diff --git a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go index fd293f89..dca7b025 100644 --- a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go @@ -3,6 +3,7 @@ package logic import ( "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/email" "fusenapi/utils/ldap_lib" "strings" @@ -41,6 +42,10 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") } + cnEmail := strings.Split(req.UserDN, ",")[0][3:] + if !email.IsEmailValid(cnEmail) { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") + } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN) if err != nil { diff --git a/server/ldap-admin/internal/logic/createldaporganizationlogic.go b/server/ldap-admin/internal/logic/createldaporganizationlogic.go index 6c8850e9..1ccb2624 100644 --- a/server/ldap-admin/internal/logic/createldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/createldaporganizationlogic.go @@ -36,7 +36,7 @@ func NewCreateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) { req.OrganizationEnName = strings.Trim(req.OrganizationEnName, " ") req.ParentOrganizationDN = strings.Trim(req.ParentOrganizationDN, " ") - req.OrganizationName = strings.Trim(req.OrganizationName, " ") + req.BusinessCategory = strings.Trim(req.BusinessCategory, " ") if len(strings.Split(req.OrganizationEnName, ",")) != 1 { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织英文名不符合规范") } @@ -47,17 +47,17 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd if req.ParentOrganizationDN == "" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,父级DN不能为空") } - if req.OrganizationName == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织中文名不能为空") + if req.BusinessCategory == "" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织分类名不能为空") } //组装organization dn organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) err := ldapServer.Create(organizationDN, map[string][]string{ "objectClass": {"top", "groupOfUniqueNames"}, - "cn": {req.OrganizationName}, + "cn": {req.OrganizationEnName}, "ou": {req.OrganizationEnName}, - "businessCategory": {req.OrganizationName}, + "businessCategory": {req.BusinessCategory}, "uniqueMember": {l.svcCtx.Config.Ldap.RootDN}, //创建groupOfUniqueNames对象类型需要至少一个member,把root加进去 }) if err != nil { diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index ce952bc4..cf31476b 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -74,6 +74,7 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri "shadowWarning": {"7"}, //固有属性 "loginShell": {"/usr/sbin/nologin"}, //固有属性 "homeDirectory": {"/home/users/" + userNamePinyin}, + "employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, //1正式 2实习 3外包 "uidNumber": {fmt.Sprintf("%d", userData.Id)}, "gidNumber": {fmt.Sprintf("%d", userData.Id)}, "uid": {userNamePinyin}, diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index cfd67261..c4ff0824 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -46,13 +46,14 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error()) } return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUserInfoRsp{ - UserId: user.UserId, - UserDN: user.UserDN, - UserName: user.UserName, - Email: user.Email, - Mobile: user.Mobile, - Avatar: user.Avatar, - Status: user.Status, + UserId: user.UserId, + UserDN: user.UserDN, + UserName: user.UserName, + Email: user.Email, + Mobile: user.Mobile, + Avatar: user.Avatar, + Status: user.Status, + EmployeeTpye: user.EmployeeType, }) } diff --git a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go index dee25ad8..4d1bac6b 100644 --- a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go @@ -3,6 +3,7 @@ package logic import ( "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/email" "fusenapi/utils/ldap_lib" "strings" @@ -41,6 +42,10 @@ func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *ty if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") } + cnEmail := strings.Split(req.UserDN, ",")[0][3:] + if !email.IsEmailValid(cnEmail) { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") + } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN) if err != nil { diff --git a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go index 48c8c43a..44cd16ff 100644 --- a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go @@ -42,7 +42,6 @@ func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLd } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) if err := ldapServer.Update(req.OrganizationDN, map[string][]string{ - "cn": {req.BusinessCategory}, "businessCategory": {req.BusinessCategory}, }); err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/updateldapuserlogic.go b/server/ldap-admin/internal/logic/updateldapuserlogic.go index 3644c393..6a7a2d14 100644 --- a/server/ldap-admin/internal/logic/updateldapuserlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go @@ -62,6 +62,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri "mobile": {req.Mobile}, "postalAddress": {req.Avatar}, "postalCode": {fmt.Sprintf("%d", req.Status)}, + "employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, } err := ldapServer.Update(req.UserDN, attr) if err != nil { diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 08fb2651..f2db0587 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -117,7 +117,7 @@ type MenuItem struct { type CreateLdapOrganizationReq struct { OrganizationEnName string `json:"organization_en_name"` //组织英文名 - OrganizationName string `json:"organization_name"` //组织中文名称 + BusinessCategory string `json:"business_category"` //组织类别 ParentOrganizationDN string `json:"parent_organization_dn"` //父级dn } @@ -131,21 +131,23 @@ type UpdateLdapOrganizationReq struct { } type CreateLdapUserReq struct { - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Password string `json:"password"` //密码 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Password string `json:"password"` //密码 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } type UpdateLdapUserReq struct { - UserDN string `json:"user_dn"` //用户dn - UserName string `json:"user_name"` //用户名 - Mobile string `json:"mobile,optional"` //手机号 - Avatar string `json:"avatar,optional"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 - AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id + UserDN string `json:"user_dn"` //用户dn + UserName string `json:"user_name"` //用户名 + Mobile string `json:"mobile,optional"` //手机号 + Avatar string `json:"avatar,optional"` //头像地址 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id } type UpdateLdapUserPwdReq struct { @@ -163,13 +165,14 @@ type GetLdapUserInfoReq struct { } type GetLdapUserInfoRsp struct { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } type AddLdapOrganizationMemberReq struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index e4e5c80b..b756c86f 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -62,7 +62,7 @@ service ldap-admin { //修改ldap组织 @handler UpdateLdapOrganizationHandler post /api/ldap-admin/update_ldap_organization(UpdateLdapOrganizationReq) returns (response); - //添加ldap用户到员工基本组中 + //添加ldap用户帐号 @handler CreateLdapUserHandler post /api/ldap-admin/create_ldap_user(CreateLdapUserReq) returns (response); //修改ldap用户信息 @@ -198,7 +198,7 @@ type MenuItem { //增加ldap组织 type CreateLdapOrganizationReq { OrganizationEnName string `json:"organization_en_name"` //组织英文名 - OrganizationName string `json:"organization_name"` //组织中文名称 + BusinessCategory string `json:"business_category"` //组织类别 ParentOrganizationDN string `json:"parent_organization_dn"` //父级dn } //删除ldap组织 @@ -210,23 +210,25 @@ type UpdateLdapOrganizationReq { OrganizationDN string `json:"organization_dn"` //组织dn BusinessCategory string `json:"business_category"` //组织分类名称 } -//添加ldap用户到员工基本组中 +//添加ldap用户帐号 type CreateLdapUserReq { - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Password string `json:"password"` //密码 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Password string `json:"password"` //密码 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } //修改ldap用户信息 type UpdateLdapUserReq { - UserDN string `json:"user_dn"` //用户dn - UserName string `json:"user_name"` //用户名 - Mobile string `json:"mobile,optional"` //手机号 - Avatar string `json:"avatar,optional"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 - AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id + UserDN string `json:"user_dn"` //用户dn + UserName string `json:"user_name"` //用户名 + Mobile string `json:"mobile,optional"` //手机号 + Avatar string `json:"avatar,optional"` //头像地址 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id } //修改用户密码 type UpdateLdapUserPwdReq { @@ -243,13 +245,14 @@ type GetLdapUserInfoReq { UserDN string `form:"user_dn"` //用户dn } type GetLdapUserInfoRsp { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } //ldap组织添加成员 type AddLdapOrganizationMemberReq { diff --git a/utils/ldap_lib/ldap_user.go b/utils/ldap_lib/ldap_user.go index f8bba87d..20df8aab 100644 --- a/utils/ldap_lib/ldap_user.go +++ b/utils/ldap_lib/ldap_user.go @@ -9,14 +9,15 @@ import ( ) type GetLdapUserInfoRsp struct { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Password string `json:"password"` //密码 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Password string `json:"password"` //密码 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` //1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) { @@ -54,6 +55,14 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) { user.Avatar = strings.Join(attr.Values, "") case "userPassword": //密码 user.Password = strings.Join(attr.Values, ",") + case "employeeType": //员工类型 + if len(attr.Values) == 0 { + continue + } + user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, errors.New("用户类型转数字失败") + } case "postalCode": //状态 if len(attr.Values) == 0 { continue