostConstruct
    public void init() {
        log.info(GlobalConst.Console.LINE);
        log.info("启动演示环境过滤器，用于保证演示环境的稳定性，仅允许指定的一些接口请求访问，可通过gc.starter.demoEnv.enable 设置是否禁用");
        log.info(GlobalConst.Console.LINE);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String method = httpServletRequest.getMethod();
        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.GET.toString(), new CharSequence[]{method}) || StringUtils.equalsAnyIgnoreCase(RequestMethod.OPTIONS.toString(), new CharSequence[]{method})) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String servletPath = httpServletRequest.getServletPath();
        DemoEnv demoEnv = this.globalConfig.getDemoEnv();
        Iterator<String> it = demoEnv.getStartWithUrlPassSet().iterator();
        while (it.hasNext()) {
            if (servletPath.startsWith(it.next())) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
        }
        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.POST.toString(), new CharSequence[]{method}) && (demoEnv.getPostUrlPassSet().contains(servletPath) || POST_URL_PASS_SET.contains(servletPath))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.PUT.toString(), new CharSequence[]{method}) && demoEnv.getPutUrlPassSet().contains(servletPath)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (StringUtils.equalsAnyIgnoreCase(RequestMethod.DELETE.toString(), new CharSequence[]{method}) && (demoEnv.getDeleteUrlPassSet().contains(servletPath) || DELETE_URL_PASS_SET.contains(servletPath))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        log.error("演示环境，不允许发送 {} 的 {} 请求", servletPath, httpServletRequest.getMethod());
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setHeader("Access-Control-Allow-Origin", httpServletRequest.getHeader("Origin"));
        httpServletResponse.getWriter().print(new Gson().toJson(R.error(Integer.valueOf(GlobalConst.Response.Code.SERVER_ERROR), demoEnv.getTip())));
    }
}
