package org.smart4j.plugin.security.aspect;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.PrincipalCollection;
import org.smart4j.framework.aop.AspectProxy;
import org.smart4j.framework.aop.annotation.Aspect;
import org.smart4j.framework.mvc.annotation.Action;
import org.smart4j.framework.mvc.fault.AuthzException;
import org.smart4j.plugin.security.annotation.Authenticated;
import org.smart4j.plugin.security.annotation.Guest;
import org.smart4j.plugin.security.annotation.HasPermissions;
import org.smart4j.plugin.security.annotation.HasRoles;
import org.smart4j.plugin.security.annotation.User;

@Aspect(annotation = Action.class)
/* loaded from: input_file:org/smart4j/plugin/security/aspect/AuthcAnnotationAspect.class */
public class AuthcAnnotationAspect extends AspectProxy {
    private static final Class[] annotationClassArray = {Authenticated.class, User.class, Guest.class, HasRoles.class, HasPermissions.class};

    public void before(Class<?> cls, Method method, Object[] objArr) throws Throwable {
        Annotation annotation = getAnnotation(cls, method);
        if (annotation != null) {
            Class<? extends Annotation> annotationType = annotation.annotationType();
            if (annotationType.equals(Authenticated.class)) {
                handleAuthenticated();
                return;
            }
            if (annotationType.equals(User.class)) {
                handleUser();
                return;
            }
            if (annotationType.equals(Guest.class)) {
                handleGuest();
            } else if (annotationType.equals(HasRoles.class)) {
                handleHasRoles((HasRoles) annotation);
            } else if (annotationType.equals(HasPermissions.class)) {
                handleHasPermissions((HasPermissions) annotation);
            }
        }
    }

    private Annotation getAnnotation(Class<?> cls, Method method) {
        for (Class<? extends Annotation> cls2 : annotationClassArray) {
            if (method.isAnnotationPresent(cls2)) {
                return method.getAnnotation(cls2);
            }
            if (cls.isAnnotationPresent(cls2)) {
                return cls.getAnnotation(cls2);
            }
        }
        return null;
    }

    private void handleAuthenticated() {
        if (!SecurityUtils.getSubject().isAuthenticated()) {
            throw new AuthzException("当前用户尚未认证");
        }
    }

    private void handleUser() {
        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
        if (principals == null || principals.isEmpty()) {
            throw new AuthzException("当前用户尚未登录");
        }
    }

    private void handleGuest() {
        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
        if (principals != null && !principals.isEmpty()) {
            throw new AuthzException("当前用户不是访客");
        }
    }

    private void handleHasRoles(HasRoles hasRoles) {
        String value = hasRoles.value();
        if (!SecurityUtils.getSubject().hasRole(value)) {
            throw new AuthzException("当前用户没有指定角色，角色名：" + value);
        }
    }

    private void handleHasPermissions(HasPermissions hasPermissions) {
        String value = hasPermissions.value();
        if (!SecurityUtils.getSubject().isPermitted(value)) {
            throw new AuthzException("当前用户没有指定权限，权限名：" + value);
        }
    }
}
