<?php
/*
|--------------------------------------------------------------------------
| auth.php 后台管理 权限管理
|--------------------------------------------------------------------------
*/
namespace MazeApp\Manage;

use Maze;
use Maze\Session\Save;
use Maze\Security\Internal;
use Maze\Routing\Uri;

class Auth
{	
	/**
     * 后台的session名
     *
     * @var string
     */
	private $name;
	
	/**
     * save
     *
     * @var Maze\Plad\Save
     */
    private $save;
    
	/**
     * __construct
     * 
     * @return mixed
     */
	public function __construct()
	{
		$this->save = new Save(MAZE_PROJECT, 'cookie');
        $this->name = MAZE_PROJECT . '_manage';
	}
	
	/**
     * 获取角色
     * 
     * @return mixed
     */
	public function role()
	{
		$data = Maze::load('/role-list', array('option_name' => '%'.Maze::input('term', 'test').'%'));
		if($data)
		{
			return $data;
		}
		return array
		(
			0 => array('id' => -1, 'value' => '没有找到您搜索的数据', 'label' => '没有找到您搜索的数据'),
		);
	}
	
	/**
     * 获取当前登录的管理员信息
     * 
     * @return mixed
     */
	public function info()
	{
		$info = $this->save->get($this->name);
		
		# 插件接管 暂时未实现
		//Maze::plugin($this);
		
		return $info;
	}
	
	/**
     * 获取公告
     * 
     * @return mixed
     */
	public function notice()
	{
		$admin = $this->info();
		if($admin['config'] && isset($admin['config']['id']) && $admin['config']['id'] > 0)
		{
			$data = Maze::load('manage/notice-getAll', array('where_config' => $admin['config']['id']));
			
			return $data;
		}
		
		return array();
	}
	
	/**
     * 获取当前登录的管理员信息
     * 
     * @return mixed
     */
	public function manage()
	{
		$admin = $this->info();
		if($admin && $admin['id'] == 1)
		{
			return '';
		}
		return 'display:none;';
	}
	
	/**
     * 退出登录
     * 
     * @return mixed
     */
	public function quit()
	{
		if($this->info())
		{
			$this->save->un($this->name);
		}
		
		Maze::location('login');
	}
	
	/**
     * login
     * 
     * @return mixed
     */
	public function login()
	{
        $param['where_username'] = Maze::input('username');
        
        $password = md5(Maze::input('password'));

        //print_r($param);die;

		$user = Maze::load('manage/admin-user', $param);
		
		if($user && $user['password'] == $password)
		{
			$this->save($user);
			
			$refer = Maze::input('refer');
			
			if($refer)
			{
                $url = parse_url(Internal::decode($refer));
                $url['path'] = preg_replace('/^\//', '', $url['path']);

                if(Uri::$type == '?')
                {
					/*
                    Uri::$type = '';
                    if(strpos($url['query'], '?') !== false)
                    {
                        Uri::$type = '?';
                    }
                    */
                    $refer = Maze::url(str_replace($url['path'] . Uri::$type, '', $url['query']));
                }
                else
                {
                    $refer = Maze::url($url['path'] . '?' . $url['query']);
                }
				
				Maze::out($refer);
			}
			else
			{
				Maze::out(Maze::url('home'));
			}
		}
		else
		{
			Maze::abert('登录失败');
		}
	}
	
	public function save(&$user)
	{
		if($user['config'])
		{
			$user['config'] = Maze::load('manage/config-one', array('where_id' => $user['config']));
		}
        if($user['id'] == 1)
        {
            $user['oper'] = 'all';
            $user['auth'] = 'all';
            $user['top'] = 'all';
        }
        else
        {
            $role = Maze::load('manage/role-get', array('where_id' => $user['role']));

            if($role)
            {
                $user['oper'] = array();
                $user['auth'] = '';
                $user['top'] = '';
                foreach($role as $k => $v)
                {
                    if($v['oper'])
                    {
                        if(strpos($v['oper'], ',') !== false)
                        {
                            $user['oper'] += explode(',', $v['oper']);
                        }
                        else
                        {
                            $user['oper'][] = $v['oper'];
                        }
                    }
                    if($v['auth'])
                    {
                        $user['auth'][] = $v['auth'];
                    }
                    if($v['top'])
                    {
                        $user['top'][] = $v['top'];
                    }
                }
                
                $user['oper'] = implode(',', $user['oper']);
                $user['auth'] = implode(',', $user['auth']);
                $user['top'] = implode(',', $user['top']);
                
                if(strpos($user['oper'], 'all') !== false)
                {
                    $user['oper'] = 'all';
                }
                
                if(strpos($user['auth'], 'all') !== false)
                {
                    $user['auth'] = 'all';
                }

                if(strpos($user['top'], 'all') !== false)
                {
                    $user['top'] = 'all';
                }
            }
        }
		
		$this->save->add($this->name, $user, 3600*24*7);
	}
	
	/**
     * set
     * 
     * @return mixed
     */
	public function set()
	{
        $param['refer'] = Maze::input('refer');
        
        return $param;
	}
	
	/**
     * location_login
     * 
     * @return mixed
     */
	public function location_login()
	{
		$refer = Internal::encode(Maze::url());
		return Maze::location('login?refer=' . $refer);
	}
	
	/**
     * init
     * 
     * @return mixed
     */
	public function init()
	{
        //$this->check(Uri::$value);

        $admin = $this->info();
        if(!$admin)
        {
			return $this->location_login();
        }
        /*
        if(!Uri::$value)
        {
            return;
        }

        //print_r(Uri::$url);die;
        $param['where_project'] = Maze::input('key', MAZE_PROJECT_NAME);
        $param['where_table'] = Maze::input('table', 'other');
        $param['where_uri'] = Uri::$value;

        $data = Maze::load('manage/auth-get', $param);
        
        if(!$data)
        {
            $update['add_name'] = $this->table($param['where_table'], $param['where_project']) . $this->name($param['where_uri']);
            //print_r($update);die;
            
            $update['add_uri']      = $param['where_uri'];
            $update['add_type']     = $this->type($update['add_uri']);
            $update['add_project']  = $param['where_project'];
            $update['add_table']    = $param['where_table'];
            $data['id'] = Maze::load('manage/auth-insert', $update);
        }
        */
        
        # 第一个为超级管理员
        if($admin['id'] == 1)
        {
            return;
        }
        
        $menu = Maze::input('menu');
        $project = Maze::input('key');
        $table = Maze::input('table');
        $menu_id = Maze::input('menu_id');

        if($menu_id && $menu_id > 0)
        {
			$menu  = Maze::load('manage/menu-info', $menu_id);
			
			if(!$menu)
			{
				Maze::abert('没有该权限');
			}
			
			//$this->save($admin);
			if($menu['key'])
			{
				if(isset($admin['auth']) && $admin['auth'])
				{
					if($admin['auth'] == 'all' || $admin['auth'] == '')
					{
						return;
					}
					
					$admin['auth'] = explode(',', $admin['auth']);

					if(!in_array($menu['key'], $admin['auth']))
					{
						Maze::abert('您没有操作权限');
					}
				}
				else
				{
					Maze::abert('您没有操作权限');
				}
			}
            else
            {
				Maze::abert('您没有操作权限');
			}
        }
        /*
        elseif(strpos(Uri::$url, 'project/list') === false && strpos(Uri::$url, 'log/list') === false)
        {
            return;
        }
        */
        else
        {
			//Maze::abert('您没有操作权限');
		}
	}

    # 得到当前管理员的权限
    public function admin()
    {
		$admin = $this->info();
        return $admin['auth'] == 'all' ? '' : explode(',', $admin['auth']);
    }

    # 得到当前头部菜单的权限
    public function top()
    {
        $admin = $this->info();
        return $admin['top'] == 'all' ? '' : explode(',', $admin['top']);
    }

    # 设置头部菜单的权限
    public function _setTop($info)
    {
        if($info)
        {
            $info['key'] = explode('_', $info['key']);

            $this->save->add($this->name . '_topgetv1_' . $info['key'][0], $info, 3600*24*365);
        }
    }

    # 得到当前头部菜单
    public function getTop($key)
    {
        $state = false;
        if(is_array($key))
        {
            $key = $key[0];
            $state = true;
        }
        $data = $this->save->get($this->name . '_topgetv1_' . $key);

        # 当数据不存在时，先从数据库里取出一个最新的
        if(!$data && $state == true)
        {
            $info = Maze::load('manage/top-key', array('where_key' => $key));
            if($info)
            {
                $data = Maze::load('manage/top-getOne', array('where_top_id' => $info['id']));
            }
        }

        return $data;
    }

    public function config()
    {
        $admin = $this->info();
        if($admin['config'] && $admin['config']['id'] > 0)
        {
			$admin['config'] = Maze::load('manage/config-info', array('where_id' => $admin['config']['id']));
		}
		$state = isset($admin['config']) && $admin['config'];
		$admin['config']['title'] = ($state && $admin['config']['title']) ? $admin['config']['title'] : Maze::$global['base']['name'] . ' 后台管理';
		$admin['config']['info'] = ($state && $admin['config']['info']) ? $admin['config']['info'] : Maze::$global['base']['name'] . ' 欢迎您';
		$admin['config']['content'] = ($state && $admin['config']['content']) ? $admin['config']['content'] : '欢迎您使用本系统';
		$admin['config']['template'] = ($state && $admin['config']['template']) ? $admin['config']['template'] : 1;
		
		return $admin['config'];
    }
    
    /**
     * oper的判断
     *
     * @param uri string
     * @return mixed
     */
    public function oper($type = 1)
    {
		$oper = '';
        $admin = $this->info();
        //$role['oper'] = '1,2,3,4,5';
        if($admin && isset($admin['oper']) && $admin['oper'] != 'all')
        {
			if(strpos(',' . $admin['oper'], ',' . $type) !== false)
			{
				return true;
			}
			else
			{
				return false;
			}
		}
		else
		{
			return true;
		}
    }

	/**
     * 获取当前uri的类型
     *
     * @param uri string
     * @return mixed
     */
    private function table($table, $project)
    {
        if($table == 'other')
        {
            $table = '';
        }
        else
        {
            $path = Maze::load('manage/project.path', $project);
            $config = Maze::database(MAZE_PATH . $path . 'database/' . $table . '.php');
            $table = $config['lang'];
        }

        return $table;
    }

	/*
    private function name($name)
    {
        if($name == 'log/list')
        {
            $name = '日志列表';
        }
        if($name == 'project/list')
        {
            $name = '项目管理';
        }
        elseif($name == 'home')
        {
            $name = '首页';
        }
        elseif(strpos($name, 'list'))
        {
            $name = '列表';
        }
        elseif(strpos($name, 'update'))
        {
            $name = '更新';
        }
        elseif(strpos($name, 'delete'))
        {
            $name = '删除';
        }
        

        return $name;
    }
    */

    /**
     * check
     * 
     * @return mixed
     */
    private function check($uri)
    {
        if(strpos($uri, '.html') !== false)
        {
            //Maze::abert('您没有操作权限');
        }
    }

    /**
     * 获取当前uri的类型
     *
     * @param uri string
     * @return mixed
     */
    public function type($uri)
    {
        if(strpos($uri, '.') !== false)
        {
            $type = 3;
        }
        elseif(strpos($uri, '-') !== false)
        {
            $type = 2;
        }
        else
        {
            $type = 1;
        }
        return $type;
    }

    /**
     * 获取所有权限列表，并进行统计处理
     * 
     * @return mixed
     */
    public function get()
    {
        /*
        $auth = Maze::load('manage/auth-all');

        $project = Maze::load('manage/project.get');

        $result = array();

        $url = 'manage/';
        foreach($auth as $k => $v)
        {
            if(isset($project[$v['project']]['lang']))
            {
                $result[$v['project']]['child'][$k] = $v;
                $result[$v['project']]['name'] = $project[$v['project']]['lang'];
                $result[$v['project']]['url'] = $url;
            }
        }

        # 1为多维数组
        $result['state'] = 1;
        */

        $result = Maze::load('manage/menu.left', true);
        $result['state'] = 1;

        return $result;
    }
    
    /**
     * 修改当前管理员的密码
     * 
     * @return mixed
     */
	public function password()
	{
		$admin = $this->info();
		
		$new = Maze::input('new');
		$old = Maze::input('old');
		if($admin && $admin['id'] > 0 && $new && $old && $new != $old && md5($old) == $admin['password'])
		{
			$param['set_password'] = $new;

			$param['where_id'] = $admin['id'];
			Maze::load('manage/admin-password', $param);
			
			$admin['password'] = md5($new);
			$this->save->add($this->name, $admin);
			return '修改成功';
		}
		else
		{
			return '修改失败';
		}
	}
}