package kd.bos.service.attachment;

import com.google.common.io.ByteStreams;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import kd.bos.cache.CacheFactory;
import kd.bos.cache.DistributeCacheHAPolicy;
import kd.bos.cache.DistributeSessionlessCache;
import kd.bos.cache.tempfile.TempFileExtension;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.dataentity.serialization.SerializationUtils;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.exception.ErrorCode;
import kd.bos.exception.KDException;
import kd.bos.file.security.FileChecker;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.mservice.attachment.IAttachmentService;
import kd.bos.orm.util.CollectionUtils;
import kd.bos.permission.api.PermissionService;
import kd.bos.service.ServiceFactory;
import kd.bos.servicehelper.devportal.BizAppServiceHelp;
import kd.bos.servicehelper.permission.PermissionServiceHelper;
import kd.bos.web.DispatchServiceHelper;

/* loaded from: input_file:kd/bos/service/attachment/TempFileExtensionImpl.class */
public class TempFileExtensionImpl implements TempFileExtension {
    private static final String PRINT_CHECKID = "PrintCheckId:";
    private static final String ATTATCHMENT_CHECKID = "TempFileCheckId:";
    private static final String REPORT_CHECKID = "ReportTempFileCheckId:";
    private static Log log = LogFactory.getLog(TempFileExtensionImpl.class);
    private static final DistributeSessionlessCache cache = CacheFactory.getCommonCacheFactory().getDistributeSessionlessCache("", new DistributeCacheHAPolicy(true, true));

    public String checkAsId(String str, boolean z) {
        if (z) {
            String str2 = (String) cache.get(ATTATCHMENT_CHECKID + str);
            if (StringUtils.isBlank(str2)) {
                str2 = (String) cache.get(REPORT_CHECKID + str);
            }
            Map<String, Object> map = null;
            if (StringUtils.isNotBlank(str2)) {
                map = (Map) SerializationUtils.fromJsonString(str2, Map.class);
            }
            if (CollectionUtils.isEmpty(map)) {
                if (!hasPermission((String) cache.get(PRINT_CHECKID + str)).booleanValue()) {
                    throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "TempFileCheckServiceImpl_0", "bos-mservice-form", new Object[0])), new Object[0]);
                }
            } else if (checkTempFilePermission()) {
                ArrayList arrayList = new ArrayList(1);
                arrayList.add(map);
                if (!hasPermission(arrayList).booleanValue()) {
                    throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "TempFileCheckServiceImpl_0", "bos-mservice-form", new Object[0])), new Object[0]);
                }
            }
        }
        return str;
    }

    protected Boolean hasPermission(List<Map<String, Object>> list) {
        String str;
        long currUserId = RequestContext.get().getCurrUserId();
        log.info("curUserId : " + currUserId + " ; attRefEntityKeyList : " + SerializationUtils.toJsonString(list));
        if (currUserId == -1) {
            return Boolean.TRUE;
        }
        Boolean bool = Boolean.FALSE;
        if (list.size() == 0) {
            bool = Boolean.TRUE;
        }
        Iterator<Map<String, Object>> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Map<String, Object> next = it.next();
            try {
                str = (String) next.get("entityNum");
            } catch (Exception e) {
            }
            if (next.containsKey("permissionItemId") && StringUtils.isBlank(Boolean.valueOf(next.containsKey("permissionItemId")))) {
                return Boolean.TRUE;
            }
            HashSet hashSet = new HashSet();
            String str2 = next.get("permissionItemId") == null ? "2NJ5XVVCMBCL" : (String) next.get("permissionItemId");
            hashSet.add(str2);
            if (((Boolean) PermissionServiceHelper.checkMultiPermItemInfos(currUserId, str, hashSet).get(str2)).booleanValue()) {
                bool = Boolean.TRUE;
                break;
            }
        }
        log.info("hasPermission : " + bool + " ; curUserId : " + currUserId);
        return bool;
    }

    public byte[] checkFile(byte[] bArr, String str) {
        boolean parseBoolean = Boolean.parseBoolean(System.getProperty("check.file.security", "false"));
        log.info("check.file.security : " + parseBoolean);
        if (!parseBoolean) {
            return bArr;
        }
        try {
            return ByteStreams.toByteArray(FileChecker.fileSecurityVerification(new ByteArrayInputStream(bArr), str));
        } catch (IOException e) {
            log.error("ByteStreams.toByteArray IOException : " + e);
            return bArr;
        }
    }

    private Boolean hasPermission(String str) {
        if (StringUtils.isBlank(str)) {
            return Boolean.TRUE;
        }
        String userId = RequestContext.get().getUserId();
        try {
            Map map = (Map) SerializationUtils.fromJsonString(str, Map.class);
            String valueOf = String.valueOf(map.get("userId"));
            if (!StringUtils.equalsIgnoreCase(userId, valueOf)) {
                return Boolean.FALSE;
            }
            if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkTempFilePermission", new Object[0])))) {
                return true;
            }
            Boolean bool = Boolean.TRUE;
            Object obj = map.get("formId");
            Object obj2 = map.get("appId");
            if (obj != null) {
                bool = Boolean.valueOf(((PermissionService) ServiceFactory.getService(PermissionService.class)).checkPermission(Long.parseLong(valueOf), obj2 == null ? BizAppServiceHelp.getAppIdByFormNum((String) obj) : (String) obj2, (String) obj, "4730fc9e000000ac"));
            }
            return bool;
        } catch (Exception e) {
            log.error("验签转换Map失败,可能是只有用户id。", e);
            return !StringUtils.equalsIgnoreCase(userId, str) ? Boolean.FALSE : Boolean.TRUE;
        }
    }

    private boolean checkTempFilePermission() {
        return new AttachmentServiceImpl().checkTempFilePermission();
    }
}
