package com.appleframework.rest.security;

import com.appleframework.rest.RestContext;
import com.appleframework.rest.RestRequestContext;
import com.appleframework.rest.ServiceMethodHandler;
import com.appleframework.rest.annotation.HttpAction;
import com.appleframework.rest.config.SystemParameterNames;
import com.appleframework.rest.impl.SimpleRestRequestContext;
import com.appleframework.rest.request.UploadFileUtils;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.validation.FieldError;
import org.springframework.validation.ObjectError;

/* loaded from: input_file:com/appleframework/rest/security/DefaultSecurityManager.class */
public class DefaultSecurityManager implements SecurityManager {
    protected Logger logger = LoggerFactory.getLogger(getClass());
    protected FileUploadController fileUploadController;
    private static final Map<String, SubErrorType> INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS = new LinkedHashMap();

    @Override // com.appleframework.rest.security.SecurityManager
    public MainError validateSystemParameters(RestRequestContext restRequestContext) {
        RestContext restContext = restRequestContext.getRestContext();
        if (restRequestContext.getMethod() == null) {
            return MainErrors.getError(MainErrorType.MISSING_METHOD, SystemParameterNames.getMethod());
        }
        if (!restContext.isValidMethod(restRequestContext.getMethod())) {
            return MainErrors.getError(MainErrorType.INVALID_METHOD, restRequestContext.getMethod());
        }
        MainError validateHttpAction = validateHttpAction(restRequestContext);
        if (validateHttpAction != null) {
            return validateHttpAction;
        }
        return null;
    }

    @Override // com.appleframework.rest.security.SecurityManager
    public MainError validateOther(RestRequestContext restRequestContext) {
        MainError checkUploadFile = checkUploadFile(restRequestContext);
        if (checkUploadFile != null) {
            return checkUploadFile;
        }
        MainError validateBusinessParams = validateBusinessParams(restRequestContext);
        if (validateBusinessParams != null) {
            return validateBusinessParams;
        }
        return null;
    }

    private MainError checkUploadFile(RestRequestContext restRequestContext) {
        ServiceMethodHandler serviceMethodHandler = restRequestContext.getServiceMethodHandler();
        if (serviceMethodHandler == null || !serviceMethodHandler.hasUploadFiles()) {
            return null;
        }
        Iterator<String> it = serviceMethodHandler.getUploadFileFieldNames().iterator();
        while (it.hasNext()) {
            String paramValue = restRequestContext.getParamValue(it.next());
            if (paramValue != null) {
                if (paramValue.indexOf("@") < 0) {
                    return MainErrors.getError(MainErrorType.UPLOAD_FAIL, restRequestContext.getMethod(), "MESSAGE_VALID:not contain '@'.");
                }
                if (!this.fileUploadController.isAllowFileType(UploadFileUtils.getFileType(paramValue))) {
                    return MainErrors.getError(MainErrorType.UPLOAD_FAIL, restRequestContext.getMethod(), "FILE_TYPE_NOT_ALLOW:the valid file types is:" + this.fileUploadController.getAllowFileTypes());
                }
                if (this.fileUploadController.isExceedMaxSize(UploadFileUtils.decode(paramValue).length)) {
                    return MainErrors.getError(MainErrorType.UPLOAD_FAIL, restRequestContext.getMethod(), "EXCEED_MAX_SIZE:" + this.fileUploadController.getMaxSize() + "k");
                }
            }
        }
        return null;
    }

    @Override // com.appleframework.rest.security.SecurityManager
    public void setFileUploadController(FileUploadController fileUploadController) {
        this.fileUploadController = fileUploadController;
    }

    private MainError validateHttpAction(RestRequestContext restRequestContext) {
        MainError mainError = null;
        HttpAction[] httpAction = restRequestContext.getServiceMethodDefinition().getHttpAction();
        if (httpAction.length > 0) {
            boolean z = false;
            int length = httpAction.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (httpAction[i] == restRequestContext.getHttpAction()) {
                    z = true;
                    break;
                }
                i++;
            }
            if (!z) {
                mainError = MainErrors.getError(MainErrorType.HTTP_ACTION_NOT_ALLOWED, restRequestContext.getMethod(), restRequestContext.getHttpAction());
            }
        }
        return mainError;
    }

    private MainError validateBusinessParams(RestRequestContext restRequestContext) {
        List<ObjectError> list = (List) restRequestContext.getAttribute(SimpleRestRequestContext.SPRING_VALIDATE_ERROR_ATTRNAME);
        if (list == null || list.size() <= 0) {
            return null;
        }
        return toMainErrorOfSpringValidateErrors(list, restRequestContext);
    }

    private MainError toMainErrorOfSpringValidateErrors(List<ObjectError> list, RestRequestContext restRequestContext) {
        return hastSubErrorType(list, SubErrorType.ISV_MISSING_PARAMETER) ? getBusinessParameterMainError(list, SubErrorType.ISV_MISSING_PARAMETER, restRequestContext) : hastSubErrorType(list, SubErrorType.ISV_PARAMETERS_MISMATCH) ? getBusinessParameterMainError(list, SubErrorType.ISV_PARAMETERS_MISMATCH, restRequestContext) : getBusinessParameterMainError(list, SubErrorType.ISV_INVALID_PARAMETE, restRequestContext);
    }

    private boolean hastSubErrorType(List<ObjectError> list, SubErrorType subErrorType) {
        Iterator<ObjectError> it = list.iterator();
        while (it.hasNext()) {
            FieldError fieldError = (ObjectError) it.next();
            if (fieldError instanceof FieldError) {
                FieldError fieldError2 = fieldError;
                if (INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.containsKey(fieldError2.getCode()) && INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.get(fieldError2.getCode()) == subErrorType) {
                    return true;
                }
            }
        }
        return false;
    }

    private MainError getBusinessParameterMainError(List<ObjectError> list, SubErrorType subErrorType, RestRequestContext restRequestContext) {
        return SubErrors.getMainError(subErrorType, restRequestContext.getMethod());
    }

    static {
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("typeMismatch", SubErrorType.ISV_PARAMETERS_MISMATCH);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("NotNull", SubErrorType.ISV_MISSING_PARAMETER);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("NotEmpty", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Size", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Range", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Pattern", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Min", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Max", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("DecimalMin", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("DecimalMax", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Digits", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Past", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("Future", SubErrorType.ISV_INVALID_PARAMETE);
        INVALIDE_CONSTRAINT_SUBERROR_MAPPINGS.put("AssertFalse", SubErrorType.ISV_INVALID_PARAMETE);
    }
}
