package cn.hangar.agp.module.security.repository.impl;

import cn.hangar.agp.module.security.repository.IUserRepository;
import cn.hangar.agp.platform.core.app.AppContext;
import cn.hangar.agp.platform.core.app.AppException;
import cn.hangar.agp.platform.core.app.IUser;
import cn.hangar.agp.platform.core.app.LoginFailException;
import cn.hangar.agp.platform.core.config.ConfigManager;
import cn.hangar.agp.platform.core.data.CaseMap;
import cn.hangar.agp.platform.core.data.IResDataDict;
import cn.hangar.agp.platform.core.data.MobileDictionary;
import cn.hangar.agp.platform.core.db.IDB;
import cn.hangar.agp.platform.core.log.Logger;
import cn.hangar.agp.platform.core.log.LoggerFactory;
import cn.hangar.agp.platform.core.rest.WebHelper;
import cn.hangar.agp.platform.utils.CollectionUtil;
import cn.hangar.agp.platform.utils.Convert;
import cn.hangar.agp.platform.utils.DateUtil;
import cn.hangar.agp.platform.utils.GeneralUtil;
import cn.hangar.agp.platform.utils.RefObject;
import cn.hangar.agp.platform.utils.StringUtils;
import cn.hangar.agp.service.core.AgpModelService;
import cn.hangar.agp.service.core.DBService;
import cn.hangar.agp.service.core.util.AppHelper;
import cn.hangar.agp.service.core.util.DbHelper;
import cn.hangar.agp.service.core.util.SecurityHelper;
import cn.hangar.agp.service.model.datasource.ResDataDict;
import cn.hangar.agp.service.model.sys.SysAppAuthCfg;
import cn.hangar.agp.service.model.sys.SysAppCfg;
import cn.hangar.agp.service.model.sys.SysPreferences;
import cn.hangar.agp.service.model.sys.SysUser;
import cn.hangar.agp.service.model.sys.SysUserAuthenArgument;
import java.math.BigDecimal;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.login.LoginException;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:cn/hangar/agp/module/security/repository/impl/DefaultUserRepository.class */
public class DefaultUserRepository implements IUserRepository {
    protected static Logger log = LoggerFactory.getLogger(DefaultUserRepository.class);
    static String hostName;
    private static final String SYS_USERS = "SYS_USERS";
    private static final String LOGINROLESTR = "LOGINROLESTR";
    private static final String LoginAccount = "LOGINACCOUNT";
    private static final String LOGINWORKNO = "LOGINWORKNO";

    /* loaded from: input_file:cn/hangar/agp/module/security/repository/impl/DefaultUserRepository$LoginErrorCache.class */
    public static class LoginErrorCache {
        private static final String _LOGINFAILCOUNT = "_LOGINFAILCOUNT";
        private static final String LockedErrorMsg = "账号已被锁定，请%s分钟后再尝试";
        private static final String LoginLockedErrorMsg = "多次登陆失败，账号已被锁定，请%s分钟后再尝试";
        private static final String CountErrorMsg = "密码已错误%s次。超过%s次帐号将被锁定。";
        private static final String LoginCountErrorMsg = "用户名或密码错误。已连续失败%s次。超过%s次帐号将被锁定。";

        private static int getloginFailMaxCount(SysAppAuthCfg sysAppAuthCfg) {
            if (sysAppAuthCfg == null || Convert.toInt(sysAppAuthCfg.getAllowpasserrornum()) <= 0) {
                return 5;
            }
            return sysAppAuthCfg.getAllowpasserrornum().intValue();
        }

        private static int getLoginFailInterval(SysAppAuthCfg sysAppAuthCfg) {
            if (sysAppAuthCfg == null || Convert.toInt(sysAppAuthCfg.getErrorlocktime()) * 60 <= 0) {
                return 1800;
            }
            return sysAppAuthCfg.getErrorlocktime().intValue() * 60;
        }

        private static SysAppAuthCfg getSysAppAuthCfg(String str) {
            return AppHelper.getSysAppAuthCfg(str);
        }

        public void checkLoginFailCount(String str, String str2) {
            int cacheInt = WebHelper.getCacheInt(getFailCountCacheKey(str2), getFailCountRegion(str));
            SysAppAuthCfg sysAppAuthCfg = getSysAppAuthCfg(str);
            if (cacheInt > getloginFailMaxCount(sysAppAuthCfg)) {
                DefaultUserRepository.log.error("账号已被锁定：" + str2 + "，客户端IP地址：" + WebHelper.getCurrentRequest().getRemoteAddr());
                throw new LoginFailException("多次登陆失败，账号已被锁定，" + (getLoginFailInterval(sysAppAuthCfg) / 60) + "分钟后恢复。");
            }
        }

        public void removeLoginFail(String str, String str2) {
            WebHelper.removeCache(getFailCountCacheKey(str2), getFailCountRegion(str));
        }

        public String addLoginFailed(String str, String str2) {
            return addLoginFailed(str, str2, true);
        }

        public String addLoginFailed(String str, String str2, boolean z) {
            int cacheInt = WebHelper.getCacheInt(getFailCountCacheKey(str2), getFailCountRegion(str));
            SysAppAuthCfg sysAppAuthCfg = getSysAppAuthCfg(str);
            int i = getloginFailMaxCount(sysAppAuthCfg);
            if (cacheInt + 1 < i) {
                WebHelper.setCache(getFailCountCacheKey(str2), Integer.valueOf(cacheInt + 1), getFailCountRegion(str), getLoginFailInterval(sysAppAuthCfg));
                throw new LoginFailException(String.format(z ? LoginCountErrorMsg : CountErrorMsg, Integer.valueOf(cacheInt + 1), Integer.valueOf(i)));
            }
            WebHelper.setCache(getFailCountCacheKey(str2), Integer.valueOf(cacheInt + 1), getFailCountRegion(str), getLoginFailInterval(sysAppAuthCfg));
            DefaultUserRepository.log.error("账号已被锁定：" + str2 + "，客户端IP地址：" + WebHelper.getCurrentRequest().getRemoteAddr());
            throw new LoginFailException(String.format(z ? LoginLockedErrorMsg : LockedErrorMsg, Integer.valueOf(getLoginFailInterval(sysAppAuthCfg) / 60)));
        }

        private String getFailCountCacheKey(String str) {
            return str;
        }

        protected String getFailCountRegion(String str) {
            return (StringUtils.isEmpty(str) ? AppContext.getCurrentAppId() : str) + "." + _LOGINFAILCOUNT;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cn/hangar/agp/module/security/repository/impl/DefaultUserRepository$ParamReplacer.class */
    public static class ParamReplacer {
        private String value;

        public ParamReplacer(String str) {
            this.value = str;
        }

        public ParamReplacer replaceParam(String str, String str2) {
            this.value = Pattern.compile("('@@" + str + "@@'|@@" + str + "@@)", 2).matcher(this.value).replaceAll(str2);
            return this;
        }

        public ParamReplacer replace(String str, String str2) {
            this.value = this.value.replace(str, str2);
            return this;
        }

        public String toString() {
            return this.value;
        }
    }

    private String getDataBase(String str) {
        return AppContext.getCurrentAppId(str) + ".Default";
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean insertLogCommand(String str, String str2, String str3, Integer num, IUser iUser) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        RefObject<String> refObject = new RefObject<>();
        CaseMap caseMap = new CaseMap();
        if (!getInsertLogCommand(createDataBase, iUser, str, str2, (String) iUser.getExtArgument().get("clientIp"), num, refObject, caseMap)) {
            return false;
        }
        try {
            return createDataBase.executeUpdate((String) refObject.argValue, caseMap) > 0;
        } catch (Exception e) {
            log.warn(e);
            return false;
        }
    }

    private boolean getInsertLogCommand(IDB idb, IUser iUser, String str, String str2, String str3, Integer num, RefObject<String> refObject, Map<String, Object> map) {
        if (!idb.hasTable(IUserRepository.SESSIONTABLENAME)) {
            return false;
        }
        String[] strArr = SESSIONTABLE_FIELDS;
        for (String str4 : SESSIONTABLE_FIELDS) {
            if (!idb.hasField(IUserRepository.SESSIONTABLENAME, str4) && !str4.equals(strArr[12])) {
                log.warn("表%s不存在列%s", IUserRepository.SESSIONTABLENAME, str4);
                return false;
            }
        }
        Date dbTime = idb.getDbTime();
        map.clear();
        map.put(strArr[0], iUser.getSessionId());
        map.put(strArr[1], iUser.getId());
        map.put(strArr[2], str2);
        map.put(strArr[3], dbTime);
        map.put(strArr[5], dbTime);
        map.put(strArr[6], str);
        map.put(strArr[7], 0);
        map.put(strArr[8], getServerHostName());
        map.put(strArr[9], ConfigManager.getProperty("version"));
        map.put(strArr[10], iUser.getAuthenTokens());
        map.put(strArr[11], str3);
        if (num != null && num.intValue() != 0 && idb.hasField(IUserRepository.SESSIONTABLENAME, strArr[12])) {
            map.put(strArr[12], DateUtil.addSeconds(dbTime, num));
        }
        refObject.argValue = idb.buildInsertCommand(IUserRepository.SESSIONTABLENAME, map);
        return true;
    }

    static String getServerHostName() {
        if (StringUtils.isEmpty(hostName)) {
            try {
                hostName = InetAddress.getLocalHost().getHostName();
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }
        return hostName;
    }

    private static boolean tryGetAppParamer(String str, String str2, StringBuilder sb) {
        return AppHelper.tryGetAppParamer(str, str2, sb);
    }

    private String getAppSecretMode(String str) {
        return AppHelper.getAppSecretMode(str);
    }

    public static String getDefaultUserLoginSql(String str, IDB idb) {
        String buildParamHolder = idb.buildParamHolder("workNo");
        String buildParamHolder2 = idb.buildParamHolder("weixinid");
        StringBuilder sb = new StringBuilder();
        String sb2 = tryGetAppParamer(str, "PAM_LOGINSQL", sb) ? sb.toString() : "";
        if (StringUtils.isEmpty(sb2)) {
            StringBuilder sb3 = new StringBuilder();
            sb3.append(formatSelectUserSql(idb));
            sb3.append(" where b.WORKNO = %s");
            if (idb.hasField(SYS_USERS, "WECHATID")) {
                sb3.append(" or b.WECHATID = %s ");
            }
            sb2 = String.format(sb3.toString(), buildParamHolder, buildParamHolder2);
        }
        return sb2;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public SysUser getUser(String str, Object obj) {
        SysAppAuthCfg sysAppAuthCfg = SysAppAuthCfg.getSysAppAuthCfg(str, true);
        IDB createDataBase = DbHelper.createDataBase();
        HashMap hashMap = new HashMap();
        String buildParamHolder = createDataBase.buildParamHolder("workNo");
        String loginSql = sysAppAuthCfg.getLoginSql();
        if (StringUtils.isEmpty(loginSql)) {
            loginSql = getDefaultUserLoginSql(str, createDataBase);
        }
        String replace = loginSql.replace("'@@PAM_LOGINWORKNO@@'", buildParamHolder).replace("@@PAM_LOGINWORKNO@@", buildParamHolder);
        hashMap.put("workNo", obj);
        Map map = null;
        try {
            map = createDataBase.selectMapOne(replace, hashMap);
        } catch (Exception e) {
            log.error(e.getMessage());
        }
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(map);
        removeSecurityKey(mobileDictionary);
        sysUser.setExtArgument(mobileDictionary);
        initUser(createDataBase, str, sysAppAuthCfg, obj.toString(), sysUser, false);
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: getUser, reason: merged with bridge method [inline-methods] */
    public SysUser mo12getUser(String str, String str2, String str3, String str4, String str5, boolean z, String str6, SysAppAuthCfg sysAppAuthCfg, boolean z2, boolean z3, boolean z4) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        LoginErrorCache loginErrorCache = new LoginErrorCache();
        loginErrorCache.checkLoginFailCount(str, str3);
        SysAppAuthCfg sysAppAuthCfg2 = sysAppAuthCfg == null ? SysAppAuthCfg.getSysAppAuthCfg(str, true) : sysAppAuthCfg;
        String loginSql = sysAppAuthCfg2 == null ? "" : sysAppAuthCfg2.getLoginSql();
        boolean z5 = z2 && sysAppAuthCfg2 != null && sysAppAuthCfg2.forceCheckPassword();
        String buildParamHolder = createDataBase.buildParamHolder("userOwner");
        String buildParamHolder2 = createDataBase.buildParamHolder("workNo");
        String buildParamHolder3 = createDataBase.buildParamHolder("memberNo");
        String buildParamHolder4 = createDataBase.buildParamHolder("weixinid");
        boolean z6 = false;
        boolean z7 = false;
        if (StringUtils.isEmpty(loginSql)) {
            loginSql = getDefaultUserLoginSql(str, createDataBase);
        }
        if (!StringUtils.isEmpty(loginSql)) {
            z6 = loginSql.indexOf("@@PAM_LOGINOWNER@@") >= 0;
            z7 = loginSql.indexOf("@@PAM_MEMBERNO@@") >= 0;
            loginSql = new ParamReplacer(loginSql).replaceParam("PAM_LOGINWORKNO", buildParamHolder2).replaceParam("LoginAccount", buildParamHolder2).replaceParam("PAM_LOGINOWNER", buildParamHolder).replaceParam("PAM_MEMBERNO", buildParamHolder3).replaceParam("PAM_WEIXINID", buildParamHolder4).replace(":workNo", buildParamHolder2).replace(":weixinid", buildParamHolder4).replace(":memberNo", buildParamHolder3).replace(":userOwner", buildParamHolder).toString();
        }
        String appSecretMode = getAppSecretMode(str);
        String decode = SecurityHelper.decode(str4);
        String encodeSecret = z ? SecurityHelper.encodeSecret(str4, appSecretMode) : null;
        String encodeSecret2 = z ? SecurityHelper.encodeSecret(decode, appSecretMode) : null;
        HashMap hashMap = new HashMap();
        hashMap.put("workNo", str3);
        hashMap.put("weixinid", str3);
        if (z6) {
            hashMap.put("userOwner", str2);
        }
        if (z7) {
            hashMap.put("memberNo", str5);
        }
        if (loginSql.toUpperCase().contains(SYS_USERS) && !createDataBase.hasTable(SYS_USERS)) {
            throw new LoginFailException("未配置用户表：SYS_USERS");
        }
        Map selectMapOne = createDataBase.selectMapOne(loginSql, hashMap);
        if (selectMapOne == null || !selectMapOne.containsKey("LOGINPASS")) {
            throw new AppException(loginErrorCache.addLoginFailed(str, str3));
        }
        Object obj = selectMapOne.get("LOGINPASS");
        if (z && !StringUtils.equals(encodeSecret, obj) && !StringUtils.equals(encodeSecret2, obj)) {
            if (sysAppAuthCfg2.getAllowAuthByAd().intValue() != 1) {
                log.error("secretMode=" + appSecretMode);
                log.error("密码错误");
                throw new AppException(loginErrorCache.addLoginFailed(str, str3, z4));
            }
            if (!aDDomaincheck(str3, decode)) {
                log.error("secretMode=" + appSecretMode);
                log.error("密码错误");
                throw new AppException(loginErrorCache.addLoginFailed(str, str3));
            }
        }
        if (z && z5) {
            try {
                if (AppContext.getCurrentData("userSecret") == null) {
                    SysAppCfg.getSysAppCfg(str, true).checkPassword(decode);
                }
            } catch (LoginException e) {
                throw new AppException(e);
            }
        }
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(selectMapOne);
        removeSecurityKey(mobileDictionary);
        sysUser.setExtArgument(mobileDictionary);
        loginErrorCache.removeLoginFail(str, str3);
        initUser(createDataBase, str, sysAppAuthCfg2, str3, sysUser, z3);
        return sysUser;
    }

    private boolean aDDomaincheck(String str, String str2) {
        return false;
    }

    private void initUser(IDB idb, String str, SysAppAuthCfg sysAppAuthCfg, String str2, SysUser sysUser, boolean z) {
        if (sysUser == null) {
            return;
        }
        MobileDictionary extArgument = sysUser.getExtArgument();
        if (extArgument == null) {
            extArgument = new MobileDictionary();
            sysUser.setExtArgument(extArgument);
        }
        if (idb.hasTable("SYS_ROLE2POST")) {
            String format = String.format("SELECT r.ROLEID,r.ROLENAME FROM SYS_USERS u, SYS_ROLE2POST rp, SYS_ROLE r WHERE u.POSTID=rp.POSTID AND rp.ROLEID=r.ROLEID AND u.USERID=%s", idb.buildParamHolder("USERID"));
            String str3 = str2;
            RefObject refObject = new RefObject();
            if (sysUser.tryGetExtValue("LOGINUSERID", refObject)) {
                str3 = (String) refObject.getArgValue();
            }
            HashMap hashMap = new HashMap();
            hashMap.put("USERID", str3);
            try {
                List<Map> selectMaps = idb.selectMaps(format, hashMap);
                MobileDictionary mobileDictionary = new MobileDictionary();
                if (selectMaps != null && selectMaps.size() > 0) {
                    for (Map map : selectMaps) {
                        mobileDictionary.put(map.get("ROLEID").toString(), map.get("ROLENAME"));
                    }
                    sysUser.setRoles(mobileDictionary);
                    if (!extArgument.containsKey(LOGINROLESTR)) {
                        extArgument.put(LOGINROLESTR, StringUtils.join(",", new Object[]{mobileDictionary.keySet(), mobileDictionary.values()}));
                    }
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        if ("POST_ADMIN".equals(extArgument.get("LOGINPOSTID")) && !extArgument.containsKey(LOGINROLESTR)) {
            extArgument.put(LOGINROLESTR, "ROLE_ADMIN");
            if (sysUser.getRoles() == null) {
                sysUser.setRoles(new MobileDictionary());
            }
            sysUser.getRoles().put("ROLE_ADMIN_" + AppContext.getCurrentAppId(), "ROLE_ADMIN");
        }
        sysUser.setLoginTime(new Date());
        sysUser.setEndTime(sysUser.getLoginTime());
        if (z && sysAppAuthCfg != null && sysAppAuthCfg.forceCheckPassword()) {
            Object userEndValidTime = getUserEndValidTime(sysUser);
            if (userEndValidTime == null || StringUtils.isBlank(userEndValidTime.toString())) {
                userEndValidTime = createUserEndValidTime(sysUser, sysAppAuthCfg);
            }
            Date date = Convert.toDate(userEndValidTime);
            if (date != null && date.before(GeneralUtil.Now())) {
                throw new AppException("用户密码超过有效期，请联系管理员修改密码。");
            }
        }
        if (sysAppAuthCfg != null && sysAppAuthCfg.getSessiontime() != null && sysAppAuthCfg.getSessiontime().intValue() > 0) {
            sysUser.setSessionKeepMaxTime(sysAppAuthCfg.getSessiontime().intValue() * 60);
        }
        if (extArgument.containsKey(LoginAccount)) {
            return;
        }
        extArgument.put(LoginAccount, str2);
    }

    private Object createUserEndValidTime(SysUser sysUser, SysAppAuthCfg sysAppAuthCfg) {
        RefObject refObject = new RefObject();
        if (sysUser.tryGetExtValue("RECDATE", refObject)) {
            return createUserEndValidTime(Convert.toDate(refObject.getArgValue()), sysAppAuthCfg);
        }
        return null;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public Date createUserEndValidTime(String str, Date date) {
        return createUserEndValidTime(date, SysAppAuthCfg.getSysAppAuthCfg(str, true));
    }

    public Date createUserEndValidTime(Date date, SysAppAuthCfg sysAppAuthCfg) {
        if (date == null || sysAppAuthCfg == null) {
            return null;
        }
        Date date2 = null;
        if (Convert.toInt(sysAppAuthCfg.getWordduetime()) > 0) {
            date2 = DateUtil.addMinutes(date, sysAppAuthCfg.getWordduetime());
        }
        return date2;
    }

    private Object getUserEndValidTime(SysUser sysUser) {
        RefObject refObject = new RefObject();
        Object obj = null;
        if (sysUser.tryGetExtValue("BFD_ENDVALIDDATE", refObject)) {
            obj = refObject.getArgValue();
        }
        if ((obj == null || StringUtils.isBlank(obj.toString())) && sysUser.tryGetExtValue("ENDVALIDDATE", refObject)) {
            obj = refObject.getArgValue();
        }
        return obj;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: getUserByWx, reason: merged with bridge method [inline-methods] */
    public SysUser mo11getUserByWx(String str, String str2, boolean z) {
        String str3;
        String paramReplacer;
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        str3 = "";
        String buildParamHolder = createDataBase.buildParamHolder("weixinid");
        if (StringUtils.isEmpty(str3)) {
            StringBuilder sb = new StringBuilder();
            str3 = tryGetAppParamer(str, "PAM_LOGINSQL", sb) ? sb.toString() : "";
            if (StringUtils.isEmpty(str3)) {
                paramReplacer = formatSelectUserSql(createDataBase) + String.format(" where b.workno = %s ", buildParamHolder);
                if (createDataBase.hasField(SYS_USERS, "WECHATID")) {
                    paramReplacer = paramReplacer + " or b.wechatid = " + buildParamHolder;
                }
            } else {
                paramReplacer = new ParamReplacer(str3).replaceParam("PAM_WEIXINID", buildParamHolder).toString();
            }
        } else {
            paramReplacer = new ParamReplacer(str3).replaceParam("PAM_WEIXINID", buildParamHolder).toString();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("weixinid", str2);
        Map selectMapOne = createDataBase.selectMapOne(paramReplacer, hashMap);
        if (selectMapOne == null) {
            return null;
        }
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(selectMapOne);
        removeSecurityKey(mobileDictionary);
        mobileDictionary.put(LoginAccount, mobileDictionary.get(LOGINWORKNO));
        sysUser.setExtArgument(mobileDictionary);
        if (selectMapOne.containsKey("LOGINPASS") && z && sysUser.getExtArgument().containsKey("LOGINPASS")) {
            sysUser.getExtArgument().put("LOGINPASS", SecurityHelper.decodeSecret(sysUser.getLoginPass(), getAppSecretMode(str)));
        }
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: createWxUser, reason: merged with bridge method [inline-methods] */
    public SysUser mo10createWxUser(String str, SysUserAuthenArgument sysUserAuthenArgument, String str2) {
        String format;
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        String buildParamHolder = createDataBase.buildParamHolder("weixinid");
        String buildParamHolder2 = createDataBase.buildParamHolder("username");
        String buildParamHolder3 = createDataBase.buildParamHolder("userid");
        String buildParamHolder4 = createDataBase.buildParamHolder("loginword");
        String buildParamHolder5 = createDataBase.buildParamHolder("workno");
        String buildParamHolder6 = createDataBase.buildParamHolder("photo");
        String buildParamHolder7 = createDataBase.buildParamHolder("recdate");
        String UUID = GeneralUtil.UUID();
        String format2 = String.format("%08x", Long.valueOf(GeneralUtil.Now().getTime()));
        if (StringUtils.isBlank(str2)) {
            str2 = str;
        }
        String weiXinId = sysUserAuthenArgument.getWeiXinId();
        String format3 = String.format("%s_%s", str2, format2);
        String substring = format2.substring(format2.length() - 6);
        String str3 = null;
        if (sysUserAuthenArgument.getExtArg() != null) {
            if (sysUserAuthenArgument.getExtArg().containsKey("WEIXINNICKNAME")) {
                format3 = (String) sysUserAuthenArgument.getExtArg().get("WEIXINNICKNAME", String.class);
            }
            if (sysUserAuthenArgument.getExtArg().containsKey("PHOTOID")) {
                str3 = (String) sysUserAuthenArgument.getExtArg().get("PHOTOID", String.class);
            }
        }
        String encodeSecret = SecurityHelper.encodeSecret(substring, getAppSecretMode(str));
        StringBuilder sb = new StringBuilder();
        String sb2 = tryGetAppParamer(str, "PAM_WEIXIN_CREATENEWSQL", sb) ? sb.toString() : "";
        if (StringUtils.isEmpty(sb2)) {
            boolean hasField = createDataBase.hasField(SYS_USERS, "WECHATID");
            if (createDataBase.hasField(SYS_USERS, "PHOTOID")) {
                Object[] objArr = new Object[8];
                objArr[0] = hasField ? ",WECHATID" : "";
                objArr[1] = buildParamHolder3;
                objArr[2] = buildParamHolder5;
                objArr[3] = buildParamHolder4;
                objArr[4] = buildParamHolder2;
                objArr[5] = buildParamHolder6;
                objArr[6] = buildParamHolder7;
                objArr[7] = hasField ? "," + buildParamHolder : "";
                format = String.format("insert into SYS_USERS (USERID,WORKNO,LOGINWORD,USERNAME,PHOTOID,RECDATE%s) values (%s, %s, %s, %s, %s, %s%s)", objArr);
            } else {
                Object[] objArr2 = new Object[7];
                objArr2[0] = hasField ? ",WECHATID" : "";
                objArr2[1] = buildParamHolder3;
                objArr2[2] = buildParamHolder5;
                objArr2[3] = buildParamHolder4;
                objArr2[4] = buildParamHolder2;
                objArr2[5] = buildParamHolder7;
                objArr2[6] = hasField ? "," + buildParamHolder : "";
                format = String.format("insert into SYS_USERS (USERID,WORKNO,LOGINWORD,USERNAME,RECDATE%s) values (%s, %s, %s, %s, %s, %s%s)", objArr2);
            }
        } else {
            format = new ParamReplacer(sb2).replaceParam("PAM_WEIXINID", buildParamHolder).replaceParam("PAM_USERID", buildParamHolder3).replaceParam("PAM_USERNAME", buildParamHolder2).replaceParam("PAM_LOGINWORD", buildParamHolder4).replaceParam("PAM_WORKNO", buildParamHolder5).replaceParam("PAM_LOGINWORKNO", buildParamHolder5).replaceParam("LoginAccount", buildParamHolder5).toString();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("userid", UUID);
        hashMap.put("workno", weiXinId);
        hashMap.put("loginword", encodeSecret);
        hashMap.put("username", format3);
        hashMap.put("weixinid", sysUserAuthenArgument.getWeiXinId());
        hashMap.put("photo", str3);
        hashMap.put("recdate", DateUtil.now());
        createDataBase.executeUpdate(format, hashMap);
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        sysUser.setExtArgument(mobileDictionary);
        mobileDictionary.put("LOGINUSERID", UUID);
        mobileDictionary.put(LOGINWORKNO, weiXinId);
        mobileDictionary.put("LOGINPASS", substring);
        mobileDictionary.put("LOGINNAME", format3);
        mobileDictionary.put("WECHATID", sysUserAuthenArgument.getWeiXinId());
        mobileDictionary.put(LoginAccount, weiXinId);
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: getUserByPhone, reason: merged with bridge method [inline-methods] */
    public SysUser mo9getUserByPhone(String str, String str2) {
        String str3;
        String paramReplacer;
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        str3 = "";
        String buildParamHolder = createDataBase.buildParamHolder("mobile");
        if (StringUtils.isEmpty(str3)) {
            StringBuilder sb = new StringBuilder();
            str3 = tryGetAppParamer(str, "PAM_LOGINSQL", sb) ? sb.toString() : "";
            paramReplacer = !StringUtils.isEmpty(str3) ? new ParamReplacer(str3).replaceParam("PAM_MOBILE", buildParamHolder).toString() : formatSelectUserSql(createDataBase) + String.format(" where b.mobile = %s ", buildParamHolder);
        } else {
            paramReplacer = new ParamReplacer(str3).replaceParam("PAM_MOBILE", buildParamHolder).toString();
        }
        SysUser sysUser = new SysUser();
        HashMap hashMap = new HashMap();
        hashMap.put("mobile", str2);
        Map selectMapOne = createDataBase.selectMapOne(paramReplacer, hashMap);
        if (selectMapOne == null) {
            return null;
        }
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(selectMapOne);
        removeSecurityKey(mobileDictionary);
        sysUser.setExtArgument(mobileDictionary);
        mobileDictionary.put(LoginAccount, mobileDictionary.get(LOGINWORKNO));
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    @Deprecated
    public SysUser getUserByWorkNo(String str, String str2) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        String str3 = formatSelectUserSql(createDataBase) + String.format(" where b.workno = %s ", createDataBase.buildParamHolder("workno"));
        SysUser sysUser = new SysUser();
        HashMap hashMap = new HashMap();
        hashMap.put("workno", str2);
        Map selectMapOne = createDataBase.selectMapOne(str3, hashMap);
        if (selectMapOne == null) {
            return null;
        }
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(selectMapOne);
        removeSecurityKey(mobileDictionary);
        sysUser.setExtArgument(mobileDictionary);
        mobileDictionary.put(LoginAccount, str2);
        return sysUser;
    }

    private void removeSecurityKey(MobileDictionary mobileDictionary) {
        if (mobileDictionary.containsKey("LOGINPASS")) {
            mobileDictionary.remove("LOGINPASS");
        }
        if (mobileDictionary.containsKey("LOGINWORD")) {
            mobileDictionary.remove("LOGINWORD");
        }
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: createPhoneUser, reason: merged with bridge method [inline-methods] */
    public SysUser mo8createPhoneUser(String str, String str2, String str3) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        String buildParamHolder = createDataBase.buildParamHolder("mobile");
        String buildParamHolder2 = createDataBase.buildParamHolder("username");
        String buildParamHolder3 = createDataBase.buildParamHolder("userid");
        String buildParamHolder4 = createDataBase.buildParamHolder("loginword");
        String buildParamHolder5 = createDataBase.buildParamHolder("workno");
        String UUID = GeneralUtil.UUID();
        String.format("%08x", Long.valueOf(GeneralUtil.Now().getTime()));
        String substring = str2.length() > 6 ? str2.substring(str2.length() - 6) : str2;
        String encodeSecret = SecurityHelper.encodeSecret(substring, getAppSecretMode(str));
        StringBuilder sb = new StringBuilder();
        String sb2 = tryGetAppParamer(str, "PAM_MOBILE_CREATENEWSQL", sb) ? sb.toString() : "";
        String paramReplacer = !StringUtils.isEmpty(sb2) ? new ParamReplacer(sb2).replaceParam("PAM_MOBILE", buildParamHolder).replaceParam("PAM_USERID", buildParamHolder3).replaceParam("PAM_USERNAME", buildParamHolder2).replaceParam("PAM_LOGINWORD", buildParamHolder4).replaceParam("PAM_WORKNO", buildParamHolder5).replaceParam("PAM_LOGINWORKNO", buildParamHolder5).replaceParam("LoginAccount", buildParamHolder5).toString() : String.format("insert into SYS_USERS (USERID,WORKNO,LOGINWORD,USERNAME,MOBILE) values (%s, %s, %s, %s, %s)", buildParamHolder3, buildParamHolder5, buildParamHolder4, buildParamHolder2, buildParamHolder);
        HashMap hashMap = new HashMap();
        hashMap.put("userid", UUID);
        hashMap.put("workno", str2);
        hashMap.put("loginword", encodeSecret);
        hashMap.put("username", str2);
        hashMap.put("mobile", str2);
        createDataBase.executeUpdate(paramReplacer, hashMap);
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        sysUser.setExtArgument(mobileDictionary);
        mobileDictionary.put("LOGINUSERID", UUID);
        mobileDictionary.put(LOGINWORKNO, str2);
        mobileDictionary.put("LOGINPASS", substring);
        mobileDictionary.put("LOGINNAME", str2);
        mobileDictionary.put("LOGINMOBILE", str2);
        mobileDictionary.put(LoginAccount, str2);
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public Map<String, Object> getUserSession(String str, String str2) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        if (!createDataBase.hasTable(IUserRepository.SESSIONTABLENAME)) {
            return null;
        }
        String format = String.format("select * from %s where %s = %s and %s = 0", IUserRepository.SESSIONTABLENAME, SESSIONTABLE_FIELDS[10], createDataBase.buildParamHolder("authtoken"), SESSIONTABLE_FIELDS[7]);
        HashMap hashMap = new HashMap();
        hashMap.put("authtoken", str2);
        return createDataBase.selectMapOne(format, hashMap);
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public List<Map<String, Object>> getOnlineUserSession(String str) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        if (createDataBase.hasTable(IUserRepository.SESSIONTABLENAME)) {
            return createDataBase.selectMaps(String.format("select * from %s where  STATES = 0", IUserRepository.SESSIONTABLENAME), new HashMap());
        }
        return null;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    /* renamed from: getNoPwdUser, reason: merged with bridge method [inline-methods] */
    public SysUser mo7getNoPwdUser(String str, String str2, SysAppAuthCfg sysAppAuthCfg) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        SysAppAuthCfg sysAppAuthCfg2 = sysAppAuthCfg == null ? SysAppAuthCfg.getSysAppAuthCfg(str, true) : sysAppAuthCfg;
        String loginSql = sysAppAuthCfg2 == null ? "" : sysAppAuthCfg2.getLoginSql();
        String buildParamHolder = createDataBase.buildParamHolder("userOwner");
        String buildParamHolder2 = createDataBase.buildParamHolder("workNo");
        String buildParamHolder3 = createDataBase.buildParamHolder("memberNo");
        if (StringUtils.isEmpty(loginSql)) {
            StringBuilder sb = new StringBuilder();
            if (tryGetAppParamer(str, "PAM_LOGINSQL", sb)) {
                loginSql = sb.toString();
            }
            if (StringUtils.isEmpty(loginSql)) {
                loginSql = String.format(formatSelectUserSql(createDataBase) + " where b.WORKNO = %s", buildParamHolder2);
            }
        }
        if (!StringUtils.isEmpty(loginSql)) {
            loginSql = new ParamReplacer(loginSql).replaceParam("PAM_LOGINWORKNO", buildParamHolder2).replaceParam("LoginAccount", buildParamHolder2).replaceParam("PAM_LOGINOWNER", buildParamHolder).replaceParam("PAM_MEMBERNO", buildParamHolder3).replace(":workNo", buildParamHolder2).replace(":memberNo", buildParamHolder3).replace(":userOwner", buildParamHolder).toString();
        }
        if (loginSql.toUpperCase().contains(SYS_USERS) && !createDataBase.hasTable(SYS_USERS)) {
            throw new LoginFailException("未配置用户表：SYS_USERS");
        }
        SysUser sysUser = null;
        HashMap hashMap = new HashMap();
        hashMap.put("workNo", str2);
        Map selectMapOne = createDataBase.selectMapOne(loginSql, hashMap);
        if (selectMapOne != null) {
            sysUser = new SysUser();
            MobileDictionary mobileDictionary = new MobileDictionary();
            mobileDictionary.putAll(selectMapOne);
            sysUser.setExtArgument(mobileDictionary);
        }
        initUser(createDataBase, str, sysAppAuthCfg2, str2, sysUser, false);
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean quitLogCommand(String str, String str2) {
        return quitLogCommand(str, str2, null);
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean quitLogCommand(String str, String str2, Date date) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        CaseMap caseMap = new CaseMap();
        return createDataBase.executeUpdate(getQuitLogCommand(createDataBase, str2, caseMap, date), caseMap) > 0;
    }

    protected String getQuitLogCommand(IDB idb, String str, Map<String, Object> map, Date date) {
        String[] strArr = LOG_QUIT_FIELDS;
        if (date == null) {
            map.put(strArr[1], idb.getDbTime());
        } else {
            map.put(strArr[1], date);
        }
        map.put(strArr[2], 1);
        String buildUpdateCommand = idb.buildUpdateCommand(IUserRepository.SESSIONTABLENAME, map, String.format(" %s = %s ", strArr[0], idb.buildParamHolder("authtoken")));
        map.put(idb.buildParameterName("authtoken"), str);
        return buildUpdateCommand;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean updateStatesByLastHeart(String str) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        if (!createDataBase.hasField(IUserRepository.SESSIONTABLENAME, LOG_UPDATE_FIELDS[2])) {
            Logger.info(getClass(), "SYS_SESSION表没有" + LOG_UPDATE_FIELDS[2] + "字段，无法进行注销检测");
            return true;
        }
        String str2 = LOG_UPDATE_FIELDS[2];
        String format = String.format("update %1$s set %2$s = 1, %3$s = %4$s  where %2$s = 0 and %4$s is not null and %4$s < %5$s", IUserRepository.SESSIONTABLENAME, LOG_QUIT_FIELDS[2], LOG_QUIT_FIELDS[1], str2, createDataBase.buildParamHolder(str2));
        HashMap hashMap = new HashMap();
        hashMap.put(createDataBase.buildParameterName(str2), GeneralUtil.Now());
        return createDataBase.executeUpdate(format, hashMap) > 0;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean updateLogCommand(String str, String str2, int i) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(str));
        CaseMap caseMap = new CaseMap();
        return createDataBase.executeUpdate(getUpdateLogCommand(createDataBase, str2, i, caseMap), caseMap) > 0;
    }

    protected String getUpdateLogCommand(IDB idb, String str, int i, Map<String, Object> map) {
        String[] strArr = LOG_UPDATE_FIELDS;
        Date dbTime = idb.getDbTime();
        map.put(strArr[1], dbTime);
        if (i > 0 && idb.hasField(IUserRepository.SESSIONTABLENAME, strArr[2])) {
            map.put(strArr[2], DateUtil.addSeconds(dbTime, Integer.valueOf(i)));
        }
        String buildUpdateCommand = idb.buildUpdateCommand(IUserRepository.SESSIONTABLENAME, map, String.format(" %s = %s ", strArr[0], idb.buildParamHolder("authtoken")));
        map.put(idb.buildParameterName("authtoken"), str);
        return buildUpdateCommand;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public IUser queryUserByFiled(String str, String str2) {
        IDB createDataBase = DbHelper.createDataBase(getDataBase(AppContext.getCurrentAppId()));
        String str3 = formatSelectUserSql(createDataBase) + " WHERE " + str + "=" + createDataBase.buildParamHolder(str);
        HashMap hashMap = new HashMap();
        hashMap.put(str, str2);
        Map selectMapOne = createDataBase.selectMapOne(str3, hashMap);
        if (selectMapOne == null || !selectMapOne.containsKey("LOGINPASS")) {
            throw new LoginFailException("无效的账号或密码.已连续失败1次。超过5次账号将被锁定。");
        }
        SysUser sysUser = new SysUser();
        MobileDictionary mobileDictionary = new MobileDictionary();
        mobileDictionary.putAll(selectMapOne);
        mobileDictionary.put(LoginAccount, mobileDictionary.get(LOGINWORKNO));
        sysUser.setExtArgument(mobileDictionary);
        return sysUser;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public List<SysPreferences> getUserPreferences(String str, String str2) {
        SysPreferences sysPreferences = new SysPreferences();
        sysPreferences.setUserId(str);
        sysPreferences.setAppId(str2);
        return getUserPreferences(sysPreferences);
    }

    private static List<SysPreferences> getUserPreferences(SysPreferences sysPreferences) {
        IDB createDB = DBService.createDB((String) null);
        if (!createDB.hasTable("SYS_PREFERENCES")) {
            log.warn("未配置SYS_PREFERENCES表！");
            return null;
        }
        HashMap hashMap = new HashMap();
        if (!StringUtils.isEmpty(sysPreferences.getUserId())) {
            hashMap.put("USERID", sysPreferences.getUserId());
        } else {
            if (AppContext.getCurrentUser() == null) {
                return null;
            }
            hashMap.put("USERID", AppContext.getCurrentUser().getId());
        }
        StringBuilder sb = new StringBuilder("select * from SYS_PREFERENCES where USERID = " + createDB.buildParamHolder("USERID"));
        if (!StringUtils.isEmpty(sysPreferences.getUiViewId())) {
            sb.append(" and UIVIEWID = " + createDB.buildParamHolder("UIVIEWID"));
            hashMap.put("UIVIEWID", sysPreferences.getUiViewId());
        }
        if (!StringUtils.isEmpty(sysPreferences.getPartinsId())) {
            sb.append(" and PARTINSID = " + createDB.buildParamHolder("PARTINSID"));
            hashMap.put("PARTINSID", sysPreferences.getPartinsId());
        }
        String appId = sysPreferences.getAppId();
        if (StringUtils.isEmpty(appId)) {
            appId = AppContext.getCurrentAppId();
        }
        if (!StringUtils.isEmpty(appId)) {
            sb.append(" and APPID = " + createDB.buildParamHolder("APPID"));
            hashMap.put("APPID", appId);
        }
        ArrayList arrayList = null;
        try {
            arrayList = (ArrayList) createDB.select(sb.toString(), hashMap, SysPreferences.class);
        } catch (Exception e) {
            log.warn(e);
        }
        return arrayList;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public List<String> getUserForbidActInsIds(String str, String str2) {
        IUser currentUser = AppContext.getCurrentUser();
        if (currentUser != null) {
            if (currentUser.hasRole("ROLE_ADMIN")) {
                return new ArrayList();
            }
            RefObject refObject = new RefObject();
            if (currentUser.tryGetExtValue("POSTID", refObject) && "POST_ADMIN".equals(refObject.getArgValue())) {
                return new ArrayList();
            }
        }
        Integer opCtrlType = getOpCtrlType();
        return (opCtrlType == null || !opCtrlType.equals(0)) ? (opCtrlType == null || !opCtrlType.equals(2)) ? GetUserForbidActInsIdsByRole(str, str2) : new ArrayList() : GetUserForbidActInsIdsByActForbid(str, str2);
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public Map<String, String> getRoleObjPower(String str, final String str2) {
        IDB createDB = DBService.createDB((String) null);
        String format = String.format("SELECT r.ROLEID FROM SYS_USERS u, SYS_ROLE2POST rp, SYS_ROLE r WHERE u.POSTID=rp.POSTID AND rp.ROLEID=r.ROLEID AND u.USERID=%s", createDB.buildParamHolder("USERID"));
        HashMap<String, Object> hashMap = new HashMap<String, Object>() { // from class: cn.hangar.agp.module.security.repository.impl.DefaultUserRepository.1
            {
                put("USERID", str2);
            }
        };
        List<Map> selectMaps = createDB.selectMaps(format, hashMap);
        if (selectMaps == null || selectMaps.size() <= 0) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        HashMap hashMap2 = new HashMap();
        for (Map map : selectMaps) {
            arrayList.add("'" + map.get("ROLEID").toString() + "'");
            if ("ROLE_ADMIN".equals(map.get("ROLEID"))) {
                hashMap2.put("ROLE_ADMIN", "ROLE_ADMIN");
                return hashMap2;
            }
        }
        List<Map> selectMaps2 = createDB.selectMaps("select * from SYS_ROLEOBJLIMIT where ROLEID in (" + StringUtils.join(",", arrayList) + ") and APPID = '" + str + "'", hashMap);
        if (selectMaps2 != null) {
            for (Map map2 : selectMaps2) {
                Object obj = map2.get("OPSTATUSGRPID");
                if (obj != null && (obj.toString().toUpperCase().startsWith("OPS_") || obj.toString().equalsIgnoreCase("SYS_ATTATCHLIMIT"))) {
                    hashMap2.put(map2.get("CTRLOBJID").toString(), map2.get("PERMITOPSTR").toString());
                }
            }
        }
        return hashMap2;
    }

    private List<String> GetUserForbidActInsIdsByRole(String str, final String str2) {
        if (str.indexOf("_") > -1) {
            str = str.split("_")[0];
        }
        final String str3 = str;
        ArrayList arrayList = new ArrayList();
        try {
            IDB createDB = DBService.createDB((String) null);
            List selectMaps = createDB.selectMaps(String.format("SELECT r.POWERSTR,r.ROLEID FROM SYS_USERS u, SYS_ROLE2POST rp, SYS_ROLE r WHERE u.POSTID=rp.POSTID AND rp.ROLEID=r.ROLEID AND u.USERID=%s", createDB.buildParamHolder("USERID")), new HashMap<String, Object>() { // from class: cn.hangar.agp.module.security.repository.impl.DefaultUserRepository.2
                {
                    put("USERID", str2);
                }
            });
            List<Object[]> selectObjs = createDB.selectObjs(String.format("SELECT CTRLOBJID,POWERINDEX FROM SYS_POWERTREE WHERE APPID=%s ORDER BY POWERINDEX", createDB.buildParamHolder("APPID")), new HashMap<String, Object>() { // from class: cn.hangar.agp.module.security.repository.impl.DefaultUserRepository.3
                {
                    put("APPID", str3);
                }
            });
            if (selectMaps != null && selectMaps.size() > 0) {
                Iterator it = selectMaps.iterator();
                while (it.hasNext()) {
                    if ("ROLE_ADMIN".equals(((Map) it.next()).get("ROLEID"))) {
                        return arrayList;
                    }
                }
                Map<String, Integer> forbidPowerStrMap = getForbidPowerStrMap(CollectionUtil.select(selectMaps, map -> {
                    return getRolePowersByAPP((String) map.get("POWERSTR"), str3);
                }));
                if (selectObjs != null) {
                    for (Object[] objArr : selectObjs) {
                        Object obj = objArr[1];
                        if (forbidPowerStrMap.containsKey(obj instanceof BigDecimal ? String.valueOf(((BigDecimal) obj).intValue()) : obj.toString())) {
                            arrayList.add((String) objArr[0]);
                        }
                    }
                }
            } else if (selectObjs != null) {
                Iterator it2 = selectObjs.iterator();
                while (it2.hasNext()) {
                    arrayList.add(String.valueOf(((Object[]) it2.next())[0]));
                }
            }
        } catch (Exception e) {
        }
        return arrayList;
    }

    public List<String> GetUserForbidActInsIdsByActForbid(final String str, final String str2) {
        IDB createDB = DBService.createDB((String) null);
        if (!createDB.hasTable("SYS_USERACTFORBID")) {
            log.warn(String.format("权限表%s不存在", "SYS_USERACTFORBID"));
            return null;
        }
        String format = String.format("SELECT CTRLOBJID FROM SYS_USERACTFORBID WHERE CTRLTYPE=1 AND USERID=%s AND APPID=%s", createDB.buildParamHolder("USERID"), createDB.buildParamHolder("APPID"));
        HashMap<String, Object> hashMap = new HashMap<String, Object>() { // from class: cn.hangar.agp.module.security.repository.impl.DefaultUserRepository.4
            {
                put("USERID", str2);
                put("APPID", str);
            }
        };
        ArrayList arrayList = new ArrayList();
        try {
            List selectObjs = createDB.selectObjs(format, hashMap);
            if (selectObjs != null) {
                for (Object obj : selectObjs) {
                    if (obj != null) {
                        arrayList.add(Convert.toString(obj));
                    }
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return arrayList;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public boolean updatePassword(String str, String str2, String str3, boolean z, Date date) {
        SysAppCfg fetchSysAppCfg = AgpModelService.instance().fetchSysAppCfg(str, true);
        IDB createDB = DBService.createDB((String) null);
        StringBuilder sb = new StringBuilder();
        String buildParamHolder = createDB.buildParamHolder("userId");
        String buildParamHolder2 = createDB.buildParamHolder("password");
        String buildParamHolder3 = createDB.buildParamHolder("endValidDate");
        if (fetchSysAppCfg != null) {
            fetchSysAppCfg.tryGetParamer("PAM_CHANGEPASSWORDSQL", sb);
        }
        String paramReplacer = !StringUtils.isBlank(sb.toString()) ? new ParamReplacer(sb.toString()).replaceParam("PAM_LOGINID", buildParamHolder).replaceParam("PAM_LOGINWORD", buildParamHolder2).replaceParam("PAM_ENDVALIDDATE", buildParamHolder3).toString() : (!createDB.hasField(SYS_USERS, "ENDVALIDDATE") || date == null) ? String.format("UPDATE SYS_USERS SET LOGINWORD=%2$s where USERID = %1$s ", buildParamHolder, buildParamHolder2) : String.format("UPDATE SYS_USERS SET LOGINWORD=%2$s , ENDVALIDDATE=%3$s where USERID = %1$s ", buildParamHolder, buildParamHolder2, buildParamHolder3);
        String encodeSecret = z ? SecurityHelper.encodeSecret(str3, getAppSecretMode(fetchSysAppCfg)) : str3;
        HashMap hashMap = new HashMap();
        hashMap.put("userId", str2);
        hashMap.put("password", encodeSecret);
        hashMap.put("endValidDate", date);
        return createDB.executeUpdate(paramReplacer, hashMap) == 1;
    }

    private String getAppSecretMode(SysAppCfg sysAppCfg) {
        StringBuilder sb = new StringBuilder();
        if (sysAppCfg != null) {
            sysAppCfg.tryGetParamer("PAM_ENCRYPTTYPE", sb);
        }
        return sb.toString();
    }

    private Integer getOpCtrlType() {
        Object obj;
        Map settings = AppHelper.getSysAppCfg(AppContext.getCurrentAppId()).getSettings();
        if (settings == null || (obj = settings.get("PAM_NEWOPCTRL")) == null) {
            return null;
        }
        return Integer.valueOf(Integer.parseInt(obj.toString()));
    }

    private Map<String, Integer> getForbidPowerStrMap(List<String> list) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        for (String str : list) {
            if (!StringUtils.isBlank(str)) {
                String trim = str.trim();
                for (Integer num = 0; num.intValue() < trim.length(); num = Integer.valueOf(num.intValue() + 1)) {
                    Integer valueOf = Integer.valueOf(num.intValue() + 1);
                    String num2 = valueOf.toString();
                    if (!hashMap2.containsKey(num2)) {
                        if (trim.charAt(num.intValue()) == '0') {
                            hashMap.put(valueOf.toString(), valueOf);
                        } else {
                            hashMap2.put(num2, valueOf);
                            hashMap.remove(num2);
                        }
                    }
                }
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getRolePowersByAPP(String str, String str2) {
        String str3 = "";
        if (StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2)) {
            if (str.indexOf(">") > -1) {
                Matcher matcher = Pattern.compile("<(\\w*?)>(.*?)<\\/(\\w*?)>").matcher(str);
                while (true) {
                    if (!matcher.find()) {
                        break;
                    }
                    if (matcher.groupCount() >= 3) {
                        String group = matcher.group(1);
                        String group2 = matcher.group(2);
                        if (!StringUtils.isEmpty(group2) && !StringUtils.isEmpty(group) && group.toLowerCase().equals(("APP_" + str2).toLowerCase())) {
                            str3 = group2;
                            break;
                        }
                    }
                }
            } else {
                str3 = str;
            }
        }
        return str3;
    }

    @Override // cn.hangar.agp.module.security.repository.IUserRepository
    public void unlockUserAccount(String str, String str2) {
        new LoginErrorCache().removeLoginFail(str, str2);
    }

    public static String formatSelectUserSql(IDB idb) {
        IResDataDict resDataDict = ResDataDict.getResDataDict(SYS_USERS, true);
        StringBuilder sb = new StringBuilder();
        sb.append("select b.*,b.USERID LOGINUSERID,b.USERNAME LOGINNAME,b.WORKNO LOGINACCOUNT,b.MOBILE MOBILE,b.EMAIL EMAIL,b.USERSTATUS USERSTATUS,b.LOGINWORD LOGINPASS,b.UNITID LOGINUNITID,b.DEPARTID LOGINDEPARTID,b.POSTID LOGINPOSTID,(select UNITNAME from SYS_UNIT where UNITID = b.UNITID) LOGINUNIT,(select DEPNAME from SYS_UNITDEPART where DEPARTID = b.DEPARTID ) LOGINDEPART,(select POSTNAME from SYS_UNITPOST where POSTID = b.POSTID ) LOGINPOST");
        if (idb.hasField("SYS_UNITPOST", "ADMINDEPARTS")) {
            sb.append(",(SELECT ADMINDEPARTS FROM SYS_UNITPOST WHERE POSTID = b.POSTID) ADMINDEPARTS");
        }
        if (idb.hasField("SYS_UNITPOST", "AIDDEPARTS")) {
            sb.append(",(SELECT AIDDEPARTS FROM SYS_UNITPOST WHERE POSTID = b.POSTID) AIDDEPARTS");
        }
        if (idb.hasField("SYS_UNIT", "ADMINAREA")) {
            sb.append(",(SELECT ADMINAREA FROM SYS_UNIT WHERE UNITID=b.UNITID) LOGINAREAIDS");
        }
        if (idb.hasField(SYS_USERS, "NICKNAME")) {
            sb.append(",NICKNAME");
        }
        if (idb.hasField(SYS_USERS, "PHOTOID")) {
            sb.append(",PHOTOID");
        }
        String str = "''";
        if (resDataDict != null && StringUtils.isNotBlank(resDataDict.getSplitField()) && idb.hasField(SYS_USERS, resDataDict.getSplitField())) {
            str = resDataDict.getSplitField();
        }
        sb.append(", ").append(str).append(" USERACCESSID");
        sb.append(" from SYS_USERS b");
        return sb.toString();
    }
}
