package com.beiming.odr.mastiff.interceptor;

import com.beiming.framework.enums.APIResultCodeEnums;
import com.beiming.framework.security.JWTContextUtil;
import com.beiming.framework.util.AssertUtils;
import com.beiming.odr.referee.enums.UserRoleEnum;
import java.util.HashSet;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.MediaType;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:WEB-INF/classes/com/beiming/odr/mastiff/interceptor/AuthorityInterceptor.class */
public class AuthorityInterceptor extends HandlerInterceptorAdapter {
    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        Access access;
        httpServletResponse.setStatus(200);
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        if (!(obj instanceof HandlerMethod) || (access = (Access) ((HandlerMethod) obj).getMethod().getAnnotation(Access.class)) == null) {
            return true;
        }
        checkRoles(access);
        return true;
    }

    private void checkRoles(Access access) {
        if (access.authorities().length > 0) {
            UserRoleEnum[] authorities = access.authorities();
            HashSet hashSet = new HashSet();
            for (UserRoleEnum userRoleEnum : authorities) {
                hashSet.add(userRoleEnum.name());
            }
            boolean z = false;
            Iterator<String> it = JWTContextUtil.getRoles().iterator();
            while (true) {
                if (it.hasNext()) {
                    if (hashSet.contains(it.next())) {
                        z = true;
                        break;
                    }
                } else {
                    break;
                }
            }
            AssertUtils.assertTrue(z, APIResultCodeEnums.ACCESS_DENIED, APIResultCodeEnums.ACCESS_DENIED.desc());
        }
    }
}
