package com.els.base.auth.web.controller;

import com.alibaba.fastjson.JSON;
import com.els.base.auth.constant.NationConstants;
import com.els.base.auth.enumeration.RoleEnum;
import com.els.base.auth.service.UserRoleService;
import com.els.base.auth.utils.NationUtils;
import com.els.base.auth.utils.SpringSecurityUtils;
import com.els.base.codegenerator.service.GenerateCodeService;
import com.els.base.core.entity.PageView;
import com.els.base.core.entity.ResponseResult;
import com.els.base.core.entity.user.User;
import com.els.base.core.entity.user.UserExample;
import com.els.base.core.exception.CommonException;
import com.els.base.core.service.user.UserService;
import com.els.base.core.utils.Assert;
import com.els.base.core.utils.CriteriaUtils;
import com.els.base.core.utils.ObjectUtils;
import com.els.base.core.utils.query.QueryParamWapper;
import com.els.base.core.vo.EmailCodeInfo;
import com.els.base.core.vo.VerifyCode;
import com.els.base.utils.encryption.DESUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Api("权限管理-登录帐号管理")
@RequestMapping({"user"})
@Controller("authUserController")
/* loaded from: input_file:com/els/base/auth/web/controller/UserController.class */
public class UserController {
    private static final Logger logger = LoggerFactory.getLogger(UserController.class);

    @Autowired
    private UserService userService;

    @Autowired
    private UserRoleService userRoleService;

    @Autowired
    private GenerateCodeService generateCodeService;

    @RequestMapping({"service/findCurrentUser"})
    @ApiOperation(value = "查询当前用户", httpMethod = "GET")
    @ResponseBody
    public ResponseResult<User> findCurrentUser() {
        return ResponseResult.success(SpringSecurityUtils.getLoginUser());
    }

    @RequestMapping({"service/modifyUserPwd"})
    @ApiOperation(value = "修改当前用户的密码", httpMethod = "POST")
    @ResponseBody
    public ResponseResult<String> modifyUserPwd(@RequestParam(required = true) String str, @RequestParam(required = true) String str2) throws Exception {
        if (str.equals(str2)) {
            throw new CommonException("新旧密码是一样的，无需修改");
        }
        this.userService.modifyPwd(SpringSecurityUtils.getLoginUserId(), str, str2);
        return ResponseResult.success();
    }

    @RequestMapping({"/service/modifyUserPhone"})
    @ApiOperation(value = "更换手机号-确认更换手机号码", httpMethod = "POST")
    @ResponseBody
    public ResponseResult<String> modifyUserPhone(HttpSession httpSession, String str, String str2, String str3, String str4) {
        Assert.isNotBlank(str, "当前手机号不能为空");
        Assert.isNotBlank(str2, "当前密码不能为空");
        Assert.isNotBlank(str3, "新手机号不能为空");
        Assert.isNotBlank(str4, "验证码不能为空");
        User loginUser = SpringSecurityUtils.getLoginUser();
        if (!str.equals(loginUser.getMobilePhone())) {
            throw new CommonException("当前手机号码不正确");
        }
        if (!this.userService.checkPassword(loginUser.getId(), str2)) {
            throw new CommonException("当前密码不正确");
        }
        validateSessionMobile(httpSession, str3, "modify.phone.new.phone");
        validateSessionVerifyCode(httpSession, str4, "modify.phone.sms.verify.code");
        this.userService.updateMobilePhone(loginUser.getId(), str3);
        return ResponseResult.success();
    }

    @RequestMapping({"/front/submitAuth"})
    @ApiOperation(value = "提交认证", httpMethod = "POST")
    @ResponseBody
    public ResponseResult<String> submitAuth(@RequestBody(required = false) User user) {
        validateAuthInfo(user);
        user.setPassword((String) ObjectUtils.firstNotBlank(new String[]{user.getPassword(), "123456"}));
        this.userService.submitAuth(user);
        return ResponseResult.success();
    }

    @RequestMapping({"service/findWaitForAuthByPage"})
    @ApiOperation(httpMethod = "POST", value = "查询待认证用户列表页")
    @ResponseBody
    public ResponseResult<PageView<User>> findWaitForAuthByPage(@RequestParam(defaultValue = "0") int i, @RequestParam(defaultValue = "10") int i2, @RequestBody(required = false) QueryParamWapper queryParamWapper) {
        UserExample userExample = new UserExample();
        userExample.setPageView(new PageView(i, i2));
        userExample.setOrderByClause("CREATE_TIME ASC");
        UserExample.Criteria createCriteria = userExample.createCriteria();
        createCriteria.andAuthStatusEqualTo(0);
        if (queryParamWapper != null) {
            CriteriaUtils.addExample(userExample, queryParamWapper);
        }
        return ResponseResult.success(queryManagedUserByRole(userExample, createCriteria));
    }

    @RequestMapping({"/service/authPass"})
    @ApiOperation(value = "认证通过", httpMethod = "GET")
    @ResponseBody
    public ResponseResult<String> authPass(String str) {
        Assert.isNotBlank(str, "id不能为空");
        this.userService.authPass(str);
        return ResponseResult.success();
    }

    @RequestMapping({"service/findAuthenticatedByPage"})
    @ApiOperation(httpMethod = "POST", value = "查询已认证用户列表页")
    @ResponseBody
    public ResponseResult<PageView<User>> findAuthenticatedByPage(@RequestParam(defaultValue = "0") int i, @RequestParam(defaultValue = "10") int i2, @RequestBody(required = false) QueryParamWapper queryParamWapper) {
        UserExample userExample = new UserExample();
        userExample.setPageView(new PageView(i, i2));
        userExample.setOrderByClause("CREATE_TIME DESC");
        UserExample.Criteria createCriteria = userExample.createCriteria();
        createCriteria.andAuthStatusEqualTo(1);
        if (queryParamWapper != null) {
            CriteriaUtils.addExample(userExample, queryParamWapper);
        }
        return ResponseResult.success(queryManagedUserByRole(userExample, createCriteria));
    }

    private PageView<User> queryManagedUserByRole(UserExample userExample, UserExample.Criteria criteria) {
        String loginUserId = SpringSecurityUtils.getLoginUserId();
        if (this.userRoleService.hasRole(loginUserId, RoleEnum.INLAND_SALES_MANAGEMENT)) {
            criteria.andNationIdEqualTo(NationConstants.CHINA);
            return this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.ORDER_USER);
        }
        if (this.userRoleService.hasRole(loginUserId, RoleEnum.OUTLAND_SALES_MANAGEMENT)) {
            criteria.andNationIdNotEqualTo(NationConstants.CHINA);
            return this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.ORDER_USER);
        }
        if (this.userRoleService.hasRole(loginUserId, RoleEnum.INLAND_MARKET_MANAGEMENT)) {
            criteria.andNationIdEqualTo(NationConstants.CHINA);
            return this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.DATA_USER);
        }
        if (!this.userRoleService.hasRole(loginUserId, RoleEnum.OUTLAND_MARKET_MANAGEMENT)) {
            return PageView.empty();
        }
        criteria.andNationIdNotEqualTo(NationConstants.CHINA);
        return this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.DATA_USER);
    }

    @RequestMapping({"service/findManagerByPage"})
    @ApiOperation(httpMethod = "POST", value = "查询负责人列表")
    @ResponseBody
    public ResponseResult<PageView<User>> findManagerByPage(@RequestParam(defaultValue = "0") int i, @RequestParam(defaultValue = "10") int i2, @RequestBody(required = false) QueryParamWapper queryParamWapper) {
        UserExample userExample = new UserExample();
        userExample.setPageView(new PageView(i, i2));
        userExample.setOrderByClause("CREATE_TIME DESC");
        userExample.createCriteria().andAuthStatusEqualTo(1);
        if (queryParamWapper != null) {
            CriteriaUtils.addExample(userExample, queryParamWapper);
        }
        String loginUserId = SpringSecurityUtils.getLoginUserId();
        return ResponseResult.success(this.userRoleService.hasRole(loginUserId, RoleEnum.INLAND_SALES_MANAGEMENT) ? this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.INLAND_SALES_MANAGER) : this.userRoleService.hasRole(loginUserId, RoleEnum.OUTLAND_SALES_MANAGEMENT) ? this.userRoleService.queryUserHasRoleByPage(userExample, RoleEnum.OUTLAND_SALES_MANAGER) : PageView.empty());
    }

    @RequestMapping({"front/updatePasswordByEmailCode"})
    @ApiOperation(httpMethod = "POST", value = "通过邮箱找回密码")
    @ResponseBody
    public ResponseResult<String> updatePasswordByEmailCode(String str, String str2) {
        Assert.isNotBlank(str, "code不能为空");
        Assert.isNotBlank(str2, "新密码不能为空");
        try {
            EmailCodeInfo emailCodeInfo = (EmailCodeInfo) JSON.parseObject(DESUtils.decrypt(str), EmailCodeInfo.class);
            if (emailCodeInfo.expired()) {
                throw new CommonException("验证链接已过期,请重新获取");
            }
            try {
                this.userService.updatePwd(str2, emailCodeInfo.getUserId());
                return ResponseResult.success();
            } catch (Exception e) {
                logger.error("更新密码失败", e);
                throw new CommonException("更新密码失败,请联系管理员");
            }
        } catch (Exception e2) {
            logger.error("解码失败", e2);
            throw new CommonException("无效的code");
        }
    }

    @RequestMapping({"front/checkMobile"})
    @ApiOperation(httpMethod = "GET", value = "检查手机号是否存在")
    @ResponseBody
    public ResponseResult<String> checkMobile(String str) {
        Assert.isNotBlank(str, "手机号不能为空");
        this.userService.queryByMobilePhone(str).orElseThrow(() -> {
            return new CommonException("帐号不存在");
        });
        return ResponseResult.success();
    }

    @RequestMapping({"front/validateRetrievePasswordVerifyCode"})
    @ApiOperation(httpMethod = "GET", value = "校验找回密码的验证码是否正确")
    @ResponseBody
    public ResponseResult<String> validateRetrievePasswordVerifyCode(HttpSession httpSession, String str) {
        validateSessionVerifyCode(httpSession, str, "forget.password.sms.verify.code");
        return ResponseResult.success();
    }

    @RequestMapping({"front/updatePassword4RetrievePassword"})
    @ApiOperation(httpMethod = "GET", value = "找回密码-设置新密码")
    @ResponseBody
    public ResponseResult<String> updatePassword4RetrievePassword(HttpSession httpSession, String str, String str2, String str3) {
        Assert.isNotBlank(str, "手机号不能为空");
        Assert.isNotBlank(str2, "验证码不能为空");
        Assert.isNotBlank(str3, "新密码不能为空");
        User user = (User) this.userService.queryByMobilePhone(str).orElseThrow(() -> {
            return new CommonException("帐号不存在");
        });
        validateSessionMobile(httpSession, str, "forget.password.phone");
        validateSessionVerifyCode(httpSession, str2, "forget.password.sms.verify.code");
        try {
            this.userService.updatePwd(str3, user.getId());
            return ResponseResult.success();
        } catch (Exception e) {
            logger.error("更新密码失败", e);
            throw new CommonException("更新密码失败,请联系管理员");
        }
    }

    private void validateAuthInfo(User user) {
        String nextCode;
        Assert.isNotNull(user, "用户认证信息不能为空");
        Assert.isNotNull(user.getUserType(), "用户类型不能为空");
        do {
            nextCode = this.generateCodeService.getNextCode("USER_ACCOUNT");
        } while (this.userService.findByUserLoginName(nextCode) != null);
        user.setLoginName(nextCode);
        Assert.isNotBlank(user.getNickName(), "用户姓名不能为空");
        String email = user.getEmail();
        Assert.isNotBlank(email, "用户邮箱不能为空");
        Assert.isNull(this.userService.queryByEmail(email).orElse(null), "邮箱 " + email + " 已存在");
        String mobilePhone = user.getMobilePhone();
        Assert.isNotBlank(mobilePhone, "手机号码不能为空");
        Assert.isNull(this.userService.queryByMobilePhone(mobilePhone).orElse(null), "手机号码 " + mobilePhone + " 已存在");
        Assert.isNotBlank(user.getOrgName(), "机构名称不能为空");
        Assert.isNotBlank(user.getNationId(), "所在地区不能为空");
        if (NationUtils.isChina(user.getNationId())) {
            Assert.isNotBlank(user.getProvinceId(), "省不能为空");
            Assert.isNotBlank(user.getCityId(), "市不能为空");
            Assert.isNotBlank(user.getCountyId(), "区不能为空");
        }
        Assert.isNotBlank(user.getAddress(), "详细地址不能为空");
    }

    private void validateSessionMobile(HttpSession httpSession, String str, String str2) {
        Assert.isNotBlank(str, "手机号不能为空");
        if (!str.equals(httpSession.getAttribute(str2))) {
            throw new CommonException("验证码已过期,请重新获取");
        }
    }

    private void validateSessionVerifyCode(HttpSession httpSession, String str, String str2) {
        Assert.isNotBlank(str, "验证码不能为空");
        VerifyCode verifyCode = (VerifyCode) httpSession.getAttribute(str2);
        Assert.isNotNull(verifyCode, "请先获取验证码");
        if (verifyCode.isExpried()) {
            httpSession.removeAttribute(str2);
            throw new CommonException("验证码已过期,请重新获取");
        }
        if (StringUtils.equals(verifyCode.getCode(), str)) {
            return;
        }
        if (!verifyCode.isTryTimesUseOut()) {
            throw new CommonException("验证码错误");
        }
        throw new CommonException("操作频繁,请稍候再试");
    }

    @RequestMapping({"/service/modifAvatar"})
    @ApiOperation(value = "修改用户头像", httpMethod = "POST")
    @ResponseBody
    public ResponseResult<String> modifAvatar(@RequestParam(required = false) String str) {
        Assert.isNotBlank(str, "头像的链接不能为空");
        this.userService.modifyAvatar(SpringSecurityUtils.getLoginUserId(), str);
        return ResponseResult.success();
    }
}
