package com.vincent.rsf.httpaudit.open;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.vincent.rsf.httpaudit.common.Cools;
import com.vincent.rsf.httpaudit.common.R;
import com.vincent.rsf.httpaudit.entity.HttpAuditLog;
import com.vincent.rsf.httpaudit.props.HttpAuditProperties;
import com.vincent.rsf.httpaudit.service.HttpAuditLogCrudService;
import com.vincent.rsf.httpaudit.web.util.HttpAuditAdminQueryHelper;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.HashMap;
import java.util.Map;

/**
 * 简易查询（simple-ui-token 非空时校验请求头）
 */
@RestController
public class HttpAuditOpenLogController {

    public static final String TOKEN_HEADER = "X-Http-Audit-Ui-Token";

    private final HttpAuditLogCrudService httpAuditLogCrudService;
    private final HttpAuditProperties props;

    public HttpAuditOpenLogController(HttpAuditLogCrudService httpAuditLogCrudService, HttpAuditProperties props) {
        this.httpAuditLogCrudService = httpAuditLogCrudService;
        this.props = props;
    }

    /** 是否要求 Token；不校验本接口，供静态页决定是否展示 Token 输入区 */
    @GetMapping("/http-audit/open/ui-meta")
    public R uiMeta() {
        Map<String, Object> data = new HashMap<>();
        data.put("tokenRequired", StringUtils.isNotBlank(props.getSimpleUiToken()));
        return R.ok().add(data);
    }

    @PostMapping("/http-audit/open/log/page")
    public R pagePost(@RequestHeader(value = TOKEN_HEADER, required = false) String token,
                      @RequestBody(required = false) Map<String, Object> body) {
        return doPage(token, HttpAuditAdminQueryHelper.normalizeBody(body != null ? body : Map.of()));
    }

    @GetMapping("/http-audit/open/log/page")
    public R pageGet(@RequestHeader(value = TOKEN_HEADER, required = false) String token,
                     @RequestParam(required = false) Integer current,
                     @RequestParam(required = false) Integer pageSize,
                     @RequestParam(required = false) String uri,
                     @RequestParam(required = false) String clientIp,
                     @RequestParam(required = false) String condition,
                     @RequestParam(required = false) String orderBy,
                     @RequestParam(required = false) String timeStart,
                     @RequestParam(required = false) String timeEnd,
                     @RequestParam(required = false) String requestContains,
                     @RequestParam(required = false) String responseContains) {
        Map<String, Object> map = new HashMap<>();
        if (current != null) {
            map.put("current", current);
        }
        if (pageSize != null) {
            map.put("pageSize", pageSize);
        }
        if (uri != null) {
            map.put("uri", uri);
        }
        if (clientIp != null) {
            map.put("clientIp", clientIp);
        }
        if (condition != null) {
            map.put("condition", condition);
        }
        if (orderBy != null) {
            map.put("orderBy", orderBy);
        }
        if (timeStart != null) {
            map.put("timeStart", timeStart);
        }
        if (timeEnd != null) {
            map.put("timeEnd", timeEnd);
        }
        if (requestContains != null) {
            map.put("requestContains", requestContains);
        }
        if (responseContains != null) {
            map.put("responseContains", responseContains);
        }
        return doPage(token, map);
    }

    private R doPage(String token, Map<String, Object> map) {
        if (!tokenMatches(token)) {
            return R.error("unauthorized");
        }
        Object timeStart = map.remove("timeStart");
        Object timeEnd = map.remove("timeEnd");
        Page<HttpAuditLog> page = HttpAuditAdminQueryHelper.extractPage(map);
        String orderBy = HttpAuditAdminQueryHelper.extractOrderBy(map);
        String condition = HttpAuditAdminQueryHelper.extractCondition(map);

        QueryWrapper<HttpAuditLog> qw = new QueryWrapper<>();
        HttpAuditAdminQueryHelper.applyCreateTimeRange(qw, timeStart, timeEnd);
        if (!Cools.isEmpty(map.get("uri"))) {
            qw.like("uri", map.get("uri"));
        }
        if (!Cools.isEmpty(map.get("clientIp"))) {
            qw.eq("client_ip", map.get("clientIp"));
        }
        if (StringUtils.isNotBlank(condition)) {
            qw.and(w -> w.like("uri", condition)
                    .or().like("service_name", condition)
                    .or().like("method", condition)
                    .or().like("client_ip", condition)
                    .or().like("function_desc", condition));
        }
        if (!Cools.isEmpty(map.get("requestContains"))) {
            String v = String.valueOf(map.get("requestContains")).trim();
            qw.and(w -> w.like("query_string", v).or().like("request_body", v));
        }
        if (!Cools.isEmpty(map.get("responseContains"))) {
            qw.like("response_body", map.get("responseContains"));
        }
        HttpAuditAdminQueryHelper.applySafeOrder(qw, orderBy, "ORDER BY create_time DESC");
        return R.ok().add(httpAuditLogCrudService.page(page, qw));
    }

    private boolean tokenMatches(String token) {
        String expected = props.getSimpleUiToken();
        if (StringUtils.isBlank(expected)) {
            return true;
        }
        return expected.equals(token);
    }
}