package cn.hangar.agp.module.security;

import cn.hangar.agp.module.mq.ClientMessageEntryData;
import cn.hangar.agp.module.mq.server.MessageEntryData;
import cn.hangar.agp.module.security.authentication.IAuthenticationProvider;
import cn.hangar.agp.module.security.oauth.TreePartOauthProvider;
import cn.hangar.agp.module.security.repository.IUserRepository;
import cn.hangar.agp.module.security.repository.SysPowerRepository;
import cn.hangar.agp.module.security.spring.SecurityUtils;
import cn.hangar.agp.platform.core.app.AppContext;
import cn.hangar.agp.platform.core.app.AppException;
import cn.hangar.agp.platform.core.app.IUser;
import cn.hangar.agp.platform.core.app.IWebsockerServer;
import cn.hangar.agp.platform.core.app.PathFileHelper;
import cn.hangar.agp.platform.core.config.ConfigManager;
import cn.hangar.agp.platform.core.data.MobileList;
import cn.hangar.agp.platform.core.db.IDB;
import cn.hangar.agp.platform.core.db.IDBFactory;
import cn.hangar.agp.platform.core.db.transaction.DataSourceTransactionScope;
import cn.hangar.agp.platform.core.ioc.ContextManager;
import cn.hangar.agp.platform.core.log.Logger;
import cn.hangar.agp.platform.core.log.LoggerFactory;
import cn.hangar.agp.platform.core.rest.WebHelper;
import cn.hangar.agp.platform.core.serialize.SerializeFactory;
import cn.hangar.agp.platform.utils.CollectionUtil;
import cn.hangar.agp.platform.utils.Convert;
import cn.hangar.agp.platform.utils.DateUtil;
import cn.hangar.agp.platform.utils.GeneralUtil;
import cn.hangar.agp.platform.utils.ImageUtil;
import cn.hangar.agp.platform.utils.Ref;
import cn.hangar.agp.platform.utils.StringUtils;
import cn.hangar.agp.service.core.SecurityService;
import cn.hangar.agp.service.core.SmsService;
import cn.hangar.agp.service.core.util.AppHelper;
import cn.hangar.agp.service.core.util.CacheHelper;
import cn.hangar.agp.service.model.AgpResponse;
import cn.hangar.agp.service.model.datasource.FetchEntityModeArgument;
import cn.hangar.agp.service.model.sms.MobileMessageArgument;
import cn.hangar.agp.service.model.sys.CommonOperationResult;
import cn.hangar.agp.service.model.sys.NoPwdLoginArgument;
import cn.hangar.agp.service.model.sys.RolePowerData;
import cn.hangar.agp.service.model.sys.SysAppAuthCfg;
import cn.hangar.agp.service.model.sys.SysPowerTree;
import cn.hangar.agp.service.model.sys.SysRole;
import cn.hangar.agp.service.model.sys.SysRoleObjLimit;
import cn.hangar.agp.service.model.sys.SysRoleResLimit;
import cn.hangar.agp.service.model.sys.SysUser;
import cn.hangar.agp.service.model.sys.SysUserAuthenArgument;
import cn.hangar.agp.service.model.sys.VerifyArgument;
import java.awt.BasicStroke;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics2D;
import java.awt.LinearGradientPaint;
import java.awt.Point;
import java.awt.image.BufferedImage;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Function;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Service;

@Service("securityServiceImpl")
/* loaded from: input_file:cn/hangar/agp/module/security/HttpSecurityServiceImpl.class */
public class HttpSecurityServiceImpl implements SecurityService {
    protected Logger log = LoggerFactory.getLogger(getClass());
    SecurityUtils securityUtils;
    private static final String _LOGINUSERCLIENTIPS = "_LOGINUSERCLIENTIPS";
    public static final String ESB_AUTHEN_ACCKEY = "_ESB_AUTHEN_ACCKEY_";
    private static final ConcurrentHashMap<String, Date> updateRecord = new ConcurrentHashMap<>();
    private static final HashSet<String> invalidTokens = new HashSet<>();
    public static String GlobalUserCookieKey = "_ESB_USER_HAS_";

    /* loaded from: input_file:cn/hangar/agp/module/security/HttpSecurityServiceImpl$ValidateCoderCreater.class */
    private static class ValidateCoderCreater {
        private ValidateCoderCreater() {
        }

        public Object fetchVerifyCode(Map<String, Object> map) throws Exception {
            String currentAppId = AppContext.getCurrentAppId(WebHelper.getParameter(map, "aid"));
            String parameter = WebHelper.getParameter(map, "email");
            String parameter2 = WebHelper.getParameter(map, "phone");
            int i = 0;
            int i2 = 0;
            int i3 = 6;
            String parameter3 = WebHelper.getParameter(map, "validType", true);
            String parameter4 = WebHelper.getParameter(map, "codeType", true);
            String parameter5 = WebHelper.getParameter(map, "codeLength", true);
            if (parameter3 != null) {
                i = StringUtils.isNum(parameter3) ? Integer.valueOf(parameter3).intValue() : 0;
            }
            if (parameter4 != null) {
                i2 = StringUtils.isNum(parameter4) ? Integer.valueOf(parameter4).intValue() : 0;
            }
            if (parameter5 != null) {
                i3 = StringUtils.isNum(parameter5) ? Integer.valueOf(parameter5).intValue() : 0;
            }
            String createValidateCode = createValidateCode(i2, i3);
            if (i == 1) {
                WebHelper.setSessionAttr("LOGINSMSVALIDCODE_" + currentAppId, createValidateCode);
                return handleSms(createValidateCode, parameter2, currentAppId);
            }
            if (i == 2) {
                WebHelper.setSessionAttr("LOGINEMAILVALIDCODE_" + currentAppId, createValidateCode);
                return handleEmail(createValidateCode, parameter, currentAppId);
            }
            WebHelper.setSessionAttr("LOGINVALIDCODE_" + currentAppId, createValidateCode);
            return handleValid(createValidateCode, currentAppId);
        }

        private Object handleSms(String str, String str2, String str3) throws Exception {
            MobileMessageArgument mobileMessageArgument = new MobileMessageArgument();
            mobileMessageArgument.setContent(str);
            mobileMessageArgument.setPhone(str2);
            mobileMessageArgument.setSmsType(0);
            return SmsService.instance().sendMessage(mobileMessageArgument).isData() ? AgpResponse.success(true) : AgpResponse.success(false);
        }

        private Object handleEmail(String str, String str2, String str3) throws Exception {
            Thread.sleep(5000L);
            return "模拟调用邮件发送服务";
        }

        private Object handleValid(String str, String str2) throws Exception {
            return createValidateGraphic(str);
        }

        private String createValidateCode(int i, int i2) {
            int i3;
            String str = "";
            Random random = new Random();
            for (int i4 = 0; i4 < i2; i4++) {
                int nextInt = random.nextInt(255);
                if (i == 1) {
                    i3 = nextInt % 36;
                    if (i3 < 10) {
                        i3 += 10;
                    }
                } else {
                    i3 = i == 2 ? nextInt % 10 : nextInt % 36;
                }
                str = str + ((char) (i3 < 10 ? i3 + 48 : i3 + 55));
            }
            return str;
        }

        private byte[] createValidateGraphic(String str) {
            return createValidateGraphic(str, str.length() * 15, 22);
        }

        private byte[] createValidateGraphic(String str, int i, int i2) {
            BufferedImage bufferedImage = new BufferedImage(i, i2, 1);
            Graphics2D createGraphics = bufferedImage.createGraphics();
            try {
                Random random = new Random();
                createGraphics.setBackground(Color.WHITE);
                createGraphics.clearRect(0, 0, bufferedImage.getWidth(), bufferedImage.getHeight());
                createGraphics.setColor(new Color(192, 192, 192, 255));
                createGraphics.setStroke(new BasicStroke(1.0f));
                createGraphics.drawRect(0, 0, bufferedImage.getWidth() - 1, bufferedImage.getHeight() - 1);
                for (int i3 = 0; i3 < 25; i3++) {
                    createGraphics.drawLine(random.nextInt(bufferedImage.getWidth()), random.nextInt(bufferedImage.getHeight()), random.nextInt(bufferedImage.getWidth()), random.nextInt(bufferedImage.getHeight()));
                }
                createGraphics.setFont(new Font("Arial", 3, 16));
                createGraphics.setPaint(new LinearGradientPaint(new Point(0, 0), new Point(bufferedImage.getWidth(), bufferedImage.getHeight()), new float[]{0.1f, 0.7f}, new Color[]{Color.BLUE, new Color(139, 0, 0, 255)}));
                createGraphics.translate(2, 15);
                createGraphics.drawString(str, 3, 2);
                for (int i4 = 0; i4 < 100; i4++) {
                    bufferedImage.setRGB(random.nextInt(bufferedImage.getWidth()), random.nextInt(bufferedImage.getHeight()), new Color(random.nextInt()).getRGB());
                }
                byte[] imageToPng = ImageUtil.imageToPng(bufferedImage);
                createGraphics.dispose();
                return imageToPng;
            } catch (Throwable th) {
                createGraphics.dispose();
                throw th;
            }
        }
    }

    public static String getVaildCodeKey(String str) {
        return "LOGINVALIDCODE_" + str;
    }

    synchronized SecurityUtils getSecurityUtils() {
        if (this.securityUtils == null) {
            this.securityUtils = (SecurityUtils) ContextManager.find(SecurityUtils.class);
        }
        return this.securityUtils;
    }

    public IUser refreshAuthorizeUser(String str, String str2) {
        return refreshAuthorizeUser(str, str2, true);
    }

    private void keepGlobalSessionId(int i) {
        Cookie cookie = new Cookie("JSESSIONID", WebHelper.getCookie("JSESSIONID", (String) null));
        cookie.setHttpOnly(true);
        cookie.setMaxAge(i);
        WebHelper.addCookie(cookie);
    }

    public IUser refreshAuthorizeUser(String str, String str2, Boolean bool) {
        if (StringUtils.isBlank(str2)) {
            return null;
        }
        String accessKey = StringUtils.isEmpty(str) ? getAccessKey(str2) : str;
        if (invalidTokens.contains(accessKey)) {
            quitAuthenticate(accessKey, false);
            return null;
        }
        IUser iUser = null;
        if (bool.booleanValue()) {
            iUser = getCachedUser(accessKey, str2);
        }
        if (iUser == null && !StringUtils.isEmpty(accessKey)) {
            try {
                AppContext.setCurrentUser((IUser) null);
                iUser = getSecurityUtils().login(accessKey, str2);
                if (iUser != null && iUser.isAuthenticated()) {
                    writeCachedUser(iUser, str2);
                }
                return iUser;
            } catch (Exception e) {
                this.log.debug(e.getMessage());
            }
        } else if (iUser != null && iUser != null && iUser.isAuthenticated()) {
            String str3 = iUser.getAuthenTokens() + "/" + (str2 == null ? "" : str2);
            String str4 = "timeoutKey/" + (str2 == null ? "" : str2);
            writeCachedUser(iUser, str2);
            IUserRepository iUserRepository = (IUserRepository) ContextManager.findService(IUserRepository.class);
            if (updateRecord.get(str4) == null || updateRecord.get(str4).before(GeneralUtil.Now())) {
                updateRecord.put(str4, DateUtil.addSeconds(new Date(), 180));
                if (iUserRepository != null) {
                    iUserRepository.updateLogCommand(str2, accessKey, iUser.getSessionKeepMaxTime());
                }
            }
            if (updateRecord.get(str3) == null || updateRecord.get(str3).before(GeneralUtil.Now())) {
                updateRecord.put(str3, DateUtil.addSeconds(new Date(), 10));
                if (iUser.getSessionKeepMaxTime() != 0 && ConfigManager.isRelease()) {
                    try {
                        synchronized (this) {
                            iUserRepository.updateStatesByLastHeart(str2);
                        }
                    } catch (Exception e2) {
                        e2.printStackTrace();
                    }
                }
            }
        }
        SysAppAuthCfg sysAppAuthCfg = SysAppAuthCfg.getSysAppAuthCfg(str2, bool.booleanValue());
        if (AppContext.getCurrentData("userName") != null && AppContext.getCurrentData("userSecret") != null) {
            SysUserAuthenArgument sysUserAuthenArgument = new SysUserAuthenArgument();
            sysUserAuthenArgument.setAuthAppId(str2);
            sysUserAuthenArgument.setUserName((String) AppContext.getCurrentData("userName"));
            sysUserAuthenArgument.setUserSecret((String) AppContext.getCurrentData("userSecret"));
            iUser = getSecurityUtils().login(sysUserAuthenArgument);
            if (iUser != null && iUser.isAuthenticated()) {
                writeCachedUser(iUser, str2);
            }
        } else if (iUser == null && sysAppAuthCfg != null && sysAppAuthCfg.getAllowAuthByApi().intValue() == 1 && sysAppAuthCfg.getAllowAutoLogin().intValue() == 1 && StringUtils.isNotBlank(sysAppAuthCfg.getApiServerSite())) {
            String ssoLoginWithCookie = ((TreePartOauthProvider) ContextManager.find("TreePartProvider", TreePartOauthProvider.class)).ssoLoginWithCookie();
            this.log.info("三方登陆用户名(COOKIE):" + ssoLoginWithCookie);
            if (StringUtils.isNotBlank(ssoLoginWithCookie)) {
                SysUserAuthenArgument sysUserAuthenArgument2 = new SysUserAuthenArgument();
                sysUserAuthenArgument2.setUserName(ssoLoginWithCookie);
                sysUserAuthenArgument2.setAuthAppId(str2);
                sysUserAuthenArgument2.setNoPwgLogin(true);
                iUser = getSecurityUtils().login(sysUserAuthenArgument2);
                if (iUser != null && iUser.isAuthenticated()) {
                    writeCachedUser(iUser, str2);
                }
            }
        } else if (iUser == null && sysAppAuthCfg != null && sysAppAuthCfg.getAllowAutoLogin().intValue() == 1 && sysAppAuthCfg.getAllowLoginByUrl().intValue() == 2) {
            String ssoLoginWithToken = ((TreePartOauthProvider) ContextManager.find("TreePartProvider", TreePartOauthProvider.class)).ssoLoginWithToken();
            this.log.info("三方登陆用户名(URL):" + ssoLoginWithToken);
            if (StringUtils.isNotBlank(ssoLoginWithToken)) {
                SysUserAuthenArgument sysUserAuthenArgument3 = new SysUserAuthenArgument();
                sysUserAuthenArgument3.setUserName(ssoLoginWithToken);
                sysUserAuthenArgument3.setAuthAppId(str2);
                sysUserAuthenArgument3.setNoPwgLogin(true);
                iUser = getSecurityUtils().login(sysUserAuthenArgument3);
                if (iUser != null && iUser.isAuthenticated()) {
                    writeCachedUser(iUser, str2);
                }
            }
        }
        if (iUser != null || ConfigManager.isRelease() || IDBFactory.createDataBase("Default").hasTable("SYS_USERS")) {
            getSecurityUtils().login(iUser);
            return iUser;
        }
        this.log.warn(str2 + "未配置用户表");
        return new SysUser();
    }

    public IUser authorizeUser(SysUserAuthenArgument sysUserAuthenArgument) {
        beforeAuthorize(sysUserAuthenArgument);
        if ("2".equals(sysUserAuthenArgument.getNeedValidCode()) && StringUtils.isNotBlank(sysUserAuthenArgument.getNewPassword())) {
            if (StringUtils.isBlank(sysUserAuthenArgument.getCheckPassword())) {
                sysUserAuthenArgument.setCheckPassword(sysUserAuthenArgument.getNewPassword());
            }
            getAuthenticationProvider(null).changePassword(sysUserAuthenArgument, false);
        }
        IUser login = getSecurityUtils().login(sysUserAuthenArgument);
        if (login != null && login.isAuthenticated()) {
            checkLoginUserCount(sysUserAuthenArgument.getAuthAppId(), sysUserAuthenArgument.getUserName(), login.getAuthenTokens());
            writeCachedUser(login, sysUserAuthenArgument.getAuthAppId());
        }
        return login;
    }

    public IUser resumeLogin() {
        String accessKey = getAccessKey(AppContext.getCurrentAppId());
        invalidTokens.remove(accessKey);
        String currentAppId = AppContext.getCurrentAppId();
        IUser login = getSecurityUtils().login(accessKey, AppContext.getCurrentAppId());
        if (login != null && login.isAuthenticated()) {
            checkLoginUserCount(currentAppId, login.getName(), login.getAuthenTokens());
            writeCachedUser(login, currentAppId);
        }
        return login;
    }

    private String getClientipsRegion(String str) {
        return (StringUtils.isEmpty(str) ? AppContext.getCurrentAppId() : str) + "." + _LOGINUSERCLIENTIPS;
    }

    private String getClientipsCacheKey(String str, String str2) {
        return str + "." + str2;
    }

    public void registeIp(String str, String str2, String str3) {
        WebHelper.setCache(getClientipsCacheKey(str2, str3), str3, getClientipsRegion(str), getLOGINUSERINTERVAL(AppHelper.getSysAppAuthCfg(str)));
    }

    public void unRegisteIp(String str, String str2, String str3) {
        WebHelper.removeCache(getClientipsCacheKey(str2, str3), getClientipsRegion(str));
    }

    public void checkLoginUserCount(String str, String str2, String str3) {
        Collection cacheKeys;
        SysAppAuthCfg sysAppAuthCfg = AppHelper.getSysAppAuthCfg(str);
        if (StringUtils.isEmpty(WebHelper.getCacheString(getClientipsCacheKey(str2, str3), getClientipsRegion(str))) && (cacheKeys = WebHelper.getCacheKeys(getClientipsRegion(str), str2)) != null && cacheKeys.size() >= getLOGINUSERMAXCOUNT(sysAppAuthCfg)) {
            String str4 = (String) WebHelper.getCache(((ArrayList) cacheKeys).get(0).toString().replace(getClientipsRegion(str) + ".", ""), getClientipsRegion(str));
            ClientMessageEntryData clientMessageEntryData = new ClientMessageEntryData(MessageEntryData.From(new HashMap()), AppContext.getCurrentAppId(), "socket_key_pushMsg");
            clientMessageEntryData.setTopic("SYSTEMOFFLINE");
            IWebsockerServer.instance().sendTextByToken(str4, clientMessageEntryData.toSimpleJson());
            invalidTokens.add(str4);
            unRegisteIp(str, str2, str4);
        }
    }

    private int getLOGINUSERINTERVAL(SysAppAuthCfg sysAppAuthCfg) {
        if (sysAppAuthCfg == null || Convert.toInt(sysAppAuthCfg.getSessiontime()) * 60 <= 0) {
            return 3600;
        }
        return sysAppAuthCfg.getSessiontime().intValue() * 60;
    }

    private int getLOGINUSERMAXCOUNT(SysAppAuthCfg sysAppAuthCfg) {
        if (sysAppAuthCfg == null || Convert.toInt(sysAppAuthCfg.getAllowperusernum()) <= 0) {
            return 999;
        }
        return sysAppAuthCfg.getAllowperusernum().intValue();
    }

    public IUser noPwdLogin(NoPwdLoginArgument noPwdLoginArgument) {
        SysUserAuthenArgument sysUserAuthenArgument = new SysUserAuthenArgument();
        sysUserAuthenArgument.setUserName(noPwdLoginArgument.getUserName());
        sysUserAuthenArgument.setAuthAppId(noPwdLoginArgument.getAppid());
        sysUserAuthenArgument.setNoPwgLogin(true);
        return authorizeUser(sysUserAuthenArgument);
    }

    public String getAccessKey(String str) {
        if (str == null) {
            return null;
        }
        String tokenByHeader = WebHelper.getTokenByHeader();
        if (tokenByHeader == null) {
            tokenByHeader = WebHelper.getCookie(getAppCookieKey(str, getAccessCookieKey()), (String) null);
        }
        return tokenByHeader;
    }

    private void beforeAuthorize(SysUserAuthenArgument sysUserAuthenArgument) {
        if (StringUtils.isEmpty(sysUserAuthenArgument.getAuthAppId())) {
            sysUserAuthenArgument.setAuthAppId(AppContext.getCurrentAppId());
        }
        if (sysUserAuthenArgument.getAuthHashCode() != 0 || sysUserAuthenArgument.isNoPwgLogin()) {
            return;
        }
        StringBuilder sb = new StringBuilder();
        sysUserAuthenArgument.setAuthHashCode(getBrowseKey(WebHelper.getCurrentRequest(), sb));
        if (StringUtils.isEmpty(sysUserAuthenArgument.getClientInfo()) && !StringUtils.isEmpty(sb.toString())) {
            sysUserAuthenArgument.setClientInfo(sb.toString());
        }
        if (Convert.toBoolean(ConfigManager.getProperty("test"))) {
            return;
        }
        if ("1".equals(sysUserAuthenArgument.getNeedValidCode())) {
            String vaildCodeKey = getVaildCodeKey(sysUserAuthenArgument.getAuthAppId());
            Object sessionAttr = WebHelper.getSessionAttr(vaildCodeKey);
            if (sessionAttr != null && (sessionAttr instanceof Boolean)) {
                if (!((Boolean) sessionAttr).booleanValue()) {
                    throw new AppException("滑图验证失败！");
                }
                return;
            }
            String stringUtils = StringUtils.toString(sessionAttr);
            boolean z = !StringUtils.isEmpty(stringUtils) && StringUtils.equalsIgnoreCase(stringUtils, sysUserAuthenArgument.getValidCode());
            WebHelper.removeSession(vaildCodeKey);
            if (!z) {
                throw new AppException("无效的验证码");
            }
            return;
        }
        if ("2".equals(sysUserAuthenArgument.getNeedValidCode())) {
            String stringUtils2 = StringUtils.toString(WebHelper.getSessionAttr("LOGINSMSVALIDCODE_" + sysUserAuthenArgument.getAuthAppId()));
            boolean z2 = !StringUtils.isEmpty(stringUtils2) && StringUtils.equalsIgnoreCase(stringUtils2, sysUserAuthenArgument.getValidCode());
            WebHelper.removeSession("LOGINSMSVALIDCODE_" + sysUserAuthenArgument.getAuthAppId());
            if (!z2) {
                throw new AppException("无效的短信验证码");
            }
            return;
        }
        if ("4".equals(sysUserAuthenArgument.getNeedValidCode())) {
            String stringUtils3 = StringUtils.toString(WebHelper.getSessionAttr("LOGINEMAILVALIDCODE_" + sysUserAuthenArgument.getAuthAppId()));
            boolean z3 = !StringUtils.isEmpty(stringUtils3) && StringUtils.equalsIgnoreCase(stringUtils3, sysUserAuthenArgument.getValidCode());
            WebHelper.removeSession("LOGINEMAILVALIDCODE_" + sysUserAuthenArgument.getAuthAppId());
            if (!z3) {
                throw new AppException("无效的邮件验证码");
            }
        }
    }

    static int getBrowseKey(HttpServletRequest httpServletRequest, StringBuilder sb) {
        StringBuilder sb2 = new StringBuilder();
        String parameter = httpServletRequest.getParameter("HTTP_VIA");
        String parameter2 = httpServletRequest.getParameter("HTTP_X_FORWARDED_FOR");
        String parameter3 = httpServletRequest.getParameter("REMOTE_ADDR") == null ? "" : httpServletRequest.getParameter("REMOTE_ADDR");
        String str = parameter3;
        if (!StringUtils.isEmpty(parameter)) {
            sb2.append(parameter);
            sb2.append("//");
            sb2.append(parameter2);
            sb2.append("//");
            str = parameter2.split(",")[0];
        }
        sb2.append(parameter3);
        sb2.append("//");
        sb2.append(httpServletRequest.getHeader("User-Agent"));
        sb2.append("//");
        sb2.append(str);
        sb.append(str);
        return sb2.toString().hashCode();
    }

    protected void writeCachedUser(IUser iUser, String str) {
        if (StringUtils.isBlank(iUser.getAuthenTokens())) {
            return;
        }
        int sessionKeepMaxTime = iUser.getSessionKeepMaxTime();
        String appCookieKey = getAppCookieKey(str, getAccessCookieKey());
        Cookie cookie = new Cookie(appCookieKey, iUser.getAuthenTokens());
        cookie.setHttpOnly(true);
        iUser.setAuthenTokenKey(appCookieKey);
        if (sessionKeepMaxTime != 0) {
            cookie.setMaxAge(sessionKeepMaxTime);
            keepGlobalSessionId(sessionKeepMaxTime);
        }
        WebHelper.addCookie(cookie);
        WebHelper.removeCookie(GlobalUserCookieKey);
        WebHelper.setSessionAttr(iUser.getAuthenTokens() + "/" + (str == null ? "" : str), iUser, sessionKeepMaxTime);
        registeIp(str, (String) iUser.getExtArgument().get("WORKNO"), iUser.getAuthenTokens());
    }

    public static String getAppCookieKey(String str, String str2) {
        if (StringUtils.isBlank(str)) {
            str = AppContext.getCurrentAppId();
        }
        if (StringUtils.isBlank(str)) {
            str = "default";
        }
        String property = ConfigManager.getProperty("SystemPrefixKey");
        if (!StringUtils.isBlank(property) && !str.equals(property)) {
            return property + "_" + str2;
        }
        HttpServletRequest currentRequest = WebHelper.getCurrentRequest();
        if (currentRequest == null) {
            return str + "_" + str2;
        }
        int serverPort = currentRequest.getServerPort();
        String replace = PathFileHelper.getApplicationPath(str, true).replace('\\', '.').replace('/', '.').replace(":", "");
        String str3 = serverPort == 80 ? "" : "P" + serverPort + "_";
        if (StringUtils.isBlank(replace)) {
            String str4 = str3;
            try {
                str4 = URLEncoder.encode(str3, "GBK");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }
            return str4 + str + "_" + str2;
        }
        String str5 = str3 + replace;
        try {
            str5 = URLEncoder.encode(str3 + replace, "GBK");
        } catch (UnsupportedEncodingException e2) {
            e2.printStackTrace();
        }
        return str5 + "_" + str + "_" + str2;
    }

    protected String getAccessCookieKey() {
        return ESB_AUTHEN_ACCKEY;
    }

    protected IUser getCachedUser(String str, String str2) {
        if (str == null || StringUtils.isEmpty(str2)) {
            return null;
        }
        Object sessionAttr = WebHelper.getSessionAttr(str + "/" + (StringUtils.isNotBlank(str2) ? str2 : ""));
        if (sessionAttr instanceof IUser) {
            return (IUser) sessionAttr;
        }
        if (sessionAttr instanceof String) {
            return (IUser) SerializeFactory.parseJson(sessionAttr.toString(), IUser.class);
        }
        return null;
    }

    protected void removeCachedUser(String str, String str2, Boolean bool) {
        String str3 = str + "/" + (StringUtils.isNotBlank(str2) ? str2 : "");
        WebHelper.removeSession(str3);
        String appCookieKey = getAppCookieKey(str2, getAccessCookieKey());
        if (bool.booleanValue()) {
            WebHelper.removeCookie(appCookieKey);
        }
        this.log.info("删除用户session成功: cookie:" + appCookieKey + " session:" + str3);
        IUser currentUser = AppContext.getCurrentUser();
        if (currentUser != null) {
            unRegisteIp(str2, (String) currentUser.getExtArgument().get("WORKNO"), currentUser.getAuthenTokens());
        }
    }

    protected void removeCachedUser(String str, String str2) {
        removeCachedUser(str, str2, true);
    }

    public IUser changeUserPassword(SysUserAuthenArgument sysUserAuthenArgument) {
        sysUserAuthenArgument.getAuthenMode();
        return getAuthenticationProvider(null).changePassword(sysUserAuthenArgument);
    }

    public Boolean quitAuthenticate(String str) {
        return quitAuthenticate(str, true);
    }

    public Boolean quitAuthenticate(String str, boolean z) {
        if (str == null || StringUtils.isEmpty(str)) {
            return false;
        }
        IAuthenticationProvider authenticationProvider = getAuthenticationProvider(null);
        removeCachedUser(str, AppContext.getCurrentAppId(), Boolean.valueOf(z));
        SecurityUtils securityUtils = getSecurityUtils();
        if (!authenticationProvider.quitAuthenticate(str)) {
            return false;
        }
        securityUtils.logout();
        return true;
    }

    public Boolean quitAuthenticate() {
        if (AppContext.getCurrentUser() == null) {
            return true;
        }
        return quitAuthenticate(AppContext.getCurrentUser().getAuthenTokens());
    }

    private IAuthenticationProvider getAuthenticationProvider(String str) {
        return (IAuthenticationProvider) ContextManager.find("defaultAuthenticationProvider", IAuthenticationProvider.class);
    }

    public boolean checkLogin() {
        return refreshAuthorizeUser(null, AppContext.getCurrentAppId()) != null;
    }

    public IUser getCurrentUser() {
        return AppContext.getCurrentUser();
    }

    public Object fetchVerifyCode(Map<String, Object> map) {
        try {
            return new ValidateCoderCreater().fetchVerifyCode(map);
        } catch (Exception e) {
            throw new AppException(e);
        }
    }

    public Boolean verifyAuthenticate(VerifyArgument verifyArgument) {
        String str = null;
        switch (verifyArgument.getAuthType()) {
            case 0:
                str = StringUtils.toString(WebHelper.getSessionAttr("LOGINVALIDCODE_" + verifyArgument.getAuthAppId()));
                break;
            case 1:
                str = StringUtils.toString(WebHelper.getSessionAttr("LOGINSMSVALIDCODE_" + verifyArgument.getAuthAppId()));
                break;
            case 2:
                str = StringUtils.toString(WebHelper.getSessionAttr("LOGINEMAILVALIDCODE_" + verifyArgument.getAuthAppId()));
                break;
        }
        return Boolean.valueOf(StringUtils.equals(verifyArgument.getCode(), str));
    }

    public RolePowerData fetchRolePowerData(FetchEntityModeArgument fetchEntityModeArgument) {
        return (RolePowerData) CacheHelper.fetchFromCache(Thread.currentThread().getStackTrace()[1].getMethodName(), fetchEntityModeArgument, fetchEntityModeArgument2 -> {
            return fetchRolePowerData(fetchEntityModeArgument.getKeyId(), (Boolean) fetchEntityModeArgument.getExtPara1());
        }, true, 900);
    }

    public RolePowerData fetchRolePowerData(String str, Boolean bool) {
        SysPowerRepository sysPowerRepository = (SysPowerRepository) ContextManager.findOne(SysPowerRepository.class);
        if (sysPowerRepository == null) {
            return null;
        }
        String appIdNoBrno = AppContext.getAppIdNoBrno(str);
        String str2 = (!bool.booleanValue() || ConfigManager.isRelease()) ? "Default" : "ConfigDatabase";
        MobileList<SysRole> loadSysRoles = sysPowerRepository.loadSysRoles(str2, appIdNoBrno);
        MobileList<SysPowerTree> loadSysPowerTrees = sysPowerRepository.loadSysPowerTrees(str2, appIdNoBrno, bool);
        MobileList<SysRoleObjLimit> loadSysRoleObjLimits = sysPowerRepository.loadSysRoleObjLimits(str2, appIdNoBrno);
        MobileList<SysRoleResLimit> loadSysRoleResLimits = sysPowerRepository.loadSysRoleResLimits(str2, appIdNoBrno, bool.booleanValue());
        RolePowerData rolePowerData = new RolePowerData();
        rolePowerData.setAppId(appIdNoBrno);
        rolePowerData.setSysRoles(loadSysRoles);
        rolePowerData.setSysPowerTrees(loadSysPowerTrees);
        rolePowerData.setSysRoleObjLimits(loadSysRoleObjLimits);
        rolePowerData.setSysRoleResLimits(loadSysRoleResLimits);
        return rolePowerData;
    }

    public boolean isPersistentUserEnabled(String str, Ref ref) {
        SysAppAuthCfg sysAppAuthCfg = SysAppAuthCfg.getSysAppAuthCfg(str, true);
        if (sysAppAuthCfg == null || sysAppAuthCfg.getSessiontime() == null) {
            return false;
        }
        ref.argValue = Integer.valueOf(sysAppAuthCfg.getSessiontime().intValue() * 60);
        return true;
    }

    public boolean verifyActins(String str) {
        List list;
        IUser currentUser = AppContext.getCurrentUser();
        return currentUser == null || (list = (List) currentUser.getExtArgument().get("userLimitIds")) == null || !list.contains(str);
    }

    public CommonOperationResult updateRolePower(RolePowerData rolePowerData) throws Exception {
        CommonOperationResult commonOperationResult = new CommonOperationResult();
        SysPowerRepository sysPowerRepository = (SysPowerRepository) ContextManager.find(SysPowerRepository.class);
        if (sysPowerRepository == null) {
            return null;
        }
        MobileList<SysRole> loadSysRoles = sysPowerRepository.loadSysRoles("Default", rolePowerData.getAppId());
        MobileList<SysPowerTree> loadSysPowerTrees = sysPowerRepository.loadSysPowerTrees("Default", rolePowerData.getAppId(), false);
        try {
            DataSourceTransactionScope dataSourceTransactionScope = new DataSourceTransactionScope();
            Throwable th = null;
            try {
                try {
                    IDB createDataBase = IDBFactory.createDataBase("Default");
                    updateRoles(createDataBase, rolePowerData, loadSysRoles, loadSysPowerTrees);
                    updatePowerTrees(createDataBase, rolePowerData, loadSysPowerTrees);
                    updateRoleLimits(createDataBase, rolePowerData, loadSysRoles);
                    clearLimits(createDataBase, rolePowerData);
                    dataSourceTransactionScope.commit();
                    if (dataSourceTransactionScope != null) {
                        if (0 != 0) {
                            try {
                                dataSourceTransactionScope.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            dataSourceTransactionScope.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (AppException e) {
            commonOperationResult.setStatus(2);
            commonOperationResult.setError(e.getMessage());
        } catch (Exception e2) {
            commonOperationResult.setStatus(2);
            commonOperationResult.setError(e2.getMessage());
            e2.printStackTrace();
        }
        return commonOperationResult;
    }

    private void updatePowerTrees(IDB idb, RolePowerData rolePowerData, MobileList<SysPowerTree> mobileList) throws Exception {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        HashMap hashMap = new HashMap();
        Iterator it = rolePowerData.getSysPowerTrees().iterator();
        while (it.hasNext()) {
            SysPowerTree sysPowerTree = (SysPowerTree) it.next();
            if (!hashMap.containsKey(sysPowerTree.getPowerCtrlId())) {
                hashMap.put(sysPowerTree.getPowerCtrlId(), sysPowerTree);
            }
        }
        HashMap hashMap2 = new HashMap();
        Iterator it2 = mobileList.iterator();
        while (it2.hasNext()) {
            SysPowerTree sysPowerTree2 = (SysPowerTree) it2.next();
            if (!hashMap2.containsKey(sysPowerTree2.getPowerCtrlId())) {
                hashMap2.put(sysPowerTree2.getPowerCtrlId(), sysPowerTree2);
            }
        }
        Iterator it3 = rolePowerData.getSysPowerTrees().iterator();
        while (it3.hasNext()) {
            SysPowerTree sysPowerTree3 = (SysPowerTree) it3.next();
            if (sysPowerTree3.getPowerCtrlId().contains("_")) {
                sysPowerTree3.setPowerCtrlId(sysPowerTree3.getPowerCtrlId().split("_")[0]);
            }
            if (hashMap2.containsKey(sysPowerTree3.getPowerCtrlId())) {
                arrayList2.add(sysPowerTree3);
            } else {
                arrayList.add(sysPowerTree3);
            }
        }
        Iterator it4 = mobileList.iterator();
        while (it4.hasNext()) {
            SysPowerTree sysPowerTree4 = (SysPowerTree) it4.next();
            if (!hashMap.containsKey(sysPowerTree4.getPowerCtrlId())) {
                arrayList3.add(sysPowerTree4);
            }
        }
        if (!arrayList.isEmpty()) {
            Iterator it5 = arrayList.iterator();
            while (it5.hasNext()) {
                tryInsert(idb, (SysPowerTree) it5.next(), "SYS_POWERTREE");
            }
        }
        if (!arrayList2.isEmpty()) {
            Iterator it6 = arrayList2.iterator();
            while (it6.hasNext()) {
                tryUpdate(idb, (SysPowerTree) it6.next(), "SYS_POWERTREE");
            }
        }
        if (arrayList3.isEmpty()) {
            return;
        }
        Iterator it7 = arrayList3.iterator();
        while (it7.hasNext()) {
            tryDelete(idb, (SysPowerTree) it7.next(), "SYS_POWERTREE");
        }
    }

    private void updateRoles(IDB idb, RolePowerData rolePowerData, MobileList<SysRole> mobileList, MobileList<SysPowerTree> mobileList2) throws Exception {
        Map<Integer, Integer> powerIndexMap = getPowerIndexMap(rolePowerData.getSysPowerTrees(), mobileList2);
        Integer num = (Integer) CollectionUtil.max(rolePowerData.getSysPowerTrees(), sysPowerTree -> {
            return Integer.valueOf(sysPowerTree.getPowerIndex() == null ? 0 : sysPowerTree.getPowerIndex().intValue());
        });
        if (num == null) {
            num = 0;
        }
        String initPowerStr = getInitPowerStr(num);
        HashMap hashMap = new HashMap();
        Iterator it = mobileList.iterator();
        while (it.hasNext()) {
            SysRole sysRole = (SysRole) it.next();
            if (!hashMap.containsKey(sysRole.getRoleId())) {
                hashMap.put(sysRole.getRoleId(), sysRole);
            }
        }
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        Iterator it2 = rolePowerData.getSysRoles().iterator();
        while (it2.hasNext()) {
            SysRole sysRole2 = (SysRole) it2.next();
            String powerStr = StringUtils.isBlank(sysRole2.getPowerStr()) ? "" : sysRole2.getPowerStr();
            if (powerStr.length() < initPowerStr.length()) {
                sysRole2.setPowerStr(powerStr + getInitPowerStr(Integer.valueOf(initPowerStr.length() - powerStr.length())));
            }
            if (hashMap.containsKey(sysRole2.getRoleId())) {
                if (!hashMap3.containsKey(sysRole2.getRoleId())) {
                    arrayList2.add(sysRole2);
                }
            } else if (!hashMap2.containsKey(sysRole2.getRoleId())) {
                arrayList.add(sysRole2);
            }
        }
        if (!arrayList.isEmpty()) {
            Iterator it3 = arrayList.iterator();
            while (it3.hasNext()) {
                tryInsert(idb, (SysRole) it3.next(), "SYS_ROLE");
            }
        }
        if (!arrayList2.isEmpty()) {
            Iterator it4 = arrayList2.iterator();
            while (it4.hasNext()) {
                tryUpdate(idb, (SysRole) it4.next(), "SYS_ROLE");
            }
        }
        HashMap hashMap4 = new HashMap();
        Iterator it5 = rolePowerData.getSysRoles().iterator();
        while (it5.hasNext()) {
            SysRole sysRole3 = (SysRole) it5.next();
            if (!hashMap4.containsKey(sysRole3.getRoleId())) {
                hashMap4.put(sysRole3.getRoleId(), sysRole3);
            }
        }
        ArrayList<SysRole> arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        Iterator it6 = mobileList.iterator();
        while (it6.hasNext()) {
            SysRole sysRole4 = (SysRole) it6.next();
            if (!hashMap4.containsKey(sysRole4.getRoleId())) {
                if (sysRole4.getIsSysRole() == null || !sysRole4.getIsSysRole().equals(1)) {
                    arrayList3.add(sysRole4);
                } else {
                    arrayList4.add(sysRole4);
                }
            }
        }
        if (!arrayList3.isEmpty()) {
            for (SysRole sysRole5 : arrayList3) {
                sysRole5.setPowerStr(getRolePowerStr(initPowerStr, sysRole5.getPowerStr(), powerIndexMap));
                tryUpdate(idb, sysRole5, "SYS_ROLE");
            }
        }
        if (arrayList4.isEmpty()) {
            return;
        }
        Iterator it7 = arrayList4.iterator();
        while (it7.hasNext()) {
            tryDelete(idb, (SysRole) it7.next(), "SYS_ROLE");
        }
    }

    private Map<Integer, Integer> getPowerIndexMap(MobileList<SysPowerTree> mobileList, MobileList<SysPowerTree> mobileList2) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        Iterator it = mobileList.iterator();
        while (it.hasNext()) {
            SysPowerTree sysPowerTree = (SysPowerTree) it.next();
            if (sysPowerTree.getPowerIndex() != null && !hashMap2.containsKey(sysPowerTree.getPowerCtrlId())) {
                hashMap2.put(sysPowerTree.getPowerCtrlId(), sysPowerTree);
            }
        }
        Iterator it2 = mobileList2.iterator();
        while (it2.hasNext()) {
            SysPowerTree sysPowerTree2 = (SysPowerTree) it2.next();
            if (sysPowerTree2.getPowerIndex() != null && hashMap2.containsKey(sysPowerTree2.getPowerCtrlId())) {
                SysPowerTree sysPowerTree3 = (SysPowerTree) hashMap2.get(sysPowerTree2.getPowerCtrlId());
                if (!hashMap.containsKey(sysPowerTree2.getPowerIndex())) {
                    hashMap.put(sysPowerTree2.getPowerIndex(), sysPowerTree3.getPowerIndex());
                }
            }
        }
        return hashMap;
    }

    private String getInitPowerStr(Integer num) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < num.intValue(); i++) {
            stringBuffer.append('0');
        }
        return stringBuffer.toString();
    }

    private String getRolePowerStr(String str, String str2, Map<Integer, Integer> map) {
        String str3 = str;
        if (StringUtils.isNotBlank(str2)) {
            char[] charArray = str3.toCharArray();
            for (Map.Entry<Integer, Integer> entry : map.entrySet()) {
                if (str2.length() >= entry.getKey().intValue() && charArray.length >= entry.getValue().intValue() && str2.charAt(entry.getKey().intValue() - 1) == '1') {
                    charArray[entry.getValue().intValue() - 1] = '1';
                }
            }
            str3 = new String(charArray);
        }
        return str3;
    }

    private void updateRoleLimits(IDB idb, RolePowerData rolePowerData, MobileList<SysRole> mobileList) throws Exception {
        HashMap hashMap = new HashMap();
        Iterator it = rolePowerData.getSysRoles().iterator();
        while (it.hasNext()) {
            SysRole sysRole = (SysRole) it.next();
            if (!hashMap.containsKey(sysRole.getRoleId())) {
                hashMap.put(sysRole.getRoleId(), sysRole.getRoleId());
            }
        }
        HashMap hashMap2 = new HashMap();
        Iterator it2 = rolePowerData.getSysPowerTrees().iterator();
        while (it2.hasNext()) {
            SysPowerTree sysPowerTree = (SysPowerTree) it2.next();
            if (sysPowerTree.getCtrlType() != null && sysPowerTree.getCtrlType().equals(3) && !hashMap2.containsKey(sysPowerTree.getCtrlObjId())) {
                hashMap2.put(sysPowerTree.getCtrlObjId(), sysPowerTree);
            }
        }
        SysPowerRepository sysPowerRepository = (SysPowerRepository) ContextManager.find(SysPowerRepository.class);
        MobileList<SysRoleObjLimit> loadSysRoleObjLimits = sysPowerRepository.loadSysRoleObjLimits("Default", rolePowerData.getAppId());
        MobileList<SysRoleResLimit> loadSysRoleResLimits = sysPowerRepository.loadSysRoleResLimits("Default", rolePowerData.getAppId(), false);
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        ArrayList arrayList4 = new ArrayList();
        ArrayList arrayList5 = new ArrayList();
        ArrayList arrayList6 = new ArrayList();
        ArrayList arrayList7 = new ArrayList();
        ArrayList arrayList8 = new ArrayList();
        HashSet hashSet = new HashSet();
        Iterator it3 = rolePowerData.getSysRoleObjLimits().iterator();
        while (it3.hasNext()) {
            SysRoleObjLimit sysRoleObjLimit = (SysRoleObjLimit) it3.next();
            if (hashMap.containsValue(sysRoleObjLimit.getRoleId()) && hashMap2.containsKey(sysRoleObjLimit.getCtrlObjId())) {
                SysRoleObjLimit sysRoleObjLimit2 = (SysRoleObjLimit) CollectionUtil.findOne(loadSysRoleObjLimits, sysRoleObjLimit3 -> {
                    return sysRoleObjLimit3.getLimitId().equals(sysRoleObjLimit.getLimitId()) && sysRoleObjLimit3.getCtrlObjId().equals(sysRoleObjLimit.getCtrlObjId());
                });
                hashSet.add(sysRoleObjLimit.getLimitId());
                if (sysRoleObjLimit2 != null) {
                    arrayList2.add(sysRoleObjLimit);
                } else {
                    arrayList.add(sysRoleObjLimit);
                }
            }
        }
        Iterator it4 = loadSysRoleObjLimits.iterator();
        while (it4.hasNext()) {
            SysRoleObjLimit sysRoleObjLimit4 = (SysRoleObjLimit) it4.next();
            if (!hashSet.contains(sysRoleObjLimit4.getLimitId())) {
                arrayList3.add(sysRoleObjLimit4);
            }
        }
        Iterator it5 = rolePowerData.getSysRoleResLimits().iterator();
        while (it5.hasNext()) {
            SysRoleResLimit sysRoleResLimit = (SysRoleResLimit) it5.next();
            if (hashMap.containsValue(sysRoleResLimit.getRoleId())) {
                SysRoleResLimit sysRoleResLimit2 = (SysRoleResLimit) CollectionUtil.findOne(loadSysRoleResLimits, sysRoleResLimit3 -> {
                    return sysRoleResLimit3.getRoleId().equals(sysRoleResLimit.getRoleId()) && sysRoleResLimit3.getResId().equals(sysRoleResLimit.getResId()) && sysRoleResLimit3.getLimitId().equals(sysRoleResLimit.getLimitId());
                });
                if (sysRoleResLimit2 == null) {
                    sysRoleResLimit2 = (SysRoleResLimit) CollectionUtil.findOne(loadSysRoleResLimits, sysRoleResLimit4 -> {
                        return sysRoleResLimit4.getRoleId().equals(sysRoleResLimit.getRoleId()) && sysRoleResLimit4.getResId().equals(sysRoleResLimit.getResId());
                    });
                }
                if (sysRoleResLimit2 == null) {
                    arrayList5.add(sysRoleResLimit);
                } else if (sysRoleResLimit2.getLimitId().equals(sysRoleResLimit.getLimitId())) {
                    arrayList6.add(sysRoleResLimit);
                } else {
                    arrayList5.add(sysRoleResLimit);
                    arrayList7.add(sysRoleResLimit2);
                }
            }
        }
        ArrayList<SysRole> arrayList9 = new ArrayList();
        arrayList9.addAll(mobileList);
        Iterator it6 = rolePowerData.getSysRoles().iterator();
        while (it6.hasNext()) {
            SysRole sysRole2 = (SysRole) it6.next();
            if (!CollectionUtil.any(mobileList, sysRole3 -> {
                return sysRole3.getRoleId().equals(sysRole2.getRoleId());
            })) {
                arrayList9.add(sysRole2);
            }
        }
        ArrayList arrayList10 = new ArrayList();
        ArrayList arrayList11 = new ArrayList();
        arrayList10.addAll(loadSysRoleObjLimits);
        arrayList10.addAll(arrayList);
        arrayList11.addAll(loadSysRoleResLimits);
        arrayList11.addAll(arrayList5);
        for (SysRole sysRole4 : arrayList9) {
            for (SysPowerTree sysPowerTree2 : hashMap2.values()) {
                SysRoleObjLimit sysRoleObjLimit5 = (SysRoleObjLimit) CollectionUtil.findOne(arrayList10, sysRoleObjLimit6 -> {
                    return sysRoleObjLimit6.getRoleId().equals(sysRole4.getRoleId()) && sysRoleObjLimit6.getCtrlObjId().equals(sysPowerTree2.getCtrlObjId());
                });
                if (sysRoleObjLimit5 == null) {
                    arrayList.add(getDefaultRoleObjLimit(sysRole4, sysPowerTree2));
                } else {
                    SysRoleObjLimit sysRoleObjLimit7 = (SysRoleObjLimit) CollectionUtil.findOne(rolePowerData.getSysRoleObjLimits(), sysRoleObjLimit8 -> {
                        return sysRoleObjLimit8.getRoleId().equals(sysRole4.getRoleId()) && sysRoleObjLimit8.getCtrlObjId().equals(sysPowerTree2.getCtrlObjId());
                    });
                    if (hashMap.containsValue(sysRole4.getRoleId()) && sysRoleObjLimit7 == null) {
                        SysRoleObjLimit defaultRoleObjLimit = getDefaultRoleObjLimit(sysRole4, sysPowerTree2);
                        defaultRoleObjLimit.setLimitId(sysRoleObjLimit5.getLimitId());
                        arrayList2.add(defaultRoleObjLimit);
                    } else {
                        arrayList4.add(sysRoleObjLimit5);
                    }
                }
            }
        }
        Iterator it7 = loadSysRoleObjLimits.iterator();
        while (it7.hasNext()) {
            SysRoleObjLimit sysRoleObjLimit9 = (SysRoleObjLimit) it7.next();
            if (hashMap.containsKey(sysRoleObjLimit9.getRoleId()) && CollectionUtil.findOne(arrayList, sysRoleObjLimit10 -> {
                return sysRoleObjLimit10.getLimitId().equals(sysRoleObjLimit9.getLimitId());
            }) == null && CollectionUtil.findOne(arrayList2, sysRoleObjLimit11 -> {
                return sysRoleObjLimit11.getLimitId().equals(sysRoleObjLimit9.getLimitId());
            }) == null && CollectionUtil.findOne(arrayList4, sysRoleObjLimit12 -> {
                return sysRoleObjLimit12.getLimitId().equals(sysRoleObjLimit9.getLimitId());
            }) == null) {
                arrayList3.add(sysRoleObjLimit9);
            }
        }
        Iterator it8 = loadSysRoleResLimits.iterator();
        while (it8.hasNext()) {
            SysRoleResLimit sysRoleResLimit5 = (SysRoleResLimit) it8.next();
            if (hashMap.containsKey(sysRoleResLimit5.getRoleId()) && CollectionUtil.findOne(arrayList5, sysRoleResLimit6 -> {
                return sysRoleResLimit6.getLimitId().equals(sysRoleResLimit5.getLimitId());
            }) == null && CollectionUtil.findOne(arrayList6, sysRoleResLimit7 -> {
                return sysRoleResLimit7.getLimitId().equals(sysRoleResLimit5.getLimitId());
            }) == null && CollectionUtil.findOne(arrayList8, sysRoleResLimit8 -> {
                return sysRoleResLimit8.getLimitId().equals(sysRoleResLimit5.getLimitId());
            }) == null) {
                arrayList7.add(sysRoleResLimit5);
            }
        }
        if (!arrayList3.isEmpty()) {
            Iterator it9 = arrayList3.iterator();
            while (it9.hasNext()) {
                tryDelete(idb, (SysRoleObjLimit) it9.next(), "SYS_ROLEOBJLIMIT");
            }
        }
        if (!arrayList7.isEmpty()) {
            Iterator it10 = arrayList7.iterator();
            while (it10.hasNext()) {
                tryDelete(idb, (SysRoleResLimit) it10.next(), "SYS_ROLERESLIMIT");
            }
        }
        if (!arrayList.isEmpty()) {
            Iterator it11 = arrayList.iterator();
            while (it11.hasNext()) {
                tryInsert(idb, (SysRoleObjLimit) it11.next(), "SYS_ROLEOBJLIMIT");
            }
        }
        if (!arrayList2.isEmpty()) {
            Iterator it12 = arrayList2.iterator();
            while (it12.hasNext()) {
                tryUpdate(idb, (SysRoleObjLimit) it12.next(), "SYS_ROLEOBJLIMIT");
            }
        }
        if (!arrayList5.isEmpty()) {
            Iterator it13 = arrayList5.iterator();
            while (it13.hasNext()) {
                tryInsert(idb, (SysRoleResLimit) it13.next(), "SYS_ROLERESLIMIT");
            }
        }
        if (arrayList6.isEmpty()) {
            return;
        }
        Iterator it14 = arrayList6.iterator();
        while (it14.hasNext()) {
            tryUpdate(idb, (SysRoleResLimit) it14.next(), "SYS_ROLERESLIMIT");
        }
    }

    private SysRoleObjLimit getDefaultRoleObjLimit(SysRole sysRole, SysPowerTree sysPowerTree) {
        SysRoleObjLimit sysRoleObjLimit = new SysRoleObjLimit();
        sysRoleObjLimit.setLimitId(UUID.randomUUID().toString().replace("-", "").toLowerCase());
        sysRoleObjLimit.setRoleId(sysRole.getRoleId());
        sysRoleObjLimit.setCtrlObjId(sysPowerTree.getCtrlObjId());
        sysRoleObjLimit.setAppId(sysRole.getAppId());
        sysRoleObjLimit.setCtrlFilter("");
        return sysRoleObjLimit;
    }

    private SysRoleResLimit getDefaultRoleResLimit(SysRole sysRole) {
        SysRoleResLimit sysRoleResLimit = new SysRoleResLimit();
        sysRoleResLimit.setLimitId(UUID.randomUUID().toString().replace("-", "").toLowerCase());
        sysRoleResLimit.setRoleId(sysRole.getRoleId());
        sysRoleResLimit.setAppId(sysRole.getAppId());
        sysRoleResLimit.setPermitAdd("0");
        sysRoleResLimit.setPermitLook("0");
        sysRoleResLimit.setPermitUpd("0");
        sysRoleResLimit.setPermitDel("0");
        return sysRoleResLimit;
    }

    private void clearLimits(IDB idb, RolePowerData rolePowerData) throws Exception {
        MobileList<SysRole> loadSysRoles = ((SysPowerRepository) ContextManager.find(SysPowerRepository.class)).loadSysRoles("Default", rolePowerData.getAppId());
        HashMap hashMap = new HashMap();
        Iterator it = loadSysRoles.iterator();
        while (it.hasNext()) {
            SysRole sysRole = (SysRole) it.next();
            if (!hashMap.containsKey(sysRole.getRoleId())) {
                hashMap.put(sysRole.getRoleId(), sysRole.getRoleId());
            }
        }
        List<String> distinctFieldValueList = getDistinctFieldValueList(idb, "SYS_ROLERESLIMIT", "ROLEID", rolePowerData.getAppId(), SysRoleResLimit.class, sysRoleResLimit -> {
            return sysRoleResLimit.getRoleId();
        });
        List<String> arrayList = new ArrayList<>();
        for (String str : distinctFieldValueList) {
            if (!hashMap.containsKey(str)) {
                arrayList.add(str);
            }
        }
        if (!arrayList.isEmpty()) {
            deleteRecordsByFieldInList(idb, "SYS_ROLERESLIMIT", "ROLEID", arrayList);
        }
        List<String> distinctFieldValueList2 = getDistinctFieldValueList(idb, "SYS_ROLEOBJLIMIT", "ROLEID", rolePowerData.getAppId(), SysRoleObjLimit.class, sysRoleObjLimit -> {
            return sysRoleObjLimit.getRoleId();
        });
        List<String> arrayList2 = new ArrayList<>();
        for (String str2 : distinctFieldValueList2) {
            if (!hashMap.containsKey(str2)) {
                arrayList2.add(str2);
            }
        }
        if (!arrayList2.isEmpty()) {
            deleteRecordsByFieldInList(idb, "SYS_ROLEOBJLIMIT", "ROLEID", arrayList2);
        }
        getDistinctFieldValueList(idb, "SYS_ROLERESLIMIT", "RESID", rolePowerData.getAppId(), SysRoleResLimit.class, sysRoleResLimit2 -> {
            return sysRoleResLimit2.getResId();
        });
        List<String> arrayList3 = new ArrayList<>();
        if (!arrayList3.isEmpty()) {
            deleteRecordsByFieldInList(idb, "SYS_ROLERESLIMIT", "RESID", arrayList3);
        }
        List<String> distinctFieldValueList3 = getDistinctFieldValueList(idb, "SYS_ROLEOBJLIMIT", "CTRLOBJID", rolePowerData.getAppId(), SysRoleObjLimit.class, sysRoleObjLimit2 -> {
            return sysRoleObjLimit2.getCtrlObjId();
        });
        HashMap hashMap2 = new HashMap();
        Iterator it2 = rolePowerData.getSysPowerTrees().iterator();
        while (it2.hasNext()) {
            SysPowerTree sysPowerTree = (SysPowerTree) it2.next();
            if (sysPowerTree.getCtrlType() != null && sysPowerTree.getCtrlType().equals(3) && !hashMap2.containsKey(sysPowerTree.getCtrlObjId())) {
                hashMap2.put(sysPowerTree.getCtrlObjId(), sysPowerTree);
            }
        }
        HashMap hashMap3 = new HashMap();
        for (String str3 : distinctFieldValueList3) {
            if (!hashMap2.containsKey(str3) && !hashMap3.containsKey(str3)) {
                hashMap3.put(str3, str3);
            }
        }
        if (hashMap3.isEmpty()) {
            return;
        }
        ArrayList arrayList4 = new ArrayList();
        Iterator it3 = hashMap3.keySet().iterator();
        while (it3.hasNext()) {
            arrayList4.add(it3.next());
        }
        deleteRecordsByFieldInList(idb, "SYS_ROLEOBJLIMIT", "CTRLOBJID", arrayList4);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <T> List<String> getDistinctFieldValueList(IDB idb, String str, String str2, String str3, Class<T> cls, Function<T, String> function) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(idb.buildParameterName("appId"), str3);
        List select = idb.select(String.format("select distinct %2$s from %1$s where appId = %3$s", str, str2, idb.buildParamHolder("appId")), hashMap, cls);
        ArrayList arrayList = new ArrayList();
        Iterator it = select.iterator();
        while (it.hasNext()) {
            arrayList.add(function.apply(it.next()));
        }
        return arrayList;
    }

    private void deleteRecordsByFieldInList(IDB idb, String str, String str2, List<String> list) throws Exception {
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        Integer num = 0;
        for (String str3 : list) {
            num = Integer.valueOf(num.intValue() + 1);
            hashMap.put(idb.buildParameterName("p" + num), str3);
            arrayList.add(idb.buildParamHolder("p" + num));
        }
        tryExecuteNonQuery(idb, String.format("delete from %1$s where %2$s in (%3$s)", str, str2, String.join(",", arrayList)), hashMap);
    }

    public boolean unlockUserAccount(SysUserAuthenArgument sysUserAuthenArgument) {
        IUserRepository iUserRepository;
        if (!StringUtils.isNotBlank(sysUserAuthenArgument.getUserName()) || (iUserRepository = (IUserRepository) ContextManager.findService(IUserRepository.class)) == null) {
            return false;
        }
        String authAppId = sysUserAuthenArgument.getAuthAppId();
        if (StringUtils.isBlank(authAppId)) {
            authAppId = AppContext.getCurrentAppId();
        }
        iUserRepository.unlockUserAccount(authAppId, sysUserAuthenArgument.getUserName());
        return true;
    }

    public <T> void tryInsert(IDB idb, T t, String str) {
        try {
            idb.insert(t, str);
        } catch (AppException e) {
            throw new AppException(String.format("表 %s 新增记录出错: %s", str, getSqlException(e).getMessage()));
        }
    }

    public <T> void tryUpdate(IDB idb, T t, String str) {
        try {
            idb.update(t, str);
        } catch (AppException e) {
            throw new AppException(String.format("表 %s 更新记录出错: %s", str, getSqlException(e).getMessage()));
        }
    }

    public <T> void tryDelete(IDB idb, T t, String str) {
        try {
            idb.delete(t, str);
        } catch (AppException e) {
            throw new AppException(String.format("表 %s 删除记录出错: %s", str, getSqlException(e).getMessage()));
        }
    }

    public void tryExecuteNonQuery(IDB idb, String str, Map<String, Object> map) {
        try {
            idb.executeNonQuery(str, map);
        } catch (AppException e) {
            throw new AppException(String.format("执行 %s 出错: %s", str, getSqlException(e).getMessage()));
        }
    }

    private Throwable getSqlException(Throwable th) {
        return getSqlException(th, 0);
    }

    private Throwable getSqlException(Throwable th, int i) {
        if (i > 20 || (th instanceof SQLException)) {
            return th;
        }
        Throwable cause = th.getCause();
        return cause == null ? th : getSqlException(cause, i + 1);
    }
}
