From 1a6386f7dfe6e060402511352097f14b43c69101 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Thu, 16 Nov 2023 18:29:45 +0800 Subject: [PATCH] fix --- .../internal/logic/getldaporginationslogic.go | 3 +- .../internal/logic/getldapuserinfologic.go | 73 +++++++++++++++++-- server/ldap-admin/internal/types/types.go | 12 ++- server_api/ldap-admin.api | 11 ++- utils/ldap_lib/ldap_group.go | 4 +- 5 files changed, 92 insertions(+), 11 deletions(-) diff --git a/server/ldap-admin/internal/logic/getldaporginationslogic.go b/server/ldap-admin/internal/logic/getldaporginationslogic.go index 3a2d3707..38cf3349 100644 --- a/server/ldap-admin/internal/logic/getldaporginationslogic.go +++ b/server/ldap-admin/internal/logic/getldaporginationslogic.go @@ -4,6 +4,7 @@ import ( "fusenapi/utils/auth" "fusenapi/utils/basic" "fusenapi/utils/ldap_lib" + "github.com/go-ldap/ldap/v3" "sort" "strings" @@ -52,7 +53,7 @@ func (l *GetLdapOrginationsLogic) GetLdapOrginations(req *types.Request, userinf return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置") } filter := "(&(objectClass=*)(!(" + peopleDNSlice[0] + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户 - searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, filter, nil, nil) + searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, nil, nil) if err != nil { return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error()) } diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index c6fb366a..b3e7af1b 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -1,10 +1,13 @@ package logic import ( + "context" "fusenapi/utils/auth" "fusenapi/utils/basic" - - "context" + "fusenapi/utils/ldap_lib" + "github.com/go-ldap/ldap/v3" + "strconv" + "strings" "fusenapi/server/ldap-admin/internal/svc" "fusenapi/server/ldap-admin/internal/types" @@ -31,10 +34,68 @@ func NewGetLdapUserInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *G // } func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, userinfo *auth.UserInfo) (resp *basic.Response) { - // 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data) - // userinfo 传入值时, 一定不为null - - return resp.SetStatus(basic.CodeOK) + if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "用户DN错误") + } + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + res, err := ldapServer.Search(req.UserDN, ldap.ScopeWholeSubtree, "", nil, nil) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败:"+err.Error()) + } + isUser := false + apiRsp := types.GetLdapUserInfoRsp{ + UserId: 0, + UserDN: "", + UserName: "", + Email: "", + Mobile: "", + Avatar: "", + Status: 0, + } + for _, entry := range res.Entries { + apiRsp.UserDN = entry.DN + for _, attr := range entry.Attributes { + switch attr.Name { + case "objectClass": //objectcalss属性特别处理 + for _, objectClassVal := range attr.Values { + if objectClassVal == "inetOrgPerson" { + isUser = true + } + } + if !isUser { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询到的不是用户信息") + } + case "uidNumber": //用户id + if len(attr.Values) == 0 { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id不存在") + } + apiRsp.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id转数字失败") + } + case "sn": //用户真名 + apiRsp.UserName = strings.Join(attr.Values, "") + case "mail": //邮箱 + apiRsp.Email = strings.Join(attr.Values, "") + case "mobile": //手机号 + apiRsp.Mobile = strings.Join(attr.Values, "") + case "postalAddress": //头像 + apiRsp.Avatar = strings.Join(attr.Values, "") + case "postalCode": //状态 + if len(attr.Values) == 0 { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态不存在") + } + apiRsp.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态转数字失败") + } + } + } + } + return resp.SetStatusWithMessage(basic.CodeOK, "success", apiRsp) } // 处理逻辑后 w,r 如:重定向, resp 必须重新处理 diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 7310bd74..431f6ece 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -111,7 +111,17 @@ type DeleteLdapUserReq struct { } type GetLdapUserInfoReq struct { - UserDN string `json:"user_dn"` //用户dn + UserDN string `form:"user_dn"` //用户dn +} + +type GetLdapUserInfoRsp struct { + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } type Request struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index 6261a2ab..621bfce9 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -160,5 +160,14 @@ type DeleteLdapUserReq { } //获取ldap用户信息 type GetLdapUserInfoReq { - UserDN string `json:"user_dn"` //用户dn + UserDN string `form:"user_dn"` //用户dn +} +type GetLdapUserInfoRsp { + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } \ No newline at end of file diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go index db2bac28..f7290759 100644 --- a/utils/ldap_lib/ldap_group.go +++ b/utils/ldap_lib/ldap_group.go @@ -46,7 +46,7 @@ func (l *Ldap) Delete(DN string) error { } // 查询资源(分组/用户) -func (l *Ldap) Search(DN, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) { +func (l *Ldap) Search(DN string, scope int, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) { if filter == "" { rootCn := strings.Split(l.rootDN, ",") if len(rootCn) == 0 { @@ -56,7 +56,7 @@ func (l *Ldap) Search(DN, filter string, attr []string, controls []ldap.Control) } searchRequest := ldap.NewSearchRequest( DN, - ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, + scope, ldap.NeverDerefAliases, 0, 0, false, filter, attr, controls,