From fa59db441861c921d2509b34495b2791063db4b3 Mon Sep 17 00:00:00 2001
From: shiziyuan9527 <yuhao.li@fit2cloud.com>
Date: Thu, 2 Jul 2020 15:51:26 +0800
Subject: [PATCH] =?UTF-8?q?LDAP=20=E6=B5=8B=E8=AF=95=E7=99=BB=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ldap/controller/LdapController.java       | 19 +++-
 .../metersphere/ldap/dao/PersonRepoImpl.java  |  7 +-
 .../settings/system/LdapSetting.vue           | 91 +++++++++++++++++--
 3 files changed, 105 insertions(+), 12 deletions(-)

diff --git a/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java b/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java
index 32c6ee15ed..e019e426ac 100644
--- a/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java
+++ b/backend/src/main/java/io/metersphere/ldap/controller/LdapController.java
@@ -1,11 +1,15 @@
 package io.metersphere.ldap.controller;
 
 import io.metersphere.base.domain.User;
+import io.metersphere.commons.constants.ParamConstants;
+import io.metersphere.commons.exception.MSException;
 import io.metersphere.controller.ResultHolder;
 import io.metersphere.controller.request.LoginRequest;
 import io.metersphere.ldap.service.LdapService;
 import io.metersphere.ldap.domain.LdapInfo;
+import io.metersphere.service.SystemParameterService;
 import io.metersphere.service.UserService;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.SecurityUtils;
 import org.springframework.web.bind.annotation.*;
 import javax.annotation.Resource;
@@ -18,9 +22,17 @@ public class LdapController {
     private UserService userService;
     @Resource
     private LdapService ldapService;
+    @Resource
+    private SystemParameterService systemParameterService;
 
     @PostMapping(value = "/signin")
     public ResultHolder login(@RequestBody LoginRequest request) {
+
+        String isOpen = systemParameterService.getValue(ParamConstants.LDAP.OPEN.getValue());
+        if (StringUtils.isBlank(isOpen) || StringUtils.equals(Boolean.FALSE.toString(), isOpen)) {
+            MSException.throwException("LDAP 认证未启用！");
+        }
+
         ldapService.authenticate(request);
 
         SecurityUtils.getSubject().getSession().setAttribute("authenticate", "ldap");
@@ -45,9 +57,14 @@ public class LdapController {
         return userService.login(request);
     }
 
-    @PostMapping("/connect")
+    @PostMapping("/test/connect")
     public void testConnect(@RequestBody LdapInfo ldapInfo) {
         ldapService.testConnect(ldapInfo);
     }
 
+    @PostMapping("/test/login")
+    public void testLogin(@RequestBody LoginRequest request) {
+        ldapService.authenticate(request);
+    }
+
 }
diff --git a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java
index 4ae370365b..a743b8f05b 100644
--- a/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java
+++ b/backend/src/main/java/io/metersphere/ldap/dao/PersonRepoImpl.java
@@ -105,9 +105,12 @@ public class PersonRepoImpl implements PersonRepo {
         String url = service.getValue(ParamConstants.LDAP.URL.getValue());
         String dn = service.getValue(ParamConstants.LDAP.DN.getValue());
         String ou = service.getValue(ParamConstants.LDAP.OU.getValue());
-        String credentials = EncryptUtils.aesDecrypt(service.getValue(ParamConstants.LDAP.PASSWORD.getValue())).toString();
+        String password = service.getValue(ParamConstants.LDAP.PASSWORD.getValue());
+
+        preConnect(url, dn, ou, password);
+
+        String credentials = EncryptUtils.aesDecrypt(password).toString();
 
-        preConnect(url, dn, ou, credentials);
 
         LdapContextSource sourceLdapCtx = new LdapContextSource();
         sourceLdapCtx.setUrl(url);
diff --git a/frontend/src/business/components/settings/system/LdapSetting.vue b/frontend/src/business/components/settings/system/LdapSetting.vue
index d4351df83a..4878ce91e8 100644
--- a/frontend/src/business/components/settings/system/LdapSetting.vue
+++ b/frontend/src/business/components/settings/system/LdapSetting.vue
@@ -27,33 +27,58 @@
 
       <div>
         <el-button type="primary" size="small" :disabled="!show" @click="testConnection">测试连接</el-button>
-        <el-button type="primary" size="small" :disabled="!show">测试登录</el-button>
+        <el-button type="primary" size="small" :disabled="!show" @click="testLogin">测试登录</el-button>
         <el-button v-if="showEdit" size="small" @click="edit">编辑</el-button>
         <el-button type="success" v-if="showSave" size="small" @click="save('form')">保存</el-button>
         <el-button type="info" v-if="showCancel" size="small" @click="cancel">取消</el-button>
       </div>
+
+      <el-dialog title="测试登录" :visible.sync="loginVisible" width="30%" destroy-on-close v-loading="result.loading">
+        <el-form :model="loginForm" :rules="loginFormRules" ref="loginForm" label-width="80px">
+          <el-form-item label="用户名" prop="username">
+            <el-input v-model="loginForm.username" autocomplete="off" placeholder="请输入用户名"/>
+          </el-form-item>
+          <el-form-item label="密码" prop="password" >
+            <el-input v-model="loginForm.password" autocomplete="new-password" placeholder="请输入密码" show-password/>
+          </el-form-item>
+        </el-form>
+        <span slot="footer">
+           <ms-dialog-footer
+             @cancel="loginVisible = false"
+             @confirm="login('loginForm')"/>
+        </span>
+      </el-dialog>
+
     </el-card>
   </div>
 </template>
 
 <script>
+  import MsDialogFooter from "../../common/components/MsDialogFooter";
   export default {
     name: "LdapSetting",
+    components: {
+      MsDialogFooter
+    },
     data() {
       return {
-        form: {
-          open: false
-        },
+        form: {open: false},
+        loginForm: {},
         result: {},
         show: true,
         showEdit: true,
         showSave: false,
         showCancel: false,
+        loginVisible: false,
         rules: {
-          url: {required: true, message: '请输入LDAP地址', trigger: ['change']},
-          dn: {required: true, message: '请输入DN', trigger: ['change']},
-          password: {required: true, message: '请输入密码', trigger: ['change']},
-          ou: {required: true, message: '请输入OU', trigger: ['change']},
+          url: {required: true, message: '请输入LDAP地址', trigger: ['change','blur']},
+          dn: {required: true, message: '请输入DN', trigger: ['change','blur']},
+          password: {required: true, message: '请输入密码', trigger: ['change','blur']},
+          ou: {required: true, message: '请输入OU', trigger: ['change','blur']},
+        },
+        loginFormRules: {
+          username: {required: true, message: '请输入用户名', trigger: 'blur'},
+          password: {required: true, message: '请输入密码', trigger: 'blur'}
         }
       }
     },
@@ -65,6 +90,9 @@
         this.result = this.$get("/system/ldap/info", response => {
           this.form = response.data;
           this.form.open = this.form.open === 'true' ? true : false;
+          this.$nextTick(() => {
+            this.$refs.form.clearValidate();
+          })
         })
       },
       edit() {
@@ -81,10 +109,44 @@
         this.init();
       },
       testConnection() {
-        this.result = this.$post("/ldap/connect", this.form, response => {
+        if (!this.checkParam()) {
+          return false;
+        }
+        this.result = this.$post("/ldap/test/connect", this.form, response => {
           this.$success("连接成功！")
         })
       },
+      testLogin() {
+        if (!this.checkParam()) {
+          return false;
+        }
+
+        if (!this.form.ou) {
+          this.$warning("LDAP OU不能为空！");
+          return false;
+        }
+
+        this.loginForm = {};
+        this.loginVisible = true;
+      },
+      checkParam() {
+        if (!this.form.url) {
+          this.$warning("LDAP 地址不能为空！");
+          return false;
+        }
+
+        if (!this.form.dn) {
+          this.$warning("LDAP DN不能为空！");
+          return false;
+        }
+
+        if (!this.form.password) {
+          this.$warning("LDAP 密码不能为空！");
+          return false;
+        }
+
+        return true;
+      },
       save(form) {
 
         let param = [
@@ -111,6 +173,17 @@
             return false;
           }
         })
+      },
+      login(form) {
+        this.$refs[form].validate(valid => {
+          if (valid) {
+            this.result = this.$post("/ldap/test/login", this.loginForm, response => {
+              this.$success("登录成功")
+            });
+          } else {
+            return false;
+          }
+        })
       }
     }
   }