<?php
defined('ONLY_ONLY_ONLY') or exit('Access Denied');
/*****************平台方相关如角色权限等******************/
function bizPlater_getFELoginInfo($includePwd=false){
    $subSystem=intval(SUBSYS_PLAT_PCWEB);
    $GPC=input_param_handle(false);    
    $ajaxdata = input_getPostObj();
    $loginName=isset($ajaxdata["loginName"])?$ajaxdata["loginName"]:$GPC["loginName"];
    if(empty($loginName)) throw new GeneralException("","没有传递必要的loginName参数，或者登录名为空！"); 
    if(mb_strlen(trim($loginName))<2) throw new GeneralException("","登录名不能为空且长度至少2位！");
    if($includePwd){
        $loginPwd=isset($ajaxdata["loginPwd"])?$ajaxdata["loginPwd"]:$GPC["loginPwd"];
        if(empty($loginPwd)) throw new GeneralException("","没有传递必要的loginPwd参数，或密码为空！"); 
        if(mb_strlen(trim($loginPwd))<=3) throw new GeneralException("","登录密码不能为空且长度至少3位！");
    }
    return array("loginName" => $loginName, "loginPwd" => $loginPwd);
}
function bizPlater_cryptLoginPwd($loginPwd){ 
    return md5(md5($loginPwd));
}
function bizPlater_verifyToken(){   
    $GPC=input_param_handle(false);    
    $ajaxdata = input_getPostObj();
    $loginName=isset($ajaxdata["loginName"])?$ajaxdata["loginName"]:$GPC["loginName"];
    if(empty($loginName)) throw new GeneralException("","没有传递必要的loginName参数，或者登录名为空！");     
    $subSystem=intval(SUBSYS_PLAT_PCWEB);
    $loginInfo=bizPlater_getFELoginInfo(false);
    $loginName=$loginInfo["loginName"];
    $baseUser=pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and `login_name`=:login_name limit 1;",array(
        ":subsystem"=>intval($subSystem),
        ":login_name"=>trim($loginName),
    ));    
    if(empty($baseUser)) throw new GeneralException("","没有定位到此登录名的用户记录,请确认输入是否正确！");
    base_verifyForendToken($baseUser); //前端会话TOKEN校验
    return array("baseUser" => $baseUser);
}
//获取当前用户所赋予的角色列表
function bizPlater_getRoleSet($bizPlater){
    $subSystem=intval(SUBSYS_PLAT_PCWEB);    
    $roleList=pdo_fetchall("select r.* from base_roleuser ru
        left join base_role r on r.id=ru.roleid
        where ru.`userid`=:userid and r.subsystem=:subsystem and r.deleted=0;",array(
        ":userid"=>intval($bizPlater["id"]),
        ":subsystem"=>intval($subSystem),
    ));    
    if(empty($roleList)) throw new GeneralException("","此用户没有被赋予任何角色,请联系平台超级管理员！");    
    return $roleList;
}
//获取当前用户所属角色下可用的页面模块列表
function bizPlater_getModuleSet($bizPlater){
    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $roleList = bizPlater_getRoleSet($bizPlater); //先确定当前用户有角色身份 
    $moduleList = pdo_fetchall("select * from base_permission_object where `subsystem`=:subsystem and deleted=0 
        order by `parentid` asc,`ranksn` asc;", array(":subsystem" => intval($subSystem)));
    if (empty($moduleList)) throw new GeneralException("", "竟然没有配置任何模块,请联系平台超级管理员！");
    $tmpModuleSet = array();
    foreach ($moduleList as $module) {
        $module["AAA_allowed"] = false; //默认都不可用，将来可根据模块本身的配置进行预设
        $tmpModuleSet[$module["id"]] = $module;
    }
    foreach ($roleList as $role) {
        if (trim($role["role_code"]) == "SuperAdmin") { //超管一票允许
            foreach ($tmpModuleSet as $key => &$moduleA) $moduleA["AAA_allowed"] = true;
            break;
        }
        $roleModIdSet = pdo_fetchall("select bpo.id as id from base_role_permission brp
            left join base_permission_object bpo on bpo.id=brp.objectid
            where bpo.deleted=0 and brp.`roleid`=:roleid and brp.`permission_run`='1' and bpo.id>0;", array(":roleid" => $role["id"]));
        foreach ($roleModIdSet as $roleModuleId) {
            $tmpModuleSet[$roleModuleId["id"]]["AAA_allowed"] = true;
        }
    }
    $forendSet = array(
        "navIcon" => array(),
        "states" => array(),
        "mainRoleName"=>$roleList[0]["role_name"],
        "undoList"=>bizPlater_undoList(),
    );
    $orderSN = 0;
    foreach ($tmpModuleSet as $key => $moduleB) {
        if ($moduleB["AAA_allowed"] == true && intval($moduleB["parentid"]) == 0) {
            array_push($forendSet["navIcon"],array(
                    "id_id" => $moduleB["id"],
                    "id" => $orderSN++, "name" => $moduleB["obj_name"],
                    "icon" => $moduleB["obj_icon"], "dda" => array(),
                    "alink" => $moduleB["obj_attach"]
                )
            );
        }
    }
    foreach ($forendSet["navIcon"] as &$topModule) {
        $orderSN = 0;
        foreach ($tmpModuleSet as $key => $subModule) {
            if ($subModule["AAA_allowed"] == true && intval($subModule["parentid"]) == $topModule["id_id"]) {
                array_push($topModule["dda"], array(
                    "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"]
                ));
                array_push($forendSet["states"], array(
                    "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"]
                ));
            }
        }
        unset($topModule["id_id"]);
    }
    return $forendSet;
}
//核查当前用户是否对某个模块具有权限
function bizPlater_verifyPermisson($bizPlater,$objCatalog,$arrObjCodes){// 就像外国名字一样 祖先姓-父辈姓-...-自己的姓
    $subSystem=intval(SUBSYS_PLAT_PCWEB);
    $roleList=bizPlater_getRoleSet($bizPlater);
    if(empty($arrObjCodes) || !is_array($arrObjCodes) || count($arrObjCodes)<=0)
        throw new GeneralException("","授权目标对象的arrObjCodes集合不能为空！");  
    $allowed=false;
    foreach($arrObjCodes as $objCode){
        $allowed=false;
        foreach($roleList as $role){
            $isSysRole=(intval($role["issysrole"])>0);//是否系统内建角色，不可修改/删除；
            switch(trim($role["role_code"])){
                case "SuperAdmin":
                    return true;//一票允许 return true; 熔断直返
                    break;
                default:
                    $roleModIdSet = pdo_fetch("select bpo.id as id from base_role_permission brp
                        inner join base_permission_object bpo on bpo.id=brp.objectid and bpo.`obj_code`=:obj_code
                        where brp.`roleid`=:roleid and brp.`permission_run`='1';",
                        array(":roleid" => $role["id"], ":obj_code" => trim($objCode))
                    );
                    if(!empty($roleModIdSet)) $allowed=true;
                    break;
            }   
            if($allowed) break;//已获取权限，则不再遍历其他角色    
        }
        //从上到下，【任一级别】模块【没有】【任何角色】权限，则中止向后遍历，直接抛出无权限 熔断退出
        if(empty($allowed)) throw new GeneralException("","此用户没有当前页面的操作权限！");    
    }         
    if(empty($allowed)) throw new GeneralException("","此用户没有当前页面的操作权限！");      
    return $allowed;
}

/**********************验证验权角色权限相关逻辑**************************************/
function bizbase_AAAEntityHandle($subSystem, $handleMode, $baseUser, $ajaxdata, $GPC){
    switch($handleMode){   
        case "fetchPlatUserList":   
            $sqlTemp="";
            $sqlTemp.=" select bu.id,bu.login_name,bu.mobile,br.id as roleid,br.role_name";    
            $sqlTemp.=" from base_user bu ";    
            $sqlTemp.=" left join base_roleuser bru on bru.userid=bu.id ";  
            $sqlTemp.=" left join base_role     br  on br.id=bru.roleid "; 
            $sqlTemp.=" where bu.`deleted`=0 and bu.subsystem=" . intval($subSystem);              
            $backdata = pdo_fetchall($sqlTemp);                    
            return $backdata;
            break;        
        case "resetPlatUserPwd":   
        case "resetPlatUserSelfPwd":
            if($handleMode=="resetPlatUserPwd"){
                $userid = isset($ajaxdata["userid"]) ? $ajaxdata["userid"] : $GPC["userid"];
                $baseUser = pdo_fetch("select * from base_user where id=".intval($userid));
                if(empty($baseUser)) throw new GeneralException("","没有定位到此id对应的用户记录！"); 
            }else if($handleMode=="resetPlatUserSelfPwd"){
            }            
            $newPasswd = isset($ajaxdata["newPasswd"]) ? $ajaxdata["newPasswd"] : $GPC["newPadsswd"];
            if (mb_strlen(trim($newPasswd)) <= 0) // && !preg_match("/^.*[a-z].*[A-Z].*\d.*$/",trim($newPasswd))) 
                throw new GeneralException("","新密码长度不能为空！");
            $backdata = pdo_query("update base_user set login_pwd=:login_pwd,salt=:salt where id=:id;",array(
                ":id"=>$baseUser["id"],
                ":login_pwd"=> bizPlater_cryptLoginPwd($newPasswd),
                ":salt"=>random(8),//重置盐
            ));                  
            return $backdata;
            break; 
        case "upsertPlatRoleUser":
            $roleId = isset($ajaxdata["roleId"]) ? $ajaxdata["roleId"] : $GPC["roleId"];   
            $roleInfo=pdo_fetch("select * from base_role where id=".intval($roleId));
            if(empty($roleInfo)) throw new GeneralException("","没有定位到角色记录！");             
            $bizData = isset($ajaxdata["bizData"]) ? $ajaxdata["bizData"] : $GPC["bizData"];
            if (empty($bizData)) throw new GeneralException("", "没有传递必要的参数bizData");               
            $saveData["login_name"]=trim($bizData["loginName"]); 
            if (empty($saveData["login_name"])) throw new GeneralException("", "登录号不能为空");  
            if(!empty(trim($bizData["loginPwd"]))){
                $saveData["login_pwd"]=bizPlater_cryptLoginPwd(trim($bizData["loginPwd"]));
            }            
            $saveData["remark"]="[" . date("Y-m-d H:i:s", time()) . "] 更新 ".trim($bizData["remark"])." \n";   
            $id=$bizData["id"];
            if(intval($id)<=0){
                $hasUsed=pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;",array(
                    ":subsystem"=>SUBSYS_PLAT_PCWEB,
                    ":login_name"=>$saveData["login_name"],
                ));
                if(!empty($hasUsed)) throw new GeneralException("loginNameUsed","登录号已被使用，请重新换一个吧");
                $sqlParam=array();  
                $sqlParam[":nowtime"]=time();
                $sqlParam[":subsystem"]=SUBSYS_PLAT_PCWEB;
                $sqlParam[":login_name"]=$saveData["login_name"];
                $sqlParam[":remark"]=$saveData["remark"];
                $sqlParam[":salt"]=random(8);
                $sqlTemp="";
                $sqlTemp.=" insert into base_user set createtime=:nowtime";
                $sqlTemp.="     ,subsystem=:subsystem,login_name=:login_name,remark=:remark,salt=:salt ";
                if(!empty($saveData["login_pwd"])){
                    $sqlParam[":login_pwd"]=$saveData["login_pwd"];
                    $sqlTemp.="     ,login_pwd=:login_pwd";
                }   
                $sqlTemp.=" ;";
                $sqlTemp.=" set @handle_id=0; ";
                $sqlParam[":roleid"]=$roleId;
                $sqlTemp.=" select @handle_id:=id from base_roleuser";                
                $sqlTemp.="   where `roleid`=:roleid and userid=LAST_INSERT_ID(); ";
                $sqlTemp.=" insert into base_roleuser(`roleid`,  userid)";  
                $sqlTemp.=" select                    :roleid,   LAST_INSERT_ID() ";  
                $sqlTemp.="   from dual where ifnull(@handle_id,0)=0 ;";
                $backdata = pdo_query3($sqlTemp, $sqlParam);  
                return $backdata;            
            }else{
                $userInfo=pdo_fetch("select * from base_user where id=".intval($id));
                if(empty($userInfo)) throw new GeneralException("","没有定位到登录账号记录！");   
                if(intval($userInfo["subsystem"])!=SUBSYS_PLAT_PCWEB) throw new GeneralException("","登录账号记录不是平台账号！");
                $hasUseds=pdo_fetchall("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;",array(
                    ":subsystem"=>SUBSYS_PLAT_PCWEB,
                    ":login_name"=>$saveData["login_name"],
                ));
                foreach($hasUseds as $item){
                    if(intval($item["id"])!=intval($userInfo["id"])) throw new GeneralException("loginNameUsed","登录号已被使用，请重新换一个吧");
                } 
                $sqlParam=array();                  
                $sqlParam[":userid"]=$id;
                $sqlParam[":nowtime"]=time();
                $sqlParam[":login_name"]=$saveData["login_name"];
                $sqlParam[":remark"]=$saveData["remark"];
                $sqlTemp="";
                $sqlTemp.=" update base_user set updatetime=:nowtime,login_name=:login_name,remark=concat(:remark,ifnull(remark,'')) ";
                if(!empty($saveData["login_pwd"])){
                    $sqlParam[":login_pwd"]=$saveData["login_pwd"];
                    $sqlParam[":salt"]=random(8);
                    $sqlTemp.="     ,login_pwd=:login_pwd,salt=:salt";
                }   
                $sqlTemp.=" where id=:userid;";
                $sqlTemp.=" set @handle_id=0; ";
                $sqlParam[":roleid"]=$roleId;
                $sqlTemp.=" select @handle_id:=id from base_roleuser";                
                $sqlTemp.="   where `roleid`=:roleid and userid=:userid; ";
                $sqlTemp.=" insert into base_roleuser(`roleid`,  userid)";  
                $sqlTemp.=" select                    :roleid,   :userid";  
                $sqlTemp.="   from dual where ifnull(@handle_id,0)=0 ;";
                $backdata = pdo_query3($sqlTemp, $sqlParam);                
                return $backdata;            
            }                             
            break;    
        case "removePlatRoleUser":                
            $userId = isset($ajaxdata["userId"]) ? $ajaxdata["userId"] : $GPC["userId"];
            $userInfo=pdo_fetch("select * from base_user where id=".intval($userId));
            if(empty($userInfo)) throw new GeneralException("","没有定位到登录账号记录！");   
            if(intval($userInfo["subsystem"])!=SUBSYS_PLAT_PCWEB) throw new GeneralException("","登录账号记录不是平台账号！");
            if(intval($userInfo["deleted"])!=0) throw new GeneralException("","登录账号记录已被删除！");
            $reason = isset($ajaxdata["reason"]) ? $ajaxdata["reason"] : $GPC["reason"];            
            $sqlParam=array();  
            $sqlParam[":userid"]=$userId;
            $sqlParam[":nowtime"]=time();           
            $sqlParam[":remark"]="[" . date("Y-m-d H:i:s", time()) . "] 删除 $reason \n";            
            $sqlTemp="";
            $sqlTemp.=" update base_user set updatetime=:nowtime";
            $sqlTemp.="     ,deleted=1,remark=concat(:remark,ifnull(remark,'')) ";
            $sqlTemp.=" where id=:userid;";
            $sqlTemp.=" delete from base_roleuser where userid=:userid; ";
            $backdata = pdo_query3($sqlTemp, $sqlParam);  
            return $backdata;            
            break;                    
        default:
            throw new GeneralException("","不支持的handleMode！"); 
    }   
}

function bizPlater_undoList(){
    $backdata=array();
    $backdata["recruit_waitaudit"]=pdo_fetchcolumn("select count(*) from biz_trader_recruit where deleted=0 and `status`=1");             
    $backdata["recruit_waitaudit"]=intval($backdata["recruit_waitaudit"])<=0?null:intval($backdata["recruit_waitaudit"]);
    $backdata["suggestion_unsettled"]=pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog<=1 and `status`<3 ");  
    $backdata["suggestion_unsettled"]=intval($backdata["suggestion_unsettled"])<=0?null:intval($backdata["suggestion_unsettled"]);           
    $backdata["complaint_unsettled"]=pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog>=2 and `status`<3 "); 
    $backdata["complaint_unsettled"]=intval($backdata["complaint_unsettled"])<=0?null:intval($backdata["complaint_unsettled"]);   

    $backdata["tdwk_overtimepay"]=intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=4 and ".time()."-ifnull(tdwk.worked_finishtime,0)>24*3600)"));                 
    $backdata["tdwk_denypay"]=intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=-5)"));             
    $backdata["tdwk_waitpay"]=$backdata["tdwk_overtimepay"]+$backdata["tdwk_denypay"];
    if($backdata["tdwk_waitpay"]<=0) $backdata["tdwk_waitpay"]=null;
    if($backdata["tdwk_overtimepay"]<=0) $backdata["tdwk_overtimepay"]=null;
    if($backdata["tdwk_denypay"]<=0) $backdata["tdwk_denypay"]=null;

    $backdata["activityorder_unreaded"]=intval(pdo_fetchcolumn("select count(*) from biz_market_activity_order where deleted=0 and plater_readed=0;"));             
    if($backdata["activityorder_unreaded"]<=0) $backdata["activityorder_unreaded"]=null;

    $backdata["tdupgrade_unaudit"]=intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0 and catalog=0 and certif_confirmed=1 and bizlicense_pic<>'';"));             
    if($backdata["tdupgrade_unaudit"]<=0) $backdata["tdupgrade_unaudit"]=null;


    $backdata["tdupgrade_unaudit_gesture"]=intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0  and (lawer_idcard  != '' and ((catalog = '0' and (certif_confirmed = '0' or (certif_confirmed = '1' && company_idcard !=''))) or (catalog = '1' and certif_confirmed = '0')));"));
    if($backdata["tdupgrade_unaudit_gesture"]<=0) $backdata["tdupgrade_unaudit_gesture"]=null;

    return $backdata;
}