package com.bstek.urule.console;

import com.bstek.urule.console.database.manager.file.DirectoryManager;
import com.bstek.urule.console.database.manager.file.FileManager;
import com.bstek.urule.console.database.model.RuleFile;
import com.bstek.urule.console.database.util.JdbcUtils;
import com.bstek.urule.console.security.AuthenticationManager;
import com.bstek.urule.console.security.SecurityUtils;
import com.bstek.urule.console.security.URuleAuthAnonymous;
import com.bstek.urule.console.security.URuleAuthorization;
import com.bstek.urule.console.security.entity.User;
import com.bstek.urule.console.type.RoleCategory;
import com.bstek.urule.console.type.RuleFileType;
import com.bstek.urule.console.util.StringUtils;
import com.bstek.urule.exception.RuleException;
import com.bstek.urule.runtime.DynamicSpringConfigLoaderImpl;
import java.lang.reflect.Method;
import java.sql.Connection;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/bstek/urule/console/ApiServletHandler.class */
public abstract class ApiServletHandler extends BaseServletHandler {
    protected static final String a = "/api";

    @Override // com.bstek.urule.console.ServletHandler
    public final void execute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        b(httpServletRequest);
        String substring = httpServletRequest.getRequestURI().substring((httpServletRequest.getContextPath() + Constants.URULE_URL).length());
        a(substring.substring(substring.lastIndexOf("/") + 1, substring.length()), httpServletRequest, httpServletResponse);
    }

    public void info(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        StringBuilder sb = new StringBuilder();
        if (StringUtils.isNotBlank(DynamicSpringConfigLoaderImpl.getAuthInfo())) {
            sb.append("Authorized to " + DynamicSpringConfigLoaderImpl.getAuthInfo() + "（授权给【" + DynamicSpringConfigLoaderImpl.getAuthInfo() + "】使用）");
        } else {
            sb.append("You are using a trial version,please purchase the commercial license.（当前为试用版，请购买商业授权）");
        }
        a(httpServletResponse, sb.toString());
    }

    protected void a(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Method method = getClass().getMethod(str, HttpServletRequest.class, HttpServletResponse.class);
        if (((URuleAuthAnonymous) method.getAnnotation(URuleAuthAnonymous.class)) != null) {
            a(method, httpServletRequest, httpServletResponse);
            return;
        }
        if (SecurityUtils.getLoginUser(httpServletRequest) == null) {
            throw new InfoException("请先登录<br/>Please Login first! ");
        }
        User loginUser = SecurityUtils.getLoginUser(httpServletRequest);
        URuleAuthorization uRuleAuthorization = (URuleAuthorization) method.getAnnotation(URuleAuthorization.class);
        if (uRuleAuthorization == null) {
            a(method, httpServletRequest, httpServletResponse);
        } else {
            if (!a(httpServletRequest, httpServletResponse, method, loginUser, uRuleAuthorization)) {
                throw new PermissionDeniedException();
            }
            a(method, httpServletRequest, httpServletResponse);
        }
    }

    private boolean a(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Method method, User user, URuleAuthorization uRuleAuthorization) {
        RuleFile ruleFile;
        String type;
        boolean decide;
        if (uRuleAuthorization.ruleFile() || uRuleAuthorization.ruleDir()) {
            String parameter = httpServletRequest.getParameter("id");
            if ("add".equals(uRuleAuthorization.code().toLowerCase())) {
                type = httpServletRequest.getParameter("type");
            } else {
                if (uRuleAuthorization.ruleFile()) {
                    ruleFile = FileManager.ins.get(Long.parseLong(parameter));
                    ContextHolder.setProjectId(Long.valueOf(ruleFile.getProjectId()));
                } else {
                    ruleFile = DirectoryManager.ins.get(Long.parseLong(parameter));
                    if (ruleFile != null) {
                        ContextHolder.setProjectId(Long.valueOf(ruleFile.getProjectId()));
                    }
                }
                if (ruleFile == null) {
                    throw new RuleException("URule File Object " + parameter + " not exist.");
                }
                type = ruleFile.getType();
            }
            decide = AuthenticationManager.decide(user, RoleCategory.project, RuleFileType.getRuleFileType(type).getModel(), uRuleAuthorization.code());
        } else {
            decide = AuthenticationManager.decide(user, RoleCategory.valueOf(uRuleAuthorization.authType()), uRuleAuthorization.model(), uRuleAuthorization.code());
        }
        return decide;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(TransactionalInvoke transactionalInvoke) throws Exception {
        Connection connection = JdbcUtils.getConnection();
        try {
            try {
                connection.setAutoCommit(false);
                transactionalInvoke.doTransactional();
                connection.commit();
                connection.setAutoCommit(true);
                JdbcUtils.closeConnection(connection);
            } catch (Exception e) {
                connection.rollback();
                throw e;
            }
        } catch (Throwable th) {
            connection.setAutoCommit(true);
            JdbcUtils.closeConnection(connection);
            throw th;
        }
    }

    private void a(Method method, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (((Transactional) method.getAnnotation(Transactional.class)) == null) {
            method.invoke(this, httpServletRequest, httpServletResponse);
            return;
        }
        Connection connection = JdbcUtils.getConnection();
        try {
            try {
                connection.setAutoCommit(false);
                method.invoke(this, httpServletRequest, httpServletResponse);
                connection.commit();
                connection.setAutoCommit(true);
                JdbcUtils.closeConnection(connection);
            } catch (Exception e) {
                connection.rollback();
                throw e;
            }
        } catch (Throwable th) {
            connection.setAutoCommit(true);
            JdbcUtils.closeConnection(connection);
            throw th;
        }
    }
}
