package kd.bos.fileservice.permission;

import java.util.Iterator;
import java.util.List;
import kd.bos.exception.BosErrorCode;
import kd.bos.exception.KDException;
import kd.bos.fileservice.FileService;
import kd.bos.fileservice.utils.FilePathCheckUtil;
import kd.bos.fileservice.utils.TAUtil;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.util.StringUtils;
import kd.bos.util.resource.Resources;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:kd/bos/fileservice/permission/FilePermissionManager.class */
public class FilePermissionManager {
    private static final String FILESERVER_CHECK_ENABLE = "permission.check.fileserver.enable";
    private static final String FILESERVER_CHECK_IS_PUBLIC = "permission.check.isPublic";
    public static final String TRUE_STR = "true";
    public static final String PATH_PREFIX = "/";
    private static final Log logger = LogFactory.getLog(FilePermissionManager.class);
    public static final String BOS_FILESERVICE_SDK = "bos-fileservice-sdk";

    public static String checkDownloadPath(String str, FileService fileService) {
        try {
            if (!isPublic()) {
                return str;
            }
            String formatPath = formatPath(str);
            String tenantId = TAUtil.getTenantId();
            String accountId = TAUtil.getAccountId();
            String currentTAPrefix = getCurrentTAPrefix(tenantId, accountId);
            if (!isStartWithTAPrefix(formatPath)) {
                formatPath = buildPathWithCurrentTAPrefix(formatPath, tenantId, accountId);
                if (!fileService._existsNopm(formatPath)) {
                    formatPath = str;
                    if (isEnable() && fileService._existsNopm(formatPath)) {
                        IllegalPathStorageFactory.getIllegalPathStorage().write(formatPath(str), tenantId, accountId);
                    }
                }
            } else if (!formatPath.startsWith(currentTAPrefix)) {
                throw new KDException(BosErrorCode.fileserviceException, new Object[]{Resources.getString("禁止跨数据中心访问文件服务器！path=%1$s CurrentTA=%2$s", "FilePermissionManager_1", "bos-fileservice-sdk", new Object[]{str, currentTAPrefix})});
            }
            return formatPath;
        } catch (Throwable th) {
            if (!isEnable()) {
                return str;
            }
            if (th instanceof KDException) {
                throw th;
            }
            throw new KDException(BosErrorCode.fileserviceException, new Object[]{th});
        }
    }

    public static String checkUploadPath(String str) {
        fileUploadPathGovern(str);
        if (!isEnable() || !isPublic()) {
            return str;
        }
        String formatPath = formatPath(str);
        String tenantId = TAUtil.getTenantId();
        String accountId = TAUtil.getAccountId();
        String currentTAPrefix = getCurrentTAPrefix(tenantId, accountId);
        if (!isStartWithTAPrefix(formatPath)) {
            formatPath = buildPathWithCurrentTAPrefix(formatPath, tenantId, accountId);
        } else if (!formatPath.startsWith(currentTAPrefix)) {
            throw new KDException(BosErrorCode.fileserviceException, new Object[]{Resources.getString("禁止跨数据中心访问文件服务器！path=%1$s CurrentTA=%2$s", "FilePermissionManager_1", "bos-fileservice-sdk", new Object[]{str, currentTAPrefix})});
        }
        return formatPath;
    }

    private static String getCurrentTAPrefix(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            throw new KDException(BosErrorCode.fileserviceException, new Object[]{Resources.getString("当前线程中无RequestContext信息，禁止访问文件服务器！", "FilePermissionManager_2", "bos-fileservice-sdk", new Object[0])});
        }
        return "/" + str + "/" + str2;
    }

    private static boolean isStartWithTAPrefix(String str) {
        List<String> allTAPrefixList = TAUtil.getAllTAPrefixList("/");
        if (allTAPrefixList.isEmpty()) {
            throw new KDException(BosErrorCode.fileserviceException, new Object[]{Resources.getString("无法获取当前环境数据中心信息！", "FilePermissionManager_3", "bos-fileservice-sdk", new Object[0])});
        }
        Iterator<String> it = allTAPrefixList.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    @NotNull
    private static String buildPathWithCurrentTAPrefix(String str, String str2, String str3) {
        String str4 = "/" + str3;
        String str5 = "/" + str2;
        if (!str.startsWith(str4)) {
            str = str4 + str;
        }
        if (!str.startsWith(str5)) {
            str = str5 + str;
        }
        return str;
    }

    private static void fileUploadPathGovern(String str) {
        try {
            if (FilePathCheckUtil.check(str).isLegal()) {
                return;
            }
            throw new KDException(BosErrorCode.fileserviceException, new Object[]{Resources.getString("文件上传路径非法：path=%1$s, 合法文件路径规则：'/租户ID/账套ID/日期'作为前缀, 非法原因：%2$s", "FilePermissionManager_4", "bos-fileservice-sdk", new Object[0])});
        } catch (Throwable th) {
            logger.error(th);
            if (FilePathCheckUtil.isEnable()) {
                if (!(th instanceof KDException)) {
                    throw new KDException(BosErrorCode.fileserviceException, new Object[]{th});
                }
                throw th;
            }
        }
    }

    private static boolean isEnable() {
        return "true".equals(getProperty(FILESERVER_CHECK_ENABLE));
    }

    private static boolean isPublic() {
        return "true".equals(getProperty(FILESERVER_CHECK_IS_PUBLIC));
    }

    @NotNull
    private static String formatPath(String str) {
        if (str.startsWith("//")) {
            str = str.substring(1);
        }
        if (!str.startsWith("/")) {
            str = "/" + str;
        }
        return str;
    }

    private static String getProperty(String str) {
        String property = System.getProperty(TAUtil.getTenantId() + "_" + str);
        if (StringUtils.isEmpty(property)) {
            property = System.getProperty(str);
        }
        return property;
    }
}
