package com.jzt.jk.bigdata.compass.admin.security.datascope;

import com.jzt.jk.bigdata.compass.admin.dto.JwtUserDto;
import com.jzt.jk.bigdata.compass.admin.dto.StoreSmallDto;
import com.jzt.jk.bigdata.compass.admin.exception.BadRequestException;
import com.jzt.jk.bigdata.compass.admin.utils.SecurityUtils;
import java.io.IOException;
import java.util.List;
import java.util.stream.Stream;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/classes/com/jzt/jk/bigdata/compass/admin/security/datascope/DataScopeFilter.class */
public class DataScopeFilter extends AbortableFilter {
    @Override // com.jzt.jk.bigdata.compass.admin.security.datascope.AbortableFilter
    public void doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = httpServletRequest.getHeader("storecode");
        if (StringUtils.isEmpty(header)) {
            throw new BadRequestException("请求报文中，店铺入参缺失");
        }
        List<StoreSmallDto> stores = ((JwtUserDto) SecurityUtils.getCurrentUser()).getStores();
        if (CollectionUtils.isEmpty(stores) || stores.stream().map((v0) -> {
            return v0.getStoreCode();
        }).allMatch(str -> {
            return !str.equals(header);
        })) {
            throw new AccessDeniedException("数据访问权限不足");
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.jzt.jk.bigdata.compass.admin.security.datascope.AbortableFilter
    public boolean excludeMatcher(HttpServletRequest httpServletRequest) {
        if (super.excludeMatcher(httpServletRequest)) {
            return true;
        }
        return Stream.of((Object[]) new String[]{"/sys/", "/rebate/", "/glu/", "/indicator/"}).anyMatch(str -> {
            return httpServletRequest.getServletPath().startsWith(str);
        });
    }
}
