package net.sysmain.common.auth;

import java.sql.Date;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.Calendar;
import net.risesoft.util.EformSysVariables;
import net.sysmain.common.A_DbManager;
import net.sysmain.common.A_Role;
import net.sysmain.common.ConnectionManager;
import net.sysmain.common.I_DbConstant;
import net.sysmain.common.Operator;
import net.sysmain.common.Role;
import net.sysmain.common.SystemItem;
import net.sysmain.util.Configuration;
import net.sysmain.util.StringTools;

/* loaded from: input_file:net/sysmain/common/auth/Authentication.class */
public class Authentication extends A_DbManager {
    private static Configuration conf = Configuration.getInstance();

    public Operator login(String str, String str2) {
        return login(str, str2, null);
    }

    public Operator login(String str, String str2, String str3) {
        Date date;
        Operator operator = new Operator();
        boolean z = true;
        try {
            try {
                String str4 = "select * from systemuser where LoginId='" + str + EformSysVariables.SINGLE_QUOTE_MARK;
                Statement createStatement = this.conn.createStatement();
                ResultSet executeQuery = createStatement.executeQuery(str4);
                if (!executeQuery.next()) {
                    operator.setMessage("该用户不存在");
                } else if (executeQuery.getString("Password").equals(StringTools.encoder(str2, str))) {
                    if (executeQuery.getInt("state") == 0) {
                        z = false;
                        operator.setMessage("该帐号已经禁用");
                    }
                    if (z && (date = executeQuery.getDate("ExpireDate")) != null && Calendar.getInstance().getTime().after(date)) {
                        z = false;
                        operator.setMessage("该帐号已经过期");
                    }
                    if (z) {
                        operator.setLoginTime(System.currentTimeMillis());
                        operator.setIsCheck(true);
                        operator.setUserId(executeQuery.getString("LoginId"));
                        operator.setAttribute("currentuser", operator.getUserId());
                        operator.setUserName(executeQuery.getString("Name"));
                        operator.setAttribute("username", operator.getUserName());
                        operator.setSex(executeQuery.getInt("sex"));
                        operator.setUserOrgId(executeQuery.getString("Organizeid"));
                        operator.setUserType(executeQuery.getInt("UserType"));
                        operator.setAdminRightBit(executeQuery.getInt("AdminRightbit"));
                        operator.setAdminRange(StringTools.ifNull(executeQuery.getString("AdminRange")));
                        operator.setAttribute(Operator.ATTRIBUTE_EMAIL, StringTools.ifNull(executeQuery.getString(Operator.ATTRIBUTE_EMAIL)));
                        operator.setAttribute("OfficePhone", StringTools.ifNull(executeQuery.getString("OfficePhone")));
                        operator.setAttribute("Mobile", StringTools.ifNull(executeQuery.getString("Mobile")));
                        ConnectionManager.close(executeQuery);
                        executeQuery = createStatement.executeQuery("select a.* from roleDefine a,userRoleDefine b where a.RoleId=b.RoleID and b.LoginId='" + operator.getUserId() + EformSysVariables.SINGLE_QUOTE_MARK);
                        ArrayList arrayList = new ArrayList();
                        while (executeQuery.next()) {
                            arrayList.add(new Role(new StringBuilder(String.valueOf(executeQuery.getInt("RoleId"))).toString(), StringTools.ifNull(executeQuery.getString("RoleName")), StringTools.ifNull(executeQuery.getString("SystemMark"))));
                        }
                        if (arrayList.size() > 0) {
                            operator.setRole((A_Role[]) arrayList.toArray(new A_Role[arrayList.size()]));
                        }
                        createStatement.execute("update systemuser set lastlogintime=" + toDate() + " where LoginId='" + str + EformSysVariables.SINGLE_QUOTE_MARK);
                        operator.setMessage("成功登录");
                    }
                } else {
                    operator.setMessage("密码错误");
                }
                ConnectionManager.close(executeQuery);
                ConnectionManager.close(createStatement);
            } catch (Exception e) {
                e.printStackTrace();
                operator.setMessage("登录认证时，数据库访问失败");
                ConnectionManager.close((ResultSet) null);
                ConnectionManager.close((Statement) null);
            }
            return operator;
        } catch (Throwable th) {
            ConnectionManager.close((ResultSet) null);
            ConnectionManager.close((Statement) null);
            throw th;
        }
    }

    private String toDate() {
        String str = null;
        if (conf.getDb_Type().equals(I_DbConstant.DB_TYPE_MYSQL)) {
            str = "NOW()";
        } else if (conf.getDb_Type().equals(I_DbConstant.DB_TYPE_ORACLE)) {
            str = "SysDate";
        } else if (conf.getDb_Type().equals(I_DbConstant.DB_TYPE_SQLSERVER)) {
            str = "getDate()";
        }
        return str;
    }

    public int modifyPassWord(String str, String str2, String str3) {
        int i = 0;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = this.conn.prepareStatement("select password from systemuser where loginId='" + str + EformSysVariables.SINGLE_QUOTE_MARK);
                resultSet = preparedStatement.executeQuery();
                if (!resultSet.next()) {
                    i = 2;
                } else if (resultSet.getString(1).equals(StringTools.encoder(str2, str))) {
                    PreparedStatement prepareStatement = this.conn.prepareStatement("update systemuser set password=? where loginId='" + str + EformSysVariables.SINGLE_QUOTE_MARK);
                    prepareStatement.setString(1, StringTools.encoder(str3, str));
                    prepareStatement.execute();
                    ConnectionManager.close(prepareStatement);
                } else {
                    i = 1;
                }
                ConnectionManager.close(resultSet);
                ConnectionManager.close(preparedStatement);
            } catch (Exception e) {
                e.printStackTrace();
                i = 3;
                ConnectionManager.close(resultSet);
                ConnectionManager.close(preparedStatement);
            }
            return i;
        } catch (Throwable th) {
            ConnectionManager.close(resultSet);
            ConnectionManager.close(preparedStatement);
            throw th;
        }
    }

    public SystemItem[] getSystemOperation() {
        ArrayList arrayList = new ArrayList();
        SystemItem[] systemItemArr = null;
        Statement statement = null;
        ResultSet resultSet = null;
        try {
            try {
                statement = this.conn.createStatement();
                resultSet = statement.executeQuery("select * from SysItemDefine order by Id");
                while (resultSet.next()) {
                    arrayList.add(new SystemItem(resultSet.getInt("Id"), StringTools.ifNull(resultSet.getString("name")), resultSet.getInt("bitValue"), StringTools.ifNull(resultSet.getString("Icon1")), StringTools.ifNull(resultSet.getString("Icon2")), StringTools.ifNull(resultSet.getString("Description"))));
                }
                ConnectionManager.close(resultSet);
                ConnectionManager.close(statement);
            } catch (Exception e) {
                e.printStackTrace();
                ConnectionManager.close(resultSet);
                ConnectionManager.close(statement);
            }
            if (arrayList.size() > 0) {
                systemItemArr = (SystemItem[]) arrayList.toArray(new SystemItem[arrayList.size()]);
            }
            return systemItemArr;
        } catch (Throwable th) {
            ConnectionManager.close(resultSet);
            ConnectionManager.close(statement);
            throw th;
        }
    }
}
