package com.xiaomi.mone.monitor.filter;

import com.xiaomi.mone.monitor.service.user.LocalUser;
import com.xiaomi.mone.monitor.service.user.MoneUserDetailService;
import com.xiaomi.mone.monitor.service.user.UseDetailInfo;
import com.xiaomi.mone.tpc.login.enums.UserTypeEnum;
import com.xiaomi.mone.tpc.login.util.UserUtil;
import com.xiaomi.mone.tpc.login.vo.AuthUserVo;
import java.io.IOException;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.util.CollectionUtils;

@WebFilter(filterName = "authorizationFilter", urlPatterns = {"/*"})
@Order(5)
/* loaded from: input_file:com/xiaomi/mone/monitor/filter/AuthorizationFilter.class */
public class AuthorizationFilter implements Filter {
    public static final String ADMIN_OP_URI_PREFIX = "/api-manual/";

    @Autowired
    MoneUserDetailService moneUserDetailService;

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        AuthUserVo user = UserUtil.getUser();
        if (user == null || !UserTypeEnum.CAS_TYPE.getCode().equals(user.getUserType())) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (this.moneUserDetailService.getBlackList().contains(user.getAccount())) {
            noAuthResponse(servletResponse);
            return;
        }
        if (((HttpServletRequest) servletRequest).getRequestURI().indexOf(ADMIN_OP_URI_PREFIX) >= 0 && !this.moneUserDetailService.getAdminUserList().contains(user.getAccount())) {
            noAuthResponse(servletResponse);
            return;
        }
        UseDetailInfo queryUser = this.moneUserDetailService.queryUser(user.getCasUid());
        if (queryUser == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!this.moneUserDetailService.getDeptBlackList().contains(queryUser.getDeptDescr())) {
            try {
                LocalUser.set(queryUser);
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            } finally {
            }
        }
        List whiteList = this.moneUserDetailService.getWhiteList();
        if (CollectionUtils.isEmpty(whiteList) || !whiteList.contains(queryUser.getUserName())) {
            noAuthResponse(servletResponse);
            return;
        }
        try {
            LocalUser.set(queryUser);
            filterChain.doFilter(servletRequest, servletResponse);
        } finally {
        }
    }

    private void noAuthResponse(ServletResponse servletResponse) throws IOException {
        ((HttpServletResponse) servletResponse).setStatus(401);
    }
}
