2023-11-16 08:57:29 +00:00
|
|
|
|
package logic
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"fusenapi/model/gmodel"
|
|
|
|
|
"fusenapi/utils/basic"
|
|
|
|
|
"fusenapi/utils/chinese_to_pinyin"
|
2023-11-17 02:07:05 +00:00
|
|
|
|
"fusenapi/utils/email"
|
2023-11-20 03:37:03 +00:00
|
|
|
|
"fusenapi/utils/encryption_decryption"
|
2023-11-21 07:07:44 +00:00
|
|
|
|
"gorm.io/gorm"
|
2023-11-21 10:10:30 +00:00
|
|
|
|
"net/http"
|
2023-11-16 08:57:29 +00:00
|
|
|
|
"strings"
|
2023-11-21 07:07:44 +00:00
|
|
|
|
"time"
|
2023-11-16 08:57:29 +00:00
|
|
|
|
|
|
|
|
|
"context"
|
|
|
|
|
|
|
|
|
|
"fusenapi/server/ldap-admin/internal/svc"
|
|
|
|
|
"fusenapi/server/ldap-admin/internal/types"
|
|
|
|
|
|
|
|
|
|
"github.com/zeromicro/go-zero/core/logx"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type CreateLdapUserLogic struct {
|
|
|
|
|
logx.Logger
|
|
|
|
|
ctx context.Context
|
|
|
|
|
svcCtx *svc.ServiceContext
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CreateLdapUserLogic {
|
|
|
|
|
return &CreateLdapUserLogic{
|
|
|
|
|
Logger: logx.WithContext(ctx),
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
svcCtx: svcCtx,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 处理进入前逻辑w,r
|
|
|
|
|
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
// }
|
|
|
|
|
|
2023-11-21 10:10:30 +00:00
|
|
|
|
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) {
|
2023-11-22 02:12:46 +00:00
|
|
|
|
|
|
|
|
|
if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) {
|
2023-11-21 10:10:30 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
|
|
|
|
}
|
2023-11-16 08:57:29 +00:00
|
|
|
|
req.UserName = strings.Trim(req.UserName, " ")
|
|
|
|
|
req.Mobile = strings.Trim(req.Mobile, " ")
|
|
|
|
|
req.Email = strings.Trim(req.Email, " ")
|
|
|
|
|
req.Password = strings.Trim(req.Password, " ")
|
2023-11-21 02:13:12 +00:00
|
|
|
|
if req.GroupId < 0 {
|
|
|
|
|
req.GroupId = 0
|
|
|
|
|
}
|
2023-11-16 08:57:29 +00:00
|
|
|
|
if req.UserName == "" {
|
2023-11-17 03:24:54 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户名不能为空")
|
2023-11-16 08:57:29 +00:00
|
|
|
|
}
|
|
|
|
|
if req.Password == "" {
|
2023-11-17 03:24:54 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,密码不能为空")
|
2023-11-16 08:57:29 +00:00
|
|
|
|
}
|
2023-11-17 02:07:05 +00:00
|
|
|
|
if !email.IsEmailValid(req.Email) {
|
2023-11-17 03:24:54 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确")
|
2023-11-16 09:18:18 +00:00
|
|
|
|
}
|
2023-11-16 08:57:29 +00:00
|
|
|
|
//把用户名转pinyin
|
|
|
|
|
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
|
2023-11-16 09:18:18 +00:00
|
|
|
|
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
|
2023-11-21 07:07:44 +00:00
|
|
|
|
//新增一条记录获取递增用户id
|
|
|
|
|
now := time.Now().UTC()
|
|
|
|
|
err := l.svcCtx.MysqlConn.Transaction(func(tx *gorm.DB) error {
|
|
|
|
|
userData := &gmodel.LdapUser{
|
|
|
|
|
UserDn: &userDN,
|
|
|
|
|
Ctime: &now,
|
|
|
|
|
Utime: &now,
|
|
|
|
|
}
|
|
|
|
|
if err := tx.WithContext(l.ctx).Model(&gmodel.LdapUser{}).Create(userData).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
pwd, err := encryption_decryption.CBCEncrypt(req.Password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-11-22 02:12:46 +00:00
|
|
|
|
return l.svcCtx.Ldap.Create(userDN, map[string][]string{
|
2023-11-21 07:07:44 +00:00
|
|
|
|
"objectClass": {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
|
|
|
|
|
"shadowLastChange": {"19676"}, //固有属性
|
|
|
|
|
"shadowMin": {"0"}, //固有属性
|
|
|
|
|
"shadowMax": {"99999"}, //固有属性
|
|
|
|
|
"shadowWarning": {"7"}, //固有属性
|
|
|
|
|
"loginShell": {"/usr/sbin/nologin"}, //固有属性
|
|
|
|
|
"homeDirectory": {"/home/users/" + userNamePinyin},
|
|
|
|
|
"employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, //员工类型:1正式 2实习 3外包
|
|
|
|
|
"uidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id
|
|
|
|
|
"gidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id
|
|
|
|
|
"uid": {userNamePinyin}, //用户名(拼音)
|
|
|
|
|
"cn": {req.Email}, //邮箱
|
|
|
|
|
"sn": {req.UserName}, //用户名
|
|
|
|
|
"mail": {req.Email}, //邮箱
|
|
|
|
|
"postalCode": {fmt.Sprintf("%d", req.Status)}, //状态
|
|
|
|
|
"departmentNumber": {fmt.Sprintf("%d", req.GroupId)}, //权限分组id
|
|
|
|
|
"postalAddress": {req.Avatar}, //头像
|
|
|
|
|
"mobile": {req.Mobile}, //手机号
|
|
|
|
|
"userPassword": {"{crypt}" + pwd}, //密码
|
|
|
|
|
})
|
|
|
|
|
})
|
2023-11-20 03:37:03 +00:00
|
|
|
|
if err != nil {
|
2023-11-17 08:02:35 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
|
2023-11-16 08:57:29 +00:00
|
|
|
|
}
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeOK, "添加用户成功")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
|
|
|
|
// func (l *CreateLdapUserLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
|
|
|
|
|
// // httpx.OkJsonCtx(r.Context(), w, resp)
|
|
|
|
|
// }
|