refactor(backend): 重构用户和组的修改接口并优化相关服务

- 修改 LdapClient 中的 Modify 方法名称为 ModifyAttributes，以更清晰地表示其功能
- 在 User 结构体中添加 LoginShell 字段，用于存储用户的登录 Shell
- 更新 RepositoryGroup 和 RepositoryUser 中的 Modify 方法为 ModifyAttributes
- 调整 ServiceGroup 和 ServiceUser 中的相关调用，使用新的 ModifyAttributes 方法
- 在 ServiceManager 中为新注册的用户设置默认的 LoginShell 为 /bin/bash
- 优化 LDAP 属性解析逻辑，跳过 dnAttr 字段的处理

Author: dsx137

backend/pkg/client/ldap.go

@@ -149,7 +149,7 @@ func (c *LdapClient) Add(dn string, objectClass []string, attributes map[string]
 	})
 }
 
-func (c *LdapClient) Modify(dn string, addAttrs, delAttrs, replaceAttrs map[string][]string) error {
+func (c *LdapClient) ModifyAttributes(dn string, addAttrs, delAttrs, replaceAttrs map[string][]string) error {
 	return c.withConnection(func(conn *ldap.Conn) error {
 		modifyReq := ldap.NewModifyRequest(dn, nil)
 		for attr, values := range addAttrs {

backend/pkg/entity/user.go

@@ -11,4 +11,5 @@ type User struct {
 	HomeDirectory string `ldap:"homeDirectory" json:"homeDirectory"`
 	Mail          string `ldap:"mail" json:"mail"`
 	UserPassword  string `ldap:"userPassword" json:"userPassword"`
+	LoginShell    string `ldap:"loginShell" json:"loginShell"`
 }

backend/pkg/repository/group.go

@@ -80,6 +80,6 @@ func (r *RepositoryGroup) FindAllByOuAndMemberUid(ou string, uid string) ([]*ent
 	return r.find(fmt.Sprintf("ou=%s", ou), fmt.Sprintf("memberUid=%s", uid))
 }
 
-func (r *RepositoryGroup) Modify(dn string, addAttrs map[string][]string, delAttrs map[string][]string, replaceAttrs map[string][]string) error {
-	return r.client.Modify(dn, addAttrs, delAttrs, replaceAttrs)
+func (r *RepositoryGroup) ModifyAttributes(dn string, addAttrs map[string][]string, delAttrs map[string][]string, replaceAttrs map[string][]string) error {
+	return r.client.ModifyAttributes(dn, addAttrs, delAttrs, replaceAttrs)
 }

backend/pkg/repository/user.go

@@ -7,6 +7,8 @@ import (
 	"asynclab.club/asynx/backend/pkg/config"
 	"asynclab.club/asynx/backend/pkg/entity"
 	"asynclab.club/asynx/backend/pkg/transfer"
+
+
 )
 
 type RepositoryUser struct {
@@ -92,13 +94,13 @@ func (r *RepositoryUser) Create(user *entity.User) error {
 	return r.client.Add(r.BuildDn(user), config.UserObjectClasses, attributes)
 }
 
-func (r *RepositoryUser) Modify(user *entity.User) error {
+func (r *RepositoryUser) ModifyAttributes(user *entity.User) error {
 	attributes, err := transfer.ParseToLdapAttributes(user)
 	if err != nil {
 		return err
 	}
 
-	return r.client.Modify(r.BuildDn(user), nil, nil, attributes)
+	return r.client.ModifyAttributes(r.BuildDn(user), nil, nil, attributes)
 }
 
 func (r *RepositoryUser) ModifyDn(user *entity.User, newRDN, newSuperior string) error {

backend/pkg/service/group.go

@@ -71,11 +71,12 @@ func (s *ServiceGroup) RevokeRoleByUid(uid string) error {
 		return err
 	}
 	for _, group := range roleGroups {
-		return s.repositoryGroup.Modify(s.repositoryGroup.BuildDn(group), nil, attr, nil)
+		return s.repositoryGroup.ModifyAttributes(s.repositoryGroup.BuildDn(group), nil, attr, nil)
 	}
 	return nil
 }
 
+// WARN: 千万不要用replaceAttrs在多值属性上，否则会清空其他不相干值
 func (s *ServiceGroup) GrantRoleByUid(uid string, newRole security.Role) error {
 	oldRole, err := s.GetRoleByUid(uid)
 	if err != nil {
@@ -110,7 +111,7 @@ func (s *ServiceGroup) GrantRoleByUid(uid string, newRole security.Role) error {
 
 	// 如果用户之前没有角色（直接添加）
 	if oldRole == security.RoleAnonymous {
-		return s.repositoryGroup.Modify(s.repositoryGroup.BuildDn(newGroup), attr, nil, nil) // 添加用户
+		return s.repositoryGroup.ModifyAttributes(s.repositoryGroup.BuildDn(newGroup), attr, nil, nil) // 添加用户
 	}
 
 	// 如果是角色切换：先从旧组移除，再添加到新组
@@ -121,14 +122,14 @@ func (s *ServiceGroup) GrantRoleByUid(uid string, newRole security.Role) error {
 	}
 
 	if !oldNotFound {
-		if err := s.repositoryGroup.Modify(s.repositoryGroup.BuildDn(oldGroup), nil, attr, nil); err != nil {
+		if err := s.repositoryGroup.ModifyAttributes(s.repositoryGroup.BuildDn(oldGroup), nil, attr, nil); err != nil {
 			return err
 		}
 	}
-	if err := s.repositoryGroup.Modify(s.repositoryGroup.BuildDn(newGroup), attr, nil, nil); err != nil {
+	if err := s.repositoryGroup.ModifyAttributes(s.repositoryGroup.BuildDn(newGroup), attr, nil, nil); err != nil {
 		// 回滚
 		if !oldNotFound {
-			if err = s.repositoryGroup.Modify(s.repositoryGroup.BuildDn(oldGroup), attr, nil, nil); err != nil {
+			if err = s.repositoryGroup.ModifyAttributes(s.repositoryGroup.BuildDn(oldGroup), attr, nil, nil); err != nil {
 				logrus.Warningf("Failed to rollback group modification when grant role: %v", err)
 			}
 		}

backend/pkg/service/manager.go

@@ -104,6 +104,7 @@ func (s *ServiceManager) Register(username, surName, givenName, mail, category,
 		HomeDirectory: fmt.Sprintf("/home/%s", username),
 		Mail:          mail,
 		UserPassword:  password,
+		LoginShell:    "/bin/bash",
 	}
 
 	if err := s.serviceUser.Create(user); err != nil {

backend/pkg/service/user.go

@@ -54,10 +54,6 @@ func (s *ServiceUser) Create(user *entity.User) error {
 	return s.repositoryUser.Create(user)
 }
 
-func (s *ServiceUser) Modify(user *entity.User) error {
-	return s.repositoryUser.Modify(user)
-}
-
 func (s *ServiceUser) ModifyPassword(user *entity.User, newPassword string) error {
 	return s.repositoryUser.ModifyPassword(user, newPassword)
 }

backend/pkg/transfer/ldap.go

@@ -148,10 +148,10 @@ func ParseToLdapAttributes[T any](item *T) (map[string][]string, error) {
 			continue
 		}
 
-		isDnField, isTransient, attrName, _, _ := parseTag(ldapTag)
+		isDnField, isTransient, attrName, dnAttr, _ := parseTag(ldapTag)
 
-		// 跳过 transient 字段和 DN 字段（DN字段通常在创建条目时单独处理
-		if isTransient || isDnField {
+		// 跳过 transient、DN、dnAttr
+		if isTransient || isDnField || dnAttr != "" {
 			continue
 		}