1、静态规则新增和修改添加白名单规则冲突检查
This commit is contained in:
PushM
@@ -2,10 +2,12 @@ package com.realtime.protection.server.rule.staticrule;
|
|||||||
|
|
||||||
import com.alibaba.excel.util.ListUtils;
|
import com.alibaba.excel.util.ListUtils;
|
||||||
import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
|
import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
|
||||||
|
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
|
||||||
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
||||||
import com.realtime.protection.configuration.utils.enums.RuleEnum;
|
import com.realtime.protection.configuration.utils.enums.RuleEnum;
|
||||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
|
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
|
||||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
||||||
|
import com.realtime.protection.server.whitelist.WhiteListService;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
@@ -14,10 +16,7 @@ import java.net.InetAddress;
|
|||||||
import java.net.UnknownHostException;
|
import java.net.UnknownHostException;
|
||||||
import java.nio.ByteBuffer;
|
import java.nio.ByteBuffer;
|
||||||
import java.time.LocalDateTime;
|
import java.time.LocalDateTime;
|
||||||
import java.util.HashMap;
|
import java.util.*;
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Objects;
|
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
@@ -25,11 +24,13 @@ public class StaticRuleService {
|
|||||||
|
|
||||||
private final StaticRuleMapper staticRuleMapper;
|
private final StaticRuleMapper staticRuleMapper;
|
||||||
private final SqlSessionWrapper sqlSessionWrapper;
|
private final SqlSessionWrapper sqlSessionWrapper;
|
||||||
|
private final WhiteListService whiteListService;
|
||||||
|
|
||||||
public StaticRuleService(StaticRuleMapper staticRuleMapper, SqlSessionWrapper sqlSessionWrapper) {
|
public StaticRuleService(StaticRuleMapper staticRuleMapper, SqlSessionWrapper sqlSessionWrapper, WhiteListService whiteListService) {
|
||||||
|
|
||||||
this.staticRuleMapper = staticRuleMapper;
|
this.staticRuleMapper = staticRuleMapper;
|
||||||
this.sqlSessionWrapper = sqlSessionWrapper;
|
this.sqlSessionWrapper = sqlSessionWrapper;
|
||||||
|
this.whiteListService = whiteListService;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static int ipToInt(String ip) {
|
private static int ipToInt(String ip) {
|
||||||
@@ -69,6 +70,14 @@ public class StaticRuleService {
|
|||||||
if (!RuleEnum.checkValidate(object)) {
|
if (!RuleEnum.checkValidate(object)) {
|
||||||
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
||||||
}
|
}
|
||||||
|
List<StaticRuleObject> staticRuleObjects = new ArrayList<>();
|
||||||
|
staticRuleObjects.add(object);
|
||||||
|
List<WhiteListObject> whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects);
|
||||||
|
if (!whiteListsHit.isEmpty()) {
|
||||||
|
StringBuilder result = new StringBuilder();
|
||||||
|
whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" "));
|
||||||
|
throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:"+result.toString().trim());
|
||||||
|
}
|
||||||
staticRuleMapper.newStaticRuleObject(object);
|
staticRuleMapper.newStaticRuleObject(object);
|
||||||
|
|
||||||
return object.getStaticRuleId();
|
return object.getStaticRuleId();
|
||||||
@@ -122,6 +131,15 @@ public class StaticRuleService {
|
|||||||
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
List<StaticRuleObject> staticRuleObjects = new ArrayList<>();
|
||||||
|
staticRuleObjects.add(object);
|
||||||
|
List<WhiteListObject> whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects);
|
||||||
|
if (!whiteListsHit.isEmpty()) {
|
||||||
|
StringBuilder result = new StringBuilder();
|
||||||
|
whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" "));
|
||||||
|
throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:"+result.toString().trim());
|
||||||
|
}
|
||||||
|
|
||||||
//判断当前静态规则是否能够修改---是否存在任务选择的静态规则??
|
//判断当前静态规则是否能够修改---是否存在任务选择的静态规则??
|
||||||
//按id查询该静态规则的used_task_id字段,如果不为空,则不能修改
|
//按id查询该静态规则的used_task_id字段,如果不为空,则不能修改
|
||||||
object.setStaticRuleModifyTime(LocalDateTime.now());
|
object.setStaticRuleModifyTime(LocalDateTime.now());
|
||||||
|
|||||||
@@ -157,6 +157,12 @@ public class WhiteListService {
|
|||||||
List<StaticRuleObject> staticRuleObjects = staticRuleMapper.queryStaticRuleByIds(staticRuleId);
|
List<StaticRuleObject> staticRuleObjects = staticRuleMapper.queryStaticRuleByIds(staticRuleId);
|
||||||
return whiteListMapper.whiteListCStaticRulesCheck(staticRuleObjects);
|
return whiteListMapper.whiteListCStaticRulesCheck(staticRuleObjects);
|
||||||
|
|
||||||
|
}
|
||||||
|
public List<WhiteListObject> whiteListStaticRulesObjectCheck(List<StaticRuleObject> staticRuleObjects) {
|
||||||
|
//参数应该是指令,不管动态静态
|
||||||
|
// 命中的whitelist列表:每一列包含ip port url
|
||||||
|
return whiteListMapper.whiteListCStaticRulesCheck(staticRuleObjects);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Transactional
|
@Transactional
|
||||||
|
|||||||
@@ -32,12 +32,11 @@ public class StaticRuleServiceTest extends ProtectionApplicationTests {
|
|||||||
staticRuleTest.setStaticRuleCreateUserId(2);
|
staticRuleTest.setStaticRuleCreateUserId(2);
|
||||||
staticRuleTest.setAuditStatus(0);
|
staticRuleTest.setAuditStatus(0);
|
||||||
|
|
||||||
staticRuleTest.setStaticRuleSip("1.1.2.0");
|
staticRuleTest.setStaticRuleSip("2.2.2.2");
|
||||||
staticRuleTest.setStaticRuleMsip("255.255.255.0");
|
|
||||||
|
|
||||||
// staticRuleTest.setStaticRuleDip("1.1.1.2");
|
// staticRuleTest.setStaticRuleDip("1.1.1.2");
|
||||||
// staticRuleTest.setStaticRuleMdip("255.255.255.0");
|
// staticRuleTest.setStaticRuleMdip("255.255.255.0");
|
||||||
staticRuleTest.setStaticRuleSport(80);
|
staticRuleTest.setStaticRuleSport(11);
|
||||||
|
|
||||||
staticRuleTest.setStaticRulePriority(1);
|
staticRuleTest.setStaticRulePriority(1);
|
||||||
staticRuleTest.setStaticRuleFrequency(1);
|
staticRuleTest.setStaticRuleFrequency(1);
|
||||||
|
|||||||
Reference in New Issue
Block a user