package com.huawei.bigdata.om.web.security.iam;

import com.galaxmanager.iam.itfc.model.AuthorizeResultBean;
import com.galaxmanager.iam.itfc.model.DomainBean;
import com.galaxmanager.iam.itfc.model.PrivilegeBean;
import com.galaxmanager.iam.itfc.model.Result;
import com.galaxmanager.iam.itfc.model.SecurityPolicyBean;
import com.galaxmanager.iam.itfc.model.SimpleRoleBean;
import com.galaxmanager.iam.itfc.model.UserBean;
import com.galaxmanager.iam.itfc.model.UserLoginRequestBean;
import com.galaxmanager.iam.itfc.model.request.AddRoleRequest;
import com.galaxmanager.iam.itfc.model.request.AddUserRequest;
import com.galaxmanager.iam.itfc.model.request.IamOpLogRequest;
import com.galaxmanager.iam.itfc.model.request.IamRoleRequest;
import com.galaxmanager.iam.itfc.model.request.ListRoleRequest;
import com.galaxmanager.iam.itfc.model.request.ListUserRequest;
import com.galaxmanager.iam.itfc.model.request.ModifyRoleRequest;
import com.galaxmanager.iam.itfc.model.request.ModifyUserRequest;
import com.galaxmanager.iam.itfc.model.request.PasswordRequest;
import com.galaxmanager.iam.itfc.model.request.SelfModifyRequest;
import com.galaxmanager.iam.itfc.model.response.AuthorizeResponse;
import com.galaxmanager.iam.itfc.model.response.GetPrivilegeResponse;
import com.galaxmanager.iam.itfc.model.response.IamRoleResponse;
import com.galaxmanager.iam.itfc.model.response.ListRoleResponse;
import com.galaxmanager.iam.itfc.model.response.ListUserResponse;
import com.galaxmanager.iam.itfc.model.response.LoginResponse;
import com.galaxmanager.iam.itfc.model.response.OpLogRecordResponse;
import com.galaxmanager.iam.itfc.model.response.SecurityPolicyResponse;
import com.galaxmanager.iam.itfc.service.authorize.IUserAuthorize;
import com.galaxmanager.iam.itfc.service.oplog.IOpLog;
import com.galaxmanager.iam.itfc.service.rolemanagement.IRoleManagement;
import com.galaxmanager.iam.itfc.service.safetypolicy.ISafetyPolicy;
import com.galaxmanager.iam.itfc.service.sso.ISso;
import com.galaxmanager.iam.itfc.service.usermanagement.IUserManagement;
import com.huawei.bigdata.om.controller.api.common.conf.lan.LanguageRepository;
import com.huawei.bigdata.om.web.model.security.SecurityConstants;
import com.huawei.bigdata.om.web.security.RpcService;
import com.huawei.bigdata.om.web.security.iam.constant.IAMConstant;
import com.huawei.bigdata.om.web.security.iam.constant.IAMException;
import com.huawei.bigdata.om.web.security.iam.util.IAMUserDetails;
import com.huawei.bigdata.om.web.security.iam.util.IAMUtil;
import com.huawei.bigdata.om.web.util.WebUtils;
import java.text.Normalizer;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.regex.PatternSyntaxException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/huawei/bigdata/om/web/security/iam/IAMService.class */
public class IAMService {
    public static final String DEFAULT_NAME = "--";
    private static final Logger LOGGER = LoggerFactory.getLogger(IAMService.class);
    private static final int ERROR_CODE = -1;
    private static final String USER_ULTRA_VIRES_ID = "660015";
    private static final String FAILED_RESULT = "1";
    private static final String OPLEVEL_MINOR = "2";

    private static String getNowDateTime() {
        return new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.SIMPLIFIED_CHINESE).format(Long.valueOf(System.currentTimeMillis()));
    }

    public LoginResponse login(String str, String str2) {
        if (str == null || str2 == null) {
            LOGGER.debug("Username or password is null.");
            return null;
        }
        LOGGER.debug("check user login. username={}", str);
        UserLoginRequestBean userLoginRequestBean = new UserLoginRequestBean();
        userLoginRequestBean.setUserName(str);
        userLoginRequestBean.setPassWord(str2);
        userLoginRequestBean.setDomainType("0");
        ISso iSso = (ISso) RpcService.lookup(ISso.class);
        if (iSso == null) {
            throw new IAMException("RpcService lookup for ISso service failed, return value is null. ");
        }
        return iSso.login(userLoginRequestBean);
    }

    public ListUserResponse viewUserByName(String str) {
        if (str == null) {
            return null;
        }
        LOGGER.debug("viewUserByName, userName={}", str);
        return constructDefaultUserResponse(str);
    }

    private ListUserResponse constructDefaultUserResponse(String str) {
        ListUserResponse listUserResponse = new ListUserResponse();
        listUserResponse.setIntResultCode(0);
        listUserResponse.setResultCode("0");
        listUserResponse.setResultDesc(SecurityConstants.OPREATION_RESULT_SUCCESS);
        listUserResponse.setTotal("1");
        ArrayList arrayList = new ArrayList();
        UserBean userBean = new UserBean();
        userBean.setAccountStatus("0");
        userBean.setCreateTime("");
        userBean.setDefaultUser("0");
        userBean.setDescription("user");
        DomainBean domainBean = new DomainBean();
        ArrayList arrayList2 = new ArrayList();
        DomainBean domainBean2 = new DomainBean();
        domainBean2.setDesc("default");
        domainBean2.setDomainId("domain/default");
        arrayList2.add(domainBean2);
        domainBean.setChild(arrayList2);
        domainBean.setDesc(IAMConstant.DOMAIN_ROOT_NAME);
        domainBean.setDomainId(IAMConstant.DOMAIN_ROOT_NAME);
        userBean.setDomainBean(domainBean);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add("domain/default");
        userBean.setDomainList(arrayList3);
        userBean.setEmail("");
        userBean.setIsCurrentLoginUser("1");
        userBean.setMgrDomain("domain/default");
        userBean.setOnLine("0");
        userBean.setPhoneNum("");
        ArrayList arrayList4 = new ArrayList();
        SimpleRoleBean simpleRoleBean = new SimpleRoleBean();
        simpleRoleBean.setAppId("1,2,3,4");
        simpleRoleBean.setIsDefaultRole("0");
        simpleRoleBean.setRoleDesc("");
        simpleRoleBean.setRoleID("1");
        simpleRoleBean.setRoleName("user");
        simpleRoleBean.setRoleType("0");
        arrayList4.add(simpleRoleBean);
        userBean.setRoleList(arrayList4);
        userBean.setUserDomainType("0");
        userBean.setUserId("1");
        userBean.setUserName(str);
        userBean.setUserType("0");
        arrayList.add(userBean);
        listUserResponse.setValue(arrayList);
        LOGGER.debug("listUserResponse returnCode is {}.", listUserResponse.getResultCode());
        return listUserResponse;
    }

    public ListUserResponse listUsers(IAMListUserRequest iAMListUserRequest) {
        if (iAMListUserRequest == null) {
            return null;
        }
        String queryUserName = iAMListUserRequest.getQueryUserName();
        int limit = iAMListUserRequest.getLimit();
        int offset = iAMListUserRequest.getOffset();
        LOGGER.debug("listUser, queryUserName={} ,limit={},offset={} ", new Object[]{queryUserName, Integer.valueOf(limit), Integer.valueOf(offset)});
        ListUserRequest listUserRequest = new ListUserRequest();
        listUserRequest.setUserName(queryUserName);
        listUserRequest.setUserType("0");
        listUserRequest.setDomainType("0");
        listUserRequest.setLimit(String.valueOf(limit));
        listUserRequest.setOffset(String.valueOf(offset));
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        return iUserManagement.listUser(IAMUtil.getCurrentLoginUserId(), listUserRequest);
    }

    public GetPrivilegeResponse getUserPrivilegeList(String str, String str2) {
        IUserAuthorize iUserAuthorize = (IUserAuthorize) RpcService.lookup(IUserAuthorize.class);
        if (str == null || str2 == null) {
            return null;
        }
        if (iUserAuthorize == null) {
            throw new IAMException("RpcService lookup for IUserAuthorize service failed, return value is null. ");
        }
        GetPrivilegeResponse userPrivilegeList = iUserAuthorize.getUserPrivilegeList(str, "3");
        Iterator it = userPrivilegeList.getValue().entrySet().iterator();
        while (it.hasNext()) {
            Iterator it2 = ((List) ((Map.Entry) it.next()).getValue()).iterator();
            while (it2.hasNext()) {
                recurseSetPrivilegeName((PrivilegeBean) it2.next(), str2);
            }
        }
        return userPrivilegeList;
    }

    private void recurseSetPrivilegeName(PrivilegeBean privilegeBean, String str) {
        if (null == privilegeBean) {
            return;
        }
        privilegeBean.setDesc(IAMUtil.convertPrivilegeIdToName(privilegeBean.getPrivilegeID(), str));
        if (null == privilegeBean.getChild()) {
            return;
        }
        Iterator it = privilegeBean.getChild().iterator();
        while (it.hasNext()) {
            recurseSetPrivilegeName((PrivilegeBean) it.next(), str);
        }
    }

    public Result modifyPassWord(String str, String str2, String str3) {
        if (str == null || str2 == null || str3 == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        String currentLoginUsername = IAMUtil.getCurrentLoginUsername();
        PasswordRequest passwordRequest = new PasswordRequest();
        passwordRequest.setUserName(currentLoginUsername);
        passwordRequest.setNewPassWord(str2);
        passwordRequest.setConfirmPassWord(str3);
        passwordRequest.setOldPassWord(str);
        passwordRequest.setDomainType("0");
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        return iUserManagement.modifyPassWord(currentLoginUserId, passwordRequest);
    }

    private Result checkDescriptionContainsSpecial(String str) {
        Result result = null;
        if (str != null) {
            boolean z = false;
            try {
                z = Normalizer.normalize(str, Normalizer.Form.NFKC).toLowerCase(Locale.US).matches(".*<[/]?script.*");
            } catch (PatternSyntaxException e) {
                LOGGER.error("matches error:", e);
            }
            if (z) {
                result = new Result();
                result.setIntResultCode(-1);
                result.setResultDesc("Description contains special characters such as '<script>','</script>'.");
            }
        }
        return result;
    }

    public Result addUser(AddUserRequest addUserRequest) {
        if (!WebUtils.checkEmail(addUserRequest.getEmail())) {
            Result result = new Result();
            result.setIntResultCode(-1);
            result.setResultDesc("The email formate is error.");
            return result;
        }
        if (!WebUtils.checkTelNumber(addUserRequest.getPhoneNum())) {
            Result result2 = new Result();
            result2.setIntResultCode(-1);
            result2.setResultDesc("The telephone number is error.");
            return result2;
        }
        if (!WebUtils.checkName(addUserRequest.getUserName())) {
            Result result3 = new Result();
            result3.setIntResultCode(-1);
            result3.setResultDesc("The username formate is error.");
            return result3;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        addUserRequest.setUserType("0");
        addUserRequest.setDomainType("0");
        addUserRequest.setDomainIdList(Arrays.asList("domain/default"));
        List<SimpleRoleBean> roleList = addUserRequest.getRoleList();
        if (null != roleList) {
            for (SimpleRoleBean simpleRoleBean : roleList) {
                simpleRoleBean.setAppId("3");
                simpleRoleBean.setRoleType("0");
            }
        }
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        Result checkDescriptionContainsSpecial = checkDescriptionContainsSpecial(addUserRequest.getDescription());
        if (checkDescriptionContainsSpecial == null) {
            checkDescriptionContainsSpecial = iUserManagement.addUser(currentLoginUserId, addUserRequest);
        }
        return checkDescriptionContainsSpecial;
    }

    public Result modifyUser(ModifyUserRequest modifyUserRequest) {
        if (modifyUserRequest == null) {
            return null;
        }
        if (!WebUtils.checkEmail(modifyUserRequest.getEmail())) {
            Result result = new Result();
            result.setIntResultCode(-1);
            result.setResultDesc("The email formate is error.");
            return result;
        }
        if (!WebUtils.checkTelNumber(modifyUserRequest.getPhoneNum())) {
            Result result2 = new Result();
            result2.setIntResultCode(-1);
            result2.setResultDesc("The telephone number is error.");
            return result2;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        modifyUserRequest.setDomainIdList(Arrays.asList("domain/default"));
        modifyUserRequest.setDomainType("0");
        if (null != modifyUserRequest.getRoleList()) {
            for (SimpleRoleBean simpleRoleBean : modifyUserRequest.getRoleList()) {
                simpleRoleBean.setAppId("3");
                simpleRoleBean.setRoleType("0");
            }
        }
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        Result checkDescriptionContainsSpecial = checkDescriptionContainsSpecial(modifyUserRequest.getDescription());
        if (checkDescriptionContainsSpecial == null) {
            checkDescriptionContainsSpecial = iUserManagement.modifyUser(currentLoginUserId, modifyUserRequest);
        }
        return checkDescriptionContainsSpecial;
    }

    public Result deleteUser(String str) {
        if (str == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        return iUserManagement.deleteUser(currentLoginUserId, str, "0");
    }

    public ListRoleResponse listRole(IAMListRoleRequest iAMListRoleRequest) {
        if (null == iAMListRoleRequest) {
            throw new IAMException("List Role fail for null == request");
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        ListRoleRequest listRoleRequest = new ListRoleRequest();
        listRoleRequest.setAppId("3");
        listRoleRequest.setLimit("" + iAMListRoleRequest.getLimit());
        listRoleRequest.setOffset("" + iAMListRoleRequest.getOffset());
        listRoleRequest.setRoleName(iAMListRoleRequest.getQueryRoleName());
        listRoleRequest.setRoleType("0");
        IRoleManagement iRoleManagement = (IRoleManagement) RpcService.lookup(IRoleManagement.class);
        if (iRoleManagement == null) {
            throw new IAMException("RpcService lookup for IRoleManagement service failed, return value is null. ");
        }
        return iRoleManagement.listRole(currentLoginUserId, listRoleRequest);
    }

    public Result addRole(AddRoleRequest addRoleRequest) {
        if (addRoleRequest == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        addRoleRequest.setRoleType("0");
        addRoleRequest.setAppId("3");
        IRoleManagement iRoleManagement = (IRoleManagement) RpcService.lookup(IRoleManagement.class);
        if (iRoleManagement == null) {
            throw new IAMException("RpcService lookup for IRoleManagement service failed, return value is null. ");
        }
        Result checkDescriptionContainsSpecial = checkDescriptionContainsSpecial(addRoleRequest.getRoleDesc());
        if (checkDescriptionContainsSpecial == null) {
            checkDescriptionContainsSpecial = iRoleManagement.addRole(currentLoginUserId, addRoleRequest);
        }
        return checkDescriptionContainsSpecial;
    }

    public Result deleteRole(String str) {
        if (str == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        IRoleManagement iRoleManagement = (IRoleManagement) RpcService.lookup(IRoleManagement.class);
        if (iRoleManagement == null) {
            throw new IAMException("RpcService lookup for IRoleManagement service failed, return value is null. ");
        }
        return iRoleManagement.deleteRole(currentLoginUserId, str, "3", "0");
    }

    public Result modifyRole(ModifyRoleRequest modifyRoleRequest) {
        if (modifyRoleRequest == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        modifyRoleRequest.setAppId("3");
        IRoleManagement iRoleManagement = (IRoleManagement) RpcService.lookup(IRoleManagement.class);
        if (iRoleManagement == null) {
            throw new IAMException("RpcService lookup for IRoleManagement service failed, return value is null. ");
        }
        Result checkDescriptionContainsSpecial = checkDescriptionContainsSpecial(modifyRoleRequest.getRoleDesc());
        if (checkDescriptionContainsSpecial == null) {
            checkDescriptionContainsSpecial = iRoleManagement.modifyRole(currentLoginUserId, modifyRoleRequest);
        }
        return checkDescriptionContainsSpecial;
    }

    public IamRoleResponse viewRolebyId(String str) {
        if (str == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        IamRoleRequest iamRoleRequest = new IamRoleRequest();
        iamRoleRequest.setLimit("1");
        iamRoleRequest.setOffset("0");
        iamRoleRequest.setRoleId(str);
        IRoleManagement iRoleManagement = (IRoleManagement) RpcService.lookup(IRoleManagement.class);
        if (iRoleManagement == null) {
            throw new IAMException("RpcService lookup for IRoleManagement service failed, return value is null. ");
        }
        return iRoleManagement.getRoleInfoFromIam(currentLoginUserId, iamRoleRequest);
    }

    public SecurityPolicyResponse getSecurityPolicy() {
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        ISafetyPolicy iSafetyPolicy = (ISafetyPolicy) RpcService.lookup(ISafetyPolicy.class);
        if (iSafetyPolicy == null) {
            throw new IAMException("RpcService lookup for ISafetyPolicy service failed, return value is null. ");
        }
        return iSafetyPolicy.getSecurityPolicy(currentLoginUserId);
    }

    public Result modifySecurityPolicy(SecurityPolicyBean securityPolicyBean) {
        if (securityPolicyBean == null) {
            return null;
        }
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        Result result = new Result();
        result.setIntResultCode(6300008);
        if (!IAMCheckParameter.chackModifySecurityPolicy(securityPolicyBean)) {
            result.setResultDesc("Parameter is incorrect, please check the parameters. ");
            return result;
        }
        result.setResultDesc("RpcService lookup for ISafetyPolicy service failed, return value is null. ");
        try {
            ISafetyPolicy iSafetyPolicy = (ISafetyPolicy) RpcService.lookup(ISafetyPolicy.class);
            return iSafetyPolicy == null ? result : iSafetyPolicy.modifySecurityPolicy(currentLoginUserId, securityPolicyBean);
        } catch (Exception e) {
            LOGGER.error("RpcService is Exception");
            return result;
        }
    }

    public Result resetPassWord(ResetPasswordRequest resetPasswordRequest) {
        Result result = new Result();
        if (null == resetPasswordRequest) {
            LOGGER.error("Reset password fail for null == request");
            result.setIntResultCode(-1);
            result.setResultDesc("Reset password fail for interval error");
            return result;
        }
        LOGGER.debug("Reset password: username is {}.", resetPasswordRequest.getUserName());
        PasswordRequest passwordRequest = new PasswordRequest();
        passwordRequest.setNewPassWord(resetPasswordRequest.getNewPassword());
        passwordRequest.setConfirmPassWord(resetPasswordRequest.getConfirmPassword());
        passwordRequest.setDomainType("0");
        passwordRequest.setUserName(resetPasswordRequest.getUserName());
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        LOGGER.debug("Current loginUserId is {}.", currentLoginUserId);
        LOGGER.debug("Send resetPassWord rpc request");
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        Result resetPassWord = iUserManagement.resetPassWord(currentLoginUserId, passwordRequest);
        LOGGER.debug("resetPassWord returnCode is {}.", resetPassWord);
        return resetPassWord;
    }

    public Result modifySelfInfo(SelfModifyRequest selfModifyRequest) {
        if (selfModifyRequest == null) {
            return null;
        }
        LOGGER.debug("modifySelfInfo:");
        String currentLoginUserId = IAMUtil.getCurrentLoginUserId();
        LOGGER.debug("loginUserId is {}.", currentLoginUserId);
        String currentLoginUsername = IAMUtil.getCurrentLoginUsername();
        LOGGER.debug("loginUsername is {}.", currentLoginUsername);
        if (!selfModifyRequest.getUserName().equals(currentLoginUsername)) {
            throw new IAMException("The loginUsername do not match with modification of user name.");
        }
        String phoneNum = selfModifyRequest.getPhoneNum();
        String email = selfModifyRequest.getEmail();
        String description = selfModifyRequest.getDescription();
        SelfModifyRequest selfModifyRequest2 = new SelfModifyRequest();
        selfModifyRequest2.setUserName(currentLoginUsername);
        selfModifyRequest2.setPhoneNum(phoneNum);
        selfModifyRequest2.setEmail(email);
        selfModifyRequest2.setDescription(description);
        selfModifyRequest2.setDomainType("0");
        LOGGER.debug("Send modifySelfInfo rpc request:");
        IUserManagement iUserManagement = (IUserManagement) RpcService.lookup(IUserManagement.class);
        if (iUserManagement == null) {
            throw new IAMException("RpcService lookup for IUserManagement service failed, return value is null. ");
        }
        Result modifySelfInfo = iUserManagement.modifySelfInfo(currentLoginUserId, selfModifyRequest2);
        LOGGER.debug("modifySelfInfo returnCode is {}", modifySelfInfo);
        return modifySelfInfo;
    }

    public boolean hasPermission(String str) {
        if (str == null) {
            return false;
        }
        LOGGER.info("check permission is {}.", str);
        if (!IAMUtil.isLogedin()) {
            return false;
        }
        if (IAMUtil.getUserDetails() == null) {
            throw new IAMException("Get the current user's IAMUserDetails failed, return value is null. ");
        }
        List value = authorize(IAMUtil.getCurrentLoginUserId(), str).getValue();
        if (null == value || value.isEmpty()) {
            String str2 = "failed to authorize: authorizeResultBeanList is null or empty, privilege path = " + str;
            LOGGER.error(str2);
            throw new IAMException(str2);
        }
        if (1 != value.size()) {
            String str3 = "failed to authorize: authorizeResultBeanList size != 1, but is " + value.size() + ", privilegePath=" + str;
            LOGGER.error(str3);
            throw new IAMException(str3);
        }
        String result = ((AuthorizeResultBean) value.get(0)).getResult();
        LOGGER.debug("authorizeResponseCode is {}.", result);
        return "0".equals(result);
    }

    public boolean hasPortalPermission(String[] strArr, String str) {
        if (strArr == null || !IAMUtil.isLogedin()) {
            return false;
        }
        IAMUserDetails userDetails = IAMUtil.getUserDetails();
        if (userDetails == null) {
            throw new IAMException("Get the current user's IAMUserDetails failed, return value is null. ");
        }
        boolean containsPrivilegePath = userDetails.containsPrivilegePath(strArr);
        if (!containsPrivilegePath && !userDetails.isModifyOrDelete()) {
            HashMap hashMap = new HashMap();
            hashMap.put("loginUser", userDetails.getUsername());
            hashMap.put("clientAddress", userDetails.getRemoteAddress());
            hashMap.put("logResult", "1");
            hashMap.put("failedDetails", LanguageRepository.getLanResById("en-us", "RESID_OM_AUDIT_0434", new Object[]{userDetails.getUsername(), str}));
            hashMap.put("failedDetailsCh", LanguageRepository.getLanResById("zh-cn", "RESID_OM_AUDIT_0434", new Object[]{userDetails.getUsername(), str}));
            OpLogRecordResponse recordOperationLog = recordOperationLog(hashMap);
            if (recordOperationLog.getIntResultCode() != 0) {
                LOGGER.error("RecordOperationLog Error:" + recordOperationLog.getResultDesc());
            }
        }
        return containsPrivilegePath;
    }

    public boolean hasWebIndexPermission() {
        IAMUserDetails userDetails = IAMUtil.getUserDetails();
        if (!IAMUtil.isLogedin()) {
            LOGGER.error("is not loged in");
            return false;
        }
        if (userDetails != null) {
            return true;
        }
        LOGGER.error("userDetails is null");
        return false;
    }

    private AuthorizeResponse authorize(String str, String str2) {
        List asList = Arrays.asList(IAMUtil.convertPrivilegePathToId(str2));
        IUserAuthorize iUserAuthorize = (IUserAuthorize) RpcService.lookup(IUserAuthorize.class);
        if (iUserAuthorize == null) {
            throw new IAMException("RpcService lookup for IUserAuthorize service failed, return value is null. ");
        }
        return iUserAuthorize.authorize(str, asList);
    }

    private OpLogRecordResponse recordOperationLog(Map<String, String> map) {
        LOGGER.info("start to record operation log.");
        IOpLog iOpLog = (IOpLog) RpcService.lookup(IOpLog.class);
        String str = map.get("loginUser");
        IamOpLogRequest iamOpLogRequest = new IamOpLogRequest();
        iamOpLogRequest.setOpUser(str);
        iamOpLogRequest.setOpType("0");
        iamOpLogRequest.setAppId("3");
        iamOpLogRequest.setOpNameId(USER_ULTRA_VIRES_ID);
        iamOpLogRequest.setOpLevel("2");
        iamOpLogRequest.setOpStartTime(getNowDateTime());
        iamOpLogRequest.setUserIp(map.get("clientAddress"));
        iamOpLogRequest.setOpResult(map.get("logResult"));
        HashMap hashMap = new HashMap();
        hashMap.put("zh_CN", map.get("failedDetailsCh"));
        hashMap.put("en_US", map.get("failedDetails"));
        iamOpLogRequest.setOpFailReason(hashMap);
        iamOpLogRequest.setDetail(hashMap);
        iamOpLogRequest.setInstance("--");
        iamOpLogRequest.setService("--");
        iamOpLogRequest.setHosts("--");
        iamOpLogRequest.setSource("--");
        iamOpLogRequest.setOpStopTime(getNowDateTime());
        OpLogRecordResponse opLogRecordResponse = null;
        try {
            opLogRecordResponse = iOpLog.recordOperationLog(iamOpLogRequest);
        } catch (Exception e) {
            LOGGER.error("oplog record operation log failed.", e);
        }
        LOGGER.info("end to record operation log.");
        return opLogRecordResponse;
    }
}
