<?php

namespace frontend\controllers;

use Yii;
use frontend\models\Admin;
use frontend\models\Role;
use frontend\models\AdminRole;

class AdminController extends BaseController
{

    /**
     * 在N秒内登录失败锁定
     */
    public $loginFailureWithinTime = 1800;

    /**
     * 登录N次后锁定
     * @var int
     */
    public $loginFailureLockCount = 5;

    /**
     * 登录若干次后锁定N秒
     * @var int
     */
    public $loginFailureLockTime = 1800;

    /**
     * 管理员列表
     */
    public function actionList()
    {
        $post = Yii::$app->request->post();
        $searchBy = isset($post['searchBy']) ? trim($post['searchBy']) : '';
        $keyword = isset($post['keyword']) ? trim($post['keyword']) : '';
        $pageSize = isset($post['pageSize']) && intval($post['pageSize']) > 0 ? intval($post['pageSize']) : 20;
        $pageNumber = isset($post['pageNumber']) ? $post['pageNumber'] : 1;
        $orderBy = isset($post['orderBy']) ? $post['orderBy'] : '';
        $order = isset($post['order']) ? $post['order'] : '';
        
        $where = ['and'];
        if ($keyword) {
            if ($searchBy == 'username') {
                $where[] = ['like', 'username', $keyword];    
            } elseif ($searchBy == 'email') {
                $where[] = ['like', 'email', $keyword];
            }
        }
        
        $query = Admin::find()->where($where);
        $offset = $pageSize * ($pageNumber - 1);
        $query->offset($offset)->limit($pageSize);
        $totalCount = $query->count();
        $pageCount = ceil($totalCount / $pageSize);

        $data = [
            'totalCount' => $totalCount,
            'pageCount' => $pageCount,
            'dataList' => [],
        ];
        if ($totalCount) {
            // 排序
            $allowOrderColumn = ['username', 'email', 'login_date', 'login_ip'];
            if (in_array($order, $allowOrderColumn) && in_array($orderBy, ['asc', 'desc'])) {
                if ($orderBy == 'asc') {
                    $orderCondition = [$order => SORT_ASC];
                } else {
                    $orderCondition = [$order => SORT_DESC];
                }
            } else {
                $orderCondition = ['id' => SORT_DESC];
            }
            
            $dataList = $query->orderBy($orderCondition)->asArray()->all();
            foreach ($dataList as $k => $v) {
                $status = '';
                if ($v['is_account_enabled'] && !$v['is_account_locked'] && !$v['is_account_expired'] && !$v['is_credentials_expired']) {
                    $status = '正常';
                } elseif (!$v['is_account_enabled']) {
                    $status = '未启用';
                } elseif ($v['is_account_locked']) {
                    $status = '已锁定';
                } elseif ($v['is_account_expired']) {
                    $status = '已过期';
                } elseif ($v['is_credentials_expired']) {
                    $status = '凭证过期';
                }
                $dataList[$k]['status'] = $status;
            }
            $data['dataList'] = $dataList;
            return $this->outJson(1, $data);
        } else {
            return $this->outJson(1, $data, '没有数据');
        }
    }
    
    /**
     * 添加管理员
     */
    public function actionAdd()
    {
        $post = Yii::$app->request->post();
        $attributes['Admin']['username'] = isset($post['username']) ? $post['username'] : '';
        $attributes['Admin']['password'] = isset($post['password']) ? $post['password'] : '';
        $attributes['Admin']['email'] = isset($post['email']) ? $post['email'] : '';
        $attributes['Admin']['is_account_enabled'] = !empty($post['is_account_enabled']) ? true : false;
        $attributes['Admin']['department'] = isset($post['department']) ? $post['department'] : '';
        $attributes['Admin']['name'] = isset($post['name']) ? $post['name'] : '';
        $attributes['Admin']['description'] = isset($post['description']) ? $post['description'] : '';

        $code = 0;
        
        // 校验数据
        $admin = Admin::find()->where(['username' => $attributes['Admin']['username']])->limit(1)->asArray()->one();
        if ($admin) {
            return $this->outJson($code);
        }
        if (empty($post['role_id']) || !is_numeric($post['role_id'])) {
            return $this->outJson($code);
        }
        $role = Role::find()->where(['id' => $post['role_id']])->limit(1)->asArray()->one();
        if (!$role) {
            return $this->outJson($code);
        }
        
        
        $model = new Admin();
        $model->load($attributes);
        if ($model->validate()) {
            $datetime = date('Y-m-d H:i:s');
            $model->create_date = $datetime;
            $model->modify_date = $datetime;
            $model->password = Admin::hash($model->password);
            $result = $model->save();
            if ($result) {
                $adminRoleModel = new AdminRole();
                $adminRoleModel->admin_set_id = $model->id;
                $adminRoleModel->role_set_id = $role['id'];
                $adminRoleModel->save();
                
                $code = 1;
            }
        }

        return $this->outJson($code);
    }

    /**
     * 检查用户名
     */
    public function actionCheckUsername()
    {
        $username = trim(Yii::$app->request->post('username'));
        $count = Admin::find()->where(['username' => $username])->count();
        $code = $count ? 1 : 0;
        return $this->outJson($code);
    }
    
    /**
     * 某个管理员
     */
    public function actionGetAdminById()
    {
        $id = (int) Yii::$app->request->post('id');
        if (!$id) {
            return $this->outJson(0, [], '参数错误');
        }
        $admin = Admin::find()->where(['id' => $id])->limit(1)->asArray()->one();
        if (!$admin) {
            return $this->outJson(0, [], '没有该管理员');
        }
        $adminRole = AdminRole::find()->where(['admin_set_id' => $id])->limit(1)->asArray()->one();
        $admin['role_id'] = $adminRole ? $adminRole['role_set_id'] : 0;
        return $this->outJson(1, $admin);
    }

    /**
     * 编辑管理员
     */
    public function actionEdit()
    {
        $post = Yii::$app->request->post();
        $attributes['Admin']['id'] = isset($post['id']) ? $post['id'] : '';
        $attributes['Admin']['username'] = isset($post['username']) ? $post['username'] : '';
        $attributes['Admin']['password'] = isset($post['password']) ? $post['password'] : '';
        $attributes['Admin']['email'] = isset($post['email']) ? $post['email'] : '';
        $attributes['Admin']['is_account_enabled'] = !empty($post['is_account_enabled']) ? true : false;
        $attributes['Admin']['department'] = isset($post['department']) ? $post['department'] : '';
        $attributes['Admin']['name'] = isset($post['name']) ? $post['name'] : '';
        $attributes['Admin']['description'] = isset($post['description']) ? $post['description'] : '';

        $code = 0;

        // 校验管理员
        $model = Admin::find()->where(['id' => $attributes['Admin']['id']])->limit(1)->one();
        if (!$model) {
            return $this->outJson($code);
        }
        
        // 检查角色
        if (empty($post['role_id']) || !is_numeric($post['role_id'])) {
            return $this->outJson($code);
        }
        $role = Role::find()->where(['id' => $post['role_id']])->limit(1)->asArray()->one();
        if (!$role) {
            return $this->outJson($code);
        }

        if (!empty($attributes['Admin']['password'])) {
            $attributes['Admin']['password'] = Admin::hash($attributes['Admin']['password']);
        } else {
            $attributes['Admin']['password'] = $model->password;
        }
        
        $model->load($attributes);
        if ($model->validate()) {
            $datetime = date('Y-m-d H:i:s');
            $model->modify_date = $datetime;
            $result = $model->save();
            if ($result) {
                $adminRoleModel = AdminRole::find()->where(['admin_set_id' => $model->id])->limit(1)->one();
                if (!$adminRoleModel) {
                    $adminRoleModel = new AdminRole();
                }
                $adminRoleModel->admin_set_id = $model->id;
                $adminRoleModel->role_set_id = $role['id'];
                $adminRoleModel->save();

                $code = 1;
            }
        }

        return $this->outJson($code);
    }
    
    /**
     * 登录
     */
    public function actionLogin()
    {
        $username = trim(Yii::$app->request->post('username'));
        $password = trim(Yii::$app->request->post('password'));
        $login_ip = trim(Yii::$app->request->post('login_ip'));

        $query = Admin::find()->where(['username' => $username])->limit(1);
        $model = $query->one();
        
        if (!$model) {
            return $this->outJson(0, [], '您的用户名或密码错误');
        }
        
        // 同一个ip在半个小时内密码错误5次以上则锁定半个小时，所以要判断login_ip login_date login_failure_count三个字段的值
        $login_time = strtotime($model->login_date); // $model->login_date可能会为null，所以要先判断一下
        if (Yii::$app->params['admin_login_lock'] && $login_ip == $model->login_ip &&  $login_time && time() - $login_time < $this->loginFailureWithinTime && $model->login_failure_count >= $this->loginFailureLockCount) {
            $model->is_account_locked = true;
            $model->save();
        } elseif ($model->is_account_locked) {
            // 解锁并清零
            $model->is_account_locked = false;
            $model->login_failure_count = 0;
            $model->save();
        }
        
        if (!$model->is_account_enabled) {
            return $this->outJson(0, [], '您的账号已被禁用,无法登录!');
        } elseif ($model->is_account_expired) {
            return $this->outJson(0, [], '您的账号已过期,无法登录!');
        } elseif ($model->is_account_locked) {
            return $this->outJson(0, [], '您的账号已被锁定,无法登录!');
        } elseif ($model->is_credentials_expired) {
            return $this->outJson(0, [], '您的账号凭证已过期,无法登录!');
        }

        if (Admin::hash($password) != $model->password) {
            $model->login_failure_count = intval($model->login_failure_count) + 1;
            $model->login_date = date('Y-m-d H:i:s');
            $model->login_ip = $login_ip;
            $model->save();
            
            return $this->outJson(0, [], '您的用户名或密码错误!');
        }

        $model->login_failure_count = 0;
        $model->login_date = date('Y-m-d H:i:s');
        $model->login_ip = $login_ip;
        $model->save();
        
        return $this->outJson(1, $model->toArray());
    }
    
    /**
     * 修改密码
     */
    public function actionUpdatePassword()
    {
        $id = (int) Yii::$app->request->post('id');
        $currentPassword = trim(Yii::$app->request->post('currentPassword')); // 当前密码
        $newPassword = trim(Yii::$app->request->post('newPassword')); // 新密码
        
        if (strlen($newPassword) < 6 || strlen($newPassword) > 20) {
            return $this->outJson(0, [], '新密码必须大于6位并小于20位');
        }
        
        $query = Admin::find()->where(['id' => $id])->limit(1);
        $model = $query->one();

        if (!$model) {
            return $this->outJson(0, [], '没有该用户');
        }

        // 校验用户输入的原密码是否正确
        if (Admin::hash($currentPassword) != $model->password) {
            return $this->outJson(0, [], '原密码错误');
        }

        // 加密后保存
        $model->password = Admin::hash($newPassword);
        $model->modify_date = date('Y-m-d H:i:s');
        $model->save();
        
        return $this->outJson(1, $model->toArray());
    }
    
    /**
     * 获取通用信息
     * @return array
     */
    public function actionGetCommonInfo()
    {
        $db_version = Yii::$app->db->getDriverName() . ' ' . Yii::$app->db->createCommand('SELECT VERSION()')->queryScalar();
        $data = [
            'db_version' => $db_version,
        ];
        return $this->outJson(1, $data);
    }
    
}