package com.esen.eacl.action;

import com.esen.eacl.Login;
import com.esen.eacl.Org;
import com.esen.eacl.OrgConfig;
import com.esen.eacl.OrgService;
import com.esen.eacl.User;
import com.esen.eacl.UserOrg;
import com.esen.eacl.UserOrgServiceFactory;
import com.esen.eacl.UserService;
import com.esen.eacl.WebUtils;
import com.esen.eacl.constant.EaclConst;
import com.esen.eacl.exp.ExpOrg;
import com.esen.eacl.exp.ExpOrgFuncs;
import com.esen.eacl.exp.ExpUser;
import com.esen.eacl.exp.ServerExpCompilerHelper;
import com.esen.eacl.exp.UserOrgExpEvaluateHelper;
import com.esen.eacl.log.EaclUserOrgModuleOperationRegistory;
import com.esen.eacl.org.BaseConfig;
import com.esen.eacl.org.OrgConst;
import com.esen.eacl.org.OrgContext;
import com.esen.eacl.org.PropertyBeanAbs;
import com.esen.eacl.org.VirtualOrg;
import com.esen.eacl.resource.EaclResourceConst;
import com.esen.eacl.search.OrgSearchObj;
import com.esen.eacl.ukey.UkeyService;
import com.esen.eacl.user.LoginPwdStateService;
import com.esen.eacl.user.UserConst;
import com.esen.eacl.user.UserProperty;
import com.esen.eacl.util.OrgUtil;
import com.esen.ecluster.api.Cluster;
import com.esen.ecluster.api.lock.ResLockManager;
import com.esen.ecore.dim.DimensionManagerFactory;
import com.esen.ecore.dim.IDimension;
import com.esen.ecore.log.LogService;
import com.esen.ecore.log.Operation;
import com.esen.ecore.repository.PageRequest;
import com.esen.ecore.resource.ResourceService;
import com.esen.ecore.resource.ResourceUtil;
import com.esen.ecore.spring.SpringContextHolder;
import com.esen.eres.ResourceOper;
import com.esen.eweb.ClientResult;
import com.esen.eweb.action.Action_Js;
import com.esen.eweb.upload.HttpServletRequestEx;
import com.esen.eweb.upload.UploadChecker;
import com.esen.exception.PermissionDenyException;
import com.esen.jdbc.orm.Property;
import com.esen.util.ArrayFunc;
import com.esen.util.ExceptionHandler;
import com.esen.util.FileFunc;
import com.esen.util.StmFunc;
import com.esen.util.StrFunc;
import com.esen.util.XmlFunc;
import com.esen.util.exp.Expression;
import com.esen.util.i18n.I18N;
import com.esen.util.security.SecurityFunc;
import com.esen.util.tmpfile.DefaultTempFileFactory;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

@RequestMapping({"/eacl/usermgr"})
@Controller
/* loaded from: input_file:com/esen/eacl/action/ActionUserMgr.class */
public class ActionUserMgr extends Action_Js {

    @Autowired
    protected DimensionManagerFactory dimFactory;

    @Autowired
    protected BaseConfig baseConfig;

    @Autowired(required = false)
    protected LogService logService;

    @Autowired
    protected UserOrgServiceFactory userorgservice;

    @Autowired
    protected ResourceService resService;

    @Autowired
    protected UkeyService us;

    @Autowired
    protected Cluster cluster;
    protected static final String USER_ORGIDS = "orgids";
    protected static final String USER_ORGCAPTIONS = "orgcaptions";
    protected static final String PROP_ORGCAPTION = "orgcaption";

    @Autowired
    protected UserOrgServiceFactory usf;

    @Autowired
    protected LoginPwdStateService lgService;
    public static final Pattern REG_NAME = Pattern.compile("[\\w|-]+");
    protected static final Logger SLF4J = LoggerFactory.getLogger(ActionUserMgr.class);

    protected Login getLogin() {
        return WebUtils.getLogin();
    }

    protected OrgConfig getOrgConfig() {
        return this.userorgservice.getOrgConfig();
    }

    protected String jsexecute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ClientResult clientResult) throws Exception {
        String parameter = httpServletRequest.getParameter("action");
        if ("browseUsers".equalsIgnoreCase(parameter)) {
            doBrowse(httpServletRequest, clientResult);
            return null;
        }
        if ("add".equalsIgnoreCase(parameter)) {
            doAdd(httpServletRequest, clientResult);
            return null;
        }
        if ("addUserOrg".equalsIgnoreCase(parameter)) {
            doAddUserOrg(httpServletRequest, clientResult);
            return null;
        }
        if ("edit".equalsIgnoreCase(parameter)) {
            doEdit(httpServletRequest, clientResult);
            return null;
        }
        if ("remove".equalsIgnoreCase(parameter)) {
            doRemove(httpServletRequest, clientResult);
            return null;
        }
        if ("query".equalsIgnoreCase(parameter)) {
            doQuery(httpServletRequest, clientResult);
            return null;
        }
        if ("doexport".equalsIgnoreCase(parameter)) {
            doExportUser(httpServletRequest, httpServletResponse);
            return null;
        }
        if ("doimport".equalsIgnoreCase(parameter)) {
            doImportUser(httpServletRequest, httpServletResponse, clientResult);
            return null;
        }
        if ("getdefault".equalsIgnoreCase(parameter)) {
            doGetDefalut(httpServletRequest, clientResult);
            return null;
        }
        if (!"locateuser".equals(parameter)) {
            return null;
        }
        doLocate(httpServletRequest, clientResult);
        return null;
    }

    protected void doLocate(HttpServletRequest httpServletRequest, ClientResult clientResult) {
        String[] split;
        String parameter = httpServletRequest.getParameter("text");
        SecurityFunc.checkXSSParam(parameter);
        if (StrFunc.isNull(parameter) || parameter.equals("*")) {
            clientResult.getWriter().write("");
            return;
        }
        String parameter2 = httpServletRequest.getParameter("userid");
        SecurityFunc.checkXSSParam(parameter2);
        Pattern wildcard2RegexPattern = StrFunc.wildcard2RegexPattern(parameter);
        String filter = SecurityFunc.filter(httpServletRequest.getParameter("start"));
        String rootUpid = this.userorgservice.getOrgService().getEntityInfo().getRootUpid();
        if (StrFunc.isNull(filter)) {
            split = new String[]{rootUpid};
        } else {
            split = filter.split(",");
            split[0] = rootUpid;
        }
        Login login = WebUtils.getLogin(httpServletRequest);
        List<String> array2list = ArrayFunc.array2list(split, (List) null);
        searchUser(array2list, new OrgSearchObj(), wildcard2RegexPattern, login, parameter2, httpServletRequest);
        if (array2list.size() > 0 && StrFunc.compareStr(rootUpid, array2list.get(0))) {
            array2list.remove(0);
        }
        clientResult.getWriter().write(array2list.isEmpty() ? "" : ArrayFunc.list2Str(array2list, ","));
    }

    protected void searchUser(List<String> list, OrgSearchObj orgSearchObj, Pattern pattern, Login login, String str, HttpServletRequest httpServletRequest) {
        if (list == null || list.isEmpty()) {
            return;
        }
        String selectUserInOrgs = selectUserInOrgs(list.get(list.size() - 1), str, pattern);
        if (!StrFunc.isNull(selectUserInOrgs)) {
            list.add(selectUserInOrgs);
        } else if (!continueFind(list, orgSearchObj, pattern, login, null, false, httpServletRequest) || list.isEmpty() || !continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), false, httpServletRequest) || list.isEmpty() || continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), true, httpServletRequest)) {
        }
    }

    protected boolean continueFind(List<String> list, OrgSearchObj orgSearchObj, Pattern pattern, Login login, String str, boolean z, HttpServletRequest httpServletRequest) {
        List<Org> listOrgs;
        if (list.isEmpty()) {
            return false;
        }
        OrgService orgServiceImpl = getOrgServiceImpl();
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = str == null;
        String str2 = list.get(list.size() - 1);
        String str3 = null;
        Org org = getOrg(orgSearchObj, str2);
        if (org != null && orgServiceImpl.isVParentOrg(org)) {
            z3 = true;
        }
        if (list.size() >= 2) {
            str3 = list.get(list.size() - 2);
            Org org2 = getOrg(orgSearchObj, str3);
            if (org2 != null && orgServiceImpl.isVParentOrg(org2)) {
                z2 = true;
            }
        }
        if (z3) {
            List list2 = orgServiceImpl.findVOrg(null, str2, new PageRequest(-1, -1)).list();
            if (list2 == null || list2.isEmpty()) {
                return true;
            }
            for (int i = 0; i < list2.size(); i++) {
                VirtualOrg virtualOrg = (VirtualOrg) list2.get(i);
                if (!z4) {
                    if (virtualOrg.getId() == null) {
                        virtualOrg.setId("");
                    }
                    z4 = StrFunc.compareStr(str, virtualOrg.getId());
                    if (i == list2.size() - 1 && z && !list.isEmpty()) {
                        continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), true, httpServletRequest);
                    }
                } else {
                    if (!listOrgs(orgServiceImpl, virtualOrg.getId(), login, str2).isEmpty() && !z) {
                        list.add(virtualOrg.getId());
                        searchUser(list, orgSearchObj, pattern, login, null, httpServletRequest);
                        return false;
                    }
                    if (i == list2.size() - 1 && z && !list.isEmpty()) {
                        continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), true, httpServletRequest);
                    }
                }
            }
            return true;
        }
        String str4 = z2 ? str3 : null;
        if (login.isAdmin() || !StrFunc.compareStr(str2, "--")) {
            getOrgChilds(orgSearchObj, str2, login, str4);
            listOrgs = listOrgs(orgServiceImpl, str2, login, str4);
        } else {
            listOrgs = orgSearchObj.getOrgChilds(str2);
            if (listOrgs == null) {
                listOrgs = OrgUtil.listRootOrgids(login, getContext(httpServletRequest));
                orgSearchObj.addOrgChilds(str2, listOrgs);
            }
        }
        if (listOrgs == null) {
            listOrgs = getOrgChilds(orgSearchObj, str2, login, str4);
        }
        if (listOrgs == null || listOrgs.isEmpty()) {
            return true;
        }
        for (int i2 = 0; i2 < listOrgs.size(); i2++) {
            Org org3 = listOrgs.get(i2);
            if (z4) {
                String selectUserInOrgs = selectUserInOrgs(org3.getId(), null, pattern);
                if (!StrFunc.isNull(selectUserInOrgs)) {
                    list.add(org3.getId());
                    list.add(selectUserInOrgs);
                    return false;
                }
                if (!getOrgChilds(orgSearchObj, org3.getId(), login, null).isEmpty()) {
                    list.add(org3.getId());
                    searchUser(list, orgSearchObj, pattern, login, null, httpServletRequest);
                    return false;
                }
                if (i2 == listOrgs.size() - 1 && z && !list.isEmpty()) {
                    continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), true, httpServletRequest);
                }
            } else {
                z4 = StrFunc.compareStr(str, org3.getId());
                if (i2 == listOrgs.size() - 1 && z && !list.isEmpty()) {
                    continueFind(list, orgSearchObj, pattern, login, list.remove(list.size() - 1), true, httpServletRequest);
                }
            }
        }
        return true;
    }

    private Org getOrg(OrgSearchObj orgSearchObj, String str) {
        if (StrFunc.compareStr(str, "--")) {
            return null;
        }
        OrgService orgService = this.userorgservice.getOrgService();
        Org org = orgSearchObj.getOrg(str);
        if (org == null) {
            org = orgService.query(null, str, false);
            orgSearchObj.addOrg(str, org);
        }
        return org;
    }

    private List<Org> getOrgChilds(OrgSearchObj orgSearchObj, String str, Login login, String str2) {
        List<Org> orgChilds;
        OrgService orgService = this.userorgservice.getOrgService();
        String str3 = str;
        if (StrFunc.isNull(str2)) {
            orgChilds = orgSearchObj.getOrgChilds(str);
        } else {
            str3 = str + EaclConst.VIRTUALORG_SUFF;
            orgChilds = orgSearchObj.getOrgChilds(str3);
        }
        if (orgChilds == null) {
            orgChilds = listOrgs(orgService, str, login, str2);
            orgSearchObj.addOrgChilds(str3, orgChilds);
        }
        return orgChilds;
    }

    protected List<Org> listOrgs(OrgService orgService, String str, Login login, String str2) {
        return !StrFunc.isNull(str2) ? checkSearchOrgs(orgService.findOrgByVid(null, str2, str, new PageRequest(-1, -1)).list()) : checkSearchOrgs(orgService.findOrgs(null, str, false, new PageRequest(-1, -1)).list());
    }

    protected List<Org> checkSearchOrgs(List<Org> list) {
        if (list.isEmpty()) {
            return list;
        }
        HttpServletRequest request = WebUtils.getRequest();
        ArrayList arrayList = new ArrayList();
        for (Org org : list) {
            if (checkOrg(request, org.getId(), ResourceOper.VIEW.getOperId())) {
                arrayList.add(org);
            }
        }
        return arrayList;
    }

    protected boolean checkOrg(HttpServletRequest httpServletRequest, String str, String str2) {
        Login login = getLogin();
        if (login.isAdmin()) {
            return true;
        }
        return WebUtils.getPmChecker(login).check(ResourceUtil.getResource(ResourceUtil.getResourceId(EaclResourceConst.MOUDLE_ID, EaclResourceConst.RES_TYPE_ORG.getType(), str)), str2);
    }

    protected String selectUserInOrgs(String str, String str2, Pattern pattern) {
        List<User> listUser;
        if (str == null || (listUser = listUser(str)) == null || listUser.size() == 0) {
            return null;
        }
        int i = 0;
        if (!StrFunc.isNull(str2)) {
            int i2 = 0;
            while (true) {
                if (i2 >= listUser.size()) {
                    break;
                }
                if (StrFunc.compareStr(str2, listUser.get(i2).getId())) {
                    i = i2 + 1;
                    break;
                }
                i2++;
            }
        }
        for (int i3 = i; i3 < listUser.size(); i3++) {
            User user = listUser.get(i3);
            if (machUser(user, pattern)) {
                return user.getId();
            }
        }
        return null;
    }

    protected List<User> listUser(String str) {
        if (StrFunc.isNull(str) || str.equalsIgnoreCase("--")) {
            return null;
        }
        return getUserServiceImpl().find(str, new PageRequest(-1, -1)).list();
    }

    protected boolean machUser(User user, Pattern pattern) {
        if (pattern == null) {
            return false;
        }
        String id = user.getId();
        if (pattern.matcher(id == null ? "" : id).find()) {
            return true;
        }
        String name = user.getName();
        return pattern.matcher(name == null ? "" : name).find();
    }

    protected void doQuery(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        User query = getUserServiceImpl().query(httpServletRequest.getParameter("userid"), false);
        if (query != null) {
            Document createDocument = XmlFunc.createDocument("orginfo");
            Element documentElement = createDocument.getDocumentElement();
            Element createElement = createDocument.createElement("orgobj");
            createElement.setAttribute("type", UserConst.USER_ENTITY_NAME);
            saveUser(query, createElement, true, getContext(httpServletRequest));
            documentElement.appendChild(createElement);
            clientResult.setContentType("text/xml; charset=UTF-8");
            XmlFunc.saveDocument(createDocument, clientResult.getOutputStream(), "utf-8");
        }
    }

    protected UserService getUserServiceImpl() {
        return this.userorgservice.getUserService();
    }

    protected OrgService getOrgServiceImpl() {
        return this.userorgservice.getOrgService();
    }

    protected boolean checkUser(HttpServletRequest httpServletRequest, String str, String str2) {
        Login login = getLogin();
        if (login.isAdmin()) {
            return true;
        }
        return WebUtils.getPmChecker(login).check(ResourceUtil.getResource(ResourceUtil.getResourceId(EaclResourceConst.MOUDLE_ID, EaclResourceConst.RES_TYPE_ORG.getType(), str)), str2);
    }

    protected void doRemove(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        String parameter = httpServletRequest.getParameter("userids");
        String parameter2 = httpServletRequest.getParameter("orgid");
        if (StrFunc.isNull(parameter2)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.orgidisnull", "用户所在机构id不能为空！");
        }
        this.userorgservice.getOrgService().query(null, parameter2, true);
        UserService userServiceImpl = getUserServiceImpl();
        if (StrFunc.isNull(parameter)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.useridsisnull", "需删除的用户id不能为空！");
        }
        for (String str : parameter.split(";")) {
            long currentTimeMillis = System.currentTimeMillis();
            User query = userServiceImpl.query(str, true);
            String caption = query == null ? null : query.getCaption();
            String resourceId = ResourceUtil.getResourceId(EaclResourceConst.MOUDLE_ID, EaclResourceConst.RES_TYPE_USER.getType(), str);
            String caption2 = query.getCaption();
            try {
            } catch (Exception e) {
                logerr(httpServletRequest, currentTimeMillis, str, caption, EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_DELUSER, I18N.getString("com.esen.eacl.action.actionusermgr.deleteuserfail", "删除用户“{0}”失败", I18N.getDefaultLocale(), new Object[]{str}), e, resourceId, caption2);
                ExceptionHandler.rethrowRuntimeException(e);
            }
            if (!checkUser(httpServletRequest, parameter2, "delete")) {
                throw new PermissionDenyException(I18N.getString("com.esen.eacl.action.actionusermgr.permissiondenydelete", "您没有用户“{0}”的(删除)权限", new Object[]{str}));
            }
            ResLockManager resLockManager = this.cluster.getResLockManager();
            resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.action.actionusermgr.delteuserlockpersonal", "删除用户给机构用户上锁"), WebUtils.getLogin(httpServletRequest).getId());
            try {
                userServiceImpl.delete(parameter2, str);
                resLockManager.unlock(EaclResourceConst.RES_USERORG, WebUtils.getLogin(httpServletRequest).getId());
                String string = I18N.getString("com.esen.eacl.action.actionusermgr.deleteusersess", "删除用户“{0}”成功", I18N.getDefaultLocale(), new Object[]{str});
                loginfo(httpServletRequest, currentTimeMillis, str, caption, EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_DELUSER, string, string, resourceId, caption2);
            } catch (Throwable th) {
                resLockManager.unlock(EaclResourceConst.RES_USERORG, WebUtils.getLogin(httpServletRequest).getId());
                throw th;
            }
        }
        clientResult.getWriter().print("success");
    }

    /* JADX WARN: Finally extract failed */
    protected void doEdit(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        UserService userServiceImpl = getUserServiceImpl();
        User userFromReq = getUserFromReq(userServiceImpl, httpServletRequest);
        String userid = userFromReq.getUserid();
        String resourceId = ResourceUtil.getResourceId(EaclResourceConst.MOUDLE_ID, EaclResourceConst.RES_TYPE_USER.getType(), userid);
        String caption = userFromReq.getCaption();
        try {
            Map<String, String> orgs = this.usf.getUserService().getOrgs(userid, false);
            if (!checkUser(httpServletRequest, userFromReq.getOrgid(), "edit")) {
                boolean z = false;
                String[] array2stringArray = ArrayFunc.array2stringArray(orgs.keySet().toArray());
                int i = 0;
                while (true) {
                    if (i >= array2stringArray.length) {
                        break;
                    }
                    if (checkUser(httpServletRequest, array2stringArray[i], "edit")) {
                        z = true;
                        break;
                    }
                    i++;
                }
                if (!z) {
                    throw new PermissionDenyException(I18N.getString("com.esen.eacl.action.actionusermgr.permissiondenyedit", "您没有用户“{0}”的(编辑)权限", new Object[]{userid}));
                }
            }
            User query = userServiceImpl.query(userid, true);
            String orgid = userFromReq.getOrgid();
            if (!StrFunc.compareStr(query.getOrgid(), orgid)) {
                this.userorgservice.getOrgService().query(null, orgid, true);
                if (!checkUser(httpServletRequest, orgid, "create")) {
                    throw new PermissionDenyException(I18N.getString("com.esen.eacl.action.actionusermgr.nocreateauthnochangeorg", "您没有新机构【{0}】新增权限,无法将用户【{1}】修改到新机构下。", new Object[]{orgid, userid}));
                }
            }
            Login login = WebUtils.getLogin(httpServletRequest);
            ResLockManager resLockManager = this.cluster.getResLockManager();
            resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.action.actionusermgr.edituserlockpersonal", "编辑用户给机构用户上锁"), login.getId());
            try {
                userServiceImpl.modify(userFromReq);
                if (StrFunc.parseBoolean(httpServletRequest.getParameter("editpwd"), false)) {
                    userServiceImpl.changePassword(login, userFromReq.getUserid(), StrFunc.encryptPassword(userFromReq.getPassword()), StrFunc.encryptPassword(httpServletRequest.getParameter(UserConst.PROP_PASSW0RD)));
                    if (login.getId() != userFromReq.getId()) {
                        this.lgService.setPwdChange(userFromReq.getId());
                    }
                }
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
                String string = I18N.getString("com.esen.eacl.action.actionusermgr.modiuser", "修改用户“{0}”", I18N.getDefaultLocale(), new Object[]{userid});
                loginfo(httpServletRequest, currentTimeMillis, userid, userFromReq.getCaption(), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_EDITUSER, string, string, resourceId, caption);
            } catch (Throwable th) {
                resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
                throw th;
            }
        } catch (Exception e) {
            logerr(httpServletRequest, currentTimeMillis, userid, userFromReq.getCaption(), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_EDITUSER, I18N.getString("com.esen.eacl.action.actionusermgr.modiuserfail", "修改用户“{0}”失败", I18N.getDefaultLocale(), new Object[]{userid}), e, resourceId, caption);
            ExceptionHandler.rethrowRuntimeException(e);
        }
        clientResult.getWriter().print("success");
    }

    protected void doAddUserOrg(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        UserService userServiceImpl = getUserServiceImpl();
        String parameter = httpServletRequest.getParameter("userid");
        UserOrg userOrg = new UserOrg(parameter, httpServletRequest.getParameter("orgid"), httpServletRequest.getParameter("orgcaption"), false);
        if (!checkUser(httpServletRequest, userOrg.getOrgid(), "create")) {
            throw new PermissionDenyException(I18N.getString("com.esen.eacl.action.actionusermgr.permissiondenycreate", "您没有用户“{0}”的(新增)权限", new Object[]{parameter}));
        }
        Login login = WebUtils.getLogin(httpServletRequest);
        ResLockManager resLockManager = this.cluster.getResLockManager();
        resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.action.actionusermgr.adduseredlockpersonal", "添加已存在用户到结构中给机构用户上锁"), login.getId());
        try {
            userServiceImpl.addUserOrg(userOrg);
            resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            clientResult.getWriter().print("success");
        } catch (Throwable th) {
            resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            throw th;
        }
    }

    protected void doAdd(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        UserService userServiceImpl = getUserServiceImpl();
        User userFromReq = getUserFromReq(userServiceImpl, httpServletRequest);
        String userid = userFromReq.getUserid();
        String id = this.resService.obj2Resource(userFromReq).getId();
        String caption = userFromReq.getCaption();
        try {
        } catch (Exception e) {
            logerr(httpServletRequest, currentTimeMillis, userid, userFromReq.getCaption(), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_NEWUSER, I18N.getString("com.esen.eacl.action.actionusermgr.adduserfail", "添加用户“{0}”失败", I18N.getDefaultLocale(), new Object[]{userid}), e, id, caption);
            ExceptionHandler.rethrowRuntimeException(e);
        }
        if (!checkUser(httpServletRequest, userFromReq.getOrgid(), "create")) {
            throw new PermissionDenyException(I18N.getString("com.esen.eacl.action.actionusermgr.permissiondenycreate", "您没有用户“{0}”的(新增)权限", new Object[]{userid}));
        }
        Login login = WebUtils.getLogin(httpServletRequest);
        ResLockManager resLockManager = this.cluster.getResLockManager();
        resLockManager.lock(EaclResourceConst.RES_USERORG, I18N.getString("com.esen.eacl.action.actionusermgr.adduserlockpersonal", "添加用户给机构用户上锁"), login.getId());
        try {
            userServiceImpl.add(userFromReq);
            resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            String string = I18N.getString("com.esen.eacl.action.actionusermgr.adduser", "添加用户“{0}”", I18N.getDefaultLocale(), new Object[]{userid});
            loginfo(httpServletRequest, currentTimeMillis, userid, userFromReq.getCaption(), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_NEWUSER, string, string, id, caption);
            clientResult.getWriter().print("success");
        } catch (Throwable th) {
            resLockManager.unlock(EaclResourceConst.RES_USERORG, login.getId());
            throw th;
        }
    }

    protected User getUserFromReq(UserService userService, HttpServletRequest httpServletRequest) throws Exception {
        User user;
        String parameter = httpServletRequest.getParameter("userid");
        if (StrFunc.isNull(parameter)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.useridisnull", "用户代码不能为空！");
        }
        String parameter2 = httpServletRequest.getParameter("caption");
        if (StrFunc.isNull(parameter2)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.captionisnull", "用户名称不能为空！");
        }
        if (Boolean.valueOf(StrFunc.parseBoolean(httpServletRequest.getParameter("escape"), false)).booleanValue()) {
            parameter2 = StrFunc.unescapeURIComponent(parameter2);
        }
        SecurityFunc.checkXSSParam(parameter2);
        String parameter3 = httpServletRequest.getParameter("orgid");
        if (StrFunc.isNull(parameter3)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.orgidisnull", "用户所在机构id不能为空！");
        }
        SecurityFunc.checkXSSParam(parameter3);
        this.userorgservice.getOrgService().query(null, parameter3, true);
        boolean parseBoolean = StrFunc.parseBoolean(httpServletRequest.getParameter("enabled"), true);
        String parameter4 = httpServletRequest.getParameter(UserConst.PROP_EMAIL);
        SecurityFunc.checkXSSParam(parameter4);
        String parameter5 = httpServletRequest.getParameter("tel");
        SecurityFunc.checkXSSParam(parameter5);
        boolean parseBoolean2 = StrFunc.parseBoolean(httpServletRequest.getParameter("editpwd"), false);
        String parameter6 = httpServletRequest.getParameter(UserConst.PROP_PASSW0RD);
        SecurityFunc.checkXSSParam(parameter6);
        String parameter7 = httpServletRequest.getParameter(UserConst.PROP_EFFECTIVEDATE);
        SecurityFunc.checkXSSParam(parameter7);
        String parameter8 = httpServletRequest.getParameter(UserConst.PROP_UKEY);
        if (this.us.isUseUkey()) {
            SecurityFunc.checkXSSParam(parameter8);
            this.us.checkUkey(parameter8, parameter);
        }
        String parameter9 = httpServletRequest.getParameter("action");
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        Calendar parseCalendar = StrFunc.parseCalendar(parameter7, (Calendar) null);
        if (StrFunc.compareStr(parameter9, "add")) {
            try {
                SecurityFunc.checkParam((HttpServletRequest) null, parameter, REG_NAME);
            } catch (IllegalArgumentException e) {
                ExceptionHandler.rethrowRuntimeException(e, "com.esen.eacl.action.actionusermgr.usercodeillegal", "用户代码输入不合法，只能由字母、数字、下划线、及横线构成！");
            }
            if (!parseBoolean2) {
                parameter6 = parameter;
            }
            String parameter10 = httpServletRequest.getParameter("orgcaption");
            user = new User(parameter, parameter2, parameter3, StrFunc.encryptPassword(parameter6), parseBoolean, parameter4, parameter5, calendar, calendar, parseCalendar);
            user.setOrgcaption(parameter10);
            user.setUkey(parameter8);
        } else {
            user = userService.query(parameter, true).clone();
            user.setLastmodifytime(calendar);
            user.setEnabled(parseBoolean);
            if (!StrFunc.isNull(parameter3)) {
                user.setOrgid(parameter3);
            }
            if (!StrFunc.isNull(parameter2)) {
                user.setCaption(parameter2);
            }
            if (parameter4 != null) {
                user.setEmail(parameter4);
            }
            if (parameter5 != null) {
                user.setTel(parameter5);
            }
            if (parameter7 != null) {
                user.setEffectivedate(parseCalendar);
            }
            if (parameter8 != null) {
                user.setUkey(parameter8);
            }
        }
        Iterator<UserProperty> extProperties = userService.getEntityInfo().getExtProperties();
        while (extProperties.hasNext()) {
            UserProperty next = extProperties.next();
            String name = next.getName();
            if (next.getType() == 'N') {
                user.setExtValue(name, Double.valueOf(StrFunc.parseDouble(httpServletRequest.getParameter(name), 0.0d)));
            } else {
                user.setExtValue(name, ExpOrgFuncs.convertObj(next.getType(), httpServletRequest.getParameter(name)));
            }
        }
        return user;
    }

    protected void doBrowse(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        String parameter = httpServletRequest.getParameter("deptid");
        if (StrFunc.isNull(parameter)) {
            return;
        }
        OrgContext context = getContext(httpServletRequest);
        Org query = getOrgServiceImpl().query(context, parameter, false);
        if (query == null) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.action.actionusermgr.orgidnotexist", "机构id{0}不存在，无法查询机构下的用户！", new Object[]{parameter});
        }
        List list = getUserServiceImpl().find(parameter, new PageRequest(-1, -1)).list();
        if (list.size() > 0) {
            Document saveUsers = saveUsers((User[]) ArrayFunc.list2array(list), context, query);
            clientResult.setContentType("text/xml; charset=UTF-8");
            XmlFunc.saveDocument(saveUsers, clientResult.getOutputStream(), "UTF-8");
        }
    }

    protected Document saveUsers(User[] userArr, OrgContext orgContext, Org org) throws Exception {
        Document createDocument = XmlFunc.createDocument("orginfo");
        Element documentElement = createDocument.getDocumentElement();
        for (User user : userArr) {
            Element createElement = createDocument.createElement("orgobj");
            createElement.setAttribute("type", UserConst.USER_ENTITY_NAME);
            saveValue2Elem("userid", user.getUserid(), createElement);
            saveValue2Elem("caption", user.getCaption(), createElement);
            saveValue2Elem("orgid", user.getOrgid(), createElement);
            saveExp(user, createElement, org, orgContext);
            saveUser(user, createElement, false, null);
            documentElement.appendChild(createElement);
        }
        return createDocument;
    }

    protected void saveUser(User user, Element element, boolean z, OrgContext orgContext) {
        if (z) {
            saveUserThird(user, element, orgContext);
        }
        if (getOrgConfig().isThirdDb()) {
            return;
        }
        saveValue2Elem("orgid", user.getOrgid(), element);
        saveValue2Elem("orgcaption", user.getOrgcaption(), element);
        Map<String, String> orgs = getUserServiceImpl().getOrgs(user.getUserid(), false);
        saveValue2Elem(USER_ORGIDS, ArrayFunc.array2Str(orgs.keySet().toArray(), ";"), element);
        saveValue2Elem(USER_ORGCAPTIONS, ArrayFunc.array2Str(orgs.values().toArray(), ";"), element);
    }

    protected void saveUserThird(User user, Element element, OrgContext orgContext) {
        List properties = getUserServiceImpl().getEntityInfo().getProperties();
        Org query = getOrgServiceImpl().query(orgContext, user.getOrgid(), false);
        int size = properties.size();
        for (int i = 0; i < size; i++) {
            String name = ((Property) properties.get(i)).getName();
            if (!StrFunc.compareStrIgnoreCase(name, UserConst.PROP_PASSW0RD)) {
                saveValue2Elem(name, user._exp_getProperty(name, null), element, (PropertyBeanAbs) properties.get(i), user, query, orgContext);
            }
        }
        saveExp(user, element, query, orgContext);
    }

    protected void saveExp(User user, Element element, Org org, OrgContext orgContext) {
        saveValue2Elem("_usericon_", evalUser(new Expression(this.baseConfig.getUserIcon()), user, org, orgContext), element);
    }

    protected void saveValue2Elem(String str, Object obj, Element element) {
        saveValue2Elem(str, obj, element, null, null, null, null);
    }

    protected String object2str(Object obj) {
        if (!(obj instanceof Calendar)) {
            return obj instanceof Double ? StrFunc.double2str(((Double) obj).doubleValue()) : obj == null ? "" : obj.toString();
        }
        String date2str = StrFunc.date2str((Calendar) obj, (String) null);
        return date2str == null ? "" : date2str;
    }

    protected void saveValue2Elem(String str, Object obj, Element element, PropertyBeanAbs propertyBeanAbs, User user, Org org, OrgContext orgContext) {
        IDimension dimension;
        Element createElement = element.getOwnerDocument().createElement(OrgConst.FIELD_ATTR);
        XmlFunc.setElementAttribute(createElement, "name", str);
        XmlFunc.setElementAttribute(createElement, "value", object2str(obj));
        if (propertyBeanAbs != null) {
            XmlFunc.setElementAttribute(createElement, "showval", OrgUtil.getShowText(propertyBeanAbs, obj));
            if (propertyBeanAbs.getType() == 'C' && !StrFunc.isNull(propertyBeanAbs.getCodeName())) {
                String evalUser = evalUser(propertyBeanAbs.getUpCode(), user, org, orgContext);
                if (!StrFunc.isNull(evalUser) && (dimension = this.dimFactory.getPublicDimensionMgr().getDimension(propertyBeanAbs.getCodeName(), false)) != null && dimension.getTree().findDimensionItem(evalUser, false) != null) {
                    XmlFunc.setElementAttribute(createElement, OrgConst.TAG_UPCODE, evalUser);
                }
            }
        }
        element.appendChild(createElement);
    }

    protected String evalUser(Expression expression, User user, Org org, OrgContext orgContext) {
        if (expression == null || StrFunc.isNull(expression.toString())) {
            return "";
        }
        try {
            expression.compile(new ServerExpCompilerHelper());
            return expression.evaluateString(new UserOrgExpEvaluateHelper(null, new ExpOrg(orgContext, org), new ExpUser(orgContext, user)));
        } catch (Exception e) {
            SLF4J.error(I18N.getString("com.esen.eacl.action.actionusermgr.gongshierror", "公式\"{0}\"计算出错", new Object[]{expression.toString()}), e);
            return "";
        }
    }

    /* JADX WARN: Finally extract failed */
    protected void doExportUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter("deptid");
        long currentTimeMillis = System.currentTimeMillis();
        String caption = ResourceUtil.getResource(EaclResourceConst.RES_USERORG).getCaption(I18N.getDefaultLocale());
        try {
            File createTempFile = DefaultTempFileFactory.getInstance().createTempFile((String) null);
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                try {
                    try {
                        getUserServiceImpl().exportUsers(parameter, fileOutputStream);
                        String string = I18N.getString("com.esen.eacl.action.actionusermgr.exportuser", "导出用户", I18N.getDefaultLocale(), (Object[]) null);
                        loginfo(httpServletRequest, currentTimeMillis, "--", I18N.getString("com.esen.eacl.action.actionusermgr.rootuser", "根用户", I18N.getDefaultLocale(), (Object[]) null), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_EXPUSER, string, string, EaclResourceConst.RES_USERORG, caption);
                        doGetExportHeader(httpServletResponse, UserConst.USER_ENTITY_NAME);
                        StmFunc.stmCopyFrom(createTempFile.getAbsolutePath(), httpServletResponse.getOutputStream());
                        fileOutputStream.close();
                    } catch (Exception e) {
                        logerr(httpServletRequest, currentTimeMillis, "--", I18N.getString("com.esen.eacl.action.actionusermgr.rootuser", "根用户", I18N.getDefaultLocale(), (Object[]) null), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_EXPUSER, I18N.getString("com.esen.eacl.action.actionusermgr.exportusererror", "导出用户失败"), e, EaclResourceConst.RES_USERORG, caption);
                        try {
                            e.printStackTrace();
                            WebUtils.outJavascript(httpServletResponse.getWriter(), getAlertScriptMsg(StrFunc.formatJsStr(StrFunc.exception2str(e))));
                        } catch (Exception e2) {
                            e2.printStackTrace();
                        }
                        fileOutputStream.close();
                    }
                    FileFunc.remove(createTempFile);
                } catch (Throwable th) {
                    fileOutputStream.close();
                    throw th;
                }
            } catch (Throwable th2) {
                FileFunc.remove(createTempFile);
                throw th2;
            }
        } catch (Exception e3) {
            WebUtils.setException(httpServletRequest, e3);
        }
    }

    protected void doGetExportHeader(HttpServletResponse httpServletResponse, String str) throws Exception {
        WebUtils.resetResponse(httpServletResponse);
        WebUtils.setDownloadHeader(httpServletResponse, "application/zip", null, null, str + System.currentTimeMillis() + ".zip");
    }

    protected void doImportUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ClientResult clientResult) throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        Login login = WebUtils.getLogin(httpServletRequest);
        String caption = ResourceUtil.getResource(EaclResourceConst.RES_USERORG).getCaption(I18N.getDefaultLocale());
        PrintWriter writer = httpServletResponse.getWriter();
        HttpServletRequestEx httpServletRequestEx = new HttpServletRequestEx(httpServletRequest);
        UploadChecker uploadChecker = (UploadChecker) SpringContextHolder.getBean(UploadChecker.class);
        try {
            int i = StrFunc.parseBoolean(httpServletRequestEx.getParameter("clear"), false) ? 1 : StrFunc.parseBoolean(httpServletRequestEx.getParameter("overwrite"), false) ? 3 : 2;
            HashMap hashMap = new HashMap();
            hashMap.put(OrgConst.IMPORT_OPT, Integer.valueOf(i));
            hashMap.put(OrgConst.IMPORT_MODULE_TYPE, Integer.valueOf(StrFunc.parseInt(httpServletRequestEx.getParameter(OrgConst.IMPORT_MODULE_TYPE), 0)));
            for (FileItem fileItem : httpServletRequestEx.getFiles()) {
                try {
                    uploadChecker.checkCanUpload(fileItem, "eacl-importuser", login.getId(), new String[]{".zip"}, new String[]{".txt"});
                    if (!StrFunc.compareStr(FileFunc.extractFileExt(fileItem.getName()), ".zip")) {
                        ExceptionHandler.throwRuntimeException("com.esen.eacl.action.usermanagerimpl.importfilemustbezip", "导入的必须是压缩的zip文件");
                    }
                    InputStream inputStream = fileItem.getInputStream();
                    try {
                        getUserServiceImpl().importUsers(inputStream, hashMap);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                    } catch (Throwable th) {
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th;
                    }
                } catch (Exception e) {
                    logerr(httpServletRequest, currentTimeMillis, "--", I18N.getString("com.esen.eacl.action.actionusermgr.rootuser", "根用户", I18N.getDefaultLocale(), (Object[]) null), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_IMPUSER, I18N.getString("com.esen.eacl.action.actionusermgr.importuserfail", "导入用户失败", I18N.getDefaultLocale(), (Object[]) null), e, EaclResourceConst.RES_USERORG, caption);
                    e.printStackTrace();
                    JSONObject jSONObject = new JSONObject();
                    jSONObject.put("msg", SecurityFunc.filter(e.getLocalizedMessage()));
                    jSONObject.put("detail", StrFunc.exception2str(e));
                    writer.print(jSONObject.toString());
                }
            }
            uploadChecker.updateUploadInfo("eacl-importuser", login.getId());
            String string = I18N.getString("com.esen.eacl.action.actionusermgr.importuser", "导入用户", I18N.getDefaultLocale(), (Object[]) null);
            loginfo(httpServletRequest, currentTimeMillis, "--", I18N.getString("com.esen.eacl.action.actionusermgr.rootuser", "根用户", I18N.getDefaultLocale(), (Object[]) null), EaclUserOrgModuleOperationRegistory.EaclUserOrgLogOperation.OP_IMPUSER, string, string, EaclResourceConst.RES_USERORG, caption);
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("msg", I18N.getString("com.esen.eacl.action.actionusermgr.importsuccess", "导入成功"));
            writer.print(jSONObject2.toString());
        } finally {
            httpServletRequestEx.deleteUploadFiles();
        }
    }

    protected String getAlertScriptMsg(String str) {
        return "alert(\"" + str + "\")";
    }

    protected OrgContext getContext(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("date");
        OrgContext orgContext = new OrgContext();
        orgContext.setDate(StrFunc.parseCalendar(parameter, Calendar.getInstance()));
        return orgContext;
    }

    protected void doGetDefalut(HttpServletRequest httpServletRequest, ClientResult clientResult) throws Exception {
        User user;
        OrgContext context = getContext(httpServletRequest);
        String parameter = httpServletRequest.getParameter("orgid");
        String parameter2 = httpServletRequest.getParameter("orgcaption");
        try {
            user = ExpOrgFuncs.initUser(parameter, context);
        } catch (Exception e) {
            SLF4J.error(I18N.getString("com.esen.eacl.action.actionusermgr.calculationuserwrong", "计算用户默认值出错", I18N.getDefaultLocale(), (Object[]) null), e);
            user = new User();
            user.setOrgid(parameter);
        }
        user.setOrgcaption(parameter2);
        Document createDocument = XmlFunc.createDocument("orginfo");
        Element documentElement = createDocument.getDocumentElement();
        Element createElement = createDocument.createElement("orgobj");
        createElement.setAttribute("type", UserConst.USER_ENTITY_NAME);
        Expression defaultValue = getUserServiceImpl().getEntityInfo().m67getProperty("enabled").getDefaultValue();
        if (defaultValue == null || StrFunc.isNull(defaultValue.toString())) {
            user.setEnabled(true);
        }
        user.setLastpwdmodifytime(Calendar.getInstance());
        user.setLastmodifytime(Calendar.getInstance());
        saveUser(user, createElement, true, context);
        documentElement.appendChild(createElement);
        clientResult.setContentType("text/xml; charset=UTF-8");
        XmlFunc.saveDocument(createDocument, clientResult.getOutputStream(), "utf-8");
    }

    protected void loginfo(HttpServletRequest httpServletRequest, long j, String str, String str2, Operation operation, String str3, String str4, String str5, String str6) {
        this.logService.create().start(j).desc(str3).op(operation).rid(str5).rname(str6).detail(str4).info().end().add();
    }

    protected void logerr(HttpServletRequest httpServletRequest, long j, String str, String str2, Operation operation, String str3, Exception exc, String str4, String str5) {
        this.logService.create().start(j).desc(str3).op(operation).rid(str4).rname(str5).exception(exc).error().end().add();
    }
}
