package com.ipt.epbtls;

import com.epb.persistence.LocalPersistence;
import com.epb.persistence.utl.BusinessUtility;
import com.epb.pst.entity.EpEmp;
import com.ipt.epbbns.bean.ApplicationHomeVariable;
import com.ipt.epbett.util.EpbCommonQueryUtility;
import com.ipt.epbglb.EpbGlobalSetting;
import com.ipt.epbmsg.EpbExceptionMessenger;
import com.ipt.epbtls.framework.ConfigRebuilder;
import com.ipt.epbtls.framework.DefaultSecurityControl;
import java.util.List;
import java.util.logging.Logger;

/* loaded from: input_file:com/ipt/epbtls/UserAccessControlCompatibleSqlGetter.class */
class UserAccessControlCompatibleSqlGetter {
    /* JADX INFO: Access modifiers changed from: package-private */
    public String getUserAccessControlCompatibleSql(String str, ApplicationHomeVariable applicationHomeVariable) {
        try {
            String homeUserId = applicationHomeVariable.getHomeUserId();
            boolean isAdmin = EpbCommonQueryUtility.isAdmin(homeUserId);
            System.out.println("isAdmin: " + isAdmin);
            if (isAdmin) {
                return str;
            }
            String appSetting = EpbCommonQueryUtility.getAppSetting(applicationHomeVariable, "USERCONT");
            String appSetting2 = EpbCommonQueryUtility.getAppSetting(applicationHomeVariable, "USERCONTEMPDEPT");
            String str2 = (appSetting2 == null || appSetting2.length() == 0) ? "A" : appSetting2;
            System.out.println("usercontSetting: " + appSetting);
            if (!ConfigRebuilder.VALUE_Y.equals(appSetting)) {
                return str;
            }
            String homeLocId = applicationHomeVariable.getHomeLocId();
            String homeAppCode = applicationHomeVariable.getHomeAppCode();
            boolean checkPrivilege = BusinessUtility.checkPrivilege(homeUserId, homeLocId, homeAppCode, (homeAppCode.equals("CRMOPP") || homeAppCode.equals("CRMOPPN") || homeAppCode.equals("CRMLEAD") || homeAppCode.equals("CRMLEAD") || homeAppCode.equals("CRMLEADMSG") || homeAppCode.equals("CRMLEADMSG")) ? DefaultSecurityControl.PRI_ID_VIEWALL : DefaultSecurityControl.PRI_ID_VIEWOTHER);
            System.out.println("privilegeCheckPassed: " + checkPrivilege);
            if (checkPrivilege) {
                return str;
            }
            String replace = applicationHomeVariable.getHomeOrgId() == null ? "" : applicationHomeVariable.getHomeOrgId().replace("'", "''").replace("\\", "\\\\");
            String replace2 = applicationHomeVariable.getHomeEmpId() == null ? "" : applicationHomeVariable.getHomeEmpId().replace("'", "''").replace("\\", "\\\\");
            if (replace2 == null || replace2.length() == 0) {
                List resultList = LocalPersistence.getResultList(EpEmp.class, "SELECT * FROM EP_EMP WHERE USER_ID = ? AND (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = ?) ORDER BY (CASE WHEN ORG_ID = '" + replace + "' THEN 1 ELSE 2 END) ASC", new Object[]{homeUserId, replace});
                replace2 = resultList.isEmpty() ? "" : ((EpEmp) resultList.get(0)).getEmpId();
            }
            return getFullSql(str, replace, replace2, homeUserId, str2, homeAppCode);
        } catch (Throwable th) {
            Logger.getLogger(getClass().getName()).log(EpbGlobalSetting.getLoggingLevel(), th.getMessage(), th);
            EpbExceptionMessenger.showExceptionMessage(th);
            return str;
        }
    }

    private String getFullSql(String str, String str2, String str3, String str4, String str5, String str6) {
        String str7;
        try {
            int lastIndexOf = str.toUpperCase().lastIndexOf(" GROUP BY ");
            int lastIndexOf2 = str.toUpperCase().lastIndexOf(" ORDER BY ");
            int i = lastIndexOf == -1 ? lastIndexOf2 == -1 ? -1 : lastIndexOf2 : lastIndexOf;
            String substring = i == -1 ? "" : str.substring(i);
            String substring2 = i == -1 ? str : str.substring(0, i);
            if ("B".equals(str5)) {
                str7 = " (USER_ID = '" + str4 + "' OR USER_ID IN (SELECT USER_ID FROM LEAVEDTL WHERE AGENT_USER_ID = '" + str4 + "'AND TO_CHAR(SYSDATE,'YYYYMMDDHH24MI') >= TO_CHAR(START_DATE,'YYYYMMDD') || LPAD(START_TIME,4,'0') AND TO_CHAR(SYSDATE,'YYYYMMDDHH24MI') <= TO_CHAR(END_DATE,'YYYYMMDD') || LPAD(END_TIME,4,'0'))" + ((str3 == null || "".equals(str3)) ? "" : " OR EMP_ID = '" + str3 + "'") + " OR EMP_ID IN (SELECT EMP_ID FROM EP_EMP_GROUP_DTL WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') AND EMP_GROUP_ID IN (SELECT EMP_GROUP_ID FROM EP_EMP_GROUP WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') START WITH EMP_GROUP_ID IN (SELECT EMP_GROUP_ID FROM EP_EMP WHERE EMP_ID = '" + str3 + "' AND (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "')) CONNECT BY REF_EMP_GROUP_ID = PRIOR EMP_GROUP_ID))) ";
            } else {
                str7 = " (USER_ID = '" + str4 + "' OR USER_ID IN (SELECT USER_ID FROM LEAVEDTL WHERE AGENT_USER_ID = '" + str4 + "'AND TO_CHAR(SYSDATE,'YYYYMMDDHH24MI') >= TO_CHAR(START_DATE,'YYYYMMDD') || LPAD(START_TIME,4,'0') AND TO_CHAR(SYSDATE,'YYYYMMDDHH24MI') <= TO_CHAR(END_DATE,'YYYYMMDD') || LPAD(END_TIME,4,'0'))" + ((str3 == null || "".equals(str3)) ? "" : " OR EMP_ID = '" + str3 + "'") + " OR EMP_ID IN (SELECT EMP_ID FROM EP_EMP WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') AND DEPT_ID IN (SELECT DEPT_ID FROM EP_DEPT WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') START WITH EMP_ID = '" + str3 + "' CONNECT BY REF_DEPT_ID = PRIOR DEPT_ID))) ";
            }
            if (str6.equals("MYCRM") || (str3 != null && str3.length() != 0)) {
                str7 = "B".equals(str5) ? " ( EMP_ID = '" + str3 + "' OR EMP_ID IN (SELECT EMP_ID FROM EP_EMP_GROUP_DTL WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') AND EMP_GROUP_ID IN (SELECT EMP_GROUP_ID FROM EP_EMP_GROUP WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') START WITH EMP_GROUP_ID IN (SELECT EMP_GROUP_ID FROM EP_EMP WHERE EMP_ID = '" + str3 + "' AND (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "')) CONNECT BY REF_EMP_GROUP_ID = PRIOR EMP_GROUP_ID))) " : " (EMP_ID = '" + str3 + "' OR EMP_ID IN (SELECT EMP_ID FROM EP_EMP WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') AND DEPT_ID IN (SELECT DEPT_ID FROM EP_DEPT WHERE (ORG_ID IS NULL OR ORG_ID = '' OR ORG_ID = '" + str2 + "') START WITH EMP_ID = '" + str3 + "' CONNECT BY REF_DEPT_ID = PRIOR DEPT_ID))) ";
            }
            int lastIndexOf3 = str.toUpperCase().lastIndexOf(" WHERE ");
            String str8 = lastIndexOf3 == -1 ? substring2 + " WHERE " + str7 + substring : substring2.substring(0, lastIndexOf3 + 7) + " (" + substring2.substring(lastIndexOf3 + 7) + ")  AND " + str7 + substring;
            System.out.println("UAC version sql:");
            System.out.println(str8);
            return str8;
        } catch (Throwable th) {
            Logger.getLogger(getClass().getName()).log(EpbGlobalSetting.getLoggingLevel(), th.getMessage(), th);
            EpbExceptionMessenger.showExceptionMessage(th);
            return str;
        }
    }

    public static void main(String[] strArr) {
        new UserAccessControlCompatibleSqlGetter().getFullSql("SELECT DOC_ID, DOC_DATE, STATUS_FLG, USER_ID, USER_ID AS USER_NAME, EMP_ID, EMP_ID AS EMP_NAME, CUST_ID, NAME, ATTN_TO, CC_TO, PROJ_ID, PROJ_ID AS PROJ_NAME, DEPT_ID, DEPT_ID AS DEPT_NAME, TAX_FLG, TAX_ID, TAX_RATE, CURR_ID, CURR_RATE, CUST_REF, OUR_REF, TERM_ID, TAX_ID, VALIDITY, DLY_DATE, CAMPAIGN_ID, CAMPAIGN_ID AS CAMPAIGN_NAME, TRADE_ID, TERM_ID, TRANSPORT_ID, TRANSPORT_ID AS TRANSPORT_NAME, SALETYPE_ID, SALETYPE_ID AS SALETYPE_NAME, SALESCAT1_ID, SALESCAT1_ID AS SALESCAT1_NAME, SALESCAT2_ID, SALESCAT2_ID AS SALESCAT2_NAME, SALESCAT3_ID, SALESCAT3_ID AS SALESCAT3_NAME, VSL_ID, VSL_ID AS VSL_NAME, MARKING, MARKING AS MARKING_NAME, DISC_CHR, DISC_NUM, LUMPSUM_DISC, ADDR_NAME, ADDRESS1, ADDRESS2, ADDRESS3, ADDRESS4, CITY_ID, CITY_ID AS CITY_NAME, STATE_ID, STATE_ID AS STATE_NAME, COUNTRY_ID, COUNTRY_ID AS COUNTRY_NAME, POSTALCODE, PHONE, FAX, ZONE_ID, ZONE_ID AS ZONE_NAME, DADDR_NAME, DADDRESS1, DADDRESS2, DADDRESS3, DADDRESS4, DCITY_ID, DCITY_ID AS DCITY_NAME, DSTATE_ID, DSTATE_ID AS DSTATE_NAME, DCOUNTRY_ID, DCOUNTRY_ID AS DCOUNTRY_NAME, DPOSTALCODE, DPHONE, DFAX, DZONE_ID, DZONE_ID AS DZONE_NAME, BOOK_ID, BOOK_ID AS BOOK_NAME, ANA_ID1, ANA_ID2, ANA_ID3, ANA_ID4, ANA_ID5, ANA_ID6, ANA_ID7, ANA_ID8, ANA_ID9, ANA_ID10, REF1, REF2, REF3, REF4, REMARK, CREATE_DATE, CREATE_USER_ID, REC_KEY, TIME_STAMP, LASTUPDATE_USER_ID, LASTUPDATE, ORG_ID, LOC_ID, BEFORE_DISC, TOTAL_DISC, TOTAL_TAX, TOTAL_NET, GRANT_TOTAL FROM QUOTMAS WHERE (ORG_ID = '01')  AND (LOC_ID = '01')  AND (TO_CHAR(DOC_DATE, 'YYYY-MM-DD') >= '2010-04-01')  AND (STATUS_FLG LIKE '%')  ORDER BY DOC_ID", "qqq", "www", "hll", "A", "A");
    }
}
