package com.alibaba.druid.wall.spi;

import com.alibaba.druid.sql.ast.SQLExpr;
import com.alibaba.druid.sql.ast.SQLName;
import com.alibaba.druid.sql.ast.SQLObject;
import com.alibaba.druid.sql.ast.expr.SQLAggregateExpr;
import com.alibaba.druid.sql.ast.expr.SQLAllColumnExpr;
import com.alibaba.druid.sql.ast.expr.SQLBinaryOpExpr;
import com.alibaba.druid.sql.ast.expr.SQLBinaryOperator;
import com.alibaba.druid.sql.ast.expr.SQLCharExpr;
import com.alibaba.druid.sql.ast.expr.SQLInListExpr;
import com.alibaba.druid.sql.ast.expr.SQLIntegerExpr;
import com.alibaba.druid.sql.ast.expr.SQLMethodInvokeExpr;
import com.alibaba.druid.sql.ast.expr.SQLNCharExpr;
import com.alibaba.druid.sql.ast.expr.SQLNotExpr;
import com.alibaba.druid.sql.ast.expr.SQLNullExpr;
import com.alibaba.druid.sql.ast.expr.SQLNumericLiteralExpr;
import com.alibaba.druid.sql.ast.expr.SQLPropertyExpr;
import com.alibaba.druid.sql.ast.expr.SQLQueryExpr;
import com.alibaba.druid.sql.ast.statement.SQLDeleteStatement;
import com.alibaba.druid.sql.ast.statement.SQLExprTableSource;
import com.alibaba.druid.sql.ast.statement.SQLInsertInto;
import com.alibaba.druid.sql.ast.statement.SQLJoinTableSource;
import com.alibaba.druid.sql.ast.statement.SQLSelect;
import com.alibaba.druid.sql.ast.statement.SQLSelectItem;
import com.alibaba.druid.sql.ast.statement.SQLSelectQuery;
import com.alibaba.druid.sql.ast.statement.SQLSelectQueryBlock;
import com.alibaba.druid.sql.ast.statement.SQLSubqueryTableSource;
import com.alibaba.druid.sql.ast.statement.SQLTableSource;
import com.alibaba.druid.sql.ast.statement.SQLUnionQuery;
import com.alibaba.druid.sql.ast.statement.SQLUpdateStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.expr.MySqlBooleanExpr;
import com.alibaba.druid.sql.visitor.ExportParameterVisitor;
import com.alibaba.druid.support.logging.Log;
import com.alibaba.druid.support.logging.LogFactory;
import com.alibaba.druid.util.JdbcUtils;
import com.alibaba.druid.wall.WallVisitor;
import com.alibaba.druid.wall.violation.IllegalSQLObjectViolation;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.math.BigDecimal;
import java.net.URL;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Set;

/* loaded from: classes.dex */
public class WallVisitorUtils {
    private static final Log LOG = LogFactory.getLog(WallVisitorUtils.class);

    private static Number add(Number number, Number number2) {
        return number instanceof BigDecimal ? ((BigDecimal) number).add(new BigDecimal(number2.toString())) : Long.valueOf(number.longValue() + number2.longValue());
    }

    private static void addViolation(WallVisitor wallVisitor, SQLObject sQLObject) {
        wallVisitor.getViolations().add(new IllegalSQLObjectViolation(wallVisitor.toSQL(sQLObject)));
    }

    public static void check(WallVisitor wallVisitor, SQLBinaryOpExpr sQLBinaryOpExpr) {
    }

    public static void check(WallVisitor wallVisitor, SQLInListExpr sQLInListExpr) {
    }

    public static void check(WallVisitor wallVisitor, SQLPropertyExpr sQLPropertyExpr) {
        checkSchema(wallVisitor, sQLPropertyExpr.getOwner());
    }

    public static void check(WallVisitor wallVisitor, SQLExprTableSource sQLExprTableSource) {
        SQLExpr expr = sQLExprTableSource.getExpr();
        if (expr instanceof SQLPropertyExpr) {
            checkSchema(wallVisitor, ((SQLPropertyExpr) expr).getOwner());
        }
        if ((expr instanceof SQLName) && wallVisitor.isPermitTable(((SQLName) expr).getSimleName())) {
            addViolation(wallVisitor, sQLExprTableSource);
        }
    }

    private static void checkCondition(WallVisitor wallVisitor, SQLExpr sQLExpr) {
        if (sQLExpr != null && wallVisitor.getConfig().isMustParameterized()) {
            ExportParameterVisitor createExportParameterVisitor = wallVisitor.getProvider().createExportParameterVisitor();
            sQLExpr.accept(createExportParameterVisitor);
            if (createExportParameterVisitor.getParameters().size() > 0) {
                addViolation(wallVisitor, sQLExpr);
            }
        }
    }

    public static void checkDelete(WallVisitor wallVisitor, SQLDeleteStatement sQLDeleteStatement) {
        checkReadOnly(wallVisitor, sQLDeleteStatement.getExprTableSource());
        if (!wallVisitor.getConfig().isDeleteAllow()) {
            addViolation(wallVisitor, sQLDeleteStatement);
            return;
        }
        if (wallVisitor.getConfig().isDeleteWhereAlwayTrueCheck()) {
            if (sQLDeleteStatement.getWhere() == null || Boolean.TRUE == getValue(sQLDeleteStatement.getWhere())) {
                addViolation(wallVisitor, sQLDeleteStatement);
            } else {
                checkCondition(wallVisitor, sQLDeleteStatement.getWhere());
            }
        }
    }

    public static void checkFunction(WallVisitor wallVisitor, SQLMethodInvokeExpr sQLMethodInvokeExpr) {
        checkSchema(wallVisitor, sQLMethodInvokeExpr.getOwner());
        if (wallVisitor.getConfig().isFunctionCheck()) {
            if (wallVisitor.getConfig().isPermitFunction(sQLMethodInvokeExpr.getMethodName().toLowerCase())) {
                addViolation(wallVisitor, sQLMethodInvokeExpr);
            }
        }
    }

    public static void checkHaving(WallVisitor wallVisitor, SQLExpr sQLExpr) {
        if (sQLExpr != null && wallVisitor.getConfig().isSelectHavingAlwayTrueCheck() && Boolean.TRUE == getValue(sQLExpr)) {
            addViolation(wallVisitor, sQLExpr);
        }
    }

    public static void checkInsert(WallVisitor wallVisitor, SQLInsertInto sQLInsertInto) {
        checkReadOnly(wallVisitor, sQLInsertInto.getTableSource());
        if (wallVisitor.getConfig().isInsertAllow()) {
            return;
        }
        wallVisitor.getViolations().add(new IllegalSQLObjectViolation(wallVisitor.toSQL(sQLInsertInto)));
    }

    public static void checkReadOnly(WallVisitor wallVisitor, SQLTableSource sQLTableSource) {
        if (!(sQLTableSource instanceof SQLExprTableSource)) {
            if (sQLTableSource instanceof SQLJoinTableSource) {
                SQLJoinTableSource sQLJoinTableSource = (SQLJoinTableSource) sQLTableSource;
                checkReadOnly(wallVisitor, sQLJoinTableSource.getLeft());
                checkReadOnly(wallVisitor, sQLJoinTableSource.getRight());
                return;
            }
            return;
        }
        SQLExpr expr = ((SQLExprTableSource) sQLTableSource).getExpr();
        String simleName = expr instanceof SQLName ? ((SQLName) expr).getSimleName() : null;
        if (simleName != null) {
            if (wallVisitor.getConfig().getReadOnlyTables().contains(form(simleName))) {
                addViolation(wallVisitor, sQLTableSource);
            }
        }
    }

    private static void checkSchema(WallVisitor wallVisitor, SQLExpr sQLExpr) {
        if (sQLExpr instanceof SQLName) {
            String form = form(((SQLName) sQLExpr).getSimleName());
            if (wallVisitor.getConfig().isPermitSchema(form)) {
                addViolation(wallVisitor, sQLExpr);
            }
            if (wallVisitor.getConfig().isPermitObjects(form)) {
                addViolation(wallVisitor, sQLExpr);
            }
        }
        if (sQLExpr instanceof SQLPropertyExpr) {
            checkSchema(wallVisitor, ((SQLPropertyExpr) sQLExpr).getOwner());
        }
    }

    public static void checkSelelct(WallVisitor wallVisitor, SQLSelectQueryBlock sQLSelectQueryBlock) {
        SQLExpr where;
        if (sQLSelectQueryBlock.getInto() != null) {
            checkReadOnly(wallVisitor, sQLSelectQueryBlock.getInto());
        }
        if (!wallVisitor.getConfig().isSelectIntoAllow() && sQLSelectQueryBlock.getInto() != null) {
            addViolation(wallVisitor, sQLSelectQueryBlock);
            return;
        }
        if (!wallVisitor.getConfig().isSelectWhereAlwayTrueCheck() || (where = sQLSelectQueryBlock.getWhere()) == null) {
            return;
        }
        checkCondition(wallVisitor, sQLSelectQueryBlock.getWhere());
        if (Boolean.TRUE == getValue(where)) {
            if (where instanceof SQLBinaryOpExpr) {
                SQLBinaryOpExpr sQLBinaryOpExpr = (SQLBinaryOpExpr) where;
                if ((sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Equality || sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.NotEqual) && (sQLBinaryOpExpr.getLeft() instanceof SQLIntegerExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLIntegerExpr)) {
                    return;
                }
            }
            addViolation(wallVisitor, sQLSelectQueryBlock);
        }
    }

    public static void checkUnion(WallVisitor wallVisitor, SQLUnionQuery sQLUnionQuery) {
        if (wallVisitor.getConfig().isSelectUnionCheck()) {
            if (queryBlockFromIsNull(sQLUnionQuery.getLeft()) || queryBlockFromIsNull(sQLUnionQuery.getRight())) {
                addViolation(wallVisitor, sQLUnionQuery);
            }
        }
    }

    public static void checkUpdate(WallVisitor wallVisitor, SQLUpdateStatement sQLUpdateStatement) {
        checkReadOnly(wallVisitor, sQLUpdateStatement.getTableSource());
        if (!wallVisitor.getConfig().isUpdateAllow()) {
            addViolation(wallVisitor, sQLUpdateStatement);
            return;
        }
        if (wallVisitor.getConfig().isUpdateWhereAlayTrueCheck()) {
            if (sQLUpdateStatement.getWhere() == null || Boolean.TRUE == getValue(sQLUpdateStatement.getWhere())) {
                addViolation(wallVisitor, sQLUpdateStatement);
            } else {
                checkCondition(wallVisitor, sQLUpdateStatement.getWhere());
            }
        }
    }

    public static String form(String str) {
        if (str.startsWith("\"") && str.endsWith("\"")) {
            str = str.substring(1, str.length() - 1);
        }
        if (str.startsWith("`") && str.endsWith("`")) {
            str = str.substring(1, str.length() - 1);
        }
        return str.toLowerCase();
    }

    public static Object getValue(SQLExpr sQLExpr) {
        if (sQLExpr instanceof SQLBinaryOpExpr) {
            return getValue((SQLBinaryOpExpr) sQLExpr);
        }
        if (sQLExpr instanceof MySqlBooleanExpr) {
            return Boolean.valueOf(((MySqlBooleanExpr) sQLExpr).getValue());
        }
        if (sQLExpr instanceof SQLNumericLiteralExpr) {
            return ((SQLNumericLiteralExpr) sQLExpr).getNumber();
        }
        if (sQLExpr instanceof SQLCharExpr) {
            return ((SQLCharExpr) sQLExpr).getText();
        }
        if (sQLExpr instanceof SQLNCharExpr) {
            return ((SQLNCharExpr) sQLExpr).getText();
        }
        if (sQLExpr instanceof SQLNotExpr) {
            Object value = getValue(((SQLNotExpr) sQLExpr).getExpr());
            if (value instanceof Boolean) {
                return Boolean.valueOf(!((Boolean) value).booleanValue());
            }
        }
        if ((sQLExpr instanceof SQLQueryExpr) && isSimpleCountTableSource(((SQLQueryExpr) sQLExpr).getSubQuery())) {
            return 1;
        }
        if (sQLExpr instanceof SQLMethodInvokeExpr) {
            return getValue((SQLMethodInvokeExpr) sQLExpr);
        }
        return null;
    }

    public static Object getValue(SQLBinaryOpExpr sQLBinaryOpExpr) {
        sQLBinaryOpExpr.getLeft().setParent(sQLBinaryOpExpr);
        sQLBinaryOpExpr.getRight().setParent(sQLBinaryOpExpr);
        if ((sQLBinaryOpExpr.getLeft() instanceof SQLName) && (sQLBinaryOpExpr.getRight() instanceof SQLName) && sQLBinaryOpExpr.getLeft().toString().equalsIgnoreCase(sQLBinaryOpExpr.getRight().toString())) {
            if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Equality) {
                return Boolean.TRUE;
            }
            if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.NotEqual) {
                return Boolean.FALSE;
            }
            switch (sQLBinaryOpExpr.getOperator()) {
                case Equality:
                case Like:
                    return Boolean.TRUE;
                case NotEqual:
                case GreaterThan:
                case GreaterThanOrEqual:
                case LessThan:
                case LessThanOrEqual:
                case LessThanOrGreater:
                case NotLike:
                    return Boolean.FALSE;
            }
        }
        Object value = getValue(sQLBinaryOpExpr.getLeft());
        Object value2 = getValue(sQLBinaryOpExpr.getRight());
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.BooleanOr && (Boolean.TRUE == value || Boolean.TRUE == value2)) {
            return true;
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.BooleanAnd) {
            if (Boolean.FALSE == value || Boolean.FALSE == value2) {
                return false;
            }
            if (Boolean.TRUE == value && Boolean.TRUE == value2) {
                return true;
            }
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Like && (sQLBinaryOpExpr.getRight() instanceof SQLCharExpr)) {
            String text = ((SQLCharExpr) sQLBinaryOpExpr.getRight()).getText();
            if (text.length() >= 0) {
                for (char c : text.toCharArray()) {
                    if (c != '%') {
                        return null;
                    }
                }
                return true;
            }
        }
        if (value == null || value2 == null) {
            return null;
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Equality) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return true;
            }
            return Boolean.valueOf(value.equals(value2));
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.NotEqual || sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.LessThanOrGreater) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return false;
            }
            if (value == null || value2 == null) {
                return null;
            }
            return Boolean.valueOf(!value.equals(value2));
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.GreaterThan) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return false;
            }
            if (value == null || value2 == null) {
                return null;
            }
            if (value instanceof Comparable) {
                return Boolean.valueOf(((Comparable) value).compareTo(value2) > 0);
            }
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.GreaterThanOrEqual) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return false;
            }
            if (value == null || value2 == null) {
                return null;
            }
            if (value instanceof Comparable) {
                return Boolean.valueOf(((Comparable) value).compareTo(value2) >= 0);
            }
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.LessThan) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return false;
            }
            if (value == null || value2 == null) {
                return null;
            }
            if (value instanceof Comparable) {
                return Boolean.valueOf(((Comparable) value).compareTo(value2) < 0);
            }
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.LessThanOrEqual) {
            if ((sQLBinaryOpExpr.getLeft() instanceof SQLNullExpr) && (sQLBinaryOpExpr.getRight() instanceof SQLNullExpr)) {
                return false;
            }
            if (value == null || value2 == null) {
                return null;
            }
            if (value instanceof Comparable) {
                return Boolean.valueOf(((Comparable) value).compareTo(value2) <= 0);
            }
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Concat) {
            return value.toString() + value2.toString();
        }
        if (sQLBinaryOpExpr.getOperator() == SQLBinaryOperator.Add) {
            if (value == null || value2 == null) {
                return null;
            }
            if ((value instanceof String) || (value2 instanceof String)) {
                return value.toString() + value2.toString();
            }
            if ((value instanceof Number) || (value2 instanceof Number)) {
                return add((Number) value, (Number) value2);
            }
        }
        return null;
    }

    public static Object getValue(SQLMethodInvokeExpr sQLMethodInvokeExpr) {
        String methodName = sQLMethodInvokeExpr.getMethodName();
        if ("len".equalsIgnoreCase(methodName) || "length".equalsIgnoreCase(methodName)) {
            Object value = sQLMethodInvokeExpr.getParameters().size() > 0 ? getValue(sQLMethodInvokeExpr.getParameters().get(0)) : null;
            if (value instanceof String) {
                return Integer.valueOf(((String) value).length());
            }
        }
        if ("if".equalsIgnoreCase(methodName) && sQLMethodInvokeExpr.getParameters().size() == 3) {
            Object value2 = getValue(sQLMethodInvokeExpr.getParameters().get(0));
            if (Boolean.TRUE == value2) {
                return getValue(sQLMethodInvokeExpr.getParameters().get(1));
            }
            if (Boolean.FALSE == value2) {
                getValue(sQLMethodInvokeExpr.getParameters().get(2));
            }
        }
        if ("chr".equalsIgnoreCase(methodName) && sQLMethodInvokeExpr.getParameters().size() == 1) {
            Object value3 = getValue(sQLMethodInvokeExpr.getParameters().get(0));
            if (value3 instanceof Number) {
                return "" + ((char) ((Number) value3).intValue());
            }
        }
        if (!"concat".equalsIgnoreCase(methodName)) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        Iterator<SQLExpr> it = sQLMethodInvokeExpr.getParameters().iterator();
        while (it.hasNext()) {
            Object value4 = getValue(it.next());
            if (value4 == null) {
                return null;
            }
            stringBuffer.append(value4.toString());
        }
        return stringBuffer.toString();
    }

    public static boolean isSimpleCountTableSource(SQLSelect sQLSelect) {
        SQLSelectQuery query = sQLSelect.getQuery();
        if (query instanceof SQLSelectQueryBlock) {
            SQLSelectQueryBlock sQLSelectQueryBlock = (SQLSelectQueryBlock) query;
            boolean z = false;
            if (sQLSelectQueryBlock.getWhere() == null) {
                z = true;
            } else {
                Object value = getValue(sQLSelectQueryBlock.getWhere());
                if (value == Boolean.TRUE) {
                    z = true;
                } else if (value == Boolean.FALSE) {
                    return false;
                }
            }
            boolean z2 = false;
            if (sQLSelectQueryBlock.getSelectList().size() == 1) {
                SQLExpr expr = sQLSelectQueryBlock.getSelectList().get(0).getExpr();
                if ((expr instanceof SQLAggregateExpr) && ((SQLAggregateExpr) expr).getMethodName().equalsIgnoreCase("COUNT")) {
                    z2 = true;
                }
            }
            if (z && z2) {
                return true;
            }
        }
        return false;
    }

    public static boolean isSimpleCountTableSource(SQLTableSource sQLTableSource) {
        if (sQLTableSource instanceof SQLSubqueryTableSource) {
            return isSimpleCountTableSource(((SQLSubqueryTableSource) sQLTableSource).getSelect());
        }
        return false;
    }

    public static void loadResource(Set<String> set, String str) {
        try {
            Enumeration<URL> resources = Thread.currentThread().getContextClassLoader().getResources(str);
            while (resources.hasMoreElements()) {
                URL nextElement = resources.nextElement();
                InputStream inputStream = null;
                BufferedReader bufferedReader = null;
                try {
                    inputStream = nextElement.openStream();
                    BufferedReader bufferedReader2 = new BufferedReader(new InputStreamReader(inputStream));
                    while (true) {
                        try {
                            String readLine = bufferedReader2.readLine();
                            if (readLine == null) {
                                break;
                            }
                            String trim = readLine.trim();
                            if (trim.length() > 0) {
                                set.add(trim.toLowerCase());
                            }
                        } catch (Throwable th) {
                            th = th;
                            bufferedReader = bufferedReader2;
                            JdbcUtils.close(bufferedReader);
                            JdbcUtils.close(inputStream);
                            throw th;
                        }
                    }
                    nextElement.openStream();
                    JdbcUtils.close(bufferedReader2);
                    JdbcUtils.close(inputStream);
                } catch (Throwable th2) {
                    th = th2;
                }
            }
        } catch (IOException e) {
            LOG.error("load oracle permit tables errror", e);
        }
    }

    public static boolean queryBlockFromIsNull(SQLSelectQuery sQLSelectQuery) {
        if (sQLSelectQuery instanceof SQLSelectQueryBlock) {
            SQLSelectQueryBlock sQLSelectQueryBlock = (SQLSelectQueryBlock) sQLSelectQuery;
            SQLTableSource from = sQLSelectQueryBlock.getFrom();
            if (from == null) {
                return true;
            }
            if (from instanceof SQLExprTableSource) {
                SQLExpr expr = ((SQLExprTableSource) from).getExpr();
                if ((expr instanceof SQLName) && form(expr.toString()).equalsIgnoreCase("DUAL")) {
                    return true;
                }
            }
            if (sQLSelectQueryBlock.getSelectList().size() == 1 && (sQLSelectQueryBlock.getSelectList().get(0).getExpr() instanceof SQLAllColumnExpr) && (from instanceof SQLSubqueryTableSource) && queryBlockFromIsNull(((SQLSubqueryTableSource) from).getSelect().getQuery())) {
                return true;
            }
            boolean z = true;
            Iterator<SQLSelectItem> it = sQLSelectQueryBlock.getSelectList().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (getValue(it.next().getExpr()) == null) {
                    z = false;
                    break;
                }
            }
            if (z) {
                return true;
            }
        }
        return false;
    }
}
