package com.datacloudsec.scan.service.impl;

import com.datacloudsec.exception.UEException;
import com.datacloudsec.scan.common.Constant;
import com.datacloudsec.scan.dao.RoleMapper;
import com.datacloudsec.scan.dao.UserMapper;
import com.datacloudsec.scan.entity.Perm;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IConfig;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.utils.DateUtil;
import com.datacloudsec.utils.EntryResult;
import com.datacloudsec.utils.IPUtil;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.datacloudsec.utils.SecretUtil;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/datacloudsec/scan/service/impl/UserService.class */
public class UserService implements IUser {
    private UserMapper userMapper = (UserMapper) InstanceUtil.newDaoInstance(UserMapper.class);
    private RoleMapper roleMapper = (RoleMapper) InstanceUtil.newDaoInstance(RoleMapper.class);
    private IConfig config = (IConfig) InstanceUtil.newServiceInstance(ConfigService.class);
    private static final Logger LOG = Logger.getLogger(UserService.class);
    private static Map<String, Object> loginErrCount = new HashMap();

    @Override // com.datacloudsec.scan.service.IUser
    public void delete(Integer num, Integer num2) throws Exception {
        if (num.intValue() == 1) {
            throw new UEException("admin账户不允许删除！");
        }
        if (Integer.valueOf(this.userMapper.delete(num, num2)).intValue() == 0) {
            throw new UEException(UEException.VERSION_OLD);
        }
        try {
            FileUtils.deleteDirectory(new File(Constant.WORK_DIR, "user/" + num));
        } catch (IOException e) {
            LOG.error("删除用户配置目录出错", e);
        }
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void login(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws Exception {
        loginInfo(httpServletRequest, validUser(httpServletRequest, str, str2, str3));
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void loginInfo(HttpServletRequest httpServletRequest, User user) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        String ipAddress = IPUtil.getIpAddress(httpServletRequest);
        Date date = new Date();
        String val3 = user.getVal3();
        User user2 = new User();
        user2.setId(user.getId());
        user2.setLoginTime(date);
        user2.setIp(ipAddress);
        if (StringUtils.isBlank(val3)) {
            user2.setVal3(new StringBuilder(String.valueOf(System.currentTimeMillis())).toString());
        }
        this.userMapper.updateOther(user2);
        user.setLoginTime(date);
        user.setIp(ipAddress);
        List<Perm> permissionByUser = this.userMapper.getPermissionByUser(user.getRid());
        ArrayList arrayList = new ArrayList();
        Iterator<Perm> it = permissionByUser.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getAction());
        }
        session.setAttribute(IUser.USER_INFO, user);
        session.setAttribute(IUser.USER_PERMS, permissionByUser);
        session.setAttribute(IUser.USER_ACTIONS, arrayList);
        session.setAttribute(IUser.USER_ROLE, this.userMapper.getUserRoleById(user.getRid()));
        session.setAttribute(IUser.USER_RULE, EntryResult.parseEntry(this.userMapper.getUserRuleById(user.getRid()), "tname", "cond"));
        session.setAttribute(IUser.CHILD_MENUS, EntryResult.parseEntryListMap(this.roleMapper.getMenusForCustom(), "parentId"));
        session.setAttribute(IUser.CUSTOM_MENUS, this.roleMapper.getFirstMenus());
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void logout(HttpSession httpSession) throws Exception {
        User user = (User) httpSession.getAttribute(IUser.USER_INFO);
        Enumeration attributeNames = httpSession.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            httpSession.removeAttribute(((String) attributeNames.nextElement()).toString());
        }
        if (user != null) {
            httpSession.setAttribute("username", user.getName());
        }
    }

    @Override // com.datacloudsec.scan.service.IUser
    public User validUser(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        if (str3 != null) {
            String str4 = (String) session.getAttribute("code");
            session.removeAttribute("code");
            if (StringUtils.isBlank(str3) || !str3.equalsIgnoreCase(str4)) {
                LOG.error("code=" + str3 + ",sessionCode=" + str4);
                throw new UEException("验证码错误");
            }
        }
        User userByName = this.userMapper.getUserByName(str);
        if (userByName == null) {
            throw new UEException("用户名或密码错误");
        }
        Long lockTime = userByName.getLockTime();
        if (lockTime.longValue() != 0) {
            if (lockTime.longValue() == -1) {
                throw new UEException("该用户已被锁定，请联系管理员解锁");
            }
            long longValue = (ObjectUtil.getLong(this.config.getValueByName("userLockTime"), 300L).longValue() * 1000) - (System.currentTimeMillis() - lockTime.longValue());
            if (longValue > 0) {
                throw new UEException("该用户已被锁定，离解锁时间还有：" + DateUtil.time2Str(Long.valueOf(longValue)));
            }
        }
        if (str2.equalsIgnoreCase(userByName.getPassword())) {
            loginErrCount.remove("login_error_" + userByName.getId());
            return userByName;
        }
        int addError = addError(userByName);
        if (addError <= 0) {
            throw new UEException("该用户已被锁定，离解锁时间还有：" + DateUtil.time2Str(Long.valueOf(ObjectUtil.getLong(this.config.getValueByName("userLockTime"), 300L).longValue() * 1000)));
        }
        throw new UEException("用户名或密码错误，如果再错误" + addError + "次，用户将被锁定。");
    }

    private int addError(User user) throws Exception {
        String str = "login_error_" + user.getId();
        int i = ObjectUtil.getInt(loginErrCount.get(str), 0) + 1;
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        int i2 = ObjectUtil.getInt(this.config.getValueByName("maxPwdError"), 5);
        if (i < i2) {
            loginErrCount.put(str, Integer.valueOf(i));
            return i2 - i;
        }
        User user2 = new User();
        user2.setId(user.getId());
        user2.setLockTime(valueOf);
        user.setLockTime(valueOf);
        this.userMapper.updateOther(user2);
        loginErrCount.remove(str);
        return 0;
    }

    @Override // com.datacloudsec.scan.service.IUser
    public int queryCount(String str, String str2, Integer num, String str3, String str4, String str5) throws Exception {
        return this.userMapper.searchCount(str, str2, num, str3, str4, str5);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public List<Map<String, Object>> query(String str, String str2, Integer num, String str3, String str4, String str5, Integer num2, Integer num3) throws Exception {
        return this.userMapper.search(str, str2, num, str3, str4, str5, num2, num3);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void updateUser(HttpSession httpSession, Integer num, String str, String str2, Integer num2, String str3, Integer num3, Integer num4, Integer num5, String str4, String str5, String str6) throws Exception {
        if (StringUtils.isNotBlank(str3) && !str.equals(str3) && getUserCountByName(str).intValue() > 0) {
            throw new UEException("用户名已存在！");
        }
        User user = new User();
        user.setId(num);
        user.setName(str);
        user.setRealName(str2);
        user.setVal1(str4);
        user.setRegionSid(num3);
        user.setRegionCid(num5);
        user.setRid(num2);
        user.setVersion(num4);
        user.setIps(str5);
        user.setUrls(IPUtil.urlFormat(str6));
        if (Integer.valueOf(this.userMapper.update(user)).intValue() == 0) {
            throw new UEException(UEException.VERSION_OLD);
        }
        User user2 = (User) httpSession.getAttribute(IUser.USER_INFO);
        if (user2 == null || user == null) {
            return;
        }
        try {
            if (user.getId().intValue() == user2.getId().intValue()) {
                user.setVersion(Integer.valueOf(num4.intValue() + 1));
                httpSession.setAttribute(IUser.USER_INFO, user);
            }
        } catch (Exception e) {
            LOG.error("", e);
        }
    }

    @Override // com.datacloudsec.scan.service.IUser
    public String updatePWD(Integer num, String str, String str2) throws Exception {
        String passWordById = this.userMapper.getPassWordById(num);
        String sb = new StringBuilder(String.valueOf(System.currentTimeMillis())).toString();
        if (!passWordById.equals(str2)) {
            throw new UEException("原始密码错误！");
        }
        User user = new User();
        user.setId(num);
        user.setPassword(str);
        user.setVal3(sb);
        this.userMapper.updateOther(user);
        return sb;
    }

    @Override // com.datacloudsec.scan.service.IUser
    public Integer getUserCountByName(String str) throws Exception {
        return this.userMapper.getCountByName(str);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public User insertUser(String str, String str2, String str3, Integer num, Integer num2, Integer num3, String str4, String str5, String str6) throws Exception {
        if (getUserCountByName(str).intValue() > 0) {
            throw new UEException("用户名已存在！");
        }
        User user = new User();
        user.setName(str);
        user.setRealName(str3);
        user.setVal1(str4);
        user.setPassword(str2);
        user.setRegionSid(num2);
        user.setRegionCid(num3);
        user.setRid(num);
        user.setIps(str5);
        user.setUrls(IPUtil.urlFormat(str6));
        this.userMapper.insert(user);
        return user;
    }

    @Override // com.datacloudsec.scan.service.IUser
    public User getUserById(Integer num) throws Exception {
        return this.userMapper.getUserById(num);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void lock(Integer num, Long l) throws Exception {
        this.userMapper.lock(num, l);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void resetPWD(Integer num) throws Exception {
        User user = new User();
        user.setId(num);
        user.setPassword(SecretUtil.digestSha1("123456", SecretUtil.SHA1));
        this.userMapper.updateOther(user);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void validCode(String str, String str2) throws Exception {
        this.userMapper.validCode(str, str2);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public User getUserByName(String str) throws Exception {
        return this.userMapper.getUserByName(str);
    }

    @Override // com.datacloudsec.scan.service.IUser
    public void updPwdByName(String str, String str2, String str3) throws Exception {
        this.userMapper.updPwdByName(str, str2, str3);
    }
}
