package com.yonyou.uap.tenant.web.controller;

import com.yonyou.uap.tenant.entity.UserPermission;
import com.yonyou.uap.tenant.service.itf.IAuthResService;
import com.yonyou.uap.tenant.service.itf.ITenantRes;
import com.yonyou.uap.tenant.service.itf.ITenantUserService;
import com.yonyou.uap.tenant.service.itf.IUserPermissionService;
import com.yonyou.uap.tenant.utils.AuthInfo;
import com.yonyou.uap.tenant.utils.DateUtils;
import com.yonyou.uap.tenant.utils.IDGenerator;
import com.yonyou.uap.tenant.utils.JsonResponse;
import com.yonyou.uap.tenant.utils.securitylog.AuthSecurityLogUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"auth"})
@Controller
/* loaded from: input_file:WEB-INF/classes/com/yonyou/uap/tenant/web/controller/UserPermissionController.class */
public class UserPermissionController {

    @Autowired
    private IAuthResService authResService;

    @Autowired
    private IUserPermissionService userPermissionService;

    @Autowired
    private ITenantRes tenantResService;

    @Autowired
    private ITenantUserService userService;

    @Autowired
    private AuthSecurityLogUtils authSecurityLogUtils;
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @RequestMapping(value = {"authlist"}, method = {RequestMethod.GET})
    @ResponseBody
    public JsonResponse getAuthList(ServletRequest servletRequest) {
        List<AuthInfo> authInfo;
        JsonResponse jsonResponse = new JsonResponse();
        String parameter = servletRequest.getParameter("tenantId");
        String parameter2 = servletRequest.getParameter("systemId");
        if (StringUtils.isBlank(parameter)) {
            jsonResponse.failed("当前租户不能为空");
            return jsonResponse;
        }
        String resId = this.authResService.getResId(parameter2);
        if (StringUtils.isNotBlank(parameter2) && StringUtils.isBlank(resId)) {
            return jsonResponse.failedWithReturn("租户未购买该应用");
        }
        new ArrayList();
        if (StringUtils.isNotBlank(resId)) {
            try {
                if (this.tenantResService.getTenantRes(parameter, resId) == null) {
                    return jsonResponse.failedWithReturn("租户未购买该应用");
                }
                authInfo = this.authResService.getAuthInfo(parameter, resId);
            } catch (Exception e) {
                jsonResponse.failed("查询出错");
                this.logger.error(e.getMessage(), (Throwable) e);
                return jsonResponse;
            }
        } else {
            try {
                authInfo = this.authResService.getAuthInfo(parameter);
            } catch (Exception e2) {
                jsonResponse.failed("查询出错");
                this.logger.error(e2.getMessage(), (Throwable) e2);
                return jsonResponse;
            }
        }
        sortList(authInfo);
        jsonResponse.put("authInfos", authInfo);
        return jsonResponse;
    }

    @RequestMapping(value = {"batchauth"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse batchAuth(HttpServletRequest httpServletRequest, @RequestParam("tenantId") String str, @RequestParam("cuser") String str2) {
        JsonResponse jsonResponse = new JsonResponse();
        if (StringUtils.isBlank(str)) {
            return jsonResponse.failedWithReturn("当前租户不能为空");
        }
        if (StringUtils.isBlank(str2)) {
            return jsonResponse.failedWithReturn("授权人不能为空");
        }
        String[] parameterValues = httpServletRequest.getParameterValues("userId[]");
        String[] parameterValues2 = httpServletRequest.getParameterValues("resId[]");
        if (parameterValues == null || parameterValues.length == 0) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        if (parameterValues2 == null || parameterValues2.length == 0) {
            return jsonResponse.failedWithReturn("应用不能为空");
        }
        List<UserPermission> generateUserPermission = generateUserPermission(parameterValues, parameterValues2, str2, str);
        try {
            this.userPermissionService.save(generateUserPermission);
            this.authSecurityLogUtils.onBatchAuthSuccess(httpServletRequest, generateUserPermission);
            jsonResponse.success();
            return jsonResponse;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            this.authSecurityLogUtils.onBatchAuthFailed(httpServletRequest, e.getMessage());
            return jsonResponse.failedWithReturn("授权出错");
        }
    }

    private List<UserPermission> generateUserPermission(String[] strArr, String[] strArr2, String str, String str2) {
        Map<String, String> userCodeMap = this.userService.getUserCodeMap(strArr);
        Map<String, Set<String>> userPermissionMap = this.userPermissionService.getUserPermissionMap(strArr);
        ArrayList arrayList = new ArrayList();
        String currectTime = DateUtils.getCurrectTime();
        for (String str3 : strArr) {
            Set<String> set = userPermissionMap.get(str3);
            for (String str4 : strArr2) {
                if (set == null || !set.contains(str4)) {
                    UserPermission userPermission = new UserPermission();
                    userPermission.setAuthorizerId(str);
                    userPermission.setId(IDGenerator.generate());
                    userPermission.setResId(str4);
                    userPermission.setResCode(this.authResService.getResCode(str4));
                    userPermission.setTenantId(str2);
                    userPermission.setUserId(str3);
                    userPermission.setUserCode(userCodeMap.get(str3));
                    userPermission.setAuthTime(currectTime);
                    arrayList.add(userPermission);
                }
            }
        }
        return arrayList;
    }

    @RequestMapping(value = {"auth"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse auth(HttpServletRequest httpServletRequest, @RequestParam("tenantId") String str, @RequestParam("cuser") String str2, @RequestParam String str3) {
        JsonResponse jsonResponse = new JsonResponse();
        if (StringUtils.isBlank(str)) {
            return jsonResponse.failedWithReturn("当前租户不能为空");
        }
        if (StringUtils.isBlank(str2)) {
            return jsonResponse.failedWithReturn("授权人不能为空");
        }
        if (StringUtils.isBlank(str3)) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        String[] parameterValues = httpServletRequest.getParameterValues("resId[]");
        Set<String> set = this.userPermissionService.getUserPermissionMap(new String[]{str3}).get(str3);
        if (set == null) {
            set = new HashSet();
        }
        HashSet hashSet = parameterValues == null ? new HashSet() : new HashSet(Arrays.asList(parameterValues));
        HashSet hashSet2 = new HashSet();
        hashSet2.addAll(hashSet);
        hashSet2.removeAll(set);
        HashSet hashSet3 = new HashSet();
        hashSet3.addAll(set);
        hashSet3.removeAll(hashSet);
        List<UserPermission> generateUserPermission = generateUserPermission(str3, (String[]) hashSet2.toArray(new String[0]), str2, str);
        try {
            this.userPermissionService.save(generateUserPermission);
            this.authSecurityLogUtils.onBatchAuthSuccess(httpServletRequest, generateUserPermission);
            if (hashSet3.size() > 0) {
                try {
                    this.userPermissionService.delUserPermission(str3, (String[]) hashSet3.toArray(new String[0]));
                    this.authSecurityLogUtils.onBatchUnAuthSuccess(httpServletRequest, str3, (String[]) hashSet3.toArray(new String[0]));
                } catch (Exception e) {
                    this.logger.error(e.getMessage(), (Throwable) e);
                    this.authSecurityLogUtils.onBatchUnAuthFailed(httpServletRequest, e.getMessage());
                    return jsonResponse.failedWithReturn("删除出错");
                }
            }
            jsonResponse.success();
            return jsonResponse;
        } catch (Exception e2) {
            this.logger.error(e2.getMessage(), (Throwable) e2);
            this.authSecurityLogUtils.onAuthFailed(httpServletRequest, e2.getMessage());
            return jsonResponse.failedWithReturn("授权出错");
        }
    }

    private List<UserPermission> generateUserPermission(String str, String[] strArr, String str2, String str3) {
        Map<String, String> userCodeMap = this.userService.getUserCodeMap(new String[]{str});
        ArrayList arrayList = new ArrayList();
        String currectTime = DateUtils.getCurrectTime();
        for (String str4 : strArr) {
            UserPermission userPermission = new UserPermission();
            userPermission.setAuthorizerId(str2);
            userPermission.setId(IDGenerator.generate());
            userPermission.setResId(str4);
            userPermission.setResCode(this.authResService.getResCode(str4));
            userPermission.setTenantId(str3);
            userPermission.setUserId(str);
            userPermission.setUserCode(userCodeMap.get(str));
            userPermission.setAuthTime(currectTime);
            arrayList.add(userPermission);
        }
        return arrayList;
    }

    @RequestMapping(value = {"userauthinfo"}, method = {RequestMethod.GET})
    @ResponseBody
    public JsonResponse getUserAuthInfo(HttpServletRequest httpServletRequest, @RequestParam String str, @RequestParam String str2) {
        JsonResponse jsonResponse = new JsonResponse();
        if (StringUtils.isBlank(str)) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        if (StringUtils.isBlank(str2)) {
            return jsonResponse.failedWithReturn("租户不能为空");
        }
        try {
            List<AuthInfo> authInfo = this.authResService.getAuthInfo(str2);
            Set<String> set = this.userPermissionService.getUserPermissionMap(new String[]{str}).get(str);
            if (set != null) {
                for (AuthInfo authInfo2 : authInfo) {
                    if (set.contains(authInfo2.getResId())) {
                        authInfo2.setAuth(true);
                    }
                }
            }
            sortList(authInfo);
            jsonResponse.successWithData("auths", authInfo);
            return jsonResponse;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            return jsonResponse.failedWithReturn("查询出错");
        }
    }

    public List<AuthInfo> sortList(List<AuthInfo> list) {
        Collections.sort(list, new Comparator<AuthInfo>() { // from class: com.yonyou.uap.tenant.web.controller.UserPermissionController.1
            @Override // java.util.Comparator
            public int compare(AuthInfo authInfo, AuthInfo authInfo2) {
                return authInfo.getAuthCount() < authInfo2.getAuthCount() ? 1 : -1;
            }
        });
        return list;
    }

    @RequestMapping(value = {"batchunauth"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse batchUnAuth(HttpServletRequest httpServletRequest) {
        JsonResponse jsonResponse = new JsonResponse();
        String[] parameterValues = httpServletRequest.getParameterValues("userId[]");
        String[] parameterValues2 = httpServletRequest.getParameterValues("resId[]");
        if (parameterValues == null || parameterValues.length == 0) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        if (parameterValues2 == null || parameterValues2.length == 0) {
            return jsonResponse.failedWithReturn("应用不能为空");
        }
        try {
            this.userPermissionService.batchUnAuth(parameterValues, parameterValues2);
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            this.authSecurityLogUtils.onBatchAuthFailed(httpServletRequest, e.getMessage());
            jsonResponse.failed("取消授权出错");
        }
        this.authSecurityLogUtils.onBatchUnAuthSuccess(httpServletRequest, parameterValues, parameterValues2);
        jsonResponse.success();
        return jsonResponse;
    }

    @RequestMapping(value = {"authone"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse authOne(HttpServletRequest httpServletRequest, @RequestParam("tenantId") String str, @RequestParam("cuser") String str2, @RequestParam String str3) {
        JsonResponse jsonResponse = new JsonResponse();
        if (StringUtils.isBlank(str)) {
            return jsonResponse.failedWithReturn("当前租户不能为空");
        }
        if (StringUtils.isBlank(str2)) {
            return jsonResponse.failedWithReturn("授权人不能为空");
        }
        if (StringUtils.isBlank(str3)) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        String parameter = httpServletRequest.getParameter("resId");
        Set<String> set = this.userPermissionService.getUserPermissionMap(new String[]{str3}).get(str3);
        if (set != null && set.contains(parameter)) {
            this.authSecurityLogUtils.onAuthFailed(httpServletRequest, "已经授权:userId:" + str3 + ",resId:" + parameter);
            return jsonResponse.failedWithReturn("已经授权");
        }
        List<UserPermission> generateUserPermission = generateUserPermission(str3, new String[]{parameter}, str2, str);
        try {
            this.userPermissionService.save(generateUserPermission);
            this.authSecurityLogUtils.onAuthSuccess(httpServletRequest, generateUserPermission.get(0));
            jsonResponse.success();
            return jsonResponse;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            this.authSecurityLogUtils.onAuthFailed(httpServletRequest, e.getMessage());
            return jsonResponse.failedWithReturn("授权出错");
        }
    }

    @RequestMapping(value = {"unauthone"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse unAuthOne(HttpServletRequest httpServletRequest, @RequestParam String str, @RequestParam String str2) {
        JsonResponse jsonResponse = new JsonResponse();
        if (StringUtils.isBlank(str)) {
            return jsonResponse.failedWithReturn("用户不能为空");
        }
        try {
            this.userPermissionService.delUserPermission(str, new String[]{str2});
            this.authSecurityLogUtils.onUnAuthSuccess(httpServletRequest, str, str2);
            jsonResponse.success();
            return jsonResponse;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            this.authSecurityLogUtils.onUnAuthFailed(httpServletRequest, e.getMessage());
            return jsonResponse.failedWithReturn("取消授权出错");
        }
    }
}
