package org.hswebframework.web.system.authorization.defaults.configuration;

import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.hswebframework.web.authorization.Authentication;
import org.hswebframework.web.authorization.exception.AccessDenyException;
import org.hswebframework.web.system.authorization.api.entity.AuthorizationSettingEntity;
import org.hswebframework.web.system.authorization.api.entity.PermissionEntity;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.util.CollectionUtils;
import reactor.core.publisher.Flux;

@ConfigurationProperties(prefix = "hsweb.permission")
/* loaded from: input_file:org/hswebframework/web/system/authorization/defaults/configuration/PermissionProperties.class */
public class PermissionProperties {
    private PermissionFilter filter = new PermissionFilter();

    /* loaded from: input_file:org/hswebframework/web/system/authorization/defaults/configuration/PermissionProperties$PermissionFilter.class */
    public static class PermissionFilter {
        private boolean enabled = false;
        private UnAuthStrategy unAuthStrategy = UnAuthStrategy.error;
        private Set<String> excludeUsername = new HashSet();

        /* loaded from: input_file:org/hswebframework/web/system/authorization/defaults/configuration/PermissionProperties$PermissionFilter$UnAuthStrategy.class */
        public enum UnAuthStrategy {
            ignore { // from class: org.hswebframework.web.system.authorization.defaults.configuration.PermissionProperties.PermissionFilter.UnAuthStrategy.1
                @Override // org.hswebframework.web.system.authorization.defaults.configuration.PermissionProperties.PermissionFilter.UnAuthStrategy
                public AuthorizationSettingEntity handle(Authentication authentication, AuthorizationSettingEntity authorizationSettingEntity) {
                    return authorizationSettingEntity.copy(str -> {
                        return authentication.hasPermission(authorizationSettingEntity.getPermission(), new String[]{str});
                    }, dataAccessEntity -> {
                        return true;
                    });
                }
            },
            error { // from class: org.hswebframework.web.system.authorization.defaults.configuration.PermissionProperties.PermissionFilter.UnAuthStrategy.2
                @Override // org.hswebframework.web.system.authorization.defaults.configuration.PermissionProperties.PermissionFilter.UnAuthStrategy
                public AuthorizationSettingEntity handle(Authentication authentication, AuthorizationSettingEntity authorizationSettingEntity) {
                    HashSet hashSet = new HashSet(authorizationSettingEntity.getActions());
                    hashSet.removeAll((Collection) authentication.getPermission(authorizationSettingEntity.getPermission()).map((v0) -> {
                        return v0.getActions();
                    }).orElseGet(Collections::emptySet));
                    throw new AccessDenyException(authorizationSettingEntity.getPermission(), hashSet);
                }
            };

            public abstract AuthorizationSettingEntity handle(Authentication authentication, AuthorizationSettingEntity authorizationSettingEntity);
        }

        public AuthorizationSettingEntity handleSetting(Authentication authentication, AuthorizationSettingEntity authorizationSettingEntity) {
            return (!this.enabled || this.excludeUsername.contains(authentication.getUser().getUsername())) ? authorizationSettingEntity : authentication.hasPermission(authorizationSettingEntity.getPermission(), authorizationSettingEntity.getActions()) ? authorizationSettingEntity : this.unAuthStrategy.handle(authentication, authorizationSettingEntity);
        }

        public Flux<PermissionEntity> doFilter(Flux<PermissionEntity> flux, Authentication authentication) {
            return (!this.enabled || this.excludeUsername.contains(authentication.getUser().getUsername())) ? flux : flux.map(permissionEntity -> {
                return permissionEntity.copy(actionEntity -> {
                    return authentication.hasPermission(permissionEntity.getId(), new String[]{actionEntity.getAction()});
                }, optionalField -> {
                    return true;
                });
            }).filter(permissionEntity2 -> {
                return !CollectionUtils.isEmpty(permissionEntity2.getActions());
            });
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public UnAuthStrategy getUnAuthStrategy() {
            return this.unAuthStrategy;
        }

        public Set<String> getExcludeUsername() {
            return this.excludeUsername;
        }

        public void setEnabled(boolean z) {
            this.enabled = z;
        }

        public void setUnAuthStrategy(UnAuthStrategy unAuthStrategy) {
            this.unAuthStrategy = unAuthStrategy;
        }

        public void setExcludeUsername(Set<String> set) {
            this.excludeUsername = set;
        }
    }

    public PermissionFilter getFilter() {
        return this.filter;
    }

    public void setFilter(PermissionFilter permissionFilter) {
        this.filter = permissionFilter;
    }
}
