package cool.scx.ext.auth;

import cool.scx.common.util.StringUtils;
import cool.scx.ext.auth.annotation.ApiPerms;
import cool.scx.mvc.ScxMvcInterceptor;
import cool.scx.mvc.ScxRouteHandler;
import cool.scx.mvc.exception.ForbiddenException;
import cool.scx.mvc.exception.UnauthorizedException;
import io.vertx.ext.web.RoutingContext;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:cool/scx/ext/auth/ApiPermsInterceptor.class */
public final class ApiPermsInterceptor implements ScxMvcInterceptor {
    private final BaseAuthHandler<BaseUser> authHandler;
    private final Map<ScxRouteHandler, AuthPerms> SCX_AUTH_PERMS_CACHE = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cool/scx/ext/auth/ApiPermsInterceptor$AuthPerms.class */
    public static final class AuthPerms {
        public final String permStr;
        public final boolean needCheckPerms;
        public final boolean checkPerms;

        public AuthPerms(Class<?> cls, Method method) {
            String str = cls.getSimpleName() + ":" + method.getName();
            ApiPerms findApiPerms = AuthHelper.findApiPerms(method);
            if (findApiPerms != null) {
                this.permStr = StringUtils.notBlank(findApiPerms.value()) ? findApiPerms.value() : str;
                this.checkPerms = findApiPerms.checkPerms();
                this.needCheckPerms = true;
            } else {
                this.permStr = str;
                this.checkPerms = false;
                this.needCheckPerms = false;
            }
        }
    }

    public ApiPermsInterceptor(BaseAuthHandler<BaseUser> baseAuthHandler) {
        this.authHandler = baseAuthHandler;
    }

    public void preHandle(RoutingContext routingContext, ScxRouteHandler scxRouteHandler) {
        AuthPerms scxAuthPerms = getScxAuthPerms(scxRouteHandler);
        if (scxAuthPerms.needCheckPerms) {
            BaseUser currentUser = this.authHandler.getCurrentUser(routingContext);
            if (currentUser == null) {
                throw new UnauthorizedException();
            }
            if (scxAuthPerms.checkPerms && !currentUser.isAdmin.booleanValue() && !this.authHandler.getPerms(currentUser).apiPerms().contains(scxAuthPerms.permStr)) {
                throw new ForbiddenException();
            }
        }
    }

    private AuthPerms getScxAuthPerms(ScxRouteHandler scxRouteHandler) {
        AuthPerms authPerms = this.SCX_AUTH_PERMS_CACHE.get(scxRouteHandler);
        if (authPerms == null) {
            authPerms = new AuthPerms(scxRouteHandler.clazz, scxRouteHandler.method);
            this.SCX_AUTH_PERMS_CACHE.put(scxRouteHandler, authPerms);
        }
        return authPerms;
    }
}
