fix
This commit is contained in:
laodaming
@@ -8,16 +8,18 @@ import (
|
||||
)
|
||||
|
||||
type Ldap struct {
|
||||
baseDN string
|
||||
rootDN string
|
||||
conn *ldap.Conn
|
||||
baseDN string
|
||||
rootDN string
|
||||
conn *ldap.Conn
|
||||
peopleGroupDN string
|
||||
}
|
||||
|
||||
func NewLdap(conn *ldap.Conn, baseDN, rootDN string) *Ldap {
|
||||
func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN string) *Ldap {
|
||||
return &Ldap{
|
||||
baseDN: baseDN,
|
||||
rootDN: rootDN,
|
||||
conn: conn,
|
||||
baseDN: baseDN,
|
||||
rootDN: rootDN,
|
||||
conn: conn,
|
||||
peopleGroupDN: peopleGroupDN,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -74,6 +76,34 @@ func (l *Ldap) Search(DN string, scope int, filter string, attr []string, contro
|
||||
return l.conn.Search(searchRequest)
|
||||
}
|
||||
|
||||
// 分页查询资源(分组/用户)
|
||||
func (l *Ldap) SearchWithPaging(DN string, scope int, filter string, attr []string, pageSize uint32, pagingCookie string) (resp *ldap.SearchResult, err error) {
|
||||
if DN == l.rootDN {
|
||||
return nil, errors.New("没有权限查询根用户")
|
||||
}
|
||||
if filter == "" {
|
||||
rootCn := strings.Split(l.rootDN, ",")
|
||||
if len(rootCn) == 0 {
|
||||
return nil, errors.New("root用户DN未设置")
|
||||
}
|
||||
filter = "(&(objectClass=*)(!(" + rootCn[0] + ")))"
|
||||
}
|
||||
searchRequest := ldap.NewSearchRequest(
|
||||
DN,
|
||||
scope, ldap.NeverDerefAliases, 0, 0, false,
|
||||
filter,
|
||||
attr,
|
||||
nil,
|
||||
)
|
||||
pagingCtl := ldap.NewControlPaging(pageSize)
|
||||
pagingCtl.SetCookie([]byte(pagingCookie))
|
||||
searchRequest.Controls = []ldap.Control{
|
||||
pagingCtl,
|
||||
}
|
||||
// 执行搜索请求
|
||||
return l.conn.Search(searchRequest)
|
||||
}
|
||||
|
||||
// AddUserToGroup 添加用户到组织
|
||||
func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error {
|
||||
modify := ldap.NewModifyRequest(organizationDN, nil)
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package ldap_lib
|
||||
|
||||
import (
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
"github.com/zeromicro/go-zero/core/logx"
|
||||
@@ -8,7 +9,7 @@ import (
|
||||
"strings"
|
||||
)
|
||||
|
||||
type GetLdapUserInfoRsp struct {
|
||||
type LdapUserInfo struct {
|
||||
UserId int64 `json:"userId"`
|
||||
UserDN string `json:"user_dn"`
|
||||
UserName string `json:"user_name"` //用户名
|
||||
@@ -20,7 +21,8 @@ type GetLdapUserInfoRsp struct {
|
||||
Status int64 `json:"status,options=0|1"` //状态 1正常0离职
|
||||
}
|
||||
|
||||
func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) {
|
||||
// 获取用户详情
|
||||
func (l *Ldap) GetLdapUserInfo(userDN string) (*LdapUserInfo, error) {
|
||||
res, err := l.Search(userDN, ldap.ScopeWholeSubtree, "(&(objectClass=posixAccount)(objectClass=inetOrgPerson))", nil, nil)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -28,7 +30,7 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) {
|
||||
if len(res.Entries) != 1 {
|
||||
return nil, errors.New("查询到不到用户信息")
|
||||
}
|
||||
user := &GetLdapUserInfoRsp{}
|
||||
user := &LdapUserInfo{}
|
||||
for _, entry := range res.Entries {
|
||||
if entry.DN != userDN {
|
||||
continue
|
||||
@@ -80,3 +82,71 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) {
|
||||
}
|
||||
return user, nil
|
||||
}
|
||||
|
||||
// 获取基础组用户列表
|
||||
func (l *Ldap) GetLdapBaseTeamUserList(pageSize uint32, pageCookie string) ([]LdapUserInfo, string, error) {
|
||||
pageCookieBytes, err := hex.DecodeString(pageCookie)
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
result, err := l.SearchWithPaging(l.peopleGroupDN, ldap.ScopeWholeSubtree, "(objectClass=person)", nil, pageSize, string(pageCookieBytes))
|
||||
if err != nil {
|
||||
return nil, "", err
|
||||
}
|
||||
list := make([]LdapUserInfo, 0, pageSize)
|
||||
for _, entry := range result.Entries {
|
||||
user := LdapUserInfo{
|
||||
UserDN: entry.DN,
|
||||
}
|
||||
for _, attr := range entry.Attributes {
|
||||
switch attr.Name {
|
||||
case "uidNumber": //用户id
|
||||
if len(attr.Values) == 0 {
|
||||
continue
|
||||
}
|
||||
user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
||||
if err != nil {
|
||||
logx.Error(err)
|
||||
return nil, "", errors.New("用户id转数字失败")
|
||||
}
|
||||
case "sn": //用户真名
|
||||
user.UserName = strings.Join(attr.Values, "")
|
||||
case "mail": //邮箱
|
||||
user.Email = strings.Join(attr.Values, "")
|
||||
case "mobile": //手机号
|
||||
user.Mobile = strings.Join(attr.Values, "")
|
||||
case "postalAddress": //头像
|
||||
user.Avatar = strings.Join(attr.Values, "")
|
||||
case "userPassword": //密码
|
||||
user.Password = strings.Join(attr.Values, ",")
|
||||
case "employeeType": //员工类型
|
||||
if len(attr.Values) == 0 {
|
||||
continue
|
||||
}
|
||||
user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
||||
if err != nil {
|
||||
return nil, "", errors.New("用户类型转数字失败")
|
||||
}
|
||||
case "postalCode": //状态
|
||||
if len(attr.Values) == 0 {
|
||||
continue
|
||||
}
|
||||
user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64)
|
||||
if err != nil {
|
||||
return nil, "", errors.New("用户状态转数字失败")
|
||||
}
|
||||
}
|
||||
}
|
||||
list = append(list, user)
|
||||
}
|
||||
rspCookie := ""
|
||||
// 检查是否还有更多条目需要获取
|
||||
controls := result.Controls
|
||||
if len(controls) > 0 {
|
||||
cookieControl := controls[0]
|
||||
if control, ok := cookieControl.(*ldap.ControlPaging); ok {
|
||||
rspCookie = hex.EncodeToString(control.Cookie)
|
||||
}
|
||||
}
|
||||
return list, rspCookie, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user