package com.qmth.ops.api.security;

import com.qmth.boot.core.exception.UnauthorizedException;
import com.qmth.boot.core.security.model.AccessEntity;
import com.qmth.ops.api.dto.LoginResult;
import com.qmth.ops.biz.domain.User;
import com.qmth.ops.biz.service.UserPermissionService;

public class AdminSession implements AccessEntity {

    private User user;

    private UserPermissionService userPermissionService;

    public AdminSession(User user, UserPermissionService userPermissionService) {
        this.user = user;
        this.userPermissionService = userPermissionService;
    }

    public LoginResult getLoginResult(String fileServer) {
        LoginResult result = new LoginResult();
        result.setId(user.getId());
        result.setName(user.getName());
        result.setRole(user.getRole());
        result.setSession(getIdentity());
        result.setToken(getSecret());
        result.setFileServer(fileServer);
        return result;
    }

    public User getUser() {
        return user;
    }

    public void permissionCheck(Permission permission) {
        if (!userPermissionService.hasPermission(user, permission, null)) {
            throw new UnauthorizedException("没有[" + permission.getName() + "]操作权限");
        }
    }

    public void permissionCheck(Permission permission, Object data) {
        if (!userPermissionService.hasPermission(user, permission, data)) {
            throw new UnauthorizedException("没有[" + permission.getName() + "]操作权限");
        }
    }

    @Override
    public String getIdentity() {
        return user.getId().toString();
    }

    @Override
    public String getSecret() {
        return user.getAccessToken();
    }
}