package com.digiwin.dap.middleware.iam.api;

import cn.hutool.json.JSONUtil;
import com.digiwin.dap.middle.kms.constants.KeyConstant;
import com.digiwin.dap.middle.ram.domain.enums.TargetType;
import com.digiwin.dap.middleware.auth.AppAuthContextHolder;
import com.digiwin.dap.middleware.auth.AuthoredUser;
import com.digiwin.dap.middleware.commons.crypto.AES;
import com.digiwin.dap.middleware.domain.StdData;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.domain.usermapping.BatchMappingQueryRequest;
import com.digiwin.dap.middleware.iam.domain.usermapping.EncryptUserMappingVO;
import com.digiwin.dap.middleware.iam.domain.usermapping.QuerySingleMappingRequest;
import com.digiwin.dap.middleware.iam.domain.usermapping.UserMappingQueryResultVO;
import com.digiwin.dap.middleware.iam.domain.usermapping.UserMappingVO;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.service.tenant.TenantCrudService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.service.usermapping.UserMappingService;
import com.digiwin.dap.middleware.iam.support.excel.IExcelService;
import com.digiwin.dap.middleware.iam.support.validate.AuthValidateService;
import com.digiwin.dap.middleware.util.UserUtils;
import com.github.pagehelper.PageHelper;
import java.util.List;
import javax.validation.Valid;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/iam/v2/mapping"})
@RestController
@Validated
/* loaded from: input_file:WEB-INF/classes/com/digiwin/dap/middleware/iam/api/UserMappingController.class */
public class UserMappingController {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) UserMappingController.class);

    @Autowired
    private UserMappingService userMappingService;

    @Autowired
    private TenantCrudService tenantCrudService;

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private IExcelService excelService;

    @Autowired
    private AuthValidateService authValidateService;

    @PostMapping(value = {""}, produces = {"application/json; charset=utf-8"})
    @Transactional(rollbackFor = {Exception.class})
    public ResponseEntity<?> mapUser(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @Valid @RequestBody UserMappingVO userMappingVO) {
        this.userMappingService.map(authoredUser.getTenantSid(), userMappingVO, false);
        return ResponseEntity.status(201).build();
    }

    @PostMapping(value = {"/mod"}, produces = {"application/json; charset=utf-8"})
    @Transactional(rollbackFor = {Exception.class})
    public ResponseEntity<?> modMapUser(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @Valid @RequestBody UserMappingVO userMappingVO) {
        this.userMappingService.map(authoredUser.getTenantSid(), userMappingVO, false, true);
        return ResponseEntity.status(201).build();
    }

    @PostMapping(value = {"/force"}, produces = {"application/json; charset=utf-8"})
    @Transactional(rollbackFor = {Exception.class})
    public ResponseEntity<?> forceMapUser(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @Valid @RequestBody UserMappingVO userMappingVO) {
        this.userMappingService.map(authoredUser.getTenantSid(), userMappingVO, true);
        return ResponseEntity.status(201).build();
    }

    @PostMapping(value = {"/delete"}, produces = {"application/json; charset=utf-8"})
    @Transactional(rollbackFor = {Exception.class})
    public ResponseEntity<?> deleteMap(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @Valid @RequestBody UserMappingVO userMappingVO) {
        this.userMappingService.deleteMap(authoredUser.getTenantSid(), userMappingVO);
        return ResponseEntity.status(200).build();
    }

    @PostMapping(value = {"/query/appuser"}, produces = {"application/json; charset=utf-8"})
    public ResponseEntity<?> queryMappedAppUser(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @RequestBody UserMappingVO userMappingVO) {
        Assert.hasText(userMappingVO.getIdentityId(), "必须指定应用id(IdentityId)方可查询");
        Assert.hasText(userMappingVO.getVerifyUserId(), "必须指定verifyUserId方可查询");
        if (authoredUser.getTenantSid() == 0) {
            throw new BusinessException(I18nError.USE_TENANT_LOGIN);
        }
        return ResponseEntity.ok(this.userMappingService.getUserByMapping(Long.valueOf(authoredUser.getTenantSid()), userMappingVO.getIdentityId(), userMappingVO.getAccount(), userMappingVO.getVerifyUserId()));
    }

    @PostMapping(value = {"/query/app"}, produces = {"application/json; charset=utf-8"})
    public ResponseEntity<?> queryMappedUserByApp(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @RequestBody UserMappingVO userMappingVO) {
        Assert.hasText(userMappingVO.getIdentityId(), "必须指定应用id(IdentityId)方可查询");
        if (authoredUser.getTenantSid() == 0) {
            throw new BusinessException(I18nError.USE_TENANT_LOGIN);
        }
        return ResponseEntity.ok(this.userMappingService.getMappedByApp(authoredUser.getTenantSid(), userMappingVO.getIdentityId(), userMappingVO.getAccount()));
    }

    @PostMapping(value = {"/query"}, produces = {"application/json; charset=utf-8"})
    public ResponseEntity<?> queryMappedUserByUserAndTenant(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser, @RequestBody UserMappingVO userMappingVO) {
        if (null == userMappingVO.getTenantSid() || 0 == userMappingVO.getTenantSid().longValue()) {
            if (!StringUtils.isEmpty(userMappingVO.getTenantId())) {
                Tenant findById = this.tenantCrudService.findById(userMappingVO.getTenantId());
                if (findById == null) {
                    throw new BusinessException(String.format("租户%s不存在", userMappingVO.getTenantId()));
                }
                userMappingVO.setTenantSid(Long.valueOf(findById.getSid()));
            } else {
                if (authoredUser.getTenantSid() == 0) {
                    throw new BusinessException(I18nError.USE_TENANT_LOGIN);
                }
                userMappingVO.setTenantSid(Long.valueOf(authoredUser.getTenantSid()));
            }
        }
        if (userMappingVO.getTenantSid().longValue() != authoredUser.getTenantSid() && !this.authValidateService.checkAccessPermission(TargetType.Sys.toString(), "POST", AppAuthContextHolder.getContext().getRequestInfo().getPath(), UserUtils.getSysId()).booleanValue()) {
            throw new BusinessException(I18nError.IAM_TENANT_PERMISSION_ERROR);
        }
        if (null == userMappingVO.getUserSid() || 0 == userMappingVO.getUserSid().longValue()) {
            if (!StringUtils.isEmpty(userMappingVO.getUserId())) {
                User findById2 = this.userCrudService.findById(userMappingVO.getUserId());
                if (findById2 == null) {
                    throw new BusinessException(I18nError.USER_NOT_EXIST, new Object[]{userMappingVO.getUserId()});
                }
                userMappingVO.setUserSid(Long.valueOf(findById2.getSid()));
            } else {
                if (authoredUser.getSid() == 0) {
                    throw new BusinessException(I18nError.USER_NOT_EXIST);
                }
                userMappingVO.setUserSid(Long.valueOf(authoredUser.getSid()));
            }
        }
        if (StringUtils.isEmpty(userMappingVO.getIdentityId())) {
            userMappingVO.setIdentityId(UserUtils.getSysId());
        }
        if (StringUtils.isEmpty(userMappingVO.getIdentityId())) {
            throw new BusinessException(I18nError.PARAM_ERROR);
        }
        List<UserMappingQueryResultVO> mappedByUserAndApp = this.userMappingService.getMappedByUserAndApp(userMappingVO.getTenantSid().longValue(), userMappingVO.getUserSid().longValue(), userMappingVO.getIdentityId());
        if (Boolean.TRUE.equals(userMappingVO.getQueryEmpId()) && !CollectionUtils.isEmpty(mappedByUserAndApp)) {
            this.userMappingService.populateEmp(userMappingVO.getTenantSid(), mappedByUserAndApp.get(0).getUserId(), mappedByUserAndApp);
        }
        return ResponseEntity.ok(mappedByUserAndApp);
    }

    @PostMapping(value = {"/query/tenant"}, produces = {"application/json; charset=utf-8"})
    public ResponseEntity<?> queryMappedUserByCondition(@RequestBody UserMappingVO userMappingVO) {
        if (UserUtils.getTenantSid() == 0) {
            throw new BusinessException(I18nError.USE_TENANT_LOGIN);
        }
        if (ObjectUtils.isEmpty(userMappingVO.getTenantSid()) || 0 == userMappingVO.getTenantSid().longValue()) {
            userMappingVO.setTenantSid(Long.valueOf(UserUtils.getTenantSid()));
        }
        if (UserUtils.getTenantSid() != userMappingVO.getTenantSid().longValue()) {
            throw new BusinessException(I18nError.IAM_TENANT_PERMISSION_ERROR);
        }
        return ResponseEntity.ok(PageHelper.startPage(userMappingVO.getPageNum().intValue(), userMappingVO.getPageSize().intValue(), userMappingVO.getOrderBy()).doSelectPageSerializable(() -> {
            this.userMappingService.getMappedByCondition(userMappingVO.getTenantSid().longValue(), userMappingVO);
        }));
    }

    @PostMapping({"/export"})
    public ResponseEntity<?> export(@RequestBody UserMappingVO userMappingVO) {
        return ResponseEntity.ok(this.excelService.exportUserMapping(UserUtils.getTenantSid(), userMappingVO));
    }

    @PostMapping({"/import/{fileId}"})
    public ResponseEntity<?> importUserMapping(@PathVariable String str) {
        return ResponseEntity.ok(this.excelService.importUserMapping(str));
    }

    @PostMapping({"/clear"})
    public ResponseEntity<?> clearUserMapping() {
        return ResponseEntity.ok(Integer.valueOf(this.userMappingService.clearUserMapping()));
    }

    @PostMapping({"/find"})
    public StdData<?> findUserMapping(@Valid @RequestBody EncryptUserMappingVO encryptUserMappingVO) {
        try {
            long parseLong = Long.parseLong(AES.decryptHex(encryptUserMappingVO.getUserSid(), KeyConstant.CAS));
            return StdData.ok(this.userMappingService.getMappedByUserAndApp(Long.parseLong(AES.decryptHex(encryptUserMappingVO.getTenantSid(), KeyConstant.CAS)), parseLong, AES.decryptHex(encryptUserMappingVO.getAppId(), KeyConstant.CAS)));
        } catch (Exception e) {
            LOGGER.error("decrypt encryptUserMappingVO failed, encryptUserMappingVO:{}", JSONUtil.toJsonStr(encryptUserMappingVO), e);
            return StdData.of(500, "加密参数错误");
        }
    }

    @PostMapping({"/query/batch"})
    public StdData<?> queryMappedUserByCondition(@Valid @RequestBody List<BatchMappingQueryRequest> list) {
        return StdData.ok(this.userMappingService.batchQueryMapping(UserUtils.getTenantSid(), list));
    }

    @PostMapping({"/query/global/single"})
    public StdData<?> queryGlobalSingle(@RequestBody QuerySingleMappingRequest querySingleMappingRequest) {
        querySingleMappingRequest.valid();
        List<UserMappingQueryResultVO> byVerifyUserIdAndAppIdAndAccount = this.userMappingService.getByVerifyUserIdAndAppIdAndAccount(querySingleMappingRequest.getVerifyUserId(), querySingleMappingRequest.getAppId(), querySingleMappingRequest.getAccount());
        if (CollectionUtils.isEmpty(byVerifyUserIdAndAppIdAndAccount)) {
            return StdData.ok().build();
        }
        if (byVerifyUserIdAndAppIdAndAccount.size() > 1) {
            throw new BusinessException(I18nError.VERIFY_USER_MAPPING_MULTI_USER_ERROR, new Object[]{querySingleMappingRequest.getVerifyUserId()});
        }
        return StdData.ok(byVerifyUserIdAndAppIdAndAccount.get(0));
    }
}
