package org.beangle.ems.web.helper;

import com.opensymphony.xwork2.ActionContext;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.struts2.ServletActionContext;
import org.beangle.commons.bean.PropertyUtils;
import org.beangle.commons.collection.CollectUtils;
import org.beangle.commons.dao.query.builder.OqlBuilder;
import org.beangle.commons.web.util.RequestUtils;
import org.beangle.security.access.AccessDeniedException;
import org.beangle.security.blueprint.Dimension;
import org.beangle.security.blueprint.Profile;
import org.beangle.security.blueprint.SecurityUtils;
import org.beangle.security.blueprint.User;
import org.beangle.security.blueprint.data.DataPermission;
import org.beangle.security.blueprint.data.service.DataPermissionService;
import org.beangle.security.blueprint.function.FuncResource;
import org.beangle.security.blueprint.function.service.FuncPermissionService;
import org.beangle.security.blueprint.nav.service.MenuService;
import org.beangle.security.blueprint.service.ProfileService;
import org.beangle.security.blueprint.service.UserService;
import org.beangle.security.web.auth.AuthenticationService;

/* loaded from: input_file:org/beangle/ems/web/helper/SecurityHelper.class */
public class SecurityHelper {
    private static final String ProfileIdSessionAttributeName = "security.profileId";
    private FuncPermissionService funcPermissionService;
    private DataPermissionService dataPermissionService;
    private ProfileService profileService;
    private UserService userService;
    private MenuService menuService;
    private AuthenticationService authenticationService;

    public List<Profile> getProfiles() {
        return getProfiles(this.userService.get(getUserId()), getResource());
    }

    public Profile getSessionProfile() {
        Object obj = ActionContext.getContext().getSession().get(ProfileIdSessionAttributeName);
        if (null == obj) {
            return null;
        }
        return this.profileService.get((Long) obj);
    }

    public void setSessionProfile(Profile profile) {
        if (null == profile) {
            ActionContext.getContext().getSession().remove(ProfileIdSessionAttributeName);
        } else {
            ActionContext.getContext().getSession().put(ProfileIdSessionAttributeName, PropertyUtils.getProperty(profile, "id"));
        }
    }

    private List<Profile> getProfiles(User user, FuncResource funcResource) {
        List<Profile> profiles = this.profileService.getProfiles(user, funcResource);
        Object obj = ActionContext.getContext().getSession().get(ProfileIdSessionAttributeName);
        if (null == obj) {
            return profiles;
        }
        Profile profile = null;
        Iterator<Profile> it = profiles.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Profile next = it.next();
            if (PropertyUtils.getProperty(next, "id").equals(obj)) {
                profile = next;
                break;
            }
        }
        if (null == profile) {
            throw new AccessDeniedException(funcResource.getName(), "error.security.errorprofile");
        }
        return Collections.singletonList(profile);
    }

    public FuncResource getResource() {
        String resource = SecurityUtils.getResource();
        if (null == resource) {
            resource = this.funcPermissionService.extractResource(RequestUtils.getServletPath(ServletActionContext.getRequest()));
        }
        return this.funcPermissionService.getResource(resource);
    }

    protected boolean isAdmin() {
        return this.funcPermissionService.getUserService().isRoot(SecurityUtils.getUsername());
    }

    public <T> List<T> getProperties(String str) {
        List<Profile> profiles = getProfiles(this.userService.get(getUserId()), getResource());
        Dimension dimension = this.profileService.getDimension(str);
        Set newHashSet = CollectUtils.newHashSet();
        Iterator<Profile> it = profiles.iterator();
        while (it.hasNext()) {
            Object property = this.profileService.getProperty(it.next(), dimension);
            if (property instanceof Collection) {
                newHashSet.addAll((Collection) property);
            } else {
                newHashSet.add(property);
            }
        }
        return CollectUtils.newArrayList(newHashSet);
    }

    protected Long getUserId() {
        return SecurityUtils.getUserId();
    }

    public void applyPermission(OqlBuilder<?> oqlBuilder) {
        DataPermission permission;
        User user = this.userService.get(getUserId());
        if (this.userService.isRoot(user) || null == (permission = this.dataPermissionService.getPermission(user, oqlBuilder.getEntityClass().getName(), SecurityUtils.getResource()))) {
            return;
        }
        List<Profile> profiles = getProfiles(user, getResource());
        if (profiles.isEmpty()) {
            throw new AccessDeniedException(SecurityUtils.getResource(), "error.security.errorprofile");
        }
        this.dataPermissionService.apply(oqlBuilder, permission, profiles);
    }

    public void setFuncPermissionService(FuncPermissionService funcPermissionService) {
        this.funcPermissionService = funcPermissionService;
    }

    public void setDataPermissionService(DataPermissionService dataPermissionService) {
        this.dataPermissionService = dataPermissionService;
    }

    public void setProfileService(ProfileService profileService) {
        this.profileService = profileService;
    }

    public FuncPermissionService getFuncPermissionService() {
        return this.funcPermissionService;
    }

    public DataPermissionService getDataPermissionService() {
        return this.dataPermissionService;
    }

    public ProfileService getProfileService() {
        return this.profileService;
    }

    public UserService getUserService() {
        return this.userService;
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    public MenuService getMenuService() {
        return this.menuService;
    }

    public void setMenuService(MenuService menuService) {
        this.menuService = menuService;
    }

    public AuthenticationService getAuthenticationService() {
        return this.authenticationService;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }
}
