package com.odianyun.finance.business.common.interceptors;

import com.odianyun.finance.model.annotation.DataAuth;
import com.odianyun.finance.model.annotation.DataAuthAspectContext;
import com.odianyun.user.client.api.EmployeeContainer;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.BoundSql;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.ibatis.plugin.Intercepts;
import org.apache.ibatis.plugin.Invocation;
import org.apache.ibatis.plugin.Signature;
import org.apache.ibatis.session.ResultHandler;
import org.apache.ibatis.session.RowBounds;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Intercepts({@Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class})})
/* loaded from: input_file:com/odianyun/finance/business/common/interceptors/DataAuthInterceptor.class */
public class DataAuthInterceptor implements Interceptor {
    private static final List<String> prefixList = Arrays.asList("OR ", "OR\n", "OR\r", "OR\t");
    private final Logger logger = LoggerFactory.getLogger(getClass());

    public Object intercept(Invocation invocation) throws Throwable {
        DataAuth dataAuthKey = DataAuthAspectContext.getDataAuthKey();
        if (dataAuthKey != null && !StringUtils.isEmpty(EmployeeContainer.getUt())) {
            Object[] args = invocation.getArgs();
            MappedStatement mappedStatement = (MappedStatement) args[0];
            String id = mappedStatement.getId();
            String substring = id.substring(0, id.lastIndexOf("."));
            List asList = org.assertj.core.util.Arrays.asList(dataAuthKey.disableNamespace());
            if (CollectionUtils.isNotEmpty(asList) && asList.contains(substring)) {
                return invocation.proceed();
            }
            BoundSql boundSql = mappedStatement.getBoundSql(args[1]);
            args[0] = MybatisStatementUtils.copyFromNewSql(mappedStatement, boundSql, parseSql(dataAuthKey, invocation), boundSql.getParameterMappings(), boundSql.getParameterObject());
            return invocation.proceed();
        }
        return invocation.proceed();
    }

    public String parseSql(DataAuth dataAuth, Invocation invocation) {
        String[] tableAliasNames = dataAuth.tableAliasNames();
        Object[] args = invocation.getArgs();
        String sql = ((MappedStatement) args[0]).getBoundSql(args[1]).getSql();
        int indexOfIgnoreCase = StringUtils.indexOfIgnoreCase(sql, "WHERE");
        String substring = sql.substring(0, indexOfIgnoreCase + 6);
        String substring2 = sql.substring(indexOfIgnoreCase + 6);
        StringBuilder sb = new StringBuilder(substring);
        String str = "";
        if (org.assertj.core.util.Arrays.isNullOrEmpty(tableAliasNames)) {
            str = buildDataAuthSql("", dataAuth);
        } else {
            for (String str2 : tableAliasNames) {
                if (StringUtils.containsIgnoreCase(sql, " " + str2 + " ")) {
                    break;
                }
                str = buildDataAuthSql(str2 + ".", dataAuth);
            }
        }
        sb.append(str);
        sb.append(substring2);
        this.logger.info("DataAuthInterceptor原sql:{},新sql:{}", sql, sb.toString());
        return sb.toString();
    }

    private String buildDataAuthSql(String str, DataAuth dataAuth) {
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        boolean enableStore = dataAuth.enableStore();
        Set set = (Set) EmployeeContainer.getEmployeeAuthInfo().getAuthChannelList().stream().map((v0) -> {
            return v0.getChannelCode();
        }).collect(Collectors.toSet());
        Set set2 = (Set) EmployeeContainer.getEmployeeAuthInfo().getAuthStoreList().stream().map((v0) -> {
            return v0.getStoreId();
        }).collect(Collectors.toSet());
        if (set.size() >= 200 || set2.size() > 200) {
            sb2 = new StringBuilder();
        } else {
            sb2.append("or ").append(str).append("channel_code in").append(" ('").append(StringUtils.join(set, "','")).append("') ");
            if (enableStore) {
                sb2.append("or ").append(str).append("store_id in").append(" (").append(StringUtils.join(set2, ",")).append(") ");
            }
        }
        String trim = sb2.toString().toUpperCase(Locale.ENGLISH).trim();
        Iterator<String> it = prefixList.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String next = it.next();
            if (trim.startsWith(next)) {
                sb2.delete(0, next.trim().length());
                break;
            }
        }
        if (sb2.length() > 0) {
            sb.append(" (").append((CharSequence) sb2).append(") ").append(" and ");
        }
        return sb.toString();
    }
}
