package com.lucky.jacklamb.aop.expandpoint;

import com.lucky.jacklamb.aop.core.AopChain;
import com.lucky.jacklamb.aop.core.InjectionAopPoint;
import com.lucky.jacklamb.aop.proxy.TargetMethodSignature;
import com.lucky.jacklamb.utils.reflect.AnnotationUtils;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresGuest;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.authz.annotation.RequiresUser;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:com/lucky/jacklamb/aop/expandpoint/ShiroAccessControlPoint.class */
public class ShiroAccessControlPoint extends InjectionAopPoint {
    public static final Class<? extends Annotation>[] AUTHZ_ANNOTATION_CLASSES = {RequiresPermissions.class, RequiresRoles.class, RequiresUser.class, RequiresGuest.class, RequiresAuthentication.class};

    public ShiroAccessControlPoint() {
        setPriority(-1.0d);
    }

    @Override // com.lucky.jacklamb.aop.core.AopPoint
    public Object proceed(AopChain aopChain) throws Throwable {
        TargetMethodSignature targetMethodSignature = this.tlTargetMethodSignature.get();
        permissionCheck(targetMethodSignature.getTargetClass(), targetMethodSignature.getCurrMethod());
        return aopChain.proceed();
    }

    private void permissionCheck(Class<?> cls, Method method) {
        for (Annotation annotation : getAnnotations(cls, method)) {
            rolesPermissionCheck(annotation);
            permissionsPermissionCheck(annotation);
            authenticationPermissionCheck(annotation);
            UserPermissionCheck(annotation);
            guestPermissionCheck(annotation);
        }
    }

    private void rolesPermissionCheck(Annotation annotation) {
        if (annotation instanceof RequiresRoles) {
            RequiresRoles requiresRoles = (RequiresRoles) annotation;
            String[] value = requiresRoles.value();
            if (value.length == 1) {
                getSubject().checkRole(value[0]);
                return;
            }
            if (Logical.AND.equals(requiresRoles.logical())) {
                getSubject().checkRoles(Arrays.asList(value));
                return;
            }
            if (Logical.OR.equals(requiresRoles.logical())) {
                boolean z = false;
                for (String str : value) {
                    if (getSubject().hasRole(str)) {
                        z = true;
                    }
                }
                if (z) {
                    return;
                }
                getSubject().checkRole(value[0]);
            }
        }
    }

    private void permissionsPermissionCheck(Annotation annotation) {
        if (annotation instanceof RequiresPermissions) {
            RequiresPermissions requiresPermissions = (RequiresPermissions) annotation;
            String[] value = requiresPermissions.value();
            Subject subject = getSubject();
            if (value.length == 1) {
                subject.checkPermission(value[0]);
                return;
            }
            if (Logical.AND.equals(requiresPermissions.logical())) {
                getSubject().checkPermissions(value);
                return;
            }
            if (Logical.OR.equals(requiresPermissions.logical())) {
                boolean z = false;
                for (String str : value) {
                    if (getSubject().isPermitted(str)) {
                        z = true;
                    }
                }
                if (z) {
                    return;
                }
                getSubject().checkPermission(value[0]);
            }
        }
    }

    private void authenticationPermissionCheck(Annotation annotation) {
        if ((annotation instanceof RequiresAuthentication) && !getSubject().isAuthenticated()) {
            throw new UnauthenticatedException("The current Subject is not authenticated.  Access denied.");
        }
    }

    private void UserPermissionCheck(Annotation annotation) {
        if ((annotation instanceof RequiresUser) && getSubject().getPrincipal() == null) {
            throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is not a user (they haven't been authenticated or remembered from a previous login).  Access denied.");
        }
    }

    private void guestPermissionCheck(Annotation annotation) {
        if ((annotation instanceof RequiresGuest) && getSubject().getPrincipal() != null) {
            throw new UnauthenticatedException("Attempting to perform a guest-only operation.  The current Subject is not a guest (they have been authenticated or remembered from a previous login).  Access denied.");
        }
    }

    private Subject getSubject() {
        return SecurityUtils.getSubject();
    }

    private List<Annotation> getAnnotations(Class<?> cls, Method method) {
        ArrayList arrayList = new ArrayList(5);
        for (Class<? extends Annotation> cls2 : AUTHZ_ANNOTATION_CLASSES) {
            boolean isExist = AnnotationUtils.isExist(cls, cls2);
            if (AnnotationUtils.isExist(method, cls2)) {
                arrayList.add(AnnotationUtils.get(method, cls2));
            } else if (isExist) {
                arrayList.add(AnnotationUtils.get(cls, cls2));
            }
        }
        return arrayList;
    }

    @Override // com.lucky.jacklamb.aop.core.InjectionAopPoint
    public boolean pointCutMethod(Class<?> cls, Method method) {
        return AnnotationUtils.isExistOrByArray(cls, AUTHZ_ANNOTATION_CLASSES) || AnnotationUtils.isExistOrByArray(method, AUTHZ_ANNOTATION_CLASSES);
    }

    @Override // com.lucky.jacklamb.aop.core.InjectionAopPoint
    public boolean pointCutClass(Class<?> cls) {
        if (AnnotationUtils.isExistOrByArray(cls, AUTHZ_ANNOTATION_CLASSES)) {
            return true;
        }
        for (Method method : cls.getDeclaredMethods()) {
            if (AnnotationUtils.isExistOrByArray(method, AUTHZ_ANNOTATION_CLASSES)) {
                return true;
            }
        }
        return false;
    }
}
