package org.tinycloud.security.interceptor;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.Objects;
import java.util.Set;
import org.springframework.http.HttpMethod;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.tinycloud.security.config.GlobalConfigUtils;
import org.tinycloud.security.exception.NoPermissionException;
import org.tinycloud.security.interceptor.holder.AuthenticeHolder;
import org.tinycloud.security.interceptor.holder.PermissionHolder;
import org.tinycloud.security.interceptor.holder.RoleHolder;
import org.tinycloud.security.interfaces.PermissionInfoInterface;
import org.tinycloud.security.util.AuthUtil;

/* loaded from: input_file:org/tinycloud/security/interceptor/PermissionInterceptor.class */
public class PermissionInterceptor implements HandlerInterceptor {
    private PermissionInfoInterface permissionInfoInterface;

    public PermissionInfoInterface getPermissionInfoInterface() {
        return this.permissionInfoInterface;
    }

    public void setPermissionInfoInterface(PermissionInfoInterface permissionInfoInterface) {
        this.permissionInfoInterface = permissionInfoInterface;
    }

    public PermissionInterceptor(PermissionInfoInterface permissionInfoInterface) {
        setPermissionInfoInterface(permissionInfoInterface);
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        if (HttpMethod.OPTIONS.toString().equals(httpServletRequest.getMethod())) {
            httpServletResponse.setStatus(200);
            return true;
        }
        if (Objects.isNull(AuthenticeHolder.getLoginSubject())) {
            throw new NoPermissionException();
        }
        Method method = ((HandlerMethod) obj).getMethod();
        Object loginId = AuthenticeHolder.getLoginSubject().getLoginId();
        Set<String> roleSet = getPermissionInfoInterface().getRoleSet(loginId);
        Set<String> permissionSet = getPermissionInfoInterface().getPermissionSet(loginId);
        RoleHolder.setRoleSet(roleSet);
        PermissionHolder.setPermissionSet(permissionSet);
        boolean checkUrlPermission = GlobalConfigUtils.getGlobalConfig().getPermCheckMode().equals("url") ? AuthUtil.checkUrlPermission(httpServletRequest) : AuthUtil.checkPermission(method);
        boolean checkRole = AuthUtil.checkRole(method);
        if (checkUrlPermission && checkRole) {
            return true;
        }
        throw new NoPermissionException();
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        RoleHolder.clearRoleSet();
        PermissionHolder.clearPermissionSet();
    }
}
