package neu.integration.ctic.action;

import java.io.UnsupportedEncodingException;
import java.lang.reflect.Array;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javassist.compiler.ast.Keyword;

import javax.annotation.Resource;

import org.apache.struts2.convention.annotation.Action;
import org.apache.struts2.convention.annotation.ParentPackage;
import org.apache.struts2.convention.annotation.Result;
import org.apache.struts2.convention.annotation.Results;
import org.hibernate.metamodel.domain.Superclass;
import org.omg.PortableInterceptor.SUCCESSFUL;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;

import com.opensymphony.xwork2.ActionSupport;

import net.sf.json.JSONObject;
import neu.integration.base.action.BaseListAction;
import neu.integration.ctic.vo.Cnvd;

/**
 * 类名称：CticVulnerabilityAction 类描述：漏洞信息Action
 * 
 * @author Bro.Yi
 *
 */
@SuppressWarnings("serial")
@ParentPackage("json-default")
@Results({ @Result(name = BaseListAction.SUCCESS, type = "json"),
		@Result(name = BaseListAction.ERROR, type = "json") })
public class CticVulnerabilityAction extends BaseListAction {
	@Resource(name = "cnvdService")
	private CnvdService cnvdService;
	private List<Cnvd> cnvdList;
	private Map<String, Object> result = new HashMap<String, Object>();
	private List<Map<String, Object>> cnvdList_selected = new ArrayList<Map<String, Object>>();

	private Integer typeId;
	private String keyWord;
	private int startYear;
	private int endYear;
	
	public Map<String, Object> getResult() {
		return result;
	}



	public void setResult(Map<String, Object> result) {
		this.result = result;
	}



	public Integer getTypeId() {
		return typeId;
	}



	public void setTypeId(Integer typeId) {
		this.typeId = typeId;
	}



	public String getKeyWord() {
		return keyWord;
	}



	public void setKeyWord(String keyWord) {
		this.keyWord = keyWord;
	}



	// private String[] typeNameList = { "Application-Program-Vulnerability",
	// "Web-Application-Vulnerability", "Operating-System-Vulnerability",
	// "Telecommunication-Industry-Vulnerability",
	// "Mobile-Internet-Vulnerability", "Network-Equipment-Vulnerability",
	// "Database-Vulnerability", "Safety-Product-Vulnerability",
	// "Industrial-Control-System-Vulnerability", "Unknown-Vulnerability" };
	private String[] typeNameList = { "WEB应用漏洞", "安全产品漏洞", "工控系统漏洞", "应用程序漏洞",
			"操作系统漏洞", "数据库漏洞", "电信行业漏洞", "移动互联网行业漏洞", "网络设备漏洞", "未知漏洞" };
	private String sqlWord = "title, release_time, damage_grade, attack_route, attack_complexity, authentication, confidentiality, integrity, usability, vulnerability_score, impact_product, cve_id, finder, type";



	@SuppressWarnings("unchecked")
	@Action(value = "searchKeyWord", results = {
			@Result(name = SUCCESS, type = "json", params = { "root", "result" }),
			@Result(name = ERROR, location = "/index.jsp") })
	public String searchKeyWordList() {

		List<?> cnvdList_array;
		// 如果关键字为空，则输出15条所选类别漏洞。
		if (keyWord == null) {
			if (typeId != null && typeId.intValue() > 0
					&& typeId.intValue() < 10) {
				cnvdList_array = cnvdService.findNativeSqlQuery("select "
						+ sqlWord + " from cnvd where type=\'"
						+ typeNameList[typeId - 1] + "\'");
			} else {
				// 输入有误，转入错误页面。
				return ERROR;
			}
		} else {
			// 如果关键字不为空，且选择了类别，则输出当前类别下符合关键字的查询。
			if (typeId != null && typeId.intValue() > 0
					&& typeId.intValue() < 10) {
				cnvdList_array = cnvdService.findNativeSqlQuery("select "
						+ sqlWord + " from cnvd where type=\'"
						+ typeNameList[typeId - 1] + "\' and title like \'%"
						+ keyWord + "%\'");
			} else {
				// 如果关键字不为空，且未选类别，则输出所有符合关键字的查询。
				cnvdList_array = cnvdService.findNativeSqlQuery("select "
						+ sqlWord + " from cnvd where title like \'%" + keyWord
						+ "%\'");
			}
		}
		Integer count = cnvdList_array.size();
		String countString = String.valueOf(count);
		if (super.getPage() == 0) {
			super.setPage(1);
		}
		if (super.getRows() == 0) {
			super.setRows(15);
		}
		int subBegin = (super.getPage() - 1) * super.getRows();
		if (subBegin >= count) {
			subBegin = count - 1;
		}
		int subEnd = subBegin + super.getRows();
		if (subEnd > count) {
			subEnd = count;
		}
		if (count == 0) {

			result.put("total", count);
			result.put("rows", cnvdList_array);
			System.out.println("result null!");
			return SUCCESS;
		}
		result.put("total", count);
		cnvdList_array = cnvdList_array.subList(subBegin, subEnd);
		// 处理sql查询后的各字段转json工作。
		List<Map<String, Object>> cnvdList_selected = new ArrayList<Map<String, Object>>();
		for (int i = 0; i < cnvdList_array.size(); i++) {
			Object[] obj = (Object[]) cnvdList_array.get(i);
			Map<String, Object> result_tmp = new HashMap<String, Object>();
			result_tmp.put("title", obj[0]);
			result_tmp.put("releaseTime", obj[1]);
			result_tmp.put("damageGrade", obj[2]);
			result_tmp.put("attackRoute", obj[3]);
			result_tmp.put("attackComplexity", obj[4]);
			result_tmp.put("authentication", obj[5]);
			result_tmp.put("confidentiality", obj[6]);
			result_tmp.put("integrity", obj[7]);
			result_tmp.put("usability", obj[8]);
			result_tmp.put("vulnerabilityScore", obj[9]);
			result_tmp.put("impactProduct", obj[10]);
			result_tmp.put("cveId", obj[11]);
			result_tmp.put("finder", obj[12]);
			result_tmp.put("type", obj[13]);
			cnvdList_selected.add(result_tmp);
		}
		result.put("rows", cnvdList_selected);
		return SUCCESS;
	}

	
}