package pl.fhframework.aop.services;

import java.lang.reflect.AnnotatedElement;
import java.lang.reflect.Method;
import java.util.Set;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.fhframework.core.FhAuthorizationException;
import pl.fhframework.core.security.PermissionsProvider;

@Aspect
@Component
/* loaded from: input_file:pl/fhframework/aop/services/FhSecurityAspect.class */
public class FhSecurityAspect {

    @Autowired(required = false)
    private PermissionsProvider permissionProvder;

    @Around("within(@pl.fhframework.core.rules.BusinessRule *) && (within(@pl.fhframework.core.security.annotations.SystemFunction *) or within(@pl.fhframework.core.security.annotations.SystemFunctions *) or within(@pl.fhframework.core.security.annotations.SystemRole *) or within(@pl.fhframework.core.security.annotations.SystemRoles *)) && execution(public * *(..)) && not @annotation(pl.fhframework.core.security.annotations.SystemFunction) && not @annotation(pl.fhframework.core.security.annotations.SystemFunctions) && not @annotation(pl.fhframework.core.security.annotations.SystemRole) && not @annotation(pl.fhframework.core.security.annotations.SystemRoles)")
    public Object ruleClassSecurityPoint(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        checkPermission(proceedingJoinPoint.getTarget().getClass(), "Rule");
        return proceedingJoinPoint.proceed();
    }

    @Around("within(@pl.fhframework.core.rules.BusinessRule *) && (@annotation(pl.fhframework.core.security.annotations.SystemFunction) or @annotation(pl.fhframework.core.security.annotations.SystemFunctions) or @annotation(pl.fhframework.core.security.annotations.SystemRole) or @annotation(pl.fhframework.core.security.annotations.SystemRoles))")
    public Object ruleMethodSecurityPoint(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        checkPermission(proceedingJoinPoint.getSignature().getMethod(), "Rule");
        return proceedingJoinPoint.proceed();
    }

    @Around("within(@pl.fhframework.core.services.FhService *) && (within(@pl.fhframework.core.security.annotations.SystemFunction *) or within(@pl.fhframework.core.security.annotations.SystemFunctions *) or within(@pl.fhframework.core.security.annotations.SystemRole *) or within(@pl.fhframework.core.security.annotations.SystemRoles *)) && execution(public * *(..)) && not @annotation(pl.fhframework.core.security.annotations.SystemFunction) && not @annotation(pl.fhframework.core.security.annotations.SystemFunctions) && not @annotation(pl.fhframework.core.security.annotations.SystemRole) && not @annotation(pl.fhframework.core.security.annotations.SystemRoles)")
    public Object serviceClassSecurityPoint(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        checkPermission(proceedingJoinPoint.getTarget().getClass(), "Service");
        return proceedingJoinPoint.proceed();
    }

    @Around("within(@pl.fhframework.core.services.FhService *) && (@annotation(pl.fhframework.core.security.annotations.SystemFunction) or @annotation(pl.fhframework.core.security.annotations.SystemFunctions) or @annotation(pl.fhframework.core.security.annotations.SystemRole) or @annotation(pl.fhframework.core.security.annotations.SystemRoles))")
    public Object serviceMethodSecurityPoint(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        checkPermission(proceedingJoinPoint.getSignature().getMethod(), "Service");
        return proceedingJoinPoint.proceed();
    }

    private void checkPermission(Class<?> cls, String str) {
        if (this.permissionProvder == null || !this.permissionProvder.hasPermission(cls)) {
            throw new FhAuthorizationException(String.format("User has no permission to execute %s '%s'. Required one of permissions: %s", str, cls.getSimpleName(), buildPermissionMessage(cls)));
        }
    }

    private void checkPermission(Method method, String str) {
        if (this.permissionProvder == null || !this.permissionProvder.hasPermission(method)) {
            throw new FhAuthorizationException(String.format("User has no permission to execute %s '%s.%s'. Required one of permissions: %s", str, method.getDeclaringClass().getSimpleName(), method.getName(), buildPermissionMessage(method)));
        }
    }

    private String buildPermissionMessage(AnnotatedElement annotatedElement) {
        StringBuilder sb = new StringBuilder();
        buildPermissionMessage(sb, this.permissionProvder.getDeclaredFunctions(annotatedElement));
        buildPermissionMessage(sb, this.permissionProvder.getDeclaredRoles(annotatedElement));
        return sb.toString();
    }

    private void buildPermissionMessage(StringBuilder sb, Set<String> set) {
        set.forEach(str -> {
            if (sb.length() > 0) {
                sb.append(',').append(' ');
            }
            sb.append(str);
        });
    }
}
