package com.datacloudsec.scan.controller;

import com.datacloudsec.annotations.Auth;
import com.datacloudsec.annotations.Log;
import com.datacloudsec.exception.UEException;
import com.datacloudsec.response.GridResponse;
import com.datacloudsec.response.JsonResponse;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IConfig;
import com.datacloudsec.scan.service.IDevice;
import com.datacloudsec.scan.service.IRole;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.impl.ConfigService;
import com.datacloudsec.scan.service.impl.DeviceService;
import com.datacloudsec.scan.service.impl.RoleService;
import com.datacloudsec.scan.service.impl.UserService;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SecretUtil;
import com.howie.hmvc.annotations.Method;
import com.howie.hmvc.annotations.NoTrim;
import com.howie.hmvc.annotations.Valid;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/datacloudsec/scan/controller/UserController.class */
public class UserController {
    private IUser userService = (IUser) InstanceUtil.newServiceInstance(UserService.class);
    private IRole roleService = (IRole) InstanceUtil.newServiceInstance(RoleService.class);
    private IConfig configService = (IConfig) InstanceUtil.newServiceInstance(ConfigService.class);
    private IDevice deviceService = (IDevice) InstanceUtil.newServiceInstance(DeviceService.class);

    @Log(value = "用户登录", entry = {"name=用户名"})
    @Method("post")
    public boolean login(HttpServletRequest httpServletRequest, @Valid String str, @Valid String str2, @Valid String str3) throws Exception {
        this.userService.login(httpServletRequest, str, str2, str3);
        return true;
    }

    @Auth("USERMG")
    public String user(HttpServletRequest httpServletRequest) throws Exception {
        httpServletRequest.setAttribute("roles", this.roleService.search());
        httpServletRequest.setAttribute("lockTime", ObjectUtil.getString(this.configService.getValueByName("userLockTime"), "300"));
        httpServletRequest.setAttribute("serverdate", Long.valueOf(System.currentTimeMillis()));
        return "user/user";
    }

    @Auth("USERMG_ADD")
    public String adduser(HttpServletRequest httpServletRequest) throws Exception {
        httpServletRequest.setAttribute("roles", this.roleService.search());
        httpServletRequest.setAttribute("regions", this.deviceService.getRegionByPid(0));
        return "user/adduser";
    }

    @Log("用户登出")
    public boolean logout(HttpSession httpSession) throws Exception {
        this.userService.logout(httpSession);
        return true;
    }

    @Auth("USERMG")
    public JsonResponse search(@Valid(maxLength = 50.0d, required = false) String str, @Valid(maxLength = 50.0d, required = false) String str2, Integer num, @Valid(maxLength = 50.0d, required = false) String str3, @Valid(maxLength = 30.0d, required = false) String str4, @Valid(maxLength = 30.0d, required = false) String str5, Integer num2, @Valid(maxVal = 100.0d) Integer num3) throws Exception {
        int queryCount = this.userService.queryCount(str, str2, num, str3, str4, str5);
        List<Map<String, Object>> list = null;
        if (queryCount > 0) {
            list = this.userService.query(str, str2, num, str3, str4, str5, num2, num3);
        }
        return new GridResponse(queryCount, list);
    }

    @Log(value = "删除用户", entry = {"id=id"})
    @Auth("USERMG_DEL")
    public boolean delete(@Valid Integer num, @Valid Integer num2) throws Exception {
        this.userService.delete(num, num2);
        return true;
    }

    @Log(value = "锁定用户", entry = {"id=id"})
    public boolean lock(@Valid Integer num) throws Exception {
        this.userService.lock(num, -1L);
        return true;
    }

    @Log(value = "解锁用户", entry = {"id=id"})
    public boolean unlock(@Valid Integer num) throws Exception {
        this.userService.lock(num, 0L);
        return true;
    }

    @Log(value = "添加用户", entry = {"name=用户名", "real_name=真实姓名", "email=邮箱地址", "ips=扫描IP范围", "urls=扫描网站URL", "roleName=所属角色"})
    @Auth("USERMG_ADD")
    public boolean insert(@Valid(maxLength = 50.0d) String str, @Valid(maxLength = 50.0d, required = false) String str2, @Valid(maxLength = 100.0d, required = false) String str3, @Valid Integer num, @Valid Integer num2, Integer num3, @Valid(maxLength = 1000.0d, required = false) String str4, @Valid(maxLength = 2000.0d, required = false) String str5) throws Exception {
        this.userService.insertUser(str, SecretUtil.digestSha1("123456", SecretUtil.SHA1), str2, num, num2, num3, str3, str4, str5);
        return true;
    }

    public String tousereidt(HttpServletRequest httpServletRequest, @Valid Integer num) throws Exception {
        User userById = this.userService.getUserById(num);
        httpServletRequest.setAttribute("user", userById);
        httpServletRequest.setAttribute("roleListMap", this.roleService.search());
        httpServletRequest.setAttribute("regions", this.deviceService.getRegionByPid(0));
        httpServletRequest.setAttribute("regionsCid", this.deviceService.getRegionByPid(userById.getRegionSid()));
        return "user/edituser";
    }

    @Log(value = "修改用户", entry = {"name=用户名", "real_name=真实姓名", "email=邮箱地址", "ips=扫描IP范围", "urls=扫描网站URL", "roleName=所属角色"})
    @Auth("USERMG_UPD")
    public boolean update(HttpSession httpSession, @Valid Integer num, @Valid(maxLength = 50.0d) String str, @Valid(maxLength = 50.0d, required = false) String str2, @Valid(maxLength = 100.0d, required = false) String str3, @Valid Integer num2, String str4, @Valid Integer num3, @Valid Integer num4, Integer num5, @Valid(maxLength = 1000.0d, required = false) String str5, @Valid(maxLength = 2000.0d, required = false) String str6) throws Exception {
        if (num.intValue() == 1) {
            throw new UEException("admin账户不允许修改！");
        }
        this.userService.updateUser(httpSession, num, str, str2, num2, str4, num3, num4, num5, str3, str5, str6);
        return true;
    }

    @Log("修改密码")
    public boolean updatepwd(@Valid(minLength = 8.0d, maxLength = 16.0d) @NoTrim String str, @Valid(minLength = 6.0d, maxLength = 16.0d) @NoTrim String str2, HttpSession httpSession) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        String name = user.getName();
        Object sb = new StringBuilder(name).reverse().toString();
        if (str.equals(name)) {
            throw new UEException("密码不能与用户名一致！");
        }
        if (str.equals(sb)) {
            throw new UEException("密码不能使用用户名的倒写！");
        }
        String digestSha1 = SecretUtil.digestSha1(str, SecretUtil.SHA1);
        String updatePWD = this.userService.updatePWD(user.getId(), digestSha1, SecretUtil.digestSha1(str2, SecretUtil.SHA1));
        user.setPassword(digestSha1);
        user.setVal3(updatePWD);
        this.configService.setValue(String.valueOf(user.getName()) + "_pwd", str);
        httpSession.removeAttribute(IUser.USER_INFO);
        httpSession.setAttribute(IUser.USER_INFO, user);
        return true;
    }

    public String personset(HttpServletRequest httpServletRequest, HttpSession httpSession) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        httpServletRequest.setAttribute("user", user);
        httpServletRequest.setAttribute("regions", this.deviceService.getRegionByPid(0));
        httpServletRequest.setAttribute("regionsCid", this.deviceService.getRegionByPid(user.getRegionSid()));
        return "user/personal-settings";
    }

    @Log("初始设置")
    public boolean personalSettings(@Valid(minLength = 8.0d, maxLength = 16.0d) @NoTrim String str, @Valid(minLength = 6.0d, maxLength = 16.0d) @NoTrim String str2, String str3, String str4, @Valid Integer num, @Valid Integer num2, Integer num3, HttpSession httpSession) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        String name = user.getName();
        Object sb = new StringBuilder(name).reverse().toString();
        if (str.equals(name)) {
            throw new UEException("密码不能与用户名一致！");
        }
        if (str.equals(sb)) {
            throw new UEException("密码不能使用用户名的倒写！");
        }
        String digestSha1 = SecretUtil.digestSha1(str, SecretUtil.SHA1);
        String updatePWD = this.userService.updatePWD(user.getId(), digestSha1, SecretUtil.digestSha1(str2, SecretUtil.SHA1));
        user.setPassword(digestSha1);
        user.setVal3(updatePWD);
        this.configService.setValue(String.valueOf(user.getName()) + "_pwd", str);
        httpSession.setAttribute(IUser.USER_INFO, user);
        this.userService.updateUser(httpSession, user.getId(), user.getName(), str3, user.getRid(), user.getName(), num, num2, num3, str4, user.getIps(), user.getUrls());
        return true;
    }

    @Log("修改密码")
    public boolean updPwd(@NoTrim String str, @NoTrim String str2, String str3, HttpSession httpSession, HttpServletRequest httpServletRequest) throws Exception {
        if (StringUtils.isBlank(str3)) {
            throw new UEException("用户名【username】不能为空！");
        }
        if (StringUtils.isBlank(str2)) {
            throw new UEException("原始密码【beforePwd】不能为空！");
        }
        User userByName = this.userService.getUserByName(str3);
        if (!userByName.getPassword().equalsIgnoreCase(SecretUtil.digestSha1(str2, SecretUtil.SHA1))) {
            throw new UEException("原始密码【beforePwd】错误！");
        }
        if (StringUtils.isBlank(str)) {
            throw new UEException("新密码【pwd】不能为空！");
        }
        if (!str.matches("^(?![\\d]+$)(?![a-zA-Z]+$)(?![^\\da-zA-Z]+$).{8,16}$")) {
            throw new UEException("新密码必须是8-16个字母、数字、特殊字符两种类型以上的组合！");
        }
        String sb = new StringBuilder(str3).reverse().toString();
        if (str.equals(str3)) {
            throw new UEException("密码不能与用户名一致！");
        }
        if (str.equals(sb)) {
            throw new UEException("密码不能使用用户名的倒写！");
        }
        Constant.checkAuth(httpServletRequest);
        String digestSha1 = SecretUtil.digestSha1(str, SecretUtil.SHA1);
        this.userService.updatePWD(userByName.getId(), digestSha1, SecretUtil.digestSha1(str2, SecretUtil.SHA1));
        userByName.setPassword(digestSha1);
        userByName.setVal3(new StringBuilder(String.valueOf(System.currentTimeMillis())).toString());
        this.configService.setValue(String.valueOf(userByName.getName()) + "_pwd", str);
        httpSession.removeAttribute(IUser.USER_INFO);
        httpSession.setAttribute(IUser.USER_INFO, userByName);
        return true;
    }

    @Log("重置密码")
    @Auth("USERMG_RESET_PWD")
    public boolean resetpwd(HttpSession httpSession, @Valid Integer num) throws Exception {
        if (!"admin".equals(((User) httpSession.getAttribute(IUser.USER_INFO)).getName())) {
            throw new UEException("此用户无权限");
        }
        this.userService.resetPWD(num);
        return true;
    }

    public String userset(HttpSession httpSession, HttpServletRequest httpServletRequest) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        httpServletRequest.setAttribute("user", user);
        httpServletRequest.setAttribute("regions", this.deviceService.getRegionByPid(0));
        httpServletRequest.setAttribute("regionsCid", this.deviceService.getRegionByPid(user.getRegionSid()));
        return "user/userset";
    }

    public boolean userSettings(HttpSession httpSession, String str, String str2, @Valid Integer num, @Valid Integer num2, Integer num3) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        this.userService.updateUser(httpSession, user.getId(), user.getName(), str, user.getRid(), user.getName(), num, num2, num3, str2, user.getIps(), user.getUrls());
        return true;
    }
}
