package team.sailboat.ms.ac.foreign.controller;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.parameters.RequestBody;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Validator;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import team.sailboat.commons.fan.app.AppContext;
import team.sailboat.commons.fan.collection.XC;
import team.sailboat.commons.fan.json.JSONObject;
import team.sailboat.commons.fan.lang.Assert;
import team.sailboat.commons.fan.struct.Tuples;
import team.sailboat.commons.fan.text.XString;
import team.sailboat.commons.ms.ac.ProtectedApi;
import team.sailboat.commons.ms.bean.UserBrief;
import team.sailboat.commons.ms.valid.ValidateUtils;
import team.sailboat.commons.web.ac.AppAuthStatement;
import team.sailboat.login.extend.ding.IDingConsts;
import team.sailboat.ms.ac.AppConsts;
import team.sailboat.ms.ac.dbean.ClientApp;
import team.sailboat.ms.ac.dbean.ResSpace;
import team.sailboat.ms.ac.dbean.User;
import team.sailboat.ms.ac.server.IClientAppDataManager;
import team.sailboat.ms.ac.server.IUserDataManager;
import team.sailboat.ms.ac.server.ResourceManageServer;

@RequestMapping({"/foreign"})
@Tag(name = AppConsts.sTagName_foreign)
@RestController
/* loaded from: input_file:team/sailboat/ms/ac/foreign/controller/Apis4OtherAppController.class */
public class Apis4OtherAppController {
    final Logger mLogger = LoggerFactory.getLogger(Apis4OtherAppController.class);

    @Autowired
    ResourceManageServer mResMngServer;

    @Autowired
    Validator mValidator;

    @PostMapping({"/clientApp/authority"})
    @Operation(description = "声明ClientApp的权限、角色，以及两者关系")
    @ProtectedApi
    @RequestBody(description = "权限和角色声明", required = true)
    public void decalreAppAuths(@org.springframework.web.bind.annotation.RequestBody AppAuthStatement appAuthStatement) {
        String str = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str, "未能获取到当前的clientId", new Object[0]);
        this.mResMngServer.getClientAppDataMng().updateAppAuths(str, appAuthStatement);
    }

    @PostMapping(value = {"/clientApp/resSpace/_createOrUpdate"}, produces = {"text/plain"})
    @Operation(description = "给自己应用增加或更新一个资源空间。限定为只能给自己添加。返回资源空间id")
    @Parameters({@Parameter(name = "resSpaceType", description = "资源空间类型", required = true), @Parameter(name = "resId", description = "资源id", required = true), @Parameter(name = "resName", description = "资源名称", required = true)})
    @ProtectedApi
    public String createOrUpdateResSpace(@RequestParam("resSpaceType") String str, @RequestParam("resId") String str2, @RequestParam("resName") String str3) {
        String str4 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str4, "未能获取到当前的clientId", new Object[0]);
        ResSpace.BResSpace bResSpace = new ResSpace.BResSpace();
        bResSpace.setClientAppId(str4);
        bResSpace.setType(str);
        bResSpace.setResName(str3);
        bResSpace.setResId(str2);
        ValidateUtils.validateAndThrow(this.mValidator, bResSpace);
        Tuples.T2<ResSpace, Boolean> createOrUpdateResSpace = this.mResMngServer.getClientAppDataMng().createOrUpdateResSpace(bResSpace, "__sys__");
        if (((Boolean) createOrUpdateResSpace.getEle_2()).booleanValue()) {
            this.mLogger.info("添加或更新了资源 {}[{}] 的资源空间。", str3, str2);
        }
        return ((ResSpace) createOrUpdateResSpace.getEle_1()).getId();
    }

    @PostMapping({"/clientApp/resSpace/all"})
    @Operation(description = "给自己应用设置资源空间数据")
    @ProtectedApi
    @RequestBody(description = "资源空间数组", required = true)
    @Parameter(name = "deleteIfNotExists", description = "如果原先已经存在的资源空间，不在新指定的列表中，是否删除")
    public void createOrUpdateSubspaces(@org.springframework.web.bind.annotation.RequestBody List<ResSpace.BResSpace> list, @RequestParam("deleteIfNotExists") boolean z) {
        String str = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str, "未能获取到当前的clientId", new Object[0]);
        list.forEach(bResSpace -> {
            bResSpace.setClientAppId(str);
        });
        ValidateUtils.validateAndThrow(this.mValidator, list);
        this.mResMngServer.getClientAppDataMng().createOrUpdateSubspaces(list, z, "__sys__");
    }

    @PostMapping({"/clientApp/resSpace/role/_grant"})
    @Operation(description = "将自己应用的某个资源空间下的某些角色授予某个用户")
    @Parameters({@Parameter(name = "resSpaceId", description = "资源空间id"), @Parameter(name = "roleNames", description = "角色名称，多个角色名称之间用“,”分隔", required = true), @Parameter(name = "userId", description = "用户id", required = true)})
    @ProtectedApi
    public void grantResSpaceRoleToUser(@RequestParam("resSpaceId") String str, @RequestParam("roleNames") String[] strArr, @RequestParam("userId") String str2) {
        String str3 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str3, "未能获取到当前的clientId", new Object[0]);
        Assert.equals(str3, ResSpace.getClientAppIdFrom(str), "指定的资源空间id不是当前调用接口的ClientApp的！", new Object[0]);
        this.mResMngServer.getClientAppDataMng().grantResSpaceRoleToUser(str, strArr, str2, "__sys__");
    }

    @Operation(description = "通过资源id删除自己应用的某个资源空间")
    @DeleteMapping({"/clientApp/resSpace/one/byResId"})
    @ProtectedApi
    @Parameter(name = "resId", description = "资源id", required = true)
    public void deleteResSpaceByResId(@RequestParam("resId") String str) {
        String str2 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str2, "未能获取到当前的clientId", new Object[0]);
        ClientApp clientApp = this.mResMngServer.getClientAppDataMng().getClientApp(str2);
        if (this.mResMngServer.getClientAppDataMng().deleteResSpaceByResId(str, "__sys__")) {
            this.mLogger.info("应用 {} 通过资源id[{}]删除了其下的资源空间。", clientApp.getName(), str);
        }
    }

    @Operation(description = "获取指定id用户的显示名。键是用户id，值是显示名")
    @ProtectedApi
    @Parameter(name = "userIds", description = "用户id，多个用“,”分隔", required = true)
    @GetMapping(value = {"/user/displayName/multi"}, produces = {"application/json"})
    public String getUserDisplayNames(@RequestParam("userIds") String[] strArr, HttpServletRequest httpServletRequest) {
        if (XC.isEmpty(strArr)) {
            return "{}";
        }
        String str = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str, "未能获取到当前的clientId", new Object[0]);
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，获取用户的显示名：{}", new Object[]{this.mResMngServer.getClientAppDataMng().getClientApp(str).getName(), httpServletRequest.getRemoteAddr(), XString.toString(",", strArr)});
        JSONObject jSONObject = new JSONObject();
        IUserDataManager userDataMng = this.mResMngServer.getUserDataMng();
        for (String str2 : strArr) {
            User user = userDataMng.getUser(str2);
            if (user != null) {
                jSONObject.put(str2, user.getDisplayName());
            }
        }
        return jSONObject.toString();
    }

    @Operation(description = "取得指定用户的手机号")
    @ProtectedApi
    @Parameter(name = "userId", description = "用户Id", required = true)
    @GetMapping(value = {"/user/mobile"}, produces = {"text/plain"})
    public String getUserMobile(@RequestParam("userId") String str, HttpServletRequest httpServletRequest) {
        String str2 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str2, "未能获取到当前的clientId", new Object[0]);
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，获取用户的手机号：{}", new Object[]{this.mResMngServer.getClientAppDataMng().getClientApp(str2).getName(), httpServletRequest.getRemoteAddr(), str});
        User user = this.mResMngServer.getUserDataMng().getUser(str);
        if (user != null) {
            return user.getMobile();
        }
        return null;
    }

    @Operation(description = "取得所有可访问当前APP或当前ClientApp的某个资源空间的用户简略信息")
    @ProtectedApi
    @Parameter(name = "resSpaceId", description = "资源空间id")
    @GetMapping(value = {"/clientApp/user/brief/all"}, produces = {"application/json"})
    public List<UserBrief> getUserBriefsOfClientApp(@RequestParam(name = "resSpaceId", required = false) String str, HttpServletRequest httpServletRequest) {
        Collection<User> usersOfCanVisitClientApp;
        String str2 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str2, "未能获取到当前的clientId", new Object[0]);
        ClientApp clientApp = this.mResMngServer.getClientAppDataMng().getClientApp(str2);
        Assert.notNull(clientApp, "无效的ClietApp的id：%s", new Object[]{str2});
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，获取可访问此应用用户的简略信息", clientApp.getName(), httpServletRequest.getRemoteAddr());
        if (XString.isNotEmpty(str)) {
            Assert.equals(str2, ResSpace.getClientAppIdFrom(str), "指定的资源空间[%s]不是当前调用的ClientApp的！", new Object[]{str});
            usersOfCanVisitClientApp = XC.extractAsArrayList(this.mResMngServer.getClientAppDataMng().getUsersOfCanVisitResSpace(str), (v0) -> {
                return v0.getEle_1();
            });
        } else {
            usersOfCanVisitClientApp = this.mResMngServer.getClientAppDataMng().getUsersOfCanVisitClientApp(str2);
        }
        return XC.extractAsArrayList(usersOfCanVisitClientApp, (v0) -> {
            return v0.toBrief();
        });
    }

    @Operation(description = "获取指定用户的简要信息，包括真实姓名和显示名")
    @ProtectedApi
    @Parameter(name = "userIds", description = "用户id，多个用“,”分隔", required = true)
    @GetMapping(value = {"/user/brief/multi"}, produces = {"application/json"})
    public List<UserBrief> getUserBriefs(@RequestParam("userIds") String[] strArr, HttpServletRequest httpServletRequest) {
        String str = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str, "未能获取到当前的clientId", new Object[0]);
        IClientAppDataManager clientAppDataMng = this.mResMngServer.getClientAppDataMng();
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，获取这些用户的简略信息：{}", new Object[]{clientAppDataMng.getClientApp(str).getName(), httpServletRequest.getRemoteAddr(), XString.toString(",", strArr)});
        if (XC.isEmpty(strArr)) {
            return Collections.emptyList();
        }
        IUserDataManager userDataMng = this.mResMngServer.getUserDataMng();
        return XC.extractAsArrayList(strArr, str2 -> {
            return clientAppDataMng.canVisitApp(str2, str);
        }, str3 -> {
            User user = userDataMng.getUser(str3);
            if (user == null) {
                return null;
            }
            return user.toBrief();
        }, true);
    }

    @Parameter(name = IDingConsts.sDingOpenId_UserExtAttr, description = "用户的钉钉openId", required = true)
    @GetMapping(value = {"/user/userId/byDingOpenId"}, produces = {"text/plain"})
    @Operation(description = "通过用户的钉钉openId获取用户id")
    public String getUserIdByDingOpenId(@RequestParam("dingOpenId") String str) {
        User userByDingOpenId = this.mResMngServer.getUserDataMng().getUserByDingOpenId(str);
        if (userByDingOpenId == null) {
            return null;
        }
        return userByDingOpenId.getId();
    }

    @PostMapping(value = {"/user/one"}, produces = {"text/plain"})
    @Parameter(name = "realName", description = "用户人名", required = true)
    @Operation(description = "创建一个不能用于登录的用户，返回这个对象的id。如果要想登录，必须由管理员设置上其它信息")
    public String createUnloginUser(@RequestParam("realName") String str, HttpServletRequest httpServletRequest) {
        String str2 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str2, "未能获取到当前的clientId", new Object[0]);
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，创建了一个用户：{}", new Object[]{this.mResMngServer.getClientAppDataMng().getClientApp(str2).getName(), httpServletRequest.getRemoteAddr(), str});
        User.BUser bUser = new User.BUser();
        bUser.setRealName(str);
        return this.mResMngServer.getUserDataMng().createUser(bUser, "__sys__").getId();
    }

    @Operation(description = "通过用户的真实姓名获取用户的简要信息。可能存在多个同名者。")
    @ProtectedApi
    @Parameter(name = "realName", description = "用户的真实姓名")
    @GetMapping(value = {"/user/brief/byRealName"}, produces = {"application/json"})
    public List<UserBrief> getUserBriefsByUserRealName(@RequestParam("realName") String str, HttpServletRequest httpServletRequest) {
        String str2 = (String) AppContext.getThreadLocal("ApiGuard:appId");
        Assert.notEmpty(str2, "未能获取到当前的clientId", new Object[0]);
        this.mLogger.info("应用 {} 从地址 {} 上发起访问，通过真实姓名获取用户的简要信息：{}", new Object[]{this.mResMngServer.getClientAppDataMng().getClientApp(str2).getName(), httpServletRequest.getRemoteAddr(), str});
        return XC.extractAsArrayList(this.mResMngServer.getUserDataMng().getUsersByRealName(str), (v0) -> {
            return v0.toBrief();
        });
    }
}
