package com.sobey.bsp.framework;

import com.aliyun.oss.internal.OSSHeaders;
import com.sobey.bsp.framework.data.DataCollection;
import com.sobey.bsp.framework.extend.AfterPageMethodInvokeAction;
import com.sobey.bsp.framework.extend.BeforePageMethodInvokeAction;
import com.sobey.bsp.framework.extend.ExtendManager;
import com.sobey.bsp.framework.utility.LogUtil;
import com.sobey.bsp.framework.utility.StringUtil;
import com.sobey.bsp.platform.UserList;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/classes/com/sobey/bsp/framework/MainServlet.class */
public class MainServlet extends HttpServlet {
    private static final long serialVersionUID = 1;

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            httpServletResponse.setHeader("Pragma", "No-Cache");
            httpServletResponse.setHeader("Cache-Control", "No-Cache");
            httpServletResponse.setDateHeader("Expires", 0L);
            httpServletResponse.setContentType("text/xml");
            if (Config.ServletMajorVersion == 2 && Config.ServletMinorVersion == 3) {
                httpServletResponse.setContentType("text/xml;charset=UTF-8");
            } else {
                httpServletResponse.setCharacterEncoding("UTF-8");
            }
            httpServletRequest.setCharacterEncoding("UTF-8");
            System.out.println(httpServletRequest.getHeader(OSSHeaders.ORIGIN));
            String parameter = httpServletRequest.getParameter(Constant.Method);
            String parameter2 = httpServletRequest.getParameter(Constant.URL);
            if ("".equals(parameter2) || "/".equals(parameter2)) {
            }
            if ("www.sobey.com".equalsIgnoreCase(httpServletRequest.getServerName()) && "/demo".equalsIgnoreCase(httpServletRequest.getContextPath()) && !UserList.ADMINISTRATOR.equalsIgnoreCase(User.getUserName()) && getServletConfig().getInitParameter(parameter) != null) {
                LogUtil.warn("method:" + parameter + ",操作：" + getServletConfig().getInitParameter(parameter) + "此操作被拒绝!<br>系统提示：为保证软件Demo站的稳定运行，Demo站中部分删除功能已被屏蔽.");
                DataCollection dataCollection = new DataCollection();
                dataCollection.put(Constant.ResponseStatusAttrName, "0");
                dataCollection.put(Constant.ResponseMessageAttrName, "此操作被拒绝!<br>系统提示：为保证软件Demo站的稳定运行，Demo站中部分删除功能已被屏蔽.如需要可下载安装程序到本地来试用.<br>下载地址：<a href='http://www.sobey.com' target='_blank'>下载SCMS</a>");
                httpServletResponse.getWriter().write(dataCollection.toXML());
                return;
            }
            Current.init(httpServletRequest, httpServletResponse, parameter);
            String substring = parameter.substring(0, parameter.lastIndexOf("."));
            Class<?> cls = Class.forName(substring);
            String parameter3 = httpServletRequest.getParameter("uploadPlugin");
            String value = Config.getValue("App.LoginClass");
            ArrayList arrayList = new ArrayList();
            arrayList.add("com.sobey.bsp.platform.InterfaceAPI.getInterfaceData");
            arrayList.add("com.sobey.bsp.platform.UploadAPI.checkToken");
            arrayList.add("com.sobey.bsp.cms.account.AccountAction.isExists");
            arrayList.add("com.sobey.bsp.cms.account.AccountAction.add");
            arrayList.add("com.sobey.bsp.cms.account.AccountAction.reSendMail");
            arrayList.add("com.sobey.bsp.cms.account.AccountAction.isExistsName");
            arrayList.add("com.sobey.bsp.cms.account.AccountAction.valActiveCode");
            arrayList.add("com.sobye.bsp.appservers.VmsAppUser.saveUser");
            arrayList.add("com.sobey.nrzx.login.NrzxLogin.submit");
            if (!arrayList.contains(parameter) && !Ajax.class.isAssignableFrom(cls) && !substring.equals("com.sobey.bsp.framework.Framework") && !substring.equals(value) && !User.isLogin() && StringUtil.isEmpty(parameter3)) {
                DataCollection dataCollection2 = new DataCollection();
                dataCollection2.put(Constant.ResponseScriptAttr, "window.top.location='" + Config.getContextPath() + Config.getValue("App.LoginPage") + "';");
                httpServletResponse.getWriter().write(dataCollection2.toXML());
                return;
            }
            if (!"com.sobey.bsp.platform.UploadAPI.checkToken".equals(parameter) && !"com.sobey.nrzx.login.NrzxLogin.submit".equals(parameter) && !"com.sobye.bsp.appservers.VmsAppUser.saveUser".equals(parameter) && !"com.sobey.bsp.platform.InterfaceAPI.getInterfaceData".equals(parameter) && !substring.equals("com.sobey.bsp.cms.account.AccountAction") && !substring.equals(value) && !SessionCheck.check(cls) && StringUtil.isEmpty(parameter3)) {
                DataCollection dataCollection3 = new DataCollection();
                dataCollection3.put(Constant.ResponseMessageAttrName, "不允许越权访问!");
                httpServletResponse.getWriter().write(dataCollection3.toXML());
                return;
            }
            if (ExtendManager.hasAction(BeforePageMethodInvokeAction.Type)) {
                ExtendManager.executeAll(BeforePageMethodInvokeAction.Type, new Object[]{parameter});
            }
            Current.invokeMethod(parameter, (Object[]) null);
            if (ExtendManager.hasAction(AfterPageMethodInvokeAction.Type)) {
                ExtendManager.executeAll(AfterPageMethodInvokeAction.Type, new Object[]{parameter});
            }
            if (StringUtil.isNotEmpty(parameter3)) {
                httpServletResponse.getWriter().write("success_jsonpCallback([{status:" + Current.getResponse().getStatus() + "}])");
            } else {
                httpServletResponse.getWriter().write(Current.getResponse().toXML());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
