feat: 修复parentid为0值的问题;补充启动时的初始化数据;用户密码加密类型可配置化 (#307)

opsre · Feb 21, 2024 · 02638f2 · 02638f2
1 parent d00d6df
commit 02638f2
Show file tree

Hide file tree

Showing 6 changed files with 84 additions and 13 deletions.
diff --git a/config.yml b/config.yml
@@ -107,6 +107,8 @@ ldap:
   group-name-modify: false
   # 是否允许更改用户DN
   user-name-modify: false
+  # 用户密码加密方式 默认为 ssha 还可指定为 clear(表示不加密)
+  user-password-encryption-type: "ssha"
   # 默认邮箱后缀
   default-email-suffix: "eryajf.net"
 # 📢 即便用不到如下三段配置信息，也不要删除，否则会有一些奇怪的错误出现

diff --git a/config/config.go b/config/config.go
@@ -140,16 +140,17 @@ type RateLimitConfig struct {
 }
 
 type LdapConfig struct {
-	Url                string `mapstructure:"url" json:"url"`
-	MaxConn            int    `mapstructure:"max-conn" json:"maxConn"`
-	BaseDN             string `mapstructure:"base-dn" json:"baseDN"`
-	AdminDN            string `mapstructure:"admin-dn" json:"adminDN"`
-	AdminPass          string `mapstructure:"admin-pass" json:"adminPass"`
-	UserDN             string `mapstructure:"user-dn" json:"userDN"`
-	UserInitPassword   string `mapstructure:"user-init-password" json:"userInitPassword"`
-	GroupNameModify    bool   `mapstructure:"group-name-modify" json:"groupNameModify"`
-	UserNameModify     bool   `mapstructure:"user-name-modify" json:"userNameModify"`
-	DefaultEmailSuffix string `mapstructure:"default-email-suffix" json:"defaultEmailSuffix"`
+	Url                        string `mapstructure:"url" json:"url"`
+	MaxConn                    int    `mapstructure:"max-conn" json:"maxConn"`
+	BaseDN                     string `mapstructure:"base-dn" json:"baseDN"`
+	AdminDN                    string `mapstructure:"admin-dn" json:"adminDN"`
+	AdminPass                  string `mapstructure:"admin-pass" json:"adminPass"`
+	UserDN                     string `mapstructure:"user-dn" json:"userDN"`
+	UserInitPassword           string `mapstructure:"user-init-password" json:"userInitPassword"`
+	GroupNameModify            bool   `mapstructure:"group-name-modify" json:"groupNameModify"`
+	UserNameModify             bool   `mapstructure:"user-name-modify" json:"userNameModify"`
+	DefaultEmailSuffix         string `mapstructure:"default-email-suffix" json:"defaultEmailSuffix"`
+	UserPasswordEncryptionType string `mapstructure:"user-password-encryption-type" json:"userPasswordEncryptionType"`
 }
 type EmailConfig struct {
 	Host string `mapstructure:"host" json:"host"`

diff --git a/docs/docker-compose/config/init.ldif b/docs/docker-compose/config/init.ldif
@@ -19,4 +19,10 @@ dn: ou=feishuroot,dc=eryajf,dc=net
 ou: feishuroot
 description: 飞书根部门
 objectClass: top
-objectClass: organizationalUnit
+objectClass: organizationalUnit
+
+dn: cn=group,dc=eryajf,dc=net
+cn: group
+description: 默认分组
+objectClass: top
+objectClass: groupOfUniqueNames
diff --git a/model/request/menu_req.go b/model/request/menu_req.go
@@ -38,7 +38,7 @@ type MenuUpdateReq struct {
 	AlwaysShow uint   `json:"alwaysShow" validate:"oneof=1 2"`
 	Breadcrumb uint   `json:"breadcrumb" validate:"oneof=1 2"`
 	ActiveMenu string `json:"activeMenu" validate:"min=0,max=100"`
-	ParentId   uint   `json:"parentId" validate:"required"`
+	ParentId   uint   `json:"parentId" validate:"gte=0"`
 }
 
 // MenuDeleteReq 删除资源结构体

diff --git a/public/common/init_mysql_data.go b/public/common/init_mysql_data.go
@@ -9,6 +9,7 @@ import (
 	"github.com/eryajf/go-ldap-admin/public/tools"
 
 	"github.com/thoas/go-funk"
+	"gorm.io/datatypes"
 	"gorm.io/gorm"
 )
 
@@ -760,6 +761,18 @@ func InitData() {
 			SourceDeptParentId: fmt.Sprintf("%s_%d", config.Conf.FeiShu.Flag, 0),
 			GroupDN:            fmt.Sprintf("ou=%s,%s", config.Conf.FeiShu.Flag+"root", config.Conf.Ldap.BaseDN),
 		},
+		{
+			Model:              gorm.Model{ID: 5},
+			GroupName:          "group",
+			Remark:             "默认分组",
+			Creator:            "system",
+			GroupType:          "cn",
+			ParentId:           1,
+			SourceDeptId:       "platform_0",
+			Source:             "platform",
+			SourceDeptParentId: "openldap_1",
+			GroupDN:            fmt.Sprintf("cn=%s,%s", "group", config.Conf.Ldap.BaseDN),
+		},
 	}
 
 	for _, group := range groups {
@@ -774,4 +787,47 @@ func InitData() {
 			Log.Errorf("写入分组数据失败：%v", err)
 		}
 	}
+
+	// 7.写入关系管理
+	filedRelation := []model.FieldRelation{
+		{
+			Flag:       "dingtalk_group",
+			Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"id","sourceDeptParentId":"parentid"}`),
+		},
+		{
+			Flag:       "dingtalk_user",
+			Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"name","introduction":"remark","jobNumber":"job_number","mail":"email","mobile":"mobile","nickname":"name","position":"title","postalAddress":"work_place","sourceUnionId":"unionid","sourceUserId":"userid","username":"custom_name_pinyin"}`),
+		},
+		{
+			Flag:       "feishu_group",
+			Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"open_department_id","sourceDeptParentId":"parent_department_id"}`),
+		},
+		{
+			Flag:       "feishu_user",
+			Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"name","introduction":"name","jobNumber":"employee_no","mail":"email","mobile":"mobile","nickname":"name","position":"job_title","postalAddress":"work_station","sourceUnionId":"union_id","sourceUserId":"user_id","username":"custom_name_pinyin"}`),
+		},
+		{
+			Flag:       "wecom_group",
+			Attributes: datatypes.JSON(`{"groupName":"custom_name_pinyin","remark":"name","sourceDeptId":"parentid","sourceDeptParentId":"id"}`),
+		},
+		{
+			Flag:       "wecom_user",
+			Attributes: datatypes.JSON(`{"avatar":"avatar","givenName":"alias","introduction":"name","jobNumber":"mobile","mail":"email","mobile":"mobile","nickname":"name","position":"external_position","postalAddress":"address","sourceUnionId":"userid","sourceUserId":"userid","username":"custom_name_pinyin"}`),
+		},
+	}
+
+	newFieldRelations := make([]model.FieldRelation, 0)
+	for i, newFieldRelation := range filedRelation {
+		newFieldRelation.ID = uint(i + 1)
+		err := DB.First(&newFieldRelation, newFieldRelation.ID).Error
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			newFieldRelations = append(newFieldRelations, newFieldRelation)
+		}
+	}
+
+	if len(newFieldRelations) > 0 {
+		if err := DB.Create(&newFieldRelations).Error; err != nil {
+			Log.Errorf("写入关系数据失败：%v", err)
+		}
+	}
 }
diff --git a/service/ildap/user_ildap.go b/service/ildap/user_ildap.go
@@ -29,7 +29,13 @@ func (x UserService) Add(user *model.User) error {
 	add.Attribute("postalAddress", []string{user.PostalAddress})
 	add.Attribute("mobile", []string{user.Mobile})
 	add.Attribute("uid", []string{user.Username})
-	add.Attribute("userPassword", []string{tools.EncodePass([]byte(tools.NewParPasswd(user.Password)))})
+	var pass string
+	if config.Conf.Ldap.UserPasswordEncryptionType == "clear" {
+		pass = user.Password
+	} else {
+		pass = tools.EncodePass([]byte(tools.NewParPasswd(user.Password)))
+	}
+	add.Attribute("userPassword", []string{pass})
 
 	// 获取 LDAP 连接
 	conn, err := common.GetLDAPConn()