package kd.bos.web.actions.utils;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kd.bos.actiondispatcher.ActionUtil;
import kd.bos.attachment.util.BillFileMappingWriter;
import kd.bos.cache.CacheFactory;
import kd.bos.cache.DistributeCacheHAPolicy;
import kd.bos.cache.DistributeSessionlessCache;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.dataentity.serialization.SerializationUtils;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.entity.EntityMetadataCache;
import kd.bos.entity.MainEntityType;
import kd.bos.exception.ErrorCode;
import kd.bos.exception.KDException;
import kd.bos.fileservice.FileItem;
import kd.bos.form.ControlTypes;
import kd.bos.form.FormConfig;
import kd.bos.form.IClientViewProxy;
import kd.bos.form.IFormView;
import kd.bos.form.IPageCache;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.metadata.dao.MetadataDao;
import kd.bos.mservice.attachment.IAttachmentService;
import kd.bos.mservice.attachment.SyncStatus;
import kd.bos.mvc.SessionManager;
import kd.bos.orm.query.QFilter;
import kd.bos.orm.util.CollectionUtils;
import kd.bos.permission.api.PermissionService;
import kd.bos.service.ServiceFactory;
import kd.bos.service.metadata.MetadataService;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.devportal.BizAppServiceHelp;
import kd.bos.servicehelper.permission.PermissionServiceHelper;
import kd.bos.web.DispatchServiceHelper;

/* loaded from: input_file:kd/bos/web/actions/utils/FilePremissionUtil.class */
public class FilePremissionUtil {
    private static final String STATUS = "status";
    private static final String DESCRIPTION = "description";
    private static final String ERROR = "error";
    private static final String BOS_SVC_COMMON = "bos-svc-common";
    private static final String ATT_ENTRYGRID_UPLOADVIEW_FORMID = "bos_entryattach_upload";
    private static final String ATT_FIELD_MOB = "bos_mobtb_attfield_upload";
    private static final String PRINT_CHECKID = "PrintCheckId:";
    private static final String ATTATCHMENT_CHECKID = "TempFileCheckId:";
    private static final String REPORT_CHECKID = "ReportTempFileCheckId:";
    protected static final String ID_MAP_KEY = "id";
    private static final String PERM_BIZOBJAPP = "perm_bizobjapp";
    private static final String BIZAPP = "bizapp";
    private static final String ENTITY_BOS_BILL_FILE_MAPPING = "bos_bill_file_mapping";
    private static Log log = LogFactory.getLog(FilePremissionUtil.class);
    private static final Map<String, String> permItemMapping = new HashMap(11);
    private static DistributeSessionlessCache cache = CacheFactory.getCommonCacheFactory().getDistributeSessionlessCache("", new DistributeCacheHAPolicy(true, true));

    /* JADX WARN: Multi-variable type inference failed */
    public static String checkFilePremission(Map<String, Object> map) throws UnsupportedEncodingException {
        String str = map.get("path") != null ? (String) map.get("path") : "";
        String str2 = map.get("permItem") != null ? (String) map.get("permItem") : "";
        if (StringUtils.isNotBlank(str)) {
            List arrayList = new ArrayList(10);
            if (str.contains("tempfile/download.do?configKey")) {
                if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkTempFilePermission", new Object[0])))) {
                    return str;
                }
                String str3 = (String) cache.get(ATTATCHMENT_CHECKID + str.split("id=")[1]);
                if (StringUtils.isNotBlank(str3)) {
                    Map map2 = (Map) SerializationUtils.fromJsonString(str3, Map.class);
                    map2.put("permItem", str2);
                    arrayList.add(map2);
                }
            } else {
                if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0])))) {
                    return str;
                }
                while (str.contains("//")) {
                    str = str.replaceAll("//", "/");
                }
                arrayList = getFileRefListByPath(str, Boolean.TRUE);
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                ((Map) it.next()).put("permItem", str2);
            }
            if (!hasEntityPermission(arrayList).booleanValue()) {
                throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "AttachmentAction_11", "bos-webactions", new Object[0])), new Object[0]);
            }
        }
        return str;
    }

    public static List<Map<String, Object>> getFileRefListByPath(String str, Boolean bool) {
        ArrayList arrayList = new ArrayList();
        DynamicObject[] load = BusinessDataServiceHelper.load("bos_bill_file_mapping", "APPID,BIZOBJ,BILLPKID", new QFilter[]{new QFilter("path", "=", str), new QFilter("syncStatus", "=", SyncStatus.Success.getValue())});
        for (DynamicObject dynamicObject : load) {
            HashMap hashMap = new HashMap(2);
            DynamicObject dynamicObject2 = dynamicObject.getDynamicObject("BIZOBJ");
            if (dynamicObject2 != null) {
                hashMap.put("entityNum", dynamicObject2.getString("NUMBER"));
                hashMap.put("billPkId", dynamicObject.get("billpkid"));
                arrayList.add(hashMap);
            }
        }
        if (load.length == 0 && bool.booleanValue()) {
            BillFileMappingWriter.syncWriteFileBillMapping(str);
        }
        return arrayList;
    }

    public static Boolean hasEntityPermission(List<Map<String, Object>> list) {
        boolean parseBoolean = Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0])));
        long currUserId = RequestContext.get().getCurrUserId();
        log.info("checkFilePermission : " + parseBoolean + " ; curUserId : " + currUserId + " ; attRefEntityKeyList : " + SerializationUtils.toJsonString(list));
        if (parseBoolean && -1 != currUserId) {
            Boolean bool = Boolean.FALSE;
            if (list.size() == 0 || list.get(0).size() == 0) {
                return Boolean.TRUE;
            }
            String str = (String) list.get(0).get("entityNum");
            Object obj = list.get(0).get("permItem");
            String str2 = null;
            if (obj instanceof String) {
                str2 = (String) obj;
            }
            if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
                log.info("kd.bos.web.actions.handler.ImportAttachHandle.handler --- entityNum = " + str + " --- ,permItem = " + str2);
                throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "AttachmentAction_11", "bos-webactions", new Object[0])), new Object[0]);
            }
            log.info("begin check --- curUserId : " + currUserId + " ; checkEntityKeyList : " + SerializationUtils.toJsonString(list));
            Boolean doCheckPermission = doCheckPermission(list, currUserId, bool, false);
            log.info("hasPermission : " + doCheckPermission + " ; curUserId : " + currUserId);
            return doCheckPermission;
        }
        return Boolean.TRUE;
    }

    /* JADX WARN: Code restructure failed: missing block: B:29:0x011b, code lost:
    
        return r10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.Boolean doCheckPermission(java.util.List<java.util.Map<java.lang.String, java.lang.Object>> r7, long r8, java.lang.Boolean r10, boolean r11) {
        /*
            Method dump skipped, instructions count: 284
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: kd.bos.web.actions.utils.FilePremissionUtil.doCheckPermission(java.util.List, long, java.lang.Boolean, boolean):java.lang.Boolean");
    }

    private static Boolean checkDataPermission(long j, String str, Object obj, String str2, List<Object> list) {
        if (list.size() > 0) {
            return doCheckDataPerm(j, str, obj, str2, list);
        }
        return true;
    }

    private static Boolean doCheckDataPerm(long j, String str, Object obj, String str2, List<Object> list) {
        log.info("checkDataPermission : curUserId = " + j + " ; appId = " + getAppId(str) + " ; entityNumCheck = " + str + " ; billPkIdList = " + list);
        Map map = (Map) DispatchServiceHelper.invokeBOSServiceByAppId(getAppId(str), "PermissionService", "checkOperationRule", new Object[]{Long.valueOf(j), str, "view", list, new StringBuilder()});
        log.info("checkDataPermission : operationKey = view ; dataPermMap = " + map);
        Boolean bool = (Boolean) map.get(obj);
        if (("2NJ5SR4NUEJ=".equals(str2) || "2NJ5YJOIS+MJ".equals(str2) || "2NJ5W8AA040D".equals(str2) || "2NJ5ZK67OB2T".equals(str2)) && Boolean.TRUE.equals(bool)) {
            Map map2 = (Map) DispatchServiceHelper.invokeBOSServiceByAppId(getAppId(str), "PermissionService", "checkOperationRule", new Object[]{Long.valueOf(j), str, "modify", list, new StringBuilder()});
            log.info("checkDataPermission : operationKey = modify ; dataPermMap = " + map2);
            bool = (Boolean) map2.get(obj);
        }
        return bool;
    }

    private static String getAppId(String str) {
        String appIdByFormNum = BizAppServiceHelp.getAppIdByFormNum(str);
        if (StringUtils.isBlank(appIdByFormNum)) {
            return "bos";
        }
        String appNumberByAppId = MetadataDao.getAppNumberByAppId(appIdByFormNum);
        return StringUtils.isBlank(appNumberByAppId) ? "bos" : appNumberByAppId;
    }

    private static List<Object> convertBillPkId(Object obj) {
        ArrayList arrayList = new ArrayList();
        if (StringUtils.isBlank(obj) || "0".equals(obj.toString())) {
            return arrayList;
        }
        arrayList.add(obj);
        return arrayList;
    }

    private static Set<String> convertPermItem(String str) {
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        return hashSet;
    }

    private static Map<Object, Boolean> initDataPermMap(Object obj) {
        HashMap hashMap = new HashMap();
        hashMap.put(obj, Boolean.TRUE);
        return hashMap;
    }

    public static Boolean checkUploadPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        return checkUploadPermission(httpServletRequest, httpServletResponse, "", "", "");
    }

    public static Boolean checkUploadPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3) throws IOException {
        return checkUploadPermission(httpServletRequest, httpServletResponse, str, str2, str3, null);
    }

    public static Boolean checkUploadPermission(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, FileItem fileItem) throws IOException {
        String pageId = fileItem != null ? fileItem.getPageId() : "";
        Object genBillPkId = genBillPkId(pageId);
        if (Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0]))) && !tryGetHasRightValue(httpServletRequest).booleanValue() && !tryGetHasRightValue(pageId).booleanValue()) {
            ArrayList arrayList = new ArrayList();
            if (StringUtils.isBlank(str2)) {
                str2 = httpServletRequest.getParameter("fId");
            }
            if (StringUtils.isBlank(str2)) {
                log.info("kd.bos.web.actions.utils.FilePermissionUtil.checkUploadPermission --- entityNum = " + str2);
                return Boolean.TRUE;
            }
            String realEntityNum = getRealEntityNum(str2);
            HashMap hashMap = new HashMap();
            hashMap.put("entityNum", realEntityNum);
            hashMap.put("billPkId", genBillPkId);
            hashMap.put("permItem", str3);
            arrayList.add(hashMap);
            Boolean hasEntityPermission = hasEntityPermission(arrayList);
            if (!hasEntityPermission.booleanValue() && cache.get("import_" + realEntityNum + "_" + pageId) != null) {
                hashMap.put("permItem", "4730fc9f000003ae");
                str3 = "4730fc9f000003ae";
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(hashMap);
                hasEntityPermission = hasEntityPermission(arrayList2);
                cache.remove("import_" + realEntityNum + "_" + pageId);
            }
            if (!hasEntityPermission.booleanValue()) {
                writeErrorMessage(httpServletResponse, genNoPermissionTips(realEntityNum, str3));
            }
            return hasEntityPermission;
        }
        return Boolean.TRUE;
    }

    public static Object genBillPkId(String str) {
        Object obj = "";
        if (StringUtils.isBlank(str)) {
            return obj;
        }
        try {
            SessionManager current = SessionManager.getCurrent();
            current.setRequestThread(true);
            IFormView viewNoPlugin = current.getViewNoPlugin(str);
            obj = viewNoPlugin.getModel().getDataEntity().getPkValue();
            if (!viewNoPlugin.getModel().getDataEntity().getDataEntityState().getFromDatabase()) {
                obj = 0L;
            }
        } catch (Exception e) {
            log.error(e);
        }
        return obj;
    }

    private static String getRealEntityNum(String str) {
        FormConfig formConfig;
        String str2 = (String) DispatchServiceHelper.invokeBOSServiceByFormId(str, MetadataService.class.getSimpleName(), "loadFormConfig", new Object[]{str});
        if (StringUtils.isBlank(str2)) {
            return str;
        }
        try {
            formConfig = (FormConfig) ControlTypes.fromJsonStringToObj(str2);
        } catch (Exception e) {
            log.error(e);
            try {
                formConfig = (FormConfig) SerializationUtils.fromJsonString(str2, FormConfig.class);
            } catch (Exception e2) {
                log.error(e2);
                return str;
            }
        }
        return formConfig.getEntityTypeId();
    }

    private static void writeErrorMessage(HttpServletResponse httpServletResponse, String str) throws IOException {
        HashMap hashMap = new HashMap();
        hashMap.put(STATUS, ERROR);
        hashMap.put(DESCRIPTION, str);
        ActionUtil.writeResponseJson(httpServletResponse, SerializationUtils.toJsonString(hashMap));
    }

    public static String genNoPermissionTips(String str, String str2) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        try {
            MainEntityType dataEntityType = EntityMetadataCache.getDataEntityType(str);
            String loadKDString = ResManager.loadKDString("您没有“%1$s”的“%2$s”操作的功能权限。", "NoPermissionTips", BOS_SVC_COMMON, new Object[0]);
            String permItemNameById = PermissionServiceHelper.getPermItemNameById(str2);
            if (permItemNameById == null) {
                permItemNameById = str2;
            }
            return String.format(loadKDString, dataEntityType.getDisplayName(), permItemNameById);
        } catch (Exception e) {
            log.error("kd.bos.web.actions.utils.FilePermissionUtil.genNoPermissionTips --- entityNum is error : " + e);
            return "";
        }
    }

    @Deprecated
    public static String genNoPermissionTipsForTwoPerms(String str, String str2, String str3) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        try {
            MainEntityType dataEntityType = EntityMetadataCache.getDataEntityType(str);
            String loadKDString = ResManager.loadKDString("您没有“%1$s”的“%2$s”和“%3$s”操作的功能权限。", "NoPermissionTipsForTwoPerms", BOS_SVC_COMMON, new Object[0]);
            String permItemNameById = PermissionServiceHelper.getPermItemNameById(str2);
            String permItemNameById2 = PermissionServiceHelper.getPermItemNameById(str3);
            if (permItemNameById == null) {
                permItemNameById = str2;
            }
            if (permItemNameById2 == null) {
                permItemNameById2 = str3;
            }
            return String.format(loadKDString, dataEntityType.getDisplayName(), permItemNameById, permItemNameById2);
        } catch (Exception e) {
            log.error("kd.bos.web.actions.utils.FilePermissionUtil.genNoPermissionTips --- entityNum is error : " + e);
            return "";
        }
    }

    public static Boolean tryGetHasRightValue(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("pageId");
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getParameter("pageId");
        }
        return tryGetHasRightValue(header);
    }

    public static Boolean tryGetHasRightValue(String str) {
        try {
            if (StringUtils.isBlank(str)) {
                return Boolean.FALSE;
            }
            SessionManager current = SessionManager.getCurrent();
            current.setRequestThread(true);
            String str2 = (String) current.getViewNoPlugin(str).getFormShowParameter().getCustomParam("SOURCE");
            boolean equals = "WF".equals(str2);
            log.info("tryGetHasRightValue source is " + str2 + ", hasRight is " + equals);
            return Boolean.valueOf(equals);
        } catch (Throwable th) {
            log.warn("tryGetHasRightValue fail : " + th);
            return Boolean.FALSE;
        }
    }

    public static void allPermissionQuery(IPageCache iPageCache, String str, Long l, String str2, IClientViewProxy iClientViewProxy, IFormView iFormView) {
        boolean parseBoolean = Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0])));
        long currUserId = RequestContext.get().getCurrUserId();
        log.info("checkFilePermission参数 : " + parseBoolean + " ; curUserId : " + currUserId);
        if (!parseBoolean || -1 == currUserId || getHasRightValue(iFormView) || org.apache.commons.lang3.StringUtils.isNotBlank(iPageCache.get("flagKey:" + str))) {
            return;
        }
        Map<String, Object> queryPermissionFromCache = (isEntryView(iFormView) || !org.apache.commons.lang3.StringUtils.isBlank(iPageCache.get("attachmentPermission"))) ? queryPermissionFromCache(iPageCache, l, str2, iFormView) : queryPermissionFromDB(iPageCache, l, str2);
        iPageCache.put("flagKey:" + str, str);
        iClientViewProxy.invokeControlMethod(str, "setAttPermission", new Object[]{queryPermissionFromCache});
    }

    public static void allPermissionQuery(IPageCache iPageCache, String str, Long l, String str2, String str3, IClientViewProxy iClientViewProxy, IFormView iFormView) {
        allPermissionQuery(iPageCache, str, l, str3, iClientViewProxy, iFormView);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, IFormView iFormView, boolean z) {
        return hasAttachmentOpPermission(null, str, str2, iFormView, z);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, String str3, IFormView iFormView, boolean z) {
        return hasAttachmentOpPermission(str, str2, (Object) null, str3, iFormView, z);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, Object obj, String str3, IFormView iFormView, boolean z) {
        boolean hasRightValue = getHasRightValue(iFormView);
        if (iFormView != null && hasRightValue) {
            return true;
        }
        Boolean hasEntityPermission = hasEntityPermission(genRefEntityList(str, str2, obj, str3));
        if (!hasEntityPermission.booleanValue() && z && iFormView != null) {
            iFormView.showErrorNotification(genNoPermissionTips(str2, str3));
        }
        return hasEntityPermission.booleanValue();
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, IFormView iFormView, boolean z, String str3, IClientViewProxy iClientViewProxy) {
        return hasAttachmentOpPermission(null, str, str2, iFormView, z, str3, iClientViewProxy);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, String str3, IFormView iFormView, boolean z, String str4, IClientViewProxy iClientViewProxy) {
        return hasAttachmentOpPermission(str, str2, null, str3, iFormView, z, str4, iClientViewProxy);
    }

    public static boolean hasAttachmentOpPermission(String str, String str2, Object obj, String str3, IFormView iFormView, boolean z, String str4, IClientViewProxy iClientViewProxy) {
        boolean hasRightValue = getHasRightValue(iFormView);
        if (iFormView != null && hasRightValue) {
            return true;
        }
        Boolean hasEntityPermission = hasEntityPermission(genRefEntityList(str, str2, obj, str3));
        if (iFormView != null) {
            refreshPermission(iFormView, str3, hasEntityPermission, str2, str4, iClientViewProxy);
        }
        if (!hasEntityPermission.booleanValue() && z && iFormView != null) {
            iFormView.showErrorNotification(genNoPermissionTips(str2, str3));
        }
        return hasEntityPermission.booleanValue();
    }

    private static void refreshPermission(IFormView iFormView, String str, Boolean bool, String str2, String str3, IClientViewProxy iClientViewProxy) {
        long currUserId = RequestContext.get().getCurrUserId();
        String str4 = iFormView.getPageCache().get("attachmentPermission");
        if (StringUtils.isBlank(str4)) {
            Object obj = iFormView.getFormShowParameter().getCustomParams().get("attachmentPermission");
            str4 = obj != null ? String.valueOf(obj) : null;
        }
        if (StringUtils.isBlank(str4) || bool.equals(((HashMap) ((HashMap) SerializationUtils.fromJsonString(str4, Map.class)).get(permItemMapping.get(str))).get(permItemMapping.get(str)))) {
            return;
        }
        iClientViewProxy.invokeControlMethod(str3, "setAttPermission", new Object[]{queryPermissionFromDB(Long.valueOf(currUserId), str2)});
    }

    private static Map<String, Object> queryPermissionFromDB(Long l, String str) {
        return genResultMap(str, PermissionServiceHelper.checkMultiPermItemInfos(l.longValue(), str, genPermissionCheckSet()));
    }

    private static Map<String, Object> queryPermissionFromDB(IPageCache iPageCache, Long l, String str) {
        Set<String> genPermissionCheckSet = genPermissionCheckSet();
        log.info("kd.bos.web.actions.utils.FilePremissionUtil.queryPermissionFromDB --- currUserId：" + l + "，entityNum：" + str + "，permissionCheckSet：" + genPermissionCheckSet);
        Map checkMultiPermItemInfos = PermissionServiceHelper.checkMultiPermItemInfos(l.longValue(), str, genPermissionCheckSet);
        log.info("kd.bos.web.actions.utils.FilePremissionUtil.queryPermissionFromDB --- permissionResult：" + checkMultiPermItemInfos);
        Map<String, Object> genResultMap = genResultMap(str, checkMultiPermItemInfos);
        iPageCache.put("attachmentPermission", SerializationUtils.toJsonString(genResultMap));
        return genResultMap;
    }

    private static Map<String, Object> queryPermissionFromCache(IPageCache iPageCache, Long l, String str, IFormView iFormView) {
        String str2 = iPageCache.get("attachmentPermission");
        if (org.apache.commons.lang3.StringUtils.isNotBlank(str2)) {
            return (Map) SerializationUtils.fromJsonString(str2, Map.class);
        }
        Object obj = iFormView.getFormShowParameter().getCustomParams().get("attachmentPermission");
        String valueOf = obj != null ? String.valueOf(obj) : null;
        return org.apache.commons.lang3.StringUtils.isNotBlank(valueOf) ? (Map) SerializationUtils.fromJsonString(valueOf, Map.class) : queryPermissionFromDB(iPageCache, l, str);
    }

    private static Set<String> genPermissionCheckSet() {
        HashSet hashSet = new HashSet();
        hashSet.add("2NJ5SR4NUEJ=");
        hashSet.add("2NJ5VA7D2ONF");
        hashSet.add("2NJ5W8AA040D");
        hashSet.add("2NJ5XVVCMBCL");
        hashSet.add("2NJ5YJOIS+MJ");
        hashSet.add("2NJ5ZK67OB2T");
        hashSet.add("2NJ6+I0X0CJ8");
        return hashSet;
    }

    private static Map<String, Object> genResultMap(String str, Map<String, Boolean> map) {
        HashMap hashMap = new HashMap();
        hashMap.put("upload", genDetailResultMap(str, map, "upload", "2NJ5SR4NUEJ="));
        hashMap.put("preview", genDetailResultMap(str, map, "preview", "2NJ5VA7D2ONF"));
        hashMap.put("rename", genDetailResultMap(str, map, "rename", "2NJ5W8AA040D"));
        hashMap.put("download", genDetailResultMap(str, map, "download", "2NJ5XVVCMBCL"));
        hashMap.put("delete", genDetailResultMap(str, map, "delete", "2NJ5YJOIS+MJ"));
        hashMap.put("mark", genDetailResultMap(str, map, "mark", "2NJ5ZK67OB2T"));
        hashMap.put("attView", genDetailResultMap(str, map, "attView", "2NJ6+I0X0CJ8"));
        return hashMap;
    }

    private static Map<String, Object> genDetailResultMap(String str, Map<String, Boolean> map, String str2, String str3) {
        String str4 = null;
        HashMap hashMap = new HashMap();
        Boolean bool = map.get(str3);
        if (StringUtils.isNotBlank(bool) && !bool.booleanValue()) {
            str4 = genUploadMsg(str, map, str2, genNoPermissionTips(str, str3));
        }
        hashMap.put(str2, bool);
        hashMap.put("msg", str4);
        return hashMap;
    }

    private static String genUploadMsg(String str, Map<String, Boolean> map, String str2, String str3) {
        String str4;
        if ("upload".equals(str2) && isConfigurePermissions(str, "2NJ6+I0X0CJ8") && isConfigurePermissions(str, "2NJ5SR4NUEJ=") && !map.get("2NJ6+I0X0CJ8").booleanValue() && !map.get("2NJ5SR4NUEJ=").booleanValue()) {
            str3 = genNoPermissionTipsForTwoPerms(str, "2NJ5SR4NUEJ=", "2NJ6+I0X0CJ8");
        }
        if ("attView".equals(str2) && map.get("2NJ5SR4NUEJ=").booleanValue()) {
            try {
                str4 = EntityMetadataCache.getDataEntityType(str).getDisplayName().getLocaleValue();
            } catch (Exception e) {
                log.error("kd.bos.web.actions.utils.FilePermissionUtil.genNoPermissionTips --- entityNum is error : " + e);
                str4 = "";
            }
            str3 = String.format(ResManager.loadKDString("“附件查询”是“上传文件”操作的前置权限，您没有“%s”的“附件查询”操作的功能权限，因此无权进行上传文件操作。", "FilePremissionUtil_1", BOS_SVC_COMMON, new Object[0]), str4);
        }
        return str3;
    }

    private static boolean isConfigurePermissions(String str, String str2) {
        return ((MetadataService) ServiceFactory.getService(MetadataService.class)).loadPermissionItems(str).contains(str2);
    }

    private static List<Map<String, Object>> genRefEntityList(String str, String str2, Object obj, String str3) {
        ArrayList arrayList = new ArrayList();
        HashMap hashMap = new HashMap();
        if (StringUtils.isNotBlank(str)) {
            hashMap.put("appId", str);
        }
        if (StringUtils.isNotBlank(obj)) {
            hashMap.put("billPkId", obj);
        }
        hashMap.put("entityNum", str2);
        hashMap.put("permItem", str3);
        arrayList.add(hashMap);
        return arrayList;
    }

    public static boolean getHasRightValue(IFormView iFormView) {
        boolean z = true;
        if (iFormView != null) {
            z = isEntryView(iFormView) ? tryGetHasRightValue(iFormView.getFormShowParameter().getParentPageId()).booleanValue() : tryGetHasRightValue(iFormView.getPageId()).booleanValue();
        }
        return z;
    }

    private static boolean isEntryView(IFormView iFormView) {
        boolean z = false;
        String name = iFormView.getModel().getDataEntity().getDataEntityType().getName();
        if (ATT_ENTRYGRID_UPLOADVIEW_FORMID.equals(name) || ATT_FIELD_MOB.equals(name)) {
            z = true;
        }
        return z;
    }

    @Deprecated
    public static String getPermissionItem(String str, String str2) {
        if (!StringUtils.isBlank(str) && !((MetadataService) ServiceFactory.getService(MetadataService.class)).loadPermissionItems(str).contains(str2)) {
            return (str2.equals("2NJ5XVVCMBCL") || str2.equals("2NJ5VA7D2ONF")) ? "47150e89000000ac" : (str2.equals("2NJ5SR4NUEJ=") || str2.equals("2NJ5YJOIS+MJ")) ? "4715a0df000000ac" : str2;
        }
        return str2;
    }

    public static void checkTempFile(HttpServletRequest httpServletRequest, boolean z) {
        if (z && Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkFilePermission", new Object[0]))) && !tryGetHasRightValue(httpServletRequest).booleanValue()) {
            String parameter = httpServletRequest.getParameter(ID_MAP_KEY);
            String str = (String) cache.get(ATTATCHMENT_CHECKID + parameter);
            if (StringUtils.isBlank(str)) {
                str = (String) cache.get(REPORT_CHECKID + parameter);
            }
            Map map = null;
            if (StringUtils.isNotBlank(str)) {
                map = (Map) SerializationUtils.fromJsonString(str, Map.class);
            }
            if (CollectionUtils.isEmpty(map)) {
                if (!hasPermission((String) cache.get(PRINT_CHECKID + parameter)).booleanValue()) {
                    throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "TempFileCheckServiceImpl_0", "bos-mservice-form", new Object[0])), new Object[0]);
                }
            } else {
                ArrayList arrayList = new ArrayList(1);
                arrayList.add(map);
                if (!hasTempPermission(arrayList).booleanValue()) {
                    throw new KDException(new ErrorCode("NO Permission!", ResManager.loadKDString("无访问权限!", "TempFileCheckServiceImpl_0", "bos-mservice-form", new Object[0])), new Object[0]);
                }
            }
        }
    }

    private static Boolean hasTempPermission(List<Map<String, Object>> list) {
        Boolean bool = Boolean.FALSE;
        long currUserId = RequestContext.get().getCurrUserId();
        if (currUserId == -1) {
            return Boolean.TRUE;
        }
        if (list.size() == 0) {
            bool = Boolean.TRUE;
        }
        log.info("begin check --- curUserId : " + currUserId + " ; attRefEntityKeyList : " + SerializationUtils.toJsonString(list));
        Boolean doCheckPermission = doCheckPermission(list, currUserId, bool, true);
        log.info("hasPermission : " + doCheckPermission + " ; curUserId : " + currUserId);
        return doCheckPermission;
    }

    private static Boolean hasPermission(String str) {
        if (StringUtils.isBlank(str)) {
            return Boolean.TRUE;
        }
        String userId = RequestContext.get().getUserId();
        try {
            Map map = (Map) SerializationUtils.fromJsonString(str, Map.class);
            String valueOf = String.valueOf(map.get("userId"));
            if (!StringUtils.equalsIgnoreCase(userId, valueOf)) {
                return Boolean.FALSE;
            }
            if (!Boolean.parseBoolean(String.valueOf(DispatchServiceHelper.invokeBOSService(IAttachmentService.class.getSimpleName(), "checkTempFilePermission", new Object[0])))) {
                return true;
            }
            Boolean bool = Boolean.TRUE;
            Object obj = map.get("formId");
            Object obj2 = map.get("appId");
            if (obj != null) {
                bool = Boolean.valueOf(((PermissionService) ServiceFactory.getService(PermissionService.class)).checkPermission(Long.parseLong(valueOf), obj2 == null ? BizAppServiceHelp.getAppIdByFormNum((String) obj) : (String) obj2, (String) obj, "4730fc9e000000ac"));
            }
            return bool;
        } catch (Exception e) {
            log.error("验签转换Map失败,可能是只有用户id。", e);
            return !StringUtils.equalsIgnoreCase(userId, str) ? Boolean.FALSE : Boolean.TRUE;
        }
    }

    static {
        permItemMapping.put("2NJ5SR4NUEJ=", "upload");
        permItemMapping.put("2NJ5VA7D2ONF", "preview");
        permItemMapping.put("2NJ5W8AA040D", "rename");
        permItemMapping.put("2NJ5XVVCMBCL", "download");
        permItemMapping.put("2NJ5YJOIS+MJ", "delete");
        permItemMapping.put("2NJ5ZK67OB2T", "mark");
        permItemMapping.put("2NJ6+I0X0CJ8", "attView");
    }
}
