package logic

import (
	"fmt"
	"fusenapi/model/gmodel"
	"fusenapi/utils/basic"
	"fusenapi/utils/chinese_to_pinyin"
	"fusenapi/utils/email"
	"net/http"
	"strings"
	"time"

	"context"

	"fusenapi/server/ldap-admin/internal/svc"
	"fusenapi/server/ldap-admin/internal/types"

	"github.com/zeromicro/go-zero/core/logx"
)

type CreateLdapUserLogic struct {
	logx.Logger
	ctx    context.Context
	svcCtx *svc.ServiceContext
}

func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CreateLdapUserLogic {
	return &CreateLdapUserLogic{
		Logger: logx.WithContext(ctx),
		ctx:    ctx,
		svcCtx: svcCtx,
	}
}

// 处理进入前逻辑w,r
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
// }

func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) {

	if !l.svcCtx.Ldap.VerifyAuthority(r) {
		return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限，请联系管理员开通")
	}
	req.UserName = strings.Trim(req.UserName, " ")
	req.Mobile = strings.Trim(req.Mobile, " ")
	req.Email = strings.Trim(req.Email, " ")
	req.Password = strings.Trim(req.Password, " ")
	if req.GroupId < 0 {
		req.GroupId = 0
	}
	if req.UserName == "" {
		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误，用户名不能为空")
	}
	if req.Password == "" {
		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误，密码不能为空")
	}
	if !email.IsEmailValid(req.Email) {
		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误，邮箱格式不正确")
	}
	//把用户名转pinyin
	userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
	userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
	//新增一条记录获取递增用户id
	now := time.Now().UTC()
	userData := &gmodel.LdapUser{
		UserDn: &userDN,
		Ctime:  &now,
		Utime:  &now,
	}
	if err := l.svcCtx.AllModels.LdapUser.Create(l.ctx, userData); err != nil {
		logx.Error(err)
		return resp.SetStatusWithMessage(basic.CodeDbSqlErr, "新增用户失败！")
	}
	err := l.svcCtx.Ldap.Create(userDN, map[string][]string{
		"objectClass":      {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
		"shadowLastChange": {"19676"},                                                                                   //固有属性
		"shadowMin":        {"0"},                                                                                       //固有属性
		"shadowMax":        {"99999"},                                                                                   //固有属性
		"shadowWarning":    {"7"},                                                                                       //固有属性
		"loginShell":       {"/usr/sbin/nologin"},                                                                       //固有属性
		"homeDirectory":    {"/home/users/" + userNamePinyin},
		"employeeType":     {fmt.Sprintf("%d", req.EmployeeType)}, //员工类型：1正式 2实习 3外包
		"uidNumber":        {fmt.Sprintf("%d", userData.Id)},      //用户id
		"gidNumber":        {fmt.Sprintf("%d", userData.Id)},      //用户id
		"uid":              {userNamePinyin},                      //用户名（拼音）
		"cn":               {req.Email},                           //邮箱
		"sn":               {req.UserName},                        //用户名
		"mail":             {req.Email},                           //邮箱
		"postalCode":       {fmt.Sprintf("%d", req.Status)},       //状态
		"departmentNumber": {fmt.Sprintf("%d", req.GroupId)},      //权限分组id
		"postalAddress":    {req.Avatar},                          //头像
		"mobile":           {req.Mobile},                          //手机号
		"userPassword":     {req.Password},                        //密码
	})
	if err != nil {
		logx.Error(err)
		return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
	}
	return resp.SetStatusWithMessage(basic.CodeOK, "添加用户成功")
}

// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
// func (l *CreateLdapUserLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
// // httpx.OkJsonCtx(r.Context(), w, resp)
// }