fusen/fusenapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
laodaming 2023-11-17 11:10:38 +08:00
parent a340da2359
commit 3f2c872463
4 changed files with 33 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go
View File

@ -3,6 +3,7 @@ package logic
import ( import (
"fusenapi/utils/auth" "fusenapi/utils/auth"
"fusenapi/utils/basic" "fusenapi/utils/basic"
"fusenapi/utils/ldap_lib"
"strings" "strings"
"context" "context"
@ -40,8 +41,13 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN")
} }
//ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
return resp.SetStatus(basic.CodeOK) err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN)
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败,", err.Error())
}
return resp.SetStatusWithMessage(basic.CodeOK, "添加成功")
} }
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理 // 处理逻辑后 w,r 如:重定向, resp 必须重新处理

18
server/ldap-admin/internal/logic/getldaporganizationslogic.go
View File

@ -52,8 +52,9 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use
if len(peopleDNSlice) <= 1 { if len(peopleDNSlice) <= 1 {
return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置") return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
} }
filter := "(&(objectClass=*)(!(" + peopleDNSlice[0] + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户 filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))"
searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, nil, nil) fields := []string{"businessCategory", "dn"}
searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
if err != nil { if err != nil {
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error()) return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
} }
@ -64,18 +65,7 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use
sortNum++ sortNum++
attribute := make(map[string]interface{}) attribute := make(map[string]interface{})
for _, attr := range v.Attributes { for _, attr := range v.Attributes {
switch attr.Name { attribute[attr.Name] = strings.Join(attr.Values, ",")
case "objectClass": //objectcalss属性特别处理
mapObjectClass := make(map[string]struct{})
for _, objectClassItem := range attr.Values {
mapObjectClass[objectClassItem] = struct{}{}
}
attribute[attr.Name] = mapObjectClass
case "member": //成员不用变
attribute[attr.Name] = attr.Values
default: //普通属性
attribute[attr.Name] = strings.Join(attr.Values, ",")
}
} }
mapDN[v.DN] = &DNItem{ mapDN[v.DN] = &DNItem{
DN: v.DN, DN: v.DN,

21
server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go
View File

@ -3,6 +3,8 @@ package logic
import ( import (
"fusenapi/utils/auth" "fusenapi/utils/auth"
"fusenapi/utils/basic" "fusenapi/utils/basic"
"fusenapi/utils/ldap_lib"
"strings"
"context" "context"
@ -31,10 +33,21 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi
// } // }
func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) { func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data) req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
// userinfo 传入值时, 一定不为null req.UserDN = strings.Trim(req.UserDN, " ")
if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
return resp.SetStatus(basic.CodeOK) return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的目标组织DN")
}
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN")
}
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN)
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败,", err.Error())
}
return resp.SetStatusWithMessage(basic.CodeOK, "移除成员成功")
} }
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理 // 处理逻辑后 w,r 如:重定向, resp 必须重新处理

8
utils/ldap_lib/ldap_group.go
View File

@ -66,12 +66,12 @@ func (l *Ldap) Search(DN string, scope int, filter string, attr []string, contro
} }
// AddUserToGroup 添加用户到组织 // AddUserToGroup 添加用户到组织
func (l *Ldap) AddUserToOrganization(groupDN, userDN string) error { func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error {
//判断dn是否以ou开头 //判断dn是否以ou开头
if groupDN[:3] == "ou=" { /*if organizationDN[:3] == "ou=" {
return errors.New("不能添加用户到OU组织单元") return errors.New("不能添加用户到OU组织单元")
} }*/
modify := ldap.NewModifyRequest(groupDN, nil) modify := ldap.NewModifyRequest(organizationDN, nil)
modify.Add("uniqueMember", []string{userDN}) modify.Add("uniqueMember", []string{userDN})
return l.conn.Modify(modify) return l.conn.Modify(modify)
} }