From dbf39e30579bb71df65593963a9678d0dfb4e470 Mon Sep 17 00:00:00 2001 From: laodaming <11058467+laudamine@user.noreply.gitee.com> Date: Fri, 24 Nov 2023 12:05:09 +0800 Subject: [PATCH] fix --- .../logic/createldaporganizationlogic.go | 12 +++- .../logic/getldaporganizationslogic.go | 56 ++++++++++--------- server/ldap-admin/internal/types/types.go | 3 +- server_api/ldap-admin.api | 9 +-- 4 files changed, 47 insertions(+), 33 deletions(-) diff --git a/server/ldap-admin/internal/logic/createldaporganizationlogic.go b/server/ldap-admin/internal/logic/createldaporganizationlogic.go index 05b535fe..7560f3ce 100644 --- a/server/ldap-admin/internal/logic/createldaporganizationlogic.go +++ b/server/ldap-admin/internal/logic/createldaporganizationlogic.go @@ -3,6 +3,7 @@ package logic import ( "fusenapi/utils/basic" "fusenapi/utils/chinese_to_pinyin" + "fusenapi/utils/email" "net/http" "strings" @@ -53,15 +54,22 @@ func (l *CreateLdapOrganizationLogic) CreateLdapOrganization(req *types.CreateLd if req.BusinessCategory == "" { return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,组织分类名不能为空") } + if len(req.OwnerDN) <= 3 || req.OwnerDN[:3] != "cn=" { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "无效的用户DN") + } + cnEmail := strings.Split(req.OwnerDN, ",")[0][3:] + if !email.IsEmailValid(cnEmail) { + return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn") + } //组装organization dn organizationDN := "ou=" + req.OrganizationEnName + "," + req.ParentOrganizationDN err := l.svcCtx.Ldap.Create(organizationDN, map[string][]string{ "objectClass": {"top", "groupOfUniqueNames"}, - "owner": {""}, //负责人DN + "owner": {req.OwnerDN}, //负责人DN "cn": {req.OrganizationEnName}, "ou": {req.OrganizationEnName}, "businessCategory": {req.BusinessCategory}, - "uniqueMember": {l.svcCtx.Config.Ldap.RootDN}, //创建groupOfUniqueNames对象类型需要至少一个member,把root加进去 + "uniqueMember": {req.OwnerDN}, //必须有一个初始的成员 }) if err != nil { logx.Error(err) diff --git a/server/ldap-admin/internal/logic/getldaporganizationslogic.go b/server/ldap-admin/internal/logic/getldaporganizationslogic.go index b138e6a5..e746b31e 100644 --- a/server/ldap-admin/internal/logic/getldaporganizationslogic.go +++ b/server/ldap-admin/internal/logic/getldaporganizationslogic.go @@ -34,15 +34,16 @@ func NewGetLdapOrganizationsLogic(ctx context.Context, svcCtx *svc.ServiceContex // func (l *GetLdapOrganizationsLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) { // } type DNItem struct { - Attribute map[string]interface{} `json:"attribute"` - MemberCount int `json:"member_count"` - OwnerName string `json:"owner_name"` - OwnerDN string `json:"owner_dn"` - Level int `json:"level"` - DN string `json:"dn"` - ParentDN string `json:"parent_dn"` - Sort int `json:"sort"` - Child []*DNItem `json:"child"` + Attribute map[string]interface{} `json:"attribute"` + MemberCount int `json:"member_count"` + BusinessCategory string `json:"business_category"` + OwnerName string `json:"owner_name"` + OwnerDN string `json:"owner_dn"` + Level int `json:"level"` + DepartmentDN string `json:"department_dn"` + DepartmentParentDN string `json:"department_parent_dn"` + Sort int `json:"sort"` + Child []*DNItem `json:"child"` } func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r *http.Request) (resp *basic.Response) { @@ -73,32 +74,35 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r * for _, v := range searchResult.Entries { sortNum++ attribute := make(map[string]interface{}) - memberCount := 0 + memberCount := 0 //成员数 + businessCategory := "" //部门名称 for _, attr := range v.Attributes { - //判断是否有成员(不包含root用户所以判断大于1) - if attr.Name == "uniqueMember" { - memberCount = len(attr.Values) - 1 //不包含root用户 - continue - } - if attr.Name == "owner" && len(attr.Values) != 0 { //负责人 + switch attr.Name { + case "uniqueMember": + memberCount = len(attr.Values) + case "owner": + if len(attr.Values) == 0 { + continue + } ownerDN = attr.Values[0] //解析用户DN,只需要提取cn userCn := strings.Split(attr.Values[0], ",")[0] ownerFilterBuilder.WriteString(fmt.Sprintf("(%s)", userCn)) + case "businessCategory": + businessCategory = strings.Join(attr.Values, ",") } - attribute[attr.Name] = strings.Join(attr.Values, ",") } dnSlice := strings.ReplaceAll(v.DN, ","+l.svcCtx.Config.Ldap.BaseDN, "") //把最顶级的组织去掉 level := len(strings.Split(dnSlice, ",")) data := &DNItem{ - DN: v.DN, - ParentDN: "", - Level: level, - MemberCount: memberCount, - Attribute: attribute, - OwnerDN: ownerDN, - Sort: sortNum, - Child: make([]*DNItem, 0, 100), + DepartmentDN: v.DN, + BusinessCategory: businessCategory, + Level: level, + MemberCount: memberCount, + Attribute: attribute, + OwnerDN: ownerDN, + Sort: sortNum, + Child: make([]*DNItem, 0, 100), } mapDN[v.DN] = data } @@ -135,7 +139,7 @@ func (l *GetLdapOrganizationsLogic) GetLdapOrganizations(req *types.Request, r * //有父级 parentDN := strings.Join(sl[1:], ",") if parent, ok := mapDN[parentDN]; ok { - v.ParentDN = parentDN + v.DepartmentParentDN = parentDN parent.Child = append(parent.Child, v) //排序 sort.Slice(parent.Child, func(i, j int) bool { diff --git a/server/ldap-admin/internal/types/types.go b/server/ldap-admin/internal/types/types.go index 8a119fe8..58a757e7 100644 --- a/server/ldap-admin/internal/types/types.go +++ b/server/ldap-admin/internal/types/types.go @@ -134,8 +134,9 @@ type MenuItem struct { type CreateLdapOrganizationReq struct { OrganizationEnName string `json:"organization_en_name"` //组织英文名 - BusinessCategory string `json:"business_category"` //组织类别 + BusinessCategory string `json:"business_category"` //组织类别名称 ParentOrganizationDN string `json:"parent_organization_dn"` //父级dn + OwnerDN string `json:"owner_dn"` //负责人dn } type DeleteLdapOrganizationReq struct { diff --git a/server_api/ldap-admin.api b/server_api/ldap-admin.api index 8e5c3dfd..c949371a 100644 --- a/server_api/ldap-admin.api +++ b/server_api/ldap-admin.api @@ -22,11 +22,11 @@ service ldap-admin { //删除权限组 @handler DeleteLdapGroupHandler post /api/ldap-admin/delete_ldap_group(DeleteLdapGroupReq) returns (response); - + //权限组授权 @handler SetLdapGroupAuthHandler post /api/ldap-admin/set_ldap_group_auth(SetLdapGroupAuthReq) returns (response); - + //权限组授权用户 @handler SetLdapGroupUserHandler post /api/ldap-admin/set_ldap_group_user(SetLdapGroupUserReq) returns (response); @@ -39,7 +39,7 @@ service ldap-admin { //删除API @handler DeleteApiHandler post /api/ldap-admin/delete_api(DeleteApiReq) returns (response); - + //保存菜单 @handler SaveMenuHandler post /api/ldap-admin/save_menu(SaveMenuReq) returns (response); @@ -222,8 +222,9 @@ type MenuItem { //增加ldap组织 type CreateLdapOrganizationReq { OrganizationEnName string `json:"organization_en_name"` //组织英文名 - BusinessCategory string `json:"business_category"` //组织类别 + BusinessCategory string `json:"business_category"` //组织类别名称 ParentOrganizationDN string `json:"parent_organization_dn"` //父级dn + OwnerDN string `json:"owner_dn"` //负责人dn } //删除ldap组织 type DeleteLdapOrganizationReq {