Guwan
/
ldap-1-backend
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: 修复parentid为0值的问题;补充启动时的初始化数据;用户密码加密类型可配置化 (#307)

This commit is contained in:
二丫讲梵 2024-02-21 22:44:02 +08:00 committed by GitHub
parent d00d6df8a1
commit 02638f213e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 84 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config.yml
View File

@ -107,6 +107,8 @@ ldap:
group-name-modify: false group-name-modify: false
# 是否允许更改用户DN # 是否允许更改用户DN
user-name-modify: false user-name-modify: false
# 用户密码加密方式 默认为 ssha 还可指定为 clear(表示不加密)
user-password-encryption-type: "ssha"
# 默认邮箱后缀 # 默认邮箱后缀
default-email-suffix: "eryajf.net" default-email-suffix: "eryajf.net"
# 📢 即便用不到如下三段配置信息,也不要删除,否则会有一些奇怪的错误出现 # 📢 即便用不到如下三段配置信息,也不要删除,否则会有一些奇怪的错误出现

21
config/config.go
View File

@ -140,16 +140,17 @@ type RateLimitConfig struct {
} }
type LdapConfig struct { type LdapConfig struct {
Url string `mapstructure:"url" json:"url"` Url string `mapstructure:"url" json:"url"`
MaxConn int `mapstructure:"max-conn" json:"maxConn"` MaxConn int `mapstructure:"max-conn" json:"maxConn"`
BaseDN string `mapstructure:"base-dn" json:"baseDN"` BaseDN string `mapstructure:"base-dn" json:"baseDN"`
AdminDN string `mapstructure:"admin-dn" json:"adminDN"` AdminDN string `mapstructure:"admin-dn" json:"adminDN"`
AdminPass string `mapstructure:"admin-pass" json:"adminPass"` AdminPass string `mapstructure:"admin-pass" json:"adminPass"`
UserDN string `mapstructure:"user-dn" json:"userDN"` UserDN string `mapstructure:"user-dn" json:"userDN"`
UserInitPassword string `mapstructure:"user-init-password" json:"userInitPassword"` UserInitPassword string `mapstructure:"user-init-password" json:"userInitPassword"`
GroupNameModify bool `mapstructure:"group-name-modify" json:"groupNameModify"` GroupNameModify bool `mapstructure:"group-name-modify" json:"groupNameModify"`
UserNameModify bool `mapstructure:"user-name-modify" json:"userNameModify"` UserNameModify bool `mapstructure:"user-name-modify" json:"userNameModify"`
DefaultEmailSuffix string `mapstructure:"default-email-suffix" json:"defaultEmailSuffix"` DefaultEmailSuffix string `mapstructure:"default-email-suffix" json:"defaultEmailSuffix"`
UserPasswordEncryptionType string `mapstructure:"user-password-encryption-type" json:"userPasswordEncryptionType"`
} }
type EmailConfig struct { type EmailConfig struct {
Host string `mapstructure:"host" json:"host"` Host string `mapstructure:"host" json:"host"`

6
docs/docker-compose/config/init.ldif
View File

@ -20,3 +20,9 @@ ou: feishuroot
description: 飞书根部门 description: 飞书根部门
objectClass: top objectClass: top
objectClass: organizationalUnit objectClass: organizationalUnit
dn: cn=group,dc=eryajf,dc=net
cn: group
description: 默认分组
objectClass: top
objectClass: groupOfUniqueNames

2
model/request/menu_req.go
View File

@ -38,7 +38,7 @@ type MenuUpdateReq struct {
AlwaysShow uint `json:"alwaysShow" validate:"oneof=1 2"` AlwaysShow uint `json:"alwaysShow" validate:"oneof=1 2"`
Breadcrumb uint `json:"breadcrumb" validate:"oneof=1 2"` Breadcrumb uint `json:"breadcrumb" validate:"oneof=1 2"`
ActiveMenu string `json:"activeMenu" validate:"min=0,max=100"` ActiveMenu string `json:"activeMenu" validate:"min=0,max=100"`
ParentId uint `json:"parentId" validate:"required"` ParentId uint `json:"parentId" validate:"gte=0"`
} }
// MenuDeleteReq 删除资源结构体 // MenuDeleteReq 删除资源结构体

56
public/common/init_mysql_data.go
View File

@ -9,6 +9,7 @@ import (
"github.com/eryajf/go-ldap-admin/public/tools" "github.com/eryajf/go-ldap-admin/public/tools"
"github.com/thoas/go-funk" "github.com/thoas/go-funk"
"gorm.io/datatypes"
"gorm.io/gorm" "gorm.io/gorm"
) )
@ -760,6 +761,18 @@ func InitData() {
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.FeiShu.Flag, 0), SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.FeiShu.Flag, 0),
GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.FeiShu.Flag+"root", config.Conf.Ldap.BaseDN), GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.FeiShu.Flag+"root", config.Conf.Ldap.BaseDN),
}, },
{
Model: gorm.Model{ID: 5},
GroupName: "group",
Remark: "默认分组",
Creator: "system",
GroupType: "cn",
ParentId: 1,
SourceDeptId: "platform_0",
Source: "platform",
SourceDeptParentId: "openldap_1",
GroupDN: fmt.Sprintf("cn=%s,%s", "group", config.Conf.Ldap.BaseDN),
},
} }
for _, group := range groups { for _, group := range groups {
@ -774,4 +787,47 @@ func InitData() {
Log.Errorf("写入分组数据失败:%v", err) Log.Errorf("写入分组数据失败:%v", err)
} }
} }
// 7.写入关系管理
filedRelation := []model.FieldRelation{
{
Flag: "dingtalk_group",
Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"id","sourceDeptParentId":"parentid"}`),
},
{
Flag: "dingtalk_user",
Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"name","introduction":"remark","jobNumber":"job_number","mail":"email","mobile":"mobile","nickname":"name","position":"title","postalAddress":"work_place","sourceUnionId":"unionid","sourceUserId":"userid","username":"custom_name_pinyin"}`),
},
{
Flag: "feishu_group",
Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"open_department_id","sourceDeptParentId":"parent_department_id"}`),
},
{
Flag: "feishu_user",
Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"name","introduction":"name","jobNumber":"employee_no","mail":"email","mobile":"mobile","nickname":"name","position":"job_title","postalAddress":"work_station","sourceUnionId":"union_id","sourceUserId":"user_id","username":"custom_name_pinyin"}`),
},
{
Flag: "wecom_group",
Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"parentid","sourceDeptParentId":"id"}`),
},
{
Flag: "wecom_user",
Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"alias","introduction":"name","jobNumber":"mobile","mail":"email","mobile":"mobile","nickname":"name","position":"external_position","postalAddress":"address","sourceUnionId":"userid","sourceUserId":"userid","username":"custom_name_pinyin"}`),
},
}
newFieldRelations := make([]model.FieldRelation, 0)
for i, newFieldRelation := range filedRelation {
newFieldRelation.ID = uint(i + 1)
err := DB.First(&newFieldRelation, newFieldRelation.ID).Error
if errors.Is(err, gorm.ErrRecordNotFound) {
newFieldRelations = append(newFieldRelations, newFieldRelation)
}
}
if len(newFieldRelations) > 0 {
if err := DB.Create(&newFieldRelations).Error; err != nil {
Log.Errorf("写入关系数据失败:%v", err)
}
}
} }

8
service/ildap/user_ildap.go
View File

@ -29,7 +29,13 @@ func (x UserService) Add(user *model.User) error {
add.Attribute("postalAddress", []string{user.PostalAddress}) add.Attribute("postalAddress", []string{user.PostalAddress})
add.Attribute("mobile", []string{user.Mobile}) add.Attribute("mobile", []string{user.Mobile})
add.Attribute("uid", []string{user.Username}) add.Attribute("uid", []string{user.Username})
add.Attribute("userPassword", []string{tools.EncodePass([]byte(tools.NewParPasswd(user.Password)))}) var pass string
if config.Conf.Ldap.UserPasswordEncryptionType == "clear" {
pass = user.Password
} else {
pass = tools.EncodePass([]byte(tools.NewParPasswd(user.Password)))
}
add.Attribute("userPassword", []string{pass})
// 获取 LDAP 连接 // 获取 LDAP 连接
conn, err := common.GetLDAPConn() conn, err := common.GetLDAPConn()