You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
148 lines
6.0 KiB
148 lines
6.0 KiB
<?php
|
|
namespace Api\Controller;
|
|
use Think\Controller;
|
|
class AdminSettingController extends BaseController {
|
|
|
|
//保存配置
|
|
public function saveConfig(){
|
|
$login_user = $this->checkLogin();
|
|
$this->checkAdmin();
|
|
$register_open = intval(I("register_open")) ;
|
|
$ldap_open = intval(I("ldap_open")) ;
|
|
$oss_open = intval(I("oss_open")) ;
|
|
$home_page = intval(I("home_page")) ;
|
|
$home_item = intval(I("home_item")) ;
|
|
$ldap_form = I("ldap_form") ;
|
|
$oss_setting = I("oss_setting") ;
|
|
D("Options")->set("register_open" ,$register_open) ;
|
|
D("Options")->set("home_page" ,$home_page) ;
|
|
D("Options")->set("home_item" ,$home_item) ;
|
|
|
|
|
|
if ($ldap_open) {
|
|
if (!$ldap_form['user_field']) {
|
|
$ldap_form['user_field'] = 'cn';
|
|
}
|
|
if( !extension_loaded( 'ldap' ) ) {
|
|
$this->sendError(10011,"你尚未安装php-ldap扩展。如果是普通PHP环境,请手动安装之。如果是使用之前官方docker镜像,则需要重新安装镜像。方法是:备份 /showdoc_data 整个目录,然后全新安装showdoc,接着用备份覆盖/showdoc_data 。然后递归赋予777可写权限。");
|
|
return ;
|
|
}
|
|
|
|
$ldap_conn = ldap_connect($ldap_form['host'], $ldap_form['port']);//建立与 LDAP 服务器的连接
|
|
if (!$ldap_conn) {
|
|
$this->sendError(10011,"Can't connect to LDAP server");
|
|
return ;
|
|
}
|
|
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $ldap_form['version']);
|
|
$rs=ldap_bind($ldap_conn, $ldap_form['bind_dn'], $ldap_form['bind_password']);//与服务器绑定 用户登录验证 成功返回1
|
|
if (!$rs) {
|
|
$this->sendError(10011,"Can't bind to LDAP server");
|
|
return ;
|
|
}
|
|
|
|
$result = ldap_search($ldap_conn,$ldap_form['base_dn'],"(cn=*)");
|
|
$data = ldap_get_entries($ldap_conn, $result);
|
|
|
|
for ($i=0; $i<$data["count"]; $i++) {
|
|
$ldap_user = $data[$i][$ldap_form['user_field']][0] ;
|
|
if (!$ldap_user) {
|
|
continue ;
|
|
}
|
|
//如果该用户不在数据库里,则帮助其注册
|
|
if(!D("User")->isExist($ldap_user)){
|
|
D("User")->register($ldap_user,$ldap_user.time());
|
|
}
|
|
}
|
|
D("Options")->set("ldap_form" , json_encode( $ldap_form)) ;
|
|
}
|
|
D("Options")->set("ldap_open" ,$ldap_open) ;
|
|
|
|
if ($oss_open) {
|
|
D("Options")->set("oss_setting" , json_encode( $oss_setting)) ;
|
|
}
|
|
D("Options")->set("oss_open" ,$oss_open) ;
|
|
|
|
$this->sendResult(array());
|
|
|
|
}
|
|
|
|
//加载配置
|
|
public function loadConfig(){
|
|
$login_user = $this->checkLogin();
|
|
$this->checkAdmin();
|
|
$ldap_open = D("Options")->get("ldap_open" ) ;
|
|
$oss_open = D("Options")->get("oss_open" ) ;
|
|
$register_open = D("Options")->get("register_open" ) ;
|
|
$ldap_form = D("Options")->get("ldap_form" ) ;
|
|
$oss_setting = D("Options")->get("oss_setting" ) ;
|
|
$home_page = D("Options")->get("home_page" ) ;
|
|
$home_item = D("Options")->get("home_item" ) ;
|
|
$ldap_form = json_decode($ldap_form,1);
|
|
$oss_setting = json_decode($oss_setting,1);
|
|
|
|
//如果强等于false,那就是尚未有数据。关闭注册应该是有数据且数据为字符串0
|
|
if ($register_open === false) {
|
|
$this->sendResult(array());
|
|
}else{
|
|
$array = array(
|
|
"ldap_open"=>$ldap_open ,
|
|
"oss_open"=>$oss_open ,
|
|
"register_open"=>$register_open ,
|
|
"home_page"=>$home_page ,
|
|
"home_item"=>$home_item ,
|
|
"ldap_form"=>$ldap_form ,
|
|
"oss_setting"=>$oss_setting ,
|
|
);
|
|
$this->sendResult($array);
|
|
}
|
|
|
|
}
|
|
|
|
public function checkLdapLogin(){
|
|
$username = 'admin';
|
|
$password = '123456';
|
|
|
|
$ldap_open = D("Options")->get("ldap_open" ) ;
|
|
$ldap_form = D("Options")->get("ldap_form" ) ;
|
|
$ldap_form = json_decode($ldap_form,1);
|
|
if (!$ldap_open) {
|
|
return ;
|
|
}
|
|
if (!$ldap_form['user_field']) {
|
|
$ldap_form['user_field'] = 'cn';
|
|
}
|
|
$ldap_conn = ldap_connect($ldap_form['host'], $ldap_form['port']);//建立与 LDAP 服务器的连接
|
|
if (!$ldap_conn) {
|
|
$this->sendError(10011,"Can't connect to LDAP server");
|
|
return ;
|
|
}
|
|
ldap_set_option($ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $ldap_form['version']);
|
|
$rs=ldap_bind($ldap_conn, $ldap_form['bind_dn'], $ldap_form['bind_password']);//与服务器绑定 用户登录验证 成功返回1
|
|
if (!$rs) {
|
|
$this->sendError(10011,"Can't bind to LDAP server");
|
|
return ;
|
|
}
|
|
|
|
$result = ldap_search($ldap_conn,$ldap_form['base_dn'],"(cn=*)");
|
|
$data = ldap_get_entries($ldap_conn, $result);
|
|
for ($i=0; $i<$data["count"]; $i++) {
|
|
$ldap_user = $data[$i][$ldap_form['user_field']][0] ;
|
|
$dn = $data[$i]["dn"] ;
|
|
if ($ldap_user == $username) {
|
|
//如果该用户不在数据库里,则帮助其注册
|
|
$userInfo = D("User")->isExist($username) ;
|
|
if(!$userInfo){
|
|
D("User")->register($ldap_user,$ldap_user.time());
|
|
}
|
|
$rs2=ldap_bind($ldap_conn, $dn , $password);
|
|
if ($rs2) {
|
|
D("User")->updatePwd($userInfo['uid'], $password);
|
|
$this->sendResult(array());
|
|
return ;
|
|
}
|
|
}
|
|
}
|
|
$this->sendError(10011,"用户名或者密码错误");
|
|
}
|
|
|
|
}
|