修改LDAP认证的名词,避免产生歧义

2022-07-07 10:01:23 +08:00 · 2022-07-07 10:01:23 +08:00 · ecb5094780
parent 5c41367383
commit ecb5094780
2 changed files with 22 additions and 22 deletions
--- a/server/dbdata/userauth_ldap.go
+++ b/server/dbdata/userauth_ldap.go
@ -39,19 +39,19 @@ func (auth AuthLdap) checkData(authData map[string]interface{}) error {
 		return errors.New("LDAP的服务器地址(含端口)填写有误")
 	}
 	if auth.BindName == "" {
-		return errors.New("LDAP的用户查询账号不能为空")
+		return errors.New("LDAP的管理员账号不能为空")
 	}
 	if auth.BindPwd == "" {
-		return errors.New("LDAP的用户查询密码不能为空")
+		return errors.New("LDAP的管理员密码不能为空")
 	}
 	if auth.BaseDn == "" || !ValidateDN(auth.BaseDn) {
-		return errors.New("LDAP的BaseDN填写有误")
+		return errors.New("LDAP的Base DN填写有误")
 	}
 	if auth.SearchAttr == "" {
-		return errors.New("LDAP的搜索属性不能为空")
+		return errors.New("LDAP的用户唯一ID不能为空")
 	}
 	if auth.MemberOf != "" && !ValidateDN(auth.MemberOf) {
-		return errors.New("LDAP的绑定DN填写有误")
+		return errors.New("LDAP的受限用户组填写有误")
 	}
 	return nil
 }
@ -93,7 +93,7 @@ func (auth AuthLdap) checkUser(name, pwd string, g *Group) error {
 	}
 	err = l.Bind(auth.BindName, auth.BindPwd)
 	if err != nil {
-		return fmt.Errorf("%s LDAP 查询用户的账密有误,请重新检查 %s", name, err.Error())
+		return fmt.Errorf("%s LDAP 管理员账号或密码填写有误 %s", name, err.Error())
 	}
 	filterAttr := "(objectClass=person)"
 	filterAttr += "(" + auth.SearchAttr + "=" + name + ")"
--- a/web/src/pages/group/List.vue
+++ b/web/src/pages/group/List.vue
@ -237,34 +237,34 @@
                </el-form-item>   
                <templete v-if="ruleForm.auth.type == 'radius'">
                  <el-form-item label="服务器地址" prop="auth.radius.addr" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
-                      <el-input v-model="ruleForm.auth.radius.addr" placeholder="输入IP和端口 192.168.2.1:1812"></el-input>
+                      <el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
                  </el-form-item>                
                  <el-form-item label="密钥" prop="auth.radius.secret" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
-                      <el-input v-model="ruleForm.auth.radius.secret"></el-input>
+                      <el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
                  </el-form-item>               
                </templete>

                <templete v-if="ruleForm.auth.type == 'ldap'">
                  <el-form-item label="服务器地址" prop="auth.ldap.addr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
-                      <el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 192.168.2.1:389"></el-input>    
+                      <el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>    
                  </el-form-item> 
                  <el-form-item label="开启TLS" prop="auth.ldap.tls">
                    <el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>                      
                  </el-form-item>
-                  <el-form-item label="查询账号" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
-                    <el-input v-model="ruleForm.auth.ldap.bind_name"></el-input>
+                  <el-form-item label="管理员账号" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
+                    <el-input v-model="ruleForm.auth.ldap.bind_name" placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
                  </el-form-item>
-                  <el-form-item label="查询密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
-                    <el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd"></el-input>
+                  <el-form-item label="管理员密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
+                    <el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
                  </el-form-item>                                                
-                  <el-form-item label="BaseDN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
+                  <el-form-item label="Base DN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
                    <el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
                  </el-form-item>  
-                  <el-form-item label="搜索属性" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
-                    <el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName"></el-input>
+                  <el-form-item label="用户唯一ID" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
+                    <el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName 或 uid"></el-input>
                  </el-form-item>    
-                  <el-form-item label="绑定DN" prop="auth.ldap.member_of">
-                    <el-input v-model="ruleForm.auth.ldap.member_of" placeholder="例如 CN=test,CN=User,DC=abc,DC=com"></el-input>
+                  <el-form-item label="受限用户组" prop="auth.ldap.member_of">
+                    <el-input v-model="ruleForm.auth.ldap.member_of" placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
                  </el-form-item>                                                                      
                </templete>                 
            </el-tab-pane>  
@ -437,16 +437,16 @@ export default {
          {required: true, message: '请输入服务器地址(含端口)', trigger: 'blur'}
        ],  
        "auth.ldap.bind_name": [
-          {required: true, message: '请输入查询账号', trigger: 'blur'}
+          {required: true, message: '请输入管理员账号', trigger: 'blur'}
        ],
        "auth.ldap.bind_pwd": [
-          {required: true, message: '请输入查询密码', trigger: 'blur'}
+          {required: true, message: '请输入管理员密码', trigger: 'blur'}
        ],         
        "auth.ldap.base_dn": [
-          {required: true, message: '请输入BaseDN值', trigger: 'blur'}
+          {required: true, message: '请输入Base DN值', trigger: 'blur'}
        ],
        "auth.ldap.search_attr": [
-          {required: true, message: '请输入搜索属性', trigger: 'blur'}
+          {required: true, message: '请输入用户唯一ID', trigger: 'blur'}
        ],                                       
      },
    }