fusenapi/server/ldap-admin/internal/logic/createldapuserlogic.go
laodaming 50e8a42e34 fix
2023-11-22 10:19:27 +08:00

112 lines
4.4 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package logic
import (
"fmt"
"fusenapi/model/gmodel"
"fusenapi/utils/basic"
"fusenapi/utils/chinese_to_pinyin"
"fusenapi/utils/email"
"fusenapi/utils/encryption_decryption"
"gorm.io/gorm"
"net/http"
"strings"
"time"
"context"
"fusenapi/server/ldap-admin/internal/svc"
"fusenapi/server/ldap-admin/internal/types"
"github.com/zeromicro/go-zero/core/logx"
)
type CreateLdapUserLogic struct {
logx.Logger
ctx context.Context
svcCtx *svc.ServiceContext
}
func NewCreateLdapUserLogic(ctx context.Context, svcCtx *svc.ServiceContext) *CreateLdapUserLogic {
return &CreateLdapUserLogic{
Logger: logx.WithContext(ctx),
ctx: ctx,
svcCtx: svcCtx,
}
}
// 处理进入前逻辑w,r
// func (l *CreateLdapUserLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
// }
func (l *CreateLdapUserLogic) CreateLdapUser(req *types.CreateLdapUserReq, r *http.Request) (resp *basic.Response) {
if !l.svcCtx.Ldap.VerifyAuthority(r) {
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
}
req.UserName = strings.Trim(req.UserName, " ")
req.Mobile = strings.Trim(req.Mobile, " ")
req.Email = strings.Trim(req.Email, " ")
req.Password = strings.Trim(req.Password, " ")
if req.GroupId < 0 {
req.GroupId = 0
}
if req.UserName == "" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,用户名不能为空")
}
if req.Password == "" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,密码不能为空")
}
if !email.IsEmailValid(req.Email) {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,邮箱格式不正确")
}
//把用户名转pinyin
userNamePinyin := chinese_to_pinyin.ChineseToPinyin(req.UserName)
userDN := fmt.Sprintf("cn=%s,%s", req.Email, l.svcCtx.Config.Ldap.PeopleGroupDN)
//新增一条记录获取递增用户id
now := time.Now().UTC()
err := l.svcCtx.MysqlConn.Transaction(func(tx *gorm.DB) error {
userData := &gmodel.LdapUser{
UserDn: &userDN,
Ctime: &now,
Utime: &now,
}
if err := tx.WithContext(l.ctx).Model(&gmodel.LdapUser{}).Create(userData).Error; err != nil {
return err
}
pwd, err := encryption_decryption.CBCEncrypt(req.Password)
if err != nil {
return err
}
return l.svcCtx.Ldap.Create(userDN, map[string][]string{
"objectClass": {"person", "organizationalPerson", "inetOrgPerson", "posixAccount", "top", "shadowAccount"}, //固有属性
"shadowLastChange": {"19676"}, //固有属性
"shadowMin": {"0"}, //固有属性
"shadowMax": {"99999"}, //固有属性
"shadowWarning": {"7"}, //固有属性
"loginShell": {"/usr/sbin/nologin"}, //固有属性
"homeDirectory": {"/home/users/" + userNamePinyin},
"employeeType": {fmt.Sprintf("%d", req.EmployeeType)}, //员工类型1正式 2实习 3外包
"uidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id
"gidNumber": {fmt.Sprintf("%d", userData.Id)}, //用户id
"uid": {userNamePinyin}, //用户名(拼音)
"cn": {req.Email}, //邮箱
"sn": {req.UserName}, //用户名
"mail": {req.Email}, //邮箱
"postalCode": {fmt.Sprintf("%d", req.Status)}, //状态
"departmentNumber": {fmt.Sprintf("%d", req.GroupId)}, //权限分组id
"postalAddress": {req.Avatar}, //头像
"mobile": {req.Mobile}, //手机号
"userPassword": {"{crypt}" + pwd}, //密码
})
})
if err != nil {
return resp.SetStatusWithMessage(basic.CodeServiceErr, "添加用户失败,"+err.Error())
}
return resp.SetStatusWithMessage(basic.CodeOK, "添加用户成功")
}
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
// func (l *CreateLdapUserLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
// // httpx.OkJsonCtx(r.Context(), w, resp)
// }