Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix ldap sync dept code wrong #771

Closed
wants to merge 10 commits into from
Closed

Fix ldap sync dept code wrong #771

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
19ed849
v2.3.6 (#620)
wklken Sep 3, 2022
cd3d14b
Merge pull request #665 from TencentBlueKing/develop
wklken Sep 7, 2022
d89903d
Merge pull request #668 from TencentBlueKing/develop
wklken Sep 19, 2022
ce77e3e
Merge pull request #692 from TencentBlueKing/develop
wklken Sep 22, 2022
73e0dd1
Merge pull request #702 from TencentBlueKing/develop
wklken Sep 26, 2022
05917c2
Merge pull request #712 from TencentBlueKing/develop
wklken Oct 9, 2022
b86019d
Merge pull request #751 from TencentBlueKing/develop
wklken Oct 24, 2022
1ad9537
Merge pull request #766 from TencentBlueKing/develop
wklken Oct 27, 2022
b864a43
fix(ldap/sync): department code use full_name wrong
wklken Nov 1, 2022
dfaf3a1
Merge remote-tracking branch 'upstream/develop' into fix_ldap_sync_de…
wklken Nov 1, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 20 additions & 2 deletions src/api/bkuser_core/categories/plugins/ldap/helper.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,13 @@
an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
specific language governing permissions and limitations under the License.
"""
import hashlib
import logging
from dataclasses import dataclass
from typing import Dict, List, Optional, Type

from django.db.models import Model
from django.utils.encoding import force_bytes
from django.utils.functional import cached_property
from django.utils.translation import gettext_lazy as _
from rest_framework.exceptions import ValidationError
Expand Down Expand Up @@ -101,13 +103,29 @@ def _handle_department(self, dept_info: LdapDepartment) -> Optional[Department]:
def _insert_dept(self, dept_info: LdapDepartment, defaults: Dict) -> Department:
# BUG: here, use dept_info.key_field to get dept -> it's full_name, not the code
# the defaults["code"] is the not the `code`, it's the full_name

# code_hash = sha256(目录:full_name
# 1. 解决多个目录存在相同full_name的情况
# 2. 解决full_name超长截断冲突问题
code_hash = hashlib.sha256(force_bytes(f"{self.category.pk}:{dept_info.key_field}")).hexdigest()

# 判定 code_hash 是否存在, 是的话直接返回
dept2: Department = self.db_sync_manager.magic_get(code_hash, LdapDepartmentMeta)
if dept2:
return dept2

# 如果发现老的, 直接更新其 code=code_hash
dept: Department = self.db_sync_manager.magic_get(dept_info.key_field, LdapDepartmentMeta)
if dept:
# Question: here update the code to real code, without magic_add, will not saved into db?
if dept_info.code and dept.code != dept_info.code:
dept.code = dept_info.code
# if dept_info.code and dept.code != dept_info.code:
# dept.code = dept_info.code
if dept_info.code and dept_info.code != code_hash:
dept.code = code_hash
return dept

# 无论是新的老的, 都更新 code_hash
defaults["code"] = code_hash
# NOTE: 如果full_name在 db 里面已经有了, 这里是判断不出来的, 因为self.db_departments是当前category的集合, 不是全局的
# 但是code字段是 db unique字段
if dept_info.key_field in self.db_departments:
Expand Down