zishuo/golib
1
0
Fork 0
mirror of https://github.com/nabbar/golib.git synced 2025-10-05 07:46:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Package LDAP: fix & optimize ldap group filtering attribute

Browse Source 
Signed-off-by: Nicolas JUHEL <githubatcom@nabbar.com>
This commit is contained in:
Nicolas JUHEL
2025-07-30 16:26:15 +02:00
committed by GitHub
parent e27ced7353
commit a79e6616fc
1 changed files with 42 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
ldap/ldap.go
View File

@@ -30,6 +30,7 @@ import (
"crypto/tls" "crypto/tls"
"fmt" "fmt"
"net" "net"
"slices"
"strings" "strings"
"github.com/go-ldap/ldap/v3" "github.com/go-ldap/ldap/v3"
@@ -547,37 +548,64 @@ func (lc *HelperLDAP) UserInfoByField(username string, fieldOfUnicValue string)
func (lc *HelperLDAP) GroupInfo(groupname string) (map[string]interface{}, liberr.Error) { func (lc *HelperLDAP) GroupInfo(groupname string) (map[string]interface{}, liberr.Error) {
return lc.GroupInfoByField(groupname, groupFieldCN) return lc.GroupInfoByField(groupname, groupFieldCN)
} }
func (lc *HelperLDAP) AttributeFilter(search string,
filter string, attribute string) (map[string][]string,
liberr.Error) {
func (lc *HelperLDAP) AttributeFilter(search string, filter string, allAttribute bool, attribute ...string) (map[string]map[string]string, liberr.Error) {
var ( var (
err liberr.Error err liberr.Error
src *ldap.SearchResult src *ldap.SearchResult
grpInfo map[string][]string grpInfo = make(map[string]map[string]string, 0)
) )
src, err = lc.runSearch(fmt.Sprintf("(&(objectClass~=groupOfNames)(%s=%s))", filter, search), []string{}) if !slices.Contains(attribute, "cn") {
attribute = append(append(make([]string, 0, len(attribute)+1), "cn"), attribute...)
}
if len(filter) > 0 && len(search) > 0 {
src, err = lc.runSearch(fmt.Sprintf("(&(objectClass~=groupOfNames)(%s=%s))", filter, search), attribute)
} else {
src, err = lc.runSearch("(&(objectClass~=groupOfNames))", attribute)
}
if err != nil { if err != nil {
return grpInfo, err return grpInfo, err
} } else if len(src.Entries) == 0 {
if len(src.Entries) == 0 {
return nil, ErrorLDAPGroupNotFound.Error(nil) return nil, ErrorLDAPGroupNotFound.Error(nil)
} }
grpInfo = make(map[string][]string, len(src.Entries)) for i := range src.Entries {
if src.Entries[i] == nil {
continue
} else if len(src.Entries[i].Attributes) < 1 {
continue
}
for _, entry := range src.Entries { var g = make(map[string]string, 0)
for _, entryAttribute := range entry.Attributes {
if entryAttribute.Name == attribute { for j := range src.Entries[i].Attributes {
grpInfo[entryAttribute.Name] = append(grpInfo[entryAttribute.Name], entryAttribute.Values...) if src.Entries[i].Attributes[j] == nil {
continue
} else if len(src.Entries[i].Attributes[j].Name) < 1 {
continue
} else if len(src.Entries[i].Attributes[j].Values) < 1 {
continue
} else if slices.Contains(attribute, src.Entries[i].Attributes[j].Name) {
g[src.Entries[i].Attributes[j].Name] = strings.Join(src.Entries[i].Attributes[j].Values, " ")
} }
} }
if len(g) < 1 {
continue
} else if allAttribute && len(g) != len(attribute) {
continue
}
if _, k := g["cn"]; k {
grpInfo[g["cn"]] = g
continue
}
} }
lc.getLogEntry(loglvl.DebugLevel, "ldap group find success").FieldAdd("ldap.group", search).FieldAdd("ldap.map", grpInfo).Log() lc.getLogEntry(loglvl.DebugLevel, "ldap group find success").FieldAdd("ldap.group", search).FieldAdd("ldap.attributes", strings.Join(attribute, ",")).FieldAdd("ldap.result.len", len(grpInfo)).Log()
return grpInfo, nil return grpInfo, nil
} }