package kd.sys.ricc.common.util;

import java.sql.ResultSet;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import kd.bos.dataentity.OperateOption;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.entity.DynamicObjectCollection;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.db.DB;
import kd.bos.db.DBRoute;
import kd.bos.db.ResultSetHandler;
import kd.bos.entity.EntityMetadataCache;
import kd.bos.entity.operate.result.OperationResult;
import kd.bos.exception.KDBizException;
import kd.bos.form.events.PreOpenFormEventArgs;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.orm.query.QFilter;
import kd.bos.orm.util.CollectionUtils;
import kd.bos.permission.cache.CacheMrg;
import kd.bos.permission.cache.util.ListUtil;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.QueryServiceHelper;
import kd.bos.servicehelper.operation.DeleteServiceHelper;
import kd.bos.servicehelper.operation.OperationServiceHelper;
import kd.bos.servicehelper.operation.SaveServiceHelper;
import kd.bos.servicehelper.org.OrgUnitServiceHelper;
import kd.bos.servicehelper.permission.PermissionServiceHelper;
import kd.bos.servicehelper.user.UserServiceHelper;
import kd.sys.ricc.common.constant.CommonConstant;
import kd.sys.ricc.common.constant.FormIdConstant;
import kd.sys.ricc.common.enums.BaseDataRightEnum;
import kd.sys.ricc.common.enums.EnvRoleEnum;
import kd.sys.ricc.common.query.CommonQuery;
import kd.sys.ricc.exception.RiccBizException;

/* loaded from: input_file:kd/sys/ricc/common/util/PermissionUtil.class */
public class PermissionUtil {
    public static final String PERM_COMMROLE = "perm_role";
    public static final String PERM_BUSIROLE = "perm_busirole";
    public static final String RICC_COMMROLE = "RICC_COMMON_ROLE_S";
    public static final String RICC_COMMROLE_FID = "2DXP5S==O1VR";
    public static final String RICC_BIZROLE_FORBIDNEW = "RICC_FORBIDNEW_S";
    public static final long RICC_BIZROLE_FORBIDNEW_FID = 1407814994422136832L;
    public static final String RICC_BIZROLE_FORBIDMODIFY = "RICC_FORBIDMODIFY_S";
    public static final long RICC_BIZROLE_FORBIDMODIFY_FID = 1407809474541912064L;
    public static final String BIZROLEDISPERM = "bizroledisperm";
    public static final String GROUP = "2VTQI5A5IQD7";
    public static final String BIZ_ROLE = "bizrole";
    public static final String PERM_USER_BIZ_ROLE = "perm_userbizrole";
    public static final String PERM_USER_BIZROLE_TABLE = "t_perm_userbizrole";
    public static final String PERMISSION = "permission";
    private static final Log logger = LogFactory.getLog(PermissionUtil.class);
    private static final long[] SYSTEM_PREINS_USERIDS = {1, 2, 3, 10, 43007523};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:kd/sys/ricc/common/util/PermissionUtil$RiccBizPerm.class */
    public static class RiccBizPerm {
        private long id;
        private String name;
        private String number;
        private String perm;
        private String description;

        private RiccBizPerm() {
        }

        public long getId() {
            return this.id;
        }

        public void setId(long j) {
            this.id = j;
        }

        public String getName() {
            return this.name;
        }

        public void setName(String str) {
            this.name = str;
        }

        public String getNumber() {
            return this.number;
        }

        public void setNumber(String str) {
            this.number = str;
        }

        public String getPerm() {
            return this.perm;
        }

        public void setPerm(String str) {
            this.perm = str;
        }

        public String getDescription() {
            return this.description;
        }

        public void setDescription(String str) {
            this.description = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:kd/sys/ricc/common/util/PermissionUtil$UserPermGroup.class */
    public static class UserPermGroup {
        private DynamicObjectCollection exceptionUser;
        private List<Object> editPermUserIdList;
        private List<Object> addAndEditPermUserIdList;

        public UserPermGroup(DynamicObjectCollection dynamicObjectCollection) {
            this.exceptionUser = dynamicObjectCollection;
        }

        public List<Object> getEditPermUserIdList() {
            return this.editPermUserIdList;
        }

        public List<Object> getAddAndEditPermUserIdList() {
            return this.addAndEditPermUserIdList;
        }

        public UserPermGroup invoke() {
            this.editPermUserIdList = new ArrayList();
            this.addAndEditPermUserIdList = new ArrayList();
            Iterator it = this.exceptionUser.iterator();
            while (it.hasNext()) {
                DynamicObject dynamicObject = (DynamicObject) it.next();
                String string = dynamicObject.getString("exceptionperm");
                Long valueOf = Long.valueOf(dynamicObject.getLong("user_id"));
                if (BaseDataRightEnum.HAVE_NEWANDCHANGE_PERM.getVal().equals(string)) {
                    this.addAndEditPermUserIdList.add(valueOf);
                } else {
                    this.editPermUserIdList.add(valueOf);
                }
            }
            return this;
        }
    }

    private PermissionUtil() {
    }

    public static Map<String, Map<String, List<String>>> getControlledAppList() {
        logger.info("实施配置中心权限黑名单应用开始");
        HashMap hashMap = new HashMap(10);
        String changePermType = SysParaUtil.getChangePermType();
        logger.info("实施配置中心->参数设置->基础设置新增及修改参数为：" + changePermType);
        if (BaseDataRightEnum.NO_DATA.getVal().equals(changePermType) || BaseDataRightEnum.HAVE_NEWANDCHANGE_PERM.getVal().equals(changePermType)) {
            logger.info("实施配置中心暂无需要做权限黑名单应用！");
            return hashMap;
        }
        DynamicObject[] controlledItems = CommonQuery.getControlledItems();
        ArrayList arrayList = new ArrayList(controlledItems.length);
        for (DynamicObject dynamicObject : controlledItems) {
            arrayList.add(dynamicObject.getString(CommonConstant.NUMBER));
        }
        DynamicObject[] load = BusinessDataServiceHelper.load(CommonConstant.RICC_APPCONTROLLEDLIST, CommonConstant.CONTROLLEDLIST_SELECTFILEDS, new QFilter(CommonConstant.PAGE_FIELD, "in", arrayList).toArray());
        logger.info("查询实施配置中心权限黑名单页面个数：" + load.length);
        DynamicObject[] publishAppCollection = getPublishAppCollection(arrayList);
        for (DynamicObject dynamicObject2 : load) {
            String string = dynamicObject2.getString("app");
            String string2 = dynamicObject2.getString(CommonConstant.PAGE_FIELD);
            String string3 = dynamicObject2.getString("perm");
            HashMap hashMap2 = new HashMap();
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList(Arrays.asList(string3.split(",")));
            if (BaseDataRightEnum.HAVE_CHANGE_NONEW_PERM.getVal().equals(changePermType)) {
                if (arrayList3.contains(CommonConstant.ADD_PERM)) {
                    arrayList2.add(CommonConstant.ADD_PERM);
                }
                importExportPermBlackList(arrayList3, arrayList2);
            } else if (BaseDataRightEnum.NO_NEWANDCHANGE_PERM.getVal().equals(changePermType)) {
                if (arrayList3.contains(CommonConstant.ADD_PERM)) {
                    arrayList2.add(CommonConstant.ADD_PERM);
                }
                if (arrayList3.contains(CommonConstant.EDIT_PERM)) {
                    arrayList2.add(CommonConstant.EDIT_PERM);
                }
                importExportPermBlackList(arrayList3, arrayList2);
            }
            hashMap2.put(string2, arrayList2);
            putPermToBlackMap(hashMap, string, hashMap2);
            bizObjPublishAppToBlack(hashMap, string, string2, publishAppCollection, arrayList2);
        }
        logger.info("实际生成实施配置中心权限黑名单应用个数：" + hashMap.size());
        return hashMap;
    }

    private static void bizObjPublishAppToBlack(Map<String, Map<String, List<String>>> map, String str, String str2, DynamicObject[] dynamicObjectArr, List<String> list) {
        for (DynamicObject dynamicObject : dynamicObjectArr) {
            String string = dynamicObject.getString("bizobj.id");
            String string2 = dynamicObject.getString("bizapp.id");
            if (str2.equals(string) && !str.equals(string2)) {
                ArrayList arrayList = new ArrayList();
                arrayList.addAll(list);
                HashMap hashMap = new HashMap();
                hashMap.put(str2, arrayList);
                putPermToBlackMap(map, string2, hashMap);
            }
            if (FormIdConstant.BOTP_WRITEBACKRULE.equals(str2) && FormIdConstant.BOTP_WRLISTCHECKIN.equals(string)) {
                HashMap hashMap2 = new HashMap();
                hashMap2.put(FormIdConstant.BOTP_WRLISTCHECKIN, list);
                putPermToBlackMap(map, string2, hashMap2);
                putPermToBlackMap(map, str, hashMap2);
            }
            if (FormIdConstant.BOTP_CRLIST.equals(str2) && FormIdConstant.BOTP_CRLISTCHECKIN.equals(string)) {
                HashMap hashMap3 = new HashMap();
                hashMap3.put(FormIdConstant.BOTP_CRLISTCHECKIN, list);
                putPermToBlackMap(map, string2, hashMap3);
                putPermToBlackMap(map, str, hashMap3);
            }
        }
    }

    public static void putPermToBlackMap(Map<String, Map<String, List<String>>> map, String str, Map<String, List<String>> map2) {
        Map<String, List<String>> map3 = map.get(str);
        if (map3 != null) {
            map3.putAll(map2);
        } else {
            map.put(str, map2);
        }
    }

    private static void importExportPermBlackList(List<String> list, List<String> list2) {
        if (list.contains(CommonConstant.IMPORT_PERM)) {
            list2.add(CommonConstant.IMPORT_PERM);
        }
        if (list.contains(CommonConstant.EXPORT_PERM)) {
            list2.add(CommonConstant.EXPORT_PERM);
        }
    }

    public static DynamicObject getRiccCommonRole() {
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(PERM_COMMROLE, new QFilter(CommonConstant.NUMBER, "=", RICC_COMMROLE).toArray());
        return loadSingleFromCache != null ? loadSingleFromCache : initRiccCommonRole();
    }

    public static DynamicObject initRiccCommonRole() {
        DynamicObject newDynamicObject = BusinessDataServiceHelper.newDynamicObject(PERM_COMMROLE);
        newDynamicObject.set(CommonConstant.NUMBER, RICC_COMMROLE);
        newDynamicObject.set("name.zh_CN", ResManager.loadKDString("实施配置中心预置角色（勿修改）", "PermissionUtil_37", CommonConstant.RICC_COMMON, new Object[0]));
        newDynamicObject.set("roletype", 1);
        newDynamicObject.set("issystem", 1);
        newDynamicObject.set(CommonConstant.BASE_STATUS, CommonConstant.BILLSTATUS_C);
        newDynamicObject.set("enable", 1);
        newDynamicObject.set("remark.zh_CN", ResManager.loadKDString("用于配置管控环境权限管控，后台程序处理使用", "PermissionUtil_32", CommonConstant.RICC_COMMON, new Object[0]));
        newDynamicObject.set(CommonConstant.CREATETIME, Long.valueOf(CommonConstant.PREINS_CREATE_TIME));
        newDynamicObject.set("creator", 1L);
        newDynamicObject.set("modifytime", Long.valueOf(CommonConstant.PREINS_CREATE_TIME));
        newDynamicObject.set("modifier", 1L);
        newDynamicObject.set("group_id", GROUP);
        newDynamicObject.set("usescope", 2);
        OperationResult executeOperate = OperationServiceHelper.executeOperate("save", PERM_COMMROLE, new DynamicObject[]{newDynamicObject}, (OperateOption) null);
        if (executeOperate.isSuccess()) {
            return newDynamicObject;
        }
        String loadKDString = ResManager.loadKDString("初始化实施配置中心通用角色失败！请联系管理员，错误原因：%1$s%2$s", "PermissionUtil_23", CommonConstant.RICC_COMMON, new Object[0]);
        Object[] objArr = new Object[2];
        objArr[0] = executeOperate.getMessage();
        objArr[1] = executeOperate.getAllErrorOrValidateInfo().isEmpty() ? CommonConstant.TRANSFER_AND_SYN_PERM : executeOperate.getAllErrorOrValidateInfo().toString();
        throw new RiccBizException(String.format(loadKDString, objArr));
    }

    public static void initOrUpdateRiccBizDisabledPerm(Set<RiccBizPerm> set) {
        DynamicObject[] controlledItems = CommonQuery.getControlledItems();
        int length = controlledItems.length;
        if (length <= 0) {
            return;
        }
        ArrayList arrayList = new ArrayList(length);
        for (DynamicObject dynamicObject : controlledItems) {
            arrayList.add(dynamicObject.getString("rightpage.number"));
        }
        DynamicObject[] publishAppCollection = getPublishAppCollection(arrayList);
        ArrayList arrayList2 = new ArrayList(set.size());
        long rootOrgId = OrgUnitServiceHelper.getRootOrgId();
        for (RiccBizPerm riccBizPerm : set) {
            long id = riccBizPerm.getId();
            String number = riccBizPerm.getNumber();
            String name = riccBizPerm.getName();
            String perm = riccBizPerm.getPerm();
            DynamicObject newDynamicObject = BusinessDataServiceHelper.newDynamicObject(PERM_BUSIROLE);
            newDynamicObject.set(CommonConstant.ID, Long.valueOf(id));
            newDynamicObject.set(CommonConstant.NUMBER, number);
            newDynamicObject.set("name.zh_CN", name);
            newDynamicObject.set("usertype", 1);
            newDynamicObject.set(CommonConstant.BASE_STATUS, CommonConstant.BILLSTATUS_A);
            newDynamicObject.set("enable", 1);
            newDynamicObject.set(CommonConstant.CREATETIME, Long.valueOf(CommonConstant.PREINS_CREATE_TIME));
            newDynamicObject.set("creator", 1L);
            DynamicObjectCollection dynamicObjectCollection = newDynamicObject.getDynamicObjectCollection("role_entry");
            if (dynamicObjectCollection.isEmpty()) {
                DynamicObject dynamicObject2 = new DynamicObject(dynamicObjectCollection.getDynamicObjectType());
                dynamicObject2.set("isenable_visible", 1);
                dynamicObject2.set(CommonConstant.BILL_SEQ, 1);
                dynamicObject2.set("role_visible", getRiccCommonRole());
                dynamicObjectCollection.add(0, dynamicObject2);
                newDynamicObject.set("role_entry", dynamicObjectCollection);
            }
            DynamicObjectCollection dynamicObjectCollection2 = newDynamicObject.getDynamicObjectCollection(BIZROLEDISPERM);
            if (!dynamicObjectCollection2.isEmpty()) {
                dynamicObjectCollection2.clear();
            }
            for (DynamicObject dynamicObject3 : controlledItems) {
                String string = dynamicObject3.getString("rightpage.number");
                String string2 = dynamicObject3.getString("rightpage.bizappid");
                if (!StringUtils.isEmpty(string)) {
                    addOneGuideToDisablePerm(string, string2, dynamicObjectCollection2, perm);
                    bizObjPublishAppToDisblePerm(string, string2, publishAppCollection, dynamicObjectCollection2, perm);
                }
            }
            DynamicObjectCollection dynamicObjectCollection3 = newDynamicObject.getDynamicObjectCollection("org_entry");
            if (dynamicObjectCollection3.isEmpty()) {
                DynamicObject dynamicObject4 = new DynamicObject(dynamicObjectCollection3.getDynamicObjectType());
                dynamicObject4.set("isincludesuborg_visible", 1);
                dynamicObject4.set(CommonConstant.BILL_SEQ, 1);
                dynamicObject4.set("dim_num", Long.valueOf(rootOrgId));
                dynamicObject4.set("dimentitynum", FormIdConstant.BOS_ORG);
                dynamicObjectCollection3.add(0, dynamicObject4);
                newDynamicObject.set("org_entry", dynamicObjectCollection3);
            }
            newDynamicObject.set(BIZROLEDISPERM, dynamicObjectCollection2);
            arrayList2.add(newDynamicObject);
        }
        OperationResult executeOperate = OperationServiceHelper.executeOperate("save", PERM_BUSIROLE, (DynamicObject[]) arrayList2.toArray(new DynamicObject[arrayList2.size()]), OperateOption.create());
        if (executeOperate.isSuccess()) {
            return;
        }
        String loadKDString = ResManager.loadKDString("实施配置中心初始化禁用业务角色失败！请联系管理员，错误原因：%1$s%2$s", "PermissionUtil_24", CommonConstant.RICC_COMMON, new Object[0]);
        Object[] objArr = new Object[2];
        objArr[0] = executeOperate.getMessage();
        objArr[1] = executeOperate.getAllErrorOrValidateInfo().isEmpty() ? CommonConstant.TRANSFER_AND_SYN_PERM : executeOperate.getAllErrorOrValidateInfo().toString();
        throw new RiccBizException(String.format(loadKDString, objArr));
    }

    public static void addOneGuideToDisablePerm(String str, String str2, DynamicObjectCollection dynamicObjectCollection, String str3) {
        Iterator it = dynamicObjectCollection.iterator();
        while (it.hasNext()) {
            if (str.equals(((DynamicObject) it.next()).getString("entitytypeforbid.id"))) {
                return;
            }
        }
        DynamicObject dynamicObject = new DynamicObject(dynamicObjectCollection.getDynamicObjectType());
        dynamicObject.set(CommonConstant.ID, Long.valueOf(DB.genLongId("t_perm_bizroledisperm")));
        dynamicObject.set("permitemforbid", str3);
        dynamicObject.set("entitytypeforbid", str);
        dynamicObject.set("bizappforbid", str2);
        dynamicObjectCollection.add(dynamicObject);
    }

    public static void removeoneGuideFromDisablePerm(String str, DynamicObjectCollection dynamicObjectCollection) {
        Iterator it = dynamicObjectCollection.iterator();
        while (it.hasNext()) {
            if (str.equals(((DynamicObject) it.next()).getString("entitytypeforbid.id"))) {
                it.remove();
            }
        }
    }

    public static void initOrUpdateRiccBizDisabledPerm() {
        Map<Object, DynamicObject> riccBizRole = getRiccBizRole();
        HashSet hashSet = new HashSet(2);
        if (!riccBizRole.containsKey(Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID))) {
            RiccBizPerm riccBizPerm = new RiccBizPerm();
            riccBizPerm.setId(RICC_BIZROLE_FORBIDNEW_FID);
            riccBizPerm.setName(ResManager.loadKDString("实施配置中心新增权限管控角色（勿修改）", "PermissionUtil_33", CommonConstant.RICC_COMMON, new Object[0]));
            riccBizPerm.setNumber(RICC_BIZROLE_FORBIDNEW);
            riccBizPerm.setPerm(CommonConstant.ADD_PERM);
            riccBizPerm.setDescription(ResManager.loadKDString("用于配置管控环境新增权限管控，后台程序处理使用", "PermissionUtil_34", CommonConstant.RICC_COMMON, new Object[0]));
            hashSet.add(riccBizPerm);
        }
        if (!riccBizRole.containsKey(Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID))) {
            RiccBizPerm riccBizPerm2 = new RiccBizPerm();
            riccBizPerm2.setId(RICC_BIZROLE_FORBIDMODIFY_FID);
            riccBizPerm2.setName(ResManager.loadKDString("实施配置中心修改权限管控角色（勿修改）", "PermissionUtil_35", CommonConstant.RICC_COMMON, new Object[0]));
            riccBizPerm2.setNumber(RICC_BIZROLE_FORBIDMODIFY);
            riccBizPerm2.setPerm(CommonConstant.EDIT_PERM);
            riccBizPerm2.setDescription(ResManager.loadKDString("用于配置管控环境修改权限管控，后台程序处理使用", "PermissionUtil_36", CommonConstant.RICC_COMMON, new Object[0]));
            hashSet.add(riccBizPerm2);
        }
        if (hashSet.isEmpty()) {
            return;
        }
        initOrUpdateRiccBizDisabledPerm(hashSet);
    }

    public static Map<Object, DynamicObject> getRiccBizRole() {
        return BusinessDataServiceHelper.loadFromCache(PERM_BUSIROLE, new QFilter[]{new QFilter(CommonConstant.ID, "in", new Long[]{Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID), Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID)})});
    }

    public static DynamicObject[] getPublishAppCollection(List<String> list) {
        return BusinessDataServiceHelper.load("perm_bizobjapp", "bizobj, bizapp", new QFilter("bizobj", "in", list).toArray());
    }

    public static void bizObjPublishAppToDisblePerm(String str, String str2, DynamicObject[] dynamicObjectArr, DynamicObjectCollection dynamicObjectCollection, String str3) {
        for (DynamicObject dynamicObject : dynamicObjectArr) {
            String string = dynamicObject.getString("bizobj.id");
            String string2 = dynamicObject.getString("bizapp.id");
            if (StringUtils.isEmpty(string) || StringUtils.isEmpty(string2)) {
                logger.info(String.format("发布应用，页面或者应用信息为空，publishPageId:%s , publishAppId:%s", string, string2));
            } else {
                if (string.equals(str) && !string2.equals(str2)) {
                    addOneGuideToDisablePerm(string, string2, dynamicObjectCollection, str3);
                }
                if (FormIdConstant.BOTP_WRITEBACKRULE.equals(str) && FormIdConstant.BOTP_WRLISTCHECKIN.equals(string)) {
                    addOneGuideToDisablePerm(FormIdConstant.BOTP_WRLISTCHECKIN, string2, dynamicObjectCollection, str3);
                }
                if (FormIdConstant.BOTP_CRLIST.equals(str) && FormIdConstant.BOTP_CRLISTCHECKIN.equals(string)) {
                    addOneGuideToDisablePerm(FormIdConstant.BOTP_CRLISTCHECKIN, string2, dynamicObjectCollection, str3);
                }
            }
        }
    }

    public static void initOrUpdateRiccPerm(String str, String str2, DynamicObjectCollection dynamicObjectCollection, List<Object> list) {
        if (str2.equals(str)) {
            permNoChangeProcess(str2, dynamicObjectCollection, list);
            return;
        }
        permChangeProcess(str2, dynamicObjectCollection);
        Log log = logger;
        Object[] objArr = new Object[2];
        objArr[0] = !StringUtils.isEmpty(str) ? EnvRoleEnum.fromVal(str).getName() : ResManager.loadKDString("未配置", "PermissionUtil_25", CommonConstant.RICC_COMMON, new Object[0]);
        objArr[1] = EnvRoleEnum.fromVal(str2).getName();
        log.info(String.format("参数配置环境切换,原来的环境类型【%1$s】，切换后环境类型：【%2$s】", objArr));
    }

    public static List<Object> getbizRoleUserIdList(long j) {
        List<Object> emptyList = Collections.emptyList();
        DynamicObject[] load = BusinessDataServiceHelper.load(PERM_USER_BIZ_ROLE, "user", new QFilter[]{new QFilter(BIZ_ROLE, "=", Long.valueOf(j))});
        if (load.length > 0) {
            emptyList = new ArrayList(load.length);
            for (DynamicObject dynamicObject : load) {
                emptyList.add(Long.valueOf(dynamicObject.getLong("user_id")));
            }
        }
        return emptyList;
    }

    public static void delBizRoleUsers(List<Object> list, long j) {
        if (CollectionUtils.isEmpty(list)) {
            logger.info(String.format("需要将业务角色，角色id为【%s】分配用户删除的用户信息为空。", Long.valueOf(j)));
            return;
        }
        List averageAssign = ListUtil.averageAssign(list, (list.size() / 200) + 1);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < averageAssign.size(); i++) {
            String join = String.join(",", (List) ((List) averageAssign.get(i)).stream().map(String::valueOf).collect(Collectors.toList()));
            sb.append("delete from t_perm_userbizrole");
            sb.append(" where ").append("fuserid").append(" in(").append(join).append(')');
            sb.append(" and ").append("fbizroleid=").append(j).append(';');
        }
        if (!SqlImportUtil.executeSql(DBRoute.base, sb.toString())) {
            throw new KDBizException(ResManager.loadKDString("sql执行失败，请联系管理员查看monitor日志", "PermissionUtil_38", CommonConstant.RICC_COMMON, new Object[0]));
        }
    }

    public static void addBizRoleUsers(List<Object> list, long j) {
        if (CollectionUtils.isEmpty(list)) {
            logger.info(String.format("需要添加到业务角色【%s】的分配用户数据为空", Long.valueOf(j)));
            return;
        }
        List<Object> list2 = getbizRoleUserIdList(j);
        int size = list.size();
        long[] genLongIds = DB.genLongIds(PERM_USER_BIZROLE_TABLE, size);
        ArrayList arrayList = new ArrayList(size);
        int i = 0;
        for (Object obj : list) {
            if (!list2.contains(obj)) {
                arrayList.add(new Object[]{Long.valueOf(genLongIds[i]), obj, Long.valueOf(j), null, null});
                i++;
            }
        }
        if (arrayList.isEmpty()) {
            return;
        }
        DB.executeBatch(DBRoute.basedata, "insert into t_perm_userbizrole (fid, fuserid, fbizroleid, fstarttime, fendtime) values(?, ?, ?, ?, ?)", arrayList);
    }

    public static void preOpenFormIsAdmin(PreOpenFormEventArgs preOpenFormEventArgs) {
        if (PermissionServiceHelper.isAdminUser(UserServiceHelper.getCurrentUserId())) {
            return;
        }
        preOpenFormEventArgs.setCancel(true);
        preOpenFormEventArgs.setCancelMessage(ResManager.loadKDString("当前用户不是管理员，请使用administrator账号在安全管理-权限管理-管理员中添加当前用户为管理员后方可使用。", "PermissionUtil_26", CommonConstant.RICC_COMMON, new Object[0]));
    }

    private static void permNoChangeProcess(String str, DynamicObjectCollection dynamicObjectCollection, List<Object> list) {
        if (!StringUtils.equals(BaseDataRightEnum.NO_NEWANDCHANGE_PERM.getVal(), str)) {
            if (!StringUtils.equals(BaseDataRightEnum.HAVE_NEWANDCHANGE_PERM.getVal(), str)) {
                throw new RiccBizException(ResManager.loadKDString("实施配置中心基础设置新增及修改权限配置异常！请联系管理员。", "PermissionUtil_27", CommonConstant.RICC_COMMON, new Object[0]));
            }
            logger.info("当前环境角色有新增修改权限，无需处理实施配置中心禁用角色");
            return;
        }
        logger.info("基础设置新增及修改未改变，例外用户数：" + dynamicObjectCollection.size());
        UserPermGroup invoke = new UserPermGroup(dynamicObjectCollection).invoke();
        List<Object> editPermUserIdList = invoke.getEditPermUserIdList();
        List<Object> addAndEditPermUserIdList = invoke.getAddAndEditPermUserIdList();
        initOrUpdateRiccBizDisabledPerm();
        delBizRoleUsers(addAndEditPermUserIdList, RICC_BIZROLE_FORBIDNEW_FID);
        addBizRoleUsers(list, RICC_BIZROLE_FORBIDNEW_FID);
        addAndEditPermUserIdList.addAll(editPermUserIdList);
        delBizRoleUsers(addAndEditPermUserIdList, RICC_BIZROLE_FORBIDMODIFY_FID);
        addBizRoleUsers(list, RICC_BIZROLE_FORBIDMODIFY_FID);
        list.addAll(editPermUserIdList);
        addBizRoleUsers(list, RICC_BIZROLE_FORBIDNEW_FID);
    }

    private static void permChangeProcess(String str, DynamicObjectCollection dynamicObjectCollection) {
        if (!StringUtils.equals(BaseDataRightEnum.NO_NEWANDCHANGE_PERM.getVal(), str)) {
            logger.info("禁用新增和禁用修改的两个角色禁用用户删除成功个数：" + DeleteServiceHelper.delete(PERM_USER_BIZ_ROLE, new QFilter[]{new QFilter(BIZ_ROLE, "in", new Long[]{Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID), Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID)})}));
            return;
        }
        List queryPrimaryKeys = QueryServiceHelper.queryPrimaryKeys("bos_user", getUserQFilter().toArray(), CommonConstant.ID, -1);
        logger.info("基础设置新增及修改改变，总用户数：" + queryPrimaryKeys.size());
        UserPermGroup invoke = new UserPermGroup(dynamicObjectCollection).invoke();
        List<Object> editPermUserIdList = invoke.getEditPermUserIdList();
        List<Object> addAndEditPermUserIdList = invoke.getAddAndEditPermUserIdList();
        initOrUpdateRiccBizDisabledPerm();
        queryPrimaryKeys.removeAll(addAndEditPermUserIdList);
        addBizRoleUsers(queryPrimaryKeys, RICC_BIZROLE_FORBIDNEW_FID);
        queryPrimaryKeys.removeAll(editPermUserIdList);
        addBizRoleUsers(queryPrimaryKeys, RICC_BIZROLE_FORBIDMODIFY_FID);
    }

    public static QFilter getUserQFilter() {
        QFilter qFilter = new QFilter(CommonConstant.ID, "not in", SYSTEM_PREINS_USERIDS);
        QFilter qFilter2 = new QFilter("enable", "=", Boolean.TRUE);
        QFilter qFilter3 = new QFilter("isforbidden", "=", "0");
        return qFilter.and(qFilter2).and(qFilter3).and(new QFilter("usertypes.fbasedataid", "=", 1L));
    }

    public static String addUserToForbidRole(String str) {
        if (StringUtils.isEmpty(str)) {
            logger.info(String.format("ricc业务事件中心添加用户事件取消，工号：%s为空。", str));
            return String.format(ResManager.loadKDString("事件取消，工号：%s为空。", "PermissionUtil_28", CommonConstant.RICC_COMMON, new Object[0]), str);
        }
        if (!QueryServiceHelper.exists(CommonConstant.INITCONFIG_FORM, Long.valueOf(SysParaUtil.INIT_CONFIG_PK_ID))) {
            return ResManager.loadKDString("系统还没进行参数配置，请先到实施配置中心【基础设置】->【参数设置】进行参数配置。", "PermissionUtil_29", CommonConstant.RICC_COMMON, new Object[0]);
        }
        if (BaseDataRightEnum.HAVE_NEWANDCHANGE_PERM.getVal().equals(SysParaUtil.getChangePermType())) {
            return String.format(ResManager.loadKDString("当前环境权限设置为允许新增和修改，业务事件中心用户加入禁用角色，工号：%s的数据无需处理。", "PermissionUtil_30", CommonConstant.RICC_COMMON, new Object[0]), str);
        }
        List queryPrimaryKeys = QueryServiceHelper.queryPrimaryKeys("bos_user", new QFilter[]{new QFilter(CommonConstant.NUMBER, "=", str), new QFilter("usertypes.fbasedataid", "=", 1L)}, CommonConstant.ID, 1);
        if (queryPrimaryKeys.isEmpty()) {
            logger.info(String.format("事件取消，工号：%s的数据不是职员。", str));
            return String.format(ResManager.loadKDString("事件取消，工号：%s不是职员。", "PermissionUtil_1", CommonConstant.RICC_COMMON, new Object[0]), str);
        }
        addOneUserToRiccRole(queryPrimaryKeys);
        return String.format(ResManager.loadKDString("工号：%s加入禁用角色成功！", "PermissionUtil_31", CommonConstant.RICC_COMMON, new Object[0]), str);
    }

    private static void addOneUserToRiccRole(List<Object> list) {
        String riccExceptionUserPerm = riccExceptionUserPerm(list);
        if (BaseDataRightEnum.HAVE_NEWANDCHANGE_PERM.getVal().equals(riccExceptionUserPerm)) {
            logger.info(String.format("该用户已加入例外用户，例外权限为允许新增和修改，无需加入禁用角色，用户id：%s", list.get(0)));
            return;
        }
        DynamicObject[] load = BusinessDataServiceHelper.load(PERM_USER_BIZ_ROLE, "bizrole,user", new QFilter(BIZ_ROLE, "in", new Long[]{Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID), Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID)}).and("user", "in", list).toArray());
        logger.info(String.format("业务事件中心用户已加入禁用角色数：%s", Integer.valueOf(load.length)));
        HashMap hashMap = new HashMap(2);
        for (DynamicObject dynamicObject : load) {
            hashMap.put(Long.valueOf(dynamicObject.getLong("bizrole.id")), dynamicObject);
        }
        ArrayList arrayList = new ArrayList(2);
        if (!hashMap.containsKey(Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID)) && !BaseDataRightEnum.HAVE_CHANGE_NONEW_PERM.getVal().equals(riccExceptionUserPerm)) {
            arrayList.add(new Object[]{Long.valueOf(DB.genLongId(PERM_USER_BIZROLE_TABLE)), list.get(0), Long.valueOf(RICC_BIZROLE_FORBIDMODIFY_FID), null, null});
        }
        if (!hashMap.containsKey(Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID))) {
            arrayList.add(new Object[]{Long.valueOf(DB.genLongId(PERM_USER_BIZROLE_TABLE)), list.get(0), Long.valueOf(RICC_BIZROLE_FORBIDNEW_FID), null, null});
        }
        logger.info(String.format("业务事件中心用户加入禁用角色数:%s", Integer.valueOf(arrayList.size())));
        if (arrayList.isEmpty()) {
            return;
        }
        DB.executeBatch(DBRoute.basedata, "insert into t_perm_userbizrole (fid, fuserid, fbizroleid, fstarttime, fendtime) values(?, ?, ?, ?, ?)", arrayList);
    }

    public static String riccExceptionUserPerm(List<Object> list) {
        Map map = (Map) DB.query(DBRoute.of("sys"), "SELECT fuserid,fexceptionperm FROM t_ricc_controlledusers WHERE fuserid=?", list.toArray(), new ResultSetHandler<Map<String, String>>() { // from class: kd.sys.ricc.common.util.PermissionUtil.1
            /* renamed from: handle, reason: merged with bridge method [inline-methods] */
            public Map<String, String> m23handle(ResultSet resultSet) throws Exception {
                HashMap hashMap = null;
                if (resultSet.next()) {
                    hashMap = new HashMap();
                    hashMap.put("fuserid", resultSet.getString(1));
                    hashMap.put("fexceptionperm", resultSet.getString(2));
                }
                return hashMap;
            }
        });
        return map == null ? BaseDataRightEnum.NO_DATA.getVal() : (String) map.get("fexceptionperm");
    }

    public static boolean checkPagePermission(String str, String str2) {
        return PermissionServiceHelper.checkPermission(UserServiceHelper.getCurrentUserId(), FormIdConstant.BOS_ORG, 0L, (String) null, str, str2) == 1;
    }

    public static boolean hasExportPerm(String str) {
        for (Map map : EntityMetadataCache.getDataEntityOperate(str)) {
            if (CommonConstant.EXPORT_OPKEY.equals((String) map.get("type"))) {
                String str2 = (String) map.get(PERMISSION);
                if (str2 == null || StringUtils.isEmpty(str2)) {
                    return true;
                }
                return checkPagePermission(str, str2);
            }
        }
        return false;
    }

    public static boolean hasImportPerm(String str) {
        for (Map map : EntityMetadataCache.getDataEntityOperate(str)) {
            if ("importdata".equals((String) map.get("type"))) {
                String str2 = (String) map.get(PERMISSION);
                if (str2 == null || StringUtils.isEmpty(str2)) {
                    return true;
                }
                return checkPagePermission(str, str2);
            }
        }
        return false;
    }

    public static DynamicObjectCollection querySpecialDataPermData(String str, boolean z, String... strArr) {
        QFilter qFilter = new QFilter("entitytype", "in", strArr);
        qFilter.or("entitytype", "=", CommonConstant.TRANSFER_AND_SYN_PERM);
        qFilter.and(new QFilter("operation_key", "=", str));
        DynamicObjectCollection query = QueryServiceHelper.query("perm_operationrule", CommonConstant.ID, qFilter.toArray());
        int size = query.size();
        String[] strArr2 = new String[size];
        for (int i = 0; i < size; i++) {
            strArr2[i] = ((DynamicObject) query.get(i)).get(CommonConstant.ID).toString();
        }
        QFilter qFilter2 = new QFilter("operationrule_id", "in", strArr2);
        qFilter2.and("entitytype", "in", strArr);
        if (z) {
            qFilter2.and(new QFilter("objenabled", "=", Boolean.valueOf(z)));
        }
        return QueryServiceHelper.query("perm_operationruleobj", "id,entitytype,objenabled", qFilter2.toArray());
    }

    public static void updateSpecialPermEnabled(Map<String, Object> map) {
        Object[] array = map.keySet().toArray();
        Map loadFromCache = BusinessDataServiceHelper.loadFromCache(array, "perm_operationruleobj");
        Iterator<Map.Entry<String, Object>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            ((DynamicObject) loadFromCache.get(key)).set("objenabled", map.get(key));
        }
        SaveServiceHelper.save(((DynamicObject) loadFromCache.get(array[0])).getDataEntityType(), loadFromCache.values().toArray());
        CacheMrg.clearCache(CacheMrg.getType4OperationRule());
        CacheMrg.clearCache(CacheMrg.getType4OperationRuleObj());
    }
}
