package com.supwisdom.eams.security.superdog.shiro;

import com.supwisdom.eams.infras.http.RequestUtils;
import com.supwisdom.eams.infras.springmvc.RequestContextHelper;
import com.supwisdom.eams.security.helper.PrincipalHelper;
import com.supwisdom.eams.security.superdog.RequestAttributeNames;
import com.supwisdom.eams.security.superdog.SuperDogLoginSession;
import com.supwisdom.eams.security.superdog.cache.SuperDogSecurityCache;
import com.supwisdom.eams.security.superdog.exception.SuperDogNotPluginException;
import com.supwisdom.eams.security.superdog.exception.SuperDogUnauthorizedException;
import java.lang.annotation.Annotation;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.aop.PermissionAnnotationHandler;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:com/supwisdom/eams/security/superdog/shiro/SuperDogPermissionAnnotationHandler.class */
public class SuperDogPermissionAnnotationHandler extends PermissionAnnotationHandler {
    protected SuperDogSecurityCache superDogUserCache;

    public void assertAuthorized(Annotation annotation) throws AuthorizationException {
        super.assertAuthorized(annotation);
        HttpServletRequest request = RequestContextHelper.getRequest();
        HttpSession session = request.getSession();
        Subject subject = getSubject();
        Long accountId = PrincipalHelper.getAccountId(subject);
        for (String str : getAnnotationValue(annotation)) {
            if (this.superDogUserCache.needSuperDog(str)) {
                if (!SuperDogLoginSession.isLogin(session)) {
                    if ("GET".equals(request.getMethod().toUpperCase())) {
                        request.setAttribute(RequestAttributeNames.ORIGIN_URI, RequestUtils.getUriTrimContextPath(request));
                    }
                    throw new SuperDogNotPluginException("User [" + PrincipalHelper.getLoginName(subject) + "] hasn't authenticated or not plug-in super dog");
                }
                if (!this.superDogUserCache.isGranted(accountId, str)) {
                    throw new SuperDogUnauthorizedException("Subject does not have permission [" + str + "]");
                }
            }
        }
    }

    public void setSuperDogUserCache(SuperDogSecurityCache superDogSecurityCache) {
        this.superDogUserCache = superDogSecurityCache;
    }
}
