package net.mingsoft.basic.aop;

import cn.hutool.core.io.FileTypeUtil;
import cn.hutool.core.io.FileUtil;
import cn.hutool.core.io.file.FileNameUtil;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.core.util.ZipUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
import net.mingsoft.base.entity.ResultData;
import net.mingsoft.base.exception.BusinessException;
import net.mingsoft.basic.bean.UploadConfigBean;
import net.mingsoft.config.MSProperties;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.multipart.MultipartFile;

@Aspect
@Component
/* loaded from: input_file:net/mingsoft/basic/aop/FileVerifyAop.class */
public class FileVerifyAop extends BaseAop {
    private static final Logger LOGGER = LoggerFactory.getLogger(FileVerifyAop.class);

    @Pointcut("execution(* net.mingsoft.basic.action.ManageFileAction.upload(..)) || execution(* net.mingsoft.basic.action.ManageFileAction.uploadTemplate(..))")
    public void uploadPointCut() {
    }

    @Around("uploadPointCut()")
    public Object uploadAop(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        ResultData prepareUpload = prepareUpload((UploadConfigBean) super.getType(proceedingJoinPoint, UploadConfigBean.class), false);
        return prepareUpload.isSuccess() ? proceedingJoinPoint.proceed() : prepareUpload;
    }

    @Around("execution(* net.mingsoft.basic.action.web.FileAction.upload(..))")
    public Object webUploadAop(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        ResultData prepareUpload = prepareUpload((UploadConfigBean) super.getType(proceedingJoinPoint, UploadConfigBean.class), true);
        return prepareUpload.isSuccess() ? proceedingJoinPoint.proceed() : prepareUpload;
    }

    protected ResultData prepareUpload(UploadConfigBean uploadConfigBean, boolean z) throws Exception {
        if (uploadConfigBean.getUploadPath() != null && (uploadConfigBean.getUploadPath().contains("../") || uploadConfigBean.getUploadPath().contains("..\\"))) {
            return ResultData.build().error("文件上传路径错误");
        }
        if (uploadConfigBean.getFile() == null) {
            return ResultData.build().error("文件不能为空!");
        }
        MultipartFile file = uploadConfigBean.getFile();
        String cleanInvalid = FileNameUtil.cleanInvalid(file.getOriginalFilename());
        if (StringUtils.isBlank(cleanInvalid) || StringUtils.isBlank(FileNameUtil.mainName(cleanInvalid))) {
            return ResultData.build().error("文件名不能为空!");
        }
        if (cleanInvalid.lastIndexOf(".") < 0) {
            this.LOG.info("文件名错误:{}", cleanInvalid);
            return ResultData.build().error("文件名错误");
        }
        if (StringUtils.isNotBlank(uploadConfigBean.getUploadPath()) && uploadConfigBean.getUploadPath().contains(".")) {
            return ResultData.build().error("文件上传路径错误");
        }
        String lowerCase = FileNameUtil.extName(cleanInvalid).toLowerCase();
        String lowerCase2 = FileUtil.getSuffix(cleanInvalid).toLowerCase();
        String str = MSProperties.upload.denied;
        if (StringUtils.isBlank(str)) {
            str = "exe,jsp";
        }
        for (String str2 : str.split(",")) {
            if (lowerCase2.equalsIgnoreCase(str2)) {
                this.LOG.info("文件后缀被拒绝:{}", lowerCase2);
                return ResultData.build().error(StrUtil.format("文件后缀被拒绝:{}", new Object[]{lowerCase2}));
            }
            if (lowerCase.equalsIgnoreCase(str2)) {
                this.LOG.info("文件类型被拒绝:{}", lowerCase);
                return ResultData.build().error(StrUtil.format("文件类型被拒绝:{}", new Object[]{lowerCase2}));
            }
        }
        try {
            if ("zip".equalsIgnoreCase(lowerCase2) || "zip".equalsIgnoreCase(lowerCase)) {
                checkZip(file, z);
            }
            return ResultData.build().success();
        } catch (Exception e) {
            LOGGER.error("文件流处理异常", e);
            return ResultData.build().error(e.getMessage());
        }
    }

    protected void checkZip(MultipartFile multipartFile, boolean z) throws Exception {
        File mkdir = FileUtil.mkdir(FileUtil.getTmpDirPath() + "/Zip" + IdUtil.simpleUUID());
        File file = FileUtil.file(mkdir.getAbsolutePath() + "/" + IdUtil.simpleUUID() + ".zip");
        InputStream inputStream = multipartFile.getInputStream();
        FileUtils.copyInputStreamToFile(inputStream, file);
        FileInputStream fileInputStream = null;
        try {
            try {
                ZipUtil.unzip(file, mkdir);
                List<File> loopFiles = FileUtil.loopFiles(mkdir);
                loopFiles.remove(file);
                List list = (List) Arrays.stream(MSProperties.upload.denied.split(",")).map((v0) -> {
                    return v0.toLowerCase();
                }).collect(Collectors.toList());
                for (File file2 : loopFiles) {
                    fileInputStream = new FileInputStream(file2);
                    String lowerCase = FileTypeUtil.getType(file2).toLowerCase();
                    String suffix = FileUtil.getSuffix(file2);
                    if (list.contains(suffix)) {
                        IOUtils.closeQuietly(fileInputStream);
                        throw new BusinessException(StrUtil.format("压缩包内文件{}后缀{}禁止上传", new Object[]{file2.getName(), suffix}));
                    }
                    if (list.contains(lowerCase)) {
                        IOUtils.closeQuietly(fileInputStream);
                        throw new BusinessException(StrUtil.format("压缩包内文件{}的类型{}禁止上传", new Object[]{file2.getName(), lowerCase}));
                    }
                    IOUtils.closeQuietly(fileInputStream);
                }
                if (fileInputStream != null) {
                    IOUtils.closeQuietly(fileInputStream);
                }
                IOUtils.closeQuietly(inputStream);
                FileUtil.del(mkdir);
            } catch (IOException e) {
                e.printStackTrace();
                if (0 != 0) {
                    IOUtils.closeQuietly((InputStream) null);
                }
                IOUtils.closeQuietly(inputStream);
                FileUtil.del(mkdir);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                IOUtils.closeQuietly((InputStream) null);
            }
            IOUtils.closeQuietly(inputStream);
            FileUtil.del(mkdir);
            throw th;
        }
    }
}
