From 3e7dd3a2bed3a13d2a1b7204d0e1873351f936b5 Mon Sep 17 00:00:00 2001 From: PushM <584406942@qq.com> Date: Mon, 29 Apr 2024 01:27:36 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E9=9D=99=E6=80=81=E8=A7=84=E5=88=99?= =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=92=8C=E4=BF=AE=E6=94=B9=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E7=99=BD=E5=90=8D=E5=8D=95=E8=A7=84=E5=88=99=E5=86=B2=E7=AA=81?= =?UTF-8?q?=E6=A3=80=E6=9F=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../rule/staticrule/StaticRuleService.java | 28 +++++++++++++++---- .../server/whitelist/WhiteListService.java | 6 ++++ .../staticrule/StaticRuleServiceTest.java | 5 ++-- 3 files changed, 31 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java index 8e3f832..e5dab88 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java @@ -2,10 +2,12 @@ package com.realtime.protection.server.rule.staticrule; import com.alibaba.excel.util.ListUtils; import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; +import com.realtime.protection.configuration.entity.whitelist.WhiteListObject; import com.realtime.protection.configuration.utils.SqlSessionWrapper; import com.realtime.protection.configuration.utils.enums.RuleEnum; import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator; +import com.realtime.protection.server.whitelist.WhiteListService; import lombok.SneakyThrows; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -14,10 +16,7 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.nio.ByteBuffer; import java.time.LocalDateTime; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Objects; +import java.util.*; import java.util.function.Function; @Service @@ -25,11 +24,13 @@ public class StaticRuleService { private final StaticRuleMapper staticRuleMapper; private final SqlSessionWrapper sqlSessionWrapper; + private final WhiteListService whiteListService; - public StaticRuleService(StaticRuleMapper staticRuleMapper, SqlSessionWrapper sqlSessionWrapper) { + public StaticRuleService(StaticRuleMapper staticRuleMapper, SqlSessionWrapper sqlSessionWrapper, WhiteListService whiteListService) { this.staticRuleMapper = staticRuleMapper; this.sqlSessionWrapper = sqlSessionWrapper; + this.whiteListService = whiteListService; } private static int ipToInt(String ip) { @@ -69,6 +70,14 @@ public class StaticRuleService { if (!RuleEnum.checkValidate(object)) { throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则"); } + List staticRuleObjects = new ArrayList<>(); + staticRuleObjects.add(object); + List whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects); + if (!whiteListsHit.isEmpty()) { + StringBuilder result = new StringBuilder(); + whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" ")); + throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:"+result.toString().trim()); + } staticRuleMapper.newStaticRuleObject(object); return object.getStaticRuleId(); @@ -122,6 +131,15 @@ public class StaticRuleService { throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则"); } + List staticRuleObjects = new ArrayList<>(); + staticRuleObjects.add(object); + List whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects); + if (!whiteListsHit.isEmpty()) { + StringBuilder result = new StringBuilder(); + whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" ")); + throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:"+result.toString().trim()); + } + //判断当前静态规则是否能够修改---是否存在任务选择的静态规则?? //按id查询该静态规则的used_task_id字段,如果不为空,则不能修改 object.setStaticRuleModifyTime(LocalDateTime.now()); diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java index 4057e3c..ded354f 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java @@ -157,6 +157,12 @@ public class WhiteListService { List staticRuleObjects = staticRuleMapper.queryStaticRuleByIds(staticRuleId); return whiteListMapper.whiteListCStaticRulesCheck(staticRuleObjects); + } + public List whiteListStaticRulesObjectCheck(List staticRuleObjects) { + //参数应该是指令,不管动态静态 + // 命中的whitelist列表:每一列包含ip port url + return whiteListMapper.whiteListCStaticRulesCheck(staticRuleObjects); + } @Transactional diff --git a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java index 23466c6..cb5c99b 100644 --- a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java +++ b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java @@ -32,12 +32,11 @@ public class StaticRuleServiceTest extends ProtectionApplicationTests { staticRuleTest.setStaticRuleCreateUserId(2); staticRuleTest.setAuditStatus(0); - staticRuleTest.setStaticRuleSip("1.1.2.0"); - staticRuleTest.setStaticRuleMsip("255.255.255.0"); + staticRuleTest.setStaticRuleSip("2.2.2.2"); // staticRuleTest.setStaticRuleDip("1.1.1.2"); // staticRuleTest.setStaticRuleMdip("255.255.255.0"); - staticRuleTest.setStaticRuleSport(80); + staticRuleTest.setStaticRuleSport(11); staticRuleTest.setStaticRulePriority(1); staticRuleTest.setStaticRuleFrequency(1);