mindoc/models/member.go

444 lines
12 KiB
Go
Raw Normal View History

2017-04-20 18:19:32 +08:00
// Package models .
package models
2017-04-21 18:20:35 +08:00
import (
2017-05-03 14:22:05 +08:00
"errors"
2017-05-24 20:31:58 +08:00
"fmt"
2017-05-03 14:22:05 +08:00
"regexp"
"strings"
2017-05-24 20:31:58 +08:00
"time"
ldap "gopkg.in/ldap.v2"
"github.com/astaxie/beego"
"github.com/astaxie/beego/logs"
"github.com/astaxie/beego/orm"
2017-06-14 09:23:29 +08:00
"github.com/lifei6671/mindoc/conf"
"github.com/lifei6671/mindoc/utils"
"math"
2017-04-21 18:20:35 +08:00
)
2017-04-20 18:19:32 +08:00
type Member struct {
2017-05-24 20:31:58 +08:00
MemberId int `orm:"pk;auto;unique;column(member_id)" json:"member_id"`
Account string `orm:"size(100);unique;column(account)" json:"account"`
RealName string `orm:"size(255);column(real_name)" json:"real_name"`
2017-05-24 20:31:58 +08:00
Password string `orm:"size(1000);column(password)" json:"-"`
//认证方式: local 本地数据库 /ldap LDAP
AuthMethod string `orm:"column(auth_method);default(local);size(50);" json:"auth_method"`
2017-05-24 20:31:58 +08:00
Description string `orm:"column(description);size(2000)" json:"description"`
Email string `orm:"size(100);column(email);unique" json:"email"`
Phone string `orm:"size(255);column(phone);null;default(null)" json:"phone"`
Avatar string `orm:"size(1000);column(avatar)" json:"avatar"`
//用户角色0 超级管理员 /1 管理员/ 2 普通用户 .
2017-05-24 20:31:58 +08:00
Role int `orm:"column(role);type(int);default(1);index" json:"role"`
RoleName string `orm:"-" json:"role_name"`
Status int `orm:"column(status);type(int);default(0)" json:"status"` //用户状态0 正常/1 禁用
CreateTime time.Time `orm:"type(datetime);column(create_time);auto_now_add" json:"create_time"`
CreateAt int `orm:"type(int);column(create_at)" json:"create_at"`
LastLoginTime time.Time `orm:"type(datetime);column(last_login_time);null" json:"last_login_time"`
2017-04-21 18:20:35 +08:00
}
// TableName 获取对应数据库表名.
func (m *Member) TableName() string {
return "members"
}
2017-05-24 20:31:58 +08:00
2017-04-21 18:20:35 +08:00
// TableEngine 获取数据使用的引擎.
func (m *Member) TableEngine() string {
return "INNODB"
}
2017-05-24 20:31:58 +08:00
func (m *Member) TableNameWithPrefix() string {
return conf.GetDatabasePrefix() + m.TableName()
2017-04-22 17:24:17 +08:00
}
2017-04-21 18:20:35 +08:00
func NewMember() *Member {
return &Member{}
}
// Login 用户登录.
2017-05-24 20:31:58 +08:00
func (m *Member) Login(account string, password string) (*Member, error) {
2017-04-21 18:20:35 +08:00
o := orm.NewOrm()
member := &Member{}
2017-05-24 20:31:58 +08:00
err := o.QueryTable(m.TableNameWithPrefix()).Filter("account", account).Filter("status", 0).One(member)
2017-04-21 18:20:35 +08:00
if err != nil {
2017-05-24 20:31:58 +08:00
if beego.AppConfig.DefaultBool("ldap_enable", false) == true {
logs.Info("转入LDAP登陆")
return member.ldapLogin(account, password)
} else {
logs.Error("用户登录 => ", err)
return member, ErrMemberNoExist
}
}
switch member.AuthMethod {
case "":
2017-05-24 20:31:58 +08:00
case "local":
ok, err := utils.PasswordVerify(member.Password, password)
if ok && err == nil {
m.ResolveRoleName()
return member, nil
}
case "ldap":
return member.ldapLogin(account, password)
default:
return member, ErrMemberAuthMethodInvalid
2017-04-21 18:20:35 +08:00
}
2017-05-24 20:31:58 +08:00
return member, ErrorMemberPasswordError
}
2017-04-21 18:20:35 +08:00
2017-05-24 20:31:58 +08:00
//ldapLogin 通过LDAP登陆
func (m *Member) ldapLogin(account string, password string) (*Member, error) {
if beego.AppConfig.DefaultBool("ldap_enable", false) == false {
return m, ErrMemberAuthMethodInvalid
}
var err error
lc, err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", beego.AppConfig.String("ldap_host"), beego.AppConfig.DefaultInt("ldap_port", 3268)))
if err != nil {
return m, ErrLDAPConnect
}
defer lc.Close()
err = lc.Bind(beego.AppConfig.String("ldap_user"), beego.AppConfig.String("ldap_password"))
if err != nil {
return m, ErrLDAPFirstBind
}
searchRequest := ldap.NewSearchRequest(
beego.AppConfig.String("ldap_base"),
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
//修改objectClass通过配置文件获取值
fmt.Sprintf("(&(%s)(%s=%s))", beego.AppConfig.String("ldap_filter"), beego.AppConfig.String("ldap_attribute"), account),
2017-05-24 20:31:58 +08:00
[]string{"dn", "mail"},
nil,
)
searchResult, err := lc.Search(searchRequest)
if err != nil {
return m, ErrLDAPSearch
}
if len(searchResult.Entries) != 1 {
return m, ErrLDAPUserNotFoundOrTooMany
}
userdn := searchResult.Entries[0].DN
err = lc.Bind(userdn, password)
if err != nil {
return m, ErrorMemberPasswordError
}
if m.Account == "" {
m.Account = account
m.Email = searchResult.Entries[0].GetAttributeValue("mail")
m.AuthMethod = "ldap"
m.Avatar = "/static/images/headimgurl.jpg"
m.Role = beego.AppConfig.DefaultInt("ldap_user_role", 2)
2017-05-25 15:19:17 +08:00
m.CreateTime = time.Now()
2017-05-24 20:31:58 +08:00
err = m.Add()
if err != nil {
logs.Error("自动注册LDAP用户错误", err)
return m, ErrorMemberPasswordError
}
m.ResolveRoleName()
2017-04-21 18:20:35 +08:00
}
2017-05-24 20:31:58 +08:00
return m, nil
2017-04-20 18:19:32 +08:00
}
2017-04-21 18:20:35 +08:00
// Add 添加一个用户.
2017-05-24 20:31:58 +08:00
func (m *Member) Add() error {
2017-04-21 18:20:35 +08:00
o := orm.NewOrm()
2017-05-24 20:31:58 +08:00
if ok, err := regexp.MatchString(conf.RegexpAccount, m.Account); m.Account == "" || !ok || err != nil {
2017-05-03 14:22:05 +08:00
return errors.New("账号只能由英文字母数字组成且在3-50个字符")
}
if m.Email == "" {
return errors.New("邮箱不能为空")
}
2017-05-24 20:31:58 +08:00
if ok, err := regexp.MatchString(conf.RegexpEmail, m.Email); !ok || err != nil || m.Email == "" {
2017-05-03 14:22:05 +08:00
return errors.New("邮箱格式不正确")
}
2017-05-24 20:31:58 +08:00
if m.AuthMethod == "local" {
if l := strings.Count(m.Password, ""); l < 6 || l >= 50 {
return errors.New("密码不能为空且必须在6-50个字符之间")
}
2017-05-03 14:22:05 +08:00
}
2017-05-24 20:31:58 +08:00
if c, err := o.QueryTable(m.TableNameWithPrefix()).Filter("email", m.Email).Count(); err == nil && c > 0 {
return errors.New("邮箱已被使用")
2017-05-03 14:22:05 +08:00
}
2017-05-24 20:31:58 +08:00
hash, err := utils.PasswordHash(m.Password)
2017-04-21 18:20:35 +08:00
2017-05-24 20:31:58 +08:00
if err != nil {
beego.Error("加密用户密码失败 =>",err)
return errors.New("加密用户密码失败")
2017-04-21 18:20:35 +08:00
}
m.Password = hash
if m.AuthMethod == "" {
m.AuthMethod = "local"
}
2017-05-24 20:31:58 +08:00
_, err = o.Insert(m)
2017-04-21 18:20:35 +08:00
if err != nil {
beego.Error("保存用户数据到数据时失败 =>",err)
return errors.New("保存用户失败")
2017-04-21 18:20:35 +08:00
}
m.ResolveRoleName()
2017-05-24 20:31:58 +08:00
return nil
2017-04-21 18:20:35 +08:00
}
// Update 更新用户信息.
2017-05-24 20:31:58 +08:00
func (m *Member) Update(cols ...string) error {
2017-04-21 18:20:35 +08:00
o := orm.NewOrm()
2017-05-03 14:22:05 +08:00
if m.Email == "" {
return errors.New("邮箱不能为空")
}
if c, err := o.QueryTable(m.TableNameWithPrefix()).Filter("email", m.Email).Exclude("member_id",m.MemberId).Count(); err == nil && c > 0 {
return errors.New("邮箱已被使用")
}
2017-05-24 20:31:58 +08:00
if _, err := o.Update(m, cols...); err != nil {
beego.Error("保存用户信息失败=>",err)
return errors.New("保存用户信息失败")
2017-04-21 18:20:35 +08:00
}
return nil
}
2017-05-24 20:31:58 +08:00
func (m *Member) Find(id int) (*Member, error) {
2017-04-21 18:20:35 +08:00
o := orm.NewOrm()
m.MemberId = id
if err := o.Read(m); err != nil {
2017-05-24 20:31:58 +08:00
return m, err
2017-04-21 18:20:35 +08:00
}
m.ResolveRoleName()
2017-05-24 20:31:58 +08:00
return m, nil
2017-04-25 20:05:59 +08:00
}
2017-05-24 20:31:58 +08:00
func (m *Member) ResolveRoleName() {
if m.Role == conf.MemberSuperRole {
m.RoleName = "超级管理员"
2017-05-24 20:31:58 +08:00
} else if m.Role == conf.MemberAdminRole {
m.RoleName = "管理员"
2017-05-24 20:31:58 +08:00
} else if m.Role == conf.MemberGeneralRole {
m.RoleName = "普通用户"
}
2017-04-22 17:24:17 +08:00
}
//根据账号查找用户.
2017-05-24 20:31:58 +08:00
func (m *Member) FindByAccount(account string) (*Member, error) {
2017-04-22 17:24:17 +08:00
o := orm.NewOrm()
2017-05-24 20:31:58 +08:00
err := o.QueryTable(m.TableNameWithPrefix()).Filter("account", account).One(m)
2017-04-22 17:24:17 +08:00
if err == nil {
2017-04-25 20:05:59 +08:00
m.ResolveRoleName()
}
2017-05-24 20:31:58 +08:00
return m, err
2017-04-22 17:24:17 +08:00
}
//批量查询用户
func (m *Member) FindByAccountList(accounts ...string) ([]*Member,error) {
o := orm.NewOrm()
var members []*Member
_,err := o.QueryTable(m.TableNameWithPrefix()).Filter("account__in", accounts).All(&members)
if err == nil {
for _,item := range members {
item.ResolveRoleName()
}
}
return members, err
}
2017-04-22 17:24:17 +08:00
//分页查找用户.
2018-01-26 18:07:55 +08:00
func (m *Member) FindToPager(pageIndex, pageSize int) ([]*Member, int, error) {
2017-04-23 12:48:46 +08:00
o := orm.NewOrm()
var members []*Member
2017-04-23 12:48:46 +08:00
offset := (pageIndex - 1) * pageSize
2017-05-24 20:31:58 +08:00
totalCount, err := o.QueryTable(m.TableNameWithPrefix()).Count()
2017-04-23 12:48:46 +08:00
if err != nil {
2017-05-24 20:31:58 +08:00
return members, 0, err
2017-04-23 12:48:46 +08:00
}
2017-05-24 20:31:58 +08:00
_, err = o.QueryTable(m.TableNameWithPrefix()).OrderBy("-member_id").Offset(offset).Limit(pageSize).All(&members)
2017-04-23 12:48:46 +08:00
if err != nil {
2017-05-24 20:31:58 +08:00
return members, 0, err
2017-04-23 12:48:46 +08:00
}
2017-04-22 17:24:17 +08:00
2017-05-24 20:31:58 +08:00
for _, m := range members {
m.ResolveRoleName()
}
2018-01-26 18:07:55 +08:00
return members, int(totalCount), nil
2017-04-23 12:48:46 +08:00
}
2017-04-22 17:24:17 +08:00
func (c *Member) IsAdministrator() bool {
2017-05-24 20:31:58 +08:00
if c == nil || c.MemberId <= 0 {
return false
}
return c.Role == 0 || c.Role == 1
}
//根据指定字段查找用户.
2017-05-24 20:31:58 +08:00
func (m *Member) FindByFieldFirst(field string, value interface{}) (*Member, error) {
2017-05-03 14:22:05 +08:00
o := orm.NewOrm()
2017-05-24 20:31:58 +08:00
err := o.QueryTable(m.TableNameWithPrefix()).Filter(field, value).OrderBy("-member_id").One(m)
2017-05-24 20:31:58 +08:00
return m, err
2017-05-03 14:22:05 +08:00
}
//校验用户.
func (m *Member) Valid(is_hash_password bool) error {
//邮箱不能为空
if m.Email == "" {
return ErrMemberEmailEmpty
}
//用户描述必须小于500字
if strings.Count(m.Description, "") > 500 {
return ErrMemberDescriptionTooLong
}
2017-05-26 14:19:27 +08:00
if m.Role != conf.MemberGeneralRole && m.Role != conf.MemberSuperRole && m.Role != conf.MemberAdminRole {
return ErrMemberRoleError
}
if m.Status != 0 && m.Status != 1 {
m.Status = 0
}
//邮箱格式校验
if ok, err := regexp.MatchString(conf.RegexpEmail, m.Email); !ok || err != nil || m.Email == "" {
return ErrMemberEmailFormatError
}
//如果是未加密密码,需要校验密码格式
if !is_hash_password {
if l := strings.Count(m.Password, ""); m.Password == "" || l > 50 || l < 6 {
return ErrMemberPasswordFormatError
}
}
//校验邮箱是否呗使用
if member, err := NewMember().FindByFieldFirst("email", m.Account); err == nil && member.MemberId > 0 {
if m.MemberId > 0 && m.MemberId != member.MemberId {
return ErrMemberEmailExist
}
if m.MemberId <= 0 {
return ErrMemberEmailExist
}
}
2017-05-26 14:19:27 +08:00
if m.MemberId > 0 {
//校验用户是否存在
if _, err := NewMember().Find(m.MemberId); err != nil {
return err
}
} else {
//校验账号格式是否正确
if ok, err := regexp.MatchString(conf.RegexpAccount, m.Account); m.Account == "" || !ok || err != nil {
return ErrMemberAccountFormatError
}
//校验账号是否被使用
if member, err := NewMember().FindByAccount(m.Account); err == nil && member.MemberId > 0 {
return ErrMemberExist
}
}
return nil
}
//删除一个用户.
func (m *Member) Delete(oldId int, newId int) error {
o := orm.NewOrm()
err := o.Begin()
if err != nil {
return err
}
_, err = o.Raw("DELETE FROM md_members WHERE member_id = ?", oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_attachment SET `create_at` = ? WHERE `create_at` = ?", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_books SET member_id = ? WHERE member_id = ?", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_document_history SET member_id=? WHERE member_id = ?", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_document_history SET modify_at=? WHERE modify_at = ?", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_documents SET member_id = ? WHERE member_id = ?;", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
_, err = o.Raw("UPDATE md_documents SET modify_at = ? WHERE modify_at = ?", newId, oldId).Exec()
if err != nil {
o.Rollback()
return err
}
2017-07-10 16:23:15 +08:00
//_,err = o.Raw("UPDATE md_relationship SET member_id = ? WHERE member_id = ?",newId,oldId).Exec()
//if err != nil {
//
// if err != nil {
// o.Rollback()
// return err
// }
//}
var relationship_list []*Relationship
_, err = o.QueryTable(NewRelationship().TableNameWithPrefix()).Filter("member_id", oldId).Limit(math.MaxInt32).All(&relationship_list)
2017-07-10 16:23:15 +08:00
if err == nil {
for _, relationship := range relationship_list {
2017-07-10 16:59:49 +08:00
//如果存在创始人,则删除
if relationship.RoleId == 0 {
rel := NewRelationship()
err = o.QueryTable(relationship.TableNameWithPrefix()).Filter("book_id", relationship.BookId).Filter("member_id", newId).One(rel)
2017-07-10 16:59:49 +08:00
if err == nil {
if _, err := o.Delete(relationship); err != nil {
2017-07-10 16:59:49 +08:00
beego.Error(err)
}
relationship.RelationshipId = rel.RelationshipId
}
2017-07-10 16:23:15 +08:00
relationship.MemberId = newId
2017-07-10 16:59:49 +08:00
relationship.RoleId = 0
if _, err := o.Update(relationship); err != nil {
2017-07-10 16:59:49 +08:00
beego.Error(err)
}
} else {
if _, err := o.Delete(relationship); err != nil {
2017-07-10 16:59:49 +08:00
beego.Error(err)
}
2017-07-10 16:23:15 +08:00
}
}
}
2017-07-10 16:23:15 +08:00
if err = o.Commit(); err != nil {
o.Rollback()
return err
}
return nil
}