From 88d661019359bd5d1247dd71d218ae3a3a141502 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=8C=E4=B8=AB=E8=AE=B2=E6=A2=B5?= Date: Tue, 14 Jun 2022 12:08:16 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=B0=83=E6=95=B4=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E6=88=90=E7=BB=9F=E4=B8=80=E7=9A=84=E9=A3=8E?= =?UTF-8?q?=E6=A0=BC,=E4=B8=8D=E5=86=8D=E5=B8=A6=E6=A0=87=E8=AF=86?= =?UTF-8?q?=E5=89=8D=E7=BC=80=20(#24)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config.yml | 28 ++++++++-------- config/config.go | 56 ++++++++++++++++---------------- logic/common_login.go | 4 +-- logic/dingtalk_logic.go | 26 +++++++-------- logic/group_logic.go | 4 +-- logic/user_logic.go | 4 +-- main.go | 2 +- public/client/dingtalk/client.go | 2 +- public/common/init_mysql_data.go | 18 +++++----- public/common/ldap.go | 8 ++--- service/ildap/group_ildap.go | 4 +-- service/ildap/user_ildap.go | 8 ++--- 12 files changed, 82 insertions(+), 82 deletions(-) diff --git a/config.yml b/config.yml index d1b05d6..50c1ac9 100644 --- a/config.yml +++ b/config.yml @@ -84,34 +84,34 @@ email: # # ldap 配置 ldap: # ldap服务器地址 - ldap-url: ldap://localhost:389 + url: ldap://localhost:389 # ldap服务器基础DN - ldap-base-dn: "dc=eryajf,dc=net" + base-dn: "dc=eryajf,dc=net" # ldap管理员DN - ldap-admin-dn: "cn=admin,dc=eryajf,dc=net" + admin-dn: "cn=admin,dc=eryajf,dc=net" # ldap管理员密码 - ldap-admin-pass: "123456" + admin-pass: "123456" # ldap用户OU - ldap-user-dn: "ou=people,dc=eryajf,dc=net" + user-dn: "ou=people,dc=eryajf,dc=net" # ldap用户初始默认密码 - ldap-user-init-password: "123456" + user-init-password: "123456" # 是否允许更改分组DN - ldap-group-name-modify: false + group-name-modify: false # 是否允许更改用户DN - ldap-user-name-modify: false + user-name-modify: false dingtalk: #为了方便数据库存储,防止第三方id重复,故而增加一个前缀(用于用户表和分组表中第三方id存储,加上此处配置的source字段进行区分来源,判断唯一)。长度不超过10. #因为分组表不可能成为性能瓶颈,故而不再拆分到新的关系表去维护第三方信息,用户表设计同理 - ding-talk-flag: "dingtalk" + flag: "dingtalk" # 使用之前是需要在钉钉开发者后台(https://open-dev.dingtalk.com/#/index) 创建一个小程序或应用.获取appkey和appsecret,agentId # 目前agent-id尚未使用,先存着后续功能可能会用到 # 由于获取钉钉第一个部门的id默认为1,故而这边需要配置一下钉钉的第一个部门的名称,不去钉钉获取 - ding-talk-app-key: "xxxxxxxxxxxxxxx" - ding-talk-app-secret: "xxxxxxxxxxxxxxxxxxxxxxxxxxxx" - ding-talk-agent-id: "12121212" - ding-talk-root-ou-name: "钉钉首个部门的名称" + app-key: "xxxxxxxxxxxxxxx" + app-secret: "xxxxxxxxxxxxxxxxxxxxxxxxxxxx" + agent-id: "12121212" + root-ou-name: "钉钉首个部门的名称" # 是否开启定时同步钉钉的任务 - ding-talk-enable-sync: false + enable-sync: false wecom: flag: "wecom" feishu: diff --git a/config/config.go b/config/config.go index f94d256..972215c 100644 --- a/config/config.go +++ b/config/config.go @@ -16,17 +16,17 @@ import ( var Conf = new(config) type config struct { - System *SystemConfig `mapstructure:"system" json:"system"` - Logs *LogsConfig `mapstructure:"logs" json:"logs"` - Mysql *MysqlConfig `mapstructure:"mysql" json:"mysql"` - Casbin *CasbinConfig `mapstructure:"casbin" json:"casbin"` - Jwt *JwtConfig `mapstructure:"jwt" json:"jwt"` - RateLimit *RateLimitConfig `mapstructure:"rate-limit" json:"rateLimit"` - Ldap *LdapConfig `mapstructure:"ldap" json:"ldap"` - Email *EmailConfig `mapstructure:"email" json:"email"` - DingTalk *DingTalkConfig `mapstructure:"dingtalk" json:"dingTalk"` - WeComConfig *WeComConfig `mapstructure:"wecom" json:"weCom"` - FeiShuConfig *FeiShuConfig `mapstructure:"feishu" json:"feiShu"` + System *SystemConfig `mapstructure:"system" json:"system"` + Logs *LogsConfig `mapstructure:"logs" json:"logs"` + Mysql *MysqlConfig `mapstructure:"mysql" json:"mysql"` + Casbin *CasbinConfig `mapstructure:"casbin" json:"casbin"` + Jwt *JwtConfig `mapstructure:"jwt" json:"jwt"` + RateLimit *RateLimitConfig `mapstructure:"rate-limit" json:"rateLimit"` + Ldap *LdapConfig `mapstructure:"ldap" json:"ldap"` + Email *EmailConfig `mapstructure:"email" json:"email"` + DingTalk *DingTalkConfig `mapstructure:"dingtalk" json:"dingTalk"` + WeCom *WeComConfig `mapstructure:"wecom" json:"weCom"` + FeiShu *FeiShuConfig `mapstructure:"feishu" json:"feiShu"` } // 设置读取配置信息 @@ -46,7 +46,7 @@ func InitConfig() { viper.OnConfigChange(func(e fsnotify.Event) { // 将读取的配置信息保存至全局变量Conf if err := viper.Unmarshal(Conf); err != nil { - panic(fmt.Errorf("初始化配置文件失败:%s \n", err)) + panic(fmt.Errorf("初始化配置文件失败:%s", err)) } // 读取rsa key Conf.System.RSAPublicBytes = RSAReadKeyFromFile(Conf.System.RSAPublicKey) @@ -54,11 +54,11 @@ func InitConfig() { }) if err != nil { - panic(fmt.Errorf("读取配置文件失败:%s \n", err)) + panic(fmt.Errorf("读取配置文件失败:%s", err)) } // 将读取的配置信息保存至全局变量Conf if err := viper.Unmarshal(Conf); err != nil { - panic(fmt.Errorf("初始化配置文件失败:%s \n", err)) + panic(fmt.Errorf("初始化配置文件失败:%s", err)) } // 读取rsa key Conf.System.RSAPublicBytes = RSAReadKeyFromFile(Conf.System.RSAPublicKey) @@ -134,14 +134,14 @@ type RateLimitConfig struct { } type LdapConfig struct { - LdapUrl string `mapstructure:"ldap-url" json:"ldapUrl"` - LdapBaseDN string `mapstructure:"ldap-base-dn" json:"ldapBaseDN"` - LdapAdminDN string `mapstructure:"ldap-admin-dn" json:"ldapAdminDN"` - LdapAdminPass string `mapstructure:"ldap-admin-pass" json:"ldapAdminPass"` - LdapUserDN string `mapstructure:"ldap-user-dn" json:"ldapUserDN"` - LdapUserInitPassword string `mapstructure:"ldap-user-init-password" json:"ldapUserInitPassword"` - LdapGroupNameModify bool `mapstructure:"ldap-group-name-modify" json:"ldapGroupNameModify"` - LdapUserNameModify bool `mapstructure:"ldap-user-name-modify" json:"ldapUserNameModify"` + Url string `mapstructure:"url" json:"url"` + BaseDN string `mapstructure:"base-dn" json:"baseDN"` + AdminDN string `mapstructure:"admin-dn" json:"adminDN"` + AdminPass string `mapstructure:"admin-pass" json:"adminPass"` + UserDN string `mapstructure:"user-dn" json:"userDN"` + UserInitPassword string `mapstructure:"user-init-password" json:"userInitPassword"` + GroupNameModify bool `mapstructure:"group-name-modify" json:"groupNameModify"` + UserNameModify bool `mapstructure:"user-name-modify" json:"userNameModify"` } type EmailConfig struct { Host string `mapstructure:"host" json:"host"` @@ -152,12 +152,12 @@ type EmailConfig struct { } type DingTalkConfig struct { - DingTalkAppKey string `mapstructure:"ding-talk-app-key" json:"dingTalkAppKey"` - DingTalkAppSecret string `mapstructure:"ding-talk-app-secret" json:"dingTalkAppSecret"` - DingTalkAgentId string `mapstructure:"ding-talk-agent-id" json:"dingTalkAgentId"` - DingTalkRootOuName string `mapstructure:"ding-talk-root-ou-name" json:"dingTalkRootOuName"` - DingTalkFlag string `mapstructure:"ding-talk-flag" json:"dingTalkFlag"` - DingTalkEnableSync bool `mapstructure:"ding-talk-enable-sync" json:"dingTalkEnableSync"` + AppKey string `mapstructure:"app-key" json:"appKey"` + AppSecret string `mapstructure:"app-secret" json:"appSecret"` + AgentId string `mapstructure:"agent-id" json:"agentId"` + RootOuName string `mapstructure:"root-ou-name" json:"rootOuName"` + Flag string `mapstructure:"flag" json:"flag"` + EnableSync bool `mapstructure:"enable-sync" json:"enableSync"` } type WeComConfig struct { diff --git a/logic/common_login.go b/logic/common_login.go index 1bfc18f..7fb8351 100644 --- a/logic/common_login.go +++ b/logic/common_login.go @@ -40,7 +40,7 @@ func CommonAddGroup(group *model.Group) error { func CommonUpdateGroup(oldGroup, newGroup *model.Group) error { //若配置了不允许修改分组名称,则不更新分组名称 - if !config.Conf.Ldap.LdapGroupNameModify { + if !config.Conf.Ldap.GroupNameModify { newGroup.GroupName = oldGroup.GroupName } @@ -106,7 +106,7 @@ func CommonAddUser(user *model.User, groupId []uint) error { func CommonUpdateUser(oldUser, newUser *model.User, groupId []uint) error { // 更新用户 - if !config.Conf.Ldap.LdapUserNameModify { + if !config.Conf.Ldap.UserNameModify { newUser.Username = oldUser.Username } diff --git a/logic/dingtalk_logic.go b/logic/dingtalk_logic.go index 4c1f8d7..a022f6a 100644 --- a/logic/dingtalk_logic.go +++ b/logic/dingtalk_logic.go @@ -43,9 +43,9 @@ func (d *DingTalkLogic) SyncDingTalkDepts(c *gin.Context, req interface{}) (data GroupType: "cn", GroupName: dept.Name, Remark: dept.Remark, - SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.Id), - Source: config.Conf.DingTalk.DingTalkFlag, - SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 1), + SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.Id), + Source: config.Conf.DingTalk.Flag, + SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 1), }) if err != nil { return nil, tools.NewOperationError(fmt.Errorf("DsyncDingTalkDepts添加根部门失败:%s", err.Error())) @@ -56,9 +56,9 @@ func (d *DingTalkLogic) SyncDingTalkDepts(c *gin.Context, req interface{}) (data GroupType: "cn", GroupName: dept.Name, Remark: dept.Remark, - SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.Id), - Source: config.Conf.DingTalk.DingTalkFlag, - SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.ParentId), + SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.Id), + Source: config.Conf.DingTalk.Flag, + SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.ParentId), }) if err != nil { return nil, tools.NewOperationError(fmt.Errorf("DsyncDingTalkDepts添加根部门失败:%s", err.Error())) @@ -133,7 +133,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data //钉钉部门ids,转换为内部部门id var sourceDeptIds []string for _, deptId := range detail.DeptIds { - sourceDeptIds = append(sourceDeptIds, fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, deptId)) + sourceDeptIds = append(sourceDeptIds, fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, deptId)) } groupIds, err := isql.Group.DingTalkDeptIdsToGroupIds(sourceDeptIds) if err != nil { @@ -143,7 +143,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data // 写入用户 user := request.DingUserAddReq{ Username: userName, - Password: config.Conf.Ldap.LdapUserInitPassword, + Password: config.Conf.Ldap.UserInitPassword, Nickname: detail.Name, GivenName: detail.Name, Mail: detail.OrgEmail, @@ -156,9 +156,9 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data Introduction: detail.Remark, Status: 1, DepartmentId: groupIds, - Source: config.Conf.DingTalk.DingTalkFlag, - SourceUserId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, detail.UserId), - SourceUnionId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, detail.UnionId), + Source: config.Conf.DingTalk.Flag, + SourceUserId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, detail.UserId), + SourceUnionId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, detail.UnionId), } // 入库 err = d.AddUsers(&user) @@ -175,7 +175,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data // 4.遍历id,开始处理 for _, uid := range userIds { user := new(model.User) - err = isql.User.Find(tools.H{"source_user_id": fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, uid)}, user) + err = isql.User.Find(tools.H{"source_user_id": fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, uid)}, user) if err != nil { return nil, tools.NewMySqlError(fmt.Errorf("在MySQL查询用户失败: " + err.Error())) } @@ -226,7 +226,7 @@ func (d DingTalkLogic) AddUsers(r *request.DingUserAddReq) error { Source: r.Source, SourceUserId: r.SourceUserId, SourceUnionId: r.SourceUnionId, - UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.LdapUserDN), + UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.UserDN), } err = CommonAddUser(&user, r.DepartmentId) if err != nil { diff --git a/logic/group_logic.go b/logic/group_logic.go index cabe0b4..f034f14 100644 --- a/logic/group_logic.go +++ b/logic/group_logic.go @@ -47,7 +47,7 @@ func (l GroupLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspE if r.ParentId == 0 { group.SourceDeptId = "platform_0" group.SourceDeptParentId = "platform_0" - group.GroupDN = fmt.Sprintf("%s=%s,%s", r.GroupType, r.GroupName, config.Conf.Ldap.LdapBaseDN) + group.GroupDN = fmt.Sprintf("%s=%s,%s", r.GroupType, r.GroupName, config.Conf.Ldap.BaseDN) } else { parentGroup := new(model.Group) err := isql.Group.Find(tools.H{"id": r.ParentId}, parentGroup) @@ -168,7 +168,7 @@ func (l GroupLogic) Update(c *gin.Context, req interface{}) (data interface{}, r } //若配置了不允许修改分组名称,则不更新分组名称 - if !config.Conf.Ldap.LdapGroupNameModify { + if !config.Conf.Ldap.GroupNameModify { newGroup.GroupName = oldGroup.GroupName } diff --git a/logic/user_logic.go b/logic/user_logic.go index 512b9c7..d76627a 100644 --- a/logic/user_logic.go +++ b/logic/user_logic.go @@ -50,7 +50,7 @@ func (l UserLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspEr return nil, tools.NewValidatorError(fmt.Errorf("密码长度至少为6位")) } } else { - r.Password = config.Conf.Ldap.LdapUserInitPassword + r.Password = config.Conf.Ldap.UserInitPassword } // 当前登陆用户角色排序最小值(最高等级角色)以及当前登陆的用户 @@ -99,7 +99,7 @@ func (l UserLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspEr DepartmentId: tools.SliceToString(r.DepartmentId, ","), Source: r.Source, Roles: roles, - UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.LdapUserDN), + UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.UserDN), } if user.Source == "" { diff --git a/main.go b/main.go index cae33bd..60340d5 100644 --- a/main.go +++ b/main.go @@ -65,7 +65,7 @@ func main() { common.Log.Fatalf("listen: %s\n", err) } }() - if config.Conf.DingTalk.DingTalkEnableSync { + if config.Conf.DingTalk.EnableSync { //启动定时任务 c := cron.New(cron.WithSeconds()) _, err := c.AddFunc("0 1 0 * * *", func() { diff --git a/public/client/dingtalk/client.go b/public/client/dingtalk/client.go index 56bd113..c7d4c06 100644 --- a/public/client/dingtalk/client.go +++ b/public/client/dingtalk/client.go @@ -7,7 +7,7 @@ import ( ) func InitDingTalkClient() *dingtalk.DingTalk { - dingTalk, err := dingtalk.NewClient(config.Conf.DingTalk.DingTalkAppKey, config.Conf.DingTalk.DingTalkAppSecret) + dingTalk, err := dingtalk.NewClient(config.Conf.DingTalk.AppKey, config.Conf.DingTalk.AppSecret) if err != nil { common.Log.Error("init dingding client failed, err:%v\n", err) } diff --git a/public/common/init_mysql_data.go b/public/common/init_mysql_data.go index e467d62..3aa0165 100644 --- a/public/common/init_mysql_data.go +++ b/public/common/init_mysql_data.go @@ -215,7 +215,7 @@ func InitData() { { Model: gorm.Model{ID: 1}, Username: "admin", - Password: tools.NewGenPasswd(config.Conf.Ldap.LdapAdminPass), + Password: tools.NewGenPasswd(config.Conf.Ldap.AdminPass), Nickname: "管理员", GivenName: "最强后台", Mail: "admin@eryajf.net", @@ -229,7 +229,7 @@ func InitData() { Status: 1, Creator: "系统", Roles: roles[:1], - UserDN: config.Conf.Ldap.LdapAdminDN, + UserDN: config.Conf.Ldap.AdminDN, }, } @@ -621,15 +621,15 @@ func InitData() { groups := []model.Group{ { Model: gorm.Model{ID: 1}, - GroupName: config.Conf.DingTalk.DingTalkFlag + "root", + GroupName: config.Conf.DingTalk.Flag + "root", Remark: "钉钉根部门", Creator: "system", GroupType: "ou", ParentId: 0, - SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 1), - Source: config.Conf.DingTalk.DingTalkFlag, - SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 0), - GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.DingTalk.DingTalkFlag+"root", config.Conf.Ldap.LdapBaseDN), + SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 1), + Source: config.Conf.DingTalk.Flag, + SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 0), + GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.DingTalk.Flag+"root", config.Conf.Ldap.BaseDN), }, { Model: gorm.Model{ID: 2}, @@ -641,7 +641,7 @@ func InitData() { SourceDeptId: "wechatwork_1", Source: "wechatwork", SourceDeptParentId: "wechatwork_0", - GroupDN: fmt.Sprintf("ou=%s,%s", "wechatworkroot", config.Conf.Ldap.LdapBaseDN), + GroupDN: fmt.Sprintf("ou=%s,%s", "wechatworkroot", config.Conf.Ldap.BaseDN), }, { Model: gorm.Model{ID: 3}, @@ -653,7 +653,7 @@ func InitData() { SourceDeptId: "feishu_1", Source: "feishu", SourceDeptParentId: "feishu_0", - GroupDN: fmt.Sprintf("ou=%s,%s", "feishuroot", config.Conf.Ldap.LdapBaseDN), + GroupDN: fmt.Sprintf("ou=%s,%s", "feishuroot", config.Conf.Ldap.BaseDN), }, // { // Model: gorm.Model{ID: 2}, diff --git a/public/common/ldap.go b/public/common/ldap.go index 5b57d5a..a6d9769 100644 --- a/public/common/ldap.go +++ b/public/common/ldap.go @@ -16,12 +16,12 @@ var LDAP *ldap.Conn // Init 初始化连接 func InitLDAP() { // Dail有两个参数 network, address, 返回 (*Conn, error) - ldap, err := ldap.DialURL(config.Conf.Ldap.LdapUrl, ldap.DialWithDialer(&net.Dialer{Timeout: 5 * time.Second})) + ldap, err := ldap.DialURL(config.Conf.Ldap.Url, ldap.DialWithDialer(&net.Dialer{Timeout: 5 * time.Second})) if err != nil { Log.Panicf("初始化ldap连接异常: %v", err) panic(fmt.Errorf("初始化ldap连接异常: %v", err)) } - err = ldap.Bind(config.Conf.Ldap.LdapAdminDN, config.Conf.Ldap.LdapAdminPass) + err = ldap.Bind(config.Conf.Ldap.AdminDN, config.Conf.Ldap.AdminPass) if err != nil { Log.Panicf("绑定admin账号异常: %v", err) panic(fmt.Errorf("绑定admin账号异常: %v", err)) @@ -33,8 +33,8 @@ func InitLDAP() { // 隐藏密码 showDsn := fmt.Sprintf( "%s:******@tcp(%s)", - config.Conf.Ldap.LdapAdminDN, - config.Conf.Ldap.LdapUrl, + config.Conf.Ldap.AdminDN, + config.Conf.Ldap.Url, ) Log.Info("初始化ldap完成! dsn: ", showDsn) diff --git a/service/ildap/group_ildap.go b/service/ildap/group_ildap.go index 04f98e7..951bb66 100644 --- a/service/ildap/group_ildap.go +++ b/service/ildap/group_ildap.go @@ -23,7 +23,7 @@ func (x GroupService) Add(g *model.Group) error { //organizationalUnit } if g.GroupType == "cn" { add.Attribute("objectClass", []string{"groupOfUniqueNames", "top"}) - add.Attribute("uniqueMember", []string{config.Conf.Ldap.LdapAdminDN}) // 所以这里创建组的时候,默认将admin加入其中,以免创建时没有人员而报上边的错误 + add.Attribute("uniqueMember", []string{config.Conf.Ldap.AdminDN}) // 所以这里创建组的时候,默认将admin加入其中,以免创建时没有人员而报上边的错误 } add.Attribute(g.GroupType, []string{g.GroupName}) add.Attribute("description", []string{g.Remark}) @@ -40,7 +40,7 @@ func (x GroupService) Update(oldGroup, newGroup *model.Group) error { return err } // 如果配置文件允许修改分组名称,且分组名称发生了变化,那么执行修改分组名称 - if config.Conf.Ldap.LdapGroupNameModify && newGroup.GroupName != oldGroup.GroupName { + if config.Conf.Ldap.GroupNameModify && newGroup.GroupName != oldGroup.GroupName { modify := ldap.NewModifyDNRequest(oldGroup.GroupDN, newGroup.GroupDN, true, "") err := common.LDAP.ModifyDN(modify) if err != nil { diff --git a/service/ildap/user_ildap.go b/service/ildap/user_ildap.go index 7b1ce22..9eac568 100644 --- a/service/ildap/user_ildap.go +++ b/service/ildap/user_ildap.go @@ -50,8 +50,8 @@ func (x UserService) Update(oldusername string, user *model.User) error { if err != nil { return err } - if config.Conf.Ldap.LdapUserNameModify && oldusername != user.Username { - modifyDn := ldap.NewModifyDNRequest(fmt.Sprintf("uid=%s,%s", oldusername, config.Conf.Ldap.LdapUserDN), fmt.Sprintf("uid=%s", user.Username), true, "") + if config.Conf.Ldap.UserNameModify && oldusername != user.Username { + modifyDn := ldap.NewModifyDNRequest(fmt.Sprintf("uid=%s,%s", oldusername, config.Conf.Ldap.UserDN), fmt.Sprintf("uid=%s", user.Username), true, "") return common.LDAP.ModifyDN(modifyDn) } return nil @@ -75,9 +75,9 @@ func (x UserService) ChangePwd(udn, oldpasswd, newpasswd string) error { // NewPwd 新旧密码都是空,通过管理员可以修改成功并返回新的密码 func (x UserService) NewPwd(username string) (string, error) { - udn := fmt.Sprintf("uid=%s,%s", username, config.Conf.Ldap.LdapUserDN) + udn := fmt.Sprintf("uid=%s,%s", username, config.Conf.Ldap.UserDN) if username == "admin" { - udn = config.Conf.Ldap.LdapAdminDN + udn = config.Conf.Ldap.AdminDN } modifyPass := ldap.NewPasswordModifyRequest(udn, "", "") newpass, err := common.LDAP.PasswordModify(modifyPass)