Merge branch 'develop' of gitee.com:fusenpack/fusenapi into develop
This commit is contained in:
momo
commit
65105982b2
|
|
@ -2,15 +2,11 @@ package logic
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"fusenapi/server/ldap-admin/internal/svc"
|
||||||
|
"fusenapi/server/ldap-admin/internal/types"
|
||||||
"fusenapi/utils/auth"
|
"fusenapi/utils/auth"
|
||||||
"fusenapi/utils/basic"
|
"fusenapi/utils/basic"
|
||||||
"fusenapi/utils/ldap_lib"
|
"fusenapi/utils/ldap_lib"
|
||||||
"github.com/go-ldap/ldap/v3"
|
|
||||||
"strconv"
|
|
||||||
"strings"
|
|
||||||
|
|
||||||
"fusenapi/server/ldap-admin/internal/svc"
|
|
||||||
"fusenapi/server/ldap-admin/internal/types"
|
|
||||||
|
|
||||||
"github.com/zeromicro/go-zero/core/logx"
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
)
|
)
|
||||||
|
|
@ -38,59 +34,20 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误")
|
||||||
}
|
}
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
|
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
|
||||||
res, err := ldapServer.Search(req.UserDN, ldap.ScopeWholeSubtree, "(&(objectClass=posixAccount)(objectClass=inetOrgPerson))", nil, nil)
|
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败:"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
||||||
}
|
}
|
||||||
if len(res.Entries) != 1 {
|
return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUserInfoRsp{
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询到不到用户信息")
|
UserId: user.UserId,
|
||||||
}
|
UserDN: user.UserDN,
|
||||||
apiRsp := types.GetLdapUserInfoRsp{
|
UserName: user.UserName,
|
||||||
UserId: 0,
|
Email: user.Email,
|
||||||
Status: 0,
|
Mobile: user.Mobile,
|
||||||
}
|
Avatar: user.Avatar,
|
||||||
for _, entry := range res.Entries {
|
Status: user.Status,
|
||||||
if entry.DN != req.UserDN {
|
})
|
||||||
continue
|
|
||||||
}
|
|
||||||
apiRsp.UserDN = entry.DN
|
|
||||||
for _, attr := range entry.Attributes {
|
|
||||||
switch attr.Name {
|
|
||||||
case "uidNumber": //用户id
|
|
||||||
if len(attr.Values) == 0 {
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id不存在")
|
|
||||||
}
|
|
||||||
apiRsp.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
|
||||||
if err != nil {
|
|
||||||
logx.Error(err)
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id转数字失败")
|
|
||||||
}
|
|
||||||
case "sn": //用户真名
|
|
||||||
apiRsp.UserName = strings.Join(attr.Values, "")
|
|
||||||
case "mail": //邮箱
|
|
||||||
apiRsp.Email = strings.Join(attr.Values, "")
|
|
||||||
case "mobile": //手机号
|
|
||||||
apiRsp.Mobile = strings.Join(attr.Values, "")
|
|
||||||
case "postalAddress": //头像
|
|
||||||
apiRsp.Avatar = strings.Join(attr.Values, "")
|
|
||||||
case "postalCode": //状态
|
|
||||||
if len(attr.Values) == 0 {
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态不存在")
|
|
||||||
}
|
|
||||||
apiRsp.Status, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
|
||||||
if err != nil {
|
|
||||||
logx.Error(err)
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态转数字失败")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
break
|
|
||||||
}
|
|
||||||
if apiRsp.UserId == 0 {
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询到的不是用户信息!!!")
|
|
||||||
}
|
|
||||||
return resp.SetStatusWithMessage(basic.CodeOK, "success", apiRsp)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
||||||
|
|
|
||||||
|
|
@ -43,25 +43,35 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri
|
||||||
if req.AuthGroupId < 0 {
|
if req.AuthGroupId < 0 {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户权限组id")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户权限组id")
|
||||||
}
|
}
|
||||||
if req.Password != "" {
|
|
||||||
//todo 验证下是不是本人
|
|
||||||
}
|
|
||||||
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
||||||
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
||||||
}
|
}
|
||||||
//把用户名转pinyin
|
//把用户名转pinyin
|
||||||
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
||||||
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
|
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
|
||||||
err := ldapServer.Update(req.UserDN, map[string][]string{
|
//更新的属性
|
||||||
|
attr := map[string][]string{
|
||||||
"homeDirectory": {"/home/users/" + userNamePinyin},
|
"homeDirectory": {"/home/users/" + userNamePinyin},
|
||||||
"departmentNumber": {fmt.Sprintf("%d", req.AuthGroupId)},
|
"departmentNumber": {fmt.Sprintf("%d", req.AuthGroupId)},
|
||||||
"sn": {req.UserName},
|
"sn": {req.UserName},
|
||||||
"uid": {userNamePinyin},
|
"uid": {userNamePinyin},
|
||||||
"mobile": {req.Mobile},
|
"mobile": {req.Mobile},
|
||||||
"userPassword": {req.Password},
|
|
||||||
"postalAddress": {req.Avatar},
|
"postalAddress": {req.Avatar},
|
||||||
"postalCode": {fmt.Sprintf("%d", req.Status)},
|
"postalCode": {fmt.Sprintf("%d", req.Status)},
|
||||||
})
|
}
|
||||||
|
if req.Password != "" {
|
||||||
|
//查询个人信息
|
||||||
|
/*user, err := ldapServer.GetLdapUserInfo(req.UserDN)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
||||||
|
}*/
|
||||||
|
//验证旧的密码
|
||||||
|
//加密新的密码
|
||||||
|
//赋值属性
|
||||||
|
attr["userPassword"] = []string{""}
|
||||||
|
}
|
||||||
|
err := ldapServer.Update(req.UserDN, attr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logx.Error(err)
|
logx.Error(err)
|
||||||
return resp.SetStatusWithMessage(basic.CodeServiceErr, "更新用户失败,"+err.Error())
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "更新用户失败,"+err.Error())
|
||||||
|
|
|
||||||
|
|
@ -143,10 +143,11 @@ type UpdateLdapUserReq struct {
|
||||||
UserDN string `json:"user_dn"` //用户dn
|
UserDN string `json:"user_dn"` //用户dn
|
||||||
UserName string `json:"user_name"` //用户名
|
UserName string `json:"user_name"` //用户名
|
||||||
Password string `json:"password,optional"` //密码
|
Password string `json:"password,optional"` //密码
|
||||||
|
OldPassword string `json:"old_password"` //旧的密码
|
||||||
Mobile string `json:"mobile,optional"` //手机号
|
Mobile string `json:"mobile,optional"` //手机号
|
||||||
Avatar string `json:"avatar,optional"` //头像地址
|
Avatar string `json:"avatar,optional"` //头像地址
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
AuthGroupId int64 `json:"authGroupId"` //权限分组id
|
AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id
|
||||||
}
|
}
|
||||||
|
|
||||||
type DeleteLdapUserReq struct {
|
type DeleteLdapUserReq struct {
|
||||||
|
|
|
||||||
|
|
@ -221,10 +221,11 @@ type UpdateLdapUserReq {
|
||||||
UserDN string `json:"user_dn"` //用户dn
|
UserDN string `json:"user_dn"` //用户dn
|
||||||
UserName string `json:"user_name"` //用户名
|
UserName string `json:"user_name"` //用户名
|
||||||
Password string `json:"password,optional"` //密码
|
Password string `json:"password,optional"` //密码
|
||||||
|
OldPassword string `json:"old_password"` //旧的密码
|
||||||
Mobile string `json:"mobile,optional"` //手机号
|
Mobile string `json:"mobile,optional"` //手机号
|
||||||
Avatar string `json:"avatar,optional"` //头像地址
|
Avatar string `json:"avatar,optional"` //头像地址
|
||||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
AuthGroupId int64 `json:"authGroupId"` //权限分组id
|
AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id
|
||||||
}
|
}
|
||||||
//删除ldap用户
|
//删除ldap用户
|
||||||
type DeleteLdapUserReq {
|
type DeleteLdapUserReq {
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ func (l *Ldap) Delete(DN string) error {
|
||||||
// 查询资源(分组/用户)
|
// 查询资源(分组/用户)
|
||||||
func (l *Ldap) Search(DN string, scope int, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) {
|
func (l *Ldap) Search(DN string, scope int, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) {
|
||||||
if DN == l.rootDN {
|
if DN == l.rootDN {
|
||||||
return nil, errors.New("你没有权限查询根用户")
|
return nil, errors.New("没有权限查询根用户")
|
||||||
}
|
}
|
||||||
if filter == "" {
|
if filter == "" {
|
||||||
rootCn := strings.Split(l.rootDN, ",")
|
rootCn := strings.Split(l.rootDN, ",")
|
||||||
|
|
|
||||||
73
utils/ldap_lib/ldap_user.go
Normal file
73
utils/ldap_lib/ldap_user.go
Normal file
|
|
@ -0,0 +1,73 @@
|
||||||
|
package ldap_lib
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"github.com/go-ldap/ldap/v3"
|
||||||
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
type GetLdapUserInfoRsp struct {
|
||||||
|
UserId int64 `json:"userId"`
|
||||||
|
UserDN string `json:"user_dn"`
|
||||||
|
UserName string `json:"user_name"` //用户名
|
||||||
|
Password string `json:"password"` //密码
|
||||||
|
Email string `json:"email"` //邮箱
|
||||||
|
Mobile string `json:"mobile"` //手机号
|
||||||
|
Avatar string `json:"avatar"` //头像地址
|
||||||
|
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||||
|
}
|
||||||
|
|
||||||
|
func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) {
|
||||||
|
res, err := l.Search(userDN, ldap.ScopeWholeSubtree, "(&(objectClass=posixAccount)(objectClass=inetOrgPerson))", nil, nil)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if len(res.Entries) != 1 {
|
||||||
|
return nil, errors.New("查询到不到用户信息")
|
||||||
|
}
|
||||||
|
user := &GetLdapUserInfoRsp{}
|
||||||
|
for _, entry := range res.Entries {
|
||||||
|
if entry.DN != userDN {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
user.UserDN = entry.DN
|
||||||
|
for _, attr := range entry.Attributes {
|
||||||
|
switch attr.Name {
|
||||||
|
case "uidNumber": //用户id
|
||||||
|
if len(attr.Values) == 0 {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
logx.Error(err)
|
||||||
|
return nil, errors.New("用户id转数字失败")
|
||||||
|
}
|
||||||
|
case "sn": //用户真名
|
||||||
|
user.UserName = strings.Join(attr.Values, "")
|
||||||
|
case "mail": //邮箱
|
||||||
|
user.Email = strings.Join(attr.Values, "")
|
||||||
|
case "mobile": //手机号
|
||||||
|
user.Mobile = strings.Join(attr.Values, "")
|
||||||
|
case "postalAddress": //头像
|
||||||
|
user.Avatar = strings.Join(attr.Values, "")
|
||||||
|
case "userPassword": //密码
|
||||||
|
user.Password = strings.Join(attr.Values, ",")
|
||||||
|
case "postalCode": //状态
|
||||||
|
if len(attr.Values) == 0 {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.New("用户状态转数字失败")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if user.UserId == 0 {
|
||||||
|
return nil, errors.New("查询到的不是用户信息!!!")
|
||||||
|
}
|
||||||
|
return user, nil
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user