package com.jte.cloud.platform.common.sql.filter.sql;

import com.alibaba.druid.sql.SQLUtils;
import com.alibaba.druid.sql.ast.SQLStatement;
import com.alibaba.druid.sql.dialect.mysql.visitor.MySqlSchemaStatVisitor;
import com.alibaba.druid.stat.TableStat;
import com.jte.cloud.platform.common.sql.GroupCodeHolder;
import com.jte.cloud.platform.common.sql.MyBatisSqlHelper;
import com.jte.cloud.platform.common.sql.SqlConfigProperties;
import com.jte.cloud.platform.common.sql.SqlKeyWords;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:com/jte/cloud/platform/common/sql/filter/sql/GroupCodeFilter.class */
public class GroupCodeFilter implements BadSqlFilter {
    private static final Logger log = LoggerFactory.getLogger(GroupCodeFilter.class);
    private Set<String> noNeedGroupCodeTableNameSet;
    private final String compareColumnName = "group_code";
    private boolean isEnableExistsCheck;
    private boolean isEnableValidCheck;
    private String dbType;

    public GroupCodeFilter(SqlConfigProperties sqlConfigProperties, String str) {
        this.noNeedGroupCodeTableNameSet = new HashSet();
        this.isEnableExistsCheck = false;
        this.isEnableValidCheck = false;
        this.isEnableExistsCheck = "open".equals(sqlConfigProperties.getForceGroupCode());
        this.isEnableValidCheck = "open".equals(sqlConfigProperties.getIsCheckGroupCodeValid());
        if (StringUtils.isNotBlank(sqlConfigProperties.getNoNeedGroupCodeTables())) {
            this.noNeedGroupCodeTableNameSet = (Set) Arrays.asList(sqlConfigProperties.getNoNeedGroupCodeTables().split(",")).stream().map(str2 -> {
                return str2.trim();
            }).collect(Collectors.toSet());
        }
        this.dbType = str;
    }

    @Override // com.jte.cloud.platform.common.sql.filter.sql.BadSqlFilter
    public void doFilter(String str) throws Throwable {
        if (this.isEnableExistsCheck) {
            if ("clickhouse".equalsIgnoreCase(this.dbType)) {
                Stream<String> stream = this.noNeedGroupCodeTableNameSet.stream();
                str.getClass();
                if (Boolean.valueOf(stream.anyMatch((v1) -> {
                    return r1.contains(v1);
                })).booleanValue()) {
                    return;
                }
                if (!str.contains("group_code")) {
                    log.error("!!!!!FORBIDDEN TO EXECUTE!!!!! sql is invalid，there is no found GROUP_CODE in sql params. it's involve SQL: {}", str);
                    throw new IllegalArgumentException(String.format("!!!!!FORBIDDEN TO EXECUTE!!!!!.sql is invalid，there is no found GROUP_CODE in sql params. it's involve in SQL: %s", str));
                }
                if (!this.isEnableValidCheck || str.toUpperCase().startsWith(SqlKeyWords.INSERT)) {
                    return;
                }
                String str2 = GroupCodeHolder.get();
                if (StringUtils.isNotBlank(str2) && str.contains(str2)) {
                    log.error("!!!!!FORBIDDEN TO EXECUTE!!!!!  the GROUP_CODE()  sql is not match to current request GROUP_CODE({})，SQL:{} ", str2, str);
                    throw new IllegalArgumentException(String.format("!!!!!FORBIDDEN TO EXECUTE!!!!!  the GROUP_CODE() in sql is not match to current request GROUP_CODE(%s)，SQL:%s ", str2, str));
                }
                return;
            }
            List parseStatements = SQLUtils.parseStatements(str, "mysql");
            for (int i = 0; i < parseStatements.size(); i++) {
                SQLStatement sQLStatement = (SQLStatement) parseStatements.get(i);
                MySqlSchemaStatVisitor mySqlSchemaStatVisitor = new MySqlSchemaStatVisitor();
                sQLStatement.accept(mySqlSchemaStatVisitor);
                Iterator it = mySqlSchemaStatVisitor.getTables().keySet().iterator();
                while (it.hasNext()) {
                    String pureValue = MyBatisSqlHelper.getPureValue(((TableStat.Name) it.next()).getName());
                    AntPathMatcher antPathMatcher = new AntPathMatcher();
                    if (!this.noNeedGroupCodeTableNameSet.stream().anyMatch(str3 -> {
                        return antPathMatcher.match(str3, pureValue);
                    })) {
                        if (!str.toUpperCase().startsWith(SqlKeyWords.INSERT)) {
                            TableStat.Condition condition = (TableStat.Condition) mySqlSchemaStatVisitor.getConditions().stream().filter(condition2 -> {
                                return MyBatisSqlHelper.getPureValue(condition2.getColumn().getTable()).equalsIgnoreCase(pureValue);
                            }).filter(condition3 -> {
                                return MyBatisSqlHelper.getPureValue(condition3.getColumn().getName()).equalsIgnoreCase("group_code");
                            }).findFirst().orElse(null);
                            if (Objects.isNull(condition)) {
                                log.error("!!!!!FORBIDDEN TO EXECUTE!!!!! sql is invalid，there is no found GROUP_CODE in sql params . it's involve in table {}，SQL: {}", pureValue, str);
                                throw new IllegalArgumentException(String.format("!!!!!FORBIDDEN TO EXECUTE!!!!!.sql is invalid，there is no found GROUP_CODE in sql params. it's involve in table %s ，SQL: %s", pureValue, str));
                            }
                            if (Objects.nonNull(condition) && this.isEnableValidCheck) {
                                String str4 = GroupCodeHolder.get();
                                List values = condition.getValues();
                                if (StringUtils.isNotBlank(str4) && Objects.nonNull(values) && !values.isEmpty()) {
                                    String str5 = (String) values.stream().filter(obj -> {
                                        return !str4.equalsIgnoreCase((String) obj);
                                    }).findAny().orElse(null);
                                    if (Objects.nonNull(str5)) {
                                        log.error("!!!!!FORBIDDEN TO EXECUTE!!!!!  the GROUP_CODE({}) in sql is not match to current request GROUP_CODE({})，SQL:{} ", new Object[]{str4, str5, str});
                                        throw new IllegalArgumentException(String.format("!!!!!FORBIDDEN TO EXECUTE!!!!!  the GROUP_CODE(%s) in sql is not match to current request GROUP_CODE(%s)，SQL:%s ", str4, str5, str));
                                    }
                                }
                            }
                        } else if (Objects.isNull((TableStat.Column) mySqlSchemaStatVisitor.getColumns().stream().filter(column -> {
                            return MyBatisSqlHelper.getPureValue(column.getTable()).equalsIgnoreCase(pureValue);
                        }).filter(column2 -> {
                            return "group_code".equalsIgnoreCase(MyBatisSqlHelper.getPureValue(column2.getName()));
                        }).findFirst().orElse(null))) {
                            log.error("!!!!!FORBIDDEN TO EXECUTE!!!!! sql is invalid，there is no found GROUP_CODE in sql params. it's involve in table {}，SQL: {}", pureValue, str);
                            throw new IllegalArgumentException(String.format("!!!!!FORBIDDEN TO EXECUTE!!!!!.sql is invalid，there is no found GROUP_CODE in sql params. it's involve in table %s ，SQL: %s", pureValue, str));
                        }
                    }
                }
            }
        }
    }
}
