package com.nanometer.smartlab.realm;

import com.nanometer.smartlab.entity.BaseRole;
import com.nanometer.smartlab.entity.BaseRolePage;
import com.nanometer.smartlab.entity.SysUser;
import com.nanometer.smartlab.service.BaseRolePageService;
import com.nanometer.smartlab.service.BaseRoleService;
import com.nanometer.smartlab.service.SysUserService;
import com.nanometer.smartlab.util.Constants;
import org.apache.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

/**
 * Created by Caspar on 2014/9/15.
 */
public class AuthorizationRealm extends AuthorizingRealm {

    private static Logger logger = Logger.getLogger(AuthorizationRealm.class);

    @Resource
    private SysUserService sysUserService;
    @Resource
    private BaseRolePageService baseRolePageService;

    //授权方法
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

        String account = (String) super.getAvailablePrincipal(principals);
        List<String> roles = new ArrayList<String>();
        List<String> permissions = new ArrayList<String>();

        SysUser user = this.sysUserService.getSysUserByAccount(account);
        if(user != null && user.getRoleId() != null) {
            roles.add(user.getRoleName());

            List<BaseRolePage> baseRolePageList = baseRolePageService.getBaseRolePageList(user.getRoleId(), null);
            if (baseRolePageList != null && baseRolePageList.size() > 0) {
                for (BaseRolePage baseRolePage : baseRolePageList) {
                    permissions.add(baseRolePage.getPageCode());
                }
            }
        }

        info.addRoles(roles);
        info.addStringPermissions(permissions);
        return info;
    }

    //登录认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
        final String account = String.valueOf(usernamePasswordToken.getUsername());
        SysUser user = this.sysUserService.getSysUserByAccount(account);

        if (user == null) {
            throw new UnknownAccountException();
        }

        AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(user.getAccount(), user.getPassword(), getName());

        return authenticationInfo;
    }

    @Override
    public void onLogout(PrincipalCollection principals) {
        Subject currentUser = SecurityUtils.getSubject();
        currentUser.getSession(true).removeAttribute(Constants.SESSION_USER);
        super.onLogout(principals);
    }
}