package kd.bos.web.actions.utils;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kd.bos.actiondispatcher.ActionUtil;
import kd.bos.attachment.util.BillFileMappingWriter;
import kd.bos.cache.CacheFactory;
import kd.bos.cache.DistributeCacheHAPolicy;
import kd.bos.cache.DistributeSessionlessCache;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.dataentity.serialization.SerializationUtils;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.entity.EntityMetadataCache;
import kd.bos.exception.ErrorCode;
import kd.bos.exception.KDException;
import kd.bos.form.ControlTypes;
import kd.bos.form.FormConfig;
import kd.bos.form.IFormView;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.mservice.attachment.IAttachmentService;
import kd.bos.mservice.attachment.SyncStatus;
import kd.bos.mvc.SessionManager;
import kd.bos.orm.query.QFilter;
import kd.bos.service.ServiceFactory;
import kd.bos.service.metadata.MetadataService;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.permission.PermissionServiceHelper;
import kd.bos.web.DispatchServiceHelper;

/* loaded from: input_file:kd/bos/web/actions/utils/FilePremissionUtil.class */
public class FilePremissionUtil {
    private static final String STATUS = "status";
    private static final String DESCRIPTION = "description";
    private static final String ERROR = "error";
    private static final String BOS_SVC_COMMON = "bos-svc-common";
    private static final String ENTITY_BOS_BILL_FILE_MAPPING = "bos_bill_file_mapping";
    private static Log log = LogFactory.getLog(FilePremissionUtil.class);
    private static final Map<String, String> permItemMapping = new HashMap(11);
    private static DistributeSessionlessCache cache = CacheFactory.getCommonCacheFactory().getDistributeSessionlessCache("", new DistributeCacheHAPolicy(true, true));

    /* JADX WARN: Multi-variable type inference failed */
    public static String checkFilePremission(Map<String, Object> map) throws UnsupportedEncodingException {
        String str = map.get("path") != null ? (String) map.get("path") : "";
        String str2 = map.get("permItem") != null ? (String) map.get("permItem") : "";
        if (StringUtils.isNotBlank(str)) {
            List arrayList = new ArrayList(10);
            if (str.contains("tempfile/download.do?configKey")) {
                if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkTempFilePermission", new Object[0])))) {
                    return str;
                }
                String str3 = (String) cache.get("TempFileCheckId:" + str.split("id=")[1]);
                if (StringUtils.isNotBlank(str3)) {
                    Map map2 = (Map) SerializationUtils.fromJsonString(str3, Map.class);
                    map2.put("permItem", str2);
                    arrayList.add(map2);
                }
            } else {
                if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0])))) {
                    return str;
                }
                while (str.contains("//")) {
                    str = str.replaceAll("//", "/");
                }
                arrayList = getFileRefListByPath(str, Boolean.TRUE);
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                ((Map) it.next()).put("permItem", str2);
            }
            if (!hasEntityPermission(arrayList).booleanValue()) {
                throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "AttachmentAction_11", "bos-webactions", new Object[0])), new Object[0]);
            }
        }
        return str;
    }

    public static List<Map<String, Object>> getFileRefListByPath(String str, Boolean bool) {
        ArrayList arrayList = new ArrayList();
        DynamicObject[] load = BusinessDataServiceHelper.load("bos_bill_file_mapping", "APPID,BIZOBJ", new QFilter[]{new QFilter("path", "=", str), new QFilter("syncStatus", "=", SyncStatus.Success.getValue())});
        for (DynamicObject dynamicObject : load) {
            HashMap hashMap = new HashMap(2);
            DynamicObject dynamicObject2 = dynamicObject.getDynamicObject("BIZOBJ");
            if (dynamicObject2 != null) {
                hashMap.put("entityNum", dynamicObject2.getString("NUMBER"));
                arrayList.add(hashMap);
            }
        }
        if (load.length == 0 && bool.booleanValue()) {
            BillFileMappingWriter.syncWriteFileBillMapping(str);
        }
        return arrayList;
    }

    public static Boolean hasEntityPermission(List<Map<String, Object>> list) {
        HashSet hashSet;
        String str;
        String str2;
        boolean parseBoolean = Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0])));
        long currUserId = RequestContext.get().getCurrUserId();
        log.info("checkFilePermission : " + parseBoolean + " ; curUserId : " + currUserId + " ; attRefEntityKeyList : " + SerializationUtils.toJsonString(list));
        if (parseBoolean && !"-1".equals(String.valueOf(currUserId))) {
            Boolean bool = Boolean.FALSE;
            if (list.size() == 0 || list.get(0).size() == 0) {
                return Boolean.TRUE;
            }
            String str3 = (String) list.get(0).get("entityNum");
            Object obj = list.get(0).get("permItem");
            String str4 = obj instanceof String ? (String) obj : null;
            if (StringUtils.isBlank(str3) || StringUtils.isBlank(str4)) {
                log.info("kd.bos.web.actions.handler.ImportAttachHandle.handler --- entityNum = " + str3 + " --- ,permItem = " + str4);
                throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "AttachmentAction_11", "bos-webactions", new Object[0])), new Object[0]);
            }
            log.info("begin check --- curUserId : " + currUserId + " ; checkEntityKeyList : " + SerializationUtils.toJsonString(list));
            for (Map<String, Object> map : list) {
                try {
                    hashSet = new HashSet();
                    str = (String) map.get("entityNum");
                    str2 = (String) map.get("permItem");
                    hashSet.add(str2);
                } catch (Exception e) {
                }
                if (((Boolean) PermissionServiceHelper.checkMultiPermItemInfos(currUserId, str, hashSet).get(str2)).booleanValue()) {
                    bool = Boolean.TRUE;
                    break;
                }
                continue;
            }
            log.info("hasPermission : " + bool + " ; curUserId : " + currUserId);
            return bool;
        }
        return Boolean.TRUE;
    }

    public static Boolean checkUploadPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        return checkUploadPermission(httpServletRequest, httpServletResponse, "", "", "");
    }

    public static Boolean checkUploadPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3) throws IOException {
        if (Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0]))) && !tryGetHasRightValue(httpServletRequest).booleanValue()) {
            ArrayList arrayList = new ArrayList();
            if (StringUtils.isBlank(str2)) {
                str2 = httpServletRequest.getParameter("fId");
            }
            if (StringUtils.isBlank(str2)) {
                log.info("kd.bos.web.actions.utils.FilePermissionUtil.checkUploadPermission --- entityNum = " + str2);
                return Boolean.TRUE;
            }
            String realEntityNum = getRealEntityNum(str2);
            HashMap hashMap = new HashMap();
            hashMap.put("entityNum", realEntityNum);
            hashMap.put("permItem", str3);
            arrayList.add(hashMap);
            Boolean hasEntityPermission = hasEntityPermission(arrayList);
            if (!hasEntityPermission.booleanValue()) {
                writeErrorMessage(httpServletResponse, genNoPermissionTips(realEntityNum, str3));
            }
            return hasEntityPermission;
        }
        return Boolean.TRUE;
    }

    private static String getRealEntityNum(String str) {
        FormConfig formConfig;
        String str2 = (String) DispatchServiceHelper.invokeBOSServiceByFormId(str, MetadataService.class.getSimpleName(), "loadFormConfig", new Object[]{str});
        if (StringUtils.isBlank(str2)) {
            return str;
        }
        try {
            formConfig = (FormConfig) ControlTypes.fromJsonStringToObj(str2);
        } catch (Exception e) {
            log.error(e);
            try {
                formConfig = (FormConfig) SerializationUtils.fromJsonString(str2, FormConfig.class);
            } catch (Exception e2) {
                log.error(e2);
                return str;
            }
        }
        return formConfig.getEntityTypeId();
    }

    private static void writeErrorMessage(HttpServletResponse httpServletResponse, String str) throws IOException {
        HashMap hashMap = new HashMap();
        hashMap.put(STATUS, ERROR);
        hashMap.put(DESCRIPTION, str);
        ActionUtil.writeResponseJson(httpServletResponse, SerializationUtils.toJsonString(hashMap));
    }

    public static String genNoPermissionTips(String str, String str2) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        try {
            return String.format(ResManager.loadKDString("您没有“%1$s”的“%2$s”操作的功能权限。", "NoPermissionTips", BOS_SVC_COMMON, new Object[0]), EntityMetadataCache.getDataEntityType(str).getDisplayName(), permItemMapping.get(str2));
        } catch (Exception e) {
            log.info("kd.bos.web.actions.utils.FilePermissionUtil.genNoPermissionTips --- entityNum is error : " + str);
            return "";
        }
    }

    public static Boolean tryGetHasRightValue(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("pageId");
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getParameter("pageId");
        }
        return tryGetHasRightValue(header);
    }

    public static Boolean tryGetHasRightValue(String str) {
        try {
            if (StringUtils.isBlank(str)) {
                return Boolean.FALSE;
            }
            SessionManager current = SessionManager.getCurrent();
            current.setRequestThread(true);
            String str2 = (String) current.getViewNoPlugin(str).getFormShowParameter().getCustomParam("SOURCE");
            boolean equals = "WF".equals(str2);
            log.info("tryGetHasRightValue source is " + str2 + ", hasRight is" + equals);
            return Boolean.valueOf(equals);
        } catch (Throwable th) {
            log.warn("tryGetHasRightValue fail : " + th);
            return Boolean.FALSE;
        }
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, IFormView iFormView, boolean z) {
        return hasAttachmentOpPermission(null, str, str2, iFormView, z);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, String str3, IFormView iFormView, boolean z) {
        if (iFormView != null && tryGetHasRightValue(iFormView.getPageId()).booleanValue()) {
            return true;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("permItem", str3);
        if (StringUtils.isNotBlank(str)) {
            hashMap.put("appId", str);
        }
        hashMap.put("entityNum", str2);
        ArrayList arrayList = new ArrayList();
        arrayList.add(hashMap);
        Boolean hasEntityPermission = hasEntityPermission(arrayList);
        if (!hasEntityPermission.booleanValue() && !str3.equals("2NJ6+I0X0CJ8") && z && iFormView != null) {
            iFormView.showErrorNotification(genNoPermissionTips(str2, str3));
        }
        return hasEntityPermission.booleanValue();
    }

    public static String getPermissionItem(String str, String str2) {
        if (!StringUtils.isBlank(str) && !((MetadataService) ServiceFactory.getService(MetadataService.class)).loadPermissionItems(str).contains(str2)) {
            return (str2.equals("2NJ5XVVCMBCL") || str2.equals("2NJ5VA7D2ONF")) ? "47150e89000000ac" : (str2.equals("2NJ5SR4NUEJ=") || str2.equals("2NJ5YJOIS+MJ")) ? "4715a0df000000ac" : str2;
        }
        return str2;
    }

    static {
        permItemMapping.put("2NJ5SR4NUEJ=", ResManager.loadKDString("上传文件", "PermItemConst_ATT_UPLOAD", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ60PNBVYUD", ResManager.loadKDString("全部下载", "PermItemConst_ATT_DOWNLOAD_ALL", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ5VA7D2ONF", ResManager.loadKDString("预览文件", "PermItemConst_ATT_PREVIEW", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ5W8AA040D", ResManager.loadKDString("重命名文件", "PermItemConst_ATT_RENAME", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ5XVVCMBCL", ResManager.loadKDString("下载文件", "PermItemConst_ATT_DOWNLOAD", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ5YJOIS+MJ", ResManager.loadKDString("删除文件", "PermItemConst_ATT_DELETE", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ5ZK67OB2T", ResManager.loadKDString("修改文件备注", "PermItemConst_ATT_ALTER_MARK", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("2NJ6+I0X0CJ8", ResManager.loadKDString("附件查询", "PermItemConst_ATT_VIEW", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("47150e89000000ac", ResManager.loadKDString("查询", "PermItemConst_ITEM_VIEW", BOS_SVC_COMMON, new Object[0]));
        permItemMapping.put("4715a0df000000ac", ResManager.loadKDString("修改", "PermItemConst_ITEM_MODIFY", BOS_SVC_COMMON, new Object[0]));
    }
}
