package com.centit.framework.system.controller;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.centit.framework.common.ResponseData;
import com.centit.framework.common.ResponseSingleData;
import com.centit.framework.common.ViewDataTransform;
import com.centit.framework.common.WebOptUtils;
import com.centit.framework.components.CodeRepositoryUtil;
import com.centit.framework.components.SysUnitFilterEngine;
import com.centit.framework.components.SysUserFilterEngine;
import com.centit.framework.components.impl.UserUnitMapTranslate;
import com.centit.framework.core.controller.BaseController;
import com.centit.framework.core.controller.WrapUpContentType;
import com.centit.framework.core.controller.WrapUpResponseBody;
import com.centit.framework.core.dao.DictionaryMapUtils;
import com.centit.framework.model.adapter.PlatformEnvironment;
import com.centit.framework.model.basedata.IOptInfo;
import com.centit.framework.model.basedata.IUnitInfo;
import com.centit.framework.model.basedata.IUserRole;
import com.centit.framework.model.basedata.IUserUnit;
import com.centit.framework.security.SecurityContextUtils;
import com.centit.framework.security.model.CentitUserDetails;
import com.centit.framework.security.model.ThirdPartyCheckUserDetails;
import com.centit.support.algorithm.BooleanBaseOpt;
import com.centit.support.algorithm.CollectionsOpt;
import com.centit.support.algorithm.NumberBaseOpt;
import com.centit.support.algorithm.StringBaseOpt;
import com.centit.support.common.ObjectException;
import com.centit.support.image.CaptchaImageUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.awt.image.RenderedImage;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.elasticsearch.join.aggregations.ChildrenAggregationBuilder;
import org.opengis.referencing.operation.OperationMethod;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.security.web.reactive.result.view.CsrfRequestDataValueProcessor;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.servlet.view.UrlBasedViewResolver;
import ucar.nc2.iosp.grads.GradsAttribute;

@Api(value = "框架中用户权限相关的接口，用户登录接口，第三方认证接口，安全接口", tags = {"登录、权限、安全控制等接口"})
@RequestMapping({"/mainframe"})
@Controller
/* loaded from: input_file:WEB-INF/lib/framework-core-web-5.1-SNAPSHOT.jar:com/centit/framework/system/controller/MainFrameController.class */
public class MainFrameController extends BaseController {
    public static final String ENTRANCE_TYPE = "ENTRANCE_TYPE";
    public static final String NORMAL_LOGIN = "NORMAL";
    public static final String DEPLOY_LOGIN = "DEPLOY";
    public static final String LOGIN_AUTH_ERROR_MSG = "LOGIN_ERROR_MSG";

    @Autowired
    protected CsrfTokenRepository csrfTokenRepository;

    @Autowired
    protected PlatformEnvironment platformEnvironment;
    private ThirdPartyCheckUserDetails thirdPartyCheckUserDetails;

    @Value("${app.deploy.enabled:false}")
    private boolean deploy;

    @Value("${login.cas.enable:false}")
    private boolean useCas;

    @Value("${login.cas.localHome:}")
    private String localHome;

    @Value("${logout.success.targetUrl:}")
    private String logoutTargetUrl;

    @Value("${login.cas.casHome:}")
    private String casHome;

    @Value("${app.local.firstpage:}")
    private String firstpage;

    @Value("${app.menu.topoptid:}")
    private String topOptId;

    public String getOptId() {
        return "mainframe";
    }

    @GetMapping({"", "/", "/index"})
    @ApiOperation(value = "登录首页链接", notes = "登录首页链接，具体登录完成后跳转路径由spring-security-dao.xml中配置")
    public String index(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("webUrl");
        return StringUtils.isNotBlank(parameter) ? UrlBasedViewResolver.REDIRECT_URL_PREFIX + parameter : "sys/index";
    }

    @GetMapping({"/logincas"})
    @ApiOperation(value = "跳往cas登录链接", notes = "使用cas登录系统")
    public String logincas(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("webUrl");
        return StringUtils.isNotBlank(parameter) ? UrlBasedViewResolver.REDIRECT_URL_PREFIX + parameter : UrlBasedViewResolver.REDIRECT_URL_PREFIX + this.firstpage;
    }

    @GetMapping({DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL})
    @ApiOperation(value = "登录界面入口", notes = "登录界面入口")
    public String login(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (WebOptUtils.isAjax(httpServletRequest)) {
            return "redirect:/system/exception/error/401";
        }
        httpSession.setAttribute(ENTRANCE_TYPE, NORMAL_LOGIN);
        return this.useCas ? "redirect:/system/mainframe/logincas" : "sys/login";
    }

    @GetMapping({"/loginasadmin"})
    @ApiOperation(value = "以管理员登录界面", notes = "以管理员身份登录界面")
    public String loginAsAdmin(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (WebOptUtils.isAjax(httpServletRequest)) {
            return "redirect:/system/exception/error/401";
        }
        if (this.deploy) {
            httpSession.setAttribute(ENTRANCE_TYPE, DEPLOY_LOGIN);
        }
        return this.useCas ? "redirect:/system/mainframe/logincas" : "sys/login";
    }

    @GetMapping({"/login/error"})
    @ApiOperation(value = "登录失败回到登录页", notes = "登录失败回到登录页")
    public String loginError(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        AuthenticationException authenticationException = (AuthenticationException) httpSession.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
        if (authenticationException != null) {
            httpSession.setAttribute(LOGIN_AUTH_ERROR_MSG, authenticationException.getMessage());
        }
        return login(httpServletRequest, httpSession);
    }

    @GetMapping({"/logout"})
    @ApiOperation(value = "退出登录", notes = "退出登录")
    public String logout(HttpSession httpSession) {
        httpSession.setAttribute(ENTRANCE_TYPE, NORMAL_LOGIN);
        httpSession.removeAttribute(LOGIN_AUTH_ERROR_MSG);
        if (!this.useCas) {
            return "redirect:/logout";
        }
        httpSession.invalidate();
        return StringUtils.isBlank(this.logoutTargetUrl) ? UrlBasedViewResolver.REDIRECT_URL_PREFIX + this.casHome + "/logout?service=" + this.localHome + "/system/mainframe/logincas" : UrlBasedViewResolver.REDIRECT_URL_PREFIX + this.casHome + "/logout?service=" + this.logoutTargetUrl;
    }

    @RequestMapping(value = {"/changepwd"}, method = {RequestMethod.PUT})
    @ApiImplicitParams({@ApiImplicitParam(name = "password", value = "旧密码", required = true, paramType = "query", dataType = GradsAttribute.STRING), @ApiImplicitParam(name = "newPassword", value = "新密码", required = true, paramType = "query", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "修改密码", notes = "修改用户登录密码")
    public ResponseData changepassword(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (StringUtils.isBlank(str)) {
            str = httpServletRequest.getParameter("password");
        }
        if (StringUtils.isBlank(str2)) {
            str2 = httpServletRequest.getParameter("newPassword");
        }
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        if (StringUtils.isBlank(currentUserCode)) {
            return ResponseData.makeErrorMessage("用户没有登录，不能修改密码！");
        }
        if (!this.platformEnvironment.checkUserPassword(currentUserCode, str)) {
            return ResponseData.makeErrorMessage("用户输入的密码错误，不能修改密码！");
        }
        this.platformEnvironment.changeUserPassword(currentUserCode, str2);
        return ResponseData.successResponse;
    }

    @RequestMapping(value = {"/checkpwd"}, method = {RequestMethod.POST})
    @ApiImplicitParam(name = "password", value = "当前密码", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "校验密码", notes = "校验密码是否正确")
    public ResponseData checkpassword(String str, HttpServletRequest httpServletRequest) {
        if (StringUtils.isBlank(str)) {
            str = httpServletRequest.getParameter("password");
        }
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        return StringUtils.isBlank(currentUserCode) ? ResponseData.makeErrorMessage(401, "用户没有登录，不能修改密码！") : ResponseData.makeResponseData(Boolean.valueOf(this.platformEnvironment.checkUserPassword(currentUserCode, str)));
    }

    @RequestMapping(value = {"/loginasclient"}, method = {RequestMethod.POST})
    @WrapUpResponseBody
    @ApiOperation(value = "内部通讯的客户端程序使用接口", notes = "这个方法是个内部通讯的客户端程序使用的，客户端程序通过用户代码（注意不是用户名）和密码登录，这个密码建议随机生成")
    public ResponseData loginAsClient(HttpServletRequest httpServletRequest) {
        Map<String, Object> collectRequestParameters = BaseController.collectRequestParameters(httpServletRequest);
        String objectToString = StringBaseOpt.objectToString(collectRequestParameters.get(CodeRepositoryUtil.USER_CODE));
        if (!this.platformEnvironment.checkUserPassword(objectToString, StringBaseOpt.objectToString(collectRequestParameters.get("password")))) {
            return ResponseData.makeErrorMessage("用户 名和密码不匹配。");
        }
        SecurityContextHolder.getContext().setAuthentication(this.platformEnvironment.loadUserDetailsByUserCode(objectToString));
        return ResponseData.makeResponseData(SecurityContextUtils.SecurityContextTokenName, httpServletRequest.getSession().getId());
    }

    @RequestMapping(value = {"/loginasthird"}, method = {RequestMethod.POST})
    @ApiImplicitParams({@ApiImplicitParam(name = "formValue", value = "json格式的表单数据,示例：{userCode:\"u0000000\", token:\"231413241234\"}", required = true, paramType = "body", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "第三方认证接口", notes = "这时框架留的一个后门，系统如果要使用这个接口，必须配置一个名为thirdPartyCheckUserDetails的bean;该方法使用post调用，提交的对象中必须有userCode和token两个属性。")
    public ResponseData loginAsThird(HttpServletRequest httpServletRequest, @RequestBody String str) {
        try {
            if (this.thirdPartyCheckUserDetails == null) {
                this.thirdPartyCheckUserDetails = (ThirdPartyCheckUserDetails) ContextLoaderListener.getCurrentWebApplicationContext().getBean("thirdPartyCheckUserDetails", ThirdPartyCheckUserDetails.class);
            }
            if (this.thirdPartyCheckUserDetails == null) {
                return ResponseData.makeErrorMessage("系统找不到名为 thirdPartyCheckUserDetails 的 bean。");
            }
            CentitUserDetails check = this.thirdPartyCheckUserDetails.check(this.platformEnvironment, JSON.parseObject(str));
            if (check == null) {
                return ResponseData.makeErrorMessage("第三方验证失败: " + str);
            }
            SecurityContextHolder.getContext().setAuthentication(check);
            return ResponseData.makeResponseData(SecurityContextUtils.SecurityContextTokenName, httpServletRequest.getSession().getId());
        } catch (RuntimeException e) {
            return ResponseData.makeErrorMessage(e.getLocalizedMessage());
        }
    }

    @RequestMapping(value = {"/login/csrf"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "防跨站请求伪造", notes = "防跨站请求伪造")
    public ResponseData getLoginCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.csrfTokenRepository == null) {
            return ResponseData.makeErrorMessage("Bean csrfTokenRepository not found!");
        }
        CsrfToken loadToken = this.csrfTokenRepository.loadToken(httpServletRequest);
        if (loadToken == null) {
            loadToken = this.csrfTokenRepository.generateToken(httpServletRequest);
            this.csrfTokenRepository.saveToken(loadToken, httpServletRequest, httpServletResponse);
        }
        httpServletResponse.setHeader("_csrf_parameter", loadToken.getParameterName());
        httpServletResponse.setHeader("_csrf_header", loadToken.getHeaderName());
        httpServletResponse.setHeader(CsrfRequestDataValueProcessor.DEFAULT_CSRF_ATTR_NAME, loadToken.getToken());
        return ResponseData.makeResponseData(loadToken);
    }

    @RequestMapping(value = {"/csrf"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "防跨站请求伪造", notes = "防跨站请求伪造")
    public ResponseData getCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return getLoginCsrfToken(httpServletRequest, httpServletResponse);
    }

    @RequestMapping(value = {"/captchaimage"}, method = {RequestMethod.GET})
    @WrapUpResponseBody(contentType = WrapUpContentType.IMAGE)
    @ApiOperation(value = "获取验证码", notes = "获取验证码")
    public RenderedImage captchaImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String randomString = CaptchaImageUtil.getRandomString();
        httpServletRequest.getSession().setAttribute(CaptchaImageUtil.SESSIONCHECKCODE, randomString);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        return CaptchaImageUtil.generateCaptchaImage(randomString);
    }

    @RequestMapping(value = {"/login/captchaimage"}, method = {RequestMethod.GET})
    @WrapUpResponseBody(contentType = WrapUpContentType.IMAGE)
    @ApiOperation(value = "获取登录验证码", notes = "获取登录验证码")
    public RenderedImage loginCaptchaImage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return captchaImage(httpServletRequest, httpServletResponse);
    }

    @RequestMapping(value = {"/checkcaptcha/{checkcode}"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = "checkcode", value = "验证码", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "校验验证码", notes = "校验验证码")
    public ResponseData checkCaptchaImage(@PathVariable String str, HttpServletRequest httpServletRequest) {
        Boolean valueOf = Boolean.valueOf(CaptchaImageUtil.checkcodeMatch(StringBaseOpt.objectToString(httpServletRequest.getSession().getAttribute(CaptchaImageUtil.SESSIONCHECKCODE)), str));
        httpServletRequest.getSession().setAttribute(SecurityContextUtils.AJAX_CHECK_CAPTCHA_RESULT, valueOf);
        return ResponseData.makeResponseData(valueOf);
    }

    @RequestMapping(value = {"/currentuserinfo"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "当前登录用户", notes = "获取当前登录用户详情")
    public ResponseData getCurrentUserInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        JSONObject currentUserInfo = WebOptUtils.getCurrentUserInfo(httpServletRequest);
        return currentUserInfo == null ? ResponseData.makeErrorMessageWithData(httpServletRequest.getSession().getId(), 302, "用户没有登录或者超时，请重新登录！") : ResponseData.makeResponseData((Map<String, Object>) currentUserInfo);
    }

    @RequestMapping(value = {"/currentuser"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "当前登录者信息（可能是userInfo也可能是userDetails）", notes = "当前登录者，CentitUser对象信息")
    public Object getCurrentUser(HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            throw new ObjectException(302, "用户没有登录或者超时，请重新登录！");
        }
        return loginUser;
    }

    @RequestMapping(value = {"/currentuserdetails"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "当前登录者详细信息", notes = "当前登录者，CentitUserDetails对象信息")
    public Object getCurrentUserDetails(HttpServletRequest httpServletRequest) {
        CentitUserDetails currentUserDetails = WebOptUtils.getCurrentUserDetails(httpServletRequest);
        if (currentUserDetails == null) {
            throw new ObjectException(302, "用户没有登录或者超时，请重新登录！");
        }
        return currentUserDetails;
    }

    @GetMapping({"/hasLogin"})
    @WrapUpResponseBody(contentType = WrapUpContentType.RAW)
    @ApiOperation(value = "检验是否登录", notes = "检验当前用户用户是否登录")
    public Boolean hasLogin(HttpServletRequest httpServletRequest) {
        return Boolean.valueOf(StringUtils.isNotBlank(WebOptUtils.getCurrentUserCode(httpServletRequest)));
    }

    private JSONArray makeMenuFuncsJson(List<? extends IOptInfo> list) {
        return ViewDataTransform.makeTreeViewJson(list, ViewDataTransform.createStringHashMap("id", CodeRepositoryUtil.OPT_ID, "pid", "preOptId", "text", "optName", "url", "optRoute", "icon", "icon", ChildrenAggregationBuilder.NAME, ChildrenAggregationBuilder.NAME, "isInToolbar", "isInToolbar"), (jSONObject, iOptInfo) -> {
            jSONObject.put("external", (Object) Boolean.valueOf(!"D".equals(iOptInfo.getPageType())));
        });
    }

    @RequestMapping(value = {"/menu/{osId}"}, method = {RequestMethod.GET})
    @ApiImplicitParam(name = CodeRepositoryUtil.OS_ID, value = "应用主键applicationID", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "首页菜单", notes = "获取首页菜单信息")
    public JSONArray getMenu(@PathVariable String str, HttpServletRequest httpServletRequest) {
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        if (StringUtils.isBlank(currentUserCode)) {
            throw new ObjectException(302, "用户没有登录或者超时，请重新登录！");
        }
        Object attribute = httpServletRequest.getSession().getAttribute(ENTRANCE_TYPE);
        boolean z = attribute != null && DEPLOY_LOGIN.equals(attribute.toString());
        List<? extends IOptInfo> listUserMenuOptInfosUnderSuperOptId = this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(currentUserCode, str, z);
        if ((listUserMenuOptInfosUnderSuperOptId == null || listUserMenuOptInfosUnderSuperOptId.size() == 0) && StringUtils.isNotBlank(this.topOptId)) {
            listUserMenuOptInfosUnderSuperOptId = this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(currentUserCode, this.topOptId, z);
        }
        if (listUserMenuOptInfosUnderSuperOptId == null) {
            throw new ObjectException(302, "用户没有登录,或者没有给用户任何权限，请重新登录！");
        }
        return makeMenuFuncsJson(listUserMenuOptInfosUnderSuperOptId);
    }

    @RequestMapping(value = {"/submenu"}, method = {RequestMethod.GET})
    @ApiImplicitParams({@ApiImplicitParam(name = "optid", value = "菜单代码", paramType = "query", dataType = GradsAttribute.STRING), @ApiImplicitParam(name = "asadmin", value = "作为管理员 t/f", paramType = "query", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "获取子菜单", notes = "获取子菜单详情")
    public JSONArray getMenuUnderOptId(@RequestParam(value = "optid", required = false) String str, @RequestParam(value = "asadmin", required = false) String str2, HttpServletRequest httpServletRequest) {
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        if (StringUtils.isBlank(currentUserCode)) {
            throw new ObjectException(302, "用户没有登录或者超时，请重新登录！");
        }
        List<? extends IOptInfo> listUserMenuOptInfosUnderSuperOptId = this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(currentUserCode, str, BooleanBaseOpt.castObjectToBoolean(str2, false).booleanValue());
        if (listUserMenuOptInfosUnderSuperOptId == null) {
            throw new ObjectException(302, "用户没有登录,或者没有给用户任何权限，请重新登录！");
        }
        return makeMenuFuncsJson(listUserMenuOptInfosUnderSuperOptId);
    }

    @RequestMapping(value = {"/userMenu/{osId}/{userCode}"}, method = {RequestMethod.GET})
    @ApiImplicitParams({@ApiImplicitParam(name = CodeRepositoryUtil.OS_ID, value = "应用主键applicationID", required = true, paramType = "path", dataType = GradsAttribute.STRING), @ApiImplicitParam(name = CodeRepositoryUtil.USER_CODE, value = "用户代码", required = true, paramType = "path", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "获取用户有权限的菜单", notes = "根据用户代码获取用户有权限的菜单")
    public ResponseData getMemuByUsercode(@PathVariable String str, @PathVariable String str2) {
        List<? extends IOptInfo> listUserMenuOptInfosUnderSuperOptId = this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(str2, str, false);
        if ((listUserMenuOptInfosUnderSuperOptId == null || listUserMenuOptInfosUnderSuperOptId.size() == 0) && StringUtils.isNotBlank(this.topOptId)) {
            listUserMenuOptInfosUnderSuperOptId = this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(str2, this.topOptId, false);
        }
        return ResponseData.makeResponseData(makeMenuFuncsJson(listUserMenuOptInfosUnderSuperOptId));
    }

    @RequestMapping(value = {"/useSubrMenu/{userCode}/{menuOptId}"}, method = {RequestMethod.GET})
    @ApiImplicitParams({@ApiImplicitParam(name = CodeRepositoryUtil.USER_CODE, value = "用户代码", required = true, paramType = "path", dataType = GradsAttribute.STRING), @ApiImplicitParam(name = "menuOptId", value = "菜单代码", required = true, paramType = "path", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "获取用户有权限的菜单", notes = "根据用户代码和菜单代码获取用户有权限的子菜单")
    public ResponseData getSubMemuByUsercode(@PathVariable String str, @PathVariable String str2) {
        return ResponseData.makeResponseData(makeMenuFuncsJson(this.platformEnvironment.listUserMenuOptInfosUnderSuperOptId(str, str2, false)));
    }

    @RequestMapping(value = {"/session"}, method = {RequestMethod.GET})
    @WrapUpResponseBody
    @ApiOperation(value = "获取当前session", notes = "获取当前session")
    public String getSession(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getSession().getId();
    }

    @GetMapping({"/userstations"})
    @WrapUpResponseBody
    @ApiOperation(value = "查询当前用户所有职位", notes = "查询当前用户所有职位")
    public JSONArray listCurrentUserUnits(HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser == null) {
            throw new ObjectException(709, "用户没有登录或者超时，请重新登录。");
        }
        if (loginUser instanceof CentitUserDetails) {
            return DictionaryMapUtils.mapJsonArray(((CentitUserDetails) loginUser).getUserUnits(), (Class<?>[]) new Class[]{IUserUnit.class});
        }
        return null;
    }

    @GetMapping({"/topUnit", "/tenant"})
    @WrapUpResponseBody
    @ApiOperation(value = "查询当前用户所属租户", notes = "查询当前用户所属租户")
    public List<? extends IUnitInfo> listCurrentTopUnits(HttpServletRequest httpServletRequest) {
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        if (StringUtils.isBlank(currentUserCode)) {
            throw new ObjectException(709, "用户没有登录或者超时，请重新登录。");
        }
        return this.platformEnvironment.listUserTopUnits(currentUserCode);
    }

    @GetMapping({"/userroles"})
    @WrapUpResponseBody
    public List<? extends IUserRole> listCurrentUserRoles(HttpServletRequest httpServletRequest) {
        return this.platformEnvironment.listUserRoles(WebOptUtils.getCurrentTopUnit(httpServletRequest), WebOptUtils.getCurrentUserCode(httpServletRequest));
    }

    @GetMapping({"/usercurrstation"})
    @WrapUpResponseBody
    @ApiOperation(value = "查询当前用户当前职位", notes = "查询当前用户当前职位")
    public Map<String, Object> getUserCurrentStaticn(HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (loginUser instanceof CentitUserDetails) {
            return DictionaryMapUtils.mapJsonObject(((CentitUserDetails) loginUser).getCurrentStation(), (Class<?>[]) new Class[]{IUserUnit.class});
        }
        throw new ObjectException(709, "用户没有登录或者超时，请重新登录。");
    }

    @ApiImplicitParam(name = "userUnitId", value = "用户机构Id", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @PutMapping({"/setuserstation/{userUnitId}"})
    @WrapUpResponseBody
    @ApiOperation(value = "设置当前用户当前职位", notes = "根据用户机构id设置当前用户当前职位")
    public void setUserCurrentStaticn(@PathVariable String str, HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        if (!(loginUser instanceof CentitUserDetails)) {
            throw new ObjectException(709, "用户没有登录或者超时，请重新登录。");
        }
        ((CentitUserDetails) loginUser).setCurrentStationId(str);
    }

    @RequestMapping(value = {"/checkuserpower/{optId}/{method}"}, method = {RequestMethod.GET})
    @ApiImplicitParams({@ApiImplicitParam(name = CodeRepositoryUtil.OPT_ID, value = "系统业务代码", required = true, paramType = "path", dataType = GradsAttribute.STRING), @ApiImplicitParam(name = "method", value = "操作方法", required = true, paramType = "path", dataType = GradsAttribute.STRING)})
    @WrapUpResponseBody
    @ApiOperation(value = "验证当前用户是否有某个操作方法的权限", notes = "验证当前用户是否有某个操作方法的权限")
    public ResponseData checkUserOptPower(@PathVariable String str, @PathVariable String str2) {
        return ResponseData.makeResponseData(Boolean.valueOf(CodeRepositoryUtil.checkUserOptPower(str, str2)));
    }

    @ApiImplicitParam(name = "rank", value = "职务代码", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "获取当前用户具有某个行政职务的任职信息", notes = "获取当前用户具有某个行政职务的任职信息")
    @GetMapping({"/userranks/{rank}"})
    public JSONArray listUserUnitsByRank(@PathVariable String str, HttpServletRequest httpServletRequest) {
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        String currentTopUnit = WebOptUtils.getCurrentTopUnit(httpServletRequest);
        if (StringUtils.isBlank(currentUserCode)) {
            throw new ObjectException("用户没有登录或者超时，请重新登录。");
        }
        return DictionaryMapUtils.objectsToJSONArray(CodeRepositoryUtil.listUserUnitsByRank(currentTopUnit, currentUserCode, str));
    }

    @ApiImplicitParam(name = "station", value = "岗位代码", required = true, paramType = "path", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "获取当前用户具有某个岗位的任职信息", notes = "获取当前用户具有某个岗位的任职信息")
    @GetMapping({"/userstations/{station}"})
    public ResponseData listUserUnitsByStation(@PathVariable String str, HttpServletRequest httpServletRequest) {
        String currentUserCode = WebOptUtils.getCurrentUserCode(httpServletRequest);
        return StringUtils.isBlank(currentUserCode) ? new ResponseSingleData("用户没有登录或者超时，请重新登录") : ResponseSingleData.makeResponseData(DictionaryMapUtils.objectsToJSONArray(CodeRepositoryUtil.listUserUnitsByStation(WebOptUtils.getCurrentTopUnit(httpServletRequest), currentUserCode, str)));
    }

    @PostMapping({"/testUserEngine"})
    @ApiImplicitParam(name = "jsonStr", value = "参数格式josn示例: { formula:unitParams:{U: [ ] },userParams:{U:[ ]},rankParams:{U:[ ]}}", required = true, paramType = "body", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "测试权限表达式引擎", notes = "测试权限表达式引擎")
    public Set<String> testUserEngine(@RequestBody String str, HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        JSONObject jSONObject = (JSONObject) JSONObject.parse(str);
        JSONObject jSONObject2 = jSONObject.getJSONObject("unitParams");
        JSONObject jSONObject3 = jSONObject.getJSONObject("userParams");
        JSONObject jSONObject4 = jSONObject.getJSONObject("rankParams");
        HashMap hashMap = null;
        if (jSONObject4 != null) {
            Map<String, Object> objectToMap = CollectionsOpt.objectToMap(jSONObject4);
            hashMap = new HashMap(objectToMap.size() + 1);
            for (Map.Entry<String, Object> entry : objectToMap.entrySet()) {
                hashMap.put(entry.getKey(), NumberBaseOpt.castObjectToInteger(entry.getValue()));
            }
        }
        return SysUserFilterEngine.calcSystemOperators(jSONObject.getString(OperationMethod.FORMULA_KEY), jSONObject2 == null ? null : StringBaseOpt.objectToMapStrSet(jSONObject2), jSONObject3 == null ? null : StringBaseOpt.objectToMapStrSet(jSONObject3), hashMap, new UserUnitMapTranslate(CacheController.makeCalcParam(loginUser)));
    }

    @PostMapping({"/testUnitEngine"})
    @ApiImplicitParam(name = "jsonStr", value = "参数格式josn示例: {formula:\"\",unitParams:{U:[ ]}}", required = true, paramType = "body", dataType = GradsAttribute.STRING)
    @WrapUpResponseBody
    @ApiOperation(value = "测试机构表达式引擎", notes = "测试机构表达式引擎")
    public Set<String> testUnitEngine(@RequestBody String str, HttpServletRequest httpServletRequest) {
        Object loginUser = WebOptUtils.getLoginUser(httpServletRequest);
        JSONObject jSONObject = (JSONObject) JSONObject.parse(str);
        JSONObject jSONObject2 = jSONObject.getJSONObject("unitParams");
        return SysUnitFilterEngine.calcSystemUnitsByExp(jSONObject.getString(OperationMethod.FORMULA_KEY), jSONObject2 == null ? null : StringBaseOpt.objectToMapStrSet(jSONObject2), new UserUnitMapTranslate(CacheController.makeCalcParam(loginUser)));
    }
}
