fix

2023-11-17 11:10:38 +08:00 · 2023-11-17 11:10:38 +08:00 · 3f2c872463
commit 3f2c872463
parent a340da2359
4 changed files with 33 additions and 24 deletions
--- a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go
+++ b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go
@ -3,6 +3,7 @@ package logic
 import (
 	"fusenapi/utils/auth"
 	"fusenapi/utils/basic"
+	"fusenapi/utils/ldap_lib"
 	"strings"

 	"context"
@ -40,8 +41,13 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad
 	if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
 		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN")
 	}
-	//ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
-	return resp.SetStatus(basic.CodeOK)
+	ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
+	err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败，", err.Error())
+	}
+	return resp.SetStatusWithMessage(basic.CodeOK, "添加成功")
 }

 // 处理逻辑后 w,r 如:重定向, resp 必须重新处理
--- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go
+++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go
@ -52,8 +52,9 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use
 	if len(peopleDNSlice) <= 1 {
 		return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置")
 	}
-	filter := "(&(objectClass=*)(!(" + peopleDNSlice[0] + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户
-	searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, nil, nil)
+	filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))"
+	fields := []string{"businessCategory", "dn"}
+	searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil)
 	if err != nil {
 		return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error())
 	}
@ -64,18 +65,7 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use
 		sortNum++
 		attribute := make(map[string]interface{})
 		for _, attr := range v.Attributes {
-			switch attr.Name {
-			case "objectClass": //objectcalss属性特别处理
-				mapObjectClass := make(map[string]struct{})
-				for _, objectClassItem := range attr.Values {
-					mapObjectClass[objectClassItem] = struct{}{}
-				}
-				attribute[attr.Name] = mapObjectClass
-			case "member": //成员不用变
-				attribute[attr.Name] = attr.Values
-			default: //普通属性
-				attribute[attr.Name] = strings.Join(attr.Values, ",")
-			}
+			attribute[attr.Name] = strings.Join(attr.Values, ",")
 		}
 		mapDN[v.DN] = &DNItem{
 			DN:        v.DN,
--- a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go
+++ b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go
@ -3,6 +3,8 @@ package logic
 import (
 	"fusenapi/utils/auth"
 	"fusenapi/utils/basic"
+	"fusenapi/utils/ldap_lib"
+	"strings"

 	"context"

@ -31,10 +33,21 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi
 // }

 func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) {
-	// 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data)
-	// userinfo 传入值时, 一定不为null
-
-	return resp.SetStatus(basic.CodeOK)
+	req.OrganizationDN = strings.Trim(req.OrganizationDN, " ")
+	req.UserDN = strings.Trim(req.UserDN, " ")
+	if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" {
+		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的目标组织DN")
+	}
+	if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
+		return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN")
+	}
+	ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN)
+	err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN)
+	if err != nil {
+		logx.Error(err)
+		return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败，", err.Error())
+	}
+	return resp.SetStatusWithMessage(basic.CodeOK, "移除成员成功")
 }

 // 处理逻辑后 w,r 如:重定向, resp 必须重新处理
--- a/utils/ldap_lib/ldap_group.go
+++ b/utils/ldap_lib/ldap_group.go
@ -66,12 +66,12 @@ func (l *Ldap) Search(DN string, scope int, filter string, attr []string, contro
 }

 // AddUserToGroup 添加用户到组织
-func (l *Ldap) AddUserToOrganization(groupDN, userDN string) error {
+func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error {
 	//判断dn是否以ou开头
-	if groupDN[:3] == "ou=" {
+	/*if organizationDN[:3] == "ou=" {
 		return errors.New("不能添加用户到OU组织单元")
-	}
-	modify := ldap.NewModifyRequest(groupDN, nil)
+	}*/
+	modify := ldap.NewModifyRequest(organizationDN, nil)
 	modify.Add("uniqueMember", []string{userDN})
 	return l.conn.Modify(modify)
 }