package com.xdja.csagent.webui.security;

import ch.qos.logback.classic.spi.CallerData;
import com.xdja.csagent.webui.base.manager.MenuListService;
import java.util.Collection;
import java.util.Iterator;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.FilterInvocation;

/* loaded from: input_file:WEB-INF/classes/com/xdja/csagent/webui/security/MyAccessDecisionManager.class */
public class MyAccessDecisionManager implements AccessDecisionManager {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Resource
    private MenuListService menuListService;

    @Override // org.springframework.security.access.AccessDecisionManager
    public void decide(Authentication authentication, Object obj, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
        if (!authentication.getClass().isAssignableFrom(UsernamePasswordAuthenticationToken.class)) {
            throw new AccessDeniedException("没有权限访问！");
        }
        MyPrincipal myPrincipal = (MyPrincipal) authentication.getPrincipal();
        if (MyPrincipal.ROOT.equals(myPrincipal.getUsername())) {
            this.logger.debug("ROOT user , all pass!");
            return;
        }
        String requestUrl = ((FilterInvocation) obj).getRequestUrl();
        this.logger.debug("requestUrl is {}", requestUrl);
        int indexOf = requestUrl.indexOf(CallerData.NA);
        if (indexOf != -1) {
            requestUrl = requestUrl.substring(0, indexOf);
        }
        Iterator<GrantedAuthority> it = myPrincipal.getAuthorities().iterator();
        while (it.hasNext()) {
            if (it.next().getAuthority().equals(requestUrl)) {
                return;
            }
        }
        if (this.menuListService.hasHref(requestUrl)) {
            throw new AccessDeniedException("没有权限访问！");
        }
    }

    @Override // org.springframework.security.access.AccessDecisionManager
    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    @Override // org.springframework.security.access.AccessDecisionManager
    public boolean supports(Class<?> cls) {
        return true;
    }
}
