Merge pull request #232 from phachon/feature/v0.2.0/auth_login

fix ldap auth login; fix fulltext search
phachon · Aug 6, 2020 · 5b2e00a · 5b2e00a
2 parents 5a552cf + cf9d2e5
commit 5b2e00a
Show file tree

Hide file tree

Showing 4 changed files with 79 additions and 135 deletions.
diff --git a/app/services/auth_login_ldap.go b/app/services/auth_login_ldap.go
@@ -12,25 +12,33 @@ var (
 )
 
 type AuthLoginConfig struct {
-	BaseDn       string `json:"basedn"`
-	BindUsername string `json:"bind_username"`
-	BindPassword string `json:"bind_password"`
+	BaseDn        string `json:"basedn"`
+	BindUsername  string `json:"bind_username"`
+	BindPassword  string `json:"bind_password"`
+	GivenNameKey  string `json:"given_name_key"`
+	EmailKey      string `json:"email_key"`
+	MobileKey     string `json:"mobile_key"`
+	PhoneKey      string `json:"phone_key"`
+	DepartmentKey string `json:"department_key"`
+	PositionKey   string `json:"position_key"`
+	LocationKey   string `json:"location_key"`
+	ImKey         string `json:"im_key"`
 }
 
-// AuthLoinLdapService ldap auth login
-type AuthLoinLdapService struct {
+// AuthLoginLdapService ldap auth login
+type AuthLoginLdapService struct {
 	url    string
 	conf   string
 	config *AuthLoginConfig
 }
 
 // NewAuthLoginLdapService
 func NewAuthLoginLdapService() AuthLoginService {
-	return &AuthLoinLdapService{}
+	return &AuthLoginLdapService{}
 }
 
 // InitConf init ldap auth login config
-func (al *AuthLoinLdapService) InitConf(url string, conf string) error {
+func (al *AuthLoginLdapService) InitConf(url string, conf string) error {
 	al.url = url
 	al.conf = conf
 	authLoginConfig := &AuthLoginConfig{}
@@ -43,14 +51,17 @@ func (al *AuthLoinLdapService) InitConf(url string, conf string) error {
 }
 
 // AuthLogin ldap auth
-func (al *AuthLoinLdapService) AuthLogin(username string, password string) (*AuthLoginResponse, error) {
+func (al *AuthLoginLdapService) AuthLogin(username string, password string) (*AuthLoginResponse, error) {
 
 	if al.url == "" {
 		return nil, fmt.Errorf("LDAP URL is empty")
 	}
 	if al.config == nil || al.conf == "" {
 		return nil, fmt.Errorf("LDAP 配置数据错误")
 	}
+	if al.config.GivenNameKey == "" {
+		return nil, fmt.Errorf("LDAP 配置 given_name_key 错误")
+	}
 
 	lc, err := ldap.DialURL(al.url)
 	if err != nil {
@@ -77,7 +88,7 @@ func (al *AuthLoinLdapService) AuthLogin(username string, password string) (*Aut
 		0,
 		false,
 		fmt.Sprintf("(&(objectClass=User)(userPrincipalName=%s))", username),
-		[]string{"dn", "mail", "displayName", "telephoneNumber", "mobile", "department", "physicalDeliveryOfficeName"},
+		al.GetAttributes(),
 		nil,
 	)
 	searchResult, err := lc.Search(searchRequest)
@@ -96,20 +107,38 @@ func (al *AuthLoinLdapService) AuthLogin(username string, password string) (*Aut
 	}
 
 	result := &AuthLoginResponse{
-		GivenName:  searchResult.Entries[0].GetAttributeValue("displayName"),
-		Email:      searchResult.Entries[0].GetAttributeValue("mail"),
-		Mobile:     searchResult.Entries[0].GetAttributeValue("mobile"),
-		Phone:      searchResult.Entries[0].GetAttributeValue("telephoneNumber"),
-		Department: searchResult.Entries[0].GetAttributeValue("department"),
-		Position:   searchResult.Entries[0].GetAttributeValue(""),
-		Location:   searchResult.Entries[0].GetAttributeValue("physicalDeliveryOfficeName"),
-		Im:         "",
+		GivenName:  searchResult.Entries[0].GetAttributeValue(al.config.GivenNameKey),
+		Email:      searchResult.Entries[0].GetAttributeValue(al.config.EmailKey),
+		Mobile:     searchResult.Entries[0].GetAttributeValue(al.config.MobileKey),
+		Phone:      searchResult.Entries[0].GetAttributeValue(al.config.PhoneKey),
+		Department: searchResult.Entries[0].GetAttributeValue(al.config.DepartmentKey),
+		Position:   searchResult.Entries[0].GetAttributeValue(al.config.PositionKey),
+		Location:   searchResult.Entries[0].GetAttributeValue(al.config.LocationKey),
+		Im:         searchResult.Entries[0].GetAttributeValue(al.config.ImKey),
 	}
 	return result, nil
 }
 
+// GetAttributes get config attribute name
+func (al *AuthLoginLdapService) GetAttributes() []string {
+
+	attributes := []string{"dn"}
+	confAttributes := []string{
+		"dn", al.config.GivenNameKey, al.config.EmailKey,
+		al.config.MobileKey, al.config.PhoneKey, al.config.DepartmentKey,
+		al.config.PositionKey, al.config.LocationKey, al.config.ImKey,
+	}
+	for _, confAttribute := range confAttributes {
+		if confAttribute == "" {
+			continue
+		}
+		attributes = append(attributes, confAttribute)
+	}
+	return attributes
+}
+
 // GetServiceName ldap
-func (al *AuthLoinLdapService) GetServiceName() string {
+func (al *AuthLoginLdapService) GetServiceName() string {
 	return AuthLoginProtocolLdap
 }
 

diff --git a/app/services/doc_index.go b/app/services/doc_index.go
@@ -19,11 +19,22 @@ func NewDocIndexService() *DocIndex {
 	return &DocIndex{}
 }
 
+func (di *DocIndex) IsUpdateDocIndex() bool {
+	fulltextSearchOpen := models.ConfigModel.GetConfigValueByKey(models.ConfigKeyFulltextSearch, "0")
+	if fulltextSearchOpen == "1" {
+		return true
+	}
+	return false
+}
+
 // ForceDelDocIdIndex 强制删除索引
 func (di *DocIndex) ForceDelDocIdIndex(docId string) {
 	if docId == "" {
 		return
 	}
+	if !di.IsUpdateDocIndex() {
+		return
+	}
 	// add search index
 	data := types.DocData{Content: ""}
 	global.DocSearcher.IndexDoc(docId, data, true)
@@ -34,6 +45,9 @@ func (di *DocIndex) ForceUpdateDocIndexByDocId(docId string) error {
 	if docId == "" {
 		return nil
 	}
+	if !di.IsUpdateDocIndex() {
+		return nil
+	}
 	doc, err := models.DocumentModel.GetDocumentByDocumentId(docId)
 	if err != nil {
 		return err
@@ -54,6 +68,9 @@ func (di *DocIndex) UpdateDocIndex(doc map[string]string) {
 	if !ok || docId == "" {
 		return
 	}
+	if !di.IsUpdateDocIndex() {
+		return
+	}
 	content, _, err := models.DocumentModel.GetDocumentContentByDocument(doc)
 	if err != nil {
 		logs.Error("[UpdateDocIndex] get documentId=%s content err: %s", docId, err.Error())
@@ -91,6 +108,9 @@ func (di *DocIndex) UpdateDocsIndex(docs []map[string]string) {
 
 // UpdateAllDocIndex 更新所有的文档
 func (di *DocIndex) UpdateAllDocIndex(batchNum int) {
+	if !di.IsUpdateDocIndex() {
+		return
+	}
 	allDocs, err := models.DocumentModel.GetAllDocuments()
 	if err != nil {
 		logs.Error("[UpdateAllDocIndex] getAllDocuments err: %s", err.Error())

diff --git a/views/system/auth/doc.html b/views/system/auth/doc.html
@@ -30,12 +30,20 @@ <h4><i class="fa fa-address-card-o"></i> 登录认证方式配置文档</h4>
                                 <td>配置数据格式必须为 json 字符串，字段含义如下
 <pre>
 {
-    "basedn":"dc=umich,dc=edu", // ldap base dn; 用于搜索的节点；必填不能为空
-    "bind_username":"readonly", // ldap bind dn; 用来获取查询权限的 bind 用户；非必填可以为空
-    "bind_password":"password"  // ldap bind dn password; bind 用户密码；非必填可以为空
+    "basedn": "dc=umich,dc=edu", // ldap base dn; 用于搜索的节点；必填不能为空
+    "bind_username": "readonly", // ldap bind dn; 用来获取查询权限的 bind 用户；非必填可以为空
+    "bind_password": "password", // ldap bind dn password; bind 用户密码；非必填可以为空
+    "given_name_key": "displayName", // ldap 查询用户名对应的 key，必填
+    "email_key": "mail", // ldap 查询邮箱对应的 key, 没有可为空
+    "mobile_key": "mobile", // ldap 查询手机号对应的 key，没有可为空
+    "phone_key": "telephoneNumber", // ldap 查询电话对应的 key，没有可为空
+    "department_key": "department", // ldap 查询部门对应的 key，没有可为空
+    "position_key": "Position", // ldap 查询职位对应的 key，没有可为空
+    "location_key": "physicalDeliveryOfficeName", // ldap 查询位置对应的 key，没有可为空
+    "im_key": "im" // ldap 查询 im 信息对应的 key，没有可为空
 }
 </pre>
-                                    示例：<code>{"basedn":"dc=umich,dc=edu","bind_username":"my_username","bind_password":"your_password"}</code>
+                                    示例：<code>{"basedn":"dc=umich,dc=edu","bind_username":"readonly","bind_password":"password","given_name_key":"displayName","email_key":"mail","mobile_key":"mobile","phone_key":"telephoneNumber","department_key":"department","position_key":"Position","location_key":"physicalDeliveryOfficeName","im_key":"im"}</code>
                                 </td>
                             </tr>
                             <tr>

diff --git a/views/system/auth/doc_back.html b/views/system/auth/doc_back.html