<?php

namespace app\admin\controller;
/**
 * @title        : 后台管理模块基础继承控制器
 * @desc         :
 * @Author       : Rock
 * @Date         : 2023-03-14 19:09:30
 */

use app\BaseController;
use app\common\model\base\menu\Menurequest;
use app\common\model\base\user\Token;
use app\common\model\base\org\Org;
use app\common\model\base\org\OrgRole;
use app\common\model\base\user\User;
use app\common\model\base\user\UserRole;
use app\common\model\base\user\Wxauth;
use think\facade\Cache;

class Base extends BaseController
{
    /** 用户信息 */
    protected $userinfo;
    protected $org;
    /** 无需登录的方法 */
    protected $noNeedLogin = [];
    /** 无需权限的方法 */
    protected $noNeedAuth = [];
    /** 不使用全局验证的方法 */
    protected $noNeedValidate = [];
    protected $debug = false;

    public function initialize()
    {
        parent::initialize();
        $this->token       = $_SERVER["HTTP_AUTHORIZATION"] ?? $_SERVER['HTTP_TOKEN'] ?? $this->request->param('token');
        $this->controller  = $this->app->request->controller(true);
        $this->action      = strtoupper($this->app->request->action(true));
        $this->noNeedLogin = array_map('strtoupper', $this->noNeedLogin);
        //无需登录的请求当然也不需要权限,所以无需权限的与无需登录合并
        $this->noNeedAuth = array_map('strtoupper', array_merge($this->noNeedAuth, $this->noNeedLogin));
        $this->checkLogin();
        //是否开启后台验证新增/编辑
        $sysValidate = cache('develop_validate');
        if (empty($sysValidate)) {
            $sysValidate = sysconfig('develop.validate');
            cache('develop_validate', $sysValidate, 86400);
        }
        $this->noNeedValidate = array_map('strtoupper', $this->noNeedValidate);
        if ($sysValidate == 1 && !in_array(strtoupper($this->action), $this->noNeedValidate)) {
            $this->checkValidate();
        }
    }

    /**
     * @title: 验证登录
     * @desc: 描述
     * @return {*}
     * @author: Rock
     * @method: POST
     * @Date: 2022-06-24 16:23:10
     */
    private function checkLogin()
    {
        //无需登录--需登录或者需要权限的请求都要验证登录
        if (!in_array($this->action, $this->noNeedLogin)) {
            $checkTokenRes = $this->checkToken($this->token);
            if ($checkTokenRes['code'] != 1) {
                throw new \Exception($checkTokenRes['msg'], 2);
            } else {
                $this->userinfo = $checkTokenRes['data'];
                $this->org      = null;
            }
            // 如果要验证权限，必须先验证登录
            if (!$this->debug) {
                $this->checkAuth();
            }
        }
    }

    /**
     * @title: 验证权限
     * @desc: 添加权限缓存
     * @return {*}
     * @author: Rock
     * @method: POST
     * @Date: 2022-06-24 16:23:28
     */
    protected function checkAuth()
    {
        if (empty($this->userinfo)) {
            throw new \Exception("请先登录", 2);
        }
        if (!IsWxApplet() && !in_array($this->action, $this->noNeedAuth)) {
            $action       = strtolower("/" . $this->controller . "/" . $this->action);
            $menu_request = Menurequest::where('path', $action)->find();

            if($menu_request){
                if (empty($list)) {
                    $userid = $this->userinfo['user_id'] ?? 0;
                    $list   = User::getUserRole($userid,"base",$this->token);
                    if (!isset($list[$action])) {
                        throw new \Exception("没有权限", 2);
                    }

//                $userRoleids = UserRole::where('user_id', $userid)->column('role_id');
//                if (!in_array(1, $userRoleids)) {
//                    $arr          = OrgRole::where('role_id', 'IN', $userRoleids)->column('request_ids');
//                    $request_list = [];
//                    foreach ($arr as $request_id) {
//                        $one_data     = explode(',', $request_id);
//                        $mergedArray  = array_merge($request_list, $one_data);
//                        $request_list = array_unique($mergedArray);
//                    }
//                    $request_ids = is_array($request_list) ? $request_list : explode(',', $request_list);
//                    $requestlist = Menurequest::where('menu_request_id', 'IN', $request_ids)->column('path', 'menu_request_id');
//                    foreach ($requestlist as $req_id => $path) {
//                        $list[strtolower($path)] = $req_id;
//                    }
//                    if (!isset($list[$action])) {
//                        throw new \Exception("没有权限", 2);
//                    }
//                }
                }
            }

        }
    }

    /** 通用验证TOKEN是否有效 */
    protected function checkToken($token = "")
    {
        $tokenModel = new Token;
        //检查token是否有效
        if (!$tokenModel->checktoken($token)) {
            return Result(-1, "登录失效,请重新登录");
        }
        $user = $tokenModel->tokenUser($token);
//        if (!$user) {
//            return Result(0, "未找到用户");
//        } elseif ($user['status'] == 2) {
//            return Result(0, "您的帐号已被禁用,请联系管理员");
//        } elseif ($user['role_code'] != 'SUPERADMIN' && empty($user['role'])) {
//            return Result(0, "用户角色未找到或被禁用");
//        } elseif ($user['role_code'] != 'SUPERADMIN' && empty($user['role']['org'])) {
//            return Result(0, "用户所在组织未找到");
//        } elseif ($user['role_code'] != 'SUPERADMIN' && $user['role']['org']['status'] == 2) {
//            return Result(0, "您所在的组织已被禁用,请联系管理员");
//        } else {
//            return Result(1, "验证成功", $user);
//        }
        if (!$user) {
            return Result(0, "未找到用户");
        } elseif ($user['status'] == 2) {
            return Result(0, "您的帐号已被禁用,请联系管理员");
        } else {
            return Result(1, "验证成功", $user);
        }
    }

    /**通用验证编辑数据 */
    protected function checkValidate()
    {
        $data         = $this->request->param();
        $controller   = $this->app->request->controller();
        $action       = $this->app->request->action();
        $validatePath = "app\\admin\\validate\\";
        if (strtolower($action) == 'doedit') {
            $controllerStr = implode('\\', explode('.', $controller));
            $validatePath  .= $controllerStr;
            if (class_exists($validatePath)) {
                $check = $this->validate($data, $validatePath);
                //验证字段
                if (true !== $check) {
                    throw new \Exception($check, 2);
                }
            } else {
                throw new \Exception("验证器" . $controller . "不存在", 2);
            }
        }
    }

    /**
     * @title: 获取每个客户端的标识,用于存储不用客户端的缓存
     * @desc: 描述
     * @return {*}
     * @author: Rock
     * @method: POST
     * @Date: 2023-05-23 15:35:46
     */
    protected function getClientID()
    {
        return md5($_SERVER['HTTP_USER_AGENT'] . GetIP());
    }

    /**
     * @title: PHP输出验证码
     * @desc:
     * @param {}
     * @return {stream} {} {} {验证码数据}
     * @Author: Rock
     * @Date: 2021-12-03 10:23:30
     * @LastEditTime: Do not edit
     */
    protected function captcha()
    {
        $img  = new \image\Image;
        $code = substr(str_shuffle('ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz123456789'), mt_rand(1, 50), 4);
        cache('captcha_code' . $this->getClientID(), $code, 300);
        return $img::getAuthImage2($code);
    }

    /**
     * @title: 检查验证码是否正确
     * @desc:
     * @param {string} {code} {} {验证码}
     * @return {*}
     * @Author: Rock
     * @Date: 2021-12-03 10:24:03
     * @LastEditTime: Do not edit
     */
    protected function captcha_check($code): bool
    {
        $cCode = cache('captcha_code' . $this->getClientID());
        return strtolower(trim($code)) == strtolower($cCode);
    }
}