package com.vip.saturn.job.console.service.impl;

import com.vip.saturn.job.console.exception.SaturnJobConsoleException;
import com.vip.saturn.job.console.mybatis.entity.Role;
import com.vip.saturn.job.console.mybatis.entity.RolePermission;
import com.vip.saturn.job.console.mybatis.entity.User;
import com.vip.saturn.job.console.mybatis.entity.UserRole;
import com.vip.saturn.job.console.mybatis.repository.PermissionRepository;
import com.vip.saturn.job.console.mybatis.repository.RolePermissionRepository;
import com.vip.saturn.job.console.mybatis.repository.RoleRepository;
import com.vip.saturn.job.console.mybatis.repository.UserRepository;
import com.vip.saturn.job.console.mybatis.repository.UserRoleRepository;
import com.vip.saturn.job.console.service.AuthorizationService;
import com.vip.saturn.job.console.service.SystemConfigService;
import com.vip.saturn.job.console.service.helper.SystemConfigProperties;
import com.vip.saturn.job.console.utils.RoleKeys;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:com/vip/saturn/job/console/service/impl/AuthorizationServiceImpl.class */
public class AuthorizationServiceImpl implements AuthorizationService {
    private static final Logger log = LoggerFactory.getLogger(AuthorizationServiceImpl.class);

    @Autowired
    protected PermissionRepository permissionRepository;

    @Autowired
    protected RoleRepository roleRepository;

    @Autowired
    protected UserRepository userRepository;

    @Autowired
    protected RolePermissionRepository rolePermissionRepository;

    @Autowired
    protected UserRoleRepository userRoleRepository;

    @Autowired
    protected SystemConfigService systemConfigService;

    @Value("${authorization.enabled.default}")
    private boolean authorizationEnabledDefault;
    protected String systemAdminRoleKey = RoleKeys.systemAdmin;
    protected ConcurrentMap<String, Role> rolesCache = new ConcurrentHashMap();
    private Timer refreshAuthCacheTimer = null;

    @PostConstruct
    public void init() {
        this.refreshAuthCacheTimer = new Timer("refresh-auth-cache-timer", true);
        this.refreshAuthCacheTimer.schedule(new TimerTask() { // from class: com.vip.saturn.job.console.service.impl.AuthorizationServiceImpl.1
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                try {
                    AuthorizationServiceImpl.this.refreshAuthCache();
                } catch (Throwable th) {
                    AuthorizationServiceImpl.log.error(th.getMessage(), th);
                }
            }
        }, 1000L, 900000L);
    }

    @PreDestroy
    public void destroy() {
        if (this.refreshAuthCacheTimer != null) {
            this.refreshAuthCacheTimer.cancel();
        }
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    @Transactional(readOnly = true)
    public synchronized void refreshAuthCache() throws SaturnJobConsoleException {
        log.info("Start refresh auth cache");
        long currentTimeMillis = System.currentTimeMillis();
        try {
            handleRefreshAuthCache();
            log.info("End refresh auth cache, cost {}ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        } catch (Throwable th) {
            log.info("End refresh auth cache, cost {}ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            throw th;
        }
    }

    protected void handleRefreshAuthCache() throws SaturnJobConsoleException {
        if (!isAuthorizationEnabled()) {
            this.rolesCache.clear();
            return;
        }
        List<Role> selectAll = this.roleRepository.selectAll();
        if (selectAll == null || selectAll.isEmpty()) {
            this.rolesCache.clear();
            return;
        }
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        for (Role role : selectAll) {
            String roleKey = role.getRoleKey();
            if (!StringUtils.isBlank(roleKey)) {
                List<RolePermission> selectByRoleKey = this.rolePermissionRepository.selectByRoleKey(roleKey);
                if (selectByRoleKey != null) {
                    role.setRolePermissions(selectByRoleKey);
                    for (RolePermission rolePermission : selectByRoleKey) {
                        rolePermission.setPermission(this.permissionRepository.selectByKey(rolePermission.getPermissionKey()));
                    }
                }
                concurrentHashMap.put(roleKey, role);
            }
        }
        this.rolesCache = concurrentHashMap;
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    public boolean isAuthorizationEnabled() throws SaturnJobConsoleException {
        return this.systemConfigService.getBooleanValue(SystemConfigProperties.AUTHORIZATION_ENABLED, this.authorizationEnabledDefault);
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    @Transactional(readOnly = true)
    public User getUser(String str) throws SaturnJobConsoleException {
        if (!isAuthorizationEnabled()) {
            return constructAvailableUser(null, str);
        }
        User constructAvailableUser = constructAvailableUser(this.userRepository.select(str), str);
        List<UserRole> selectByUserName = this.userRoleRepository.selectByUserName(str);
        if (selectByUserName != null) {
            constructAvailableUser.setUserRoles(selectByUserName);
            for (UserRole userRole : selectByUserName) {
                userRole.setRole(this.rolesCache.get(userRole.getRoleKey()));
            }
        }
        return constructAvailableUser;
    }

    protected User constructAvailableUser(User user, String str) {
        if (user == null) {
            user = new User();
        }
        user.setUserName(str);
        if (user.getUserRoles() == null) {
            user.setUserRoles(new ArrayList());
        }
        return user;
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    @Transactional(readOnly = true)
    public boolean hasUserRole(UserRole userRole) throws SaturnJobConsoleException {
        if (!isAuthorizationEnabled()) {
            return true;
        }
        List<UserRole> select = this.userRoleRepository.select(userRole);
        return (select == null || select.isEmpty()) ? false : true;
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    public void assertIsPermitted(String str, String str2, String str3) throws SaturnJobConsoleException {
        if (isAuthorizationEnabled()) {
            List<UserRole> userRoles = getUser(str2).getUserRoles();
            if (userRoles != null) {
                for (UserRole userRole : userRoles) {
                    Role role = userRole.getRole();
                    if (role != null && (!role.getIsRelatingToNamespace().booleanValue() || str3.equals(userRole.getNamespace()))) {
                        List<RolePermission> rolePermissions = role.getRolePermissions();
                        if (rolePermissions != null && !rolePermissions.isEmpty()) {
                            Iterator<RolePermission> it = rolePermissions.iterator();
                            while (it.hasNext()) {
                                if (str.equals(it.next().getPermissionKey())) {
                                    return;
                                }
                            }
                        }
                    }
                }
            }
            throw new SaturnJobConsoleException(String.format("您没有操作所需要的权限：域:%s，权限:%s", str3, str));
        }
    }

    @Override // com.vip.saturn.job.console.service.AuthorizationService
    public void assertIsSystemAdmin(String str) throws SaturnJobConsoleException {
        if (isAuthorizationEnabled()) {
            List<UserRole> userRoles = getUser(str).getUserRoles();
            if (userRoles != null) {
                Iterator<UserRole> it = userRoles.iterator();
                while (it.hasNext()) {
                    if (this.systemAdminRoleKey.equals(it.next().getRoleKey())) {
                        return;
                    }
                }
            }
            throw new SaturnJobConsoleException("您不是系统管理员，没有权限");
        }
    }
}
