package org.september.pisces.user.permission.service;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.september.core.component.ApplicationContextHolder;
import org.september.core.exception.BusinessException;
import org.september.core.util.MD5;
import org.september.core.util.PasswordUtil;
import org.september.pisces.user.permission.entity.RolePermission;
import org.september.pisces.user.permission.entity.SystemRole;
import org.september.pisces.user.permission.entity.SystemUser;
import org.september.pisces.user.permission.utils.EncryptUtil;
import org.september.pisces.user.permission.utils.UserSessionHelper;
import org.september.pisces.user.permission.vo.PermissionTreeNode;
import org.september.simpleweb.utils.IpUtils;
import org.september.smartdao.CommonDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;

@Service
/* loaded from: input_file:org/september/pisces/user/permission/service/SystemUserService.class */
public class SystemUserService {

    @Autowired
    private CommonDao dao;

    @Autowired
    private OperationLogService operationLogService;

    @Autowired
    private UserPwdErrorCheckService userPwdErrorCheckService;

    public SystemUser login(String str, String str2, boolean z) {
        String ipAddr = IpUtils.getIpAddr(RequestContextHolder.getRequestAttributes().getRequest());
        SystemUser userByUserName = getUserByUserName(str);
        if (userByUserName == null) {
            this.userPwdErrorCheckService.checkPwdErrorLimits(ipAddr);
            throw new BusinessException("用户不存在");
        }
        try {
            if (str2.endsWith("==")) {
                str2 = EncryptUtil.decrypt(str2);
            }
            if (!MD5.md5WithDefaultSalt(str2).equals(userByUserName.getPassword())) {
                this.userPwdErrorCheckService.checkPwdErrorLimits(ipAddr);
            }
            if (z) {
                userByUserName.setToken(TokenSessionManager.addSessionUser(userByUserName));
            } else {
                UserSessionHelper.setLoginUser(userByUserName);
            }
            this.userPwdErrorCheckService.pass(ipAddr);
            if ("superadmin".equals(userByUserName.getUsername())) {
                Iterator<PermissionTreeNode> it = ((PiscesPermissionService) ApplicationContextHolder.getContext().getBean(PiscesPermissionService.class)).getAllPermissions().iterator();
                while (it.hasNext()) {
                    userByUserName.getPermitUrlList().addAll(it.next().getResource());
                }
            } else {
                Iterator<RolePermission> it2 = getPermissionOfUser(userByUserName.getId().longValue()).iterator();
                while (it2.hasNext()) {
                    userByUserName.getPermitUrlList().add(it2.next().getResource());
                }
            }
            return userByUserName;
        } catch (Exception e) {
            throw new BusinessException("密码验证错误", e);
        }
    }

    public void doResetMyPwd(Long l, String str, String str2, String str3) throws Exception {
        if (StringUtils.isEmpty(str)) {
            throw new BusinessException("旧密码不能为空");
        }
        if (StringUtils.isEmpty(str2)) {
            throw new BusinessException("新密码不能为空");
        }
        if (StringUtils.isEmpty(str3)) {
            throw new BusinessException("确认密码不能为空");
        }
        String decrypt = EncryptUtil.decrypt(str);
        String decrypt2 = EncryptUtil.decrypt(str2);
        String decrypt3 = EncryptUtil.decrypt(str3);
        if (!PasswordUtil.isComplexPwd(decrypt2)) {
            throw new BusinessException("密码不能少于8位，且包含数字，大写字母，小写字母，特殊字符中任意两种组合");
        }
        if (!StringUtils.pathEquals(decrypt2, decrypt3)) {
            throw new BusinessException("两次输入的密码不一样");
        }
        if (StringUtils.pathEquals(decrypt, decrypt2)) {
            throw new BusinessException("新密码不能和旧密码一致");
        }
        SystemUser systemUser = (SystemUser) this.dao.get(SystemUser.class, l);
        if (!StringUtils.pathEquals(MD5.md5WithDefaultSalt(decrypt), systemUser.getPassword())) {
            throw new BusinessException("旧密码错误");
        }
        systemUser.setPassword(MD5.md5WithDefaultSalt(decrypt2));
        this.dao.update(systemUser);
        this.operationLogService.addLog("修改了用户【" + systemUser.getUsername() + "】的密码");
    }

    public List<SystemRole> getRolesOfUser(long j) {
        SystemUser systemUser = (SystemUser) this.dao.get(SystemUser.class, Long.valueOf(j));
        ArrayList arrayList = new ArrayList();
        if (StringUtils.hasText(systemUser.getRoleIds())) {
            for (String str : systemUser.getRoleIds().split(";")) {
                if (StringUtils.hasText(str)) {
                    arrayList.add(Long.valueOf(str));
                }
            }
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        return this.dao.listByIds(SystemRole.class, arrayList);
    }

    public List<RolePermission> getPermissionOfUser(long j) {
        ArrayList arrayList = new ArrayList();
        List<SystemRole> rolesOfUser = getRolesOfUser(j);
        if (rolesOfUser == null || rolesOfUser.isEmpty()) {
            return arrayList;
        }
        for (SystemRole systemRole : rolesOfUser) {
            RolePermission rolePermission = new RolePermission();
            rolePermission.setRoleId(systemRole.getId());
            arrayList.addAll(this.dao.listByExample(rolePermission));
        }
        return arrayList;
    }

    public List<RolePermission> getPermissionOfRole(long j) {
        RolePermission rolePermission = new RolePermission();
        rolePermission.setRoleId(Long.valueOf(j));
        return this.dao.listByExample(rolePermission);
    }

    public SystemUser getUserByUserName(String str) {
        SystemUser systemUser = new SystemUser();
        systemUser.setUsername(str);
        systemUser.setDeleteFlag(0);
        return (SystemUser) this.dao.getByExample(systemUser);
    }

    public void addUser(SystemUser systemUser) {
        if (!PasswordUtil.isComplexPwd(systemUser.getPassword())) {
            throw new BusinessException("密码长度至少8位，且包含数字，大写字母，小写字母，特殊字符中任意两种组合!");
        }
        systemUser.setPassword(MD5.md5WithDefaultSalt(systemUser.getPassword()));
        this.dao.save(systemUser);
    }
}
