package com.vci.server.framework.delegate;

import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;

import org.hibernate.SQLQuery;
import org.hibernate.Session;

import com.vci.common.exception.VciExceptionTool;
import com.vci.common.utility.ObjectUtility;
import com.vci.corba.common.VCIError;
import com.vci.corba.framework.data.CheckValue;
import com.vci.corba.framework.data.GrandValue;
import com.vci.server.base.delegate.BaseDelegate;
import com.vci.server.base.exception.ExceptionLocalHandler;
import com.vci.server.base.persistence.dao.HibernateSessionFactory;
import com.vci.server.cache.ConfigCacheProvider;
import com.zeroc.Ice.Current;

public class DataTypeRightDelegate extends BaseDelegate {
	
	public DataTypeRightDelegate() {
		
	}
	
	public boolean saveGrand(GrandValue[] values) throws VCIError {
		Session session = HibernateSessionFactory.getSession();
		checkValidation(session, "pl_typeright", "rulename", values[0]);
		for (GrandValue o : values) {
			StringBuffer sql = new StringBuffer();
			sql.append("insert into PL_TYPERIGHT(ID,USERS,USERGROUPS,USERROLES,IDENTIFIER,EXPRESSIONTOSQL,ISGRANT,RULETEXT,SENIORRULETEXT,RULENAME,RULETYPE,LEXPRESSIONTOSQL,LRULETEXT,LSENIORRULETEXT) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
			SQLQuery query = session.createSQLQuery(sql.toString());
			query.setString(0, ObjectUtility.getNewObjectID36());
			query.setString(1, o.users);
			query.setString(2, o.userGroups);
			query.setString(3, o.roles);
			query.setString(4, o.identifier);
			query.setString(5, o.expToSQL);
			query.setCharacter(6, (char)o.isGrand);
			query.setString(7, o.ruleText);
			query.setString(8, o.seniorRuleText);
			query.setString(9, o.ruleName);
			query.setString(10, o.ruleType);
			query.setString(11, o.lexpToSQL);
			query.setString(12, o.lruleText);
			query.setString(13, o.lseniorRuleText);
			query.executeUpdate();
		}
		return true;
	}


	@SuppressWarnings("unchecked")
	public GrandValue[] queryGrand(String identifier) throws VCIError {
		try {
			Session session = HibernateSessionFactory.getSession();
			StringBuffer sql = new StringBuffer();
			sql.append("select ID,USERS,USERGROUPS,USERROLES,IDENTIFIER,EXPRESSIONTOSQL,ISGRANT,RULETEXT,SENIORRULETEXT,RULENAME,RULETYPE ,LEXPRESSIONTOSQL,LRULETEXT,LSENIORRULETEXT from PL_TYPERIGHT where IDENTIFIER like '"
					+ identifier + "$_%' escape '$'");
			SQLQuery query = session.createSQLQuery(sql.toString());
			// query.setString(0, identifier );
			List<GrandValue> dataSets = new ArrayList<GrandValue>();
			List<Object[]> rs = query.list();
			for (Object[] o : rs) {
				GrandValue value = new GrandValue();
				value.ID = (String) o[0] == null ? "" : (String) o[0];
				value.identifier = (String) o[4] == null ? "" : (String) o[4];
				value.isGrand = (byte)((Character) o[6] == null ? '0' : (Character) o[6]);
				value.roles = (String) o[3] == null ? "" : (String) o[3];
				value.users = (String) o[1] == null ? "" : (String) o[1];
				value.userGroups = (String) o[2] == null ? "" : (String) o[2];
				value.ruleText = (String) o[7] == null ? "" : (String) o[7];
				value.seniorRuleText = (String) o[8] == null ? ""
						: (String) o[8];
				// }
				value.expToSQL = (String) o[5] == null ? "" : (String) o[5];
				value.ruleName = (String) o[9] == null ? "" : (String) o[9];
				value.ruleType = (String) o[10] == null ? "" : (String) o[10];
				value.lexpToSQL = (String) o[11] == null ? "" : (String) o[11];
				value.lruleText = (String) o[12] == null ? "" : (String) o[12];
				value.lseniorRuleText = (String) o[13] == null ? ""
						: (String) o[13];
				dataSets.add(value);
			}

			return dataSets.toArray(new GrandValue[dataSets.size()]);
		} catch (Throwable e) {
			throw getLocalVciError("grandPermission0001", e);
		}
	}

	public boolean deleteGrand(String ruleName) throws VCIError {
		Session session = HibernateSessionFactory.getSession();
		StringBuffer sql = new StringBuffer();
		sql.append("Delete from PL_TYPERIGHT where RULENAME=?");
		SQLQuery query = session.createSQLQuery(sql.toString());
		query.setString(0, ruleName);
		query.executeUpdate();
		return true;
	}

	public boolean deleteTypeRuleGrand(String identifier, String ruleName)
			throws VCIError {
		Session session = HibernateSessionFactory.getSession();
		StringBuffer sql = new StringBuffer();
		sql.append("Delete from PL_TYPERIGHT where RULENAME=? and IDENTIFIER like '"
				+ identifier + "$_%' escape '$'");
		SQLQuery query = session.createSQLQuery(sql.toString());
		query.setString(0, ruleName);
		query.executeUpdate();
		return true;
	}
	
	// 鉴权
	public String checkRight(CheckValue params) throws VCIError {
		// TODO on = ... 是否是三元角色，是的话不检查权限
		if (isAdmin(params))
			return "";
		String where = getCheckSqlRes(params);
		if (where.replace(" ", "").contains("1=0")) {
			return where;
		}
		return where;
	}
	
	private void checkValidation(Session session, String Table,
			String TableCounmn, GrandValue Value) throws VCIError {
		StringBuffer sql = new StringBuffer();
		sql.append("select count(*) from ")
				.append(Table)
				.append(" Where ")
				.append(TableCounmn)
				.append("='")
				.append(Value.ruleName)
				.append("'")
				.append(" and IDENTIFIER like '" + getType(Value.identifier)
						+ "$_%' escape '$'");
		SQLQuery query = session.createSQLQuery(sql.toString());
		List<?> objects = query.list();
		Object count = objects.get(0);
		if (Integer.valueOf(count.toString()) != 0) {
			throw new VCIError("grandRight_0001", "规则名称重复，请重新填写！".split(","));
		}

	}

	private String getType(String identifier) {
		if (identifier != null && !identifier.equals("")) {
			return identifier.substring(0, identifier.indexOf("_"));
		}
		return "";
	}
	
	private boolean isAdmin(CheckValue params) throws VCIError {
		if (params.users == null || "".equals(params.users.trim())) {
			return false;
		}
		String userName = params.users.split(",")[0];
		try {
			String userType = getUserTypeByUserName(userName);
			if (userType != null && userType.matches("\\d")) {
				return Integer.parseInt(userType) <= 1;
			}
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return false;
	}
	

	private String getUserTypeByUserName(String userName) throws VCIError, SQLException {
		String sql = "select plusertype from pluser t where t.plusername=?";
		Connection connection = HibernateSessionFactory.getSessionConnection();
		PreparedStatement pst = connection.prepareStatement(sql);
		pst.setString(1, userName);
		ResultSet rs = pst.executeQuery();
		String userType = "";
		while (rs.next()) {
			userType = rs.getString("plusertype");
		}
		rs.close();
		pst.close();
		return userType;
	}


	private String getCheckSqlRes(CheckValue params) throws VCIError {
		Session session = HibernateSessionFactory.getSession();
		// procedure
		Connection conn = session.connection();
		String where = "";
		try {
			//String defaultHasRight = getDefaultRightConf(current);
			String defaultHasRight = ConfigCacheProvider.defaultHasRight() ? "1" : "0";

			CallableStatement cs = null;
			if (params.objectoid != null && params.objectoid.split(",").length == 1
					&& params.opname.split(",").length == 1 && params.opname.equals("query")) {
				cs = conn.prepareCall("{call CheckQueryRight(?,?,?,?,?,?,?,?,?,?)}");
			} else if (params.objectoid != null && params.objectoid.split(",").length == 1) {
				cs = conn.prepareCall("{call CheckOrdinaryRight(?,?,?,?,?,?,?,?,?,?)}");
			} else {
				cs = conn.prepareCall("{call CheckObjectsRight(?,?,?,?,?,?,?,?,?,?)}");
			}
			cs.setString(1, params.users);
			cs.setString(2, params.roles);
			cs.setString(3, params.userGroups);
			cs.setString(4, params.paramValues);
			cs.setString(5, params.businesstype);
			cs.setString(6, params.opname);
			cs.setString(7, params.objectoid);
			cs.setString(8, params.objectroid);
			cs.setString(9, params.objectmoid);
			cs.setString(10, defaultHasRight);
			cs.registerOutParameter(10, java.sql.Types.VARCHAR);
			cs.execute();
			where = cs.getString(10);
			if (conn != null) {
				conn.close();
			}
			// System.out.println("=====================RightValue=======================");
			// System.out.println(" " + defaultHasRight + " : " + where);
			// System.out.println("=====================RightValue=======================");
		} catch (SQLException e) {
			throw getLocalVciError("checkRight_0001", e);
		}
		return where;
	}
	

	private VCIError getLocalVciError(String key, Throwable e) {
		VCIError error = null;
		if (e == null) {
			error = new VCIError(key, new String[0]);
		} else {
			error = new VCIError(key,
					new String[] { VciExceptionTool.getExceptionStr(e), VciExceptionTool.getExceptionDetail(e) });
		}
		VCIError rsError = ExceptionLocalHandler.getInstance().getLocalString(error, "Cache");
		return rsError;
	}
}