Пример #1
0
func (this *UserController) About() {
	name := this.Ctx.Input.Param(":name")
	var u *User
	if !g.Config().Ldap.Enabled {
		u = ReadUserByName(name)
	} else {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u = &User{
				Name:    name,
				Passwd:  "",
				Cnname:  userSn,
				Phone:   userTel,
				Email:   userMail,
				Created: time.Now(),
			}

			udb := ReadUserByName(name)
			if udb != nil {
				u.QQ = udb.QQ
				u.IM = udb.IM
			}
		}
	}

	if u == nil {
		this.NotFound("no such user")
		return
	}

	this.Data["User"] = u
	this.TplName = "user/about.html"
}
Пример #2
0
func (this *UserController) Users() {
	query := strings.TrimSpace(this.GetString("query", ""))
	if utils.HasDangerousCharacters(query) {
		this.ServeErrJson("query is invalid")
		return
	}

	var us []User
	var total int64
	per := this.MustGetInt("per", 20)
	var pager *web.Paginator

	if !g.Config().Ldap.Enabled {
		users := QueryUsers(query)
		total, err := users.Count()
		if err != nil {
			this.ServeErrJson("occur error " + err.Error())
			return
		}

		pager = this.SetPaginator(per, total)
		users = users.Limit(per, pager.Offset())

		_, err = users.All(&us)
		if err != nil {
			this.ServeErrJson("occur error " + err.Error())
			return
		}
	} else {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			query,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u := User{
				Name:   query,
				Passwd: "",
				Cnname: userSn,
				Phone:  userTel,
				Email:  userMail,
			}
			total = 1

			//查询此用户的role
			obj := ReadUserByName(query)
			if obj != nil {
				u.Role = obj.Role
				u.QQ = obj.QQ
				u.IM = obj.IM
			}
			us = append(us, u)
		}
		pager = this.SetPaginator(per, total)
	}

	me := this.Ctx.Input.GetData("CurrentUser").(*User)
	this.Data["Users"] = us
	this.Data["Query"] = query
	this.Data["Me"] = me
	this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
	this.TplName = "user/list.html"
}
Пример #3
0
func (this *AuthController) LoginPost() {
	name := this.GetString("name", "")
	password := this.GetString("password", "")
	//qtyep := this.GetString("type","page")

	if name == "" || password == "" {
		this.ServeErrJson("name or password is blank")
		return
	}

	var u *User

	ldapEnabled := this.MustGetBool("ldap", false)

	if ldapEnabled && name != "root" {
		sucess, err := utils.LdapBind(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			password)
		if err != nil {
			this.ServeErrJson(err.Error())
			return
		}

		if !sucess {
			this.ServeErrJson("name or password error")
			return
		}

		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]
		}

		arr := strings.Split(name, "@")
		var userName, userEmail string
		if len(arr) == 2 {
			userName = arr[0]
			userEmail = name
		} else {
			userName = name
			userEmail = userMail
		}

		u = ReadUserByName(userName)
		if u == nil {
			// 说明用户不存在
			u = &User{
				Name:    userName,
				Passwd:  "",
				Cnname:  userSn,
				Phone:   userTel,
				Email:   userEmail,
				Created: time.Now(),
			}
			_, err = u.Save()
			if err != nil {
				this.ServeErrJson("insert user fail " + err.Error())
				return
			}
		}
	} else {
		u = ReadUserByName(name)
		if u == nil {
			this.ServeErrJson("no such user")
			return
		}

		if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
			this.ServeErrJson("password error")
			return
		}
	}

	expired := this.CreateSession(u.Id, 3600*24*30)

	appSig := this.GetString("sig", "")
	callback := this.GetString("callback", "")
	if appSig != "" && callback != "" {
		SaveSessionAttrs(u.Id, appSig, expired)
	}

	this.ServeDataJson(callback)
}
Пример #4
0
func (this *UserController) Query() {
	query := strings.TrimSpace(this.GetString("query", ""))
	query = strings.ToLower(query)
	limit := this.MustGetInt("limit", 10)

	if utils.HasDangerousCharacters(query) {
		this.ServeErrJson("query is invalid")
		return
	}

	var users []User
	QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email", "Phone")

	isInLdap := false
	for _, v := range users {
		if strings.ToLower(v.Name) == query {
			isInLdap = true
		}
	}

	if isInLdap == false {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			query,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil && len(user_attributes) > 0 {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u := ReadUserByName(query)
			if u == nil {
				// 说明用户不存在
				u = &User{
					Name:    query,
					Passwd:  "",
					Cnname:  userSn,
					Phone:   userTel,
					Email:   userMail,
					Created: time.Now(),
				}
				_, err = u.Save()
				if err != nil {
					this.ServeErrJson("insert user fail " + err.Error())
					return
				}
			}

			users = append(users, *u)
		}
	}

	this.Data["json"] = map[string]interface{}{"users": users}
	this.ServeJSON()
}
Пример #5
0
}

var FilterTargetUser = func(ctx *context.Context) {
	userName := ctx.Input.Query("name")
	if userName == "" {
		ctx.ResponseWriter.WriteHeader(403)
		ctx.ResponseWriter.Write([]byte("Name is necessary"))
		return
	}

	u := uic.ReadUserByName(userName)
	if u == nil {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			userName,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""

		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["mobile"]
		}

		u = &uic.User{
			Name:   userName,