package org.kanomchan.core.common.web.struts.interceptor;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.interceptor.ServletConfigInterceptor;
import org.kanomchan.core.common.bean.Button;
import org.kanomchan.core.common.bean.JSONResult;
import org.kanomchan.core.common.bean.Message;
import org.kanomchan.core.common.bean.UserBean;
import org.kanomchan.core.common.constant.CommonConstant;
import org.kanomchan.core.common.constant.CommonMessageCode;
import org.kanomchan.core.common.service.ActionService;
import org.kanomchan.core.common.service.ConfigService;
import org.kanomchan.core.common.service.MessageService;
import org.kanomchan.core.common.web.struts.AjaxOut;
import org.kanomchan.core.common.web.struts.action.BaseAction;
import org.kanomchan.core.security.authorize.Authorize;
import org.kanomchan.core.security.authorize.dao.UserAuthorizeDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Required;

/* loaded from: input_file:org/kanomchan/core/common/web/struts/interceptor/AuthorizeInterceptor.class */
public class AuthorizeInterceptor extends ServletConfigInterceptor {
    private static final Logger logger = Logger.getLogger(AuthorizeInterceptor.class);
    private static final long serialVersionUID = -3298276170229094546L;
    private MessageService messageService;
    private ActionService actionService;
    private UserAuthorizeDao userAuthorizeDao;

    @Autowired
    private ConfigService configService;
    protected static final String MESSAGE = "message";

    @Autowired
    @Required
    public void setMessageService(MessageService messageService) {
        this.messageService = messageService;
    }

    @Autowired
    @Required
    public void setActionService(ActionService actionService) {
        this.actionService = actionService;
    }

    @Autowired
    @Required
    public void setUserAuthorizeDao(UserAuthorizeDao userAuthorizeDao) {
        this.userAuthorizeDao = userAuthorizeDao;
    }

    public String intercept(ActionInvocation actionInvocation) throws Exception {
        Set<String> userPrivilegesByRoleId;
        UserBean userBean = (UserBean) ActionContext.getContext().getSession().get(CommonConstant.SESSION.USER_BEAN_KEY);
        if (userBean != null) {
            userPrivilegesByRoleId = userBean.getPrivileges();
        } else {
            String str = "7";
            try {
                str = this.configService.get("GUEST_ID");
            } catch (Exception e) {
            }
            userPrivilegesByRoleId = this.userAuthorizeDao.getUserPrivilegesByRoleId(str);
        }
        String method = actionInvocation.getProxy().getMethod();
        String actionName = actionInvocation.getProxy().getActionName();
        if (method == null || "".equals(method)) {
            method = actionName.substring(actionName.indexOf("-"));
        }
        Set<String> set = getcode(actionInvocation.getAction().getClass(), method);
        Set<String> authorizeCodeByAction = this.actionService.getAuthorizeCodeByAction(actionInvocation.getProxy().getNamespace(), actionName);
        if (authorizeCodeByAction == null || authorizeCodeByAction.isEmpty()) {
            logger.error("C is empty ");
            return authFail(actionInvocation, userBean, method);
        }
        set.addAll(authorizeCodeByAction);
        if (userPrivilegesByRoleId.containsAll(set)) {
            return actionInvocation.invoke();
        }
        logger.error("privileges:" + userPrivilegesByRoleId.toString() + "codes:" + set.toString());
        return authFail(actionInvocation, userBean, method);
    }

    private String authFail(ActionInvocation actionInvocation, UserBean userBean, String str) {
        Object action = actionInvocation.getAction();
        AjaxOut ajaxOut = null;
        try {
            ajaxOut = (AjaxOut) action.getClass().getMethod(str, new Class[0]).getAnnotation(AjaxOut.class);
        } catch (NoSuchMethodException | SecurityException e) {
        }
        if (ajaxOut != null) {
            BaseAction baseAction = (BaseAction) action;
            Message message = this.messageService.getMessage(CommonMessageCode.ATZ2001, (String[]) null);
            JSONResult<Object> jSONResult = new JSONResult<>("");
            ArrayList arrayList = new ArrayList();
            arrayList.add(message);
            jSONResult.setStatus(CommonConstant.SERVICE_STATUS_FAIL);
            jSONResult.setMessages(arrayList);
            baseAction.setResults(jSONResult);
            return "jsonResult";
        }
        if (userBean != null) {
            if (!(action instanceof BaseAction)) {
                return "FORCE_TO_LOGIN_WELCOME_PAGE";
            }
            BaseAction baseAction2 = (BaseAction) action;
            Message message2 = this.messageService.getMessage(CommonMessageCode.ATZ2001, (String[]) null);
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            arrayList2.add(message2);
            baseAction2.setMessageList(arrayList2);
            Button button = new Button();
            button.setAction("home-end");
            button.setNamespace("/home");
            button.setName("OK");
            arrayList3.add(button);
            baseAction2.setButtonList(arrayList3);
            return MESSAGE;
        }
        HttpServletRequest request = ServletActionContext.getRequest();
        HttpSession session = request.getSession();
        String queryString = request.getQueryString();
        session.setAttribute(CommonConstant.SESSION.NEXT_URL_KEY, request.getRequestURL().toString() + ((queryString == null || "null".equals(queryString) || "".equals(queryString)) ? "" : "?" + queryString));
        if (!(actionInvocation.getAction() instanceof BaseAction)) {
            return CommonConstant.FORCE_TO_LOGIN_PAGE;
        }
        BaseAction baseAction3 = (BaseAction) actionInvocation.getAction();
        Message message3 = this.messageService.getMessage(CommonMessageCode.ATZ2001, (String[]) null);
        ArrayList arrayList4 = new ArrayList();
        ArrayList arrayList5 = new ArrayList();
        arrayList4.add(message3);
        baseAction3.setMessageList(arrayList4);
        Button button2 = new Button();
        button2.setAction("login-end");
        button2.setNamespace("/login");
        button2.setName("OK");
        arrayList5.add(button2);
        baseAction3.setButtonList(arrayList5);
        return CommonConstant.FORCE_TO_LOGIN_PAGE;
    }

    private Set<String> getcode(Class<?> cls, String str) throws NoSuchMethodException, SecurityException {
        HashSet hashSet = new HashSet();
        if (cls.isAnnotationPresent(Authorize.class)) {
            hashSet.addAll(Arrays.asList(((Authorize) cls.getAnnotation(Authorize.class)).code()));
        }
        Method method = cls.getMethod(str, new Class[0]);
        if (method.isAnnotationPresent(Authorize.class)) {
            hashSet.addAll(Arrays.asList(((Authorize) method.getAnnotation(Authorize.class)).code()));
        }
        return hashSet;
    }
}
