fix

2023-11-16 11:33:26 +08:00 · 2023-11-16 11:33:26 +08:00 · d4c7aad3ab
commit d4c7aad3ab
parent d362c1d496
2 changed files with 13 additions and 8 deletions
--- a/server/ldap-admin/internal/config/config.go
+++ b/server/ldap-admin/internal/config/config.go
@ -17,5 +17,6 @@ type Config struct {
 		Password      string
 		BaseDN        string
 		RootDN        string
 		PeopleGroupOu string
 	}
 }
--- a/server/ldap-admin/internal/logic/getdepartmentslogic.go
+++ b/server/ldap-admin/internal/logic/getdepartmentslogic.go
@ -42,10 +42,14 @@ type DNItem struct {
 func (l *GetDepartmentsLogic) GetDepartments(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) {
 	//从ldap获取组织架构数据
 	rootCn := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
 	if len(rootCn) == 0 {
 		return resp.SetStatusWithMessage(basic.CodeServiceErr, "root dn is not set")
 	}
 	searchRequest := ldap.NewSearchRequest(
 		l.svcCtx.Config.Ldap.BaseDN, //这里后续需要修改，不同的人只能查询他的下属列表
 		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
-		"(objectClass=*)", //所有object
+		"(&(objectClass=*)(!(ou="+l.svcCtx.Config.Ldap.PeopleGroupOu+"))(!("+rootCn[0]+")))", //所有object但是不包括people以及root用户
 		nil,
 		nil,
 	)
@ -59,9 +63,9 @@ func (l *GetDepartmentsLogic) GetDepartments(req *types.Request, userinfo *auth.
 	//每个DN存入map
 	for _, v := range searchResult.Entries {
 		//如果是root用户则跳过
-		if v.DN == l.svcCtx.Config.Ldap.RootDN {
+		/*if v.DN == l.svcCtx.Config.Ldap.RootDN {
 			continue
-		}
+		}*/
 		sortNum++
 		attribute := make(map[string]interface{})
 		for _, attr := range v.Attributes {