package com.baijia.cas.client.ac;

import com.baijia.cas.client.ac.annotation.AccessControledClass;
import com.baijia.cas.client.ac.annotation.AccessControledMethod;
import com.baijia.cas.client.api.error.CasException;
import com.baijia.cas.client.web.Response;
import java.lang.reflect.Method;
import org.aspectj.lang.ProceedingJoinPoint;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/baijia/cas/client/ac/AccessControlAnnotationedAspect.class */
public class AccessControlAnnotationedAspect {
    private static final Logger logger = LoggerFactory.getLogger(AccessControlAnnotationedAspect.class);
    private static final AccessControl accessControl = AccessControlImpl.getInstance();
    protected boolean isControllerAspect = true;

    public void setControllerAspect(boolean z) {
        this.isControllerAspect = z;
    }

    public Object doAround(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        try {
            Object target = proceedingJoinPoint.getTarget();
            if (target.getClass().isAnnotationPresent(AccessControledClass.class)) {
                AccessControledClass accessControledClass = (AccessControledClass) target.getClass().getAnnotation(AccessControledClass.class);
                authRole(accessControledClass.roles());
                authPermission(accessControledClass.permissions());
            }
            Method method = proceedingJoinPoint.getSignature().getMethod();
            if (method.isAnnotationPresent(AccessControledMethod.class)) {
                AccessControledMethod accessControledMethod = (AccessControledMethod) method.getAnnotation(AccessControledMethod.class);
                authRole(accessControledMethod.roles());
                authPermission(accessControledMethod.permissions());
            }
            return proceedingJoinPoint.proceed();
        } catch (CasException e) {
            if (this.isControllerAspect) {
                return buildNoAuthResponse();
            }
            throw e;
        }
    }

    private void authRole(String[] strArr) throws CasException {
        if (!accessControl.hasRole(strArr)) {
            throw new CasException("您没有权限进行此操作！");
        }
    }

    private void authPermission(String[] strArr) throws CasException {
        if (!accessControl.hasPermission(strArr)) {
            throw new CasException("您没有权限进行此操作！");
        }
    }

    protected Object buildNoAuthResponse() {
        Response response = new Response();
        response.setStatus(Response.STATUS_NOAUTH);
        return response;
    }
}
