package cn.pconline.auth;

import cn.pconline.photolib.entity.AppResource;
import cn.pconline.photolib.util.SqlBuilder;
import cn.pconline.security2.authentication.Client;
import java.util.List;
import org.gelivable.dao.GeliUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/pconline/auth/AuthFacade.class */
public class AuthFacade {
    private static final Logger LOG = LoggerFactory.getLogger("applog");
    private String application;

    public String getApplication() {
        return this.application;
    }

    public void setApplication(String str) {
        this.application = str;
    }

    public void init() {
        Client.setApplication(this.application);
    }

    public boolean hasRight(Resource resource, Function function, long j) {
        if (isAdmin(j)) {
            return true;
        }
        List<String> ancestors = resource.getAncestors();
        SqlBuilder sqlBuilder = new SqlBuilder();
        sqlBuilder.appendSql("select count(1) from sec_acl a, sec_role_function r where a.role_id = r.role_id ");
        sqlBuilder.appendSql(" and r.function_id = ");
        sqlBuilder.appendValue(Long.valueOf(function.getFunctionId()));
        sqlBuilder.appendSql(" and r.application = ");
        sqlBuilder.appendValue(getApplication());
        sqlBuilder.appendSql(" and a.user_id = ");
        sqlBuilder.appendValue(Long.valueOf(j));
        sqlBuilder.appendSql(" and a.resource_id in ");
        sqlBuilder.appendValues(ancestors.toArray());
        LOG.debug("hasRight sql:{}; params:{}", sqlBuilder.getSql(), sqlBuilder.getValues());
        return GeliUtils.getDao().count(sqlBuilder.getSql(), sqlBuilder.getValues()) > 0;
    }

    public boolean hasRight(long j, long j2, long j3) {
        if (isAdmin(j3)) {
            return true;
        }
        return hasRight(AppResource.getById("" + j), Function.getById(j2), j3);
    }

    public boolean hasRight(Function function, long j) {
        if (isAdmin(j)) {
            return true;
        }
        return hasRight(Resource.RootResource, function, j);
    }

    public boolean hasRight(long j, long j2) {
        if (isAdmin(j2)) {
            return true;
        }
        return hasRight(0L, j, j2);
    }

    public void checkRight(Resource resource, Function function, long j) {
        if (!hasRight(resource, function, j)) {
            throw new SecurityException("您还没有[" + resource.getName() + " -> " + function.getName() + "]权限，请联系管理员");
        }
    }

    public void checkRight(long j, long j2, long j3) {
        checkRight(AppResource.getById("" + j), Function.getById(j2), j3);
    }

    public boolean isAdmin(long j) {
        return Client.isAdmin(j);
    }

    public void checkAdmin(long j) {
        if (!isAdmin(j)) {
            throw new SecurityException("您还不是系统管理员，请联系内部账号管理员或技术人员");
        }
    }

    public boolean isApplicationUser(String str, long j) {
        if (isAdmin(j)) {
            return true;
        }
        LOG.debug("{},{}", "select count(1) from sec_acl where user_id = ? and application = ?", j + "," + str);
        return GeliUtils.getDao().count("select count(1) from sec_acl where user_id = ? and application = ?", new Object[]{Long.valueOf(j), str}) > 0;
    }

    public boolean isApplicationUser(long j) {
        if (!isAdmin(j)) {
            return isApplicationUser(Client.getApplication(), j);
        }
        LOG.debug("{} is admin", Long.valueOf(j));
        return true;
    }

    public boolean isExistAcl(long j, long j2, String str, String str2) {
        return isAdmin(j) || GeliUtils.getDao().count("select count(1) from sec_acl where user_id = ? and role_id = ? and resource_id = ? and application = ?", new Object[]{Long.valueOf(j), Long.valueOf(j2), str, str2}) > 0;
    }
}
