package cn.hxex.exam.struts;

import java.io.IOException;
import java.util.Set;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.RequestProcessor;

import cn.hxex.exam.cache.Cache;
import cn.hxex.exam.cache.CacheFactory;
import cn.hxex.exam.config.ConfigConstants;
import cn.hxex.exam.config.ExamConfigUtil;
import cn.hxex.exam.exception.ExamSystemException;
import cn.hxex.exam.model.Action;
import cn.hxex.exam.model.Function;
import cn.hxex.exam.model.Role;
import cn.hxex.exam.model.User;
import cn.hxex.exam.util.HxexStringUtils;

public class HxexRequestProcessor extends RequestProcessor
{
	protected final Log log = LogFactory.getLog(HxexRequestProcessor.class);

	/**
	 * 用戶認證方法
	 */
	@Override
	protected boolean processRoles(HttpServletRequest request,
			HttpServletResponse response, ActionMapping mapping)
			throws IOException, ServletException
	{
		// 得到映射的路徑
		String path = mapping.getPath();
		// 得到用戶所要調(diào)用的Action方法的名字
		String method = request.getParameter(mapping.getParameter());
		if (HxexStringUtils.isEmpty(method))
		{
			method = StrutsConstants.DEFAULT_METHOD;
		}

		// 取得不需要校驗權(quán)限的Action方法
		String[] roles = mapping.getRoleNames();
		if (roles != null && roles.length > 0)
		{
			// 進行方法的判斷
			for (String role : roles)
			{
				if (method.equals(role))
				{
					request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG,
							true);
					return true;
				}
			}
		}

		// 得到Session對象和用戶對象
		HttpSession session = request.getSession();
		User u = (User) session.getAttribute(StrutsConstants.SESSION_USER);

		// 如果用于對象不存在，那么說明用戶沒有登錄
		if (u == null)
		{
			// 用戶沒有執(zhí)行的權(quán)限，跳轉(zhuǎn)到錯誤頁面
			processLocale( request, response );
			RequestDispatcher rd = 
				request.getRequestDispatcher( "/errors/noauthority.jsp" );
			rd.forward( request, response );
			return false;
		}

		// 判斷用戶是否為超級用戶
		String superusers = ExamConfigUtil
				.getSysConfigValue(ConfigConstants.SUPER_USER);
		String[] users = HxexStringUtils.splitString(superusers,
				ConfigConstants.USER_DELIM);
		if (HxexStringUtils.contains(users, u.getName()))
		{
			request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG, true);
			return true;
		}

		// 得到用戶的角色信息
		Cache cache = CacheFactory.getCache();
		Role role = (Role) cache.get(u.getUserType());
		if (role == null)
		{
			throw new ExamSystemException("Couldn't find the role!");
		}

		// 進行用戶執(zhí)行功能的判斷
		Set<Function> functions = role.getFunctions();
		for (Function function : functions)
		{
			Set<Action> actions = function.getActions();
			for (Action action : actions)
			{
				if (path.equals(action.getPath())
						&& method.equals(action.getParameter()))
				{
					request.setAttribute(StrutsConstants.REQUEST_CHECK_FLAG,
							true);
					return true;
				}
			}
		}

		// 用戶沒有執(zhí)行的權(quán)限，跳轉(zhuǎn)到錯誤頁面
		processLocale( request, response );
		RequestDispatcher rd = 
			request.getRequestDispatcher( "/errors/noauthority.jsp" );
		rd.forward( request, response );
		return false;
	}
	
	@Override
	protected void processLocale( HttpServletRequest request, HttpServletResponse response )
	{
		super.processLocale( request, response );
        try
        {
                request.setCharacterEncoding( "utf-8" );
        }
        catch( Exception ex )
        {
        }
	}
}