package kd.bos.base.user.pojo;

import java.io.IOException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.orm.query.QFilter;
import kd.bos.permission.api.PermissionService;
import kd.bos.permission.model.UserParam;
import kd.bos.service.ServiceFactory;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.QueryServiceHelper;
import kd.bos.servicehelper.permission.PermissionServiceHelper;

/* loaded from: input_file:kd/bos/base/user/pojo/UserApiSecurity.class */
public class UserApiSecurity {
    private static final String API_URL_ADD_OR_UPDATE = "/app/base/users";
    private static final String API_URL_QUERY_USER = "/app/base/getUser";
    private static final String API_URL_QUERY_USERS_BY_NUMBERS = "/app/base/user_query";
    private static final String API_URL_ENABLE_USER = "/app/base/user_enable";
    private static final String API_URL_DISABLE_USER = "/app/base/user_disable";
    private static final String API_URL_DELETE_USER = "/app/base/user_delete";
    private static final String API_URL_ADD_USERS = "/app/base/user_add";
    private static final String API_URL_UPDATE_USERS = "/app/base/user_update";
    private static final String ENTITY_KEY_OPEN_API_SERVICE_NEW = "open_apiservice_new";
    private static final String PRO_ORG_AUTHOR_FILTER = "org_author_filter";
    protected static final String SYSTEM_TYPE = "bos-base-webapi";
    public static Map<String, UserApiInfo> url2ApiInfoMap = new HashMap();
    private static PermissionService permissionService = (PermissionService) ServiceFactory.getService(PermissionService.class);

    private static String getApiNumber(String str) {
        return getApiInfo(str) == null ? "" : getApiInfo(str).getNumber();
    }

    private static String getApiPermItemId(String str) {
        return getApiInfo(str).getPermItemId();
    }

    private static String getFunPermMsg(String str) {
        return getApiInfo(str).getFunPermMsg();
    }

    private static String getDataPermMsg(String str) {
        return getApiInfo(str).getDataPermMsg();
    }

    private static UserApiInfo getApiInfo(String str) {
        return url2ApiInfoMap.get(str);
    }

    private static boolean isCheckDatePermission(String str) {
        return getApiInfo(str).isCheckDatePermission();
    }

    public static UserApiCheckResult checkPermission(String str, Map<String, Object> map) {
        QFilter dataRuleWithoutDim;
        if (getApiInfo(str) == null) {
            return UserApiCheckResult.success();
        }
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(ENTITY_KEY_OPEN_API_SERVICE_NEW, PRO_ORG_AUTHOR_FILTER, new QFilter[]{new QFilter("number", "=", getApiNumber(str))});
        boolean z = false;
        if (loadSingleFromCache != null) {
            try {
                z = loadSingleFromCache.getBoolean(PRO_ORG_AUTHOR_FILTER);
            } catch (Exception e) {
                z = false;
            }
        }
        if (z) {
            long currUserId = RequestContext.get().getCurrUserId();
            if (!PermissionServiceHelper.checkPermission(Long.valueOf(currUserId), "base", "bos_user", getApiPermItemId(str))) {
                return UserApiCheckResult.fail(getFunPermMsg(str));
            }
            if (isCheckDatePermission(str) && (dataRuleWithoutDim = permissionService.getDataRuleWithoutDim(currUserId, "base", "bos_user", getApiPermItemId(str), (List) null)) != null) {
                return UserApiCheckResult.success(dataRuleWithoutDim, getDataPermMsg(str));
            }
        }
        return UserApiCheckResult.success();
    }

    public static void checkDataPermission(List<UserParam> list, List<UserParam> list2, UserApiCheckResult userApiCheckResult) throws IOException {
        if (userApiCheckResult.getFilter() == null) {
            return;
        }
        Set set = (Set) QueryServiceHelper.query("bos_user", "id", new QFilter[]{userApiCheckResult.getFilter()}).stream().map(dynamicObject -> {
            return Long.valueOf(dynamicObject.getLong("id"));
        }).collect(Collectors.toSet());
        Iterator<UserParam> it = list2.iterator();
        while (it.hasNext()) {
            UserParam next = it.next();
            long id = next.getId();
            if (next.isSuccess() && !set.contains(Long.valueOf(id))) {
                UserParam userParam = new UserParam();
                userParam.setId(id);
                userParam.setSuccess(false);
                userParam.setMsg(userApiCheckResult.getMsg());
                list.add(userParam);
                it.remove();
            }
        }
    }

    public static void checkDataPermission(UserResult userResult, List<UserParam> list, UserApiCheckResult userApiCheckResult) {
        if (userApiCheckResult.getFilter() == null) {
            return;
        }
        Set set = (Set) QueryServiceHelper.query("bos_user", "id", new QFilter[]{userApiCheckResult.getFilter()}).stream().map(dynamicObject -> {
            return Long.valueOf(dynamicObject.getLong("id"));
        }).collect(Collectors.toSet());
        Iterator<UserParam> it = list.iterator();
        while (it.hasNext()) {
            UserParam next = it.next();
            long id = next.getId();
            if (next.isSuccess() && !set.contains(Long.valueOf(id))) {
                addFailDataToUserResult(next, userResult, userApiCheckResult.getMsg());
                it.remove();
            }
        }
    }

    public static void checkDataPermission(List<Long> list, UserApiCheckResult userApiCheckResult) {
        if (userApiCheckResult.getFilter() == null) {
            return;
        }
        Set set = (Set) QueryServiceHelper.query("bos_user", "id", new QFilter[]{userApiCheckResult.getFilter()}).stream().map(dynamicObject -> {
            return Long.valueOf(dynamicObject.getLong("id"));
        }).collect(Collectors.toSet());
        Iterator<Long> it = list.iterator();
        while (it.hasNext()) {
            if (!set.contains(it.next())) {
                it.remove();
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v55, types: [java.util.Set] */
    public static void checkPermissionForAddOrUpdateUser(List<UserParam> list, UserResult userResult, String str) {
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(ENTITY_KEY_OPEN_API_SERVICE_NEW, PRO_ORG_AUTHOR_FILTER, new QFilter[]{new QFilter("number", "=", getApiNumber(str))});
        boolean z = false;
        if (loadSingleFromCache != null) {
            try {
                z = loadSingleFromCache.getBoolean(PRO_ORG_AUTHOR_FILTER);
            } catch (Exception e) {
                z = false;
            }
        }
        if (z) {
            long currUserId = RequestContext.get().getCurrUserId();
            boolean checkPermission = PermissionServiceHelper.checkPermission(Long.valueOf(currUserId), "base", "bos_user", "47156aff000000ac");
            boolean checkPermission2 = PermissionServiceHelper.checkPermission(Long.valueOf(currUserId), "base", "bos_user", "4715a0df000000ac");
            QFilter dataRuleWithoutDim = permissionService.getDataRuleWithoutDim(currUserId, "base", "bos_user", "4715a0df000000ac", (List) null);
            HashSet hashSet = new HashSet();
            if (dataRuleWithoutDim != null) {
                hashSet = (Set) QueryServiceHelper.query("bos_user", "id", new QFilter[]{dataRuleWithoutDim}).stream().map(dynamicObject -> {
                    return Long.valueOf(dynamicObject.getLong("id"));
                }).collect(Collectors.toSet());
            }
            Iterator<UserParam> it = list.iterator();
            while (it.hasNext()) {
                UserParam next = it.next();
                if (!(next.getId() == 0)) {
                    Long valueOf = Long.valueOf(next.getId());
                    if (!checkPermission2) {
                        addFailDataToUserResult(next, userResult, getFunPermMsg(str));
                        it.remove();
                    } else if (dataRuleWithoutDim != null && !hashSet.contains(valueOf)) {
                        addFailDataToUserResult(next, userResult, getDataPermMsg(str));
                        it.remove();
                    }
                } else if (!checkPermission) {
                    addFailDataToUserResult(next, userResult, ResManager.loadKDString("没有人员“新增”权限。", "UserApiSecurity_8", SYSTEM_TYPE, new Object[0]));
                    it.remove();
                }
            }
        }
    }

    private static void addFailDataToUserResult(UserParam userParam, UserResult userResult, String str) {
        ResponseData responseData = new ResponseData();
        long id = userParam.getId();
        if (0 != id) {
            responseData.setId(String.valueOf(id));
        }
        responseData.setReason(str);
        Map dataMap = userParam.getDataMap();
        if (null != dataMap) {
            Object obj = dataMap.get("number");
            if (!Objects.isNull(obj)) {
                responseData.setNumber(obj.toString());
            }
            Object obj2 = dataMap.get("name");
            if (!Objects.isNull(obj2)) {
                responseData.setName(obj2.toString());
            }
            Object obj3 = dataMap.get("phone");
            if (!Objects.isNull(obj3)) {
                responseData.setPhone(obj3.toString());
            }
            Object obj4 = dataMap.get("email");
            if (!Objects.isNull(obj4)) {
                responseData.setEmail(obj4.toString());
            }
        }
        userResult.addFailData(responseData);
    }

    static {
        url2ApiInfoMap.put(API_URL_ADD_OR_UPDATE, new UserApiInfo(API_URL_ADD_OR_UPDATE, "users", "47150e89000000ac", true, ResManager.loadKDString("没有人员“修改”权限。", "UserApiSecurity_9", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则修改”权限。", "UserApiSecurity_10", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_QUERY_USER, new UserApiInfo(API_URL_QUERY_USER, "getUser", "47150e89000000ac", true, ResManager.loadKDString("没有人员“查询”权限。", "UserApiSecurity_0", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则查询”权限。", "UserApiSecurity_1", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_ENABLE_USER, new UserApiInfo(API_URL_ENABLE_USER, "user_enable", "4730fc5d000000ac", true, ResManager.loadKDString("没有人员“启用”权限。", "UserApiSecurity_2", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则启用”权限。", "UserApiSecurity_3", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_DISABLE_USER, new UserApiInfo(API_URL_DISABLE_USER, "user_disable", "47160c2b000000ac", true, ResManager.loadKDString("没有人员“禁用”权限。", "UserApiSecurity_4", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则禁用”权限。", "UserApiSecurity_5", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_DELETE_USER, new UserApiInfo(API_URL_DELETE_USER, "user_delete", "4715e1f1000000ac", true, ResManager.loadKDString("没有人员“删除”权限。", "UserApiSecurity_6", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则删除”权限。", "UserApiSecurity_7", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_ADD_USERS, new UserApiInfo(API_URL_ADD_USERS, "user_add", "47156aff000000ac", false, ResManager.loadKDString("没有人员“新增”权限。", "UserApiSecurity_8", SYSTEM_TYPE, new Object[0])));
        url2ApiInfoMap.put(API_URL_UPDATE_USERS, new UserApiInfo(API_URL_UPDATE_USERS, "user_update", "4715a0df000000ac", true, ResManager.loadKDString("没有人员“修改”权限。", "UserApiSecurity_9", SYSTEM_TYPE, new Object[0]), ResManager.loadKDString("没有人员“数据规则修改”权限。", "UserApiSecurity_10", SYSTEM_TYPE, new Object[0])));
    }
}
