package site.diteng.common.issue.forms;

import cn.cerc.db.core.DataSet;
import cn.cerc.db.core.Datetime;
import cn.cerc.db.core.Lang;
import cn.cerc.db.log.KnowallException;
import cn.cerc.db.mysql.MysqlQuery;
import cn.cerc.mis.core.IPage;
import cn.cerc.mis.excel.output.ExcelTemplate;
import cn.cerc.mis.excel.output.StringColumn;
import cn.cerc.mis.other.MemoryBuffer;
import cn.cerc.mis.security.MenuGroupEnum;
import cn.cerc.mis.security.Permission;
import cn.cerc.mis.security.SecurityStopException;
import cn.cerc.mis.security.Webform;
import cn.cerc.ui.fields.ButtonField;
import cn.cerc.ui.fields.TextAreaField;
import cn.cerc.ui.grid.UIDataStyle;
import cn.cerc.ui.grid.UIGridView;
import cn.cerc.ui.mvc.AbstractPage;
import jakarta.servlet.ServletOutputStream;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Stream;
import jxl.Workbook;
import jxl.write.WritableWorkbook;
import jxl.write.WriteException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import site.diteng.common.admin.config.AppDB;
import site.diteng.common.admin.config.StdCommon;
import site.diteng.common.admin.entity.HistoryLevel;
import site.diteng.common.admin.entity.HistoryType;
import site.diteng.common.admin.other.exception.WorkingException;
import site.diteng.common.admin.other.passport.Passport;
import site.diteng.common.admin.services.cache.BufferType;
import site.diteng.common.menus.config.AppMC;
import site.diteng.common.my.forms.ui.CustomForm;
import site.diteng.common.my.forms.ui.UICustomPage;
import site.diteng.common.my.forms.ui.parts.UIFormHorizontal;
import site.diteng.common.my.forms.ui.parts.UISheetHelp;
import site.diteng.common.my.forms.ui.parts.UISheetUrl;
import site.diteng.common.my.forms.ui.parts.UIToolbar;

@Webform(module = AppMC.f716, name = "MySQL数据查询", group = MenuGroupEnum.日常操作)
@Permission(Passport.base_default)
@Scope("prototype")
@Component
/* loaded from: input_file:site/diteng/common/issue/forms/FrmSelectSql.class */
public class FrmSelectSql extends CustomForm {
    private static final Logger log = LoggerFactory.getLogger(FrmSelectSql.class);
    private static final Set<String> banOpera = Set.of("update", "insert", "delete", "drop", "truncate", "create", "alter");
    private static final Set<String> blackListDB = Set.of("__recycle_bin__", "mysql", "sys", "information_schema", "performance_schema");
    private static final Set<String> blackListTable = Set.of(AppDB.accountverify, AppDB.currentuser, AppDB.s_account, "s_userinfo", "ourinfo", "cusinfo", "supinfo", AppDB.getBankInfo, AppDB.Table_Authorize_Token);

    public IPage execute() throws Exception {
        UICustomPage uICustomPage = new UICustomPage(this);
        if (!StdCommon.CUSTOMER_000000.equals(getCorpNo())) {
            return uICustomPage.setMessage(SecurityStopException.getAccessDisabled());
        }
        uICustomPage.addScriptCode(htmlWriter -> {
            htmlWriter.println("$('td,th').css('whiteSpace', 'nowrap');");
            htmlWriter.println("$('[role=\"search\"] textarea').closest('li').css('width', '100%');");
        });
        UIToolbar toolBar = uICustomPage.getToolBar(this);
        UISheetHelp uISheetHelp = new UISheetHelp(toolBar);
        uISheetHelp.addLine(Lang.as("1、禁止使用Sql语句对数据库进行更新操作"));
        uISheetHelp.addLine(Lang.as("2、查询的字段过多会导致页面卡顿，请查询自己需要的字段"));
        uISheetHelp.addLine(Lang.as("3、页面查询数据限制 %s 行"), 500);
        uISheetHelp.addLine(Lang.as("4、查询其他数据库需要在表前加上对应数据库"));
        UISheetUrl uISheetUrl = new UISheetUrl(toolBar);
        uISheetUrl.addUrl().setName(Lang.as("导出Excel (谨防泄露)")).setSite("FrmSelectSql.exportExcel");
        uISheetUrl.addUrl().setName(Lang.as("SQL查询日志")).setSite("TSchViewUserLogs").putParam("Type_", String.valueOf(HistoryType.f127.ordinal())).putParam("Level_", String.valueOf(HistoryLevel.Forever.ordinal()));
        uISheetUrl.addUrl().setName(Lang.as("结果导出日志")).setSite("TSchViewUserLogs").putParam("Type_", String.valueOf(HistoryType.f142.ordinal())).putParam("Level_", String.valueOf(HistoryLevel.Forever.ordinal()));
        MemoryBuffer memoryBuffer = new MemoryBuffer(BufferType.getUserForm, new String[]{getUserCode(), "FrmSelectSql"});
        try {
            UIFormHorizontal createSearch = uICustomPage.createSearch(memoryBuffer);
            new TextAreaField(createSearch, Lang.as("Sql语句"), "sql_").setRows(8).setCols(1000);
            new ButtonField(createSearch.getButtons(), Lang.as("查询"), "submit", "search");
            createSearch.readAll();
            if (!createSearch.current().hasValue("sql_")) {
                memoryBuffer.close();
                return uICustomPage;
            }
            String string = createSearch.current().getString("sql_");
            try {
                verifySql(string);
                try {
                    MysqlQuery mysqlQuery = new MysqlQuery(this);
                    mysqlQuery.add(string);
                    mysqlQuery.setMaximum(500);
                    mysqlQuery.openReadonly();
                    memoryBuffer.setValue("dataOut", mysqlQuery.json());
                    HistoryLevel.Forever.append(this, String.format(Lang.as("%s %s 执行了SQL 【%s】"), getUserCode(), getSession().getUserName(), string));
                    new UIGridView(uICustomPage.getContent()).setDataStyle(new UIDataStyle(true).setDataSet(mysqlQuery));
                    memoryBuffer.close();
                    return uICustomPage;
                } catch (Exception e) {
                    log.info(e.getMessage(), new KnowallException(e).add(new Object[]{string}));
                    AbstractPage message = uICustomPage.setMessage(Lang.as("sql执行错误：") + e.getMessage());
                    memoryBuffer.close();
                    return message;
                }
            } catch (Exception e2) {
                AbstractPage message2 = uICustomPage.setMessage(e2.getMessage());
                memoryBuffer.close();
                return message2;
            }
        } catch (Throwable th) {
            try {
                memoryBuffer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public IPage exportExcel() throws IOException, WriteException {
        MemoryBuffer memoryBuffer = new MemoryBuffer(BufferType.getUserForm, new String[]{getUserCode(), "FrmSelectSql"});
        try {
            DataSet json = new DataSet().setJson(memoryBuffer.getString("dataOut"));
            String str = new Datetime().format("yyyy年MM月dd日HH点mm分ss秒").toString() + String.format("_%s.xls", Lang.as("SQL执行结果导出"));
            String encode = URLEncoder.encode(str, "UTF-8");
            HttpServletResponse response = getResponse();
            response.setCharacterEncoding("UTF-8");
            response.setHeader("Content-Disposition", "attachment;filename=" + encode);
            response.setContentType("application/msexcel");
            ServletOutputStream outputStream = response.getOutputStream();
            ExcelTemplate excelTemplate = new ExcelTemplate();
            excelTemplate.setColumns(new ArrayList());
            excelTemplate.setFileName(str);
            excelTemplate.setDataSet(json);
            if (excelTemplate.getColumns().size() == 0) {
                for (String str2 : json.fields().names()) {
                    StringColumn stringColumn = new StringColumn();
                    stringColumn.setCode(str2);
                    stringColumn.setName(str2);
                    excelTemplate.addColumn(stringColumn);
                }
            }
            WritableWorkbook createWorkbook = Workbook.createWorkbook(outputStream);
            excelTemplate.output(createWorkbook.createSheet("Sheet1", 0));
            createWorkbook.write();
            createWorkbook.close();
            outputStream.close();
            HistoryLevel.Forever.append(this, HistoryType.f142, String.format(Lang.as("%s %s 对SQL进行了导出 【%s】 "), getUserCode(), getSession().getUserName(), memoryBuffer.getString("sql_")));
            memoryBuffer.close();
            return null;
        } catch (Throwable th) {
            try {
                memoryBuffer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static boolean verifySql(String str) throws WorkingException {
        String trim = str.toLowerCase().trim();
        Stream<String> stream = banOpera.stream();
        Objects.requireNonNull(trim);
        if (stream.anyMatch(trim::startsWith)) {
            throw new WorkingException(Lang.as("禁止对数据库进行更新"));
        }
        String[] split = trim.split("[ ]*join[ ]*");
        ArrayList<String> arrayList = new ArrayList();
        ArrayList<String> arrayList2 = new ArrayList();
        if (!trim.startsWith("explain") && split.length > 3) {
            throw new WorkingException(Lang.as("请减少join的次数 最多 join 2次"));
        }
        for (int i = 1; i < split.length; i++) {
            splitDbAndTable(arrayList, arrayList2, split[i].trim().split(" ")[0].toLowerCase());
        }
        if (!trim.contains("from")) {
            throw new WorkingException(Lang.as("SQL 中请必须带 from 关键字"));
        }
        splitDbAndTable(arrayList, arrayList2, trim.split("[ ]*from[ ]*")[1].trim().split(" ")[0].toLowerCase());
        for (String str2 : arrayList2) {
            if (blackListDB.contains(str2)) {
                throw new WorkingException(Lang.as("禁止查询 %s 库"), str2);
            }
        }
        for (String str3 : arrayList) {
            if (blackListTable.contains(str3)) {
                throw new WorkingException(Lang.as("禁止查询 %s 表"), str3);
            }
        }
        if (trim.contains("where")) {
            return true;
        }
        throw new WorkingException(Lang.as("请加上where条件进行查询"));
    }

    private static void splitDbAndTable(List<String> list, List<String> list2, String str) {
        if (!str.contains(".")) {
            list.add(str);
            return;
        }
        String[] split = str.split("\\.");
        list2.add(split[0]);
        list.add(split[1]);
    }

    public String _call(String str) throws Exception {
        return super.callDefault(str);
    }
}
