package cn.com.duiba.sso.api.web.filter.filterhandler.handler;

import cn.com.duiba.sso.api.domain.dto.AdminDto;
import cn.com.duiba.sso.api.domain.enums.SystemEnum;
import cn.com.duiba.sso.api.exception.SsoException;
import cn.com.duiba.sso.api.web.annotation.SsoComponent;
import cn.com.duiba.sso.api.web.factory.SsoContext;
import cn.com.duiba.sso.api.web.filter.filterhandler.SsoFilterHandler;
import cn.com.duiba.sso.api.web.tool.RequestTool;
import com.alibaba.fastjson.JSONObject;
import com.google.common.base.Splitter;
import java.io.IOException;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@SsoComponent
/* loaded from: input_file:cn/com/duiba/sso/api/web/filter/filterhandler/handler/AuthorityFilterHandler.class */
public class AuthorityFilterHandler extends SsoFilterHandler {
    private SystemEnum system;
    private Splitter spl = Splitter.on("/").trimResults().omitEmptyStrings();

    @Override // cn.com.duiba.sso.api.web.filter.filterhandler.SsoFilterHandler
    public Integer getOrder() {
        return -99;
    }

    @Override // cn.com.duiba.sso.api.web.factory.SsoBeanAware
    public void setContext(SsoContext ssoContext) {
        this.system = ssoContext.getSsoSystemProperties().getSystem();
    }

    @Override // cn.com.duiba.sso.api.web.filter.filterhandler.SsoFilterHandler
    public Boolean doHandler(FilterChain filterChain) throws SsoException {
        AdminDto admin = RequestTool.getAdmin();
        if (!admin.getCompanyEnumSet().contains(this.system)) {
            throw new SsoException("尊敬的" + admin.getName() + ",你对" + this.system.getName() + "的执着给我们留下了深刻的印象,不过相关领导说你不能进");
        }
        HttpServletRequest request = RequestTool.getRequest();
        HttpServletResponse response = RequestTool.getResponse();
        Long adminId = RequestTool.getAdminId();
        String header = request.getHeader("Accept");
        String requestURI = request.getRequestURI();
        List splitToList = this.spl.splitToList(requestURI);
        if (splitToList.size() > 2) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("/").append((String) splitToList.get(0)).append("/").append((String) splitToList.get(1));
            requestURI = stringBuffer.toString();
        }
        if (!RequestTool.getUrlBlackSet(adminId.intValue(), 0).contains(requestURI)) {
            return true;
        }
        if (!header.contains("json")) {
            try {
                response.setHeader("Content-Type", "text/html;charset=UTF-8");
                response.getWriter().write("无权访问");
                return false;
            } catch (IOException e) {
                e.printStackTrace();
                throw new SsoException(e.getMessage());
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("code", -1);
        jSONObject.put("desc", "您无权访问");
        response.setHeader("Content-Type", "application/json;charset=UTF-8");
        try {
            response.getWriter().write(jSONObject.toJSONString());
            return false;
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new SsoException(e2.getMessage());
        }
    }
}
