!1039 同步域架构

Merge pull request !1039 from 冰魄少年/next

Author: zuohuaijun

Admin.NET/Admin.NET.Core/Entity/SysLdap.cs

@@ -76,6 +76,13 @@ public class SysLdap : EntityTenant
     [Required]
     public virtual string BindAttrEmployeeId { get; set; } = "EmployeeId";
 
+    /// <summary>
+    /// 绑定Code属性值
+    /// </summary>
+    [SugarColumn(ColumnDescription = "绑定对象Code属性值", Length = 64)]
+    [Required]
+    public virtual string BindAttrCode { get; set; } = "objectGUID";
+
     /// <summary>
     /// 状态
     /// </summary>

Admin.NET/Admin.NET.Core/Entity/SysUserLdap.cs

@@ -36,4 +36,10 @@ public class SysUserLdap : EntityTenant
     /// </summary>
     [SugarColumn(ColumnDescription = "对应EmployeeId", Length = 32)]
     public string EmployeeId { get; set; }
+
+    /// <summary>
+    /// 组织代码
+    /// </summary>
+    [SugarColumn(ColumnDescription = "DeptCode", Length = 64)]
+    public string DeptCode { get; set; }
 }

Admin.NET/Admin.NET.Core/SeedData/SysMenuSeedData.cs

@@ -89,6 +89,7 @@ public IEnumerable<SysMenu> HasData()
             new SysMenu{ Id=1310000000195, Pid=1310000000191, Title="增加", Permission="sysLdap:add", Type=MenuTypeEnum.Btn, CreateTime=DateTime.Parse("2022-02-10 00:00:00"), OrderNo=130 },
             new SysMenu{ Id=1310000000196, Pid=1310000000191, Title="删除", Permission="sysLdap:delete", Type=MenuTypeEnum.Btn, CreateTime=DateTime.Parse("2022-02-10 00:00:00"), OrderNo=140 },
             new SysMenu{ Id=1310000000197, Pid=1310000000191, Title="同步域账户", Permission="sysLdap:syncUser", Type=MenuTypeEnum.Btn, CreateTime=DateTime.Parse("2022-02-10 00:00:00"), OrderNo=150 },
+            new SysMenu{ Id=1310000000198, Pid=1310000000191, Title="同步域组织", Permission="sysLdap:syncOrg", Type=MenuTypeEnum.Btn, CreateTime=DateTime.Parse("2022-02-10 00:00:00"), OrderNo=160 },
 
             new SysMenu{ Id=1310000000301, Pid=0, Title="平台管理", Path="/platform", Name="platform", Component="Layout", Icon="ele-Menu", Type=MenuTypeEnum.Dir, CreateTime=DateTime.Parse("2022-02-10 00:00:00"), OrderNo=11000 },
 

Admin.NET/Admin.NET.Core/Service/Auth/SysLdapService.cs

@@ -186,15 +186,13 @@ public async Task SyncUser(SyncSysLdapInput input)
                 }
 
                 var attrs = ldapEntry.GetAttributeSet();
+                string deptCode = GetDepartmentCode(attrs, sysLdap.BindAttrCode);
                 if (attrs.Count == 0 || attrs.ContainsKey("OU"))
-                    SearchDnLdapUser(ldapConn, sysLdap, userLdapList, ldapEntry.Dn);
+                    SearchDnLdapUser(ldapConn, sysLdap, userLdapList, ldapEntry.Dn, deptCode);
                 else
                 {
-                    var sysUserLdap = new SysUserLdap
-                    {
-                        Account = !attrs.ContainsKey(sysLdap.BindAttrAccount) ? null : attrs.GetAttribute(sysLdap.BindAttrAccount)?.StringValue,
-                        EmployeeId = !attrs.ContainsKey(sysLdap.BindAttrEmployeeId) ? null : attrs.GetAttribute(sysLdap.BindAttrEmployeeId)?.StringValue
-                    };
+                    var sysUserLdap = CreateSysUserLdap(attrs, sysLdap.BindAttrAccount, sysLdap.BindAttrEmployeeId, deptCode);
+
                     if (string.IsNullOrEmpty(sysUserLdap.EmployeeId)) continue;
                     userLdapList.Add(sysUserLdap);
                 }
@@ -219,16 +217,48 @@ public async Task SyncUser(SyncSysLdapInput input)
         }
     }
 
+    /// <summary>
+    /// 获取部门代码
+    /// </summary>
+    /// <param name="attrs"></param>
+    /// <param name="bindAttrCode"></param>
+    /// <returns></returns>
+    private static string GetDepartmentCode(LdapAttributeSet attrs, string bindAttrCode)
+    {
+        return bindAttrCode == "objectGUID"
+            ? new Guid(attrs.GetAttribute(bindAttrCode)?.ByteValue).ToString()
+            : attrs.GetAttribute(bindAttrCode)?.StringValue ?? "0";
+    }
+
+    /// <summary>
+    /// 创建同步对象
+    /// </summary>
+    /// <param name="attrs"></param>
+    /// <param name="bindAttrAccount"></param>
+    /// <param name="bindAttrEmployeeId"></param>
+    /// <param name="deptCode"></param>
+    /// <returns></returns>
+    private static SysUserLdap CreateSysUserLdap(LdapAttributeSet attrs, string bindAttrAccount, string bindAttrEmployeeId, string deptCode)
+    {
+        return new SysUserLdap
+        {
+            Account = !attrs.ContainsKey(bindAttrAccount) ? null : attrs.GetAttribute(bindAttrAccount)?.StringValue,
+            EmployeeId = !attrs.ContainsKey(bindAttrEmployeeId) ? null : attrs.GetAttribute(bindAttrEmployeeId)?.StringValue,
+            DeptCode = deptCode
+        };
+    }
+
     /// <summary>
     /// 遍历查询域用户
     /// </summary>
-    /// <param name="conn"></param>
-    /// <param name="ldap"></param>
+    /// <param name="ldapConn"></param>
+    /// <param name="sysLdap"></param>
     /// <param name="userLdapList"></param>
     /// <param name="baseDn"></param>
-    private static void SearchDnLdapUser(LdapConnection conn, SysLdap ldap, List<SysUserLdap> userLdapList, string baseDn)
+    /// <param name="deptCode"></param>
+    private static void SearchDnLdapUser(LdapConnection ldapConn, SysLdap sysLdap, List<SysUserLdap> userLdapList, string baseDn, string deptCode)
     {
-        var ldapSearchResults = conn.Search(baseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
+        var ldapSearchResults = ldapConn.Search(baseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
         while (ldapSearchResults.HasMore())
         {
             LdapEntry ldapEntry;
@@ -243,18 +273,131 @@ private static void SearchDnLdapUser(LdapConnection conn, SysLdap ldap, List<Sys
             }
 
             var attrs = ldapEntry.GetAttributeSet();
+            deptCode = GetDepartmentCode(attrs, sysLdap.BindAttrCode);
+
             if (attrs.Count == 0 || attrs.ContainsKey("OU"))
-                SearchDnLdapUser(conn, ldap, userLdapList, ldapEntry.Dn);
+                SearchDnLdapUser(ldapConn, sysLdap, userLdapList, ldapEntry.Dn, deptCode);
             else
             {
-                var sysUserLdap = new SysUserLdap
-                {
-                    Account = !attrs.ContainsKey(ldap.BindAttrAccount) ? null : attrs.GetAttribute(ldap.BindAttrAccount)?.StringValue,
-                    EmployeeId = !attrs.ContainsKey(ldap.BindAttrEmployeeId) ? null : attrs.GetAttribute(ldap.BindAttrEmployeeId)?.StringValue
-                };
+                var sysUserLdap = CreateSysUserLdap(attrs, sysLdap.BindAttrAccount, sysLdap.BindAttrEmployeeId, deptCode);
+
                 if (string.IsNullOrEmpty(sysUserLdap.EmployeeId)) continue;
                 userLdapList.Add(sysUserLdap);
             }
         }
     }
+
+    /// <summary>
+    /// 同步域组织 🔖
+    /// </summary>
+    /// <param name="input"></param>
+    /// <returns></returns>
+    [DisplayName("同步域组织")]
+    public async Task SyncDept(SyncSysLdapInput input)
+    {
+        var sysLdap = await _sysLdapRep.GetFirstAsync(u => u.Id == input.Id) ?? throw Oops.Oh(ErrorCodeEnum.D1002);
+        var ldapConn = new LdapConnection();
+        try
+        {
+            ldapConn.Connect(sysLdap.Host, sysLdap.Port);
+            ldapConn.Bind(sysLdap.Version, sysLdap.BindDn, sysLdap.BindPass);
+            var ldapSearchResults = ldapConn.Search(sysLdap.BaseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
+            var listOrgs = new List<SysOrg>();
+            while (ldapSearchResults.HasMore())
+            {
+                LdapEntry ldapEntry;
+                try
+                {
+                    ldapEntry = ldapSearchResults.Next();
+                    if (ldapEntry == null) continue;
+                }
+                catch (LdapException)
+                {
+                    continue;
+                }
+
+                var attrs = ldapEntry.GetAttributeSet();
+                if (attrs.Count == 0 || attrs.ContainsKey("OU"))
+                {
+                    var sysOrg = CreateSysOrg(attrs, sysLdap, listOrgs, new SysOrg { Id = 0, Level = 0 });
+                    listOrgs.Add(sysOrg);
+
+                    SearchDnLdapDept(ldapConn, sysLdap, listOrgs, ldapEntry.Dn, sysOrg);
+                }
+            }
+
+            if (listOrgs.Count == 0)
+                return;
+
+            await App.GetRequiredService<SysOrgService>().BatchAddOrgs(listOrgs);
+        }
+        catch (LdapException e)
+        {
+            throw e.ResultCode switch
+            {
+                LdapException.NoSuchObject or LdapException.NoSuchAttribute => Oops.Oh(ErrorCodeEnum.D0009),
+                _ => Oops.Oh(e.Message),
+            };
+        }
+        finally
+        {
+            ldapConn.Disconnect();
+        }
+    }
+
+    /// <summary>
+    /// 遍历查询域用户
+    /// </summary>
+    /// <param name="ldapConn"></param>
+    /// <param name="sysLdap"></param>
+    /// <param name="listOrgs"></param>
+    /// <param name="baseDn"></param>
+    /// <param name="org"></param>
+    private static void SearchDnLdapDept(LdapConnection ldapConn, SysLdap sysLdap, List<SysOrg> listOrgs, string baseDn, SysOrg org)
+    {
+        var ldapSearchResults = ldapConn.Search(baseDn, LdapConnection.ScopeOne, "(objectClass=*)", null, false);
+        while (ldapSearchResults.HasMore())
+        {
+            LdapEntry ldapEntry;
+            try
+            {
+                ldapEntry = ldapSearchResults.Next();
+                if (ldapEntry == null) continue;
+            }
+            catch (LdapException)
+            {
+                continue;
+            }
+
+            var attrs = ldapEntry.GetAttributeSet();
+            if (attrs.Count == 0 || attrs.ContainsKey("OU"))
+            {
+                var sysOrg = CreateSysOrg(attrs, sysLdap, listOrgs, org);
+                listOrgs.Add(sysOrg);
+
+                SearchDnLdapDept(ldapConn, sysLdap, listOrgs, ldapEntry.Dn, sysOrg);
+            }
+        }
+    }
+
+    /// <summary>
+    /// 创建架构对象
+    /// </summary>
+    /// <param name="attrs"></param>
+    /// <param name="sysLdap"></param>
+    /// <param name="listOrgs"></param>
+    /// <param name="org"></param>
+    /// <returns></returns>
+    private static SysOrg CreateSysOrg(LdapAttributeSet attrs, SysLdap sysLdap, List<SysOrg> listOrgs, SysOrg org)
+    {
+        return new SysOrg
+        {
+            Pid = org.Id,
+            Id = YitIdHelper.NextId(),
+            Code = !attrs.ContainsKey(sysLdap.BindAttrCode) ? null : new Guid(attrs.GetAttribute(sysLdap.BindAttrCode)?.ByteValue).ToString(),
+            Level = org.Level + 1,
+            Name = !attrs.ContainsKey(sysLdap.BindAttrAccount) ? null : attrs.GetAttribute(sysLdap.BindAttrAccount)?.StringValue,
+            OrderNo = listOrgs.Count + 1,
+        };
+    }
 }

Admin.NET/Admin.NET.Core/Service/Org/SysOrgService.cs

@@ -129,6 +129,19 @@ public async Task<long> AddOrg(AddOrgInput input)
         return newOrg.Id;
     }
 
+    /// <summary>
+    /// 批量增加机构
+    /// </summary>
+    /// <param name="list"></param>
+    /// <returns></returns>
+    [NonAction]
+    public async Task BatchAddOrgs(List<SysOrg> list)
+    {
+        DeleteAllUserOrgCache(0, 0);
+        await _sysOrgRep.AsDeleteable().ExecuteCommandAsync();
+        await _sysOrgRep.AsInsertable(list).ExecuteCommandAsync();
+    }
+
     /// <summary>
     /// 更新机构 🔖
     /// </summary>

Web/src/api-services/apis/sys-ldap-api.ts

@@ -319,6 +319,54 @@ export const SysLdapApiAxiosParamCreator = function (configuration?: Configurati
                 options: localVarRequestOptions,
             };
         },
+        /**
+         * 
+         * @summary 同步域组织 🔖
+         * @param {SyncSysLdapInput} [body] 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        apiSysLdapSyncOrgPost: async (body?: SyncSysLdapInput, options: AxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/api/sysLdap/syncOrg`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, 'https://example.com');
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions :AxiosRequestConfig = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication Bearer required
+            // http bearer authentication required
+            if (configuration && configuration.accessToken) {
+                const accessToken = typeof configuration.accessToken === 'function'
+                    ? await configuration.accessToken()
+                    : await configuration.accessToken;
+                localVarHeaderParameter["Authorization"] = "Bearer " + accessToken;
+            }
+
+            localVarHeaderParameter['Content-Type'] = 'application/json-patch+json';
+
+            const query = new URLSearchParams(localVarUrlObj.search);
+            for (const key in localVarQueryParameter) {
+                query.set(key, localVarQueryParameter[key]);
+            }
+            for (const key in options.params) {
+                query.set(key, options.params[key]);
+            }
+            localVarUrlObj.search = (new URLSearchParams(query)).toString();
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+            const needsSerialization = (typeof body !== "string") || localVarRequestOptions.headers['Content-Type'] === 'application/json';
+            localVarRequestOptions.data =  needsSerialization ? JSON.stringify(body !== undefined ? body : {}) : (body || "");
+
+            return {
+                url: localVarUrlObj.pathname + localVarUrlObj.search + localVarUrlObj.hash,
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * 
          * @summary 更新系统域登录配置 🔖
@@ -459,6 +507,20 @@ export const SysLdapApiFp = function(configuration?: Configuration) {
                 return axios.request(axiosRequestArgs);
             };
         },
+        /**
+         * 
+         * @summary 同步域组织 🔖
+         * @param {SyncSysLdapInput} [body] 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async apiSysLdapSyncOrgPost(body?: SyncSysLdapInput, options?: AxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => Promise<AxiosResponse<void>>> {
+            const localVarAxiosArgs = await SysLdapApiAxiosParamCreator(configuration).apiSysLdapSyncOrgPost(body, options);
+            return (axios: AxiosInstance = globalAxios, basePath: string = BASE_PATH) => {
+                const axiosRequestArgs :AxiosRequestConfig = {...localVarAxiosArgs.options, url: basePath + localVarAxiosArgs.url};
+                return axios.request(axiosRequestArgs);
+            };
+        },
         /**
          * 
          * @summary 更新系统域登录配置 🔖
@@ -541,6 +603,16 @@ export const SysLdapApiFactory = function (configuration?: Configuration, basePa
         async apiSysLdapSyncUserPost(body?: SyncSysLdapInput, options?: AxiosRequestConfig): Promise<AxiosResponse<void>> {
             return SysLdapApiFp(configuration).apiSysLdapSyncUserPost(body, options).then((request) => request(axios, basePath));
         },
+        /**
+         * 
+         * @summary 同步域组织 🔖
+         * @param {SyncSysLdapInput} [body] 
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async apiSysLdapSyncOrgPost(body?: SyncSysLdapInput, options?: AxiosRequestConfig): Promise<AxiosResponse<void>> {
+            return SysLdapApiFp(configuration).apiSysLdapSyncOrgPost(body, options).then((request) => request(axios, basePath));
+        },
         /**
          * 
          * @summary 更新系统域登录配置 🔖
@@ -626,6 +698,17 @@ export class SysLdapApi extends BaseAPI {
     public async apiSysLdapSyncUserPost(body?: SyncSysLdapInput, options?: AxiosRequestConfig) : Promise<AxiosResponse<void>> {
         return SysLdapApiFp(this.configuration).apiSysLdapSyncUserPost(body, options).then((request) => request(this.axios, this.basePath));
     }
+    /**
+     * 
+     * @summary 同步域组织 🔖
+     * @param {SyncSysLdapInput} [body] 
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof SysLdapApi
+     */
+    public async apiSysLdapSyncOrgPost(body?: SyncSysLdapInput, options?: AxiosRequestConfig) : Promise<AxiosResponse<void>> {
+        return SysLdapApiFp(this.configuration).apiSysLdapSyncOrgPost(body, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * 
      * @summary 更新系统域登录配置 🔖

Web/src/api-services/models/add-sys-ldap-input.ts

@@ -165,6 +165,14 @@ export interface AddSysLdapInput {
      */
     bindAttrEmployeeId: string;
 
+    /**
+     * 绑定Code属性值
+     *
+     * @type {string}
+     * @memberof AddSysLdapInput
+     */
+    bindAttrCode: string;
+
     /**
      * @type {StatusEnum}
      * @memberof AddSysLdapInput