-
-
Notifications
You must be signed in to change notification settings - Fork 273
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
15 changed files
with
333 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,184 @@ | ||
package logic | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/eryajf/go-ldap-admin/config" | ||
"github.com/eryajf/go-ldap-admin/model" | ||
"github.com/eryajf/go-ldap-admin/model/request" | ||
"github.com/eryajf/go-ldap-admin/public/tools" | ||
"github.com/eryajf/go-ldap-admin/service/ildap" | ||
"github.com/eryajf/go-ldap-admin/service/isql" | ||
"github.com/gin-gonic/gin" | ||
) | ||
|
||
type SqlLogic struct{} | ||
|
||
// 同步sql的用户信息到ldap | ||
func (d *SqlLogic) SyncSqlUsers(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) { | ||
r, ok := req.(*request.SyncSqlUserReq) | ||
if !ok { | ||
return nil, ReqAssertErr | ||
} | ||
_ = c | ||
// 1.获取所有用户 | ||
for _, id := range r.UserIds { | ||
filter := tools.H{"id": int(id)} | ||
if !isql.User.Exist(filter) { | ||
return nil, tools.NewMySqlError(fmt.Errorf("有用户不存在")) | ||
} | ||
} | ||
users, err := isql.User.GetUserByIds(r.UserIds) | ||
if err != nil { | ||
return nil, tools.NewMySqlError(fmt.Errorf("获取用户信息失败: " + err.Error())) | ||
} | ||
// 2.再将用户添加到ldap | ||
for _, user := range users { | ||
err = ildap.User.Add(&user) | ||
if err != nil { | ||
return nil, tools.NewLdapError(fmt.Errorf("SyncUser向LDAP同步用户失败:" + err.Error())) | ||
} | ||
// 获取用户将要添加的分组 | ||
groups, err := isql.Group.GetGroupByIds(tools.StringToSlice(user.DepartmentId, ",")) | ||
if err != nil { | ||
return nil, tools.NewMySqlError(fmt.Errorf("根据部门ID获取部门信息失败" + err.Error())) | ||
} | ||
for _, group := range groups { | ||
//根据选择的部门,添加到部门内 | ||
err = ildap.Group.AddUserToGroup(group.GroupDN, user.UserDN) | ||
if err != nil { | ||
return nil, tools.NewMySqlError(fmt.Errorf("向Ldap添加用户到分组关系失败:" + err.Error())) | ||
} | ||
} | ||
user.SyncState = 1 | ||
err = isql.User.Update(&user) | ||
if err != nil { | ||
return nil, tools.NewLdapError(fmt.Errorf("用户同步完毕之后更新状态失败:" + err.Error())) | ||
} | ||
} | ||
|
||
return nil, nil | ||
} | ||
|
||
// 同步sql中的分组信息到ldap | ||
func (d *SqlLogic) SyncSqlGroups(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) { | ||
r, ok := req.(*request.SyncSqlGrooupsReq) | ||
if !ok { | ||
return nil, ReqAssertErr | ||
} | ||
_ = c | ||
// 1.获取所有分组 | ||
for _, id := range r.GroupIds { | ||
filter := tools.H{"id": int(id)} | ||
if !isql.Group.Exist(filter) { | ||
return nil, tools.NewMySqlError(fmt.Errorf("有分组不存在")) | ||
} | ||
} | ||
groups, err := isql.Group.GetGroupByIds(r.GroupIds) | ||
if err != nil { | ||
return nil, tools.NewMySqlError(fmt.Errorf("获取分组信息失败: " + err.Error())) | ||
} | ||
// 2.再将分组添加到ldap | ||
for _, group := range groups { | ||
err = ildap.Group.Add(group) | ||
if err != nil { | ||
return nil, tools.NewLdapError(fmt.Errorf("SyncUser向LDAP同步分组失败:" + err.Error())) | ||
} | ||
if len(group.Users) > 0 { | ||
for _, user := range group.Users { | ||
if user.UserDN == config.Conf.Ldap.AdminDN { | ||
continue | ||
} | ||
err = ildap.Group.AddUserToGroup(group.GroupDN, user.UserDN) | ||
if err != nil { | ||
return nil, tools.NewLdapError(fmt.Errorf("同步分组之后处理分组内的用户失败:" + err.Error())) | ||
} | ||
} | ||
} | ||
group.SyncState = 1 | ||
err = isql.Group.Update(group) | ||
if err != nil { | ||
return nil, tools.NewLdapError(fmt.Errorf("分组同步完毕之后更新状态失败:" + err.Error())) | ||
} | ||
} | ||
|
||
return nil, nil | ||
} | ||
|
||
// 检索未同步到ldap中的分组 | ||
func SearchGroupDiff() (err error) { | ||
// 获取sql中的数据 | ||
var sqlGroupList []*model.Group | ||
sqlGroupList, err = isql.Group.ListAll() | ||
if err != nil { | ||
return err | ||
} | ||
// 获取ldap中的数据 | ||
var ldapGroupList []*model.Group | ||
ldapGroupList, err = ildap.Group.ListGroupDN() | ||
if err != nil { | ||
return err | ||
} | ||
// 比对两个系统中的数据 | ||
groups := diffGroup(sqlGroupList, ldapGroupList) | ||
for _, group := range groups { | ||
if group.GroupDN == config.Conf.Ldap.BaseDN { | ||
continue | ||
} | ||
group.SyncState = 2 | ||
err = isql.Group.Update(group) | ||
} | ||
return | ||
} | ||
|
||
// 检索未同步到ldap中的用户 | ||
func SearchUserDiff() (err error) { | ||
// 获取sql中的数据 | ||
var sqlUserList []*model.User | ||
sqlUserList, err = isql.User.ListAll() | ||
if err != nil { | ||
return err | ||
} | ||
// 获取ldap中的数据 | ||
var ldapUserList []*model.User | ||
ldapUserList, err = ildap.User.ListUserDN() | ||
if err != nil { | ||
return err | ||
} | ||
// 比对两个系统中的数据 | ||
users := diffUser(sqlUserList, ldapUserList) | ||
for _, user := range users { | ||
user.SyncState = 2 | ||
err = isql.User.Update(user) | ||
} | ||
return | ||
} | ||
|
||
func diffGroup(a, b []*model.Group) (rst []*model.Group) { | ||
var tmp = make(map[string]struct{}, 0) | ||
|
||
for _, v := range b { | ||
tmp[v.GroupDN] = struct{}{} | ||
} | ||
|
||
for _, v := range a { | ||
if _, ok := tmp[v.GroupDN]; !ok { | ||
rst = append(rst, v) | ||
} | ||
} | ||
return | ||
} | ||
func diffUser(a, b []*model.User) (rst []*model.User) { | ||
var tmp = make(map[string]struct{}, len(a)) | ||
|
||
for _, v := range b { | ||
tmp[v.UserDN] = struct{}{} | ||
} | ||
|
||
for _, v := range a { | ||
if _, ok := tmp[v.UserDN]; !ok { | ||
rst = append(rst, v) | ||
} | ||
} | ||
return | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.