package com.cory.web.controller.base;

import com.cory.service.SqlService;
import com.cory.util.AssertUtils;
import com.cory.util.systemconfigcache.SystemConfigCacheUtil;
import com.cory.web.controller.BaseController;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/ajax/base/sql/"})
@RestController
/* loaded from: input_file:com/cory/web/controller/base/SqlController.class */
public class SqlController extends BaseController {
    private static final String PASSWORD_KEY = "sql_password";

    @Autowired
    private SqlService sqlService;

    @PostMapping(value = {"execute"}, params = {"type=ddl"})
    public boolean customDDLSql(String str, String str2) {
        checkSql(str2, true);
        checkPassword(str);
        return this.sqlService.customDDLSql(str2);
    }

    @PostMapping(value = {"execute"}, params = {"type=execute"})
    public int customExecuteSql(String str, String str2) {
        checkSql(str2, true);
        checkPassword(str);
        return this.sqlService.customExecuteSql(str2);
    }

    @PostMapping(value = {"execute"}, params = {"type=query"})
    public List<Map<String, Object>> customQuerySql(String str, String str2) {
        checkSql(str2, false);
        checkPassword(str);
        return this.sqlService.customQuerySql(str2);
    }

    private void checkSql(String str, boolean z) {
        AssertUtils.hasText(str, "sql不能为空");
        if (z) {
            return;
        }
        AssertUtils.isTrue(!str.contains(";"), "sql只能为单条，不能为多条");
    }

    private void checkPassword(String str) {
        AssertUtils.hasText(str, "密码不正确");
        AssertUtils.isTrue(StringUtils.equals(str, SystemConfigCacheUtil.getCache(PASSWORD_KEY)), "密码不正确");
    }
}
