package cn.stylefeng.roses.kernel.sys.modular.login.service;

import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import cn.stylefeng.roses.kernel.auth.api.PermissionServiceApi;
import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
import cn.stylefeng.roses.kernel.auth.api.exception.enums.AuthExceptionEnum;
import cn.stylefeng.roses.kernel.auth.api.pojo.login.LoginUser;
import cn.stylefeng.roses.kernel.scanner.api.pojo.resource.ResourceDefinition;
import cn.stylefeng.roses.kernel.scanner.api.pojo.resource.ResourceUrlParam;
import cn.stylefeng.roses.kernel.sys.api.ResourceServiceApi;
import jakarta.annotation.Resource;
import java.util.List;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cn/stylefeng/roses/kernel/sys/modular/login/service/PermissionCheckServiceImpl.class */
public class PermissionCheckServiceImpl implements PermissionServiceApi {

    @Resource
    private SessionManagerApi sessionManagerApi;

    @Resource
    private ResourceServiceApi resourceServiceApi;

    @Resource
    private UserPermissionService userPermissionService;

    public void checkPermission(String str, String str2) {
        if (StrUtil.isEmpty(str)) {
            throw new AuthException(AuthExceptionEnum.TOKEN_GET_ERROR);
        }
        LoginUser session = this.sessionManagerApi.getSession(str);
        if (session == null) {
            throw new AuthException(AuthExceptionEnum.AUTH_EXPIRED_ERROR);
        }
        ResourceDefinition resourceByUrl = this.resourceServiceApi.getResourceByUrl(new ResourceUrlParam(str2));
        if (resourceByUrl == null) {
            throw new AuthException(AuthExceptionEnum.CANT_REQUEST_UN_OPEN_API, new Object[]{str2});
        }
        if (resourceByUrl.getRequiredPermissionFlag().booleanValue()) {
            String permissionCode = resourceByUrl.getPermissionCode();
            if (ObjectUtil.isEmpty(permissionCode)) {
                return;
            }
            List<String> userPermissionCodeList = this.userPermissionService.getUserPermissionCodeList(session);
            if (!ObjectUtil.isNotEmpty(userPermissionCodeList) || !userPermissionCodeList.contains(permissionCode)) {
                throw new AuthException(AuthExceptionEnum.PERMISSION_RES_VALIDATE_ERROR);
            }
        }
    }
}
