From f9f5275694d379a68ef6c2deed1f9dfdc6b3d3c3 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Mon, 20 Nov 2023 17:16:17 +0800 Subject: [PATCH 1/7] fix --- .../internal/handler/getldapusershandler.go | 35 +++++++++ server/ldap-admin/internal/handler/routes.go | 5 ++ .../logic/addldaporganizationmemberlogic.go | 2 +- .../logic/createldaporganizationlogic.go | 2 +- .../logic/createldapuserbasegrouplogic.go | 2 +- .../internal/logic/createldapuserlogic.go | 2 +- .../logic/deleteldaporganizationlogic.go | 2 +- .../internal/logic/deleteldapuserlogic.go | 2 +- .../logic/getldaporganizationmemberslogic.go | 11 ++- .../logic/getldaporganizationslogic.go | 2 +- .../internal/logic/getldapuserinfologic.go | 2 +- .../internal/logic/getldapuserslogic.go | 66 ++++++++++++++++ .../removeldaporganizationmemberlogic.go | 2 +- .../logic/updateldaporganizationlogic.go | 2 +- .../internal/logic/updateldapuserlogic.go | 2 +- .../internal/logic/updateldapuserpwdlogic.go | 2 +- server/ldap-admin/internal/types/types.go | 35 +++++++-- server_api/ldap-admin.api | 36 +++++++-- utils/ldap_lib/ldap_group.go | 44 +++++++++-- utils/ldap_lib/ldap_user.go | 76 ++++++++++++++++++- 20 files changed, 295 insertions(+), 37 deletions(-) create mode 100644 server/ldap-admin/internal/handler/getldapusershandler.go create mode 100644 server/ldap-admin/internal/logic/getldapuserslogic.go diff --git a/server/ldap-admin/internal/handler/getldapusershandler.go b/server/ldap-admin/internal/handler/getldapusershandler.go new file mode 100644 index 00000000..bc255166 --- /dev/null +++ b/server/ldap-admin/internal/handler/getldapusershandler.go @@ -0,0 +1,35 @@ +package handler + +import ( + "net/http" + "reflect" + + "fusenapi/utils/basic" + + "fusenapi/server/ldap-admin/internal/logic" + "fusenapi/server/ldap-admin/internal/svc" + "fusenapi/server/ldap-admin/internal/types" +) + +func GetLdapUsersHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + + var req types.GetLdapUsersReq + userinfo, err := basic.RequestParse(w, r, svcCtx, &req) + if err != nil { + return + } + + // 创建一个业务逻辑层实例 + l := logic.NewGetLdapUsersLogic(r.Context(), svcCtx) + + rl := reflect.ValueOf(l) + basic.BeforeLogic(w, r, rl) + + resp := l.GetLdapUsers(&req, userinfo) + + if !basic.AfterLogic(w, r, rl, resp) { + basic.NormalAfterLogic(w, r, resp) + } + } +} diff --git a/server/ldap-admin/internal/handler/routes.go b/server/ldap-admin/internal/handler/routes.go index 2d1211e5..3cd84f8e 100644 --- a/server/ldap-admin/internal/handler/routes.go +++ b/server/ldap-admin/internal/handler/routes.go @@ -142,6 +142,11 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { Path: "/api/ldap-admin/create_ldap_user_base_group", Handler: CreateLdapUserBaseGroupHandler(serverCtx), }, + { + Method: http.MethodGet, + Path: "/api/ldap-admin/get_ldap_users", + Handler: GetLdapUsersHandler(serverCtx), + }, }, ) } diff --git a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go index dca7b025..8bd329b1 100644 --- a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go @@ -46,7 +46,7 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN) if err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/createldaporganizationlogic.go b/server/ldap-admin/internal/logic/createldaporganizationlogic.go index 1ccb2624..e7b9e0c7 100644 --- a/server/ldap-admin/internal/logic/createldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/createldaporganizationlogic.go @@ -52,7 +52,7 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd } //组装organization dn organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) err := ldapServer.Create(organizationDN, map[string][]string{ "objectClass": {"top", "groupOfUniqueNames"}, "cn": {req.OrganizationEnName}, diff --git a/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go b/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go index 90f80fa1..5a0cebf6 100644 --- a/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go +++ b/server/ldap-admin/internal/logic/createldapuserbasegrouplogic.go @@ -32,7 +32,7 @@ func NewCreateLdapUserBaseGroupLogic(ctx context.Context, svcCtx *svc.ServiceCon // } func (l *CreateLdapUserBaseGroupLogic) CreateLdapUserBaseGroup(req *types.Request, userinfo *auth.UserInfo) (resp *basic.Response) { - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) err := ldapServer.Create(l.svcCtx.Config.Ldap.PeopleGroupDN, map[string][]string{ "objectClass": {"top", "organizationalUnit"}, "ou": {"FusenTeam"}, diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index cf31476b..184336e5 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -51,7 +51,7 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri if !email.IsEmailValid(req.Email) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) //把用户名转pinyin userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName) //新增一条记录获取递增用户id diff --git a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go index 87340301..eabd4958 100644 --- a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go @@ -37,7 +37,7 @@ func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLd if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) if err := ldapServer.Delete(req.OrganizationDN); err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "删除ldap组织失败,"+err.Error()) diff --git a/server/ldap-admin/internal/logic/deleteldapuserlogic.go b/server/ldap-admin/internal/logic/deleteldapuserlogic.go index 3423182e..f121400f 100644 --- a/server/ldap-admin/internal/logic/deleteldapuserlogic.go +++ b/server/ldap-admin/internal/logic/deleteldapuserlogic.go @@ -37,7 +37,7 @@ func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, useri if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) err := ldapServer.Update(req.UserDN, map[string][]string{ "postalCode": {"0"}, }) diff --git a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go index fc2335ab..fc1e053f 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go @@ -41,7 +41,7 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } //先获取组织成员 - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) //获取跟用户dn筛选排除该用户 rootDNSlice := strings.Split(l.svcCtx.Config.Ldap.RootDN, ",") if len(rootDNSlice) == 0 { @@ -114,6 +114,15 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. user.Mobile = strings.Join(attr.Values, "") case "postalAddress": //头像 user.Avatar = strings.Join(attr.Values, "") + case "employeeType": //人员类型 + if len(attr.Values) == 0 { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户类型不存在") + } + user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户类型转数字失败") + } case "postalCode": //状态 if len(attr.Values) == 0 { return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态不存在") diff --git a/server/ldap-admin/internal/logic/getldaporganizationslogic.go b/server/ldap-admin/internal/logic/getldaporganizationslogic.go index d53385fa..95291aa0 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go @@ -48,7 +48,7 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use if len(rootCn) == 0 { return resp.SetStatusWithMessage(basic.CodeServiceErr, "root用户DN未设置") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) peopleDNSlice := strings.Split(l.svcCtx.Config.Ldap.PeopleGroupDN, ",") if len(peopleDNSlice) <= 1 { return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置") diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index c4ff0824..41d8704a 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -39,7 +39,7 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) user, err := ldapServer.GetLdapUserInfo(req.UserDN) if err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/getldapuserslogic.go b/server/ldap-admin/internal/logic/getldapuserslogic.go new file mode 100644 index 00000000..5e7c2a5d --- /dev/null +++ b/server/ldap-admin/internal/logic/getldapuserslogic.go @@ -0,0 +1,66 @@ +package logic + +import ( + "fusenapi/utils/auth" + "fusenapi/utils/basic" + "fusenapi/utils/ldap_lib" + "strings" + + "context" + + "fusenapi/server/ldap-admin/internal/svc" + "fusenapi/server/ldap-admin/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type GetLdapUsersLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewGetLdapUsersLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetLdapUsersLogic { + return &GetLdapUsersLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +// 处理进入前逻辑w,r +// func (l *GetLdapUsersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) { +// } + +func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, userinfo *auth.UserInfo) (resp *basic.Response) { + req.PageCookie = strings.Trim(req.PageCookie, " ") + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) + pageSize := uint32(20) + list, cookie, err := ldapServer.GetLdapBaseTeamUserList(pageSize, req.PageCookie) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询用户列表报错,"+err.Error()) + } + rspList := make([]types.GetLdapUsersItem, 0, len(list)) + for _, v := range list { + rspList = append(rspList, types.GetLdapUsersItem{ + UserId: v.UserId, + UserDN: v.UserDN, + UserName: v.UserName, + Email: v.Email, + Mobile: v.Mobile, + Avatar: v.Avatar, + EmployeeType: v.EmployeeType, + Status: v.Status, + }) + } + return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUsersRsp{ + List: rspList, + PagingCookie: cookie, + }) +} + +// 处理逻辑后 w,r 如:重定向, resp 必须重新处理 +// func (l *GetLdapUsersLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) { +// // httpx.OkJsonCtx(r.Context(), w, resp) +// } diff --git a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go index 4d1bac6b..a2c42ad5 100644 --- a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go @@ -46,7 +46,7 @@ func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *ty if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN) if err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go index 44cd16ff..8f8b22de 100644 --- a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go @@ -40,7 +40,7 @@ func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLd if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) if err := ldapServer.Update(req.OrganizationDN, map[string][]string{ "businessCategory": {req.BusinessCategory}, }); err != nil { diff --git a/server/ldap-admin/internal/logic/updateldapuserlogic.go b/server/ldap-admin/internal/logic/updateldapuserlogic.go index 6a7a2d14..769f09f4 100644 --- a/server/ldap-admin/internal/logic/updateldapuserlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go @@ -52,7 +52,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri } //把用户名转pinyin userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName) - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) //更新的属性 attr := map[string][]string{ "homeDirectory": {"/home/users/" + userNamePinyin}, diff --git a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go index df159b3c..4e2e81f9 100644 --- a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go @@ -48,7 +48,7 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR if !email.IsEmailValid(cnEmail) { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") } - ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN) //查询个人信息 user, err := ldapServer.GetLdapUserInfo(req.UserDN) if err != nil { diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index f2db0587..60b52761 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -194,13 +194,34 @@ type GetLdapOrganizationMembersRsp struct { } type GetLdapOrganizationMembersItem struct { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 +} + +type GetLdapUsersReq struct { + PageCookie string `form:"page_cookie,optional"` //下一页分页游标,传空/不传就是第一页 +} + +type GetLdapUsersRsp struct { + List []GetLdapUsersItem `json:"list"` + PagingCookie string `json:"paging_cookie"` +} + +type GetLdapUsersItem struct { + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } type Request struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index b756c86f..bad0b0e7 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -89,6 +89,9 @@ service ldap-admin { //创建用户基础组 @handler CreateLdapUserBaseGroupHandler post /api/ldap-admin/create_ldap_user_base_group(request) returns (response); + //获取基础用户组中成员列表 + @handler GetLdapUsersHandler + get /api/ldap-admin/get_ldap_users(GetLdapUsersReq) returns (response); } type ( @@ -272,11 +275,30 @@ type GetLdapOrganizationMembersRsp { List []GetLdapOrganizationMembersItem `json:"list"` } type GetLdapOrganizationMembersItem { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 +} +//获取基础用户组中成员列表 +type GetLdapUsersReq { + PageCookie string `form:"page_cookie,optional"` //下一页分页游标,传空/不传就是第一页 +} +type GetLdapUsersRsp { + List []GetLdapUsersItem `json:"list"` + PagingCookie string `json:"paging_cookie"` +} +type GetLdapUsersItem { + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } \ No newline at end of file diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go index f0742527..8506a7ff 100644 --- a/utils/ldap_lib/ldap_group.go +++ b/utils/ldap_lib/ldap_group.go @@ -8,16 +8,18 @@ import ( ) type Ldap struct { - baseDN string - rootDN string - conn *ldap.Conn + baseDN string + rootDN string + conn *ldap.Conn + peopleGroupDN string } -func NewLdap(conn *ldap.Conn, baseDN, rootDN string) *Ldap { +func NewLdap(conn *ldap.Conn, baseDN, rootDN, peopleGroupDN string) *Ldap { return &Ldap{ - baseDN: baseDN, - rootDN: rootDN, - conn: conn, + baseDN: baseDN, + rootDN: rootDN, + conn: conn, + peopleGroupDN: peopleGroupDN, } } @@ -74,6 +76,34 @@ func (l *Ldap) Search(DN string, scope int, filter string, attr []string, contro return l.conn.Search(searchRequest) } +// 分页查询资源(分组/用户) +func (l *Ldap) SearchWithPaging(DN string, scope int, filter string, attr []string, pageSize uint32, pagingCookie string) (resp *ldap.SearchResult, err error) { + if DN == l.rootDN { + return nil, errors.New("没有权限查询根用户") + } + if filter == "" { + rootCn := strings.Split(l.rootDN, ",") + if len(rootCn) == 0 { + return nil, errors.New("root用户DN未设置") + } + filter = "(&(objectClass=*)(!(" + rootCn[0] + ")))" + } + searchRequest := ldap.NewSearchRequest( + DN, + scope, ldap.NeverDerefAliases, 0, 0, false, + filter, + attr, + nil, + ) + pagingCtl := ldap.NewControlPaging(pageSize) + pagingCtl.SetCookie([]byte(pagingCookie)) + searchRequest.Controls = []ldap.Control{ + pagingCtl, + } + // 执行搜索请求 + return l.conn.Search(searchRequest) +} + // AddUserToGroup 添加用户到组织 func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error { modify := ldap.NewModifyRequest(organizationDN, nil) diff --git a/utils/ldap_lib/ldap_user.go b/utils/ldap_lib/ldap_user.go index 20df8aab..b70bd127 100644 --- a/utils/ldap_lib/ldap_user.go +++ b/utils/ldap_lib/ldap_user.go @@ -1,6 +1,7 @@ package ldap_lib import ( + "encoding/hex" "errors" "github.com/go-ldap/ldap/v3" "github.com/zeromicro/go-zero/core/logx" @@ -8,7 +9,7 @@ import ( "strings" ) -type GetLdapUserInfoRsp struct { +type LdapUserInfo struct { UserId int64 `json:"userId"` UserDN string `json:"user_dn"` UserName string `json:"user_name"` //用户名 @@ -20,7 +21,8 @@ type GetLdapUserInfoRsp struct { Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } -func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) { +// 获取用户详情 +func (l *Ldap) GetLdapUserInfo(userDN string) (*LdapUserInfo, error) { res, err := l.Search(userDN, ldap.ScopeWholeSubtree, "(&(objectClass=posixAccount)(objectClass=inetOrgPerson))", nil, nil) if err != nil { return nil, err @@ -28,7 +30,7 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) { if len(res.Entries) != 1 { return nil, errors.New("查询到不到用户信息") } - user := &GetLdapUserInfoRsp{} + user := &LdapUserInfo{} for _, entry := range res.Entries { if entry.DN != userDN { continue @@ -80,3 +82,71 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*GetLdapUserInfoRsp, error) { } return user, nil } + +// 获取基础组用户列表 +func (l *Ldap) GetLdapBaseTeamUserList(pageSize uint32, pageCookie string) ([]LdapUserInfo, string, error) { + pageCookieBytes, err := hex.DecodeString(pageCookie) + if err != nil { + return nil, "", err + } + result, err := l.SearchWithPaging(l.peopleGroupDN, ldap.ScopeWholeSubtree, "(objectClass=person)", nil, pageSize, string(pageCookieBytes)) + if err != nil { + return nil, "", err + } + list := make([]LdapUserInfo, 0, pageSize) + for _, entry := range result.Entries { + user := LdapUserInfo{ + UserDN: entry.DN, + } + for _, attr := range entry.Attributes { + switch attr.Name { + case "uidNumber": //用户id + if len(attr.Values) == 0 { + continue + } + user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + logx.Error(err) + return nil, "", errors.New("用户id转数字失败") + } + case "sn": //用户真名 + user.UserName = strings.Join(attr.Values, "") + case "mail": //邮箱 + user.Email = strings.Join(attr.Values, "") + case "mobile": //手机号 + user.Mobile = strings.Join(attr.Values, "") + case "postalAddress": //头像 + user.Avatar = strings.Join(attr.Values, "") + case "userPassword": //密码 + user.Password = strings.Join(attr.Values, ",") + case "employeeType": //员工类型 + if len(attr.Values) == 0 { + continue + } + user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, "", errors.New("用户类型转数字失败") + } + case "postalCode": //状态 + if len(attr.Values) == 0 { + continue + } + user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, "", errors.New("用户状态转数字失败") + } + } + } + list = append(list, user) + } + rspCookie := "" + // 检查是否还有更多条目需要获取 + controls := result.Controls + if len(controls) > 0 { + cookieControl := controls[0] + if control, ok := cookieControl.(*ldap.ControlPaging); ok { + rspCookie = hex.EncodeToString(control.Cookie) + } + } + return list, rspCookie, nil +} From 9ca89cf9752f98a8cca4c11ecda0e85d1f7858e0 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Mon, 20 Nov 2023 17:33:38 +0800 Subject: [PATCH 2/7] fix --- server/ldap-admin/internal/types/types.go | 10 +++++----- server_api/ldap-admin.api | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 60b52761..85f83ed2 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -92,11 +92,11 @@ type GetMenuDetailRsp struct { } type GetMenusReq struct { - CurrentPage int `form:"current_page"` - Name string `form:"name"` - Title string `form:"title"` - Path string `form:"path"` - ParentId *int64 `form:"parent_id"` + CurrentPage int `form:"current_page,optional"` + Name string `form:"name,optional"` + Title string `form:"title,optional"` + Path string `form:"path,optional"` + ParentId *int64 `form:"parent_id,optional"` } type GetMenusRsp struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index bad0b0e7..8fc175ed 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -178,11 +178,11 @@ type GetMenuDetailRsp { } //获取菜单列表 type GetMenusReq { - CurrentPage int `form:"current_page"` - Name string `form:"name"` - Title string `form:"title"` - Path string `form:"path"` - ParentId *int64 `form:"parent_id"` + CurrentPage int `form:"current_page,optional"` + Name string `form:"name,optional"` + Title string `form:"title,optional"` + Path string `form:"path,optional"` + ParentId *int64 `form:"parent_id,optional"` } type GetMenusRsp { List []MenuItem `json:"list"` From ce1ea141d20bcd8b2e83f56c2bbf0b89226ec1f6 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Tue, 21 Nov 2023 10:02:27 +0800 Subject: [PATCH 3/7] fix --- server/ldap-admin/internal/types/types.go | 1 + server_api/ldap-admin.api | 1 + 2 files changed, 2 insertions(+) diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 85f83ed2..07b490e3 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -137,6 +137,7 @@ type CreateLdapUserReq struct { Mobile string `json:"mobile"` //手机号 Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + GroupId int64 `json:"group_id"` //分组id Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index 8fc175ed..610cd794 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -221,6 +221,7 @@ type CreateLdapUserReq { Mobile string `json:"mobile"` //手机号 Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 + GroupId int64 `json:"group_id"` //分组id Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } //修改ldap用户信息 From f4cbb23aa0fe0977bab31a372ae2ee2251959356 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Tue, 21 Nov 2023 10:08:46 +0800 Subject: [PATCH 4/7] fix --- .../internal/logic/createldapuserlogic.go | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index 184336e5..c3dd3ce8 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -74,18 +74,18 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri "shadowWarning": {"7"}, //固有属性 "loginShell": {"/usr/sbin/nologin"}, //固有属性 "homeDirectory": {"/home/users/" + userNamePinyin}, - "employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, //1正式 2实习 3外包 - "uidNumber": {fmt.Sprintf("%d", userData.Id)}, - "gidNumber": {fmt.Sprintf("%d", userData.Id)}, - "uid": {userNamePinyin}, - "cn": {req.Email}, - "sn": {req.UserName}, - "mail": {req.Email}, - "postalCode": {fmt.Sprintf("%d", req.Status)}, - "departmentNumber": {"0"}, - "postalAddress": {req.Avatar}, - "mobile": {req.Mobile}, - "userPassword": {"{crypt}" + pwd}, + "employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, //员工类型:1正式 2实习 3外包 + "uidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id + "gidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id + "uid": {userNamePinyin}, //用户名(拼音) + "cn": {req.Email}, //邮箱 + "sn": {req.UserName}, //用户名 + "mail": {req.Email}, //邮箱 + "postalCode": {fmt.Sprintf("%d", req.Status)}, //状态 + "departmentNumber": {fmt.Sprintf("%d", req.GroupId)}, //权限分组id + "postalAddress": {req.Avatar}, //头像 + "mobile": {req.Mobile}, //手机号 + "userPassword": {"{crypt}" + pwd}, //密码 }); err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error()) From f946f2926ad707eab83b598ac9d9758a03d3af7a Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Tue, 21 Nov 2023 10:13:12 +0800 Subject: [PATCH 5/7] fix --- server/ldap-admin/internal/logic/createldapuserlogic.go | 3 +++ server/ldap-admin/internal/logic/updateldapuserlogic.go | 4 ++-- server/ldap-admin/internal/types/types.go | 4 ++-- server_api/ldap-admin.api | 4 ++-- 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index c3dd3ce8..3134f5c8 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -42,6 +42,9 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri req.Mobile = strings.Trim(req.Mobile, " ") req.Email = strings.Trim(req.Email, " ") req.Password = strings.Trim(req.Password, " ") + if req.GroupId < 0 { + req.GroupId = 0 + } if req.UserName == "" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户名不能为空") } diff --git a/server/ldap-admin/internal/logic/updateldapuserlogic.go b/server/ldap-admin/internal/logic/updateldapuserlogic.go index 769f09f4..3f2390c9 100644 --- a/server/ldap-admin/internal/logic/updateldapuserlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go @@ -40,7 +40,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri req.Mobile = strings.Trim(req.Mobile, " ") req.Avatar = strings.Trim(req.Avatar, " ") req.UserName = strings.Trim(req.UserName, " ") - if req.AuthGroupId < 0 { + if req.GroupId < 0 { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户权限组id") } if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { @@ -56,7 +56,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri //更新的属性 attr := map[string][]string{ "homeDirectory": {"/home/users/" + userNamePinyin}, - "departmentNumber": {fmt.Sprintf("%d", req.AuthGroupId)}, + "departmentNumber": {fmt.Sprintf("%d", req.GroupId)}, "sn": {req.UserName}, "uid": {userNamePinyin}, "mobile": {req.Mobile}, diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 07b490e3..5d74dba7 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -137,7 +137,7 @@ type CreateLdapUserReq struct { Mobile string `json:"mobile"` //手机号 Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 - GroupId int64 `json:"group_id"` //分组id + GroupId int64 `json:"group_id,optional"` //分组id Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } @@ -148,7 +148,7 @@ type UpdateLdapUserReq struct { Avatar string `json:"avatar,optional"` //头像地址 Status int64 `json:"status,options=0|1"` //状态 1正常0离职 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 - AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id + GroupId int64 `json:"group_id,optional"` //权限分组id } type UpdateLdapUserPwdReq struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index 610cd794..c57b7b3f 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -221,7 +221,7 @@ type CreateLdapUserReq { Mobile string `json:"mobile"` //手机号 Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 - GroupId int64 `json:"group_id"` //分组id + GroupId int64 `json:"group_id,optional"` //分组id Status int64 `json:"status,options=0|1"` //状态 1正常0离职 } //修改ldap用户信息 @@ -232,7 +232,7 @@ type UpdateLdapUserReq { Avatar string `json:"avatar,optional"` //头像地址 Status int64 `json:"status,options=0|1"` //状态 1正常0离职 EmployeeType int64 `json:"employee_type,options=1|2|3"` //1正式 2实习 3外包 - AuthGroupId int64 `json:"auth_group_id,optional"` //权限分组id + GroupId int64 `json:"group_id,optional"` //权限分组id } //修改用户密码 type UpdateLdapUserPwdReq { From 06b826769bb61437eb632399309f0d7cff5c280e Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Tue, 21 Nov 2023 10:38:11 +0800 Subject: [PATCH 6/7] fix --- .../internal/logic/updateldapuserpwdlogic.go | 20 ++++++++++--------- server/ldap-admin/internal/types/types.go | 2 +- server_api/ldap-admin.api | 2 +- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go index 4e2e81f9..891cb4f1 100644 --- a/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go @@ -55,15 +55,17 @@ func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdR logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error()) } - //解密旧的密码 - oldPwd, err := encryption_decryption.CBCDecrypt(user.Password[7:]) - if err != nil { - logx.Error(err) - return resp.SetStatusWithMessage(basic.CodeServiceErr, "解密旧的密码出错") - } - //验证旧的密码 - if oldPwd != req.OldPassword { - return resp.SetStatusWithMessage(basic.CodeServiceErr, "旧密码不对,请重新尝试") + if len(user.Password) > 7 && user.Password[:7] == "{crypt}" { + //解密旧的密码 + oldPwd, err := encryption_decryption.CBCDecrypt(user.Password[7:]) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "解密旧的密码出错") + } + //验证旧的密码 + if oldPwd != req.OldPassword { + return resp.SetStatusWithMessage(basic.CodeServiceErr, "旧密码不对,请重新尝试") + } } //加密新的密码 newPwd, err := encryption_decryption.CBCEncrypt(req.NewPassword) diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 5d74dba7..bd1cf72b 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -166,7 +166,7 @@ type GetLdapUserInfoReq struct { } type GetLdapUserInfoRsp struct { - UserId int64 `json:"userId"` + UserId int64 `json:"user_id"` UserDN string `json:"user_dn"` UserName string `json:"user_name"` //用户名 Email string `json:"email"` //邮箱 diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index c57b7b3f..ef2b9653 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -249,7 +249,7 @@ type GetLdapUserInfoReq { UserDN string `form:"user_dn"` //用户dn } type GetLdapUserInfoRsp { - UserId int64 `json:"userId"` + UserId int64 `json:"user_id"` UserDN string `json:"user_dn"` UserName string `json:"user_name"` //用户名 Email string `json:"email"` //邮箱 From 297dffcbc0e43c3a7d3b10df6e70ccac2491df7e Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Tue, 21 Nov 2023 11:39:03 +0800 Subject: [PATCH 7/7] fix --- .../logic/getldaporganizationmemberslogic.go | 77 +++------- .../internal/logic/getldapuserinfologic.go | 2 + .../internal/logic/getldapuserslogic.go | 2 + server/ldap-admin/internal/types/types.go | 6 + server_api/ldap-admin.api | 6 + utils/ldap_lib/ldap_group.go | 2 + utils/ldap_lib/ldap_time_format.go | 10 ++ utils/ldap_lib/ldap_user.go | 132 ++++++++++++++---- 8 files changed, 152 insertions(+), 85 deletions(-) create mode 100644 utils/ldap_lib/ldap_time_format.go diff --git a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go index fc1e053f..7d4bf571 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go @@ -6,7 +6,6 @@ import ( "fusenapi/utils/basic" "fusenapi/utils/ldap_lib" "github.com/go-ldap/ldap/v3" - "strconv" "strings" "context" @@ -84,72 +83,28 @@ func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types. //从新赋值filter filter = "(&(objectClass=posixAccount)(objectClass=inetOrgPerson)(|" + filterBuilder.String() + "))" //从用户基本组中找到员工 - result, err = ldapServer.Search(l.svcCtx.Config.Ldap.PeopleGroupDN, ldap.ScopeWholeSubtree, filter, nil, nil) + userList, err := ldapServer.GetLdapBaseTeamUsersByParams(filter) if err != nil { logx.Error(err) return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询ldap帐号信息失败,"+err.Error()) } - userList := make([]types.GetLdapOrganizationMembersItem, 0, memberCount) - for _, entry := range result.Entries { - user := types.GetLdapOrganizationMembersItem{ - UserDN: entry.DN, - } - canAppend := true - for _, attr := range entry.Attributes { - switch attr.Name { - case "uidNumber": //用户id - if len(attr.Values) == 0 { - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id不存在") - } - user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) - if err != nil { - logx.Error(err) - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户id转数字失败") - } - case "sn": //用户真名 - user.UserName = strings.Join(attr.Values, "") - case "mail": //邮箱 - user.Email = strings.Join(attr.Values, "") - case "mobile": //手机号 - user.Mobile = strings.Join(attr.Values, "") - case "postalAddress": //头像 - user.Avatar = strings.Join(attr.Values, "") - case "employeeType": //人员类型 - if len(attr.Values) == 0 { - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户类型不存在") - } - user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) - if err != nil { - logx.Error(err) - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户类型转数字失败") - } - case "postalCode": //状态 - if len(attr.Values) == 0 { - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态不存在") - } - user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) - if err != nil { - logx.Error(err) - return resp.SetStatusWithMessage(basic.CodeServiceErr, "用户状态转数字失败") - } - //无效员工就不要显示了 - if user.Status != 1 { - //从该组中移除该成员 - if err = ldapServer.RemoveUserFromOrganization(req.OrganizationDN, entry.DN); err != nil { - logx.Error("移除组中离职成员失败,", err.Error()) - } - canAppend = false //要移除的成员就不要显示了 - break - } - } - } - //添加列表 - if canAppend { - userList = append(userList, user) - } + list := make([]types.GetLdapOrganizationMembersItem, 0, memberCount) + for _, user := range userList { + list = append(list, types.GetLdapOrganizationMembersItem{ + UserId: user.UserId, + UserDN: user.UserDN, + UserName: user.UserName, + Email: user.Email, + Mobile: user.Mobile, + Avatar: user.Avatar, + EmployeeType: user.EmployeeType, + Status: user.Status, + CreateTime: user.CreateTime.Format("2006-01-02 15:04:05"), + UpdateTime: user.UpdateTime.Format("2006-01-02 15:04:05"), + }) } return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapOrganizationMembersRsp{ - List: userList, + List: list, }) } diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index 41d8704a..9122f58d 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -54,6 +54,8 @@ func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, us Avatar: user.Avatar, Status: user.Status, EmployeeTpye: user.EmployeeType, + CreateTime: user.CreateTime.Format("2006-01-02 15:04:05"), + UpdateTime: user.UpdateTime.Format("2006-01-02 15:04:05"), }) } diff --git a/server/ldap-admin/internal/logic/getldapuserslogic.go b/server/ldap-admin/internal/logic/getldapuserslogic.go index 5e7c2a5d..2fb6efbb 100644 --- a/server/ldap-admin/internal/logic/getldapuserslogic.go +++ b/server/ldap-admin/internal/logic/getldapuserslogic.go @@ -52,6 +52,8 @@ func (l *GetLdapUsersLogic) GetLdapUsers(req *types.GetLdapUsersReq, userinfo *a Avatar: v.Avatar, EmployeeType: v.EmployeeType, Status: v.Status, + CreateTime: v.CreateTime.Format("2006-01-02 15:04:05"), + UpdateTime: v.UpdateTime.Format("2006-01-02 15:04:05"), }) } return resp.SetStatusWithMessage(basic.CodeOK, "success", types.GetLdapUsersRsp{ diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index bd1cf72b..b73230c9 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -174,6 +174,8 @@ type GetLdapUserInfoRsp struct { Avatar string `json:"avatar"` //头像地址 EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包 Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } type AddLdapOrganizationMemberReq struct { @@ -203,6 +205,8 @@ type GetLdapOrganizationMembersItem struct { Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type"` Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } type GetLdapUsersReq struct { @@ -223,6 +227,8 @@ type GetLdapUsersItem struct { Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type"` Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } type Request struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index ef2b9653..f5e974e7 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -257,6 +257,8 @@ type GetLdapUserInfoRsp { Avatar string `json:"avatar"` //头像地址 EmployeeTpye int64 `json:"employee_tpye"` //雇佣类型 1正式 2实习 3外包 Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } //ldap组织添加成员 type AddLdapOrganizationMemberReq { @@ -284,6 +286,8 @@ type GetLdapOrganizationMembersItem { Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type"` Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } //获取基础用户组中成员列表 type GetLdapUsersReq { @@ -302,4 +306,6 @@ type GetLdapUsersItem { Avatar string `json:"avatar"` //头像地址 EmployeeType int64 `json:"employee_type"` Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime string `json:"create_time"` + UpdateTime string `json:"update_time"` } \ No newline at end of file diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go index 8506a7ff..dfc2a0e1 100644 --- a/utils/ldap_lib/ldap_group.go +++ b/utils/ldap_lib/ldap_group.go @@ -104,6 +104,8 @@ func (l *Ldap) SearchWithPaging(DN string, scope int, filter string, attr []stri return l.conn.Search(searchRequest) } +//********************************************************************************************* + // AddUserToGroup 添加用户到组织 func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error { modify := ldap.NewModifyRequest(organizationDN, nil) diff --git a/utils/ldap_lib/ldap_time_format.go b/utils/ldap_lib/ldap_time_format.go new file mode 100644 index 00000000..18efddc7 --- /dev/null +++ b/utils/ldap_lib/ldap_time_format.go @@ -0,0 +1,10 @@ +package ldap_lib + +import ( + "time" +) + +func LdapTimeToTime(timeStr string) (time.Time, error) { + // 将时间字符串转换为时间 + return time.Parse("20060102150405Z", timeStr) +} diff --git a/utils/ldap_lib/ldap_user.go b/utils/ldap_lib/ldap_user.go index b70bd127..1da74db7 100644 --- a/utils/ldap_lib/ldap_user.go +++ b/utils/ldap_lib/ldap_user.go @@ -4,21 +4,23 @@ import ( "encoding/hex" "errors" "github.com/go-ldap/ldap/v3" - "github.com/zeromicro/go-zero/core/logx" "strconv" "strings" + "time" ) type LdapUserInfo struct { - UserId int64 `json:"userId"` - UserDN string `json:"user_dn"` - UserName string `json:"user_name"` //用户名 - Password string `json:"password"` //密码 - Email string `json:"email"` //邮箱 - Mobile string `json:"mobile"` //手机号 - Avatar string `json:"avatar"` //头像地址 - EmployeeType int64 `json:"employee_type"` //1正式 2实习 3外包 - Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + UserId int64 `json:"userId"` + UserDN string `json:"user_dn"` + UserName string `json:"user_name"` //用户名 + Password string `json:"password"` //密码 + Email string `json:"email"` //邮箱 + Mobile string `json:"mobile"` //手机号 + Avatar string `json:"avatar"` //头像地址 + EmployeeType int64 `json:"employee_type"` //1正式 2实习 3外包 + Status int64 `json:"status,options=0|1"` //状态 1正常0离职 + CreateTime time.Time `json:"create_time"` + UpdateTime time.Time `json:"update_time"` } // 获取用户详情 @@ -40,12 +42,11 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*LdapUserInfo, error) { switch attr.Name { case "uidNumber": //用户id if len(attr.Values) == 0 { - continue + return nil, errors.New("用户id不存在") } user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - logx.Error(err) - return nil, errors.New("用户id转数字失败") + return nil, err } case "sn": //用户真名 user.UserName = strings.Join(attr.Values, "") @@ -59,19 +60,29 @@ func (l *Ldap) GetLdapUserInfo(userDN string) (*LdapUserInfo, error) { user.Password = strings.Join(attr.Values, ",") case "employeeType": //员工类型 if len(attr.Values) == 0 { - continue + return nil, errors.New("用户类型不存在") } user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - return nil, errors.New("用户类型转数字失败") + return nil, err } case "postalCode": //状态 if len(attr.Values) == 0 { - continue + return nil, errors.New("用户状态不存在") } user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - return nil, errors.New("用户状态转数字失败") + return nil, err + } + case "createTimestamp": + user.CreateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, err + } + case "modifyTimestamp": + user.UpdateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, err } } } @@ -102,12 +113,11 @@ func (l *Ldap) GetLdapBaseTeamUserList(pageSize uint32, pageCookie string) ([]Ld switch attr.Name { case "uidNumber": //用户id if len(attr.Values) == 0 { - continue + return nil, "", errors.New("用户id不存在") } user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - logx.Error(err) - return nil, "", errors.New("用户id转数字失败") + return nil, "", err } case "sn": //用户真名 user.UserName = strings.Join(attr.Values, "") @@ -121,19 +131,29 @@ func (l *Ldap) GetLdapBaseTeamUserList(pageSize uint32, pageCookie string) ([]Ld user.Password = strings.Join(attr.Values, ",") case "employeeType": //员工类型 if len(attr.Values) == 0 { - continue + return nil, "", errors.New("用户类型不存在") } user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - return nil, "", errors.New("用户类型转数字失败") + return nil, "", err } case "postalCode": //状态 if len(attr.Values) == 0 { - continue + return nil, "", errors.New("用户状态不存在") } user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) if err != nil { - return nil, "", errors.New("用户状态转数字失败") + return nil, "", err + } + case "createTimestamp": + user.CreateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, "", err + } + case "modifyTimestamp": + user.UpdateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, "", err } } } @@ -150,3 +170,67 @@ func (l *Ldap) GetLdapBaseTeamUserList(pageSize uint32, pageCookie string) ([]Ld } return list, rspCookie, nil } + +// 从基础用户组中获取指定一批用户 +func (l *Ldap) GetLdapBaseTeamUsersByParams(filter string) ([]LdapUserInfo, error) { + result, err := l.Search(l.peopleGroupDN, ldap.ScopeWholeSubtree, filter, nil, nil) + if err != nil { + return nil, err + } + list := make([]LdapUserInfo, 0, len(result.Entries)) + for _, entry := range result.Entries { + user := LdapUserInfo{ + UserDN: entry.DN, + } + for _, attr := range entry.Attributes { + switch attr.Name { + case "uidNumber": //用户id + if len(attr.Values) == 0 { + return nil, errors.New("用户id不存在") + } + user.UserId, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, err + } + case "sn": //用户真名 + user.UserName = strings.Join(attr.Values, "") + case "mail": //邮箱 + user.Email = strings.Join(attr.Values, "") + case "mobile": //手机号 + user.Mobile = strings.Join(attr.Values, "") + case "postalAddress": //头像 + user.Avatar = strings.Join(attr.Values, "") + case "userPassword": //密码 + user.Password = strings.Join(attr.Values, ",") + case "employeeType": //员工类型 + if len(attr.Values) == 0 { + return nil, errors.New("用户类型不存在") + } + user.EmployeeType, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, err + } + case "postalCode": //状态 + if len(attr.Values) == 0 { + return nil, errors.New("用户状态不存在") + } + user.Status, err = strconv.ParseInt(attr.Values[0], 10, 64) + if err != nil { + return nil, err + } + case "createTimestamp": + user.CreateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, err + } + case "modifyTimestamp": + user.UpdateTime, err = LdapTimeToTime(attr.Values[0]) + if err != nil { + return nil, err + } + } + } + list = append(list, user) + } + return list, nil +}