From dfbc125e69bd876117bb6fbdcb38a2bc8905034e Mon Sep 17 00:00:00 2001
From: laodaming <11058467+laudamine@user.noreply.gitee.com>
Date: Mon, 27 Nov 2023 18:34:58 +0800
Subject: [PATCH] fix

---
 .../logic/getldaporganizationslogic.go        | 52 +++++--------------
 .../internal/logic/getldapuserinfologic.go    | 28 ++++------
 utils/ldap_lib/ldap_group.go                  | 45 +++++++++++++++-
 3 files changed, 65 insertions(+), 60 deletions(-)

diff --git a/server/ldap-admin/internal/logic/getldaporganizationslogic.go b/server/ldap-admin/internal/logic/getldaporganizationslogic.go
index 2fc516b7..a3c15f4b 100644
--- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go
+++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go
@@ -46,62 +46,34 @@ type DNItem struct {
 }
 
 func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r *http.Request) (resp *basic.Response) {
-
 	if !l.svcCtx.Ldap.VerifyAuthority(r) {
 		return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限，请联系管理员开通")
 	}
-	//从ldap获取组织架构数据
-	rootCn := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",")
-	if len(rootCn) == 0 {
-		return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置")
-	}
-	peopleDNSlice := strings.Split(l.svcCtx.Config.Ldap.PeopleGroupDN, ",")
-	if len(peopleDNSlice) <= 1 {
-		return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
-	}
-	filter := "(&(objectClass=groupOfUniqueNames)(objectClass=top))"
-	fields := []string{"businessCategory", "owner", "dn", "uniqueMember"}
-	searchResult, err := l.svcCtx.Ldap.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
+	//查询部门信息
+	organizations, err := l.svcCtx.Ldap.GetOrganizationList(ldap.ScopeWholeSubtree, nil, nil, nil)
 	if err != nil {
-		return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户所属部门以及负责部门列表失败")
 	}
 	mapDN := make(map[string]*DNItem)
 	sortNum := 0
 	ownerFilterBuilder := strings.Builder{}
 	//每个DN存入map
-	ownerDN := ""
-	for _, v := range searchResult.Entries {
+	for _, organization := range organizations {
 		sortNum++
-		memberCount := 0     //成员数
-		departmentName := "" //部门名称
-		for _, attr := range v.Attributes {
-			switch attr.Name {
-			case "uniqueMember":
-				memberCount = len(attr.Values)
-			case "owner":
-				if len(attr.Values) == 0 {
-					continue
-				}
-				ownerDN = attr.Values[0]
-				//解析用户DN，只需要提取cn
-				userCn := strings.Split(attr.Values[0], ",")[0]
-				ownerFilterBuilder.WriteString(fmt.Sprintf("(%s)", userCn))
-			case "businessCategory":
-				departmentName = strings.Join(attr.Values, ",")
-			}
-		}
-		dnSlice := strings.ReplaceAll(v.DN, ","+l.svcCtx.Config.Ldap.BaseDN, "") //把最顶级的组织去掉
+		ownerFilterBuilder.WriteString(fmt.Sprintf("(%s)", organization.Owner))
+		dnSlice := strings.ReplaceAll(organization.DN, ","+l.svcCtx.Config.Ldap.BaseDN, "") //把最顶级的组织去掉
 		level := len(strings.Split(dnSlice, ","))
 		data := &DNItem{
-			OrganizationDN:   v.DN,
-			OrganizationName: departmentName,
+			OrganizationDN:   organization.DN,
+			OrganizationName: organization.Name,
 			Level:            level,
-			MemberCount:      memberCount,
-			OwnerDN:          ownerDN,
+			MemberCount:      len(organization.Members),
+			OwnerDN:          organization.Owner,
 			Sort:             sortNum,
 			Child:            make([]*DNItem, 0, 100),
 		}
-		mapDN[v.DN] = data
+		mapDN[organization.DN] = data
 	}
 	ownerFilters := ownerFilterBuilder.String()
 	if ownerFilters != "" {
diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go
index ca798618..ce048fa9 100644
--- a/server/ldap-admin/internal/logic/getldapuserinfologic.go
+++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go
@@ -2,7 +2,6 @@ package logic
 
 import (
 	"context"
-	"fmt"
 	"fusenapi/server/ldap-admin/internal/svc"
 	"fusenapi/server/ldap-admin/internal/types"
 	"fusenapi/utils/basic"
@@ -50,33 +49,24 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, r
 		return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
 	}
 	//属于哪些部门
-	filterBuilder := strings.Builder{}
+	organizationDNs := make([]string, 0, 20)
 	for _, v := range user.OrganizationDNList {
-		//提取 ou
-		filterBuilder.WriteString(fmt.Sprintf("(%s)", strings.Split(v, ",")[0]))
+		organizationDNs = append(organizationDNs, v)
 	}
 	for _, v := range user.ManageOrganizationDNList {
-		//提取 ou
-		filterBuilder.WriteString(fmt.Sprintf("(%s)", strings.Split(v, ",")[0]))
+		organizationDNs = append(organizationDNs, v)
 	}
 	//存储map
 	mapOrganization := make(map[string]string)
-	if filterBuilder.Len() > 0 {
+	if len(organizationDNs) > 0 {
 		//查询部门信息
-		filter := "(&(objectClass=groupOfUniqueNames)(objectClass=top)(|" + filterBuilder.String() + "))"
-		fields := []string{"businessCategory", "dn"}
-		organizationsResult, err := l.svcCtx.Ldap.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
+		organizations, err := l.svcCtx.Ldap.GetOrganizationList(ldap.ScopeWholeSubtree, organizationDNs, nil, nil)
 		if err != nil {
-			return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
+			logx.Error(err)
+			return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户所属部门以及负责部门列表失败")
 		}
-		for _, entry := range organizationsResult.Entries {
-			for _, attr := range entry.Attributes {
-				switch attr.Name {
-				case "businessCategory":
-					mapOrganization[entry.DN] = strings.Join(attr.Values, ",")
-					break //结束这层小循环
-				}
-			}
+		for _, v := range organizations {
+			mapOrganization[v.DN] = v.Name
 		}
 	}
 	belongOrganizationList := make([]string, 0, len(user.OrganizationDNList))
diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go
index ba249c99..4d728b06 100644
--- a/utils/ldap_lib/ldap_group.go
+++ b/utils/ldap_lib/ldap_group.go
@@ -2,6 +2,7 @@ package ldap_lib
 
 import (
 	"errors"
+	"fmt"
 	"strings"
 
 	"github.com/go-ldap/ldap/v3"
@@ -109,7 +110,49 @@ func (l *Ldap) SearchWithPaging(DN string, scope int, filter string, attr []stri
 	return l.conn.Search(searchRequest)
 }
 
-//*********************************************************************************************
+// *********************************************************************************************
+// 查询组织列表
+type OrganizationInfo struct {
+	Name    string   `json:"name"`
+	DN      string   `json:"dn"`
+	Owner   string   `json:"owner"`
+	Members []string `json:"members"`
+}
+
+func (l *Ldap) GetOrganizationList(scope int, organizationDNs []string, fields []string, control []ldap.Control) ([]OrganizationInfo, error) {
+	filterBuilder := strings.Builder{}
+	for _, dn := range organizationDNs {
+		//提取 ou
+		filterBuilder.WriteString(fmt.Sprintf("(%s)", strings.Split(dn, ",")[0]))
+	}
+	filter := "(&(objectClass=groupOfUniqueNames)(objectClass=top))"
+	if filterBuilder.Len() > 0 {
+		filter = "(&(objectClass=groupOfUniqueNames)(objectClass=top)(|" + filterBuilder.String() + "))"
+	}
+	organizationsResult, err := l.Search(l.baseDN, scope, filter, fields, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	list := make([]OrganizationInfo, 0, len(organizationsResult.Entries))
+	for _, entry := range organizationsResult.Entries {
+		data := OrganizationInfo{
+			DN: entry.DN,
+		}
+		for _, attr := range entry.Attributes {
+			switch attr.Name {
+			case "businessCategory": //名称
+				data.Name = strings.Join(attr.Values, ",")
+			case "owner": //负责人
+				data.Owner = strings.Join(attr.Values, ",")
+			case "uniqueMember": //成员
+				data.Members = attr.Values
+			}
+		}
+		list = append(list, data)
+	}
+	return list, nil
+}
 
 // AddUserToGroup 添加用户到组织
 func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error {