diff --git a/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java b/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java index 19ab1c9..053d768 100644 --- a/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java +++ b/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java @@ -37,6 +37,11 @@ public class AuditAdvice implements ResponseBodyAdvice { // .baseUrl("http://10.58.44.241:1888/api/chanct-log/audit-xgs") .build(); + @Data + @AllArgsConstructor + private static class AuditRes{ + private AuditData auditBase; + } @Data @AllArgsConstructor private static class AuditData { @@ -48,6 +53,8 @@ public class AuditAdvice implements ResponseBodyAdvice { private String action; private String res; private String content; + + private String userIp; } @Override @@ -57,16 +64,21 @@ public class AuditAdvice implements ResponseBodyAdvice { } @Override - public ResponseResult beforeBodyWrite(ResponseResult body, MethodParameter returnType, MediaType selectedContentType, Class> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) { + if (request.getURI().getPath().contains("query")){ + return body; + } + AuditData auditData = getAuditData(body, request); + + AuditRes auditRes = new AuditRes(auditData); log.info("auditData-----------:"+auditData); Mono mono = webClient .post() .uri("/save") - .bodyValue(auditData) + .bodyValue(auditRes) .exchangeToMono(res -> { if (res.statusCode().equals(HttpStatus.OK)) { log.info("发送审计日志成功:{}",res.statusCode()); @@ -87,13 +99,14 @@ public class AuditAdvice implements ResponseBodyAdvice { private static AuditData getAuditData(ResponseResult body, ServerHttpRequest request) { HttpSession session = ((ServletServerHttpRequest) request).getServletRequest().getSession(); AuditData auditData; - if(session!=null || session.getAttribute("user")==null){ + if(session==null || session.getAttribute("user")==null){ auditData = new AuditData( - "xxx","xxx","xxx","xxx", + "0000000","0000000","not-login","not-login", request.getURI().getPath(), request.getMethod().toString(), body.getCode()==200?"成功":"失败", - body.getMessage() + body.getData().toString(), + "172.16.1.202" ); }else { UserFull user = (UserFull) session.getAttribute("user"); @@ -102,14 +115,15 @@ public class AuditAdvice implements ResponseBodyAdvice { request.getURI().getPath(), request.getMethod().toString(), body.getCode()==200?"成功":"失败", - body.getMessage() + body.getData().toString(), + "172.16.1.202" ); } return auditData; } private static void handleMono(String result) { - log.debug("审计服务器返回结果:" + result); + log.info("审计服务器返回结果:" + result); } } diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java index 736d779..f927b05 100644 --- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java +++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java @@ -46,12 +46,27 @@ public class AlertMessageController //告警信息审计接口 @PostMapping("/auditInfo/{id}") public ResponseResult updateAuditInfo(@PathVariable String id, - @RequestBody Map auditInfo) { - if (auditInfo.get("auditInfo") == null || auditInfo.get("auditInfo").isEmpty()) { + @RequestBody Map auditInfo) { + if (auditInfo.get("auditInfo") == null ) { return ResponseResult.ok(); } return ResponseResult.ok() - .setData("success", alertMessageService.updateAuditInfo(id, auditInfo.get("auditInfo"))); + .setData("success", + alertMessageService.updateAuditInfo( + id, auditInfo.get("auditInfo").toString())); + } + + //告警信息审计接口 + @PostMapping("/auditInfo2/{id}") + public ResponseResult updateAuditInfo2(@PathVariable String id, + @RequestBody Map> auditInfo) { + if (auditInfo.get("auditInfo").get(0) == null || + auditInfo.get("auditInfo").get(0) .isEmpty()) { + return ResponseResult.ok(); + } + return ResponseResult.ok() + .setData("success", + alertMessageService.updateAuditInfo(id, auditInfo.get("auditInfo").get(0))); } diff --git a/src/main/java/com/realtime/protection/server/command/CommandMapper.java b/src/main/java/com/realtime/protection/server/command/CommandMapper.java index c73c8e4..ef480fd 100644 --- a/src/main/java/com/realtime/protection/server/command/CommandMapper.java +++ b/src/main/java/com/realtime/protection/server/command/CommandMapper.java @@ -60,4 +60,6 @@ public interface CommandMapper { void createCommandWhiteListConnect(@Param("command_id") String uuid, @Param("whiteLists") List whiteListsHit); void updateCommandIsJudgedIfIgnoreThisTime(@Param("command_id") String commandUUID); + + Integer queryCommandIsJudged(String uuid); } diff --git a/src/main/java/com/realtime/protection/server/command/CommandService.java b/src/main/java/com/realtime/protection/server/command/CommandService.java index 456aa30..de3d56a 100644 --- a/src/main/java/com/realtime/protection/server/command/CommandService.java +++ b/src/main/java/com/realtime/protection/server/command/CommandService.java @@ -17,6 +17,7 @@ import java.time.format.DateTimeFormatter; import java.util.Collections; import java.util.List; import java.util.UUID; +import java.util.concurrent.atomic.AtomicInteger; import java.util.function.Function; @Service @@ -59,24 +60,29 @@ public class CommandService { commandMapper.createCommandInWhiteListHit(commandInfo); commandMapper.createCommandWhiteListConnect(commandInfo.getUUID(), whiteListsHit); //写入历史表 - insertCommandHistory(commandInfo.getUUID()); + //insertCommandHistory(commandInfo.getUUID()); return commandInfo.getUUID(); } commandInfo.setUUID(UUID.randomUUID().toString()); commandMapper.createCommand(commandInfo); //写入历史表 - insertCommandHistory(commandInfo.getUUID()); + //insertCommandHistory(commandInfo.getUUID()); return commandInfo.getUUID(); } @DSTransactional public String createCommand2(TaskCommandInfo commandInfo, Integer isJudged) { String uuid = commandMapper.queryCommandInfo(commandInfo); + //如果指令已经存在,除了研判状态为2,时需要改为0,其他情况都直接返回uuid if (uuid != null) { if (isJudged == 0){ - //研判后任务,将本次忽略的指令设置为待研判 - commandMapper.updateCommandIsJudgedIfIgnoreThisTime(uuid); + //研判后任务,查询指令当前研判状态 + Integer originalIsJudged = commandMapper.queryCommandIsJudged(uuid); + //如果研判状态为2,表示之前设置了本次忽略,那这次生成指令后,将其研判状态改为0,需要再次研判 + if (originalIsJudged == 2){ + commandMapper.updateCommandIsJudgedIfIgnoreThisTime(uuid); + } } return uuid; } @@ -94,14 +100,14 @@ public class CommandService { commandMapper.createCommandInWhiteListHit(commandInfo); commandMapper.createCommandWhiteListConnect(commandInfo.getUUID(), whiteListsHit); //写入历史表 - insertCommandHistory(commandInfo.getUUID()); + //insertCommandHistory(commandInfo.getUUID()); return commandInfo.getUUID(); } commandInfo.setUUID(UUID.randomUUID().toString()); commandMapper.createCommand(commandInfo); - //写入历史表 - insertCommandHistory(commandInfo.getUUID()); + //写入历史表,避免t_command_log表并发update冲突,这里先不写入历史表 + //insertCommandHistory(commandInfo.getUUID()); //发送指令新建信号...实时任务 isJudged=1 才首次立刻下发 try { @@ -128,7 +134,7 @@ public class CommandService { public List createCommands(List taskCommandInfos) { List commandUUIDs = ListUtils.newArrayListWithExpectedSize(taskCommandInfos.size()); - + AtomicInteger i = new AtomicInteger(); Function, Boolean>> function = mapper -> list -> { List taskCommandInfoBatch = ListUtils.newArrayListWithExpectedSize(BatchSize); for (TaskCommandInfo info : list) { @@ -145,15 +151,16 @@ public class CommandService { if (taskCommandInfoBatch.size() < BatchSize) { continue; } + System.out.println("batch insert " + i.getAndIncrement()); //因为createCommands只用于静态规则生成command,静态规则已经检查了白名单,所以不检查了 commandMapper.createCommands(taskCommandInfoBatch); - insertCommandHistoryBatch(taskCommandInfoBatch); + //insertCommandHistoryBatch(taskCommandInfoBatch); taskCommandInfoBatch.clear(); } if (!taskCommandInfoBatch.isEmpty()) { commandMapper.createCommands(taskCommandInfoBatch); - insertCommandHistoryBatch(taskCommandInfoBatch); + //insertCommandHistoryBatch(taskCommandInfoBatch); taskCommandInfoBatch.clear(); } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java index 01b87ee..0afe67e 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java @@ -75,7 +75,7 @@ public interface StaticRuleMapper { void insertStaticRuleStatusLogBatch(List ids); - void updateStaticRuleStatusLogExpireTimeBatch(List ids); + void updateStaticRuleStatusLogExpireTimeBatch(@Param("ids") List ids); List queryHistory(Integer id, Integer page, Integer pageSize); diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java index b5b862a..019794d 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java @@ -68,15 +68,17 @@ public class StaticRuleService { // object.setStaticRuleCreateTime(LocalDateTime.now()); object.setAuditStatus(0); + if (object.getStaticRuleDns() == null && object.getStaticRuleURL() == null) { + + if (!isIpMaskValid(object.getStaticRuleSip(), object.getStaticRuleMsip()) || + !isIpMaskValid(object.getStaticRuleDip(), object.getStaticRuleMdip()) + ) { + throw new IllegalArgumentException("IP和IP掩码不匹配"); + } + if (!RuleEnum.checkValidate(object)) { + throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则"); + } - if (!isIpMaskValid(object.getStaticRuleSip(),object.getStaticRuleMsip()) || - !isIpMaskValid(object.getStaticRuleDip(),object.getStaticRuleMdip()) - ){ - throw new IllegalArgumentException("IP和IP掩码不匹配"); - } - if (!RuleEnum.checkValidate(object)) { - throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则"); - } // if(!staticRuleMapper.queryStaticRuleRepeat(object)){ // throw new IllegalArgumentException("静态规则重复"); @@ -84,15 +86,15 @@ public class StaticRuleService { /* 新建静态规则,过一下白名单审核 */ - List staticRuleObjects = new ArrayList<>(); - staticRuleObjects.add(object); - List whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects); - if (!whiteListsHit.isEmpty()) { - StringBuilder result = new StringBuilder(); - whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" ")); - throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:"+result.toString().trim()); + List staticRuleObjects = new ArrayList<>(); + staticRuleObjects.add(object); + List whiteListsHit = whiteListService.whiteListStaticRulesObjectCheck(staticRuleObjects); + if (!whiteListsHit.isEmpty()) { + StringBuilder result = new StringBuilder(); + whiteListsHit.forEach(item -> result.append(item.getWhiteListName()).append(" ")); + throw new IllegalArgumentException("静态规则与白名单规则冲突,冲突白名单名称:" + result.toString().trim()); + } } - object.setStaticRuleDisplayId( "JTGZ-" + LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyyMMdd")) diff --git a/src/main/java/com/realtime/protection/server/task/TaskService.java b/src/main/java/com/realtime/protection/server/task/TaskService.java index 68b930a..f58d4d8 100644 --- a/src/main/java/com/realtime/protection/server/task/TaskService.java +++ b/src/main/java/com/realtime/protection/server/task/TaskService.java @@ -156,12 +156,12 @@ public class TaskService { } mapper.updateAuditStatusByIdBatch(batchMap); - insertStaticRuleStatusLog(batchMap); +// insertStaticRuleStatusLog(batchMap); batchMap.clear(); } mapper.updateAuditStatusByIdBatch(batchMap); - insertStaticRuleStatusLog(batchMap); +// insertStaticRuleStatusLog(batchMap); batchMap.clear(); return null; @@ -570,7 +570,7 @@ public class TaskService { Set keys = idWithAuditStatusBatch.keySet(); ArrayList ids = new ArrayList<>(keys); - staticRuleMapper.updateStaticRuleStatusLogExpireTimeBatch(ids); +// staticRuleMapper.updateStaticRuleStatusLogExpireTimeBatch(ids); staticRuleMapper.insertStaticRuleStatusLogBatch(ids); } public void insertDynamicRuleStatusLog(Map idWithAuditStatusBatch) { diff --git a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java index 2feb17c..510ae2c 100644 --- a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java +++ b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java @@ -129,13 +129,29 @@ public class StateHandler { // 如果是实时任务或者研判后处置任务,那么就需要在任务启动之后,立刻向动态规则中指定的系统发送日志筛选请求。 // 筛选完成后,系统返回日志,需要由接收端点提取字段,并且合成一条静态规则,再按照任务开始时间、结束时间和任务类型进行指令创建 private Boolean handleJudgedTaskStart(TaskService taskService, Task task) { -// return sendFilters(taskService, task); - return true; + // 将所有关联的动态规则审批状态修改为“已使用” + taskService.updateDynamicRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING); + try { + sendFilters(taskService, task); + } catch (Exception e) { + log.error(String.format("研判后任务%d 发送筛选条件出错",task.getTaskId())); + log.error(e.getMessage()); + return true; + } + return sendFilters(taskService, task); +// return true; } private Boolean handleDynamicTaskStart(TaskService taskService, Task task) { // 将所有关联的动态规则审批状态修改为“已使用” taskService.updateDynamicRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING); + try { + sendFilters(taskService, task); + } catch (Exception e) { + log.error(String.format("动态任务%d 发送筛选条件出错",task.getTaskId())); + log.error(e.getMessage()); + return true; + } // return sendFilters(taskService, task); return true; @@ -149,11 +165,12 @@ public class StateHandler { } // 将所有关联的静态规则全部设置为已使用状态 - taskService.updateStaticRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING); +// taskService.updateStaticRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING); // taskService.changeTaskAuditStatus(task.getTaskId(), AuditStatusEnum.USING.getNum()); List commandUUIDs= commandService.createCommands(staticTaskCommandInfos); - // 将command新建信号发送到c3下发程序 + +/* // 将command新建信号发送到c3下发程序 try { sendCommandDistributeSignal(commandUUIDs); } catch (Exception e) { @@ -176,6 +193,8 @@ public class StateHandler { log.error(String.format("静态任务%d 首次指令查询RCP出错",task.getTaskId())); return true; } + + */ return true; } public Boolean sendCommandDistributeSignal(List commandUUIDs) { diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java index c9f53e9..9ac2709 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java @@ -312,6 +312,15 @@ public class WhiteListController implements WhiteListControllerApi { return ResponseResult.ok() .setData("history", whiteListService.queryHistory(id, page, pageSize)); } + @Override + @GetMapping("/push") + public ResponseResult pushWhiteList() { + + return ResponseResult.ok() + .setData("whiteobj_list", whiteListService.queryWhiteListObject(null, null, null, null, null, 1, 50)) + .setData("total_num", whiteListService.queryWhiteListTotalNum(null, null, null, null, null)); + } + } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java index 018e8c6..8729898 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java @@ -402,5 +402,24 @@ public interface WhiteListControllerApi { ResponseResult queryHistory(@PathVariable Integer id, @RequestParam(value = "page", required = true) Integer page, @RequestParam(value = "page_size", required = true) Integer pageSize); + + + + @Operation( + summary = "同步白名单接口", + description = "按页和搜索内容同步推送白名单相关信息", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回需要同步的所有白名单", + content = @Content( + mediaType = "application/json", + schema = @Schema(title = "ResponseResult和WhiteListObject的属性", + anyOf = {ResponseResult.class, WhiteListObject.class}) + ) + ) + } + ) + @GetMapping("/push") + ResponseResult pushWhiteList(); } diff --git a/src/main/resources/mappers/CommandMapper.xml b/src/main/resources/mappers/CommandMapper.xml index dd5cbf7..c037b0b 100644 --- a/src/main/resources/mappers/CommandMapper.xml +++ b/src/main/resources/mappers/CommandMapper.xml @@ -425,7 +425,6 @@ update t_command set IS_JUDGED = 0 where COMMAND_ID = #{command_id} - and IS_JUDGED = 2 + diff --git a/src/main/resources/mappers/StaticRuleMapper.xml b/src/main/resources/mappers/StaticRuleMapper.xml index 204153f..0010fe3 100644 --- a/src/main/resources/mappers/StaticRuleMapper.xml +++ b/src/main/resources/mappers/StaticRuleMapper.xml @@ -522,8 +522,8 @@ SELECT COUNT(*) FROM t_static_rule - WHERE - + + static_rule_sip = INET_ATON(#{staticRuleSip}) @@ -559,6 +559,8 @@ AND static_rule_mprotocol = #{staticRuleMprotocol} + +