package com.els.base.auth.web.controller;

import com.els.base.auth.entity.Role;
import com.els.base.auth.entity.RoleRight;
import com.els.base.auth.service.RoleRightService;
import com.els.base.auth.service.RoleService;
import com.els.base.auth.utils.SpringSecurityUtils;
import com.els.base.core.entity.ResponseResult;
import com.els.base.core.exception.CommonException;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.util.List;
import javax.annotation.Resource;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"roleRight"})
@Controller
/* loaded from: input_file:com/els/base/auth/web/controller/RightController.class */
public class RightController {

    @Resource
    private RoleRightService rightService;

    @Resource
    private RoleService roleService;

    @RequestMapping({"service/authorizedOperator"})
    @ApiOperation(value = "对角色授权或取消授权", httpMethod = "POST")
    @ResponseBody
    public ResponseResult<String> authorizedOperator(@RequestParam @ApiParam("角色id") String str, @RequestBody List<RoleRight> list) {
        Role role = (Role) this.roleService.queryObjById(str);
        if (role == null) {
            throw new CommonException("该数据不存在", "do_not_exists", new Object[]{"角色数据"});
        }
        if (Role.ROLE_LEVEL_SYS.equals(role.getRoleLevel()) && !SpringSecurityUtils.isManagerLoginUser()) {
            throw new CommonException("该角色是系统角色无法修改", "can_not_delete_sys_role");
        }
        this.rightService.authorized(str, list);
        return ResponseResult.success();
    }
}
