llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 04:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Support LDAP search by user tag

Browse Source
This commit is contained in:
Yang Luo
2023-05-12 13:03:43 +08:00
parent c33d537ac1
commit 96a3db21a1
4 changed files with 52 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
ldap/util.go
View File

@ -74,6 +74,15 @@ func getUsername(filter string) string {
return name
}
func stringInSlice(value string, list []string) bool {
for _, item := range list {
if item == value {
return true
}
}
return false
}
func GetFilteredUsers(m *ldap.Message) (filteredUsers []*object.User, code int) {
r := m.GetSearchRequest()
@ -94,13 +103,32 @@ func GetFilteredUsers(m *ldap.Message) (filteredUsers []*object.User, code int)
return nil, ldap.LDAPResultInsufficientAccessRights
}
} else {
hasPermission, err := object.CheckUserPermission(fmt.Sprintf("%s/%s", m.Client.OrgName, m.Client.UserName), fmt.Sprintf("%s/%s", org, name), true, "en")
requestUserId := util.GetId(m.Client.OrgName, m.Client.UserName)
userId := util.GetId(org, name)
hasPermission, err := object.CheckUserPermission(requestUserId, userId, true, "en")
if !hasPermission {
log.Printf("ErrMsg = %v", err.Error())
return nil, ldap.LDAPResultInsufficientAccessRights
}
user := object.GetUser(util.GetId(org, name))
filteredUsers = append(filteredUsers, user)
user := object.GetUser(userId)
if user != nil {
filteredUsers = append(filteredUsers, user)
return filteredUsers, ldap.LDAPResultSuccess
}
organization := object.GetOrganization(util.GetId("admin", org))
if organization == nil {
return nil, ldap.LDAPResultNoSuchObject
}
if !stringInSlice(name, organization.Tags) {
return nil, ldap.LDAPResultNoSuchObject
}
users := object.GetUsersByTag(org, name)
filteredUsers = append(filteredUsers, users...)
return filteredUsers, ldap.LDAPResultSuccess
}
}
@ -130,12 +158,16 @@ func getAttribute(attributeName string, user *object.User) message.AttributeValu
return message.AttributeValue(user.Name)
case "uid":
return message.AttributeValue(user.Name)
case "displayname":
return message.AttributeValue(user.DisplayName)
case "email":
return message.AttributeValue(user.Email)
case "mail":
return message.AttributeValue(user.Email)
case "mobile":
return message.AttributeValue(user.Phone)
case "title":
return message.AttributeValue(user.Tag)
case "userPassword":
return message.AttributeValue(getUserPasswordWithType(user))
default: