123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 |
- package ldap
- import (
- "crypto/md5"
- "encoding/hex"
- "errors"
- "fmt"
- "github.com/astaxie/beego/orm"
- "nginx-ui/server/config"
- "nginx-ui/server/models"
- "nginx-ui/server/vo"
- )
- type ServerService struct {
- }
- // GetServer 获取一个可用的LDAP 连接, 用于登录时获取服务信息
- func (c *ServerService) GetServer() (*models.LdapServer, error) {
- o := orm.NewOrm()
- server := models.LdapServer{
- Active: true,
- }
- err := o.Read(&server, "Active")
- if err != nil {
- return nil, err
- }
- return &server, nil
- }
- func (c *ServerService) Login(req *LDAPLoginReq) (*models.User, error) {
- server := models.LdapServer{Key: req.ServerKey}
- o := orm.NewOrm()
- err := o.Read(&server, "Key")
- if err != nil {
- return nil, errors.New("未找到对应的LDAP服务!")
- }
- user, err := UserIns.Authentication(&server, req.Account, req.Password)
- if err != nil {
- return nil, err
- }
- user.Password = ""
- return user, nil
- }
- // GetServers 获取用户所有的LDAP连接
- // get /ldap/server
- func (c *ServerService) GetServers(current *models.User, req *vo.PageReq) (*vo.PageResp, error) {
- o := orm.NewOrm()
- req.Ensure()
- qs := o.QueryTable(&models.LdapServer{})
- if !current.IsAdmin() {
- qs = qs.Filter("Uid", current.Account)
- }
- total, err := qs.Count()
- if err != nil {
- return nil, err
- }
- qs.OrderBy("Id")
- qs.Offset(req.Offset)
- qs.Limit(req.PageSize)
- var list []*models.LdapServer
- _, err = qs.All(&list)
- for _, v := range list {
- v.Password = config.ReplacePassword
- }
- if err != nil {
- return nil, err
- }
- resp := vo.PageResp{
- Current: req.Current,
- PageSize: req.PageSize,
- Total: total,
- List: list,
- }
- return &resp, err
- }
- // Update 保存或者修改
- // post /ldap/server
- func (c *ServerService) Update(current *models.User, body *models.LdapServer) (*models.LdapServer, error) {
- body.Uid = string(rune(current.Id))
- if body.Url == "" {
- return nil, errors.New("请完成服务配置,缺少Url!")
- }
- if body.Key == "" {
- key := md5.Sum([]byte(body.Url))
- body.Key = hex.EncodeToString(key[:])
- }
- o := orm.NewOrm()
- if body.Id == 0 {
- exist := models.LdapServer{Key: body.Key}
- err := o.Read(&exist, "Key")
- if err != nil && !errors.Is(err, orm.ErrNoRows) {
- return nil, err
- }
- if exist.Id > 0 {
- return nil, errors.New("该服务Url已存在!")
- }
- }
- if body.Id > 0 {
- exist := models.LdapServer{Id: body.Id}
- err := o.Read(&exist, "Id")
- if err != nil {
- return nil, err
- }
- if config.ReplacePassword == body.Password {
- body.Password = exist.Password
- }
- _, err = o.Update(body)
- if err != nil {
- return nil, err
- }
- } else {
- id, err := o.Insert(body)
- if err != nil {
- return nil, err
- }
- body.Id = int(id)
- }
- CloseActiveClient(body)
- return body, nil
- }
- // Add Update 保存或者修改
- func (c *ServerService) Add(current *models.User, body *models.LdapServer) (*models.LdapServer, error) {
- if body.Url == "" {
- return nil, errors.New("请完成服务配置,缺少Url!")
- }
- if body.Key == "" {
- key := md5.Sum([]byte(body.Url))
- body.Key = hex.EncodeToString(key[:])
- }
- o := orm.NewOrm()
- if body.Id == 0 {
- exist := models.LdapServer{Key: body.Key}
- err := o.Read(&exist, "Key")
- if err != nil && !errors.Is(err, orm.ErrNoRows) {
- return nil, err
- }
- if exist.Id > 0 {
- return nil, errors.New("该服务Url已存在!")
- }
- }
- if body.Id > 0 {
- exist := models.LdapServer{Id: body.Id}
- err := o.Read(&exist, "Id")
- if err != nil {
- return nil, err
- }
- if config.ReplacePassword == body.Password {
- body.Password = exist.Password
- }
- _, err = o.Update(body)
- if err != nil {
- return nil, err
- }
- } else {
- id, err := o.Insert(body)
- if err != nil {
- return nil, err
- }
- body.Id = int(id)
- }
- return body, nil
- }
- // VerifyServer 验证服务
- func (c *ServerService) VerifyServer(req *VerifyReq) ([]*models.LdapUser, error) {
- var server = &models.LdapServer{
- Id: req.Id,
- }
- o := orm.NewOrm()
- err := o.Read(server, "Id")
- if err != nil {
- return nil, err
- }
- if req.Filter == "" && req.Username != "" {
- req.Filter = fmt.Sprintf("(&(objectClass=*)(uid=%s))", req.Username)
- }
- users, _, err := UserIns.Search(server, req.Filter)
- if err != nil {
- return nil, err
- }
- return users, nil
- }
- // GetUsers 获取全部用户
- // get /ldap/users
- func (c *ServerService) GetUsers(current *models.User, req *UserListReq) (*vo.PageResp, error) {
- req.Ensure()
- o := orm.NewOrm()
- qs := o.QueryTable(&models.LdapUser{})
- if !current.IsAdmin() {
- qs = qs.Filter("Uid", current.Account)
- }
- qs = qs.Filter("ServerKey", req.ServerKey)
- total, err := qs.Count()
- if err != nil {
- return nil, err
- }
- qs.OrderBy("Id")
- qs.Offset(req.Offset)
- qs.Limit(req.PageSize)
- var list []*models.LdapUser
- _, err = qs.All(&list)
- if err != nil {
- return nil, err
- }
- resp := vo.PageResp{
- Current: req.Current,
- PageSize: req.PageSize,
- Total: total,
- List: list,
- }
- return &resp, nil
- }
- // GetServer 根据Key获取服信息
- func GetServer(key string) (*models.LdapServer, error) {
- server := models.LdapServer{
- Key: key,
- }
- o := orm.NewOrm()
- err := o.Read(&server, "Key")
- if err != nil {
- return nil, err
- }
- return &server, nil
- }
|