package net.ibizsys.central.dataentity.security;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.ibizsys.central.ISystemRuntime;
import net.ibizsys.central.dataentity.IDataEntityRuntime;
import net.ibizsys.central.dataentity.IDataEntityRuntimeContext;
import net.ibizsys.central.security.ISystemAccessManager;
import net.ibizsys.central.util.IEntityDTO;
import net.ibizsys.central.util.ISearchContext;
import net.ibizsys.central.util.ISearchContextDTO;
import net.ibizsys.central.util.SearchContextDTO;
import net.ibizsys.model.dataentity.defield.IPSPickupDEField;
import net.ibizsys.model.dataentity.der.IPSDER1N;
import net.ibizsys.model.dataentity.der.IPSDERBase;
import net.ibizsys.model.dataentity.der.IPSDERCustom;
import net.ibizsys.model.dataentity.priv.IPSDEOPPriv;
import net.ibizsys.model.dataentity.priv.IPSDEUserRole;
import net.ibizsys.runtime.dataentity.DataEntityRuntimeException;
import net.ibizsys.runtime.security.DataAccessActions;
import net.ibizsys.runtime.security.IUserContext;
import net.ibizsys.runtime.security.UserContext;
import net.ibizsys.runtime.util.Conditions;
import net.ibizsys.runtime.util.DataTypeUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:net/ibizsys/central/dataentity/security/DataEntityAccessManager.class */
public class DataEntityAccessManager implements IDataEntityAccessManager {
    private static final Log log = LogFactory.getLog(DataEntityAccessManager.class);
    private IDataEntityRuntimeContext iDataEntityRuntimeContext = null;
    private Map<String, IPSDEOPPriv> psDEOPPrivMap = null;
    private int nDataAccCtrlMode = 1;
    private ISystemAccessManager iSystemAccessManager = null;
    private List<IDEUserRoleRuntime> defaultDEUserRoleRuntimeList = null;
    private Map<String, IDEUserRoleRuntime> deUserRoleRuntimeMap = null;

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public void init(IDataEntityRuntimeContext iDataEntityRuntimeContext, ISystemAccessManager iSystemAccessManager) throws Exception {
        this.iDataEntityRuntimeContext = iDataEntityRuntimeContext;
        this.nDataAccCtrlMode = getDataEntityRuntime().getDataAccCtrlMode();
        this.iSystemAccessManager = iSystemAccessManager;
        if (this.iSystemAccessManager == null) {
            this.iSystemAccessManager = getDataEntityRuntime().getSystemRuntime().getSystemAccessManager();
        }
        onInit();
    }

    protected void onInit() throws Exception {
        prepareDEOPPrivs();
        prepareDEUserRoles();
    }

    protected IDataEntityRuntimeContext getDataEntityRuntimeContext() {
        return this.iDataEntityRuntimeContext;
    }

    public IDataEntityRuntime getDataEntityRuntime() {
        return getDataEntityRuntimeContext().getDataEntityRuntime();
    }

    public ISystemRuntime getSystemRuntime() {
        return getDataEntityRuntime().getSystemRuntime();
    }

    protected void prepareDEUserRoles() throws Exception {
        if (this.defaultDEUserRoleRuntimeList != null) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        List<IPSDEUserRole> allPSDEUserRoles = getDataEntityRuntimeContext().getDataEntityRuntime().getPSDataEntity().getAllPSDEUserRoles();
        if (allPSDEUserRoles != null) {
            for (IPSDEUserRole iPSDEUserRole : allPSDEUserRoles) {
                IDEUserRoleRuntime createDEUserRoleRuntime = createDEUserRoleRuntime(iPSDEUserRole);
                createDEUserRoleRuntime.init(getDataEntityRuntimeContext(), iPSDEUserRole);
                if (createDEUserRoleRuntime.isDefaultMode()) {
                    arrayList.add(createDEUserRoleRuntime);
                }
                hashMap.put(createDEUserRoleRuntime.getRoleTag(), createDEUserRoleRuntime);
            }
        }
        if (this.defaultDEUserRoleRuntimeList == null) {
            this.defaultDEUserRoleRuntimeList = arrayList;
        }
        if (this.deUserRoleRuntimeMap == null) {
            this.deUserRoleRuntimeMap = hashMap;
        }
    }

    protected IDEUserRoleRuntime createDEUserRoleRuntime(IPSDEUserRole iPSDEUserRole) {
        return new DEUserRoleRuntime();
    }

    protected void prepareDEOPPrivs() throws Exception {
        if (this.psDEOPPrivMap != null) {
            return;
        }
        HashMap hashMap = new HashMap();
        List<IPSDEOPPriv> allPSDEOPPrivs = getDataEntityRuntimeContext().getDataEntityRuntime().getPSDataEntity().getAllPSDEOPPrivs();
        if (allPSDEOPPrivs != null) {
            for (IPSDEOPPriv iPSDEOPPriv : allPSDEOPPrivs) {
                if (StringUtils.hasLength(iPSDEOPPriv.getMapPSDEName())) {
                    hashMap.put(String.format("%1$s|%2$s", iPSDEOPPriv.getMapPSDEName(), iPSDEOPPriv.getName()), iPSDEOPPriv);
                } else {
                    hashMap.put(iPSDEOPPriv.getName(), iPSDEOPPriv);
                }
            }
        }
        if (this.psDEOPPrivMap == null) {
            this.psDEOPPrivMap = hashMap;
        }
    }

    protected IPSDEOPPriv getPSDEOPPriv(IDataEntityRuntime iDataEntityRuntime, String str) {
        return getPSDEOPPriv(iDataEntityRuntime, str, false);
    }

    protected IPSDEOPPriv getPSDEOPPriv(IDataEntityRuntime iDataEntityRuntime, String str, boolean z) {
        if (iDataEntityRuntime != null) {
            IPSDEOPPriv iPSDEOPPriv = this.psDEOPPrivMap.get(String.format("%1$s|%2$s", iDataEntityRuntime.getName(), str));
            if (iPSDEOPPriv != null) {
                return iPSDEOPPriv;
            }
            if (z) {
                return null;
            }
        }
        return this.psDEOPPrivMap.get(str);
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public boolean testDataAccessAction(Object obj, IEntityDTO iEntityDTO, String str) throws Exception {
        return testDataAccessAction(UserContext.getCurrentMust(), null, null, obj, iEntityDTO, str);
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public boolean testDataAccessAction(IUserContext iUserContext, IDataEntityRuntime iDataEntityRuntime, String str, Object obj, IEntityDTO iEntityDTO, String str2) throws Exception {
        IPSDERBase masterPSDER;
        IPSDEOPPriv pSDEOPPriv;
        if (!StringUtils.hasLength(str2) || DataAccessActions.DENY.equalsIgnoreCase(str2)) {
            return false;
        }
        if ("NONE".equalsIgnoreCase(str2)) {
            return true;
        }
        int dataAccCtrlMode = getDataAccCtrlMode();
        if (dataAccCtrlMode != 0) {
            switch (dataAccCtrlMode) {
                case 1:
                    IPSDEOPPriv pSDEOPPriv2 = getPSDEOPPriv(null, str2);
                    if (pSDEOPPriv2 == null || !StringUtils.hasLength(pSDEOPPriv2.getMapSysUniResCode())) {
                        if (!onTestDataAccessAction(iUserContext, obj, iEntityDTO, str2)) {
                            return false;
                        }
                    } else if (!getSystemAccessManager().testSysUniRes(iUserContext, pSDEOPPriv2.getMapSysUniResCode(), iEntityDTO)) {
                        return false;
                    }
                    break;
                case 2:
                    if (iDataEntityRuntime == null) {
                        throw new DataEntityRuntimeException(getDataEntityRuntime(), "未指定权限控制实体", 2);
                    }
                    IPSDEOPPriv pSDEOPPriv3 = getPSDEOPPriv(iDataEntityRuntime, str2, true);
                    String str3 = "READ".equals(str2) ? "READ" : "UPDATE";
                    if (pSDEOPPriv3 != null) {
                        masterPSDER = pSDEOPPriv3.getMapPSDERMust();
                        str3 = pSDEOPPriv3.getMapPSDEOPPrivName();
                        if (DataAccessActions.DENY.equalsIgnoreCase(str2)) {
                            return false;
                        }
                    } else {
                        masterPSDER = getDataEntityRuntime().getMasterPSDER(iDataEntityRuntime.getId(), false);
                    }
                    if (!ObjectUtils.isEmpty(obj)) {
                        getSimpleEntity(masterPSDER, str, obj);
                    } else {
                        if (iEntityDTO == null) {
                            throw new DataEntityRuntimeException(getDataEntityRuntime(), "未指定传入数据对象", 2);
                        }
                        Object obj2 = null;
                        if (masterPSDER instanceof IPSDER1N) {
                            obj2 = getDataEntityRuntime().getFieldValue(iEntityDTO, ((IPSDER1N) masterPSDER).getPSPickupDEFieldMust());
                        } else if (masterPSDER instanceof IPSDERCustom) {
                            obj2 = getDataEntityRuntime().getFieldValue(iEntityDTO, ((IPSDERCustom) masterPSDER).getPickupPSDEFieldMust());
                        }
                        if (ObjectUtils.isEmpty(obj2)) {
                            throw new DataEntityRuntimeException(getDataEntityRuntime(), "数据对象中未指定父数据", 2);
                        }
                        if (!str.equals(obj2)) {
                            throw new DataEntityRuntimeException(getDataEntityRuntime(), "数据对象中父数据不一致", 2);
                        }
                    }
                    return iDataEntityRuntime.getDataEntityAccessManager().testDataAccessAction(iUserContext, null, null, str, null, str3);
                case 3:
                    if (iDataEntityRuntime != null && (pSDEOPPriv = getPSDEOPPriv(iDataEntityRuntime, str2, true)) != null) {
                        if (!ObjectUtils.isEmpty(obj)) {
                            getSimpleEntity(pSDEOPPriv.getMapPSDERMust(), str, obj);
                        } else {
                            if (iEntityDTO == null) {
                                throw new DataEntityRuntimeException(getDataEntityRuntime(), "未指定传入数据对象", 2);
                            }
                            Object obj3 = null;
                            IPSDER1N mapPSDERMust = pSDEOPPriv.getMapPSDERMust();
                            if (mapPSDERMust instanceof IPSDER1N) {
                                obj3 = getDataEntityRuntime().getFieldValue(iEntityDTO, mapPSDERMust.getPSPickupDEFieldMust());
                            } else if (mapPSDERMust instanceof IPSDERCustom) {
                                obj3 = getDataEntityRuntime().getFieldValue(iEntityDTO, ((IPSDERCustom) mapPSDERMust).getPickupPSDEFieldMust());
                            }
                            if (ObjectUtils.isEmpty(obj3)) {
                                throw new DataEntityRuntimeException(getDataEntityRuntime(), "数据对象中未指定父数据", 2);
                            }
                            if (!str.equals(obj3)) {
                                throw new DataEntityRuntimeException(getDataEntityRuntime(), "数据对象中父数据不一致", 2);
                            }
                        }
                        return iDataEntityRuntime.getDataEntityAccessManager().testDataAccessAction(iUserContext, null, null, str, null, pSDEOPPriv.getMapPSDEOPPrivName());
                    }
                    IPSDEOPPriv pSDEOPPriv4 = getPSDEOPPriv(null, str2);
                    if (pSDEOPPriv4 == null || !StringUtils.hasLength(pSDEOPPriv4.getMapSysUniResCode())) {
                        if (!onTestDataAccessAction(iUserContext, obj, iEntityDTO, str2)) {
                            return false;
                        }
                    } else if (!getSystemAccessManager().testSysUniRes(iUserContext, pSDEOPPriv4.getMapSysUniResCode(), iEntityDTO)) {
                        return false;
                    }
                    break;
                default:
                    throw new DataEntityRuntimeException(getDataEntityRuntime(), String.format("无法识别的数据访问控制模式[%1$s]", Integer.valueOf(dataAccCtrlMode)), 2);
            }
        }
        return getDataEntityRuntime().testDataAccessAction(0 == 0 ? obj : null, str2);
    }

    protected boolean onTestDataAccessAction(IUserContext iUserContext, Object obj, IEntityDTO iEntityDTO, String str) throws Exception {
        return true;
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public boolean testDataAccessAction(ISearchContextDTO iSearchContextDTO, String str) throws Exception {
        return testDataAccessAction(UserContext.getCurrentMust(), null, null, iSearchContextDTO, str);
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public boolean testDataAccessAction(IUserContext iUserContext, IDataEntityRuntime iDataEntityRuntime, String str, ISearchContextDTO iSearchContextDTO, String str2) throws Exception {
        int dataAccCtrlMode;
        IPSDERBase masterPSDER;
        IPSDEOPPriv pSDEOPPriv;
        if (iSearchContextDTO == null) {
            log.warn(String.format("未传入数据过滤对象，无法判断", new Object[0]));
            return false;
        }
        if (!StringUtils.hasLength(str2)) {
            log.warn(String.format("未传入数据访问操作，无法判断", new Object[0]));
            return false;
        }
        if (DataAccessActions.DENY.equalsIgnoreCase(str2)) {
            return false;
        }
        if ("NONE".equalsIgnoreCase(str2) || (dataAccCtrlMode = getDataAccCtrlMode()) == 0) {
            return true;
        }
        if (iDataEntityRuntime == null && (dataAccCtrlMode == 3 || dataAccCtrlMode == 2)) {
            Object obj = iSearchContextDTO.get(ISearchContext.PARAM_PARENTDENAME);
            Object obj2 = iSearchContextDTO.get(ISearchContext.PARAM_PARENTKEY);
            if (!ObjectUtils.isEmpty(obj) && !ObjectUtils.isEmpty(obj2)) {
                iDataEntityRuntime = getSystemRuntime().getDataEntityRuntime(obj.toString(), true);
                if (iDataEntityRuntime != null) {
                    str = obj2.toString();
                }
            }
        }
        switch (dataAccCtrlMode) {
            case 1:
                IPSDEOPPriv pSDEOPPriv2 = getPSDEOPPriv(null, str2);
                return (pSDEOPPriv2 == null || !StringUtils.hasLength(pSDEOPPriv2.getMapSysUniResCode())) ? onTestDataAccessAction(iUserContext, null, null, iSearchContextDTO, str2) : getSystemAccessManager().testSysUniRes(iUserContext, pSDEOPPriv2.getMapSysUniResCode(), null);
            case 2:
                if (iDataEntityRuntime == null) {
                    throw new DataEntityRuntimeException(getDataEntityRuntime(), "未指定权限控制实体", 2);
                }
                IPSDEOPPriv pSDEOPPriv3 = getPSDEOPPriv(iDataEntityRuntime, str2, true);
                String str3 = "READ".equals(str2) ? "READ" : "UPDATE";
                if (pSDEOPPriv3 != null) {
                    masterPSDER = pSDEOPPriv3.getMapPSDERMust();
                    str3 = pSDEOPPriv3.getMapPSDEOPPrivName();
                    if (DataAccessActions.DENY.equalsIgnoreCase(str2)) {
                        return false;
                    }
                } else {
                    masterPSDER = getDataEntityRuntime().getMasterPSDER(iDataEntityRuntime.getId(), false);
                }
                if (!iDataEntityRuntime.getDataEntityAccessManager().testDataAccessAction(iUserContext, null, null, str, null, str3)) {
                    return false;
                }
                IPSPickupDEField iPSPickupDEField = null;
                if (masterPSDER instanceof IPSDER1N) {
                    iPSPickupDEField = ((IPSDER1N) masterPSDER).getPSPickupDEFieldMust();
                } else if (masterPSDER instanceof IPSDERCustom) {
                    iPSPickupDEField = ((IPSDERCustom) masterPSDER).getPickupPSDEFieldMust();
                }
                if (iPSPickupDEField == null) {
                    throw new DataEntityRuntimeException(getDataEntityRuntime(), "控制关系连接属性无效", 2);
                }
                SearchContextDTO.addSearchFieldCondIf(iSearchContextDTO, iPSPickupDEField.getLowerCaseName(), Conditions.EQ, DataTypeUtils.parse(iPSPickupDEField.getStdDataType(), str), null);
                return true;
            case 3:
                if (iDataEntityRuntime == null || (pSDEOPPriv = getPSDEOPPriv(iDataEntityRuntime, str2, true)) == null || !iDataEntityRuntime.getDataEntityAccessManager().testDataAccessAction(iUserContext, null, null, str, null, pSDEOPPriv.getMapPSDEOPPrivName())) {
                    IPSDEOPPriv pSDEOPPriv4 = getPSDEOPPriv(null, str2);
                    return (pSDEOPPriv4 == null || !StringUtils.hasLength(pSDEOPPriv4.getMapSysUniResCode())) ? onTestDataAccessAction(iUserContext, null, null, iSearchContextDTO, str2) : getSystemAccessManager().testSysUniRes(iUserContext, pSDEOPPriv4.getMapSysUniResCode(), null);
                }
                IPSPickupDEField iPSPickupDEField2 = null;
                IPSDER1N mapPSDERMust = pSDEOPPriv.getMapPSDERMust();
                if (mapPSDERMust instanceof IPSDER1N) {
                    iPSPickupDEField2 = mapPSDERMust.getPSPickupDEFieldMust();
                } else if (mapPSDERMust instanceof IPSDERCustom) {
                    iPSPickupDEField2 = ((IPSDERCustom) mapPSDERMust).getPickupPSDEFieldMust();
                }
                if (iPSPickupDEField2 == null) {
                    throw new DataEntityRuntimeException(getDataEntityRuntime(), "控制关系连接属性无效", 2);
                }
                SearchContextDTO.addSearchFieldCondIf(iSearchContextDTO, iPSPickupDEField2.getLowerCaseName(), Conditions.EQ, DataTypeUtils.parse(iPSPickupDEField2.getStdDataType(), str), null);
                return true;
            default:
                throw new DataEntityRuntimeException(getDataEntityRuntime(), String.format("无法识别的数据访问控制模式[%1$s]", Integer.valueOf(dataAccCtrlMode)), 2);
        }
    }

    protected boolean onTestDataAccessAction(IUserContext iUserContext, IDataEntityRuntime iDataEntityRuntime, String str, ISearchContextDTO iSearchContextDTO, String str2) throws Exception {
        return true;
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public int getDataAccCtrlMode() {
        return this.nDataAccCtrlMode;
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public ISystemAccessManager getSystemAccessManager() {
        return this.iSystemAccessManager;
    }

    protected IEntityDTO getSimpleEntity(IPSDERBase iPSDERBase, String str, Object obj) throws Exception {
        IPSPickupDEField pickupPSDEFieldMust;
        if (iPSDERBase instanceof IPSDER1N) {
            pickupPSDEFieldMust = ((IPSDER1N) iPSDERBase).getPSPickupDEFieldMust();
        } else {
            if (!(iPSDERBase instanceof IPSDERCustom)) {
                throw new DataEntityRuntimeException(getDataEntityRuntime(), String.format("无法从实体关系[%1$s]获取连接属性", iPSDERBase.getName()));
            }
            pickupPSDEFieldMust = ((IPSDERCustom) iPSDERBase).getPickupPSDEFieldMust();
        }
        ISearchContextDTO createSearchContext = getDataEntityRuntime().createSearchContext();
        Object convertValue = getDataEntityRuntime().getSystemRuntime().convertValue(pickupPSDEFieldMust.getStdDataType(), str);
        if ((obj instanceof String) && !DataTypeUtils.isStringDataType(getDataEntityRuntime().getKeyPSDEField().getStdDataType())) {
            obj = getDataEntityRuntime().getSystemRuntime().convertValue(getDataEntityRuntime().getKeyPSDEField().getStdDataType(), (String) obj);
        }
        SearchContextDTO.addSearchFieldCond(createSearchContext, pickupPSDEFieldMust.getName(), Conditions.EQ, convertValue, null);
        SearchContextDTO.addSearchFieldCond(createSearchContext, getDataEntityRuntime().getKeyPSDEField().getName(), Conditions.EQ, obj, null);
        List<IEntityDTO> selectDataQuery = getDataEntityRuntime().selectDataQuery(getDataEntityRuntime().getSimplePSDEDataQuery(), createSearchContext);
        if (selectDataQuery == null || selectDataQuery.size() == 0) {
            throw new DataEntityRuntimeException(getDataEntityRuntime(), String.format("指定数据不存在", new Object[0]), 2);
        }
        return selectDataQuery.get(0);
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public List<IDEUserRoleRuntime> getDefaultDEUserRoleRuntimes() {
        if (this.defaultDEUserRoleRuntimeList == null || this.defaultDEUserRoleRuntimeList.size() == 0) {
            return null;
        }
        return this.defaultDEUserRoleRuntimeList;
    }

    @Override // net.ibizsys.central.dataentity.security.IDataEntityAccessManager
    public IDEUserRoleRuntime getDEUserRoleRuntime(String str, boolean z) {
        IDEUserRoleRuntime iDEUserRoleRuntime = null;
        if (this.deUserRoleRuntimeMap != null) {
            iDEUserRoleRuntime = this.deUserRoleRuntimeMap.get(str);
        }
        if (iDEUserRoleRuntime != null || z) {
            return iDEUserRoleRuntime;
        }
        throw new DataEntityRuntimeException(getDataEntityRuntime(), String.format("无法获取指定用户角色模型对象[%1$s]", str));
    }
}
