diff --git a/model/gmodel/fs_user_info_logic.go b/model/gmodel/fs_user_info_logic.go index 51b1d329..b94c561a 100644 --- a/model/gmodel/fs_user_info_logic.go +++ b/model/gmodel/fs_user_info_logic.go @@ -111,6 +111,14 @@ func (m *FsUserInfoModel) GetProfile(ctx context.Context, pkey string, userId in return m.getDefaultProfile(ctx, tname) } + if _, ok := info["logo_selected"]; !ok { + defaultUserInfo, err := m.getDefaultProfile(ctx, tname) + if err != nil { + return nil, err + } + info["logo_selected"] = defaultUserInfo["logo_selected"] + } + return info, nil } diff --git a/server/ldap-admin/internal/handler/getldaporganizationmembershandler.go b/server/ldap-admin/internal/handler/getldaporganizationmembershandler.go new file mode 100644 index 00000000..23dbfbdc --- /dev/null +++ b/server/ldap-admin/internal/handler/getldaporganizationmembershandler.go @@ -0,0 +1,35 @@ +package handler + +import ( + "net/http" + "reflect" + + "fusenapi/utils/basic" + + "fusenapi/server/ldap-admin/internal/logic" + "fusenapi/server/ldap-admin/internal/svc" + "fusenapi/server/ldap-admin/internal/types" +) + +func GetLdapOrganizationMembersHandler(svcCtx *svc.ServiceContext) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + + var req types.GetLdapOrganizationMembersReq + userinfo, err := basic.RequestParse(w, r, svcCtx, &req) + if err != nil { + return + } + + // 创建一个业务逻辑层实例 + l := logic.NewGetLdapOrganizationMembersLogic(r.Context(), svcCtx) + + rl := reflect.ValueOf(l) + basic.BeforeLogic(w, r, rl) + + resp := l.GetLdapOrganizationMembers(&req, userinfo) + + if !basic.AfterLogic(w, r, rl, resp) { + basic.NormalAfterLogic(w, r, resp) + } + } +} diff --git a/server/ldap-admin/internal/handler/routes.go b/server/ldap-admin/internal/handler/routes.go index 9a931b06..429c19a7 100644 --- a/server/ldap-admin/internal/handler/routes.go +++ b/server/ldap-admin/internal/handler/routes.go @@ -107,6 +107,11 @@ func RegisterHandlers(server *rest.Server, serverCtx *svc.ServiceContext) { Path: "/api/ldap-admin/remove_ldap_organization_member", Handler: RemoveLdapOrganizationMemberHandler(serverCtx), }, + { + Method: http.MethodGet, + Path: "/api/ldap-admin/get_ldap_organization_members", + Handler: GetLdapOrganizationMembersHandler(serverCtx), + }, }, ) } diff --git a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go index 887d1217..52acdaad 100644 --- a/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/addldaporganizationmemberlogic.go @@ -3,6 +3,7 @@ package logic import ( "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/ldap_lib" "strings" "context" @@ -35,13 +36,18 @@ func (l *AddLdapOrganizationMemberLogic) AddLdapOrganizationMember(req *types.Ad req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") req.UserDN = strings.Trim(req.UserDN, " ") if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的目标组织DN") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的目标组织DN") } if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") } - //ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) - return resp.SetStatus(basic.CodeOK) + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + err := ldapServer.AddUserToOrganization(req.OrganizationDN, req.UserDN) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加成员失败,", err.Error()) + } + return resp.SetStatusWithMessage(basic.CodeOK, "添加成功") } // 处理逻辑后 w,r 如:重定向, resp 必须重新处理 diff --git a/server/ldap-admin/internal/logic/createldaporganizationlogic.go b/server/ldap-admin/internal/logic/createldaporganizationlogic.go index b95da217..08c1c5d6 100644 --- a/server/ldap-admin/internal/logic/createldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/createldaporganizationlogic.go @@ -36,17 +36,14 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd req.OrganizationOu = strings.Trim(req.OrganizationOu, " ") req.ParentOrganizationDN = strings.Trim(req.ParentOrganizationDN, " ") req.BusinessCategory = strings.Trim(req.BusinessCategory, " ") - if req.OrganizationOu == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,organization_ou不能为空") - } if len(strings.Split(req.OrganizationOu, ",")) != 1 { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,不合法的organization_ou") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,不合法的组织ou") } if req.ParentOrganizationDN == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,parentOrganization_dn不能为空") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,父级DN不能为空") } if req.BusinessCategory == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,business_category不能为空") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,分类名不能为空") } //组装organization dn organizationDN := "ou=" + req.OrganizationOu + "," + req.ParentOrganizationDN diff --git a/server/ldap-admin/internal/logic/createldapuserlogic.go b/server/ldap-admin/internal/logic/createldapuserlogic.go index 3fa92dec..a3f03781 100644 --- a/server/ldap-admin/internal/logic/createldapuserlogic.go +++ b/server/ldap-admin/internal/logic/createldapuserlogic.go @@ -42,13 +42,13 @@ func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, useri req.Email = strings.Trim(req.Email, " ") req.Password = strings.Trim(req.Password, " ") if req.UserName == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "用户名不能为空") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户名不能为空") } if req.Password == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "密码不能为空") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,密码不能为空") } if !email.IsEmailValid(req.Email) { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "邮箱格式不正确") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确") } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) //把用户名转pinyin diff --git a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go index c3956d2a..70f01295 100644 --- a/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/deleteldaporganizationlogic.go @@ -35,7 +35,7 @@ func NewDeleteLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont func (l *DeleteLdapOrganizationLogic) DeleteLdapOrganization(req *types.DeleteLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) { req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的组织DN") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) if err := ldapServer.Delete(req.OrganizationDN); err != nil { diff --git a/server/ldap-admin/internal/logic/deleteldapuserlogic.go b/server/ldap-admin/internal/logic/deleteldapuserlogic.go index fa18e505..0625cde9 100644 --- a/server/ldap-admin/internal/logic/deleteldapuserlogic.go +++ b/server/ldap-admin/internal/logic/deleteldapuserlogic.go @@ -35,7 +35,7 @@ func NewDeleteLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *De func (l *DeleteLdapUserLogic) DeleteLdapUser(req *types.DeleteLdapUserReq, userinfo *auth.UserInfo) (resp *basic.Response) { req.UserDN = strings.Trim(req.UserDN, " ") if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) err := ldapServer.Update(req.UserDN, map[string][]string{ diff --git a/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go new file mode 100644 index 00000000..0840862c --- /dev/null +++ b/server/ldap-admin/internal/logic/getldaporganizationmemberslogic.go @@ -0,0 +1,46 @@ +package logic + +import ( + "fusenapi/utils/auth" + "fusenapi/utils/basic" + "strings" + + "context" + + "fusenapi/server/ldap-admin/internal/svc" + "fusenapi/server/ldap-admin/internal/types" + + "github.com/zeromicro/go-zero/core/logx" +) + +type GetLdapOrganizationMembersLogic struct { + logx.Logger + ctx context.Context + svcCtx *svc.ServiceContext +} + +func NewGetLdapOrganizationMembersLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetLdapOrganizationMembersLogic { + return &GetLdapOrganizationMembersLogic{ + Logger: logx.WithContext(ctx), + ctx: ctx, + svcCtx: svcCtx, + } +} + +// 处理进入前逻辑w,r +// func (l *GetLdapOrganizationMembersLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) { +// } + +func (l *GetLdapOrganizationMembersLogic) GetLdapOrganizationMembers(req *types.GetLdapOrganizationMembersReq, userinfo *auth.UserInfo) (resp *basic.Response) { + req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") + if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") + } + + return resp.SetStatus(basic.CodeOK) +} + +// 处理逻辑后 w,r 如:重定向, resp 必须重新处理 +// func (l *GetLdapOrganizationMembersLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) { +// // httpx.OkJsonCtx(r.Context(), w, resp) +// } diff --git a/server/ldap-admin/internal/logic/getldaporganizationslogic.go b/server/ldap-admin/internal/logic/getldaporganizationslogic.go index 6162499a..f546bf48 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go @@ -35,6 +35,7 @@ func NewGetLdapOrganizationsLogic(ctx context.Context, svcCtx *svc.ServiceContex // } type DNItem struct { Attribute map[string]interface{} `json:"attribute"` + HasMember bool `json:"has_member"` //是否有成员 DN string `json:"dn"` ParentDN string `json:"parent_dn"` Sort int `json:"sort"` @@ -52,8 +53,9 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use if len(peopleDNSlice) <= 1 { return resp.SetStatusWithMessage(basic.CodeServiceErr, "基础用户组的DN未配置") } - filter := "(&(objectClass=*)(!(" + peopleDNSlice[0] + "))(!(" + rootCn[0] + ")))" //所有object但是不包括people以及root用户 - searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, nil, nil) + filter := "(|(&(objectClass=groupOfUniqueNames)(objectClass=top))(objectClass=organization))" + fields := []string{"businessCategory", "dn", "uniqueMember"} + searchResult, err := ldapServer.Search(l.svcCtx.Config.Ldap.BaseDN, ldap.ScopeWholeSubtree, filter, fields, nil) if err != nil { return resp.SetStatusWithMessage(basic.CodeServiceErr, "查询失败:"+err.Error()) } @@ -63,23 +65,19 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, use for _, v := range searchResult.Entries { sortNum++ attribute := make(map[string]interface{}) + hasMember := false for _, attr := range v.Attributes { - switch attr.Name { - case "objectClass": //objectcalss属性特别处理 - mapObjectClass := make(map[string]struct{}) - for _, objectClassItem := range attr.Values { - mapObjectClass[objectClassItem] = struct{}{} - } - attribute[attr.Name] = mapObjectClass - case "member": //成员不用变 - attribute[attr.Name] = attr.Values - default: //普通属性 - attribute[attr.Name] = strings.Join(attr.Values, ",") + //判断是否有成员(不包含root用户所以判断大于1) + if attr.Name == "uniqueMember" && len(attr.Values) > 1 { + hasMember = true + continue } + attribute[attr.Name] = strings.Join(attr.Values, ",") } mapDN[v.DN] = &DNItem{ DN: v.DN, ParentDN: "", + HasMember: hasMember, Attribute: attribute, Sort: sortNum, Child: make([]*DNItem, 0, 100), diff --git a/server/ldap-admin/internal/logic/getldapuserinfologic.go b/server/ldap-admin/internal/logic/getldapuserinfologic.go index 6777e327..918bee64 100644 --- a/server/ldap-admin/internal/logic/getldapuserinfologic.go +++ b/server/ldap-admin/internal/logic/getldapuserinfologic.go @@ -35,7 +35,7 @@ func NewGetLdapUserInfoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *G func (l *GetLdapUserInfoLogic) GetLdapUserInfo(req *types.GetLdapUserInfoReq, userinfo *auth.UserInfo) (resp *basic.Response) { if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "用户DN错误") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户DN错误") } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) res, err := ldapServer.Search(req.UserDN, ldap.ScopeWholeSubtree, "", nil, nil) diff --git a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go index 443a3457..3f300f3e 100644 --- a/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go +++ b/server/ldap-admin/internal/logic/removeldaporganizationmemberlogic.go @@ -3,6 +3,8 @@ package logic import ( "fusenapi/utils/auth" "fusenapi/utils/basic" + "fusenapi/utils/ldap_lib" + "strings" "context" @@ -31,10 +33,21 @@ func NewRemoveLdapOrganizationMemberLogic(ctx context.Context, svcCtx *svc.Servi // } func (l *RemoveLdapOrganizationMemberLogic) RemoveLdapOrganizationMember(req *types.RemoveLdapOrganizationMemberReq, userinfo *auth.UserInfo) (resp *basic.Response) { - // 返回值必须调用Set重新返回, resp可以空指针调用 resp.SetStatus(basic.CodeOK, data) - // userinfo 传入值时, 一定不为null - - return resp.SetStatus(basic.CodeOK) + req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") + req.UserDN = strings.Trim(req.UserDN, " ") + if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的目标组织DN") + } + if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") + } + ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) + err := ldapServer.RemoveUserFromOrganization(req.OrganizationDN, req.UserDN) + if err != nil { + logx.Error(err) + return resp.SetStatusWithMessage(basic.CodeServiceErr, "移除成员失败,", err.Error()) + } + return resp.SetStatusWithMessage(basic.CodeOK, "移除成员成功") } // 处理逻辑后 w,r 如:重定向, resp 必须重新处理 diff --git a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go index 6efc5ba3..e16bbae0 100644 --- a/server/ldap-admin/internal/logic/updateldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/updateldaporganizationlogic.go @@ -35,10 +35,10 @@ func NewUpdateLdapOrganizationLogic(ctx context.Context, svcCtx *svc.ServiceCont func (l *UpdateLdapOrganizationLogic) UpdateLdapOrganization(req *types.UpdateLdapOrganizationReq, userinfo *auth.UserInfo) (resp *basic.Response) { req.OrganizationDN = strings.Trim(req.OrganizationDN, " ") if req.OrganizationDN == "" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "组织DN不能为空") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织DN不能为空") } if len(req.OrganizationDN) <= 3 || req.OrganizationDN[:3] != "ou=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的组织DN") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的组织DN") } ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN) if err := ldapServer.Update(req.OrganizationDN, map[string][]string{ diff --git a/server/ldap-admin/internal/logic/updateldapuserlogic.go b/server/ldap-admin/internal/logic/updateldapuserlogic.go index 490fee69..a26e46c1 100644 --- a/server/ldap-admin/internal/logic/updateldapuserlogic.go +++ b/server/ldap-admin/internal/logic/updateldapuserlogic.go @@ -44,7 +44,7 @@ func (l *UpdateLdapUserLogic) UpdateLdapUser(req *types.UpdateLdapUserReq, useri //todo 验证下是不是本人 } if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" { - return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN") } //把用户名转pinyin userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName) diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index b7d98c82..964f9df3 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -157,6 +157,10 @@ type RemoveLdapOrganizationMemberReq struct { UserDN string `json:"user_dn"` //用户DN } +type GetLdapOrganizationMembersReq struct { + OrganizationDN string `json:"organization_dn"` +} + type Request struct { } diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index 9ad25e7e..94503b22 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -69,6 +69,9 @@ service ldap-admin { //ldap组织移除成员 @handler RemoveLdapOrganizationMemberHandler post /api/ldap-admin/remove_ldap_organization_member(RemoveLdapOrganizationMemberReq) returns (response); + //获取ldap组织成员列表 + @handler GetLdapOrganizationMembersHandler + get /api/ldap-admin/get_ldap_organization_members(GetLdapOrganizationMembersReq) returns (response); } type ( @@ -218,4 +221,8 @@ type AddLdapOrganizationMemberReq { type RemoveLdapOrganizationMemberReq { OrganizationDN string `json:"organization_dn"` //目标组织DN UserDN string `json:"user_dn"` //用户DN +} +//获取ldap组织成员列表 +type GetLdapOrganizationMembersReq { + OrganizationDN string `json:"organization_dn"` } \ No newline at end of file diff --git a/utils/ldap_lib/ldap_group.go b/utils/ldap_lib/ldap_group.go index 922cc303..360f8bca 100644 --- a/utils/ldap_lib/ldap_group.go +++ b/utils/ldap_lib/ldap_group.go @@ -66,12 +66,12 @@ func (l *Ldap) Search(DN string, scope int, filter string, attr []string, contro } // AddUserToGroup 添加用户到组织 -func (l *Ldap) AddUserToOrganization(groupDN, userDN string) error { +func (l *Ldap) AddUserToOrganization(organizationDN, userDN string) error { //判断dn是否以ou开头 - if groupDN[:3] == "ou=" { + /*if organizationDN[:3] == "ou=" { return errors.New("不能添加用户到OU组织单元") - } - modify := ldap.NewModifyRequest(groupDN, nil) + }*/ + modify := ldap.NewModifyRequest(organizationDN, nil) modify.Add("uniqueMember", []string{userDN}) return l.conn.Modify(modify) }