package com.lc.ibps.components.querybuilder.support.filter;

import com.lc.ibps.base.core.util.string.StringUtil;
import com.lc.ibps.components.querybuilder.enums.EnumBuilderType;
import com.lc.ibps.components.querybuilder.enums.EnumDBType;
import com.lc.ibps.components.querybuilder.enums.EnumSourceType;
import com.lc.ibps.components.querybuilder.exception.FilterAddException;
import com.lc.ibps.components.querybuilder.exception.FilterException;
import com.lc.ibps.components.querybuilder.model.IRule;
import com.lc.ibps.components.querybuilder.model.JsonRule;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashSet;
import java.util.regex.Pattern;

/* loaded from: input_file:com/lc/ibps/components/querybuilder/support/filter/SqlInjectionAttackFilter.class */
public class SqlInjectionAttackFilter implements IRuleFilter {
    private HashSet<String> keywords = new HashSet<>();
    private char beginningDelimiter;
    private char endingDelimiter;

    public SqlInjectionAttackFilter(EnumDBType enumDBType) {
        if (EnumDBType.MYSQL.equals(enumDBType)) {
            this.beginningDelimiter = '`';
            this.endingDelimiter = '`';
        } else if (EnumDBType.ORACLE.equals(enumDBType)) {
            this.beginningDelimiter = '\"';
            this.endingDelimiter = '\"';
        } else {
            if (!EnumDBType.MS_SQL.equals(enumDBType)) {
                throw new FilterAddException("Sorry not supports now");
            }
            this.beginningDelimiter = '[';
            this.endingDelimiter = ']';
        }
        InputStream resourceAsStream = SqlInjectionAttackFilter.class.getClassLoader().getResourceAsStream("resources/keywords/" + enumDBType.name().toLowerCase() + ".txt");
        if (resourceAsStream == null) {
            throw new FilterAddException("The SQL keyword was not found.");
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(resourceAsStream));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return;
                } else {
                    this.keywords.add(readLine);
                }
            } catch (IOException e) {
                e.printStackTrace();
                return;
            }
        }
    }

    @Override // com.lc.ibps.components.querybuilder.support.filter.IRuleFilter
    public void doFilter(JsonRule jsonRule, EnumBuilderType enumBuilderType) throws FilterException {
        if (jsonRule.isGroup()) {
            return;
        }
        IRule rule = jsonRule.toRule();
        String field = rule.getField();
        if (StringUtil.isEmpty(rule.getField_source()) || !EnumSourceType.SQL_SNIPPET.getValue().equals(rule.getField_source())) {
            if (field.length() > 30) {
                if (!field.contains(".")) {
                    throw new FilterException("rule's field is too long for:" + jsonRule);
                }
                if (field.split("\\.")[1].length() > 30) {
                    throw new FilterException("rule's field is too long for:" + jsonRule);
                }
                return;
            }
            if (!Pattern.matches("^[A-Za-z0-9_\\.]+$", field)) {
                throw new FilterException("rule's field can only use [A-Za-z0-9_\\.] for:" + jsonRule);
            }
            if (this.keywords.contains(field.toUpperCase())) {
                StringBuffer stringBuffer = new StringBuffer(field);
                stringBuffer.insert(0, this.beginningDelimiter);
                stringBuffer.append(this.endingDelimiter);
                rule.setField(stringBuffer.toString());
            }
        }
    }
}
