func (this *UserController) About() {
name := this.Ctx.Input.Param(":name")
var u *User
if !g.Config().Ldap.Enabled {
u = ReadUserByName(name)
} else {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u = &User{
Name: name,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
Created: time.Now(),
}
udb := ReadUserByName(name)
if udb != nil {
u.QQ = udb.QQ
u.IM = udb.IM
}
}
}
if u == nil {
this.NotFound("no such user")
return
}
this.Data["User"] = u
this.TplName = "user/about.html"
}
func (this *UserController) Users() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var us []User
var total int64
per := this.MustGetInt("per", 20)
var pager *web.Paginator
if !g.Config().Ldap.Enabled {
users := QueryUsers(query)
total, err := users.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager = this.SetPaginator(per, total)
users = users.Limit(per, pager.Offset())
_, err = users.All(&us)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
} else {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
}
total = 1
//查询此用户的role
obj := ReadUserByName(query)
if obj != nil {
u.Role = obj.Role
u.QQ = obj.QQ
u.IM = obj.IM
}
us = append(us, u)
}
pager = this.SetPaginator(per, total)
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
this.Data["Users"] = us
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
this.TplName = "user/list.html"
}
func (this *AuthController) LoginPost() {
name := this.GetString("name", "")
password := this.GetString("password", "")
//qtyep := this.GetString("type","page")
if name == "" || password == "" {
this.ServeErrJson("name or password is blank")
return
}
var u *User
ldapEnabled := this.MustGetBool("ldap", false)
if ldapEnabled && name != "root" {
sucess, err := utils.LdapBind(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
password)
if err != nil {
this.ServeErrJson(err.Error())
return
}
if !sucess {
this.ServeErrJson("name or password error")
return
}
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
}
arr := strings.Split(name, "@")
var userName, userEmail string
if len(arr) == 2 {
userName = arr[0]
userEmail = name
} else {
userName = name
userEmail = userMail
}
u = ReadUserByName(userName)
if u == nil {
// 说明用户不存在
u = &User{
Name: userName,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userEmail,
Created: time.Now(),
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
} else {
u = ReadUserByName(name)
if u == nil {
this.ServeErrJson("no such user")
return
}
if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
this.ServeErrJson("password error")
return
}
}
expired := this.CreateSession(u.Id, 3600*24*30)
appSig := this.GetString("sig", "")
callback := this.GetString("callback", "")
if appSig != "" && callback != "" {
SaveSessionAttrs(u.Id, appSig, expired)
}
this.ServeDataJson(callback)
}
func (this *UserController) Query() {
query := strings.TrimSpace(this.GetString("query", ""))
query = strings.ToLower(query)
limit := this.MustGetInt("limit", 10)
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var users []User
QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email", "Phone")
isInLdap := false
for _, v := range users {
if strings.ToLower(v.Name) == query {
isInLdap = true
}
}
if isInLdap == false {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil && len(user_attributes) > 0 {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := ReadUserByName(query)
if u == nil {
// 说明用户不存在
u = &User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
Created: time.Now(),
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
users = append(users, *u)
}
}
this.Data["json"] = map[string]interface{}{"users": users}
this.ServeJSON()
}
}
var FilterTargetUser = func(ctx *context.Context) {
userName := ctx.Input.Query("name")
if userName == "" {
ctx.ResponseWriter.WriteHeader(403)
ctx.ResponseWriter.Write([]byte("Name is necessary"))
return
}
u := uic.ReadUserByName(userName)
if u == nil {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
userName,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["mobile"]
}
u = &uic.User{
Name: userName,