package net.risesoft.config;

import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import lombok.Generated;
import net.risesoft.model.user.UserInfo;
import net.risesoft.service.org.Y9ManagerService;
import net.risesoft.y9.Y9Context;
import net.risesoft.y9.Y9LoginUserHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/risesoft/config/CheckUserLoginFilter4Platform.class */
public class CheckUserLoginFilter4Platform implements Filter {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(CheckUserLoginFilter4Platform.class);

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        UserInfo userInfo;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            userInfo = (UserInfo) ((HttpServletRequest) servletRequest).getSession().getAttribute("loginUser");
            if (userInfo == null) {
                userInfo = Y9LoginUserHolder.getUserInfo();
            }
        } catch (RuntimeException e) {
            LOGGER.info(e.getMessage(), e);
            servletResponse.setCharacterEncoding("UTF-8");
            servletResponse.setContentType("application/json; charset=utf-8");
            httpServletResponse.setStatus(401);
            servletResponse.getWriter().append((CharSequence) "该用户不是管理员，没有权限!!");
        }
        if (userInfo == null) {
            throw new RuntimeException("No user was found in httpsession !!!");
        }
        if (null == ((Y9ManagerService) Y9Context.getBean(Y9ManagerService.class)).getById(userInfo.getPersonId())) {
            throw new RuntimeException("This user is not an administrator, without permission !!!");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }
}
