fix
This commit is contained in:
laodaming
@@ -1,10 +1,10 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -33,7 +33,11 @@ func NewAddLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.ServiceC
|
||||
// func (l *AddLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.AddLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.AddLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||
@@ -46,7 +50,6 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad
|
||||
if !email.IsEmailValid(cnEmail) {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN)
|
||||
if err != nil {
|
||||
logx.Error(err)
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/chinese_to_pinyin"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -33,7 +33,11 @@ func NewCreateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||
// func (l *CreateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationEnName = strings.Trim(req.OrganizationEnName, " ")
|
||||
req.ParentOrganizationDN = strings.Trim(req.ParentOrganizationDN, " ")
|
||||
req.BusinessCategory = strings.Trim(req.BusinessCategory, " ")
|
||||
@@ -52,7 +56,6 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd
|
||||
}
|
||||
//组装organization dn
|
||||
organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
err := ldapServer.Create(organizationDN, map[string][]string{
|
||||
"objectClass": {"top", "groupOfUniqueNames"},
|
||||
"cn": {req.OrganizationEnName},
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
|
||||
"context"
|
||||
|
||||
@@ -31,8 +31,11 @@ func NewCreateLdapUserBaseGroupLogic(ctx context.Context, svcCtx *svc.ServiceCon
|
||||
// func (l *CreateLdapUserBaseGroupLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
err := ldapServer.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{
|
||||
"objectClass": {"top", "organizationalUnit"},
|
||||
"ou": {"FusenTeam"},
|
||||
|
||||
@@ -3,13 +3,13 @@ package logic
|
||||
import (
|
||||
"fmt"
|
||||
"fusenapi/model/gmodel"
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/chinese_to_pinyin"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/encryption_decryption"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"gorm.io/gorm"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
@@ -39,7 +39,11 @@ func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Cr
|
||||
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.UserName = strings.Trim(req.UserName, " ")
|
||||
req.Mobile = strings.Trim(req.Mobile, " ")
|
||||
req.Email = strings.Trim(req.Email, " ")
|
||||
@@ -56,7 +60,6 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri
|
||||
if !email.IsEmailValid(req.Email) {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
//把用户名转pinyin
|
||||
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
||||
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -32,12 +32,15 @@ func NewDeleteLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||
// func (l *DeleteLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if err := ldapServer.Delete(req.OrganizationDN); err != nil {
|
||||
logx.Error(err)
|
||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "删除ldap组织失败,"+err.Error())
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -32,12 +32,15 @@ func NewDeleteLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *De
|
||||
// func (l *DeleteLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
err := ldapServer.Update(req.UserDN, map[string][]string{
|
||||
"postalCode": {"0"},
|
||||
})
|
||||
|
||||
@@ -2,10 +2,10 @@ package logic
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -34,13 +34,16 @@ func NewGetLdapOrganizationMembersLogic(ctx context.Context, svcCtx *svc.Service
|
||||
// func (l *GetLdapOrganizationMembersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||
}
|
||||
//先获取组织成员
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
//获取跟用户dn筛选排除该用户
|
||||
rootDNSlice := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
||||
if len(rootDNSlice) == 0 {
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
"net/http"
|
||||
"sort"
|
||||
"strings"
|
||||
|
||||
@@ -42,13 +42,16 @@ type DNItem struct {
|
||||
Child []*DNItem `json:"child"`
|
||||
}
|
||||
|
||||
func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
//从ldap获取组织架构数据
|
||||
rootCn := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
|
||||
if len(rootCn) == 0 {
|
||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
peopleDNSlice := strings.Split(l.svcCtx.Config.Ldap.PeopleGroupDN, ",")
|
||||
if len(peopleDNSlice) <= 1 {
|
||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
|
||||
|
||||
@@ -4,10 +4,10 @@ import (
|
||||
"context"
|
||||
"fusenapi/server/ldap-admin/internal/svc"
|
||||
"fusenapi/server/ldap-admin/internal/types"
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"github.com/zeromicro/go-zero/core/logx"
|
||||
@@ -31,7 +31,11 @@ func NewGetLdapUserInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *G
|
||||
// func (l *GetLdapUserInfoLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误")
|
||||
}
|
||||
@@ -39,7 +43,6 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us
|
||||
if !email.IsEmailValid(cnEmail) {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
||||
if err != nil {
|
||||
logx.Error(err)
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -32,9 +32,12 @@ func NewGetLdapUsersLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetL
|
||||
// func (l *GetLdapUsersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
req.PageCookie = strings.Trim(req.PageCookie, " ")
|
||||
func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.PageCookie = strings.Trim(req.PageCookie, " ")
|
||||
pageSize := uint32(20)
|
||||
list, cookie, err := ldapServer.GetLdapBaseTeamUserList(pageSize, req.PageCookie)
|
||||
if err != nil {
|
||||
|
||||
@@ -2,7 +2,6 @@ package logic
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/encryption_decryption"
|
||||
@@ -35,7 +34,7 @@ func NewLdapUserLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Lda
|
||||
// func (l *LdapUserLoginLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq) (resp *basic.Response) {
|
||||
req.Email = strings.Trim(req.Email, " ")
|
||||
req.Password = strings.Trim(req.Password, " ")
|
||||
if !email.IsEmailValid(req.Email) {
|
||||
@@ -66,7 +65,7 @@ func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq, userinfo
|
||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "密码错误!")
|
||||
}
|
||||
//生成token
|
||||
token, err := ldapServer.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, ldapUserInfo.Password)
|
||||
token, err := ldapServer.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, l.svcCtx.Config.Auth.AccessSecret)
|
||||
if err != nil {
|
||||
logx.Error(err)
|
||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "生成登录凭证失败")
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -33,7 +33,11 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi
|
||||
// func (l *RemoveLdapOrganizationMemberLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||
@@ -46,7 +50,6 @@ func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *ty
|
||||
if !email.IsEmailValid(cnEmail) {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN)
|
||||
if err != nil {
|
||||
logx.Error(err)
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -32,7 +32,11 @@ func NewUpdateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont
|
||||
// func (l *UpdateLdapOrganizationLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
|
||||
if req.OrganizationDN == "" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织DN不能为空")
|
||||
@@ -40,7 +44,6 @@ func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLd
|
||||
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if err := ldapServer.Update(req.OrganizationDN, map[string][]string{
|
||||
"businessCategory": {req.BusinessCategory},
|
||||
}); err != nil {
|
||||
|
||||
@@ -3,11 +3,11 @@ package logic
|
||||
import (
|
||||
"fmt"
|
||||
"fusenapi/model/gmodel"
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/chinese_to_pinyin"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
@@ -37,7 +37,11 @@ func NewUpdateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Up
|
||||
// func (l *UpdateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||
req.Mobile = strings.Trim(req.Mobile, " ")
|
||||
req.Avatar = strings.Trim(req.Avatar, " ")
|
||||
@@ -54,7 +58,6 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri
|
||||
}
|
||||
//把用户名转pinyin
|
||||
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
now := time.Now()
|
||||
//更新的属性
|
||||
attr := map[string][]string{
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
package logic
|
||||
|
||||
import (
|
||||
"fusenapi/utils/auth"
|
||||
"fusenapi/utils/basic"
|
||||
"fusenapi/utils/email"
|
||||
"fusenapi/utils/encryption_decryption"
|
||||
"fusenapi/utils/ldap_lib"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
"context"
|
||||
@@ -34,7 +34,11 @@ func NewUpdateLdapUserPwdLogic(ctx context.Context, svcCtx *svc.ServiceContext)
|
||||
// func (l *UpdateLdapUserPwdLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
||||
// }
|
||||
|
||||
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, userinfo *auth.UserInfo) (resp *basic.Response) {
|
||||
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, r *http.Request) (resp *basic.Response) {
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
if !ldapServer.VerifyAuthority(r.Header.Get("Ldap-Authorization"), l.svcCtx.Config.Auth.AccessSecret) {
|
||||
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
||||
}
|
||||
req.UserDN = strings.Trim(req.UserDN, " ")
|
||||
req.NewPassword = strings.Trim(req.NewPassword, " ")
|
||||
req.OldPassword = strings.Trim(req.OldPassword, " ")
|
||||
@@ -48,7 +52,6 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR
|
||||
if !email.IsEmailValid(cnEmail) {
|
||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
||||
}
|
||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
||||
//查询个人信息
|
||||
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user