package com.els.mysql.interceptor;

import com.els.common.SysProperties;
import com.els.service.DataRuleService;
import com.els.util.SpringContextHelper;
import com.els.vo.DataRuleVO;
import com.els.web.filter.ContextFilter;
import com.els.web.filter.XSSSecurityCon;
import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.sql.Connection;
import java.sql.Statement;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.ibatis.plugin.Intercepts;
import org.apache.ibatis.plugin.Invocation;
import org.apache.ibatis.plugin.Plugin;
import org.apache.ibatis.plugin.Signature;
import org.apache.ibatis.reflection.DefaultReflectorFactory;
import org.apache.ibatis.reflection.MetaObject;
import org.apache.ibatis.reflection.ReflectorFactory;
import org.apache.ibatis.reflection.factory.DefaultObjectFactory;
import org.apache.ibatis.reflection.factory.ObjectFactory;
import org.apache.ibatis.reflection.wrapper.DefaultObjectWrapperFactory;
import org.apache.ibatis.reflection.wrapper.ObjectWrapperFactory;
import org.apache.ibatis.session.ResultHandler;

@Intercepts({@Signature(type = StatementHandler.class, method = "prepare", args = {Connection.class}), @Signature(type = StatementHandler.class, method = "update", args = {Statement.class}), @Signature(type = StatementHandler.class, method = "query", args = {Statement.class, ResultHandler.class})})
/* loaded from: input_file:com/els/mysql/interceptor/DataPermissionInterceptor.class */
public class DataPermissionInterceptor implements Interceptor {
    private final Log logger = LogFactory.getLog(DataPermissionInterceptor.class);
    private final ObjectFactory DEFAULT_OBJECT_FACTORY = new DefaultObjectFactory();
    private final ObjectWrapperFactory DEFAULT_OBJECT_WRAPPER_FACTORY = new DefaultObjectWrapperFactory();
    private final ReflectorFactory DEFAULT_REFLECTOR_FACTORY = new DefaultReflectorFactory();
    private final String projectCode = SysProperties.INSTANCE.getSysProperties().getProperty("projectCode");
    private final String commonDbName = SysProperties.INSTANCE.getSysProperties().getProperty("commonDbName");
    private final String commonTableName = SysProperties.INSTANCE.getSysProperties().getProperty("commonTableName");
    private static final Pattern P = Pattern.compile("(AND|OR|\\()\\s([\\S]+)\\s(\\>=|=|\\<=|\\>|\\<|like)");

    public Object intercept(Invocation invocation) throws Throwable {
        String replaceAll;
        StatementHandler statementHandler = (StatementHandler) invocation.getTarget();
        BoundSql boundSql = statementHandler.getBoundSql();
        MetaObject forObject = MetaObject.forObject(statementHandler, this.DEFAULT_OBJECT_FACTORY, this.DEFAULT_OBJECT_WRAPPER_FACTORY, this.DEFAULT_REFLECTOR_FACTORY);
        String str = XSSSecurityCon.REPLACEMENT;
        String str2 = XSSSecurityCon.REPLACEMENT;
        String str3 = XSSSecurityCon.REPLACEMENT;
        String str4 = XSSSecurityCon.REPLACEMENT;
        String str5 = XSSSecurityCon.REPLACEMENT;
        String str6 = XSSSecurityCon.REPLACEMENT;
        String str7 = XSSSecurityCon.REPLACEMENT;
        String str8 = XSSSecurityCon.REPLACEMENT;
        String str9 = XSSSecurityCon.REPLACEMENT;
        for (Map.Entry<String, Object> entry : transBean2Map(boundSql.getParameterObject()).entrySet()) {
            if ("permissionObject".equals(entry.getKey())) {
                str6 = (String) entry.getValue();
            } else if ("elsAccount".equals(entry.getKey()) && entry.getValue() != null && StringUtils.isBlank(str)) {
                str = (String) entry.getValue();
            } else if ("elsSubAccount".equals(entry.getKey())) {
                str2 = (String) entry.getValue();
            } else if ("permissionObjectAlia".equals(entry.getKey())) {
                str7 = (String) entry.getValue();
            } else if ("toElsAccount".equals(entry.getKey())) {
            } else if ("businessElsAccount".equals(entry.getKey()) && entry.getValue() != null) {
                str = (String) entry.getValue();
            } else if ("createUser".equals(entry.getKey()) && entry.getValue() != null) {
                str3 = (String) entry.getValue();
            } else if ("currentFactory".equals(entry.getKey()) && entry.getValue() != null) {
                str4 = (String) entry.getValue();
            } else if ("currentCompanyCode".equals(entry.getKey()) && entry.getValue() != null) {
                str5 = (String) entry.getValue();
                System.out.println("currentCompanyCode:" + str5);
            } else if ("permissionConditions".equals(entry.getKey()) && entry.getValue() != null) {
                str8 = (String) entry.getValue();
            } else if ("dataPermissionCode".equals(entry.getKey()) && entry.getValue() != null) {
                str9 = (String) entry.getValue();
            }
        }
        String str10 = (String) forObject.getValue("delegate.boundSql.sql");
        if (!(invocation.getArgs()[0] instanceof Connection)) {
            return invocation.proceed();
        }
        HttpServletRequest httpServletRequest = ContextFilter.context.get();
        String str11 = XSSSecurityCon.REPLACEMENT;
        if (httpServletRequest != null && httpServletRequest.getSession() != null) {
            str11 = String.valueOf(httpServletRequest.getSession().getAttribute("elsAccount"));
        }
        if (StringUtils.isNotBlank(str6) && StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2) && str.equals(str11)) {
            DataRuleService dataRuleService = (DataRuleService) SpringContextHelper.getBean("dataRuleServiceImpl");
            List<DataRuleVO> dataRule = dataRuleService.getDataRule(str, str2, str6);
            String str12 = XSSSecurityCon.REPLACEMENT;
            if (dataRule.size() > 0) {
                str12 = dataRuleService.getObjectSql(str6);
            }
            if (StringUtils.isBlank(str12)) {
                StringBuffer stringBuffer = new StringBuffer();
                Iterator<DataRuleVO> it = dataRule.iterator();
                while (it.hasNext()) {
                    stringBuffer.append(" ").append(it.next().getRuleSql());
                }
                replaceAll = stringBuffer.toString().replaceAll("  ", " ");
            } else {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append(" AND EXISTS(").append(str12);
                Iterator<DataRuleVO> it2 = dataRule.iterator();
                while (it2.hasNext()) {
                    stringBuffer2.append(" ").append(it2.next().getRuleSql());
                }
                stringBuffer2.append(str8);
                stringBuffer2.append(" ) ");
                replaceAll = stringBuffer2.toString().replaceAll("  ", " ");
            }
            if (StringUtils.isNotBlank(replaceAll) && StringUtils.isNotBlank(str7)) {
                Matcher matcher = P.matcher(replaceAll);
                while (matcher.find()) {
                    replaceAll = replaceAll.replaceAll(" " + matcher.group(2) + " =", " " + str7 + "." + matcher.group(2) + " =").replaceAll(" " + matcher.group(2) + " >=", " " + str7 + "." + matcher.group(2) + " >=").replaceAll(" " + matcher.group(2) + " <=", " " + str7 + "." + matcher.group(2) + " <=").replaceAll(" " + matcher.group(2) + " >", " " + str7 + "." + matcher.group(2) + " >").replaceAll(" " + matcher.group(2) + " <", " " + str7 + "." + matcher.group(2) + " <").replaceAll(" " + matcher.group(2) + " like", " " + str7 + "." + matcher.group(2) + " like").replaceAll(" " + matcher.group(2) + " in", " " + str7 + "." + matcher.group(2) + " in");
                }
            }
            forObject.setValue("delegate.boundSql.sql", packageSQL(str10, replaceAll.replaceAll("\\{currentUserAccount\\}", str2).replaceAll("\\{currentUser\\}", str3).replaceAll("\\{currentFactory\\}", str4).replaceAll("\\{currentCompanyCode\\}", str5).replaceAll("\\{dataPermissionCode\\}", str9).toString()));
        } else {
            forObject.setValue("delegate.boundSql.sql", filterTable(str10));
        }
        return invocation.proceed();
    }

    public static void main(String[] strArr) {
    }

    private String packageSQL(String str, String str2) {
        String filterTable = filterTable(str);
        int lastIndexOf = filterTable.lastIndexOf("where ");
        int lastIndexOf2 = filterTable.lastIndexOf("WHERE ");
        int i = lastIndexOf >= lastIndexOf2 ? lastIndexOf : lastIndexOf2;
        if (i != -1) {
            filterTable = String.valueOf(filterTable.substring(0, i)) + "where 1=1 " + str2 + " and " + filterTable.substring(i + 5);
        }
        return filterTable;
    }

    private String filterTable(String str) {
        if (StringUtils.isNotBlank(this.projectCode)) {
            if (str.indexOf("els_table_column_sta") > 0) {
                str = str.replaceAll("els_table_column_sta", "els_table_column_" + this.projectCode);
            }
            if (str.indexOf("els_account_column_sta") > 0) {
                str = str.replaceAll("els_account_column_sta", "els_account_column_" + this.projectCode);
            }
            if (str.indexOf("els_table_sta") > 0) {
                str = str.replaceAll("els_table_sta", "els_table_" + this.projectCode);
            }
            if (str.indexOf("els_subaccount_column_sta") > 0) {
                str = str.replaceAll("els_subaccount_column_sta", "els_subaccount_column_" + this.projectCode);
            }
            if (str.indexOf("els_subaccount_table_sta") > 0) {
                str = str.replaceAll("els_subaccount_table_sta", "els_subaccount_table_" + this.projectCode);
            }
        }
        if (StringUtils.isNotBlank(this.commonDbName) && StringUtils.isNotBlank(this.commonTableName)) {
            for (String str2 : Arrays.asList(this.commonTableName.split(","))) {
                if (str.indexOf(str2) > 0) {
                    str = str.replaceAll(str2, String.valueOf(this.commonDbName) + "." + str2);
                }
            }
        }
        return str;
    }

    public Object plugin(Object obj) {
        return Plugin.wrap(obj, this);
    }

    public void setProperties(Properties properties) {
    }

    private Map<String, Object> transBean2Map(Object obj) {
        if (obj instanceof Map) {
            return (HashMap) obj;
        }
        HashMap hashMap = new HashMap();
        if (obj == null) {
            return hashMap;
        }
        try {
            for (PropertyDescriptor propertyDescriptor : Introspector.getBeanInfo(obj.getClass()).getPropertyDescriptors()) {
                String name = propertyDescriptor.getName();
                if (!"class".equals(name)) {
                    try {
                        hashMap.put(name, propertyDescriptor.getReadMethod().invoke(obj, new Object[0]));
                    } catch (Exception e) {
                    }
                }
            }
        } catch (Exception e2) {
            this.logger.error(e2.getMessage());
        }
        return hashMap;
    }

    private String removeSelectColumn(String str, String str2) {
        int indexOf = str.indexOf("where ");
        int indexOf2 = str.indexOf("WHERE ");
        if (indexOf <= indexOf2) {
            indexOf = indexOf2;
        }
        int indexOf3 = str.indexOf(str2);
        if (indexOf3 > 0 && indexOf3 < indexOf) {
            String trim = str.substring(0, indexOf3).trim();
            String trim2 = str.substring(indexOf3 + str2.length()).trim();
            if (trim.lastIndexOf(",") != -1) {
                trim = trim.substring(0, trim.lastIndexOf(","));
            } else if (trim.endsWith(".")) {
                trim = trim.substring(0, trim.lastIndexOf(" "));
                if (trim2.startsWith(",")) {
                    trim2 = trim2.substring(1);
                }
            }
            str = String.valueOf(trim) + " " + trim2;
        }
        return str;
    }
}
