package kd.bos.openapi.base.acl;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.entity.DynamicObjectCollection;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.entity.datamodel.ListSelectedRowCollection;
import kd.bos.openapi.base.model.ApiAclInfoModel;
import kd.bos.openapi.base.model.AppAclModel;
import kd.bos.openapi.base.model.ThirdAppAclModel;
import kd.bos.openapi.base.util.LocalCacheUtil;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.util.CollectionUtil;
import kd.bos.openapi.common.util.CommonDateUtil;
import kd.bos.orm.query.QFilter;
import kd.bos.servicehelper.BusinessDataServiceHelper;

/* loaded from: input_file:kd/bos/openapi/base/acl/ApilAclManager.class */
public class ApilAclManager {
    private static final String OPENAPI_3RDAPPS = "openapi_3rdapps";
    private static final String THIRD_ENTRY_API = "entryentity";
    private static final String THIRD_NO_LIMIT_API = "allowallapi";
    private static final String ENABLE = "enable";
    private static final String NUMBER = "number";
    private static final String NAME = "name";
    private static final String ENABLE_TIME = "lastenabletime";
    private static final String STOP_TIME = "laststoptime";
    private static final String APISERVICEID = "id";
    private static final String TRUE = "true";
    private static final String API_STATUS_INCLUD = "1,2,3";
    private static final String API_SERVICE = "apiservice";
    private static final String FIELD_URL = "urlformat";
    private static final String APPID = "appid.id";
    private static final String ALLOWGUEST = "allowguest";
    private static final String OPEN_APISERVICE = "open_apiservice";
    private static final String IS_FORBIDDEN = "isforbidden";
    private static final String BIZ_APP = "bizapp";
    private static final String APP_ID = "appid";
    private static final String APPID_URLFORMAT = "appid,urlformat";
    private static final String APPID_URLFORMAT_ENABLE_ALLOW_GUEST = "enable,appid,urlformat,allowguest";
    private static final String OPEN_APP_AUTHORIZE_LIST = "open_appauthorize_list";
    private static final String IS_FORBIDDEN_BIZAPP = "isforbidden,bizapp";
    private static final String OPEN_API_AUTHORIZE = "open_apiauthorize";
    private static final String API_NUMBER = "api_number";
    private static final String API_USERS = "api_users";
    private static final String BASE_DATA_ID = "fbasedataid_id";
    private static final int ONE = 1;
    private static final int OPEN_API_VERSION_2 = 2;

    private static ThirdAppAclModel getThirdAppAclInfoModelFromDb(String str) {
        if (str == null || "null".equalsIgnoreCase(str)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, "The thirdId cannot be null.", new Object[0]);
        }
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(Long.valueOf(Long.parseLong(str)), OPENAPI_3RDAPPS);
        if (loadSingleFromCache == null) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, "Can't find object by thirdId:%s.", new Object[]{str});
        }
        ThirdAppAclModel thirdAppAclModel = new ThirdAppAclModel();
        thirdAppAclModel.setVersion(2);
        thirdAppAclModel.setAllowAllApi(loadSingleFromCache.getBoolean(THIRD_NO_LIMIT_API));
        thirdAppAclModel.setAppAccess(API_STATUS_INCLUD.contains(loadSingleFromCache.getString(ENABLE)));
        thirdAppAclModel.setThirdAppCode(loadSingleFromCache.getString(NUMBER));
        thirdAppAclModel.setLastEnableTime(loadSingleFromCache.getDate(ENABLE_TIME));
        thirdAppAclModel.setLastStopTime(loadSingleFromCache.getDate(STOP_TIME));
        if (!thirdAppAclModel.isAllowAllApi() && thirdAppAclModel.isAppAccess()) {
            thirdAppAclModel.setAllowApiMap(getApiActByUrl(loadSingleFromCache.getDynamicObjectCollection(THIRD_ENTRY_API)));
        }
        return thirdAppAclModel;
    }

    private static Map<String, ApiAclInfoModel> getApiActByUrl(DynamicObjectCollection dynamicObjectCollection) {
        HashMap hashMap = new HashMap();
        Iterator it = dynamicObjectCollection.iterator();
        while (it.hasNext()) {
            DynamicObject dynamicObject = (DynamicObject) it.next();
            if (dynamicObject != null && dynamicObject.get(API_SERVICE) != null) {
                String string = ((DynamicObject) dynamicObject.get(API_SERVICE)).getString(FIELD_URL);
                hashMap.put(string, getApiAclModelFromCache(string));
            }
        }
        return hashMap;
    }

    public static ThirdAppAclModel getThirdAppAclInfoModelFromCache(String str) {
        ThirdAppAclModel thirdAppAclModel = (ThirdAppAclModel) LocalCacheUtil.getCacheByKey("ThirdAppAclModel", str);
        if (thirdAppAclModel != null) {
            return thirdAppAclModel;
        }
        ThirdAppAclModel thirdAppAclInfoModelFromDb = getThirdAppAclInfoModelFromDb(str);
        LocalCacheUtil.setCacheByKey("ThirdAppAclModel", str, thirdAppAclInfoModelFromDb);
        return thirdAppAclInfoModelFromDb;
    }

    public static ApiAclInfoModel getApiAclModelFromCache(String str) {
        ApiAclInfoModel apiAclInfoModel = (ApiAclInfoModel) LocalCacheUtil.getCacheByKey("ApiAclInfoModel", str);
        if (apiAclInfoModel != null) {
            return apiAclInfoModel;
        }
        ApiAclInfoModel apiServiceFromDb = getApiServiceFromDb(str);
        LocalCacheUtil.setCacheByKey("ApiAclInfoModel", str, apiServiceFromDb);
        return apiServiceFromDb;
    }

    private static ApiAclInfoModel getApiServiceFromDb(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new OpenApiException(ApiErrorCode.HTTP_NOT_FOUND, "The accessUrl cannot be null.", new Object[0]);
        }
        DynamicObject apiObjForUrl = getApiObjForUrl(str);
        if (apiObjForUrl == null || apiObjForUrl.getString(APPID) == null) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, "The appId cannot be null.", new Object[0]);
        }
        String string = apiObjForUrl.getString(APPID);
        String string2 = apiObjForUrl.getString(ALLOWGUEST);
        ApiAclInfoModel apiAclInfoModel = new ApiAclInfoModel();
        apiAclInfoModel.setAppId(string);
        apiAclInfoModel.setAnonymousAccess(StringUtils.isNotEmpty(string2) && TRUE.equalsIgnoreCase(string2));
        apiAclInfoModel.setApiServiceId(apiObjForUrl.getString(APISERVICEID));
        apiAclInfoModel.setApiEnable(API_STATUS_INCLUD.contains(apiObjForUrl.getString(ENABLE)));
        apiAclInfoModel.setApiUserAccessMap(getApiUsersByApiNumber(apiObjForUrl.getString(NUMBER)));
        apiAclInfoModel.setUrl(apiObjForUrl.getString(FIELD_URL));
        return apiAclInfoModel;
    }

    private static AppAclModel getAppAclInfoModelFromDb(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, "The appId cannot be null.", new Object[0]);
        }
        DynamicObject[] apiObjByAppid = getApiObjByAppid(str);
        AppAclModel appAclModel = new AppAclModel();
        appAclModel.setAppId(str);
        DynamicObject findAppInfoByAppId = findAppInfoByAppId(str);
        HashMap hashMap = new HashMap();
        if (findAppInfoByAppId == null) {
            appAclModel.setApiDisableMap(hashMap);
            appAclModel.setEnable(true);
            return appAclModel;
        }
        appAclModel.setEnable(Boolean.valueOf(!findAppInfoByAppId.getBoolean(IS_FORBIDDEN)).booleanValue());
        appAclModel.setAppName(findAppInfoByAppId.getDynamicObject(BIZ_APP).getString(NAME));
        if (!appAclModel.isEnable() && apiObjByAppid != null && !CollectionUtil.isEmpty(apiObjByAppid)) {
            for (DynamicObject dynamicObject : apiObjByAppid) {
                hashMap.put(dynamicObject.getString(FIELD_URL), 1);
            }
        }
        appAclModel.setApiDisableMap(hashMap);
        return appAclModel;
    }

    public static void removeIpinfondThirdAppAcl(String str) {
        LocalCacheUtil.removeCacheByKey("IpinfoModel", str);
        LocalCacheUtil.removeCacheByKey("ThirdAppAclModel", str);
    }

    public static void removeApiAclModel(String str) {
        LocalCacheUtil.removeCacheByKey("ApiAclInfoModel", str);
    }

    public static void removeApiAclInfoModel(ListSelectedRowCollection listSelectedRowCollection) {
        ArrayList arrayList = new ArrayList();
        listSelectedRowCollection.forEach(listSelectedRow -> {
            arrayList.add((Long) listSelectedRow.getPrimaryKeyValue());
        });
        Map loadFromCache = BusinessDataServiceHelper.loadFromCache(OPEN_APISERVICE, APPID_URLFORMAT, new QFilter[]{new QFilter(APISERVICEID, "in", arrayList)});
        HashSet hashSet = new HashSet();
        loadFromCache.values().forEach(dynamicObject -> {
            String string = dynamicObject.getString(FIELD_URL);
            LocalCacheUtil.removeCacheByKey("ApiAclInfoModel", string);
            hashSet.add(getApiObjForUrl(string).getString(APPID));
        });
        if (CollectionUtil.isEmpty(hashSet)) {
            return;
        }
        hashSet.forEach(str -> {
            LocalCacheUtil.removeCacheByKey("AppAclModel", str);
        });
    }

    public static void removeAppAclModel(String str) {
        LocalCacheUtil.removeCacheByKey("AppAclModel", str);
    }

    public static AppAclModel getAppAclInfoModelFromCache(String str) {
        AppAclModel appAclModel = (AppAclModel) LocalCacheUtil.getCacheByKey("AppAclModel", str);
        if (appAclModel != null) {
            return appAclModel;
        }
        AppAclModel appAclInfoModelFromDb = getAppAclInfoModelFromDb(str);
        LocalCacheUtil.setCacheByKey("AppAclModel", str, appAclInfoModelFromDb);
        return appAclInfoModelFromDb;
    }

    public static boolean checkAppAclModel(String str, AppAclModel appAclModel) {
        return appAclModel.isEnable() || appAclModel.getApiDisableMap().get(str) == null || appAclModel.getApiDisableMap().get(str).intValue() != 1;
    }

    public static boolean checkApiAnonymousAccess(ApiAclInfoModel apiAclInfoModel, boolean z) {
        return z && apiAclInfoModel != null && apiAclInfoModel.isAnonymousAccess();
    }

    public static boolean checkApiEnable(ApiAclInfoModel apiAclInfoModel) {
        return apiAclInfoModel != null && apiAclInfoModel.isApiEnable();
    }

    public static boolean checkAppEnableDateRange(ThirdAppAclModel thirdAppAclModel) {
        return CommonDateUtil.compareDateTime(thirdAppAclModel.getLastEnableTime(), thirdAppAclModel.getLastStopTime());
    }

    public static boolean checkApiAuthUser(ApiAclInfoModel apiAclInfoModel, Long l) {
        Map<String, Integer> apiUserAccessMap = apiAclInfoModel.getApiUserAccessMap();
        if (CollectionUtil.isEmpty(apiUserAccessMap)) {
            return true;
        }
        return apiUserAccessMap.get(l.toString()) != null && apiUserAccessMap.get(l.toString()).intValue() == 1;
    }

    public static boolean checkApiAct(String str, ThirdAppAclModel thirdAppAclModel) {
        ApiAclInfoModel apiAclInfoModel = thirdAppAclModel.getAllowApiMap().get(str);
        return apiAclInfoModel != null && apiAclInfoModel.isApiEnable();
    }

    public static DynamicObject getApiObjForUrl(String str) {
        return BusinessDataServiceHelper.loadSingleFromCache(OPEN_APISERVICE, APPID_URLFORMAT_ENABLE_ALLOW_GUEST, new QFilter[]{new QFilter(FIELD_URL, "=", str)});
    }

    private static DynamicObject[] getApiObjByAppid(String str) {
        return BusinessDataServiceHelper.load(OPEN_APISERVICE, APPID_URLFORMAT, new QFilter[]{new QFilter(APP_ID, "=", str)});
    }

    private static DynamicObject findAppInfoByAppId(String str) {
        return BusinessDataServiceHelper.loadSingleFromCache(OPEN_APP_AUTHORIZE_LIST, IS_FORBIDDEN_BIZAPP, new QFilter[]{new QFilter(BIZ_APP, "=", str)});
    }

    public static Map<String, Integer> getApiUsersByApiNumber(String str) {
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(OPEN_API_AUTHORIZE, API_USERS, new QFilter[]{new QFilter(API_NUMBER, "=", str)});
        HashMap hashMap = new HashMap();
        if (loadSingleFromCache != null) {
            DynamicObjectCollection dynamicObjectCollection = loadSingleFromCache.getDynamicObjectCollection(API_USERS);
            if (!dynamicObjectCollection.isEmpty()) {
                Iterator it = dynamicObjectCollection.iterator();
                while (it.hasNext()) {
                    hashMap.put(String.valueOf(((DynamicObject) it.next()).get(BASE_DATA_ID)), 1);
                }
            }
        }
        return hashMap;
    }
}
