package com.baomidou.mybatisplus.extension.plugins.inner;

import com.baomidou.mybatisplus.core.exceptions.MybatisPlusException;
import com.baomidou.mybatisplus.core.plugins.InterceptorIgnoreHelper;
import com.baomidou.mybatisplus.core.toolkit.Assert;
import com.baomidou.mybatisplus.core.toolkit.EncryptUtils;
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.baomidou.mybatisplus.extension.parser.JsqlParserSupport;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import net.sf.jsqlparser.expression.BinaryExpression;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.Function;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.InExpression;
import net.sf.jsqlparser.expression.operators.relational.NotEqualsTo;
import net.sf.jsqlparser.schema.Column;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.delete.Delete;
import net.sf.jsqlparser.statement.select.Join;
import net.sf.jsqlparser.statement.select.PlainSelect;
import net.sf.jsqlparser.statement.select.Select;
import net.sf.jsqlparser.statement.select.SubSelect;
import net.sf.jsqlparser.statement.update.Update;
import org.apache.ibatis.executor.statement.StatementHandler;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.mapping.SqlCommandType;

/* loaded from: input_file:BOOT-INF/lib/mybatis-plus-extension-3.4.3.4.jar:com/baomidou/mybatisplus/extension/plugins/inner/IllegalSQLInnerInterceptor.class */
public class IllegalSQLInnerInterceptor extends JsqlParserSupport implements InnerInterceptor {
    private static final Set<String> cacheValidResult = new HashSet();
    private static final Map<String, List<IndexInfo>> indexInfoMap = new ConcurrentHashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:BOOT-INF/lib/mybatis-plus-extension-3.4.3.4.jar:com/baomidou/mybatisplus/extension/plugins/inner/IllegalSQLInnerInterceptor$IndexInfo.class */
    public static class IndexInfo {
        private String dbName;
        private String tableName;
        private String columnName;

        public String getDbName() {
            return this.dbName;
        }

        public String getTableName() {
            return this.tableName;
        }

        public String getColumnName() {
            return this.columnName;
        }

        public void setDbName(String str) {
            this.dbName = str;
        }

        public void setTableName(String str) {
            this.tableName = str;
        }

        public void setColumnName(String str) {
            this.columnName = str;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof IndexInfo)) {
                return false;
            }
            IndexInfo indexInfo = (IndexInfo) obj;
            if (!indexInfo.canEqual(this)) {
                return false;
            }
            String dbName = getDbName();
            String dbName2 = indexInfo.getDbName();
            if (dbName == null) {
                if (dbName2 != null) {
                    return false;
                }
            } else if (!dbName.equals(dbName2)) {
                return false;
            }
            String tableName = getTableName();
            String tableName2 = indexInfo.getTableName();
            if (tableName == null) {
                if (tableName2 != null) {
                    return false;
                }
            } else if (!tableName.equals(tableName2)) {
                return false;
            }
            String columnName = getColumnName();
            String columnName2 = indexInfo.getColumnName();
            return columnName == null ? columnName2 == null : columnName.equals(columnName2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof IndexInfo;
        }

        public int hashCode() {
            String dbName = getDbName();
            int hashCode = (1 * 59) + (dbName == null ? 43 : dbName.hashCode());
            String tableName = getTableName();
            int hashCode2 = (hashCode * 59) + (tableName == null ? 43 : tableName.hashCode());
            String columnName = getColumnName();
            return (hashCode2 * 59) + (columnName == null ? 43 : columnName.hashCode());
        }

        public String toString() {
            return "IllegalSQLInnerInterceptor.IndexInfo(dbName=" + getDbName() + ", tableName=" + getTableName() + ", columnName=" + getColumnName() + ")";
        }
    }

    @Override // com.baomidou.mybatisplus.extension.plugins.inner.InnerInterceptor
    public void beforePrepare(StatementHandler statementHandler, Connection connection, Integer num) {
        PluginUtils.MPStatementHandler mpStatementHandler = PluginUtils.mpStatementHandler(statementHandler);
        MappedStatement mappedStatement = mpStatementHandler.mappedStatement();
        if (mappedStatement.getSqlCommandType() == SqlCommandType.INSERT || InterceptorIgnoreHelper.willIgnoreIllegalSql(mappedStatement.getId())) {
            return;
        }
        String sql = mpStatementHandler.boundSql().getSql();
        this.logger.debug("检查SQL是否合规，SQL:" + sql);
        String md5Base64 = EncryptUtils.md5Base64(sql);
        if (cacheValidResult.contains(md5Base64)) {
            this.logger.debug("该SQL已验证，无需再次验证，，SQL:" + sql);
        } else {
            parserSingle(sql, connection);
            cacheValidResult.add(md5Base64);
        }
    }

    @Override // com.baomidou.mybatisplus.extension.parser.JsqlParserSupport
    protected void processSelect(Select select, int i, String str, Object obj) {
        PlainSelect plainSelect = (PlainSelect) select.getSelectBody();
        Expression where = plainSelect.getWhere();
        Assert.notNull(where, "非法SQL，必须要有where条件", new Object[0]);
        Table table = (Table) plainSelect.getFromItem();
        List<Join> joins = plainSelect.getJoins();
        validWhere(where, table, (Connection) obj);
        validJoins(joins, table, (Connection) obj);
    }

    @Override // com.baomidou.mybatisplus.extension.parser.JsqlParserSupport
    protected void processUpdate(Update update, int i, String str, Object obj) {
        Expression where = update.getWhere();
        Assert.notNull(where, "非法SQL，必须要有where条件", new Object[0]);
        Table table = update.getTable();
        List<Join> joins = update.getJoins();
        validWhere(where, table, (Connection) obj);
        validJoins(joins, table, (Connection) obj);
    }

    @Override // com.baomidou.mybatisplus.extension.parser.JsqlParserSupport
    protected void processDelete(Delete delete, int i, String str, Object obj) {
        Expression where = delete.getWhere();
        Assert.notNull(where, "非法SQL，必须要有where条件", new Object[0]);
        Table table = delete.getTable();
        List<Join> joins = delete.getJoins();
        validWhere(where, table, (Connection) obj);
        validJoins(joins, table, (Connection) obj);
    }

    private void validExpression(Expression expression) {
        if (expression instanceof OrExpression) {
            throw new MybatisPlusException("非法SQL，where条件中不能使用【or】关键字，错误or信息：" + ((OrExpression) expression).toString());
        }
        if (expression instanceof NotEqualsTo) {
            throw new MybatisPlusException("非法SQL，where条件中不能使用【!=】关键字，错误!=信息：" + ((NotEqualsTo) expression).toString());
        }
        if (!(expression instanceof BinaryExpression)) {
            if (expression instanceof InExpression) {
                InExpression inExpression = (InExpression) expression;
                if (inExpression.getRightItemsList() instanceof SubSelect) {
                    throw new MybatisPlusException("非法SQL，where条件中不能使用子查询，错误子查询SQL信息：" + ((SubSelect) inExpression.getRightItemsList()).toString());
                }
                return;
            }
            return;
        }
        BinaryExpression binaryExpression = (BinaryExpression) expression;
        if (binaryExpression.getLeftExpression() instanceof Function) {
            throw new MybatisPlusException("非法SQL，where条件中不能使用数据库函数，错误函数信息：" + ((Function) binaryExpression.getLeftExpression()).toString());
        }
        if (binaryExpression.getRightExpression() instanceof SubSelect) {
            throw new MybatisPlusException("非法SQL，where条件中不能使用子查询，错误子查询SQL信息：" + ((SubSelect) binaryExpression.getRightExpression()).toString());
        }
    }

    private void validJoins(List<Join> list, Table table, Connection connection) {
        if (list != null) {
            for (Join join : list) {
                validWhere(join.getOnExpression(), table, (Table) join.getRightItem(), connection);
            }
        }
    }

    private void validUseIndex(Table table, String str, Connection connection) {
        String str2;
        boolean z = false;
        String str3 = null;
        String[] split = table.getName().split("\\.");
        if (split.length == 1) {
            str2 = split[0];
        } else {
            str3 = split[0];
            str2 = split[1];
        }
        Iterator<IndexInfo> it = getIndexInfos(str3, str2, connection).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            IndexInfo next = it.next();
            if (null != str && str.equalsIgnoreCase(next.getColumnName())) {
                z = true;
                break;
            }
        }
        if (!z) {
            throw new MybatisPlusException("非法SQL，SQL未使用到索引, table:" + table + ", columnName:" + str);
        }
    }

    private void validWhere(Expression expression, Table table, Connection connection) {
        validWhere(expression, table, null, connection);
    }

    private void validWhere(Expression expression, Table table, Table table2, Connection connection) {
        validExpression(expression);
        if (expression instanceof BinaryExpression) {
            Expression leftExpression = ((BinaryExpression) expression).getLeftExpression();
            validExpression(leftExpression);
            if (leftExpression instanceof Column) {
                Expression rightExpression = ((BinaryExpression) expression).getRightExpression();
                if (table2 == null || !(rightExpression instanceof Column)) {
                    validUseIndex(table, ((Column) leftExpression).getColumnName(), connection);
                } else if (Objects.equals(((Column) rightExpression).getTable().getName(), table.getAlias().getName())) {
                    validUseIndex(table, ((Column) rightExpression).getColumnName(), connection);
                    validUseIndex(table2, ((Column) leftExpression).getColumnName(), connection);
                } else {
                    validUseIndex(table2, ((Column) rightExpression).getColumnName(), connection);
                    validUseIndex(table, ((Column) leftExpression).getColumnName(), connection);
                }
            } else if (leftExpression instanceof BinaryExpression) {
                validWhere(leftExpression, table, table2, connection);
            }
            validExpression(((BinaryExpression) expression).getRightExpression());
        }
    }

    public List<IndexInfo> getIndexInfos(String str, String str2, Connection connection) {
        return getIndexInfos(null, str, str2, connection);
    }

    public List<IndexInfo> getIndexInfos(String str, String str2, String str3, Connection connection) {
        List<IndexInfo> list = null;
        if (StringUtils.isNotBlank(str)) {
            list = indexInfoMap.get(str);
        }
        if (list == null || list.isEmpty()) {
            try {
                ResultSet indexInfo = connection.getMetaData().getIndexInfo(StringUtils.isBlank(str2) ? connection.getCatalog() : str2, StringUtils.isBlank(str2) ? connection.getSchema() : str2, str3, false, true);
                list = new ArrayList();
                while (indexInfo.next()) {
                    if (Objects.equals(indexInfo.getString(8), "1")) {
                        IndexInfo indexInfo2 = new IndexInfo();
                        indexInfo2.setDbName(indexInfo.getString(1));
                        indexInfo2.setTableName(indexInfo.getString(3));
                        indexInfo2.setColumnName(indexInfo.getString(9));
                        list.add(indexInfo2);
                    }
                }
                if (StringUtils.isNotBlank(str)) {
                    indexInfoMap.put(str, list);
                }
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
        return list;
    }
}
