package org.jeecg.interceptor;

import com.alibaba.fastjson.JSON;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jeecg.common.api.dto.OnlineAuthDTO;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.aspect.annotation.OnlineAuth;
import org.jeecg.common.system.api.ISysBaseAPI;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.modules.online.cgform.d.c;
import org.jeecg.modules.online.cgform.service.IOnlineBaseAPI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

/* compiled from: OnlineInterceptor.java */
/* loaded from: input_file:org/jeecg/interceptor/a.class */
public class a implements HandlerInterceptor {
    private IOnlineBaseAPI b;
    private ISysBaseAPI c;
    private static final String d = "/online/cgform";
    private static final String e = "/online/cgform/workorder/add";
    private static final Logger a = LoggerFactory.getLogger(a.class);
    private static final String[] f = {"/online/cgformInnerTableList", "/online/cgformErpList", "/online/cgformList", "/online/cgformTreeList", "/online/cgformTabList"};

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        OnlineAuth methodAnnotation;
        if (!obj.getClass().isAssignableFrom(HandlerMethod.class) || (methodAnnotation = ((HandlerMethod) obj).getMethodAnnotation(OnlineAuth.class)) == null) {
            return true;
        }
        a.debug("===== online 菜单访问拦截器 =====");
        String a2 = a(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()));
        String value = methodAnnotation.value();
        String substring = a2.substring(a2.lastIndexOf(value) + value.length());
        a.debug("拦截请求(" + httpServletRequest.getMethod() + ")：" + a2 + ",");
        if (c.aq.equals(value) && "DELETE".equals(httpServletRequest.getMethod())) {
            substring = substring.substring(0, substring.lastIndexOf("/"));
        }
        String parameter = httpServletRequest.getParameter("tabletype");
        if (this.b == null) {
            this.b = (IOnlineBaseAPI) SpringContextUtils.getBean(IOnlineBaseAPI.class);
        }
        String onlineErpCode = this.b.getOnlineErpCode(substring, parameter);
        ArrayList arrayList = new ArrayList();
        for (String str : f) {
            arrayList.add(str + onlineErpCode);
        }
        if (this.c == null) {
            this.c = (ISysBaseAPI) SpringContextUtils.getBean(ISysBaseAPI.class);
        }
        OnlineAuthDTO onlineAuthDTO = new OnlineAuthDTO(JwtUtil.getUserNameByToken(httpServletRequest), arrayList, d);
        onlineAuthDTO.setOnlineWorkOrderUrl(e);
        if (this.c.hasOnlineAuth(onlineAuthDTO)) {
            return true;
        }
        a.info("请求无权限(" + httpServletRequest.getMethod() + ")：" + a2);
        a(httpServletResponse, value);
        return false;
    }

    private String a(String str) {
        String str2 = "";
        if (oConvertUtils.isNotEmpty(str)) {
            str2 = str.replace("\\", "/").replace("//", "/");
            if (str2.indexOf("//") >= 0) {
                str2 = a(str2);
            }
        }
        return str2;
    }

    private void a(HttpServletResponse httpServletResponse, String str) {
        PrintWriter printWriter = null;
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        httpServletResponse.setHeader("auth", "fail");
        try {
            try {
                PrintWriter writer = httpServletResponse.getWriter();
                if ("exportXls".equals(str)) {
                    writer.print("");
                } else {
                    writer.print(JSON.toJSON(Result.error("无权限访问(操作)")));
                }
                if (writer != null) {
                    writer.close();
                }
            } catch (IOException e2) {
                a.error(e2.getMessage());
                if (0 != 0) {
                    printWriter.close();
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                printWriter.close();
            }
            throw th;
        }
    }
}
