This commit is contained in:
laodaming 2023-11-16 11:50:43 +08:00
parent 7860b94a55
commit 0ae230ddba
2 changed files with 18 additions and 5 deletions

View File

@ -45,7 +45,7 @@ func (l *GetDepartmentsLogic) GetDepartments(req *types.Request, userinfo *auth.
if len(rootCn) == 0 { if len(rootCn) == 0 {
return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置") return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置")
} }
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap) ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupOu)
filter := "(&(objectClass=*)(!(ou=" + l.svcCtx.Config.Ldap.PeopleGroupOu + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户 filter := "(&(objectClass=*)(!(ou=" + l.svcCtx.Config.Ldap.PeopleGroupOu + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户
searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, filter, nil, nil) searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, filter, nil, nil)
if err != nil { if err != nil {

View File

@ -2,16 +2,25 @@ package ldap_lib
import ( import (
"errors" "errors"
"strings"
"github.com/go-ldap/ldap/v3" "github.com/go-ldap/ldap/v3"
) )
type Ldap struct { type Ldap struct {
conn *ldap.Conn baseDN string
rootDN string
peopleGroupOu string
conn *ldap.Conn
} }
func NewLdap(conn *ldap.Conn) *Ldap { func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupOu string) *Ldap {
return &Ldap{conn} return &Ldap{
baseDN: baseDN,
rootDN: rootDN,
peopleGroupOu: peopleGroupOu,
conn: conn,
}
} }
// 更新资源(分组/用户) // 更新资源(分组/用户)
@ -41,7 +50,11 @@ func (l *Ldap) Delete(DN string) error {
// 查询资源(分组/用户) // 查询资源(分组/用户)
func (l *Ldap) Search(DN, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) { func (l *Ldap) Search(DN, filter string, attr []string, controls []ldap.Control) (resp *ldap.SearchResult, err error) {
if filter == "" { if filter == "" {
filter = "(objectClass=*)" //查询多个 与(&(objectClass=a)(objectClass=b)) 或 (|(objectClass=a)(objectClass=b)) rootCn := strings.Split(l.rootDN, ",")
if len(rootCn) == 0 {
return nil, errors.New("root用户DN未设置")
}
filter = "(&(objectClass=*)(!(" + rootCn[0] + ")))"
} }
searchRequest := ldap.NewSearchRequest( searchRequest := ldap.NewSearchRequest(
DN, DN,