package com.seeyon.ctp.privilege.service;

import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.authenticate.domain.User;
import com.seeyon.ctp.common.exceptions.BusinessException;
import com.seeyon.ctp.common.i18n.ResourceUtil;
import com.seeyon.ctp.organization.OrgConstants;
import com.seeyon.ctp.organization.manager.OrgManager;
import com.seeyon.ctp.services.security.CtpSecurityService;
import java.util.Set;
import org.apache.commons.collections.CollectionUtils;

/* loaded from: input_file:com/seeyon/ctp/privilege/service/CtpSecurityServiceImpl.class */
public class CtpSecurityServiceImpl implements CtpSecurityService {
    private OrgManager orgManager;

    public void validateRole(User user, String str, Set<String> set) throws BusinessException {
        checkRoleAccess(str, user, set);
    }

    private void checkRoleAccess(String str, User user, Set<String> set) throws BusinessException {
        if (CollectionUtils.isEmpty(set) || set.contains(OrgConstants.Role_NAME.NULL.toString())) {
            return;
        }
        Set<String> memberRolesForSet = this.orgManager.getMemberRolesForSet(user.getId(), user.getLoginAccount());
        if (memberRolesForSet.contains(OrgConstants.Role_NAME.AccountAdministrator.name())) {
            String systemProperty = AppContext.getSystemProperty("system.ProductId");
            if (("0".equals(systemProperty) || "7".equals(systemProperty) || "8".equals(systemProperty)) && (set.contains(OrgConstants.Role_NAME.AccountAdministrator.name()) || set.contains(OrgConstants.Role_NAME.GroupAdmin.name()) || set.contains(OrgConstants.Role_NAME.SystemAdmin.name()))) {
                return;
            }
        }
        if (CollectionUtils.isEmpty(CollectionUtils.intersection(set, memberRolesForSet))) {
            StringBuilder sb = new StringBuilder(ResourceUtil.getStringByParams("loginUserState.wuquanfangwen", new Object[0]));
            sb.append("<div style=\"display:none\">").append(str).append("</div>");
            BusinessException businessException = new BusinessException(sb.toString());
            businessException.setCode("invalid_resource_code");
            businessException.setFullPage(true);
            throw businessException;
        }
    }

    public OrgManager getOrgManager() {
        return this.orgManager;
    }

    public void setOrgManager(OrgManager orgManager) {
        this.orgManager = orgManager;
    }
}
