gfwleak/enderbyendera-realtime-protection
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、指令新增白名单判断,命中白名单后加入到t_whitelist_hit表中,不加到t_command

Browse Source 
2、指令新增时,记录到t_command_log表中
3、配置增加创建人、审核人
4、任务停止、结束时,规则的used_task_id也变为空
5、规则update后更新审核状态bug修复
This commit is contained in:
PushM
2024-06-06 03:28:50 +08:00
parent 62772955d2
commit 366e89ae47
28 changed files with 1033 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/java/com/realtime/protection/configuration/entity/rule/staticrule/StaticRuleObject.java
View File

@@ -164,6 +164,7 @@ public class StaticRuleObject {
private String auditUserDepart;
@JsonProperty("event_type")
@ExcelProperty("事件类型")
@Schema(description = "事件类型", example = "DDos")
private String eventType;

19
src/main/java/com/realtime/protection/server/command/CommandMapper.java
View File

@@ -1,6 +1,9 @@
package com.realtime.protection.server.command;
import com.baomidou.dynamic.datasource.annotation.DS;
import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
@@ -38,4 +41,20 @@ public interface CommandMapper {
@Param("src_port") String sourcePort,
@Param("dst_ip") String destinationIP,
@Param("dst_port") String destinationPort);
void createCommandInWhiteListHit(@Param("info") TaskCommandInfo commandInfo);
void updateCommandHistoryExpireTime(@Param("command_id") String commandUUID);
void insertCommandHistory(@Param("command_id") String commandUUID);
void updateCommandHistoryExpireTimeBatch(@Param("commandIds")List<String> commandIds);
void insertCommandHistoryBatch(@Param("commandIds")List<String> commandIds);
@DS("mysql")
List<WhiteListObject> whiteListCommandCheck(@Param("command") FiveTupleWithMask fiveTupleWithMask);
@DS("mysql")
void createCommandWhiteListConnect(@Param("command_id") String uuid, @Param("whiteLists") List<WhiteListObject> whiteListsHit);
}

36
src/main/java/com/realtime/protection/server/command/CommandService.java
View File

@@ -4,8 +4,10 @@ import com.alibaba.excel.util.ListUtils;
import com.baomidou.dynamic.datasource.annotation.DS;
import com.baomidou.dynamic.datasource.annotation.DSTransactional;
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
import com.realtime.protection.configuration.utils.Counter;
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
import com.realtime.protection.server.whitelist.WhiteListMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
@@ -23,12 +25,14 @@ public class CommandService {
private final CommandMapper commandMapper;
private final SqlSessionWrapper sqlSessionWrapper;
private final Counter counter;
private final WhiteListMapper whiteListMapper;
private static final int BatchSize = 100;
public CommandService(CommandMapper commandMapper, SqlSessionWrapper sqlSessionWrapper, Counter counter) {
public CommandService(CommandMapper commandMapper, SqlSessionWrapper sqlSessionWrapper, Counter counter, WhiteListMapper whiteListMapper) {
this.commandMapper = commandMapper;
this.sqlSessionWrapper = sqlSessionWrapper;
this.counter = counter;
this.whiteListMapper = whiteListMapper;
}
@DSTransactional
@@ -44,8 +48,21 @@ public class CommandService {
+ String.format("%06d", counter.generateId("command"))
);
//指令:白名单检查
List<WhiteListObject> whiteListsHit = commandMapper.whiteListCommandCheck(commandInfo.getFiveTupleWithMask());
if (!whiteListsHit.isEmpty()) {
commandInfo.setUUID(UUID.randomUUID().toString());
commandMapper.createCommandInWhiteListHit(commandInfo);
commandMapper.createCommandWhiteListConnect(commandInfo.getUUID(), whiteListsHit);
//写入历史表
insertCommandHistory(commandInfo.getUUID());
return commandInfo.getUUID();
}
commandInfo.setUUID(UUID.randomUUID().toString());
commandMapper.createCommand(commandInfo);
//写入历史表
insertCommandHistory(commandInfo.getUUID());
return commandInfo.getUUID();
}
@@ -58,13 +75,15 @@ public class CommandService {
if (taskCommandInfoBatch.size() < BatchSize) {
continue;
}
//因为createCommands只用于静态规则生成command静态规则已经检查了白名单所以不检查了
commandMapper.createCommands(taskCommandInfoBatch);
insertCommandHistoryBatch(taskCommandInfoBatch);
taskCommandInfoBatch.clear();
}
if (!taskCommandInfoBatch.isEmpty()) {
commandMapper.createCommands(taskCommandInfoBatch);
insertCommandHistoryBatch(taskCommandInfoBatch);
taskCommandInfoBatch.clear();
}
@@ -108,4 +127,17 @@ public class CommandService {
String destinationIP, String destinationPort){
return commandMapper.queryCommandTotalNum(taskId, sourceIP, sourcePort, destinationIP, destinationPort);
}
public void insertCommandHistory(String commandUUID) {
commandMapper.updateCommandHistoryExpireTime(commandUUID);
commandMapper.insertCommandHistory(commandUUID);
}
public void insertCommandHistoryBatch(List<TaskCommandInfo> commandIdList) {
List<String> commandIds = ListUtils.newArrayListWithExpectedSize(commandIdList.size());
commandIdList.forEach(item -> commandIds.add(item.getUUID()));
commandMapper.updateCommandHistoryExpireTimeBatch(commandIds);
commandMapper.insertCommandHistoryBatch(commandIds);
}
}

10
src/main/java/com/realtime/protection/server/defense/object/ProjectObjectDataListener.java
View File

@@ -5,6 +5,7 @@ import com.alibaba.excel.context.AnalysisContext;
import com.alibaba.excel.read.listener.ReadListener;
import com.alibaba.excel.util.ListUtils;
import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
import com.realtime.protection.configuration.entity.user.UserFull;
import java.util.List;
@@ -13,13 +14,20 @@ public class ProjectObjectDataListener implements ReadListener<ProtectObject> {
private final ProtectObjectService protectObjectService;
private final List<ProtectObject> cachedDataList = ListUtils.newArrayListWithExpectedSize(batchCount);
private static final int batchCount = 100;
private UserFull user;
public ProjectObjectDataListener(ProtectObjectService protectObjectService) {
public ProjectObjectDataListener(ProtectObjectService protectObjectService, UserFull user) {
this.protectObjectService = protectObjectService;
this.user = user;
}
@Override
public void invoke(ProtectObject protectObject, AnalysisContext analysisContext) {
if (user != null) {
protectObject.setProtectObjectCreateUsername(user.name);
protectObject.setProtectObjectCreateUserId(Integer.valueOf(user.uid));
protectObject.setProtectObjectCreateDepart(user.getOrgName());
}
cachedDataList.add(protectObject);
if (cachedDataList.size() > 1000) {
saveData();

58
src/main/java/com/realtime/protection/server/defense/object/ProtectObjectController.java
View File

@@ -2,12 +2,16 @@ package com.realtime.protection.server.defense.object;
import com.alibaba.excel.EasyExcel;
import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
import com.realtime.protection.configuration.entity.user.UserFull;
import com.realtime.protection.configuration.response.ResponseResult;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -30,7 +34,16 @@ public class ProtectObjectController implements ProtectObjectControllerApi {
@Override
@PostMapping("/new")
public ResponseResult newProtectObject(@RequestBody @Valid ProtectObject protectObject) {
public ResponseResult newProtectObject(@RequestBody @Valid ProtectObject protectObject,
@Autowired HttpServletRequest request) {
//从http首部session字段获取用户信息
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
if (user != null) {
protectObject.setProtectObjectCreateUsername(user.name);
protectObject.setProtectObjectCreateUserId(Integer.valueOf(user.uid));
protectObject.setProtectObjectCreateDepart(user.getOrgName());
}
Integer protectObjectId = protectObjectService.newProtectObject(protectObject);
if (protectObjectId == 0) {
return ResponseResult.error().setMessage("failed to create a protect object")
@@ -48,10 +61,13 @@ public class ProtectObjectController implements ProtectObjectControllerApi {
@Override
@PostMapping("/upload")
public ResponseResult uploadFile(
@NotNull(message = "uploadFile字段不能为空") MultipartFile uploadFile
@NotNull(message = "uploadFile字段不能为空") MultipartFile uploadFile,
@Autowired HttpServletRequest request
) throws IOException {
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
EasyExcel.read(uploadFile.getInputStream(), ProtectObject.class,
new ProjectObjectDataListener(protectObjectService)).sheet().doRead();
new ProjectObjectDataListener(protectObjectService, user)).sheet().doRead();
return ResponseResult.ok();
}
@@ -158,9 +174,22 @@ public class ProtectObjectController implements ProtectObjectControllerApi {
@Override
@GetMapping("/{protectObjectId}/audit/{auditStatus}")
public ResponseResult changeProtectObjectAuditStatus(@PathVariable Integer protectObjectId,
@PathVariable Integer auditStatus) {
@PathVariable Integer auditStatus,
@Autowired HttpServletRequest request) {
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.addDataMap(protectObjectService.changeProtectObjectAuditStatus(protectObjectId, auditStatus))
.addDataMap(protectObjectService.changeProtectObjectAuditStatus(
protectObjectId, auditStatus, auditUserName, auditUserId, auditUserDepart))
.setData("proobj_id", protectObjectId);
}
@@ -191,7 +220,9 @@ public class ProtectObjectController implements ProtectObjectControllerApi {
*/
@Override
@PostMapping("/auditbatch")
public ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap) {
public ResponseResult updateWhiteListAuditStatusBatch(
@RequestBody Map<Integer, Integer> idsWithAuditStatusMap,
@Autowired HttpServletRequest request) {
List<Integer> errorIds = new ArrayList<>();
for (Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
@@ -205,9 +236,20 @@ public class ProtectObjectController implements ProtectObjectControllerApi {
.setData("id", errorIds)
.setData("success", false);
}
// 从http首部session字段获取用户信息
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.setData("success", protectObjectService.updateAuditStatusBatch(idsWithAuditStatusMap));
.setData("success", protectObjectService.updateAuditStatusBatch(
idsWithAuditStatusMap, auditUserName, auditUserId, auditUserDepart));
}
@Override

15
src/main/java/com/realtime/protection/server/defense/object/ProtectObjectControllerApi.java
View File

@@ -9,10 +9,12 @@ import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Min;
import jakarta.validation.constraints.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -58,7 +60,8 @@ public interface ProtectObjectControllerApi {
},
requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "防护对象信息")
)
ResponseResult newProtectObject(@RequestBody @Valid ProtectObject protectObject);
ResponseResult newProtectObject(@RequestBody @Valid ProtectObject protectObject,
@Autowired HttpServletRequest request);
@PostMapping("/upload")
@Operation(
@@ -76,7 +79,8 @@ public interface ProtectObjectControllerApi {
requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "上传文件")
)
ResponseResult uploadFile(
@NotNull(message = "uploadFile字段不能为空") MultipartFile uploadFile
@NotNull(message = "uploadFile字段不能为空") MultipartFile uploadFile,
@Autowired HttpServletRequest request
) throws IOException;
@GetMapping("/download")
@@ -427,7 +431,8 @@ public interface ProtectObjectControllerApi {
}
)
ResponseResult changeProtectObjectAuditStatus(@PathVariable Integer protectObjectId,
@PathVariable Integer auditStatus);
@PathVariable Integer auditStatus,
@Autowired HttpServletRequest request);
/*
防护对象数据统计
@@ -488,7 +493,9 @@ public interface ProtectObjectControllerApi {
)
)
@PostMapping("/auditbatch")
ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap);
ResponseResult updateWhiteListAuditStatusBatch(
@RequestBody Map<Integer, Integer> idsWithAuditStatusMap,
@Autowired HttpServletRequest request);
@Operation(
summary = "更新审批意见",

18
src/main/java/com/realtime/protection/server/defense/object/ProtectObjectMapper.java
View File

@@ -24,8 +24,7 @@ public interface ProtectObjectMapper {
void deleteProtectObjects(@Param("proobj_ids") List<Integer> protectObjectIds);
Boolean changeProtectObjectAuditStatus(@Param("proobj_id") Integer protectObjectId,
@Param("proobj_audit_status") Integer protectObjectAuditStatus);
Integer queryProtectObjectsTotalNum(@Param("proobj_name") String protectObjectName,
@@ -73,4 +72,19 @@ public interface ProtectObjectMapper {
List<ProtectObject> queryHistory(Integer id, Integer page, Integer pageSize);
List<ProtectObject> queryProtectObjectByIds(List<Integer> protectObjectIds);
Boolean changeProtectObjectAuditStatus(@Param("proobj_id") Integer protectObjectId,
@Param("proobj_audit_status") Integer auditStatus
);
Boolean changeProtectObjectAuditStatusWithUser(@Param("proobj_id") Integer protectObjectId,
@Param("proobj_audit_status") Integer protectObjectAuditStatus,
@Param("auditUserName")String auditUserName,
@Param("auditUserId")Integer auditUserId,
@Param("auditUserDepart")String auditUserDepart);
void updateAuditStatusByIdBatchWithUser(@Param("idWithAuditStatusBatch")Map<Integer, Integer> idWithAuditStatusBatch,
@Param("auditUserName") String auditUserName,
@Param("auditUserId")Integer auditUserId,
@Param("auditUserDepart")String auditUserDepart);
}

80
src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java
View File

@@ -135,12 +135,35 @@ public class ProtectObjectService {
}
@Transactional
public Map<String, Object> changeProtectObjectAuditStatus(Integer protectObjectId, Integer auditStatus) {
public Map<String, Object> changeProtectObjectAuditStatus(
Integer protectObjectId, Integer auditStatus,String auditUserName,
Integer auditUserId,
String auditUserDepart) {
Integer originalAuditStatus = protectObjectMapper.queryProtectObject(protectObjectId).getProtectObjectAuditStatus();
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
throw new IllegalArgumentException("无效的审核状态");
}
Boolean success = protectObjectMapper.changeProtectObjectAuditStatus(protectObjectId, auditStatus);
Boolean success = protectObjectMapper.changeProtectObjectAuditStatusWithUser(
protectObjectId, auditStatus, auditUserName, auditUserId, auditUserDepart);
insertStaticRuleStatusLog(protectObjectId);
Integer auditStatusNow = protectObjectMapper.queryProtectObject(protectObjectId).getProtectObjectAuditStatus();
Map<String, Object> resultMap = new HashMap<>();
resultMap.put("success", success);
resultMap.put("audit_status", auditStatusNow);
return resultMap;
}
@Transactional
public Map<String, Object> changeProtectObjectAuditStatus(
Integer protectObjectId, Integer auditStatus) {
Integer originalAuditStatus = protectObjectMapper.queryProtectObject(protectObjectId).getProtectObjectAuditStatus();
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
throw new IllegalArgumentException("无效的审核状态");
}
Boolean success = protectObjectMapper.changeProtectObjectAuditStatus(
protectObjectId, auditStatus);
insertStaticRuleStatusLog(protectObjectId);
Integer auditStatusNow = protectObjectMapper.queryProtectObject(protectObjectId).getProtectObjectAuditStatus();
@@ -214,6 +237,59 @@ public class ProtectObjectService {
//实现事务操作
return sqlSessionWrapper.startBatchSession(ProtectObjectMapper.class, updateProtectObjectAuditStatusFunction, idsWithAuditStatusMap);
}
public Boolean updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap,
String auditUserName,
Integer auditUserId,
String auditUserDepart) {
//校验id和status是否合法
List<Integer> originalAuditStatusList = protectObjectMapper.queryAuditStatusByIds(idsWithAuditStatusMap);
if (originalAuditStatusList == null || originalAuditStatusList.size() != idsWithAuditStatusMap.size()) {
throw new IllegalArgumentException("防护对象部分不存在");
}
int index = 0;
List<Integer> errorIds = new ArrayList<>();
for(Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
Integer auditStatus = entry.getValue();
Integer originalAuditStatus = originalAuditStatusList.get(index);
index++;
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
errorIds.add(id);
}
}
if (!errorIds.isEmpty()){
throw new IllegalArgumentException("防护对象无法修改为对应审核状态, 错误id: " + errorIds);
}
Function<ProtectObjectMapper, Function<Map<Integer, Integer>, Boolean>> updateProtectObjectAuditStatusFunction =
mapper -> map -> {
if (map == null || map.isEmpty()) {
return false;
}
Map<Integer, Integer> idWithAuditStatusBatch = new HashMap<>();
for (Map.Entry<Integer, Integer> item : map.entrySet()) {
idWithAuditStatusBatch.put(item.getKey(), item.getValue());
if (idWithAuditStatusBatch.size() < 100) {
continue;
}
//mapper指的就是外层函数输入的参数也就是WhiteListMapper
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch,
auditUserName, auditUserId, auditUserDepart);
insertStaticRuleStatusLog(idWithAuditStatusBatch);
idWithAuditStatusBatch.clear();
}
if (!idWithAuditStatusBatch.isEmpty()) {
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch,
auditUserName, auditUserId, auditUserDepart);
insertStaticRuleStatusLog(idWithAuditStatusBatch);
}
return true;
};
//实现事务操作
return sqlSessionWrapper.startBatchSession(ProtectObjectMapper.class, updateProtectObjectAuditStatusFunction, idsWithAuditStatusMap);
}
public Boolean updateAuditInfo(List<Integer> ids, String auditInfo) {

57
src/main/java/com/realtime/protection/server/defense/templatenew/TemplateController.java
View File

@@ -1,10 +1,14 @@
package com.realtime.protection.server.defense.templatenew;
import com.realtime.protection.configuration.entity.defense.template.TemplateNew;
import com.realtime.protection.configuration.entity.user.UserFull;
import com.realtime.protection.configuration.response.ResponseResult;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Min;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
@@ -23,15 +27,16 @@ public class TemplateController implements TemplateNewCpntrollerApi{
@Override
@PostMapping("/new")
public ResponseResult newTemplate(@RequestBody @Valid TemplateNew template) {
public ResponseResult newTemplate(@RequestBody @Valid TemplateNew template,
@Autowired HttpServletRequest request) {
//从http首部session字段获取用户信息
// HttpSession session = request.getSession();
// UserFull user = (UserFull) session.getAttribute("user");
// if (user != null) {
// object.setStaticRuleCreateUsername(user.name);
// object.setStaticRuleCreateUserId(Integer.valueOf(user.uid));
// object.setStaticRuleCreateDepart(user.getOrgName());
// }
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
if (user != null) {
template.setCreateUsername(user.name);
template.setCreateUserId(Integer.valueOf(user.uid));
template.setCreateDepart(user.getOrgName());
}
Integer templateId = templateService.newTemplate(template);
if (templateId > 0) {
@@ -161,14 +166,28 @@ public class TemplateController implements TemplateNewCpntrollerApi{
*/
@Override
@GetMapping("/{id}/audit/{auditStatus}")
public ResponseResult updateTemplateAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus) {
public ResponseResult updateTemplateAuditStatus(@PathVariable Integer id,
@PathVariable Integer auditStatus,
@Autowired HttpServletRequest request) {
if (id <= 0 || auditStatus < 0 || auditStatus > 2) {
return new ResponseResult(400, "id or status is invalid")
.setData("template_id", id)
.setData("success", false);
}
//从http首部session字段获取用户信息
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.addDataMap(templateService.updateAuditStatus(id, auditStatus))
.addDataMap(templateService.updateAuditStatus(id, auditStatus,
auditUserName, auditUserId, auditUserDepart))
.setData("template_id", id);
}
@@ -178,7 +197,8 @@ public class TemplateController implements TemplateNewCpntrollerApi{
*/
@Override
@PostMapping("/auditbatch")
public ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap) {
public ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap,
@Autowired HttpServletRequest request) {
List<Integer> errorIds = new ArrayList<>();
for (Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
@@ -192,9 +212,20 @@ public class TemplateController implements TemplateNewCpntrollerApi{
.setData("id", errorIds)
.setData("success", false);
}
//从http首部session字段获取用户信息
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.setData("success", templateService.updateAuditStatusBatch(idsWithAuditStatusMap));
.setData("success", templateService.updateAuditStatusBatch(idsWithAuditStatusMap,
auditUserName, auditUserId, auditUserDepart));
}
/*

10
src/main/java/com/realtime/protection/server/defense/templatenew/TemplateMapper.java
View File

@@ -52,7 +52,10 @@ public interface TemplateMapper {
Integer queryAuditStatusById(Integer id);
Boolean updateAuditStatusById(Integer id, Integer auditStatus);
Boolean updateAuditStatusById(Integer id, Integer auditStatus,
String auditUserName,
Integer auditUserId,
String auditUserDepart);
List<Integer> queryAuditStatusByIds(@Param("idsWithAuditStatusMap") Map<Integer, Integer> idsWithAuditStatusMap);
@@ -71,4 +74,9 @@ public interface TemplateMapper {
void insertStatusLogBatch(List<Integer> ids);
List<TemplateNew> queryHistory(Integer id, Integer page, Integer pageSize);
void updateAuditStatusByIdBatchWithUser(@Param("idWithAuditStatusBatch")Map<Integer, Integer> idWithAuditStatusBatch,
@Param("auditUserName")String auditUserName,
@Param("auditUserId")Integer auditUserId,
@Param("auditUserDepart")String auditUserDepart);
}

11
src/main/java/com/realtime/protection/server/defense/templatenew/TemplateNewCpntrollerApi.java
View File

@@ -11,8 +11,10 @@ import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.validation.Valid;
import jakarta.validation.constraints.Min;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@@ -59,7 +61,8 @@ public interface TemplateNewCpntrollerApi {
description = "防御策略模板信息")
)
ResponseResult newTemplate(@RequestBody @Valid TemplateNew template);
ResponseResult newTemplate(@RequestBody @Valid TemplateNew template,
@Autowired HttpServletRequest request);
@GetMapping("/query")
@Operation(
@@ -274,7 +277,8 @@ public interface TemplateNewCpntrollerApi {
}
)
@GetMapping("/{id}/audit/{auditStatus}")
ResponseResult updateTemplateAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus);
ResponseResult updateTemplateAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus,
@Autowired HttpServletRequest request);
@Operation(
summary = "批量更新审批状态",
description = "批量更新审批状态0未审核、1审核不通过、2审核通过",
@@ -297,7 +301,8 @@ public interface TemplateNewCpntrollerApi {
)
)
@PostMapping("/auditbatch")
ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap);
ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap,
@Autowired HttpServletRequest request);
/*
修改审批信息

60
src/main/java/com/realtime/protection/server/defense/templatenew/TemplateService.java
View File

@@ -5,6 +5,7 @@ import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleOb
import com.realtime.protection.configuration.utils.Counter;
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.time.LocalDateTime;
@@ -93,7 +94,10 @@ public class TemplateService {
return templateMapper.queryAuditTemplateTotalNum(auditState);
}
public Map<String, Object> updateAuditStatus(Integer id, Integer auditStatus) {
public Map<String, Object> updateAuditStatus(Integer id, Integer auditStatus,
String auditUserName,
Integer auditUserId,
String auditUserDepart) {
Integer originalAuditStatus = templateMapper.queryAuditStatusById(id);
if (originalAuditStatus == null) {
throw new IllegalArgumentException("cannot find audit status of static rule " + id + ", maybe static rule doesn't exist?");
@@ -101,7 +105,8 @@ public class TemplateService {
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
throw new IllegalArgumentException("invalid audit status");
}
Boolean success = templateMapper.updateAuditStatusById(id, auditStatus);
Boolean success = templateMapper.updateAuditStatusById(id, auditStatus,
auditUserName, auditUserId, auditUserDepart);
insertStatusLog(id);
Map<String, Object> resultMap = new HashMap<>();
resultMap.put("success", success);
@@ -158,6 +163,57 @@ public class TemplateService {
}
public Boolean updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap,
String auditUserName,
Integer auditUserId,
String auditUserDepart) {
//校验id和status是否合法
List<Integer> originalAuditStatusList = templateMapper.queryAuditStatusByIds(idsWithAuditStatusMap);
if (originalAuditStatusList == null || originalAuditStatusList.size() != idsWithAuditStatusMap.size()) {
throw new IllegalArgumentException("策略模板部分不存在");
}
int index = 0;
List<Integer> errorIds = new ArrayList<>();
for(Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
Integer auditStatus = entry.getValue();
Integer originalAuditStatus = originalAuditStatusList.get(index);
index++;
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
errorIds.add(id);
}
}
if (!errorIds.isEmpty()){
throw new IllegalArgumentException("策略模板无法修改为对应审核状态, 错误id: " + errorIds);
}
Function<TemplateMapper, Function<Map<Integer, Integer>, Boolean>> updateTemplateAuditStatusFunction =
mapper -> map -> {
if (map == null || map.isEmpty()) {
return false;
}
Map<Integer, Integer> idWithAuditStatusBatch = new HashMap<>();
for (Map.Entry<Integer, Integer> item : map.entrySet()) {
idWithAuditStatusBatch.put(item.getKey(), item.getValue());
if (idWithAuditStatusBatch.size() < 100) {
continue;
}
//mapper指的就是外层函数输入的参数也就是WhiteListMapper
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch, auditUserName, auditUserId, auditUserDepart);
insertStatusLog(idWithAuditStatusBatch);
idWithAuditStatusBatch.clear();
}
if (!idWithAuditStatusBatch.isEmpty()) {
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch, auditUserName, auditUserId, auditUserDepart);
insertStatusLog(idWithAuditStatusBatch);
}
return true;
};
//实现事务操作
return sqlSessionWrapper.startBatchSession(TemplateMapper.class, updateTemplateAuditStatusFunction, idsWithAuditStatusMap);
}
public Boolean updateAuditInfo(List<Integer> ids, String auditInfo) {
return templateMapper.updateAuditInfo(ids, auditInfo);

4
src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java
View File

@@ -40,7 +40,7 @@ public interface StaticRuleMapper {
Integer queryAuditStatusById(Integer id);
Boolean updateAuditStatusById(Integer id, Integer auditStatus,
Boolean updateAuditStatusByIdWithUser(Integer id, Integer auditStatus,
String auditUserName,
Integer auditUserId,
String auditUserDepart);
@@ -80,4 +80,6 @@ public interface StaticRuleMapper {
List<StaticRuleObject> queryHistory(Integer id, Integer page, Integer pageSize);
void removeUsedTaskId(Long taskId);
// boolean queryStaticRuleRepeat(StaticRuleObject object);
}

17
src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java
View File

@@ -63,13 +63,12 @@ public class StaticRuleService {
新建静态规则
*/
@SneakyThrows
@Transactional
public Integer newStaticRuleObject(StaticRuleObject object) {
object.setStaticRuleCreateTime(LocalDateTime.now());
object.setAuditStatus(0);
/*
待开发:设置静态规则对象的创建用户、用户所属部门等属性
*/
if (!isIpMaskValid(object.getStaticRuleSip(),object.getStaticRuleMsip()) ||
!isIpMaskValid(object.getStaticRuleDip(),object.getStaticRuleMdip())
){
@@ -78,6 +77,10 @@ public class StaticRuleService {
if (!RuleEnum.checkValidate(object)) {
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
}
// if(!staticRuleMapper.queryStaticRuleRepeat(object)){
// throw new IllegalArgumentException("静态规则重复");
// }
/*
新建静态规则,过一下白名单审核
*/
@@ -103,7 +106,7 @@ public class StaticRuleService {
return object.getStaticRuleId();
}
@Transactional
public Object deleteStaticRules(List<Integer> staticRuleIds) {
//判断当前静态规则是否能够删除---是否存在任务选择的静态规则??
@@ -144,8 +147,8 @@ public class StaticRuleService {
throw new IllegalArgumentException("未知的静态规则ID");
}
if (!staticRuleObject.getAuditStatus().equals(AuditStatusEnum.AUDITED.getNum())) {
throw new IllegalStateException("无法修改该静态规则,因为其审核状态处于" + AuditStatusEnum.AUDITED);
if (staticRuleObject.getAuditStatus().equals(AuditStatusEnum.USING.getNum())) {
throw new IllegalStateException("无法修改该静态规则,因为其状态处于" + AuditStatusEnum.USING);
}
if (!RuleEnum.checkValidate(object)) {
@@ -241,7 +244,7 @@ public class StaticRuleService {
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
throw new IllegalArgumentException("invalid audit status");
}
Boolean success = staticRuleMapper.updateAuditStatusById(id, auditStatus, auditUserName, auditUserId, auditUserDepart);
Boolean success = staticRuleMapper.updateAuditStatusByIdWithUser(id, auditStatus, auditUserName, auditUserId, auditUserDepart);
//记录状态历史
insertStaticRuleStatusLog(id);
Map<String, Object> resultMap = new HashMap<>();

16
src/main/java/com/realtime/protection/server/task/status/StateHandler.java
View File

@@ -63,7 +63,12 @@ public class StateHandler {
protected Boolean handleStop(CommandService commandService, TaskService taskService, Long taskId) {
commandService.removeCommandsByTaskId(taskId);
taskService.updateDynamicRuleAuditStatusInTask(taskId, AuditStatusEnum.AUDITED);
// 要删去规则的used_task_id,因为在新建时检查了是否有重复使用的规则
taskService.removeDynamicRuleUsedTaskIdInTask(taskId);
taskService.updateStaticRuleAuditStatusInTask(taskId, AuditStatusEnum.AUDITED);
taskService.removeStaticRuleUsedTaskIdInTask(taskId);
return true;
}
@@ -84,7 +89,10 @@ public class StateHandler {
protected Boolean handleFailed(CommandService commandService, TaskService taskService, Long taskId) {
commandService.removeCommandsByTaskId(taskId);
taskService.updateDynamicRuleAuditStatusInTask(taskId, AuditStatusEnum.AUDITED);
// 要删去规则的used_task_id,因为在新建时检查了是否有重复使用的规则
taskService.removeDynamicRuleUsedTaskIdInTask(taskId);
taskService.updateStaticRuleAuditStatusInTask(taskId, AuditStatusEnum.AUDITED);
taskService.removeStaticRuleUsedTaskIdInTask(taskId);
return true;
}
@@ -95,7 +103,11 @@ public class StateHandler {
}
private Boolean handleDynamicTaskStart(TaskService taskService, Task task) {
// 将所有关联的动态规则审批状态修改为“已使用”
taskService.updateDynamicRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING);
return sendFilters(taskService, task);
// return true;
}
private Boolean handleStaticTaskStart(CommandService commandService, TaskService taskService, Task task) {
@@ -124,8 +136,8 @@ public class StateHandler {
dynamicTaskInfo.parseSql();
});
// 将所有关联的动态规则审批状态修改为“已使用”
taskService.updateDynamicRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING);
// // 将所有关联的动态规则审批状态修改为“已使用”
// taskService.updateDynamicRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING);
AtomicReference<Boolean> success = new AtomicReference<>(false);

57
src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java
View File

@@ -1,11 +1,15 @@
package com.realtime.protection.server.whitelist;
import com.alibaba.excel.EasyExcel;
import com.realtime.protection.configuration.entity.user.UserFull;
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
import com.realtime.protection.configuration.response.ResponseResult;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import jakarta.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -28,7 +32,17 @@ public class WhiteListController implements WhiteListControllerApi {
@Override
@PostMapping("/new")
public ResponseResult newWhitelistObject(@RequestBody @Valid WhiteListObject object) {
public ResponseResult newWhitelistObject(@RequestBody @Valid WhiteListObject object,
@Autowired HttpServletRequest request) {
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
if (user != null) {
object.setCreateUserName(user.name);
object.setAuditUserId(user.uid);
object.setCreateUserDepartment(user.getOrgName());
}
Integer whiteListObjectId = whiteListService.newWhiteListObject(object);
return ResponseResult.ok()
@@ -41,9 +55,12 @@ public class WhiteListController implements WhiteListControllerApi {
//post
@Override
@PostMapping("/upload")
public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException {
public ResponseResult uploadFile(MultipartFile uploadFile,
@Autowired HttpServletRequest request) throws IOException {
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
EasyExcel.read(uploadFile.getInputStream(), WhiteListObject.class,
new WhiteListDataListener(whiteListService)).sheet().doRead();
new WhiteListDataListener(whiteListService, user)).sheet().doRead();
return ResponseResult.ok();
}
@@ -164,14 +181,27 @@ public class WhiteListController implements WhiteListControllerApi {
//修改审核状态
@GetMapping("/{id}/audit/{auditStatus}")
public ResponseResult updateWhiteListObjectAuditStatus(@PathVariable Integer id,
@PathVariable Integer auditStatus) {
@PathVariable Integer auditStatus,
@Autowired HttpServletRequest request) {
if (id <= 0 || auditStatus < 0 || auditStatus > 2) {
return new ResponseResult(400, "id or status is invalid")
.setData("whiteobj_id", id)
.setData("success", false);
}
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.addDataMap(whiteListService.updateWhiteListObjectAuditStatus(id, auditStatus))
.addDataMap(whiteListService.updateWhiteListObjectAuditStatus(id, auditStatus,
auditUserName, auditUserId, auditUserDepart))
.setData("whiteobj_id", id);
}
@@ -223,7 +253,8 @@ public class WhiteListController implements WhiteListControllerApi {
*/
@Override
@PostMapping("/auditbatch")
public ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap) {
public ResponseResult updateWhiteListAuditStatusBatch(@Autowired HttpServletRequest request,
@RequestBody Map<Integer, Integer> idsWithAuditStatusMap) {
List<Integer> errorIds = new ArrayList<>();
for (Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
@@ -237,9 +268,21 @@ public class WhiteListController implements WhiteListControllerApi {
.setData("id", errorIds)
.setData("success", false);
}
//从http首部session字段获取用户信息
HttpSession session = request.getSession();
UserFull user = (UserFull) session.getAttribute("user");
String auditUserName = null;
Integer auditUserId = null;
String auditUserDepart = null;
if (user != null) {
auditUserName= user.name;
auditUserId = Integer.valueOf(user.uid);
auditUserDepart = user.getOrgName();
}
return ResponseResult.ok()
.setData("success", whiteListService.updateAuditStatusBatch(idsWithAuditStatusMap));
.setData("success", whiteListService.updateAuditStatusBatch(idsWithAuditStatusMap,
auditUserName, auditUserId, auditUserDepart));
}
@Override

14
src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java
View File

@@ -9,7 +9,9 @@ import io.swagger.v3.oas.annotations.media.ExampleObject;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
@@ -47,7 +49,8 @@ public interface WhiteListControllerApi {
requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(
description = "白名单信息")
)
ResponseResult newWhitelistObject(@RequestBody WhiteListObject object);
ResponseResult newWhitelistObject(@RequestBody WhiteListObject object,
@Autowired HttpServletRequest request);
@Operation(
summary = "批量导入白名单",
@@ -64,7 +67,8 @@ public interface WhiteListControllerApi {
requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(
description = "Excel文件")
)
ResponseResult uploadFile(MultipartFile uploadFile) throws IOException;
ResponseResult uploadFile(MultipartFile uploadFile,
@Autowired HttpServletRequest request) throws IOException;
@Operation(
summary = "下载白名单模板",
@@ -211,7 +215,8 @@ public interface WhiteListControllerApi {
}
)
ResponseResult updateWhiteListObjectAuditStatus(@PathVariable Integer id,
@PathVariable Integer auditStatus);
@PathVariable Integer auditStatus,
@Autowired HttpServletRequest request);
/*
@@ -318,7 +323,8 @@ public interface WhiteListControllerApi {
)
)
@PostMapping("/auditbatch")
ResponseResult updateWhiteListAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap);
ResponseResult updateWhiteListAuditStatusBatch(@Autowired HttpServletRequest request,
@RequestBody Map<Integer, Integer> idsWithAuditStatusMap);
@Operation(
summary = "更新审批意见",
description = "批量更新审批意见接收多个id",

11
src/main/java/com/realtime/protection/server/whitelist/WhiteListDataListener.java
View File

@@ -3,6 +3,7 @@ package com.realtime.protection.server.whitelist;
import com.alibaba.excel.context.AnalysisContext;
import com.alibaba.excel.read.listener.ReadListener;
import com.alibaba.excel.util.ListUtils;
import com.realtime.protection.configuration.entity.user.UserFull;
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
import lombok.extern.slf4j.Slf4j;
@@ -15,14 +16,22 @@ public class WhiteListDataListener implements ReadListener<WhiteListObject> {
private final List<WhiteListObject> cachedDataList = ListUtils.newArrayListWithExpectedSize(batchCount);
private final WhiteListService whiteListService;
private UserFull user;
public WhiteListDataListener(WhiteListService whiteListService) {
public WhiteListDataListener(WhiteListService whiteListService, UserFull user) {
this.whiteListService = whiteListService;
this.user = user;
}
@Override
public void invoke(WhiteListObject object, AnalysisContext analysisContext) {
log.info("解析到一条数据:{}", object.toString());
if (user != null) {
object.setCreateUserName(user.name);
object.setCreateUserId(user.uid);
object.setCreateUserDepartment(user.getOrgName());
}
cachedDataList.add(object);
if (cachedDataList.size() > batchCount) {
saveData();

14
src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java
View File

@@ -36,6 +36,8 @@ public interface WhiteListMapper {
Integer queryWhiteListObjectAuditStuatusById(Integer id);
Boolean updateWhiteListObjectAuditStatusWithUser(Integer id, Integer status, String auditUserName, Integer auditUserId, String auditUserDepart);
Boolean updateWhiteListObjectAuditStatus(Integer id, Integer status);
void newWhiteListObjects(@Param("whiteListObjects") List<WhiteListObject> whiteListBatch);
@@ -45,7 +47,7 @@ public interface WhiteListMapper {
List<WhiteListObject> whiteListCommandCheck(@Param("command") FiveTupleWithMask fiveTupleWithMaskInCommand);
Integer queryWhiteListTotalNum(String whiteListName, Integer whiteListId
, String systemName, Integer auditStatus, String creator);
, String systemName, Integer auditStatus, String creator);
List<WhiteListObject> whiteListCommandsCheck(List<TaskCommandInfo> taskCommandInfos);
@@ -57,7 +59,7 @@ public interface WhiteListMapper {
List<Integer> queryAuditStatusByIds(@Param("idsWithAuditStatusMap") Map<Integer, Integer> idsWithAuditStatusMap);
Boolean updateAuditInfo(@Param("ids")List<Integer> ids, @Param("auditInfo")String auditInfo);
Boolean updateAuditInfo(@Param("ids") List<Integer> ids, @Param("auditInfo") String auditInfo);
String queryWhiteListObjectAuditInfo(Integer id);
@@ -70,4 +72,12 @@ public interface WhiteListMapper {
void insertStatusLogBatch(List<Integer> ids);
List<WhiteListObject> queryHistory(Integer id, Integer page, Integer pageSize);
void createCommandWhiteListConnect(@Param("command_id") String commandId, @Param("whiteLists") List<WhiteListObject> whiteListsHit);
void updateAuditStatusByIdBatchWithUser(@Param("idWithAuditStatusBatch") Map<Integer, Integer> idWithAuditStatusBatch,
@Param("auditUserName") String auditUserName,
@Param("auditUserId") Integer auditUserId,
@Param("auditUserDepart") String auditUserDepart);
}

64
src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java
View File

@@ -186,7 +186,10 @@ public class WhiteListService {
}
@Transactional
public Map<String, Object> updateWhiteListObjectAuditStatus(Integer id, Integer auditStatus) {
public Map<String, Object> updateWhiteListObjectAuditStatus(Integer id, Integer auditStatus,
String auditUserName,
Integer auditUserId,
String auditUserDepart) {
//查询目前curStatus
Integer originalAuditStatus = whiteListMapper.queryWhiteListObjectAuditStuatusById(id);
if (originalAuditStatus == null){
@@ -197,7 +200,8 @@ public class WhiteListService {
throw new IllegalArgumentException("审核状态修改违规");
}
Boolean success = whiteListMapper.updateWhiteListObjectAuditStatus(id, auditStatus);
Boolean success = whiteListMapper.updateWhiteListObjectAuditStatusWithUser(id, auditStatus,
auditUserName, auditUserId, auditUserDepart);
insertStatusLog(id);
Map<String, Object> resultMap = new HashMap<>();
resultMap.put("success", success);
@@ -216,7 +220,61 @@ public class WhiteListService {
return whiteListMapper.queryAuditWhiteListTotalNum(auditStatus);
}
public Boolean updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap) {
public Boolean updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap,
String auditUserName, Integer auditUserId, String auditUserDepart ) {
//校验id和status是否合法
List<Integer> originalAuditStatusList = whiteListMapper.queryAuditStatusByIds(idsWithAuditStatusMap);
if (originalAuditStatusList == null || originalAuditStatusList.size() != idsWithAuditStatusMap.size()) {
throw new IllegalArgumentException("白名单id部分不存在");
}
int index = 0;
List<Integer> errorIds = new ArrayList<>();
for(Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
Integer id = entry.getKey();
Integer auditStatus = entry.getValue();
Integer originalAuditStatus = originalAuditStatusList.get(index);
index++;
if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) {
errorIds.add(id);
}
}
if (!errorIds.isEmpty()){
throw new IllegalArgumentException("白名单id无法修改为对应审核状态, 错误id: " + errorIds);
}
Function<WhiteListMapper, Function<Map<Integer, Integer>, Boolean>> updateWhiteListAuditStatusFunction =
mapper -> map -> {
if (map == null || map.isEmpty()) {
return false;
}
Map<Integer, Integer> idWithAuditStatusBatch = new HashMap<>();
for (Map.Entry<Integer, Integer> item : map.entrySet()) {
idWithAuditStatusBatch.put(item.getKey(), item.getValue());
if (idWithAuditStatusBatch.size() < 100) {
continue;
}
//mapper指的就是外层函数输入的参数也就是WhiteListMapper
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch,
auditUserName, auditUserId, auditUserDepart);
insertStatusLog(idWithAuditStatusBatch);
idWithAuditStatusBatch.clear();
}
if (!idWithAuditStatusBatch.isEmpty()) {
mapper.updateAuditStatusByIdBatchWithUser(idWithAuditStatusBatch,
auditUserName, auditUserId, auditUserDepart);
insertStatusLog(idWithAuditStatusBatch);
}
return true;
};
//实现事务操作
return sqlSessionWrapper.startBatchSession(WhiteListMapper.class, updateWhiteListAuditStatusFunction, idsWithAuditStatusMap);
}
public Boolean updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap ) {
//校验id和status是否合法
List<Integer> originalAuditStatusList = whiteListMapper.queryAuditStatusByIds(idsWithAuditStatusMap);
if (originalAuditStatusList == null || originalAuditStatusList.size() != idsWithAuditStatusMap.size()) {

336
src/main/resources/mappers/CommandMapper.xml
View File

@@ -52,6 +52,259 @@
)
</foreach>
</insert>
<insert id="createCommandInWhiteListHit">
insert into t_command_whitelist_hit(COMMAND_ID, TASK_ID, TASK_ACT, TASKNAME, EVENTTYPE, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY,
ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, PROTOCOL,
MASK_SRC_IP, MASK_SRC_PORT, MASK_DST_IP, MASK_DST_PORT, MASK_PROTOCOL, VALID_TIME,
INVALID_TIME, IS_VALID, IS_JUDGED,
SEND_TIMES, SUCCESS_TIMES, CREATE_TIME, LAST_UPDATE, IS_DELETED,
TASKTYPE, RULE_ID, display_id)
values (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.taskName}, #{info.eventType}, #{info.taskCreateDepart}, #{info.distributePoint},
#{info.frequency},
DEFAULT,
#{info.fiveTupleWithMask.sourceIP}, #{info.fiveTupleWithMask.sourcePort},
#{info.fiveTupleWithMask.destinationIP}, #{info.fiveTupleWithMask.destinationPort},
#{info.fiveTupleWithMask.protocolNum},
#{info.fiveTupleWithMask.maskSourceIP}, #{info.fiveTupleWithMask.maskSourcePort},
#{info.fiveTupleWithMask.maskDestinationIP}, #{info.fiveTupleWithMask.maskDestinationPort},
#{info.fiveTupleWithMask.maskProtocol},
#{info.startTime}, #{info.endTime}, #{info.isValid},
#{info.isJudged},
0, 0,
NOW(), NOW(), FALSE, #{info.taskType}, #{info.ruleId}, #{info.displayId}
)
</insert>
<insert id="insertCommandHistory">
insert into t_command_log(
effective_time,
expire_time,
TASK_ID,
RULE_ID,
COMMAND_ID,
TASKTYPE,
ADDR_TYPE,
SRC_IP,
SRC_PORT,
DST_IP,
DST_PORT,
PROTOCOL,
MASK_SRC_IP,
MASK_SRC_PORT,
MASK_DST_IP,
MASK_DST_PORT,
MASK_PROTOCOL,
TASK_ACT,
EVENTTYPE,
TASKNAME,
DISTRIBUTEPOINT,
DEPARTMENT,
FREQUENCY,
VALID_TIME,
INVALID_TIME,
IS_VALID,
IS_JUDGED,
SEND_TIMES,
SUCCESS_TIMES,
FIRST_SEND_TIME,
LAST_SEND_TIME,
CREATE_TIME,
LAST_UPDATE,
IS_DELETED,
RULE_NAME,
RCP_HIT_COUNT,
TOTAL_PACKET_NUM,
TOTAL_BYTE_NUM,
EFFECTIVE_EQUIPMENT_NUM,
AVERAGE_LATENCY,
MAX_LATENCY,
MIN_LATENCY,
c2s_pkt_num,
s2c_pkt_num,
c2s_byte_num,
s2c_byte_num,
display_id,
session_num,
first_effect_time,
last_rcp_query_time,
last_traffic_query_time
)
select
NOW(),
NULL,
TASK_ID,
RULE_ID,
COMMAND_ID,
TASKTYPE,
ADDR_TYPE,
SRC_IP,
SRC_PORT,
DST_IP,
DST_PORT,
PROTOCOL,
MASK_SRC_IP,
MASK_SRC_PORT,
MASK_DST_IP,
MASK_DST_PORT,
MASK_PROTOCOL,
TASK_ACT,
EVENTTYPE,
TASKNAME,
DISTRIBUTEPOINT,
DEPARTMENT,
FREQUENCY,
VALID_TIME,
INVALID_TIME,
IS_VALID,
IS_JUDGED,
SEND_TIMES,
SUCCESS_TIMES,
FIRST_SEND_TIME,
LAST_SEND_TIME,
CREATE_TIME,
LAST_UPDATE,
IS_DELETED,
RULE_NAME,
RCP_HIT_COUNT,
TOTAL_PACKET_NUM,
TOTAL_BYTE_NUM,
EFFECTIVE_EQUIPMENT_NUM,
AVERAGE_LATENCY,
MAX_LATENCY,
MIN_LATENCY,
c2s_pkt_num,
s2c_pkt_num,
c2s_byte_num,
s2c_byte_num,
display_id,
session_num,
first_effect_time,
last_rcp_query_time,
last_traffic_query_time
from t_command
where COMMAND_ID = #{command_id}
</insert>
<insert id="insertCommandHistoryBatch">
insert into t_command_log(
effective_time,
expire_time,
TASK_ID,
RULE_ID,
COMMAND_ID,
TASKTYPE,
ADDR_TYPE,
SRC_IP,
SRC_PORT,
DST_IP,
DST_PORT,
PROTOCOL,
MASK_SRC_IP,
MASK_SRC_PORT,
MASK_DST_IP,
MASK_DST_PORT,
MASK_PROTOCOL,
TASK_ACT,
EVENTTYPE,
TASKNAME,
DISTRIBUTEPOINT,
DEPARTMENT,
FREQUENCY,
VALID_TIME,
INVALID_TIME,
IS_VALID,
IS_JUDGED,
SEND_TIMES,
SUCCESS_TIMES,
FIRST_SEND_TIME,
LAST_SEND_TIME,
CREATE_TIME,
LAST_UPDATE,
IS_DELETED,
RULE_NAME,
RCP_HIT_COUNT,
TOTAL_PACKET_NUM,
TOTAL_BYTE_NUM,
EFFECTIVE_EQUIPMENT_NUM,
AVERAGE_LATENCY,
MAX_LATENCY,
MIN_LATENCY,
c2s_pkt_num,
s2c_pkt_num,
c2s_byte_num,
s2c_byte_num,
display_id,
session_num,
first_effect_time,
last_rcp_query_time,
last_traffic_query_time
)
select
NOW(),
NULL,
TASK_ID,
RULE_ID,
COMMAND_ID,
TASKTYPE,
ADDR_TYPE,
SRC_IP,
SRC_PORT,
DST_IP,
DST_PORT,
PROTOCOL,
MASK_SRC_IP,
MASK_SRC_PORT,
MASK_DST_IP,
MASK_DST_PORT,
MASK_PROTOCOL,
TASK_ACT,
EVENTTYPE,
TASKNAME,
DISTRIBUTEPOINT,
DEPARTMENT,
FREQUENCY,
VALID_TIME,
INVALID_TIME,
IS_VALID,
IS_JUDGED,
SEND_TIMES,
SUCCESS_TIMES,
FIRST_SEND_TIME,
LAST_SEND_TIME,
CREATE_TIME,
LAST_UPDATE,
IS_DELETED,
RULE_NAME,
RCP_HIT_COUNT,
TOTAL_PACKET_NUM,
TOTAL_BYTE_NUM,
EFFECTIVE_EQUIPMENT_NUM,
AVERAGE_LATENCY,
MAX_LATENCY,
MIN_LATENCY,
c2s_pkt_num,
s2c_pkt_num,
c2s_byte_num,
s2c_byte_num,
display_id,
session_num,
first_effect_time,
last_rcp_query_time,
last_traffic_query_time
from t_command
where COMMAND_ID IN
<foreach collection="commandIds" item="command_id" separator="," open="(" close=")">
#{command_id}
</foreach>
</insert>
<insert id="createCommandWhiteListConnect">
insert into t_white_list_command_conn(command_id, white_list_id)
values
<foreach collection="whiteLists" item="whiteList" separator=",">
(#{command_id}, #{whiteList.whiteListId})
</foreach>
</insert>
<resultMap id="commandStatMap" type="com.realtime.protection.configuration.entity.task.TaskCommandInfo">
<id column="COMMAND_ID" property="UUID"/>
@@ -151,6 +404,21 @@
WHERE COMMAND_ID = #{command_id}
AND IS_DELETED = FALSE
</update>
<update id="updateCommandHistoryExpireTime">
update t_command_log
set expire_time = NOW()
where COMMAND_ID = #{command_id}
and expire_time = NULL
</update>
<update id="updateCommandHistoryExpireTimeBatch">
update t_command_log
set expire_time = NOW()
where COMMAND_ID in
<foreach collection="commandIds" item="command_id" separator="," open="(" close=")">
#{command_id}
</foreach>
and expire_time = NULL
</update>
<select id="queryCommandInfo" resultType="java.lang.String">
SELECT COMMAND_ID FROM t_command
@@ -205,4 +473,72 @@
<if test="dst_port != null">AND DST_PORT = #{dst_port}</if>
</where>
</select>
<resultMap id="whiteListMap" type="com.realtime.protection.configuration.entity.whitelist.WhiteListObject">
<id column="white_list_id" property="whiteListId"/>
<result column="white_list_name" property="whiteListName"/>
<result column="white_list_system_name" property="whiteListSystemName"/>
<result column="white_list_ip_d" property="whiteListIP"/>
<result column="white_list_port" property="whiteListPort"/>
<result column="white_list_url" property="whiteListUrl"/>
<result column="white_list_protocol" property="whiteListProtocol"/>
<result column="white_list_audit_status" property="whiteListAuditStatus"/>
<result column="white_list_display_id" property="whiteListDisplayId"/>
<result column="create_time" property="createTime"/>
<result column="modify_time" property="modifyTime"/>
<result column="create_username" property="createUserName"/>
<result column="create_user_department" property="createUserDepartment"/>
<result column="create_user_id" property="createUserId"/>
<result column="audit_user_name" property="auditUserName"/>
<result column="audit_user_id" property="auditUserId"/>
<result column="audit_user_depart" property="auditUserDepart"/>
<result column="effective_time" property="effeciveTime"/>
<result column="expire_time" property="expireTime"/>
</resultMap>
<select id="whiteListCommandCheck" resultMap="whiteListMap">
select *,INET_NTOA(white_list_ip) as white_list_ip_d
from t_white_list
<where>
<if test="command.sourceIP != null and command.maskSourceIP == null">
(white_list_ip = INET_ATON(#{command.sourceIP})
<if test="command.sourcePort != null">
and white_list_port = CAST(#{command.sourcePort} AS UNSIGNED)
</if>
)
</if>
<if test="command.sourceIP != null and command.maskSourceIP != null">
(( white_list_ip &amp; INET_ATON(#{command.maskSourceIP})) =
(INET_ATON(#{command.sourceIP}) &amp; INET_ATON(#{command.maskSourceIP}))
<if test="command.sourcePort != null">
and white_list_port = CAST(#{command.sourcePort} AS UNSIGNED)
</if>
<if test="command.protocol != null">
and white_list_protocol = #{command.protocol}
</if>
)
</if>
<if test="command.destinationIP != null and command.maskDestinationIP == null">
or (white_list_ip = INET_ATON(#{command.destinationIP})
<if test="command.destinationPort != null">
and white_list_port = CAST(#{command.destinationPort} AS UNSIGNED)
</if>)
</if>
<if test="command.destinationIP != null and command.maskDestinationIP != null">
or ((white_list_ip &amp; INET_ATON(#{command.maskDestinationIP})) =
(INET_ATON(#{command.destinationIP}) &amp; INET_ATON(#{command.maskDestinationIP}))
<if test="command.destinationPort != null">
and white_list_port = CAST(#{command.destinationPort} AS UNSIGNED)
</if>)
</if>
</where>
</select>
</mapper>

2
src/main/resources/mappers/DynamicRuleMapper.xml
View File

@@ -109,7 +109,7 @@
)
select
dynamic_rule_id,
NOW() NULL,
NOW() ,NULL,
dynamic_rule_used_task_id,
dynamic_rule_name,
create_time,

28
src/main/resources/mappers/ProtectObjectMapper.xml
View File

@@ -201,7 +201,7 @@
SELECT protect_object_id,
protect_object_name,
protect_object_system_name,
INET_NTOA(protect_object_ip),
INET_NTOA(protect_object_ip) as protect_object_ip,
protect_object_port,
protect_object_url,
protect_object_protocol,
@@ -364,4 +364,30 @@
</foreach>
AND expire_time IS NULL
</update>
<update id="changeProtectObjectAuditStatusWithUser">
UPDATE t_protect_object
SET protect_object_audit_status = #{proobj_audit_status},
audit_user_name = #{auditUserName},
audit_user_id = #{auditUserId},
audit_user_deaprt = #{auditUserDepart},
modify_time = NOW()
WHERE protect_object_id = #{proobj_id}
</update>
<update id="updateAuditStatusByIdBatchWithUser">
update t_protect_object
set
modify_time = NOW(),
audit_user_id = #{auditUserId},
audit_user_name = #{auditUserName},
audit_user_depart = #{auditUserDepart},
protect_object_audit_status = CASE protect_object_id
<foreach collection="idWithAuditStatusBatch" index="id" item="auditStatus" separator=" ">
WHEN #{id} THEN #{auditStatus}
</foreach>
END
WHERE protect_object_id IN
<foreach collection="idWithAuditStatusBatch" index="id" open="(" separator="," close=")">
#{id}
</foreach>
</update>
</mapper>

51
src/main/resources/mappers/StaticRuleMapper.xml
View File

@@ -14,7 +14,7 @@
static_rule_protocol, static_rule_mprotocol, static_rule_dns,
static_rule_url, static_rule_priority,
static_rule_frequency, static_rule_audit_status,
static_rule_display_id,event_type)
static_rule_display_id,event_type,static_rule_modify_time)
values (#{object.staticRuleName}, #{object.staticRuleCreateTime}, #{object.staticRuleCreateUsername},
#{object.staticRuleCreateDepart}, #{object.staticRuleCreateUserId}, INET_ATON(#{object.staticRuleSip}),
INET_ATON(#{object.staticRuleMsip}), #{object.staticRuleSport}, #{object.staticRuleMsport},
@@ -23,7 +23,7 @@
#{object.staticRuleDns}, #{object.staticRuleURL}, #{object.staticRulePriority},
#{object.staticRuleFrequency},
#{object.auditStatus},
#{object.staticRuleDisplayId},#{object.eventType})
#{object.staticRuleDisplayId},#{object.eventType},NOW())
</insert>
<insert id="newStaticRules" useGeneratedKeys="true" keyProperty="staticRuleId"
keyColumn="static_rule_id" parameterType="com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject">
@@ -216,8 +216,9 @@
</if>
<if test="object.eventType != null and object.eventType != ''">
event_type = #{eventType},
event_type = #{object.eventType},
</if>
static_rule_audit_status = #{object.auditStatus},
static_rule_modify_time = NOW()
@@ -225,7 +226,7 @@
where static_rule_id = #{id}
</update>
<update id="updateAuditStatusById">
<update id="updateAuditStatusByIdWithUser">
update t_static_rule
set static_rule_modify_time = NOW(),
static_rule_audit_status = #{auditStatus},
@@ -295,6 +296,12 @@
set static_rule_used_task_id = NULL
where static_rule_used_task_id = #{taskId}
</update>
<update id="updateAuditStatusById">
update t_static_rule
set static_rule_modify_time = NOW(),
static_rule_audit_status = #{auditStatus}
where static_rule_id = #{id}
</update>
<delete id="deleteStaticRules">
delete from t_static_rule
@@ -399,7 +406,11 @@
</select>
<select id="queryStaticRuleById" resultMap="staticRuleMap">
SELECT *
SELECT *,
INET_NTOA(static_rule_sip) as static_rule_sip_d,
INET_NTOA(static_rule_msip) as static_rule_msip_d,
INET_NTOA(static_rule_dip) as static_rule_dip_d,
INET_NTOA(static_rule_mdip) as static_rule_mdip_d
FROM t_static_rule
left join t_task on t_static_rule.static_rule_used_task_id = t_task.task_id
WHERE static_rule_id = #{id}
@@ -508,5 +519,35 @@
ORDER BY effective_time DESC
LIMIT ${(page - 1) * pageSize}, #{pageSize}
</select>
<!-- <select id="queryStaticRuleRepeat" resultType="java.lang.Boolean">-->
<!-- SELECT COUNT(*)-->
<!-- FROM t_static_rule-->
<!-- WHERE-->
<!-- <if test="sip != null and sip != ''">-->
<!-- static_rule_sip = INET_ATON(#{sip})-->
<!-- </if>-->
<!-- <if test="dip != null and dip != ''">-->
<!-- AND static_rule_dip = INET_ATON(#{dip})-->
<!-- </if>-->
<!-- <if test="sport != null">-->
<!-- AND static_rule_sport = #{sport}-->
<!-- </if>-->
<!-- <if test="dport != null">-->
<!-- AND static_rule_dport = #{dport}-->
<!-- </if>-->
<!-- <if test="protocol != null">-->
<!-- AND static_rule_protocol = #{protocol}-->
<!-- </if>-->
<!-- <if test="dns != null and dns != ''">-->
<!-- AND static_rule_dns = #{dns}-->
<!-- </if>-->
<!-- <if test="url != null and url != ''">-->
<!-- AND static_rule_url = #{url} -->
<!-- </if>-->
<!-- <if test="eventType != null">-->
<!-- AND event_type = #{eventType}-->
<!-- </if>-->
<!-- -->
<!-- </select>-->
</mapper>

45
src/main/resources/mappers/TemplateNewMapper.xml
View File

@@ -177,7 +177,12 @@
</update>
<update id="updateAuditStatusById">
UPDATE t_strategy_template_new
SET audit_status = #{auditStatus}
SET
modify_time = NOW(),
audit_status = #{auditStatus},
audit_user_name = #{auditUserName},
audit_user_depart = #{auditUserDepart}
audit_user_id = #{auditUserId}
WHERE strategy_template_id = #{id}
</update>
@@ -216,6 +221,22 @@
</foreach>
and expire_time is null
</update>
<update id="updateAuditStatusByIdBatchWithUser">
update t_strategy_template_new
set
modify_time = NOW(),
audit_user_name = #{auditUserName},
audit_user_depart = #{auditUserDepart},
audit_user_id = #{auditUserId}
<foreach collection="idWithAuditStatusBatch" index="id" item="auditStatus" separator=" ">
WHEN #{id} THEN #{auditStatus}
</foreach>
END
where strategy_template_id in
<foreach collection="idWithAuditStatusBatch" index="id" open="(" separator="," close=")">
#{id}
</foreach>
</update>
<resultMap id="templateMap" type="com.realtime.protection.configuration.entity.defense.template.TemplateNew">
@@ -251,13 +272,23 @@
<result column="is_protect_object_dst" property="isProtectObjectDst"/>
<result column="is_protect_object_src" property="isProtectObjectSrc"/>
<result column="strategy_template_display_id" property="templateDisplayId"/>
<result column="effective_time" property="effeciveTime"/>
<result column="expire_time" property="expireTime"/>
</resultMap>
<select id="queryTemplates" resultMap="templateMap">
SELECT * FROM t_strategy_template_new
SELECT * ,
(SELECT COUNT(DISTINCT task_id) FROM t_task
WHERE t_task.template_id = strategy_template_id
AND t_task.task_status = 2)
AS strategy_template_running_tasks,
(SELECT COUNT(DISTINCT task_id) FROM t_task
WHERE template_id = strategy_template_id)
AS strategy_template_used_times
FROM t_strategy_template_new
<where>
<if test="source_system != null and source_system != '' ">
AND strategy_template_source_system = #{source_system}
@@ -286,7 +317,15 @@
</select>
<select id="queryTemplate" resultMap="templateMap">
SELECT * FROM t_strategy_template_new
SELECT *,
(SELECT COUNT(DISTINCT task_id) FROM t_task
WHERE t_task.template_id = #{template_id}
AND t_task.task_status = 2)
AS strategy_template_running_tasks,
(SELECT COUNT(DISTINCT task_id) FROM t_task
WHERE template_id = #{template_id})
AS strategy_template_used_times
FROM t_strategy_template_new
<where>
strategy_template_id = #{template_id}
</where>

59
src/main/resources/mappers/WhiteListMapper.xml
View File

@@ -23,13 +23,17 @@
insert into t_white_list(white_list_name, white_list_system_name,
white_list_ip, white_list_port,
white_list_url, white_list_protocol,
white_list_audit_status, create_time, white_list_display_id)
white_list_audit_status, create_time, white_list_display_id,
create_username, create_user_department,
create_user_id)
values
<foreach collection="whiteListObjects" item="object" separator=",">
(#{object.whiteListName}, #{object.whiteListSystemName},
INET_ATON(#{object.whiteListIP}), #{object.whiteListPort},
#{object.whiteListUrl}, #{object.whiteListProtocol},
0, NOW(), #{object.whiteListDisplayId})
0, NOW(), #{object.whiteListDisplayId},
#{object.createUserName}, #{object.createUserDepartment},
#{object.createUserId}
</foreach>
</insert>
<insert id="insertStatusLog">
@@ -126,6 +130,13 @@
</foreach>
</insert>
<insert id="createCommandWhiteListConnect">
insert into t_white_list_command_conn(command_id, white_list_id)
values
<foreach collection="whiteLists" item="whiteList" separator=",">
(#{command_id}, #{whiteList.whiteListId})
</foreach>
</insert>
<delete id="deleteWhiteListObjects">
delete from t_white_list
@@ -257,6 +268,22 @@
</foreach>
and expire_time is null
</update>
<update id="updateAuditStatusByIdBatchWithUser">
update t_white_list
set white_list_audit_status = CASE white_list_id
<foreach collection="idWithAuditStatusBatch" index="id" item="auditStatus" separator=" ">
WHEN #{id} THEN #{auditStatus}
</foreach>
END,
audit_user_name = #{auditUserName},
audit_user_id = #{auditUserId},
audit_user_depart = #{auditUserDepart},
modify_time = NOW()
WHERE white_list_id IN
<foreach collection="idsWithAuditStatusMap" index="id" open="(" separator="," close=")">
#{id}
</foreach>
</update>
<select id="existWhiteListObject" resultType="java.lang.String">
select CONCAT(INET_NTOA(white_list_ip)," ", CAST(white_list_port)," ", white_list_url)
@@ -322,6 +349,7 @@
<select id="whiteListCommandCheck" resultMap="whiteListMap">
select *,INET_NTOA(white_list_ip) as white_list_ip_d
from t_white_list
<where>
@@ -392,27 +420,46 @@
(white_list_ip = INET_ATON(#{command.fiveTupleWithMask.sourceIP})
<if test="command.fiveTupleWithMask.sourcePort != null">
and white_list_port = CAST(#{command.fiveTupleWithMask.sourcePort} AS UNSIGNED)
</if>)
</if>
<if test="command.fiveTupleWithMask.protocolNum != null">
and white_list_protocol = #{command.fiveTupleWithMask.protocolNum}
</if>
)
</if>
<if test="command.fiveTupleWithMask.sourceIP != null and command.fiveTupleWithMask.maskSourceIP != null">
(( white_list_ip &amp; INET_ATON(#{command.fiveTupleWithMask.maskSourceIP})) =
(INET_ATON(#{command.fiveTupleWithMask.sourceIP}) &amp; INET_ATON(#{command.fiveTupleWithMask.maskSourceIP}))
<if test="command.fiveTupleWithMask.sourcePort != null">
and white_list_port = CAST(#{command.fiveTupleWithMask.sourcePort} AS UNSIGNED)
</if>)
</if>
<if test="command.fiveTupleWithMask.protocolNum != null">
and white_list_protocol = #{command.fiveTupleWithMask.protocolNum}
</if>
<if test="command.fiveTupleWithMask.protocolNum != null">
and white_list_protocol = #{command.fiveTupleWithMask.protocolNum}
</if>
)
</if>
<if test="command.fiveTupleWithMask.destinationIP != null and command.fiveTupleWithMask.maskDestinationIP == null">
or (white_list_ip = INET_ATON(#{command.fiveTupleWithMask.destinationIP})
<if test="command.fiveTupleWithMask.destinationPort != null">
and white_list_port = CAST(#{command.fiveTupleWithMask.destinationPort} AS UNSIGNED)
</if>)
</if>
<if test="command.fiveTupleWithMask.protocolNum != null">
and white_list_protocol = #{command.fiveTupleWithMask.protocolNum}
</if>
)
</if>
<if test="command.fiveTupleWithMask.destinationIP != null and command.fiveTupleWithMask.maskDestinationIP != null">
or ((white_list_ip &amp; INET_ATON(#{command.fiveTupleWithMask.maskDestinationIP})) =
(INET_ATON(#{command.fiveTupleWithMask.destinationIP}) &amp; INET_ATON(#{command.fiveTupleWithMask.maskDestinationIP}))
<if test="command.fiveTupleWithMask.destinationPort != null">
and white_list_port = CAST(#{command.fiveTupleWithMask.destinationPort} AS UNSIGNED)
</if>)
</if>
<if test="command.fiveTupleWithMask.protocolNum != null">
and white_list_protocol = #{command.fiveTupleWithMask.protocolNum}
</if>
)
</if>
</foreach>
</where>

2
src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
View File

@@ -1,5 +1,6 @@
package com.realtime.protection.server.alertmessage;
import com.baomidou.dynamic.datasource.annotation.DSTransactional;
import com.github.xiaoymin.knife4j.annotations.Ignore;
import com.realtime.protection.configuration.entity.alert.AlertMessage;
import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
@@ -45,6 +46,7 @@ public class AlertMessageTest {
@Ignore
@Test
@DSTransactional
void testReceiveAlertMessage() throws DorisStartException {
for(int n = 10;n < 20;n++) {

43
src/test/java/com/realtime/protection/server/whitelist/WhiteListServiceTest.java
View File

@@ -104,36 +104,29 @@ class WhiteListServiceTest extends ProtectionApplicationTests {
@Test
void testWhiteListStaticRulesCheck() {
// StaticRuleObject staticRuleTest = new StaticRuleObject();
// staticRuleTest.setStaticRuleName("test_staticrule");
// staticRuleTest.setStaticRuleCreateTime(LocalDateTime.now());
// staticRuleTest.setStaticRuleCreateUsername("mh");
// staticRuleTest.setStaticRuleCreateDepart("mmeess");
// staticRuleTest.setStaticRuleCreateUserId(2);
// staticRuleTest.setAuditStatus(0);
//
// staticRuleTest.setStaticRuleSip("1.1.2.3");
StaticRuleObject staticRuleTest = new StaticRuleObject();
staticRuleTest.setStaticRuleName("test__白名单");
staticRuleTest.setStaticRuleCreateUsername("mh");
staticRuleTest.setStaticRuleCreateDepart("mmeess");
staticRuleTest.setAuditStatus(2);
staticRuleTest.setStaticRuleSip("1.13.2.3");
// staticRuleTest.setStaticRuleSport(80);
//
// staticRuleTest.setStaticRulePriority(1);
// staticRuleTest.setStaticRuleFrequency(1);
//// staticRuleTest.setStaticRuleRange("北京");
//
// Integer id = staticRuleService.newStaticRuleObject(staticRuleTest);
// List<Integer> ruleIds = new ArrayList<>(List.of(id));
Integer id = staticRuleService.newStaticRuleObject(staticRuleTest);
List<Integer> ruleIds = new ArrayList<>(List.of(id));
// List<StaticRuleObject> staticRules= staticRuleService.queryStaticRule(null,null,null,null,null,null, null, null,1,2);
// for (StaticRuleObject staticRule : staticRules) {
// ruleIds.add(staticRule.getStaticRuleId());
// }
// whiteListObject = new WhiteListObject();
// whiteListObject.setWhiteListName("test");
// whiteListObject.setWhiteListSystemName("china");
// whiteListObject.setWhiteListIP("1.1.2.3");
// whiteListObject.setWhiteListPort(80);
// whiteListObject.setWhiteListUrl("www.baidu.com");
// whiteListObject.setWhiteListProtocol("TCP");
// whiteListService.newWhiteListObject(whiteListObject);
// System.out.println(whiteListService.whiteListStaticRulesCheck(ruleIds));
whiteListObject = new WhiteListObject();
whiteListObject.setWhiteListName("test");
whiteListObject.setWhiteListSystemName("china");
whiteListObject.setWhiteListIP("1.13.2.3");
whiteListObject.setWhiteListPort(80);
whiteListObject.setWhiteListUrl("www.baidu.com");
whiteListObject.setWhiteListProtocol("6");
whiteListService.newWhiteListObject(whiteListObject);
System.out.println(whiteListService.whiteListStaticRulesCheck(ruleIds));
}
@Test