From 08f55a6b69b2409fd9517ae4de4ab9c392c2243b Mon Sep 17 00:00:00 2001 From: YuleiLan Date: Wed, 19 Aug 2020 13:36:27 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E7=B3=BB=E7=BB=9F=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E5=8A=9F=E8=83=BD=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apis/system/settings.go | 8 ++++++- config/db.sql | 7 ++++++- handler/auth.go | 13 ++++++------ pkg/ldap/ldapFieldsMap.go | 41 ++++++++++++++++++++++++++++++++++++ pkg/ldap/search.go | 42 ++++++++++++++++++++++++++++++++++--- router/system/sys_router.go | 2 +- 6 files changed, 101 insertions(+), 12 deletions(-) create mode 100644 pkg/ldap/ldapFieldsMap.go diff --git a/apis/system/settings.go b/apis/system/settings.go index 0be42f8..6035442 100644 --- a/apis/system/settings.go +++ b/apis/system/settings.go @@ -18,9 +18,15 @@ func GetSettingsInfo(c *gin.Context) { var ( err error settingsInfo []*system.Settings + classify string ) + db := orm.Eloquent.Model(&settingsInfo) + classify = c.DefaultQuery("classify", "") + if classify != "" { + db = db.Where("classify = ?", classify) + } - err = orm.Eloquent.Model(&settingsInfo).Find(&settingsInfo).Error + err = db.Find(&settingsInfo).Error if err != nil { app.Error(c, -1, fmt.Errorf("查询数据失败,%v", err.Error()), "") return diff --git a/config/db.sql b/config/db.sql index 34daee0..114b600 100644 --- a/config/db.sql +++ b/config/db.sql @@ -272,6 +272,8 @@ INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, `menu_type`, `action`, `permission`, `parent_id`, `no_cache`, `breadcrumb`, `component`, `sort`, `visible`, `create_by`, `update_by`, `is_frame`, `create_time`, `update_time`, `delete_time`) VALUES (353, '', '系统配置', 'system', '', '/0/63/280/353', 'M', '', '', 280, '0', '', '', 2, '1', '1', '1', 0, '2020-08-19 00:40:11', '2020-08-19 00:41:32', NULL); INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, `menu_type`, `action`, `permission`, `parent_id`, `no_cache`, `breadcrumb`, `component`, `sort`, `visible`, `create_by`, `update_by`, `is_frame`, `create_time`, `update_time`, `delete_time`) VALUES (354, '', '设置配置', 'bug', '/api/v1/settings', '/0/63/280/353/354', 'A', 'POST', '', 353, '0', '', '', 1, '1', '1', '1', 1, '2020-08-19 00:41:01', '2020-08-19 00:42:25', NULL); INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, `menu_type`, `action`, `permission`, `parent_id`, `no_cache`, `breadcrumb`, `component`, `sort`, `visible`, `create_by`, `update_by`, `is_frame`, `create_time`, `update_time`, `delete_time`) VALUES (355, '', '获取配置', 'bug', '/api/v1/settings', '/0/63/280/353/355', 'A', 'GET', '', 353, '0', '', '', 0, '1', '1', '', 1, '2020-08-19 00:42:47', '2020-08-19 00:42:47', NULL); +INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, `menu_type`, `action`, `permission`, `parent_id`, `no_cache`, `breadcrumb`, `component`, `sort`, `visible`, `create_by`, `update_by`, `is_frame`, `create_time`, `update_time`, `delete_time`) VALUES (356, '', '保存系统配置', '', '', '/0/2/352/356', 'F', '', 'system:settings:index:config', 352, '0', '', '', 0, '0', '1', '', 1, '2020-08-19 13:28:23', '2020-08-19 13:28:23', NULL); +INSERT INTO `sys_menu`(`menu_id`, `menu_name`, `title`, `icon`, `path`, `paths`, `menu_type`, `action`, `permission`, `parent_id`, `no_cache`, `breadcrumb`, `component`, `sort`, `visible`, `create_by`, `update_by`, `is_frame`, `create_time`, `update_time`, `delete_time`) VALUES (357, '', '保存LDAP配置', '', '', '/0/2/352/357', 'F', '', 'system:settings:index:ldap', 352, '0', '', '', 0, '0', '1', '', 1, '2020-08-19 13:29:08', '2020-08-19 13:29:08', NULL); COMMIT; BEGIN; @@ -451,6 +453,8 @@ INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `upd INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (1, 353, 'admin', NULL, NULL); INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (1, 354, 'admin', NULL, NULL); INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (1, 355, 'admin', NULL, NULL); +INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (1, 356, 'admin', NULL, NULL); +INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (1, 357, 'admin', NULL, NULL); INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (2, 63, 'common', NULL, NULL); INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (2, 80, 'common', NULL, NULL); INSERT INTO `sys_role_menu`(`role_id`, `menu_id`, `role_name`, `create_by`, `update_by`) VALUES (2, 92, 'common', NULL, NULL); @@ -477,7 +481,8 @@ INSERT INTO `sys_user`(`user_id`, `nick_name`, `phone`, `role_id`, `salt`, `avat COMMIT; BEGIN; -INSERT INTO `ferry`.`sys_settings`(`id`, `create_time`, `update_time`, `delete_time`, `classify`, `content`) VALUES (3, '2020-08-19 01:00:19', '2020-08-19 01:00:19', NULL, 2, '[{\"ldap_field_name\": \"\", \"local_field_name\": \"username\", \"local_field_nick\": \"用户名\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"nick_name\", \"local_field_nick\": \"用户昵称\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"phone\", \"local_field_nick\": \"手机号\"}, {\"ldap_field_name\": 0, \"local_field_name\": \"role_id\", \"local_field_nick\": \"默认角色ID\"}, {\"ldap_field_name\": 0, \"local_field_name\": \"dept_id\", \"local_field_nick\": \"默认部门ID\"}, {\"ldap_field_name\": 0, \"local_field_name\": \"post_id\", \"local_field_nick\": \"默认职位ID\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"avatar\", \"local_field_nick\": \"头像\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"sex\", \"local_field_nick\": \"性别\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"email\", \"local_field_nick\": \"邮箱\"}, {\"ldap_field_name\": 0, \"local_field_name\": \"status\", \"local_field_nick\": \"状态\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"remark\", \"local_field_nick\": \"备注\"}]'); +INSERT INTO `sys_settings`(`id`, `create_time`, `update_time`, `delete_time`, `classify`, `content`) VALUES (3, '2020-08-19 01:00:19', '2020-08-19 12:40:47', NULL, 2, '[{\"ldap_field_name\": \"givenName\", \"local_field_name\": \"nick_name\", \"local_field_nick\": \"用户昵称\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"phone\", \"local_field_nick\": \"手机号\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"avatar\", \"local_field_nick\": \"头像\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"sex\", \"local_field_nick\": \"性别\"}, {\"ldap_field_name\": \"mail\", \"local_field_name\": \"email\", \"local_field_nick\": \"邮箱\"}, {\"ldap_field_name\": \"\", \"local_field_name\": \"remark\", \"local_field_nick\": \"备注\"}]'); +INSERT INTO `sys_settings`(`id`, `create_time`, `update_time`, `delete_time`, `classify`, `content`) VALUES (4, '2020-08-19 12:42:10', '2020-08-19 13:22:56', NULL, 1, '{\"logo\": \"https://www.fdevops.com/wp-content/uploads/2020/08/1597815294-ferry_logo_white.png\", \"name\": \"ferry 管理平台\"}'); COMMIT; SET FOREIGN_KEY_CHECKS = 1; diff --git a/handler/auth.go b/handler/auth.go index f14e92d..7a260b3 100644 --- a/handler/auth.go +++ b/handler/auth.go @@ -113,6 +113,10 @@ func Authenticator(c *gin.Context) (interface{}, error) { if err != nil { return nil, errors.New(fmt.Sprintf("查询用户失败,%v", err)) } + addUserInfo, err = ldap1.LdapFieldsMap(ldapUserInfo) + if err != nil { + return nil, fmt.Errorf("ldap映射本地字段失败,%v", err.Error()) + } if authUserCount == 0 { addUserInfo.Username = loginVal.Username // 获取默认权限ID @@ -124,12 +128,9 @@ func Authenticator(c *gin.Context) (interface{}, error) { addUserInfo.Status = "0" addUserInfo.CreatedAt = time.Now() addUserInfo.UpdatedAt = time.Now() - addUserInfo.Email = ldapUserInfo.GetAttributeValue("mail") - addUserInfo.Phone = ldapUserInfo.GetAttributeValue("mobile") - addUserInfo.NickName = ldapUserInfo.GetAttributeValue("givenName") - addUserInfo.CreateBy = "1" - addUserInfo.UpdateBy = "1" - addUserInfo.Sex = "0" + if addUserInfo.Sex == "" { + addUserInfo.Sex = "0" + } err = orm.Eloquent.Table("sys_user").Create(&addUserInfo).Error if err != nil { return nil, errors.New(fmt.Sprintf("创建本地用户失败,%v", err)) diff --git a/pkg/ldap/ldapFieldsMap.go b/pkg/ldap/ldapFieldsMap.go new file mode 100644 index 0000000..406831c --- /dev/null +++ b/pkg/ldap/ldapFieldsMap.go @@ -0,0 +1,41 @@ +package ldap + +import ( + "ferry/models/system" + + "github.com/go-ldap/ldap/v3" +) + +/* + @Author : lanyulei +*/ + +func LdapFieldsMap(ldapUserInfo *ldap.Entry) (userInfo system.SysUser, err error) { + var ( + ldapFields []map[string]string + ) + + ldapFields, err = getLdapFields() + if err != nil { + return + } + + for _, v := range ldapFields { + switch v["local_field_name"] { + case "nick_name": + userInfo.NickName = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + case "phone": + userInfo.Phone = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + case "avatar": + userInfo.Avatar = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + case "sex": + userInfo.Sex = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + case "email": + userInfo.Email = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + case "remark": + userInfo.Remark = ldapUserInfo.GetAttributeValue(v["ldap_field_name"]) + } + } + + return +} diff --git a/pkg/ldap/search.go b/pkg/ldap/search.go index d73776b..80a87dd 100644 --- a/pkg/ldap/search.go +++ b/pkg/ldap/search.go @@ -1,7 +1,10 @@ package ldap import ( + "encoding/json" "errors" + "ferry/global/orm" + "ferry/models/system" "ferry/pkg/logger" "fmt" @@ -13,9 +16,42 @@ import ( @Author : lanyulei */ -func searchRequest(username string) (userInfo *ldap.Entry, err error) { - var cur *ldap.SearchResult +func getLdapFields() (ldapFields []map[string]string, err error) { + var ( + settingsValue system.Settings + contentList []map[string]string + ) + err = orm.Eloquent.Model(&settingsValue).Where("classify = 2").Find(&settingsValue).Error + if err != nil { + return + } + + err = json.Unmarshal(settingsValue.Content, &contentList) + if err != nil { + return + } + + for _, v := range contentList { + if v["ldap_field_name"] != "" { + ldapFields = append(ldapFields, v) + } + } + return +} + +func searchRequest(username string) (userInfo *ldap.Entry, err error) { + var ( + ldapFields []map[string]string + cur *ldap.SearchResult + ldapFieldsFilter = []string{ + "dn", + } + ) + ldapFields, err = getLdapFields() + for _, v := range ldapFields { + ldapFieldsFilter = append(ldapFieldsFilter, v["ldap_field_name"]) + } // 用来获取查询权限的用户。如果 ldap 禁止了匿名查询,那我们就需要先用这个帐户 bind 以下才能开始查询 if !viper.GetBool("settings.ldap.anonymousQuery") { err = conn.Bind( @@ -37,7 +73,7 @@ func searchRequest(username string) (userInfo *ldap.Entry, err error) { 0, false, fmt.Sprintf("(cn=%s)", username), - []string{"dn", "sAMAccountName", "displayName", "mail", "mobile", "employeeID", "givenName"}, + ldapFieldsFilter, nil) if cur, err = conn.Search(sql); err != nil { diff --git a/router/system/sys_router.go b/router/system/sys_router.go index 1e880bb..9d66a5c 100644 --- a/router/system/sys_router.go +++ b/router/system/sys_router.go @@ -24,6 +24,7 @@ func SysNoCheckRoleRouter(r *gin.RouterGroup) { v1.GET("/monitor/server", monitor.ServerInfo) v1.GET("/getCaptcha", system.GenerateCaptchaHandler) v1.GET("/menuTreeselect", system.GetMenuTreeelect) + v1.GET("/settings", system.GetSettingsInfo) registerPublicRouter(v1) } @@ -127,7 +128,6 @@ func RegisterDeptRouter(v1 *gin.RouterGroup, authMiddleware *jwt.GinJWTMiddlewar func RegisterSysSettingRouter(v1 *gin.RouterGroup, authMiddleware *jwt.GinJWTMiddleware) { setting := v1.Group("/settings").Use(authMiddleware.MiddlewareFunc()).Use(middleware.AuthCheckRole()) { - setting.GET("", system.GetSettingsInfo) setting.POST("", system.SetSettingsInfo) } }