package net.boke.jsqlparser.expression.operators;

import com.bokesoft.yes.mid.dbcache.parsedsql.CheckedSql;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedDelete;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedInsert;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedOther;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedSelect;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedSql;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedSqls;
import com.bokesoft.yes.mid.dbcache.parsedsql.ParsedUpdate;
import com.bokesoft.yes.mid.mysqls.processselect.ParsedSqlUtil;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import net.boke.jsqlparser.expression.BinaryExpression;
import net.boke.jsqlparser.expression.DateValue;
import net.boke.jsqlparser.expression.DoubleValue;
import net.boke.jsqlparser.expression.Expression;
import net.boke.jsqlparser.expression.JdbcParameter;
import net.boke.jsqlparser.expression.LongValue;
import net.boke.jsqlparser.expression.NullValue;
import net.boke.jsqlparser.expression.Parenthesis;
import net.boke.jsqlparser.expression.StringValue;
import net.boke.jsqlparser.expression.TimeValue;
import net.boke.jsqlparser.expression.TimestampValue;
import net.boke.jsqlparser.expression.operators.conditional.AndExpression;
import net.boke.jsqlparser.expression.operators.conditional.OrExpression;
import net.boke.jsqlparser.expression.operators.relational.Between;
import net.boke.jsqlparser.expression.operators.relational.EqualsTo;
import net.boke.jsqlparser.expression.operators.relational.ExpressionList;
import net.boke.jsqlparser.expression.operators.relational.GreaterThan;
import net.boke.jsqlparser.expression.operators.relational.GreaterThanEquals;
import net.boke.jsqlparser.expression.operators.relational.InExpression;
import net.boke.jsqlparser.expression.operators.relational.ItemsList;
import net.boke.jsqlparser.expression.operators.relational.LikeExpression;
import net.boke.jsqlparser.expression.operators.relational.MinorThan;
import net.boke.jsqlparser.expression.operators.relational.MinorThanEquals;
import net.boke.jsqlparser.expression.operators.relational.NotEqualsTo;
import net.boke.jsqlparser.schema.Column;
import net.boke.jsqlparser.schema.Table;
import net.boke.jsqlparser.statement.Statement;
import net.boke.jsqlparser.statement.insert.Insert;
import net.boke.jsqlparser.statement.select.FromItem;
import net.boke.jsqlparser.statement.select.Join;
import net.boke.jsqlparser.statement.select.Limit;
import net.boke.jsqlparser.statement.select.PlainSelect;
import net.boke.jsqlparser.statement.select.Select;
import net.boke.jsqlparser.statement.select.SelectBody;
import net.boke.jsqlparser.statement.select.SubSelect;
import net.boke.jsqlparser.statement.select.Union;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/boke/jsqlparser/expression/operators/SqlParametricCheck.class */
public class SqlParametricCheck {
    private static Logger logger = LoggerFactory.getLogger(SqlParametricCheck.class);
    public static boolean flag = true;
    public static boolean hasSubSelect = false;
    private static String checkModel = SqlCheckModel.Log;
    private static List<String> list = Arrays.asList("GeneralDBManager", "StatementWithLog", "PreparedStatementWithLog", "MultiDBPreparedStatement", "SqlParametricCheck", "RichDocumentContext", "EntityContextAction", "EntityContext", "TableEntityManager", "NativeMethodAccessorImpl");

    public static void checkSelectSQL(String str) throws Throwable {
        flag = true;
        if (checkModel.equals(SqlCheckModel.Ignore) || str.contains("YBS_DataLog") || CheckedSql.sqlList.contains(str)) {
            return;
        }
        try {
            CheckedSql.sqlList.removeAll(Collections.singleton(null));
            ParsedSql createParsedSql = ParsedSqls.getInstance().createParsedSql(str.toLowerCase());
            if (createParsedSql instanceof ParsedSelect) {
                Statement statement = createParsedSql.getStatement();
                if (statement instanceof Select) {
                    PlainSelect plainSelect = (PlainSelect) ((Select) statement).getSelectBody();
                    Limit limit = plainSelect.getLimit();
                    if (limit != null && limit.getOffset() > 0 && limit.getRowCount() > 0) {
                        JdbcParameter offsetJdbcParameterValue = limit.getOffsetJdbcParameterValue();
                        JdbcParameter rowCountJdbcParameterValue = limit.getRowCountJdbcParameterValue();
                        if (offsetJdbcParameterValue == null || rowCountJdbcParameterValue == null) {
                            flag = false;
                        }
                    } else if (limit != null && limit.getRowCount() > 0 && limit.getRowCountJdbcParameterValue() == null) {
                        flag = false;
                    }
                    FromItem fromItem = plainSelect.getFromItem();
                    if (!(fromItem instanceof Table) && (fromItem instanceof SubSelect)) {
                        SubSelect subSelect = (SubSelect) fromItem;
                        SelectBody selectBody = subSelect.getSelectBody();
                        if (subSelect.getSelectBody() instanceof Union) {
                            for (Object obj : ((Union) selectBody).getPlainSelects()) {
                                if (obj instanceof PlainSelect) {
                                    hasSubSelect = true;
                                    checkSelectSQL(obj.toString());
                                }
                            }
                        } else {
                            checkSelectSQL(selectBody.toString());
                        }
                    }
                    if (plainSelect.getJoins() != null && plainSelect.getJoins().size() > 0) {
                        for (Object obj2 : plainSelect.getJoins()) {
                            if (obj2 instanceof Join) {
                                FromItem rightItem = ((Join) obj2).getRightItem();
                                if (rightItem instanceof SubSelect) {
                                    String obj3 = ((SubSelect) rightItem).getSelectBody().toString();
                                    hasSubSelect = true;
                                    checkSelectSQL(obj3);
                                }
                            }
                        }
                    }
                }
                sqlParametric(createParsedSql.getWhereClause());
            } else if (createParsedSql instanceof ParsedDelete) {
                sqlParametric(createParsedSql.getWhereClause());
            } else if (createParsedSql instanceof ParsedUpdate) {
                sqlParametric(createParsedSql.getWhereClause());
            } else if (createParsedSql instanceof ParsedInsert) {
                ItemsList itemsList = ((Insert) createParsedSql.getStatement()).getItemsList();
                if (itemsList instanceof ExpressionList) {
                    checkExpressionList(((ExpressionList) itemsList).getExpressions());
                }
            }
            isSqlCorrect(str);
            hasSubSelect = false;
        } catch (Exception e) {
        }
    }

    public static boolean checkFilter(String str) throws Throwable {
        Expression whereClause;
        flag = true;
        try {
            ParsedSql parsedSql = ParsedSqls.getInstance().getParsedSql("Select * from temp Where " + str);
            if (parsedSql == null || (whereClause = parsedSql.getWhereClause()) == null) {
                return true;
            }
            CheckedSql.sqlList.removeAll(Collections.singleton(null));
            if (CheckedSql.sqlList.contains(whereClause.toString())) {
                return true;
            }
            sqlParametric(whereClause);
            return flag;
        } catch (Exception e) {
            return true;
        }
    }

    private static void checkExpressionList(List list2) {
        for (Object obj : list2) {
            if (!(obj instanceof JdbcParameter)) {
                if (!Pattern.compile("\\s*[+-]{1}\\s*\\?*").matcher(obj.toString().trim()).find()) {
                    flag = false;
                    return;
                }
            }
        }
    }

    private static boolean sqlParametric(Expression expression) {
        if (expression instanceof Parenthesis) {
            sqlParametric(((Parenthesis) expression).getExpression());
        } else if (expression instanceof AndExpression) {
            sqlParametric(((AndExpression) expression).getLeftExpression());
            sqlParametric(((AndExpression) expression).getRightExpression());
        } else if (expression instanceof EqualsTo) {
            EqualsTo equalsTo = (EqualsTo) expression;
            if ((!isConstant(equalsTo.getLeftExpression()) || !ParsedSqlUtil.isConstant(equalsTo.getRightExpression())) && !equalsTo.isNot() && (equalsTo.getLeftExpression() instanceof Column)) {
                Expression rightExpression = equalsTo.getRightExpression();
                if (!(rightExpression instanceof JdbcParameter)) {
                    if (isConstant(rightExpression)) {
                        flag = false;
                    } else if (rightExpression instanceof Parenthesis) {
                        sqlParametric(((AndExpression) expression).getRightExpression());
                    }
                }
            }
        } else if ((expression instanceof GreaterThan) || (expression instanceof GreaterThanEquals) || (expression instanceof MinorThan) || (expression instanceof MinorThanEquals) || (expression instanceof NotEqualsTo)) {
            BinaryExpression binaryExpression = (BinaryExpression) expression;
            if (isConstant(binaryExpression.getLeftExpression())) {
                ParsedSqlUtil.isConstant(binaryExpression.getRightExpression());
            }
            if (!binaryExpression.isNot() && (binaryExpression.getLeftExpression() instanceof Column)) {
                Expression rightExpression2 = binaryExpression.getRightExpression();
                if (!(rightExpression2 instanceof JdbcParameter)) {
                    if (isConstant(rightExpression2)) {
                        String obj = rightExpression2.toString();
                        String obj2 = binaryExpression.getLeftExpression().toString();
                        if (!obj.contains(".") || obj2.contains(obj)) {
                            flag = false;
                        }
                    } else if (rightExpression2 instanceof Parenthesis) {
                        sqlParametric(((BinaryExpression) expression).getRightExpression());
                    }
                }
            } else if (!binaryExpression.isNot() && (binaryExpression.getRightExpression() instanceof Column)) {
                Expression leftExpression = binaryExpression.getLeftExpression();
                if (!(leftExpression instanceof JdbcParameter)) {
                    if (isConstant(leftExpression)) {
                        flag = false;
                    } else if (leftExpression instanceof Parenthesis) {
                        sqlParametric(((BinaryExpression) expression).getLeftExpression());
                    }
                }
            }
        } else if (expression instanceof InExpression) {
            InExpression inExpression = (InExpression) expression;
            if (inExpression.getItemsList() instanceof ExpressionList) {
                List expressions = ((ExpressionList) inExpression.getItemsList()).getExpressions();
                int size = expressions.size();
                int i = 0;
                while (i < size) {
                    Object obj3 = expressions.get(i);
                    if (obj3 instanceof JdbcParameter) {
                        i++;
                    } else if (isConstant((Expression) obj3)) {
                        flag = false;
                    }
                    i++;
                }
            } else if (inExpression.getItemsList() instanceof SubSelect) {
                ParsedSql createParsedSql = ParsedSqls.getInstance().createParsedSql(((SubSelect) inExpression.getItemsList()).getSelectBody().toString().toLowerCase());
                if (!(createParsedSql instanceof ParsedOther) && !sqlParametric(createParsedSql.getWhereClause())) {
                    hasSubSelect = true;
                }
            }
        } else if (expression instanceof Between) {
            Between between = (Between) expression;
            if (!between.isNot()) {
                Expression betweenExpressionStart = between.getBetweenExpressionStart();
                if (!(betweenExpressionStart instanceof JdbcParameter) && isConstant(betweenExpressionStart)) {
                    flag = false;
                }
                Expression betweenExpressionEnd = between.getBetweenExpressionEnd();
                if (!(betweenExpressionEnd instanceof JdbcParameter) && isConstant(betweenExpressionEnd)) {
                    flag = false;
                }
            }
        } else if (expression instanceof OrExpression) {
            sqlParametric(((OrExpression) expression).getLeftExpression());
            sqlParametric(((OrExpression) expression).getRightExpression());
        } else if (expression instanceof LikeExpression) {
            LikeExpression likeExpression = (LikeExpression) expression;
            if (!likeExpression.isNot() && (likeExpression.getLeftExpression() instanceof Column)) {
                Expression rightExpression3 = likeExpression.getRightExpression();
                if (!(rightExpression3 instanceof JdbcParameter) && isConstant(rightExpression3)) {
                    flag = false;
                }
            }
        }
        return flag;
    }

    private static void isSqlCorrect(String str) throws Throwable {
        try {
            if (flag && StringUtils.isNotEmpty(str)) {
                CheckedSql.sqlList.add(str);
            }
            if (flag) {
                return;
            }
            flag = true;
            if ((!checkModel.equalsIgnoreCase(SqlCheckModel.Log) || CheckedSql.errorList.contains(str)) && (!hasSubSelect || CheckedSql.errorList.contains(str))) {
                if (checkModel.equals(SqlCheckModel.Error) && !hasSubSelect) {
                    throw new Throwable("SQL没有正确的参数化，请检查SQL拼接方式，按照正确的方式对SQL进行参数化" + str);
                }
                return;
            }
            logger.error("\r\nSQL没有正确参数化，具体片段为\r\n" + str + "\r\n请检测sql是否正确参数化,SQL拼接的具体调用栈为:");
            CheckedSql.errorList.add(str);
            StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
            for (int i = 1; i < 15; i++) {
                boolean z = true;
                StackTraceElement stackTraceElement = stackTrace[i];
                Iterator<String> it = list.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (stackTraceElement.toString().contains(it.next())) {
                        z = false;
                        break;
                    }
                }
                if (z) {
                    logger.error(stackTraceElement.toString());
                }
                if (stackTraceElement.toString().contains("loadQueryTable")) {
                    logger.error("加载数据源或数据对象SQL没有参数化，请检查对应数据源或数据对象配置");
                }
            }
        } catch (Exception e) {
        }
    }

    public static boolean isError(String str) {
        return CheckedSql.errorList.contains(str);
    }

    private static boolean isConstant(Expression expression) {
        if (expression != null) {
            return (expression instanceof LongValue) || (expression instanceof StringValue) || (expression instanceof DoubleValue) || (expression instanceof DateValue) || (expression instanceof TimestampValue) || (expression instanceof TimeValue) || (expression instanceof NullValue);
        }
        return false;
    }

    public static void errorLog(String str, String str2, String str3, String str4) throws Throwable {
        try {
            if (flag) {
                return;
            }
            flag = true;
            if ((checkModel.equals(SqlCheckModel.Log) && !CheckedSql.errorList.contains(str3)) || (hasSubSelect && !CheckedSql.errorList.contains(str4))) {
                logger.error("\r\nFilter公式编写错误，组件以及定义表单位置为\r\n" + str + "表单中,\r\n" + str2 + "组件 \r\n请检测公式是否正确参数化,公式具体内容为:" + str3);
                CheckedSql.errorList.add(str3);
            } else if (checkModel.equals(SqlCheckModel.Error) && !hasSubSelect) {
                throw new Throwable("Filter公式没有正确的参数化， 请检测共公式是否正确参数化");
            }
        } catch (Exception e) {
        }
    }

    public static void errorConditionLog(String str, String str2, String str3, String str4) throws Throwable {
        try {
            if (flag) {
                return;
            }
            flag = true;
            if (!checkModel.equals(SqlCheckModel.Log) || CheckedSql.errorList.contains(str3)) {
                if (checkModel.equals(SqlCheckModel.Error)) {
                    throw new Throwable("Condition字段查询属性编写错误， 请检测共公式是否正确参数化");
                }
            } else {
                logger.error("\r\nCondition字段查询属性编写错误，组件以及定义表单位置为\r\n" + str + "表单中,\r\n" + str2 + "组件 \r\n请检测公式是否正确参数化,公式具体内容为:" + str3);
                CheckedSql.errorList.add(str3);
            }
        } catch (Exception e) {
        }
    }

    public static void errorMapFunctionLog(String str, String str2, String str3) throws Throwable {
        try {
            if (flag) {
                return;
            }
            flag = true;
            if (!checkModel.equals(SqlCheckModel.Log) || CheckedSql.errorList.contains(str3)) {
                if (checkModel.equals(SqlCheckModel.Error)) {
                    throw new Throwable("映射公式参数没有正确的参数化， 请检测共公式是否正确参数化");
                }
            } else {
                logger.error("\r\n映射公式中过滤条件参数化编写错误，位置为\r\n" + str + "表单中,\r\n" + str2 + "组件 \r\n请检测公式是否正确参数化,公式具体内容为:" + str3);
                CheckedSql.errorList.add(str3);
            }
        } catch (Exception e) {
        }
    }

    public static void setCheckModel(String str) {
        checkModel = str;
    }
}
