package com.actionsoft.bpms.commons.security.basic.web;

import com.actionsoft.bpms.commons.htmlframework.HtmlPageTemplate;
import com.actionsoft.bpms.commons.log.sla.constant.SLAConst;
import com.actionsoft.bpms.commons.mvc.view.ActionWeb;
import com.actionsoft.bpms.commons.mvc.view.ResponseObject;
import com.actionsoft.bpms.commons.security.ac.AccessControlAPI;
import com.actionsoft.bpms.commons.security.ac.cache.AccessControlCache;
import com.actionsoft.bpms.commons.security.ac.dao.AccessControlDaoFactory;
import com.actionsoft.bpms.commons.security.ac.model.AccessControlModel;
import com.actionsoft.bpms.commons.security.ac.model.SecurityGroupACCM;
import com.actionsoft.bpms.commons.security.basic.cache.PermissionAssnCache;
import com.actionsoft.bpms.commons.security.basic.cache.PermissionCache;
import com.actionsoft.bpms.commons.security.basic.dao.PermissionDaoFactory;
import com.actionsoft.bpms.commons.security.basic.model.PermissionModel;
import com.actionsoft.bpms.commons.security.mgtgrade.util.GradeSecurityUtil;
import com.actionsoft.bpms.org.util.SecurityUtil;
import com.actionsoft.bpms.server.UserContext;
import com.actionsoft.bpms.util.DBSql;
import com.actionsoft.bpms.util.Html;
import com.actionsoft.bpms.util.UUIDGener;
import com.actionsoft.bpms.util.UtilString;
import com.actionsoft.sdk.local.SDK;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;

/* loaded from: input_file:com/actionsoft/bpms/commons/security/basic/web/SecurityGroupCardWeb.class */
public class SecurityGroupCardWeb extends ActionWeb {
    public static final int PAGE_TYPE_BASE = 0;
    public static final int PAGE_TYPE_APP_MODEL = 1;
    public static final int PAGE_TYPE_DOCUMENT_LAYER = 2;
    public static final int PAGE_TYPE_WORKFLOW = 3;
    public static final int PAGE_TYPE_FUNCTION_ROLE = 4;
    public static final int PAGE_TYPE_USER = 9;
    public static final int PAGE_TYPE_ROLE = 8;

    public SecurityGroupCardWeb(UserContext userContext) {
        super(userContext);
    }

    public String getSecurityCategoryList() {
        HashMap hashMap = new HashMap();
        hashMap.put("page_title", "权限组分类");
        hashMap.put("sid", getSIDFlag());
        hashMap.put("isSuperMaster", Boolean.valueOf(GradeSecurityUtil.isSuperMaster(getContext().getUID())));
        hashMap.put("btn", (GradeSecurityUtil.isSuperMaster(getContext().getUID()) || GradeSecurityUtil.isSecurityMaster(getContext().getUID())) ? "<div class=\"awsui-btn-group\"><button id='add' type='button' class='awsui-btn awsui-btn-blue' style='margin-right:10px;'>新建</button><button id='delete' type='button' class='awsui-btn awsui-btn-danger' style='margin-right:10px;'>删除</button></div><div class=\"awsui-btn-group\"><button id='merge' type='button' class='awsui-btn' style='margin-right:10px;'>合并分类</button></div>" : "");
        return HtmlPageTemplate.merge("_bpm.platform", "console.m.sec.group.root.htm", hashMap);
    }

    public String mergeCategory(String str, String str2) {
        int i;
        UtilString utilString = new UtilString(str);
        try {
            i = Integer.parseInt(utilString.matchValue("_AWSSHEETMODIFYCOUNT{", "}AWSSHEETMODIFYCOUNT_"));
        } catch (Exception e) {
            i = 0;
        }
        ResponseObject newErrResponse = ResponseObject.newErrResponse();
        for (int i2 = 0; i2 < i; i2++) {
            try {
                String matchValue = utilString.matchValue("_AWSSHEETMODIFYRECORD" + i2 + "{", "}AWSSHEETMODIFYRECORD" + i2 + "_");
                if (matchValue.trim().length() != 0) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("newCategory", str2);
                    hashMap.put("categoryName", matchValue);
                    DBSql.update("update SYS_PERMISSION set categoryname=:newCategory where categoryname=:categoryName", hashMap);
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("newCategory", str2);
                    hashMap2.put("categoryName", matchValue);
                    DBSql.update("UPDATE SYS_AC set RESOURCEID=:newCategory where RESOURCETYPE='platform.secGroupAdmin' and RESOURCEID=:categoryName", hashMap2);
                }
            } catch (Exception e2) {
                newErrResponse.msg(e2.getMessage() == null ? "合并发生错误" : e2.getMessage());
                return newErrResponse.toString();
            }
        }
        PermissionCache.getCache().reload(true);
        AccessControlCache.getCache().reload(true);
        newErrResponse.ok();
        return newErrResponse.toString();
    }

    public String modifyCategory(String str, String str2) {
        ResponseObject newErrResponse = ResponseObject.newErrResponse();
        try {
            PermissionDaoFactory.createPermission().modifyCategory(str, str2);
            newErrResponse.ok();
            return newErrResponse.toString();
        } catch (Exception e) {
            e.printStackTrace(System.err);
            newErrResponse.msg("修改权限组名称失败，详情请检查日志");
            return newErrResponse.toString();
        }
    }

    public String getSecurityGroupList(String str) {
        if (str == null || str.length() == 0) {
            return getSecurityCategoryList();
        }
        boolean z = SecurityUtil.hasSecGroupManagerSec(getContext(), str) || GradeSecurityUtil.isSecurityMaster(getContext().getUID());
        HashMap hashMap = new HashMap();
        hashMap.put("page_title", "<a href='' onclick=\"listRoot('CONSOLE_M_SEC_GROUP_CATEGORY_LIST');return false;\">权限组分类</a><b>&raquo;</b>" + str);
        hashMap.put("isManager", Boolean.valueOf(z));
        hashMap.put("categoryName", str);
        hashMap.put("sid", getSIDFlag());
        return HtmlPageTemplate.merge("_bpm.platform", "console.m.sec.group.list.htm", hashMap);
    }

    public String getSecurityGroupJsonData(String str, String str2, String str3) {
        String str4;
        Object obj;
        int intValue = Integer.valueOf(str2).intValue() == 0 ? 1 : Integer.valueOf(str2).intValue();
        int intValue2 = Integer.valueOf(str3).intValue();
        int i = (intValue - 1) * intValue2;
        ArrayList arrayList = new ArrayList();
        JSONObject jSONObject = new JSONObject();
        if (str == null || str.length() == 0) {
            String[] categorys = PermissionCache.getCategorys();
            for (int i2 = 0; i2 < categorys.length; i2++) {
                if (SecurityUtil.hasSecGroupManagerSec(getContext(), categorys[i2]) || GradeSecurityUtil.isSecurityMaster(getContext().getUID())) {
                    JSONObject jSONObject2 = new JSONObject();
                    String replace = Html.escape(categorys[i2]).replace("\"", "&quot;");
                    int size = PermissionCache.getListOfCategory(replace).size();
                    String str5 = "<a href='' onclick=\"modifySecurityCategory('" + replace + "');return false;\"><span awsui-qtip='修改'><i class='awsui-iconfont' style='font-size:13px;color:#e69b43;cursor:pointer;'>&#58934;</i></span></a>&nbsp;&nbsp;<a href='' onclick=\"openAc('" + replace + "','" + SecurityGroupACCM.resourceType + "');return false;\"><span awsui-qtip='二级管理员'><i class='awsui-iconfont' style='font-size:13px;color:#E8574E;cursor:pointer;'>&#59212;</i></span></a>";
                    if (!SecurityUtil.hasSecGroupManagerSec(getContext(), categorys[i2]) && !GradeSecurityUtil.isSecurityMaster(getContext().getUID())) {
                        str5 = "";
                    }
                    jSONObject2.put("secCategory", "<span><i class='awsui-iconfont' style='font-size:15px;color:#e69b43;cursor:pointer;'>&#58995;</i></span>&nbsp;<a href='' onclick=\"listDetial(frmMain,'" + replace + "','CONSOLE_M_SEC_GROUP_LIST');return false;\">" + replace.replace(" ", "&nbsp;") + "</a>");
                    jSONObject2.put("operation", str5);
                    jSONObject2.put("secNum", Integer.valueOf(size));
                    jSONObject2.put("val", replace);
                    arrayList.add(jSONObject2);
                }
            }
        } else {
            List<PermissionModel> listOfCategory = PermissionCache.getListOfCategory(str);
            boolean hasSecGroupManagerSec = SecurityUtil.hasSecGroupManagerSec(getContext(), str);
            if (listOfCategory != null) {
                for (int i3 = 0; i3 < listOfCategory.size(); i3++) {
                    PermissionModel permissionModel = listOfCategory.get(Integer.valueOf(i3).intValue());
                    String replace2 = permissionModel.getPermissionName().replace("\"", "&quot;");
                    if (PermissionAssnCache.existAssn(permissionModel.getId())) {
                        str4 = "";
                        obj = "";
                    } else {
                        obj = "<font color='gray' awsui-qtip='该权限组未被使用'>";
                        str4 = "</font>";
                    }
                    String str6 = "<a href='' onclick=\"openSecurity(frmMain,'" + permissionModel.getId() + "','CONSOLE_M_SEC_GROUP_OPEN','" + replace2 + "'); return false;\"><span awsui-qtip='修改'><i class='awsui-iconfont' style='font-size:13px;color:#e69b43;cursor:pointer;'>&#58934;</i></span></a>";
                    JSONObject jSONObject3 = new JSONObject();
                    jSONObject3.put("group", String.valueOf(obj) + "<a href='' onclick=\"openSecurity(frmMain,'" + permissionModel.getId() + "','CONSOLE_M_SEC_GROUP_OPEN','" + replace2 + "'); return false;\">" + replace2.replace(" ", "&nbsp;") + "</a>" + str4);
                    jSONObject3.put("operation", str6);
                    jSONObject3.put("desc", String.valueOf(obj) + permissionModel.getPermissionDesc() + str4);
                    jSONObject3.put("id", permissionModel.getId());
                    jSONObject3.put("isManager", Boolean.valueOf(hasSecGroupManagerSec));
                    arrayList.add(jSONObject3);
                }
            }
        }
        JSONArray jSONArray = new JSONArray();
        for (int i4 = i; i4 < i + intValue2 && i4 <= arrayList.size() - 1; i4++) {
            jSONArray.add(arrayList.get(i4));
        }
        jSONObject.put("totalRecords", Integer.valueOf(arrayList.size()));
        jSONObject.put("curPage", str2);
        jSONObject.put("data", jSONArray);
        return jSONObject.toString();
    }

    public String getSecurityGroupForm(String str, int i) {
        String sessionId = getContext().getSessionId();
        HashMap hashMap = new HashMap();
        boolean isActive = SDK.getAppAPI().isActive("com.actionsoft.apps.coe.bpa");
        String valueOf = GradeSecurityUtil.isSuperMaster(getContext().getUID()) ? SLAConst.QUALITY_TREND_NONE : String.valueOf(AccessControlAPI.getInstance().havingPermission(getContext(), SecurityGroupACCM.resourceType, PermissionCache.getModel(str).getCategoryName(), SecurityGroupACCM.MANAGER.getType()));
        hashMap.put("sid", getSIDFlag());
        hashMap.put("sessionId", sessionId);
        hashMap.put("groupId", str);
        hashMap.put("pageType", Integer.toString(i));
        hashMap.put("groupName", PermissionCache.getModel(str).getPermissionName().replace("\"", "&quot;"));
        hashMap.put("ASPModel", "false");
        hashMap.put("isAccess", valueOf);
        hashMap.put("isBPA", Boolean.valueOf(isActive));
        return HtmlPageTemplate.merge("_bpm.platform", "console.m.sec.group.page.htm", hashMap);
    }

    public String removeSecurityGroup(String str, String str2) {
        UtilString utilString = new UtilString(str);
        ResponseObject newErrResponse = ResponseObject.newErrResponse();
        List<String> split = utilString.split(" ");
        for (int i = 0; i < split.size(); i++) {
            try {
                PermissionDaoFactory.createPermission().delete(split.get(i).toString());
            } catch (Exception e) {
                if (e.getMessage().indexOf("CONSOLE权限组") > -1) {
                    newErrResponse.msg(e.getMessage());
                } else {
                    newErrResponse.msg("删除表单模型失败，详情请检查日志");
                }
                e.printStackTrace(System.err);
                return newErrResponse.toString();
            }
        }
        PermissionCache.getCache().reload(true);
        newErrResponse.ok();
        return newErrResponse.toString();
    }

    public String createSecGroupCategory(String str, String str2, String str3) {
        ResponseObject newErrResponse = ResponseObject.newErrResponse();
        PermissionModel permissionModel = new PermissionModel();
        permissionModel.setPermissionName(str2);
        permissionModel.setCategoryName(str);
        permissionModel.setPermissionDesc(str3);
        permissionModel.setId(UUIDGener.getUUID());
        List<PermissionModel> listOfCategory = PermissionCache.getListOfCategory(permissionModel.getCategoryName());
        for (int i = 0; i < listOfCategory.size(); i++) {
            if (permissionModel.getPermissionName().equals(listOfCategory.get(i).getPermissionName())) {
                newErrResponse.msg("保存失败，[权限组名称]已存在，违反数据库唯一约束");
                return newErrResponse.toString();
            }
        }
        if (PermissionDaoFactory.createPermission().insert(permissionModel) == -2) {
            newErrResponse.msg("超出Licence许可,请与软件供应商联系");
            return newErrResponse.toString();
        }
        newErrResponse.ok("新建成功");
        if (!getContext().getUID().equals("admin")) {
            AccessControlModel accessControlModel = new AccessControlModel();
            accessControlModel._resourceId = str;
            accessControlModel._resourceType = SecurityGroupACCM.resourceType;
            accessControlModel._accessModel = SecurityGroupACCM.MANAGER.getType();
            accessControlModel._assignmentId = getContext().getUID();
            accessControlModel._assignmentType = "user";
            AccessControlDaoFactory.creatAccessControl().insert(accessControlModel);
        }
        return newErrResponse.toString();
    }

    public String removeSecGroupCategory(String str) {
        ResponseObject newErrResponse = ResponseObject.newErrResponse();
        List<PermissionModel> listOfCategorys = PermissionCache.getListOfCategorys(str);
        for (int i = 0; i < listOfCategorys.size(); i++) {
            try {
                PermissionDaoFactory.createPermission().delete(listOfCategorys.get(Integer.valueOf(i).intValue()).getId());
            } catch (Exception e) {
                if (e.getMessage().indexOf("CONSOLE权限组") > -1) {
                    newErrResponse.msg(e.getMessage());
                } else {
                    newErrResponse.msg("删除失败，详情请查看错误日志");
                }
                e.printStackTrace(System.err);
            }
        }
        newErrResponse.ok();
        return newErrResponse.toString();
    }
}
