diff --git a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go index 5af22f51..3c59479e 100644 --- a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go @@ -3,7 +3,6 @@ package logic import ( "fusenapi/utils/basic" "fusenapi/utils/email" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -34,8 +33,8 @@ func NewAddLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.ServiceC // } func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.AddLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") @@ -50,7 +49,7 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN) + err := l.svcCtx.Ldap.AddUserToOrganization(req.OrganizationDN, req.UserDN) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败,"+err.Error()) diff --git a/server/ldap-admin/internal/logic/createldaporganizationlogic.go b/server/ldap-admin/internal/logic/createldaporganizationlogic.go index 516ec163..cd72b116 100644 --- a/server/ldap-admin/internal/logic/createldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/createldaporganizationlogic.go @@ -3,7 +3,6 @@ package logic import ( "fusenapi/utils/basic" "fusenapi/utils/chinese_to_pinyin" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -34,8 +33,8 @@ func NewCreateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont // } func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLdapOrganizationReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationEnName = strings.Trim(req.OrganizationEnName, " ") @@ -56,7 +55,7 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd } //组装organization dn organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN - err := ldapServer.Create(organizationDN, map[string][]string{ + err := l.svcCtx.Ldap.Create(organizationDN, map[string][]string{ "objectClass": {"top", "groupOfUniqueNames"}, "cn": {req.OrganizationEnName}, "ou": {req.OrganizationEnName}, diff --git a/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go b/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go index 4bdebd17..ce6d27c1 100644 --- a/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go +++ b/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "net/http" "context" @@ -32,11 +31,11 @@ func NewCreateLdapUserBaseGroupLogic(ctx context.Context, svcCtx *svc.ServiceCon // } func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } - err := ldapServer.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{ + err := l.svcCtx.Ldap.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{ "objectClass": {"top", "organizationalUnit"}, "ou": {"FusenTeam"}, "businessCategory": {"FUSEN团队"}, diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index ecbee775..69174a29 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -7,7 +7,6 @@ import ( "fusenapi/utils/chinese_to_pinyin" "fusenapi/utils/email" "fusenapi/utils/encryption_decryption" - "fusenapi/utils/ldap_lib" "gorm.io/gorm" "net/http" "strings" @@ -40,8 +39,8 @@ func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Cr // } func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.UserName = strings.Trim(req.UserName, " ") @@ -78,7 +77,7 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *ht if err != nil { return err } - return ldapServer.Create(userDN, map[string][]string{ + return l.svcCtx.Ldap.Create(userDN, map[string][]string{ "objectClass": {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性 "shadowLastChange": {"19676"}, //固有属性 "shadowMin": {"0"}, //固有属性 diff --git a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go index 341cebeb..05785cad 100644 --- a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -33,15 +32,15 @@ func NewDeleteLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont // } func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } - if err := ldapServer.Delete(req.OrganizationDN); err != nil { + if err := l.svcCtx.Ldap.Delete(req.OrganizationDN); err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "删除ldap组织失败,"+err.Error()) } diff --git a/server/ldap-admin/internal/logic/deleteldapuserlogic.go b/server/ldap-admin/internal/logic/deleteldapuserlogic.go index 6ba9f5fe..0d9a379f 100644 --- a/server/ldap-admin/internal/logic/deleteldapuserlogic.go +++ b/server/ldap-admin/internal/logic/deleteldapuserlogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -33,15 +32,15 @@ func NewDeleteLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *De // } func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.UserDN = strings.Trim(req.UserDN, " ") if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") } - err := ldapServer.Update(req.UserDN, map[string][]string{ + err := l.svcCtx.Ldap.Update(req.UserDN, map[string][]string{ "postalCode": {"0"}, }) if err != nil { diff --git a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go index d9219c7f..874228b3 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go @@ -3,7 +3,6 @@ package logic import ( "fmt" "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "github.com/go-ldap/ldap/v3" "net/http" "strings" @@ -35,8 +34,8 @@ func NewGetLdapOrganizationMembersLogic(ctx context.Context, svcCtx *svc.Service // } func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") @@ -52,7 +51,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. rootCn := rootDNSlice[0] filter := "(&(objectClass=groupOfUniqueNames)(!(" + rootCn + ")))" fields := []string{"uniqueMember"} //只是查询成员 - result, err := ldapServer.Search(req.OrganizationDN, ldap.ScopeWholeSubtree, filter, fields, nil) + result, err := l.svcCtx.Ldap.Search(req.OrganizationDN, ldap.ScopeWholeSubtree, filter, fields, nil) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap组织成员错误,"+err.Error()) @@ -86,7 +85,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. //从新赋值filter filter = "(&(objectClass=posixAccount)(objectClass=inetOrgPerson)(|" + filterBuilder.String() + "))" //从用户基本组中找到员工 - userList, err := ldapServer.GetLdapBaseTeamUsersByParams(filter) + userList, err := l.svcCtx.Ldap.GetLdapBaseTeamUsersByParams(filter) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap帐号信息失败,"+err.Error()) @@ -95,7 +94,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. for _, user := range userList { if user.Status != 1 { //从部门member中移出 - if err = ldapServer.RemoveUserFromOrganization(req.OrganizationDN, user.UserDN); err != nil { + if err = l.svcCtx.Ldap.RemoveUserFromOrganization(req.OrganizationDN, user.UserDN); err != nil { logx.Error("移除用户成员失败:", err) } continue diff --git a/server/ldap-admin/internal/logic/getldaporganizationslogic.go b/server/ldap-admin/internal/logic/getldaporganizationslogic.go index be137ae8..a97fe93d 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "github.com/go-ldap/ldap/v3" "net/http" "sort" @@ -43,8 +42,8 @@ type DNItem struct { } func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } //从ldap获取组织架构数据 @@ -58,7 +57,7 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r * } filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))" fields := []string{"businessCategory", "dn", "uniqueMember"} - searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil) + searchResult, err := l.svcCtx.Ldap.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil) if err != nil { return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error()) } diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index c212cf0c..e2212827 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -6,7 +6,6 @@ import ( "fusenapi/server/ldap-admin/internal/types" "fusenapi/utils/basic" "fusenapi/utils/email" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -32,8 +31,8 @@ func NewGetLdapUserInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *G // } func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { @@ -43,7 +42,7 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, r if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - user, err := ldapServer.GetLdapUserInfo(req.UserDN) + user, err := l.svcCtx.Ldap.GetLdapUserInfo(req.UserDN) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error()) diff --git a/server/ldap-admin/internal/logic/getldapuserslogic.go b/server/ldap-admin/internal/logic/getldapuserslogic.go index bd6a7c9d..93119f7d 100644 --- a/server/ldap-admin/internal/logic/getldapuserslogic.go +++ b/server/ldap-admin/internal/logic/getldapuserslogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -33,13 +32,13 @@ func NewGetLdapUsersLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetL // } func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.PageCookie = strings.Trim(req.PageCookie, " ") pageSize := uint32(20) - list, cookie, err := ldapServer.GetLdapBaseTeamUserList(pageSize, req.PageCookie) + list, cookie, err := l.svcCtx.Ldap.GetLdapBaseTeamUserList(pageSize, req.PageCookie) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询用户列表报错,"+err.Error()) diff --git a/server/ldap-admin/internal/logic/ldapuserloginlogic.go b/server/ldap-admin/internal/logic/ldapuserloginlogic.go index 8433f1de..750e23ce 100644 --- a/server/ldap-admin/internal/logic/ldapuserloginlogic.go +++ b/server/ldap-admin/internal/logic/ldapuserloginlogic.go @@ -5,7 +5,6 @@ import ( "fusenapi/utils/basic" "fusenapi/utils/email" "fusenapi/utils/encryption_decryption" - "fusenapi/utils/ldap_lib" "strings" "context" @@ -42,8 +41,8 @@ func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq) (resp *b } userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN) //查询dn - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - ldapUserInfo, err := ldapServer.GetLdapUserInfo(userDN) + + ldapUserInfo, err := l.svcCtx.Ldap.GetLdapUserInfo(userDN) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "获取用户信息失败,"+err.Error()) @@ -65,7 +64,7 @@ func (l *LdapUserLoginLogic) LdapUserLogin(req *types.LdapUserLoginReq) (resp *b return resp.SetStatusWithMessage(basic.CodeServiceErr, "密码错误!") } //生成token - token, err := ldapServer.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, l.svcCtx.Config.Auth.AccessSecret) + token, err := l.svcCtx.Ldap.GenJwtToken(ldapUserInfo.UserId, l.svcCtx.Config.Auth.AccessExpire, ldapUserInfo.UserDN, l.svcCtx.Config.Auth.AccessSecret) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "生成登录凭证失败") diff --git a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go index f60243ec..074fbc3b 100644 --- a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go @@ -3,7 +3,6 @@ package logic import ( "fusenapi/utils/basic" "fusenapi/utils/email" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -34,8 +33,8 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi // } func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") @@ -50,7 +49,7 @@ func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *ty if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN) + err := l.svcCtx.Ldap.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败,"+err.Error()) diff --git a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go index e30d1d3f..5f0e91b5 100644 --- a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go @@ -2,7 +2,6 @@ package logic import ( "fusenapi/utils/basic" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -33,8 +32,8 @@ func NewUpdateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont // } func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") @@ -44,7 +43,7 @@ func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLd if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } - if err := ldapServer.Update(req.OrganizationDN, map[string][]string{ + if err := l.svcCtx.Ldap.Update(req.OrganizationDN, map[string][]string{ "businessCategory": {req.BusinessCategory}, }); err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/updateldapuserlogic.go b/server/ldap-admin/internal/logic/updateldapuserlogic.go index d7b60c2c..3d058a1a 100644 --- a/server/ldap-admin/internal/logic/updateldapuserlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go @@ -6,7 +6,6 @@ import ( "fusenapi/utils/basic" "fusenapi/utils/chinese_to_pinyin" "fusenapi/utils/email" - "fusenapi/utils/ldap_lib" "net/http" "strings" "time" @@ -38,8 +37,8 @@ func NewUpdateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Up // } func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.UserDN = strings.Trim(req.UserDN, " ") @@ -70,7 +69,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, r *ht "postalCode": {fmt.Sprintf("%d", req.Status)}, "employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, } - err := ldapServer.Update(req.UserDN, attr) + err := l.svcCtx.Ldap.Update(req.UserDN, attr) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "更新用户失败,"+err.Error()) diff --git a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go index c943c83f..3f4b15d5 100644 --- a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go @@ -4,7 +4,6 @@ import ( "fusenapi/utils/basic" "fusenapi/utils/email" "fusenapi/utils/encryption_decryption" - "fusenapi/utils/ldap_lib" "net/http" "strings" @@ -35,8 +34,8 @@ func NewUpdateLdapUserPwdLogic(ctx context.Context, svcCtx *svc.ServiceContext) // } func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, r *http.Request) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) - if !ldapServer.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { + + if !l.svcCtx.Ldap.VerifyAuthority(r, l.svcCtx.Config.Auth.AccessSecret) { return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通") } req.UserDN = strings.Trim(req.UserDN, " ") @@ -53,7 +52,7 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } //查询个人信息 - user, err := ldapServer.GetLdapUserInfo(req.UserDN) + user, err := l.svcCtx.Ldap.GetLdapUserInfo(req.UserDN) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error()) @@ -76,7 +75,7 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败") } - err = ldapServer.Update(req.UserDN, map[string][]string{ + err = l.svcCtx.Ldap.Update(req.UserDN, map[string][]string{ "userPassword": {"{crypt}" + newPwd}, }) if err != nil { diff --git a/server/ldap-admin/internal/svc/servicecontext.go b/server/ldap-admin/internal/svc/servicecontext.go index 384be7f6..064d9e5c 100644 --- a/server/ldap-admin/internal/svc/servicecontext.go +++ b/server/ldap-admin/internal/svc/servicecontext.go @@ -4,7 +4,7 @@ import ( "fusenapi/initalize" "fusenapi/model/gmodel" "fusenapi/server/ldap-admin/internal/config" - "github.com/go-ldap/ldap/v3" + "fusenapi/utils/ldap_lib" "gorm.io/gorm" ) @@ -13,17 +13,17 @@ type ServiceContext struct { MysqlConn *gorm.DB AllModels *gmodel.AllModelsGen RabbitMq *initalize.RabbitMqHandle - Ldap *ldap.Conn + Ldap *ldap_lib.Ldap } func NewServiceContext(c config.Config) *ServiceContext { conn := initalize.InitMysql(c.SourceMysql) - + ldapConn := initalize.InitLdap(c.Ldap.Host, c.Ldap.BindDN, c.Ldap.Password) return &ServiceContext{ Config: c, MysqlConn: conn, AllModels: gmodel.NewAllModels(initalize.InitMysql(c.SourceMysql)), RabbitMq: initalize.InitRabbitMq(c.SourceRabbitMq, nil), - Ldap: initalize.InitLdap(c.Ldap.Host, c.Ldap.BindDN, c.Ldap.Password), + Ldap: ldap_lib.NewLdap(ldapConn, c.Ldap.BaseDN, c.Ldap.RootDN, c.Ldap.PeopleGroupDN, c.Auth.AccessSecret), } } diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go index dfc2a0e1..a94acefb 100644 --- a/utils/ldap_lib/ldap_group.go +++ b/utils/ldap_lib/ldap_group.go @@ -12,14 +12,16 @@ type Ldap struct { rootDN string conn *ldap.Conn peopleGroupDN string + jwtSecret string } -func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN string) *Ldap { +func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN, jwtSecret string) *Ldap { return &Ldap{ baseDN: baseDN, rootDN: rootDN, conn: conn, peopleGroupDN: peopleGroupDN, + jwtSecret: jwtSecret, } }