package com.centit.framework.system.controller;

import com.alibaba.fastjson.JSONArray;
import com.centit.framework.common.JsonResultUtils;
import com.centit.framework.common.ResponseData;
import com.centit.framework.common.ResponseMapData;
import com.centit.framework.common.ResponseSingleData;
import com.centit.framework.common.ViewDataTransform;
import com.centit.framework.common.WebOptUtils;
import com.centit.framework.components.CodeRepositoryUtil;
import com.centit.framework.components.SysUserFilterEngine;
import com.centit.framework.core.controller.BaseController;
import com.centit.framework.core.dao.DictionaryMapUtils;
import com.centit.framework.model.adapter.PlatformEnvironment;
import com.centit.framework.model.basedata.IOptInfo;
import com.centit.framework.security.SecurityContextUtils;
import com.centit.framework.security.model.CentitUserDetails;
import com.centit.support.algorithm.StringBaseOpt;
import com.centit.support.image.CaptchaImageUtil;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.jetty.http.HttpHeaderValues;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.view.UrlBasedViewResolver;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/framework-core-web-4.1-SNAPSHOT.jar:com/centit/framework/system/controller/MainFrameController.class
 */
@RequestMapping({"/mainframe"})
@Controller
/* loaded from: input_file:WEB-INF/lib/framework-core-4.0.4.jar:com/centit/framework/system/controller/MainFrameController.class */
public class MainFrameController extends BaseController {
    public static final String ENTRANCE_TYPE = "ENTRANCE_TYPE";
    public static final String NORMAL_LOGIN = "NORMAL";
    public static final String DEPLOY_LOGIN = "DEPLOY";
    public static final String LOGIN_AUTH_ERROR_MSG = "LOGIN_ERROR_MSG";
    private static String optId = "mainframe";

    @Resource
    protected CsrfTokenRepository csrfTokenRepository;

    @Resource
    protected PlatformEnvironment platformEnvironment;

    @Value("${deploy.enabled}")
    private boolean deploy;

    @Value("${cas.sso}")
    private boolean useCas;

    @Value("${local.home}")
    private String localHome;

    @Value("${cas.home}")
    private String casHome;

    @Value("${local.firstpage}")
    private String firstpage;

    @RequestMapping({"/index"})
    public String index(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        return "sys/index";
    }

    @RequestMapping({"/logincas"})
    public String logincas(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        return UrlBasedViewResolver.REDIRECT_URL_PREFIX + this.firstpage;
    }

    @RequestMapping({DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL})
    public String login(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (WebOptUtils.isAjax(httpServletRequest)) {
            return "redirect:/system/exception/error/401";
        }
        httpSession.setAttribute(ENTRANCE_TYPE, NORMAL_LOGIN);
        return this.useCas ? "redirect:/system/mainframe/logincas" : "sys/login";
    }

    @RequestMapping({"/loginasadmin"})
    public String loginAsAdmin(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (WebOptUtils.isAjax(httpServletRequest)) {
            return "redirect:/system/exception/error/401";
        }
        if (this.deploy) {
            httpSession.setAttribute(ENTRANCE_TYPE, DEPLOY_LOGIN);
        }
        return this.useCas ? "redirect:/system/mainframe/logincas" : "sys/login";
    }

    @RequestMapping({"/login/error"})
    public String loginError(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        AuthenticationException authenticationException = (AuthenticationException) httpSession.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
        if (authenticationException != null) {
            httpSession.setAttribute(LOGIN_AUTH_ERROR_MSG, authenticationException.getMessage());
        }
        return login(httpServletRequest, httpSession);
    }

    @RequestMapping({"/logout"})
    public String logout(HttpSession httpSession) {
        httpSession.setAttribute(ENTRANCE_TYPE, NORMAL_LOGIN);
        httpSession.removeAttribute(LOGIN_AUTH_ERROR_MSG);
        if (!this.useCas) {
            return "redirect:/logout";
        }
        httpSession.invalidate();
        return UrlBasedViewResolver.REDIRECT_URL_PREFIX + this.casHome + "/logout?service=" + this.localHome + "/system/mainframe/index";
    }

    @RequestMapping(value = {"/changepwd"}, method = {RequestMethod.PUT})
    public void changepassword(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeErrorMessageJson("用户没有登录，不能修改密码！", httpServletResponse);
        } else if (!this.platformEnvironment.checkUserPassword(loginUser.getUserInfo().getUserCode(), str)) {
            JsonResultUtils.writeErrorMessageJson("用户输入的密码错误，不能修改密码！", httpServletResponse);
        } else {
            this.platformEnvironment.changeUserPassword(loginUser.getUserInfo().getUserCode(), str2);
            JsonResultUtils.writeSuccessJson(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/checkpwd"}, method = {RequestMethod.POST})
    public void checkpassword(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeErrorMessageJson("用户没有登录，不能修改密码！", httpServletResponse);
        } else {
            JsonResultUtils.writeOriginalObject(Boolean.valueOf(this.platformEnvironment.checkUserPassword(loginUser.getUserInfo().getUserCode(), str)), httpServletResponse);
        }
    }

    @RequestMapping(value = {"/loginasclient"}, method = {RequestMethod.POST})
    public void loginAsClient(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, Object> collectRequestParameters = collectRequestParameters(httpServletRequest);
        String objectToString = StringBaseOpt.objectToString(collectRequestParameters.get(CodeRepositoryUtil.USER_CODE));
        String objectToString2 = StringBaseOpt.objectToString(collectRequestParameters.get("password"));
        CentitUserDetails loadUserDetailsByUserCode = this.platformEnvironment.loadUserDetailsByUserCode(objectToString);
        if (loadUserDetailsByUserCode == null) {
            JsonResultUtils.writeErrorMessageJson("用户： " + objectToString + "不存在。", httpServletResponse);
            return;
        }
        if (!this.platformEnvironment.checkUserPassword(loadUserDetailsByUserCode.getUserInfo().getUserCode(), objectToString2)) {
            JsonResultUtils.writeErrorMessageJson("用户 名和密码不匹配。", httpServletResponse);
            return;
        }
        String registerUserToken = SecurityContextUtils.registerUserToken(loadUserDetailsByUserCode);
        ResponseMapData responseMapData = new ResponseMapData();
        responseMapData.addResponseData("accessToken", registerUserToken);
        JsonResultUtils.writeResponseDataAsJson(responseMapData, httpServletResponse);
    }

    @RequestMapping(value = {"/login/csrf"}, method = {RequestMethod.GET})
    public void getLoginCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.csrfTokenRepository == null) {
            JsonResultUtils.writeErrorMessageJson("Bean csrfTokenRepository not found!", httpServletResponse);
            return;
        }
        CsrfToken loadToken = this.csrfTokenRepository.loadToken(httpServletRequest);
        if (loadToken == null) {
            loadToken = this.csrfTokenRepository.generateToken(httpServletRequest);
            this.csrfTokenRepository.saveToken(loadToken, httpServletRequest, httpServletResponse);
        }
        httpServletResponse.setHeader("_csrf_parameter", loadToken.getParameterName());
        httpServletResponse.setHeader("_csrf_header", loadToken.getHeaderName());
        httpServletResponse.setHeader("_csrf", loadToken.getToken());
        JsonResultUtils.writeSingleDataJson(loadToken, httpServletResponse);
    }

    @RequestMapping(value = {"/csrf"}, method = {RequestMethod.GET})
    public void getCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        getLoginCsrfToken(httpServletRequest, httpServletResponse);
    }

    @RequestMapping(value = {"/captchaimage"}, method = {RequestMethod.GET})
    public void captchaImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String randomString = CaptchaImageUtil.getRandomString();
        httpServletRequest.getSession().setAttribute(CaptchaImageUtil.SESSIONCHECKCODE, randomString);
        httpServletResponse.setHeader("Cache-Control", HttpHeaderValues.NO_CACHE);
        JsonResultUtils.writeOriginalImage(CaptchaImageUtil.generateCaptchaImage(randomString), httpServletResponse);
    }

    @RequestMapping(value = {"/login/captchaimage"}, method = {RequestMethod.GET})
    public void loginCaptchaImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        captchaImage(httpServletRequest, httpServletResponse);
    }

    @RequestMapping(value = {"/checkcaptcha/{checkcode}"}, method = {RequestMethod.GET})
    public void checkCaptchaImage(@PathVariable String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Boolean valueOf = Boolean.valueOf(StringUtils.equals(str, StringBaseOpt.objectToString(httpServletRequest.getSession().getAttribute(CaptchaImageUtil.SESSIONCHECKCODE))));
        httpServletRequest.getSession().setAttribute("ajaxCheckCaptchaResult", valueOf);
        JsonResultUtils.writeOriginalObject(valueOf, httpServletResponse);
    }

    @RequestMapping({"/currentuserinfo"})
    public void getCurrentUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeMessageAndData("No user login on current session!", httpServletRequest.getSession().getId(), httpServletResponse);
        } else {
            JsonResultUtils.writeSingleDataJson(loginUser.getUserInfo(), httpServletResponse);
        }
    }

    @RequestMapping({"/currentuser"})
    public void getCurrentUserDetails(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeMessageAndData("No user login on current session!", httpServletRequest.getSession().getId(), httpServletResponse);
        } else {
            JsonResultUtils.writeSingleDataJson(loginUser, httpServletResponse);
        }
    }

    @RequestMapping({"/hasLogin"})
    public void hasLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeAjaxErrorMessage(401, "用户没有登录，请登录！", httpServletResponse);
        } else {
            JsonResultUtils.writeSingleDataJson(loginUser, httpServletResponse);
        }
    }

    private JSONArray makeMenuFuncsJson(List<? extends IOptInfo> list) {
        return ViewDataTransform.makeTreeViewJson(list, ViewDataTransform.createStringHashMap("id", CodeRepositoryUtil.OPT_ID, "pid", "preOptId", "text", "optName", "url", "optRoute", "icon", "icon", "children", "children", "isInToolbar", "isInToolbar"), (jSONObject, iOptInfo) -> {
            jSONObject.put("external", (Object) Boolean.valueOf(!SysUserFilterEngine.USER_FILTER_DEPARTMENT.equals(iOptInfo.getPageType())));
        });
    }

    @RequestMapping(value = {"/menu"}, method = {RequestMethod.GET})
    public void getMenu(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = super.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeAjaxErrorMessage(302, "用户没有登录，请登录！", httpServletResponse);
        } else {
            Object attribute = httpServletRequest.getSession().getAttribute(ENTRANCE_TYPE);
            JsonResultUtils.writeSingleDataJson(makeMenuFuncsJson(this.platformEnvironment.listUserMenuOptInfos(loginUser.getUserInfo().getUserCode(), attribute != null && DEPLOY_LOGIN.equals(attribute.toString()))), httpServletResponse);
        }
    }

    @RequestMapping(value = {"/submenu"}, method = {RequestMethod.GET})
    public void getMenuUnderOptId(@RequestParam(value = "optid", required = false) String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = super.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeAjaxErrorMessage(302, "用户没有登录，请登录！", httpServletResponse);
        } else {
            Object attribute = httpServletRequest.getSession().getAttribute(ENTRANCE_TYPE);
            JsonResultUtils.writeSingleDataJson(makeMenuFuncsJson(this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(loginUser.getUserInfo().getUserCode(), str, attribute != null && DEPLOY_LOGIN.equals(attribute.toString()))), httpServletResponse);
        }
    }

    @RequestMapping(value = {"/getMenu/{userCode}"}, method = {RequestMethod.GET})
    public void getMemuByUsercode(@PathVariable String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        JsonResultUtils.writeSingleDataJson(makeMenuFuncsJson(this.platformEnvironment.listUserMenuOptInfos(str, false)), httpServletResponse);
    }

    @RequestMapping(value = {"/expired"}, method = {RequestMethod.GET})
    public String sessionExpired(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!WebOptUtils.isAjax(httpServletRequest)) {
            return "exception/timeout";
        }
        JsonResultUtils.writeErrorMessageJson(ResponseData.ERROR_SESSION_TIMEOUT, "session超时，请重新登录。", httpServletResponse);
        return null;
    }

    @GetMapping({"/userpositions"})
    public void listCurrentUserUnits(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeErrorMessageJson(ResponseData.ERROR_SESSION_TIMEOUT, "用户没有登录或者超时，请重新登录。", httpServletResponse);
        } else {
            JsonResultUtils.writeSingleDataJson(DictionaryMapUtils.objectsToJSONArray(loginUser.getUserInfo().getUserUnits()), httpServletResponse);
        }
    }

    @GetMapping({"/usercurrposition"})
    public void getUserCurrentStaticn(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeErrorMessageJson(ResponseData.ERROR_SESSION_TIMEOUT, "用户没有登录或者超时，请重新登录。", httpServletResponse);
        } else {
            JsonResultUtils.writeSingleDataJson(DictionaryMapUtils.objectToJSON(loginUser.getCurrentStation()), httpServletResponse);
        }
    }

    @PutMapping({"/setuserposition/{userUnitId}"})
    public void setUserCurrentStaticn(@PathVariable String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            JsonResultUtils.writeErrorMessageJson(ResponseData.ERROR_SESSION_TIMEOUT, "用户没有登录或者超时，请重新登录。", httpServletResponse);
        } else {
            loginUser.setCurrentStation(str);
            JsonResultUtils.writeSuccessJson(httpServletResponse);
        }
    }

    @RequestMapping(value = {"/checkuserpower/{optId}/{method}"}, method = {RequestMethod.GET})
    public void checkUserOptPower(@PathVariable String str, @PathVariable String str2, HttpServletResponse httpServletResponse) {
        JsonResultUtils.writeSingleDataJson(Boolean.valueOf(CodeRepositoryUtil.checkUserOptPower(str, str2).booleanValue()), httpServletResponse);
    }

    @GetMapping({"userranks/{rank}"})
    @ResponseBody
    public ResponseData listUserUnitsByRank(@PathVariable String str, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser();
        return loginUser == null ? new ResponseSingleData("用户没有登录或者超时，请重新登录") : ResponseSingleData.makeResponseData(DictionaryMapUtils.objectsToJSONArray(CodeRepositoryUtil.listUserUnitsByRank(loginUser.getUserCode(), str)));
    }

    @GetMapping({"userstations/{station}"})
    @ResponseBody
    public ResponseData listUserUnitsByStation(@PathVariable String str, HttpServletResponse httpServletResponse) {
        CentitUserDetails loginUser = WebOptUtils.getLoginUser();
        return loginUser == null ? new ResponseSingleData("用户没有登录或者超时，请重新登录") : ResponseSingleData.makeResponseData(DictionaryMapUtils.objectsToJSONArray(CodeRepositoryUtil.listUserUnitsByStation(loginUser.getUserCode(), str)));
    }
}
