package com.sankuai.sjst.rms.ls.permission.filter;

import com.sankuai.sjst.local.server.utils.BeanUtils;
import com.sankuai.sjst.local.sever.http.filter.LocalServerFilter;
import com.sankuai.sjst.local.sever.http.helper.RequestHelper;
import com.sankuai.sjst.rms.ls.common.context.MasterPosContext;
import com.sankuai.sjst.rms.ls.common.context.RequestContext;
import com.sankuai.sjst.rms.ls.common.exception.RmsException;
import com.sankuai.sjst.rms.ls.common.msg.constants.ExceptionCode;
import com.sankuai.sjst.rms.ls.permission.service.PermissionServiceImpl;
import dagger.a;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.b;
import lombok.Generated;
import org.slf4j.c;
import org.slf4j.d;

/* loaded from: classes5.dex */
public class PermissionFilter extends LocalServerFilter {

    @Generated
    private static final c log = d.a((Class<?>) PermissionFilter.class);
    a<PermissionServiceImpl> permissionService = BeanUtils.getLazyBean(PermissionServiceImpl.class);

    @Override // com.sankuai.sjst.local.sever.http.filter.LocalServerFilter
    public void filter(b bVar, javax.servlet.http.d dVar, javax.servlet.b bVar2) throws IOException, ServletException {
        String mappingUri = RequestHelper.getMappingUri(bVar);
        if (mappingUri == null || mappingUri.length() == 0) {
            log.error("url.not.mapping {}:{}", bVar.getRequestURI(), bVar.getMethod());
            throw new RmsException(ExceptionCode.UNAUTHORIZED_ACCESS);
        }
        if (this.permissionService.get().authResource(RequestContext.getAccountId(), mappingUri, bVar.getMethod(), RequestContext.getDeviceId()) || this.permissionService.get().authResource(RequestContext.getAccountId(), bVar.getRequestURI(), bVar.getMethod(), RequestContext.getDeviceId())) {
            bVar2.a(bVar, dVar);
        } else {
            log.warn("permission auth fail; accountId={}, poiId={}, merchantNo={}, url={}, method={}", RequestContext.getAccountId(), RequestContext.getPoiId(), MasterPosContext.getMerchantNo(), mappingUri, bVar.getMethod());
            throw new RmsException(ExceptionCode.UNAUTHORIZED_ACCESS);
        }
    }
}
