package net.risesoft.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.risesoft.api.org.PersonManager;
import net.risesoft.exception.AccessManagerException;
import net.risesoft.model.Person;
import net.risesoft.util.RisesoftUtil;
import net.risesoft.y9.Y9Context;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.util.AssertionHolder;
import org.jasig.cas.client.validation.Assertion;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/risesoft/filter/RisePermissionFilter.class */
public class RisePermissionFilter implements Filter {
    protected final Logger logger = LoggerFactory.getLogger(RisePermissionFilter.class);
    private boolean isMultitenant = false;
    private String systemName = "";
    private String ignoreUrlPatternType = "RiseAntPathMatcher";
    private RiseContainMatcher containMatcher = new RiseContainMatcher();
    private RiseAntPathMatcher antPathMatcher = new RiseAntPathMatcher();

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.isMultitenant = Boolean.valueOf(filterConfig.getInitParameter("isMultitenant")).booleanValue();
        this.systemName = filterConfig.getInitParameter("systemName");
        Y9Context.setSystemName(this.systemName);
        this.ignoreUrlPatternType = filterConfig.getInitParameter("ignoreUrlPatternType");
        String initParameter = filterConfig.getInitParameter("ignorePattern");
        this.containMatcher.setPattern(initParameter);
        this.antPathMatcher.setPattern(initParameter);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession();
        String requestURI = httpServletRequest.getRequestURI();
        if (httpServletRequest.getQueryString() != null) {
            requestURI = String.valueOf(requestURI) + "?" + httpServletRequest.getQueryString();
        }
        this.logger.debug("requestUri==" + requestURI);
        if ("RiseAntPathMatcher".equalsIgnoreCase(this.ignoreUrlPatternType)) {
            if (this.antPathMatcher.matches(requestURI)) {
                this.logger.debug(String.valueOf(requestURI) + ", Request is ignored.");
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
        } else if (this.containMatcher.matches(requestURI)) {
            this.logger.debug(String.valueOf(requestURI) + ", Request is ignored.");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            Assertion assertion = AssertionHolder.getAssertion();
            String str = (String) session.getAttribute("loginName_RisePermission");
            if (assertion != null && str == null) {
                AttributePrincipal principal = assertion.getPrincipal();
                String name = principal.getName();
                PersonManager personManager = RisesoftUtil.getPersonManager();
                Person personByLoginName = !this.isMultitenant ? personManager.getPersonByLoginName(name) : personManager.getPersonByLoginNameAndTenantName(name, (String) principal.getAttributes().get("tenantName"));
                if (name != null && !name.equals(str) && personByLoginName != null) {
                    session.setAttribute("loginName_RisePermission", name);
                    session.setAttribute("personId_RisePermission", personByLoginName.getID());
                    session.setAttribute("tenantId_RisePermission", personByLoginName.getTenantID());
                }
            }
            String str2 = (String) session.getAttribute("tenantId_RisePermission");
            String str3 = (String) session.getAttribute("personId_RisePermission");
            String str4 = requestURI;
            int indexOf = requestURI.indexOf(";");
            if (indexOf > -1) {
                str4 = requestURI.substring(0, indexOf);
            }
            if (RisesoftUtil.getAccessControlService().checkPermission(str2, str3, this.systemName, str4, "BROWSE")) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
        } catch (AccessManagerException e) {
            this.logger.error(e.getMessage());
        }
        throw new ServletException(String.valueOf(requestURI) + ", 没有访问权限。");
    }
}
