import ldap from 'ldapjs';
import ssha from 'ssha';
import config from '../../../config/config';
import { User, LdapUser } from '../../models/admin/User';
import { combPer, combRole } from '../../utils/comb-permissions';
import { Router } from 'express';
import logger from '../../utils/logger';
const router = new Router();

router.get('/list', async function userListCtrl(req, res, next) {
  // logger.db(req, '系统管理', '用户列表', '获取所有用户信息');
  // 权限判断
  const hasPerm =
    req.user.permissions.includes(`users-readable`) ||
    req.user.permissions.includes(`users-writeable`);
  if (!hasPerm) {
    res.status(403).send({
      errcode: 1,
      errmsg: '用户无用户列表查看权限！'
    });
    return;
  }
  const client = ldap.createClient({
    url: config.ldap.url
  });
  const opts = {
    filter: '(&(objectClass=posixAccount)(o=gmplatform))',
    scope: 'sub',
    timeLimit: 500
  };
  const data = [];

  client.bind(config.ldap.user, config.ldap.password, function(err, bindRes) {
    if (err) next(err);
    client.search('ou=people,dc=kingsome,dc=cn', opts, function(
      err,
      searchRes
    ) {
      if (err) next(err);
      searchRes.on('searchEntry', function(entry) {
        data.push(entry.object);
      });
      searchRes.on('error', function(err) {
        client.unbind();
        next(err);
      });
      searchRes.on('end', async function(result) {
        try {
          let users = data;
          users = users.map(user => {
            user.userInfo = user.uidNumber;
            return user;
          });

          const delResult = await LdapUser.deleteMany({});
          const saveResult = await LdapUser.insertMany(data);

          // 取出完整用户信息
          // 首次查询
          let compUserList = await LdapUser.find({}).populate({
            path: 'userInfo'
          });

          compUserList.map(async user => {
            if (!user.userInfo) {
              const newUser = new User({
                _id: user.uidNumber,
                username: user.uid,
                fullname: user.cn
              });
              await newUser.save();
            }
          });

          // 再次查询
          compUserList = await LdapUser.find({}).populate({
            path: 'userInfo',
            populate: {
              path: 'permissions'
            }
          });

          compUserList = compUserList.map(user => {
            let permissions = user.userInfo.permissions;
            let roles = combRole(permissions);
            permissions = combPer(permissions);
            let userInfo = user.userInfo;
            userInfo.permissions = permissions;
            userInfo.roles = roles;
            return userInfo;
          });

          res.send({
            errcode: 0,
            userList: compUserList
          });
          client.unbind();
        } catch (err) {
          next(err);
        }
      });
    });
  });
});
router.post('/edit', async function userEditCtrl(req, res, next) {
  logger.db(req, '系统管理', '用户列表', '编辑用户信息');
  // 权限判断
  const hasPerm = req.user.permissions.includes(`users-writeable`);
  if (!hasPerm) {
    res.status(403).send({
      errcode: 1,
      errmsg: '用户无用户列表查看权限！'
    });
    return;
  }
  const body = req.body;
  const username = body.username;
  delete body.username;
  body.lastModifiedBy = req.user.fullname;
  try {
    const searchResult = await LdapUser.findOne({ uid: username });
    if (searchResult) {
      await User.updateOne({ username }, body);
      res.send({
        errcode: 0
      });
    } else {
      res.send({
        errcode: 1,
        errmsg: '用户不存在'
      });
    }
  } catch (err) {
    next(err);
  }
});

router.post('/save', async (req, res, next) => {
  logger.db(req, '系统管理', '用户列表', '新增用户');
  // 权限判断
  const hasPerm = req.user.permissions.includes(`users-writeable`);
  if (!hasPerm) {
    res.status(403).send({
      errcode: 1,
      errmsg: '用户无用户列表查看权限！'
    });
    return;
  }
  const body = req.body;
  const dn = `cn=${body.fullname},ou=people,dc=kingsome,dc=cn`;
  const uidNumber = randomUid();
  const entry = {
    cn: body.fullname,
    sn: body.fullname,
    objectClass: [
      'posixAccount',
      'inetOrgPerson',
      'organizationalPerson',
      'person'
    ],
    uidNumber: uidNumber,
    gidNumber: 10014,
    uid: body.username,
    homeDirectory: `/home/${body.username}`,
    userPassword: ssha.create(`${body.username}`),
    o: 'gmplatform'
  };
  const client = ldap.createClient({
    url: config.ldap.url
  });

  try {
    client.bind(config.ldap.user, config.ldap.password, function(err, bindRes) {
      if (err) next(err);
      client.add(dn, entry, async function(err) {
        if (err) {
          if (err.message === 'Entry Already Exists') {
            res.send({
              errcode: 1,
              errmsg: 'uidNumber 已存在，请重试！'
            });
            return;
          } else {
            next(err);
            return;
          }
        }
        client.unbind();
        body._id = uidNumber;
        const newUser = new User(body);
        const result = await newUser.save();
        res.send({
          errcode: 0
        });
      });
    });
  } catch (err) {
    next(err);
  }
});

// 删除用户
router.post('/del', async (req, res, next) => {
  logger.db(req, '系统管理', '用户列表', '删除用户');
  // 权限判断
  const hasPerm = req.user.permissions.includes(`users-writeable`);
  if (!hasPerm) {
    res.status(403).send({
      errcode: 1,
      errmsg: '用户无用户列表查看权限！'
    });
    return;
  }
  const body = req.body;
  const dn = `cn=${body.fullname},ou=people,dc=kingsome,dc=cn`;
  const client = ldap.createClient({
    url: config.ldap.url
  });
  try {
    client.bind(config.ldap.user, config.ldap.password, function(err, bindRes) {
      if (err) throw err;
      client.del(dn, function(err) {
        if (err) throw err;
        res.send({
          errcode: 0
        });
      });
    });
  } catch (err) {
    next(err);
  }
});

function randomUid() {
  return Math.ceil(Math.random() * 20000) + 10000;
}

export default router;