2023-02-22 22:16:13 +08:00
|
|
|
|
package logic
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"fmt"
|
|
|
|
|
|
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/config"
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/model"
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/model/request"
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/public/tools"
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/service/ildap"
|
|
|
|
|
|
"github.com/eryajf/go-ldap-admin/service/isql"
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type SqlLogic struct{}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// SyncSqlUsers 同步sql的用户信息到ldap
|
2023-02-22 22:16:13 +08:00
|
|
|
|
func (d *SqlLogic) SyncSqlUsers(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
|
|
|
|
|
|
r, ok := req.(*request.SyncSqlUserReq)
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
return nil, ReqAssertErr
|
|
|
|
|
|
}
|
|
|
|
|
|
_ = c
|
|
|
|
|
|
// 1.获取所有用户
|
|
|
|
|
|
for _, id := range r.UserIds {
|
|
|
|
|
|
filter := tools.H{"id": int(id)}
|
|
|
|
|
|
if !isql.User.Exist(filter) {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("有用户不存在"))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
users, err := isql.User.GetUserByIds(r.UserIds)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("获取用户信息失败: " + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
// 2.再将用户添加到ldap
|
|
|
|
|
|
for _, user := range users {
|
|
|
|
|
|
err = ildap.User.Add(&user)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewLdapError(fmt.Errorf("SyncUser向LDAP同步用户失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
// 获取用户将要添加的分组
|
|
|
|
|
|
groups, err := isql.Group.GetGroupByIds(tools.StringToSlice(user.DepartmentId, ","))
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("根据部门ID获取部门信息失败" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, group := range groups {
|
|
|
|
|
|
//根据选择的部门,添加到部门内
|
|
|
|
|
|
err = ildap.Group.AddUserToGroup(group.GroupDN, user.UserDN)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("向Ldap添加用户到分组关系失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-02-25 18:02:58 +08:00
|
|
|
|
err = isql.User.ChangeSyncState(int(user.ID), 1)
|
2023-02-22 22:16:13 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewLdapError(fmt.Errorf("用户同步完毕之后更新状态失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return nil, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// SyncSqlGroups 同步sql中的分组信息到ldap
|
2023-02-22 22:16:13 +08:00
|
|
|
|
func (d *SqlLogic) SyncSqlGroups(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
|
|
|
|
|
|
r, ok := req.(*request.SyncSqlGrooupsReq)
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
return nil, ReqAssertErr
|
|
|
|
|
|
}
|
|
|
|
|
|
_ = c
|
|
|
|
|
|
// 1.获取所有分组
|
|
|
|
|
|
for _, id := range r.GroupIds {
|
|
|
|
|
|
filter := tools.H{"id": int(id)}
|
|
|
|
|
|
if !isql.Group.Exist(filter) {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("有分组不存在"))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
groups, err := isql.Group.GetGroupByIds(r.GroupIds)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewMySqlError(fmt.Errorf("获取分组信息失败: " + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
// 2.再将分组添加到ldap
|
|
|
|
|
|
for _, group := range groups {
|
|
|
|
|
|
err = ildap.Group.Add(group)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewLdapError(fmt.Errorf("SyncUser向LDAP同步分组失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(group.Users) > 0 {
|
|
|
|
|
|
for _, user := range group.Users {
|
|
|
|
|
|
if user.UserDN == config.Conf.Ldap.AdminDN {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
err = ildap.Group.AddUserToGroup(group.GroupDN, user.UserDN)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewLdapError(fmt.Errorf("同步分组之后处理分组内的用户失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-02-25 18:02:58 +08:00
|
|
|
|
err = isql.Group.ChangeSyncState(int(group.ID), 1)
|
2023-02-22 22:16:13 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, tools.NewLdapError(fmt.Errorf("分组同步完毕之后更新状态失败:" + err.Error()))
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return nil, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// SearchGroupDiff 检索未同步到ldap中的分组
|
2023-02-22 22:16:13 +08:00
|
|
|
|
func SearchGroupDiff() (err error) {
|
|
|
|
|
|
// 获取sql中的数据
|
|
|
|
|
|
var sqlGroupList []*model.Group
|
|
|
|
|
|
sqlGroupList, err = isql.Group.ListAll()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
// 获取ldap中的数据
|
|
|
|
|
|
var ldapGroupList []*model.Group
|
|
|
|
|
|
ldapGroupList, err = ildap.Group.ListGroupDN()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
// 比对两个系统中的数据
|
|
|
|
|
|
groups := diffGroup(sqlGroupList, ldapGroupList)
|
|
|
|
|
|
for _, group := range groups {
|
|
|
|
|
|
if group.GroupDN == config.Conf.Ldap.BaseDN {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2023-02-25 18:02:58 +08:00
|
|
|
|
err = isql.Group.ChangeSyncState(int(group.ID), 2)
|
2023-02-22 22:16:13 +08:00
|
|
|
|
}
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// SearchUserDiff 检索未同步到ldap中的用户
|
2023-02-22 22:16:13 +08:00
|
|
|
|
func SearchUserDiff() (err error) {
|
|
|
|
|
|
// 获取sql中的数据
|
|
|
|
|
|
var sqlUserList []*model.User
|
|
|
|
|
|
sqlUserList, err = isql.User.ListAll()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
// 获取ldap中的数据
|
|
|
|
|
|
var ldapUserList []*model.User
|
|
|
|
|
|
ldapUserList, err = ildap.User.ListUserDN()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
// 比对两个系统中的数据
|
|
|
|
|
|
users := diffUser(sqlUserList, ldapUserList)
|
|
|
|
|
|
for _, user := range users {
|
2023-02-25 18:02:58 +08:00
|
|
|
|
if user.UserDN == config.Conf.Ldap.AdminDN {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
err = isql.User.ChangeSyncState(int(user.ID), 2)
|
2023-02-22 22:16:13 +08:00
|
|
|
|
}
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// diffGroup 比较出sql中有但ldap中没有的group列表
|
|
|
|
|
|
func diffGroup(sqlGroup, ldapGroup []*model.Group) (rst []*model.Group) {
|
2023-02-22 22:16:13 +08:00
|
|
|
|
var tmp = make(map[string]struct{}, 0)
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
for _, v := range ldapGroup {
|
2023-02-22 22:16:13 +08:00
|
|
|
|
tmp[v.GroupDN] = struct{}{}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
for _, v := range sqlGroup {
|
2023-02-22 22:16:13 +08:00
|
|
|
|
if _, ok := tmp[v.GroupDN]; !ok {
|
|
|
|
|
|
rst = append(rst, v)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
// diffUser 比较出sql中有但ldap中没有的user列表
|
|
|
|
|
|
func diffUser(sqlUser, ldapUser []*model.User) (rst []*model.User) {
|
|
|
|
|
|
var tmp = make(map[string]struct{}, len(sqlUser))
|
|
|
|
|
|
|
|
|
|
|
|
for _, v := range ldapUser {
|
2023-02-22 22:16:13 +08:00
|
|
|
|
tmp[v.UserDN] = struct{}{}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-02-25 18:02:58 +08:00
|
|
|
|
for _, v := range sqlUser {
|
2023-02-22 22:16:13 +08:00
|
|
|
|
if _, ok := tmp[v.UserDN]; !ok {
|
|
|
|
|
|
rst = append(rst, v)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
