feat: 调整配置文件成统一的风格,不再带标识前缀 (#24)
This commit is contained in:
二丫讲梵
GitHub
parent
d774a61fed
commit
88d6610193
28
config.yml
28
config.yml
|
|
@ -84,34 +84,34 @@ email:
|
|||
# # ldap 配置
|
||||
ldap:
|
||||
# ldap服务器地址
|
||||
ldap-url: ldap://localhost:389
|
||||
url: ldap://localhost:389
|
||||
# ldap服务器基础DN
|
||||
ldap-base-dn: "dc=eryajf,dc=net"
|
||||
base-dn: "dc=eryajf,dc=net"
|
||||
# ldap管理员DN
|
||||
ldap-admin-dn: "cn=admin,dc=eryajf,dc=net"
|
||||
admin-dn: "cn=admin,dc=eryajf,dc=net"
|
||||
# ldap管理员密码
|
||||
ldap-admin-pass: "123456"
|
||||
admin-pass: "123456"
|
||||
# ldap用户OU
|
||||
ldap-user-dn: "ou=people,dc=eryajf,dc=net"
|
||||
user-dn: "ou=people,dc=eryajf,dc=net"
|
||||
# ldap用户初始默认密码
|
||||
ldap-user-init-password: "123456"
|
||||
user-init-password: "123456"
|
||||
# 是否允许更改分组DN
|
||||
ldap-group-name-modify: false
|
||||
group-name-modify: false
|
||||
# 是否允许更改用户DN
|
||||
ldap-user-name-modify: false
|
||||
user-name-modify: false
|
||||
dingtalk:
|
||||
#为了方便数据库存储,防止第三方id重复,故而增加一个前缀(用于用户表和分组表中第三方id存储,加上此处配置的source字段进行区分来源,判断唯一)。长度不超过10.
|
||||
#因为分组表不可能成为性能瓶颈,故而不再拆分到新的关系表去维护第三方信息,用户表设计同理
|
||||
ding-talk-flag: "dingtalk"
|
||||
flag: "dingtalk"
|
||||
# 使用之前是需要在钉钉开发者后台(https://open-dev.dingtalk.com/#/index) 创建一个小程序或应用.获取appkey和appsecret,agentId
|
||||
# 目前agent-id尚未使用,先存着后续功能可能会用到
|
||||
# 由于获取钉钉第一个部门的id默认为1,故而这边需要配置一下钉钉的第一个部门的名称,不去钉钉获取
|
||||
ding-talk-app-key: "xxxxxxxxxxxxxxx"
|
||||
ding-talk-app-secret: "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
|
||||
ding-talk-agent-id: "12121212"
|
||||
ding-talk-root-ou-name: "钉钉首个部门的名称"
|
||||
app-key: "xxxxxxxxxxxxxxx"
|
||||
app-secret: "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
|
||||
agent-id: "12121212"
|
||||
root-ou-name: "钉钉首个部门的名称"
|
||||
# 是否开启定时同步钉钉的任务
|
||||
ding-talk-enable-sync: false
|
||||
enable-sync: false
|
||||
wecom:
|
||||
flag: "wecom"
|
||||
feishu:
|
||||
|
|
|
|||
|
|
@ -25,8 +25,8 @@ type config struct {
|
|||
Ldap *LdapConfig `mapstructure:"ldap" json:"ldap"`
|
||||
Email *EmailConfig `mapstructure:"email" json:"email"`
|
||||
DingTalk *DingTalkConfig `mapstructure:"dingtalk" json:"dingTalk"`
|
||||
WeComConfig *WeComConfig `mapstructure:"wecom" json:"weCom"`
|
||||
FeiShuConfig *FeiShuConfig `mapstructure:"feishu" json:"feiShu"`
|
||||
WeCom *WeComConfig `mapstructure:"wecom" json:"weCom"`
|
||||
FeiShu *FeiShuConfig `mapstructure:"feishu" json:"feiShu"`
|
||||
}
|
||||
|
||||
// 设置读取配置信息
|
||||
|
|
@ -46,7 +46,7 @@ func InitConfig() {
|
|||
viper.OnConfigChange(func(e fsnotify.Event) {
|
||||
// 将读取的配置信息保存至全局变量Conf
|
||||
if err := viper.Unmarshal(Conf); err != nil {
|
||||
panic(fmt.Errorf("初始化配置文件失败:%s \n", err))
|
||||
panic(fmt.Errorf("初始化配置文件失败:%s", err))
|
||||
}
|
||||
// 读取rsa key
|
||||
Conf.System.RSAPublicBytes = RSAReadKeyFromFile(Conf.System.RSAPublicKey)
|
||||
|
|
@ -54,11 +54,11 @@ func InitConfig() {
|
|||
})
|
||||
|
||||
if err != nil {
|
||||
panic(fmt.Errorf("读取配置文件失败:%s \n", err))
|
||||
panic(fmt.Errorf("读取配置文件失败:%s", err))
|
||||
}
|
||||
// 将读取的配置信息保存至全局变量Conf
|
||||
if err := viper.Unmarshal(Conf); err != nil {
|
||||
panic(fmt.Errorf("初始化配置文件失败:%s \n", err))
|
||||
panic(fmt.Errorf("初始化配置文件失败:%s", err))
|
||||
}
|
||||
// 读取rsa key
|
||||
Conf.System.RSAPublicBytes = RSAReadKeyFromFile(Conf.System.RSAPublicKey)
|
||||
|
|
@ -134,14 +134,14 @@ type RateLimitConfig struct {
|
|||
}
|
||||
|
||||
type LdapConfig struct {
|
||||
LdapUrl string `mapstructure:"ldap-url" json:"ldapUrl"`
|
||||
LdapBaseDN string `mapstructure:"ldap-base-dn" json:"ldapBaseDN"`
|
||||
LdapAdminDN string `mapstructure:"ldap-admin-dn" json:"ldapAdminDN"`
|
||||
LdapAdminPass string `mapstructure:"ldap-admin-pass" json:"ldapAdminPass"`
|
||||
LdapUserDN string `mapstructure:"ldap-user-dn" json:"ldapUserDN"`
|
||||
LdapUserInitPassword string `mapstructure:"ldap-user-init-password" json:"ldapUserInitPassword"`
|
||||
LdapGroupNameModify bool `mapstructure:"ldap-group-name-modify" json:"ldapGroupNameModify"`
|
||||
LdapUserNameModify bool `mapstructure:"ldap-user-name-modify" json:"ldapUserNameModify"`
|
||||
Url string `mapstructure:"url" json:"url"`
|
||||
BaseDN string `mapstructure:"base-dn" json:"baseDN"`
|
||||
AdminDN string `mapstructure:"admin-dn" json:"adminDN"`
|
||||
AdminPass string `mapstructure:"admin-pass" json:"adminPass"`
|
||||
UserDN string `mapstructure:"user-dn" json:"userDN"`
|
||||
UserInitPassword string `mapstructure:"user-init-password" json:"userInitPassword"`
|
||||
GroupNameModify bool `mapstructure:"group-name-modify" json:"groupNameModify"`
|
||||
UserNameModify bool `mapstructure:"user-name-modify" json:"userNameModify"`
|
||||
}
|
||||
type EmailConfig struct {
|
||||
Host string `mapstructure:"host" json:"host"`
|
||||
|
|
@ -152,12 +152,12 @@ type EmailConfig struct {
|
|||
}
|
||||
|
||||
type DingTalkConfig struct {
|
||||
DingTalkAppKey string `mapstructure:"ding-talk-app-key" json:"dingTalkAppKey"`
|
||||
DingTalkAppSecret string `mapstructure:"ding-talk-app-secret" json:"dingTalkAppSecret"`
|
||||
DingTalkAgentId string `mapstructure:"ding-talk-agent-id" json:"dingTalkAgentId"`
|
||||
DingTalkRootOuName string `mapstructure:"ding-talk-root-ou-name" json:"dingTalkRootOuName"`
|
||||
DingTalkFlag string `mapstructure:"ding-talk-flag" json:"dingTalkFlag"`
|
||||
DingTalkEnableSync bool `mapstructure:"ding-talk-enable-sync" json:"dingTalkEnableSync"`
|
||||
AppKey string `mapstructure:"app-key" json:"appKey"`
|
||||
AppSecret string `mapstructure:"app-secret" json:"appSecret"`
|
||||
AgentId string `mapstructure:"agent-id" json:"agentId"`
|
||||
RootOuName string `mapstructure:"root-ou-name" json:"rootOuName"`
|
||||
Flag string `mapstructure:"flag" json:"flag"`
|
||||
EnableSync bool `mapstructure:"enable-sync" json:"enableSync"`
|
||||
}
|
||||
|
||||
type WeComConfig struct {
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ func CommonAddGroup(group *model.Group) error {
|
|||
|
||||
func CommonUpdateGroup(oldGroup, newGroup *model.Group) error {
|
||||
//若配置了不允许修改分组名称,则不更新分组名称
|
||||
if !config.Conf.Ldap.LdapGroupNameModify {
|
||||
if !config.Conf.Ldap.GroupNameModify {
|
||||
newGroup.GroupName = oldGroup.GroupName
|
||||
}
|
||||
|
||||
|
|
@ -106,7 +106,7 @@ func CommonAddUser(user *model.User, groupId []uint) error {
|
|||
|
||||
func CommonUpdateUser(oldUser, newUser *model.User, groupId []uint) error {
|
||||
// 更新用户
|
||||
if !config.Conf.Ldap.LdapUserNameModify {
|
||||
if !config.Conf.Ldap.UserNameModify {
|
||||
newUser.Username = oldUser.Username
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -43,9 +43,9 @@ func (d *DingTalkLogic) SyncDingTalkDepts(c *gin.Context, req interface{}) (data
|
|||
GroupType: "cn",
|
||||
GroupName: dept.Name,
|
||||
Remark: dept.Remark,
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.Id),
|
||||
Source: config.Conf.DingTalk.DingTalkFlag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 1),
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.Id),
|
||||
Source: config.Conf.DingTalk.Flag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 1),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, tools.NewOperationError(fmt.Errorf("DsyncDingTalkDepts添加根部门失败:%s", err.Error()))
|
||||
|
|
@ -56,9 +56,9 @@ func (d *DingTalkLogic) SyncDingTalkDepts(c *gin.Context, req interface{}) (data
|
|||
GroupType: "cn",
|
||||
GroupName: dept.Name,
|
||||
Remark: dept.Remark,
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.Id),
|
||||
Source: config.Conf.DingTalk.DingTalkFlag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, dept.ParentId),
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.Id),
|
||||
Source: config.Conf.DingTalk.Flag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, dept.ParentId),
|
||||
})
|
||||
if err != nil {
|
||||
return nil, tools.NewOperationError(fmt.Errorf("DsyncDingTalkDepts添加根部门失败:%s", err.Error()))
|
||||
|
|
@ -133,7 +133,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data
|
|||
//钉钉部门ids,转换为内部部门id
|
||||
var sourceDeptIds []string
|
||||
for _, deptId := range detail.DeptIds {
|
||||
sourceDeptIds = append(sourceDeptIds, fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, deptId))
|
||||
sourceDeptIds = append(sourceDeptIds, fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, deptId))
|
||||
}
|
||||
groupIds, err := isql.Group.DingTalkDeptIdsToGroupIds(sourceDeptIds)
|
||||
if err != nil {
|
||||
|
|
@ -143,7 +143,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data
|
|||
// 写入用户
|
||||
user := request.DingUserAddReq{
|
||||
Username: userName,
|
||||
Password: config.Conf.Ldap.LdapUserInitPassword,
|
||||
Password: config.Conf.Ldap.UserInitPassword,
|
||||
Nickname: detail.Name,
|
||||
GivenName: detail.Name,
|
||||
Mail: detail.OrgEmail,
|
||||
|
|
@ -156,9 +156,9 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data
|
|||
Introduction: detail.Remark,
|
||||
Status: 1,
|
||||
DepartmentId: groupIds,
|
||||
Source: config.Conf.DingTalk.DingTalkFlag,
|
||||
SourceUserId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, detail.UserId),
|
||||
SourceUnionId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, detail.UnionId),
|
||||
Source: config.Conf.DingTalk.Flag,
|
||||
SourceUserId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, detail.UserId),
|
||||
SourceUnionId: fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, detail.UnionId),
|
||||
}
|
||||
// 入库
|
||||
err = d.AddUsers(&user)
|
||||
|
|
@ -175,7 +175,7 @@ func (d DingTalkLogic) SyncDingTalkUsers(c *gin.Context, req interface{}) (data
|
|||
// 4.遍历id,开始处理
|
||||
for _, uid := range userIds {
|
||||
user := new(model.User)
|
||||
err = isql.User.Find(tools.H{"source_user_id": fmt.Sprintf("%s_%s", config.Conf.DingTalk.DingTalkFlag, uid)}, user)
|
||||
err = isql.User.Find(tools.H{"source_user_id": fmt.Sprintf("%s_%s", config.Conf.DingTalk.Flag, uid)}, user)
|
||||
if err != nil {
|
||||
return nil, tools.NewMySqlError(fmt.Errorf("在MySQL查询用户失败: " + err.Error()))
|
||||
}
|
||||
|
|
@ -226,7 +226,7 @@ func (d DingTalkLogic) AddUsers(r *request.DingUserAddReq) error {
|
|||
Source: r.Source,
|
||||
SourceUserId: r.SourceUserId,
|
||||
SourceUnionId: r.SourceUnionId,
|
||||
UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.LdapUserDN),
|
||||
UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.UserDN),
|
||||
}
|
||||
err = CommonAddUser(&user, r.DepartmentId)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ func (l GroupLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspE
|
|||
if r.ParentId == 0 {
|
||||
group.SourceDeptId = "platform_0"
|
||||
group.SourceDeptParentId = "platform_0"
|
||||
group.GroupDN = fmt.Sprintf("%s=%s,%s", r.GroupType, r.GroupName, config.Conf.Ldap.LdapBaseDN)
|
||||
group.GroupDN = fmt.Sprintf("%s=%s,%s", r.GroupType, r.GroupName, config.Conf.Ldap.BaseDN)
|
||||
} else {
|
||||
parentGroup := new(model.Group)
|
||||
err := isql.Group.Find(tools.H{"id": r.ParentId}, parentGroup)
|
||||
|
|
@ -168,7 +168,7 @@ func (l GroupLogic) Update(c *gin.Context, req interface{}) (data interface{}, r
|
|||
}
|
||||
|
||||
//若配置了不允许修改分组名称,则不更新分组名称
|
||||
if !config.Conf.Ldap.LdapGroupNameModify {
|
||||
if !config.Conf.Ldap.GroupNameModify {
|
||||
newGroup.GroupName = oldGroup.GroupName
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ func (l UserLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspEr
|
|||
return nil, tools.NewValidatorError(fmt.Errorf("密码长度至少为6位"))
|
||||
}
|
||||
} else {
|
||||
r.Password = config.Conf.Ldap.LdapUserInitPassword
|
||||
r.Password = config.Conf.Ldap.UserInitPassword
|
||||
}
|
||||
|
||||
// 当前登陆用户角色排序最小值(最高等级角色)以及当前登陆的用户
|
||||
|
|
@ -99,7 +99,7 @@ func (l UserLogic) Add(c *gin.Context, req interface{}) (data interface{}, rspEr
|
|||
DepartmentId: tools.SliceToString(r.DepartmentId, ","),
|
||||
Source: r.Source,
|
||||
Roles: roles,
|
||||
UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.LdapUserDN),
|
||||
UserDN: fmt.Sprintf("uid=%s,%s", r.Username, config.Conf.Ldap.UserDN),
|
||||
}
|
||||
|
||||
if user.Source == "" {
|
||||
|
|
|
|||
2
main.go
2
main.go
|
|
@ -65,7 +65,7 @@ func main() {
|
|||
common.Log.Fatalf("listen: %s\n", err)
|
||||
}
|
||||
}()
|
||||
if config.Conf.DingTalk.DingTalkEnableSync {
|
||||
if config.Conf.DingTalk.EnableSync {
|
||||
//启动定时任务
|
||||
c := cron.New(cron.WithSeconds())
|
||||
_, err := c.AddFunc("0 1 0 * * *", func() {
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ import (
|
|||
)
|
||||
|
||||
func InitDingTalkClient() *dingtalk.DingTalk {
|
||||
dingTalk, err := dingtalk.NewClient(config.Conf.DingTalk.DingTalkAppKey, config.Conf.DingTalk.DingTalkAppSecret)
|
||||
dingTalk, err := dingtalk.NewClient(config.Conf.DingTalk.AppKey, config.Conf.DingTalk.AppSecret)
|
||||
if err != nil {
|
||||
common.Log.Error("init dingding client failed, err:%v\n", err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -215,7 +215,7 @@ func InitData() {
|
|||
{
|
||||
Model: gorm.Model{ID: 1},
|
||||
Username: "admin",
|
||||
Password: tools.NewGenPasswd(config.Conf.Ldap.LdapAdminPass),
|
||||
Password: tools.NewGenPasswd(config.Conf.Ldap.AdminPass),
|
||||
Nickname: "管理员",
|
||||
GivenName: "最强后台",
|
||||
Mail: "admin@eryajf.net",
|
||||
|
|
@ -229,7 +229,7 @@ func InitData() {
|
|||
Status: 1,
|
||||
Creator: "系统",
|
||||
Roles: roles[:1],
|
||||
UserDN: config.Conf.Ldap.LdapAdminDN,
|
||||
UserDN: config.Conf.Ldap.AdminDN,
|
||||
},
|
||||
}
|
||||
|
||||
|
|
@ -621,15 +621,15 @@ func InitData() {
|
|||
groups := []model.Group{
|
||||
{
|
||||
Model: gorm.Model{ID: 1},
|
||||
GroupName: config.Conf.DingTalk.DingTalkFlag + "root",
|
||||
GroupName: config.Conf.DingTalk.Flag + "root",
|
||||
Remark: "钉钉根部门",
|
||||
Creator: "system",
|
||||
GroupType: "ou",
|
||||
ParentId: 0,
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 1),
|
||||
Source: config.Conf.DingTalk.DingTalkFlag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.DingTalkFlag, 0),
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.DingTalk.DingTalkFlag+"root", config.Conf.Ldap.LdapBaseDN),
|
||||
SourceDeptId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 1),
|
||||
Source: config.Conf.DingTalk.Flag,
|
||||
SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.DingTalk.Flag, 0),
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", config.Conf.DingTalk.Flag+"root", config.Conf.Ldap.BaseDN),
|
||||
},
|
||||
{
|
||||
Model: gorm.Model{ID: 2},
|
||||
|
|
@ -641,7 +641,7 @@ func InitData() {
|
|||
SourceDeptId: "wechatwork_1",
|
||||
Source: "wechatwork",
|
||||
SourceDeptParentId: "wechatwork_0",
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", "wechatworkroot", config.Conf.Ldap.LdapBaseDN),
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", "wechatworkroot", config.Conf.Ldap.BaseDN),
|
||||
},
|
||||
{
|
||||
Model: gorm.Model{ID: 3},
|
||||
|
|
@ -653,7 +653,7 @@ func InitData() {
|
|||
SourceDeptId: "feishu_1",
|
||||
Source: "feishu",
|
||||
SourceDeptParentId: "feishu_0",
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", "feishuroot", config.Conf.Ldap.LdapBaseDN),
|
||||
GroupDN: fmt.Sprintf("ou=%s,%s", "feishuroot", config.Conf.Ldap.BaseDN),
|
||||
},
|
||||
// {
|
||||
// Model: gorm.Model{ID: 2},
|
||||
|
|
|
|||
|
|
@ -16,12 +16,12 @@ var LDAP *ldap.Conn
|
|||
// Init 初始化连接
|
||||
func InitLDAP() {
|
||||
// Dail有两个参数 network, address, 返回 (*Conn, error)
|
||||
ldap, err := ldap.DialURL(config.Conf.Ldap.LdapUrl, ldap.DialWithDialer(&net.Dialer{Timeout: 5 * time.Second}))
|
||||
ldap, err := ldap.DialURL(config.Conf.Ldap.Url, ldap.DialWithDialer(&net.Dialer{Timeout: 5 * time.Second}))
|
||||
if err != nil {
|
||||
Log.Panicf("初始化ldap连接异常: %v", err)
|
||||
panic(fmt.Errorf("初始化ldap连接异常: %v", err))
|
||||
}
|
||||
err = ldap.Bind(config.Conf.Ldap.LdapAdminDN, config.Conf.Ldap.LdapAdminPass)
|
||||
err = ldap.Bind(config.Conf.Ldap.AdminDN, config.Conf.Ldap.AdminPass)
|
||||
if err != nil {
|
||||
Log.Panicf("绑定admin账号异常: %v", err)
|
||||
panic(fmt.Errorf("绑定admin账号异常: %v", err))
|
||||
|
|
@ -33,8 +33,8 @@ func InitLDAP() {
|
|||
// 隐藏密码
|
||||
showDsn := fmt.Sprintf(
|
||||
"%s:******@tcp(%s)",
|
||||
config.Conf.Ldap.LdapAdminDN,
|
||||
config.Conf.Ldap.LdapUrl,
|
||||
config.Conf.Ldap.AdminDN,
|
||||
config.Conf.Ldap.Url,
|
||||
)
|
||||
|
||||
Log.Info("初始化ldap完成! dsn: ", showDsn)
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ func (x GroupService) Add(g *model.Group) error { //organizationalUnit
|
|||
}
|
||||
if g.GroupType == "cn" {
|
||||
add.Attribute("objectClass", []string{"groupOfUniqueNames", "top"})
|
||||
add.Attribute("uniqueMember", []string{config.Conf.Ldap.LdapAdminDN}) // 所以这里创建组的时候,默认将admin加入其中,以免创建时没有人员而报上边的错误
|
||||
add.Attribute("uniqueMember", []string{config.Conf.Ldap.AdminDN}) // 所以这里创建组的时候,默认将admin加入其中,以免创建时没有人员而报上边的错误
|
||||
}
|
||||
add.Attribute(g.GroupType, []string{g.GroupName})
|
||||
add.Attribute("description", []string{g.Remark})
|
||||
|
|
@ -40,7 +40,7 @@ func (x GroupService) Update(oldGroup, newGroup *model.Group) error {
|
|||
return err
|
||||
}
|
||||
// 如果配置文件允许修改分组名称,且分组名称发生了变化,那么执行修改分组名称
|
||||
if config.Conf.Ldap.LdapGroupNameModify && newGroup.GroupName != oldGroup.GroupName {
|
||||
if config.Conf.Ldap.GroupNameModify && newGroup.GroupName != oldGroup.GroupName {
|
||||
modify := ldap.NewModifyDNRequest(oldGroup.GroupDN, newGroup.GroupDN, true, "")
|
||||
err := common.LDAP.ModifyDN(modify)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -50,8 +50,8 @@ func (x UserService) Update(oldusername string, user *model.User) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if config.Conf.Ldap.LdapUserNameModify && oldusername != user.Username {
|
||||
modifyDn := ldap.NewModifyDNRequest(fmt.Sprintf("uid=%s,%s", oldusername, config.Conf.Ldap.LdapUserDN), fmt.Sprintf("uid=%s", user.Username), true, "")
|
||||
if config.Conf.Ldap.UserNameModify && oldusername != user.Username {
|
||||
modifyDn := ldap.NewModifyDNRequest(fmt.Sprintf("uid=%s,%s", oldusername, config.Conf.Ldap.UserDN), fmt.Sprintf("uid=%s", user.Username), true, "")
|
||||
return common.LDAP.ModifyDN(modifyDn)
|
||||
}
|
||||
return nil
|
||||
|
|
@ -75,9 +75,9 @@ func (x UserService) ChangePwd(udn, oldpasswd, newpasswd string) error {
|
|||
|
||||
// NewPwd 新旧密码都是空,通过管理员可以修改成功并返回新的密码
|
||||
func (x UserService) NewPwd(username string) (string, error) {
|
||||
udn := fmt.Sprintf("uid=%s,%s", username, config.Conf.Ldap.LdapUserDN)
|
||||
udn := fmt.Sprintf("uid=%s,%s", username, config.Conf.Ldap.UserDN)
|
||||
if username == "admin" {
|
||||
udn = config.Conf.Ldap.LdapAdminDN
|
||||
udn = config.Conf.Ldap.AdminDN
|
||||
}
|
||||
modifyPass := ldap.NewPasswordModifyRequest(udn, "", "")
|
||||
newpass, err := common.LDAP.PasswordModify(modifyPass)
|
||||
|
|
|
|||
Loading…
Reference in New Issue