diff --git a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java index a48a821..e5a19d0 100644 --- a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java +++ b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java @@ -14,6 +14,7 @@ import org.springframework.dao.DataIntegrityViolationException; import org.springframework.dao.DuplicateKeyException; import org.springframework.data.redis.RedisConnectionFailureException; import org.springframework.jdbc.BadSqlGrammarException; +import org.springframework.jdbc.UncategorizedSQLException; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; @@ -137,6 +138,15 @@ public class GlobalExceptionHandler { return ResponseResult.error().setMessage("数据库错误,错误的查询语法"); } + @Order(2) + @ExceptionHandler(value = UncategorizedSQLException.class) + public ResponseResult handleUncategorizedSQLException(UncategorizedSQLException ex) { + // 打印异常日志 +// ex.printStackTrace(); + log.error("遭遇未知 SQL 错误,可能遇到doris concurrent_update :{}", ex.getMessage()); + return ResponseResult.error().setMessage("操作失败,请重试"); + } + @Order(2) @ExceptionHandler(value = DataIntegrityViolationException.class) diff --git a/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java b/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java index 1cb9d61..2ae3dfc 100644 --- a/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java +++ b/src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java @@ -23,6 +23,8 @@ import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; import reactor.core.publisher.Mono; import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; /** * 修改人: Fulian Li @@ -34,6 +36,215 @@ import java.util.Enumeration; @ControllerAdvice public class AuditAdvice implements ResponseBodyAdvice { + public static final Map URL_TAGS_MAP = new HashMap() {{ + put("/api/v1/whiteobj/[^/]+/update", "白名单API"); + put("/api/v1/whiteobj/upload", "白名单API"); + put("/api/v1/whiteobj/new", "白名单API"); + put("/api/v1/whiteobj/auditbatch", "白名单API"); + put("/api/v1/whiteobj/auditInfo/[^/]+", "白名单API"); + put("/api/v1/user/doLogin", "login-controller"); + put("/api/v1/user/auth", "login-controller"); + put("/api/v1/templateold/[^/]+/update", "old防御策略模板API"); + put("/api/v1/templateold/query/templateId", "old防御策略模板API"); + put("/api/v1/templateold/new", "old防御策略模板API"); + put("/api/v1/templateold/auditbatch", "old防御策略模板API"); + put("/api/v1/templateold/auditInfo/[^/]+", "old防御策略模板API"); + put("/api/v1/template/[^/]+/update", "策略模板API"); + put("/api/v1/template/new", "策略模板API"); + put("/api/v1/template/auditbatch", "策略模板API"); + put("/api/v1/template/auditInfo/[^/]+", "策略模板API"); + put("/api/v1/task/[^/]+/update", "任务控制器API"); + put("/api/v1/task/send-pcap", "任务控制器API"); + put("/api/v1/task/new", "任务控制器API"); + put("/api/v1/task/auditbatch", "任务控制器API"); + put("/api/v1/task/auditInfo/[^/]+", "任务控制器API"); + put("/api/v1/task/api/new", "任务控制器API"); + put("/api/v1/staticrule/[^/]+/update", "静态规则API"); + put("/api/v1/staticrule/upload", "静态规则API"); + put("/api/v1/staticrule/new", "静态规则API"); + put("/api/v1/staticrule/auditbatch", "静态规则API"); + put("/api/v1/staticrule/auditInfo/[^/]+", "静态规则API"); + put("/api/v1/proobj/[^/]+/update", "防护对象API"); + put("/api/v1/proobj/upload", "防护对象API"); + put("/api/v1/proobj/new", "防护对象API"); + put("/api/v1/proobj/auditbatch", "防护对象API"); + put("/api/v1/proobj/auditInfo/[^/]+", "防护对象API"); + put("/api/v1/dynamicrule/[^/]+/update", "动态规则API"); + put("/api/v1/dynamicrule/new", "动态规则API"); + put("/api/v1/dynamicrule/auditbatch", "动态规则API"); + put("/api/v1/dynamicrule/auditInfo/[^/]+", "动态规则API"); + put("/api/v1/alertmessage/new", "alert-message-controller"); + put("/api/v1/alertmessage/auditInfo2/[^/]+", "alert-message-controller"); + put("/api/v1/alertmessage/auditInfo/[^/]+", "alert-message-controller"); + put("/api/v1/whiteobj/[^/]+/query", "白名单API"); + put("/api/v1/whiteobj/[^/]+/history", "白名单API"); + put("/api/v1/whiteobj/[^/]+/audit/[^/]+", "白名单API"); + put("/api/v1/whiteobj/statistics", "白名单API"); + put("/api/v1/whiteobj/staticrule/check/[^/]+", "白名单API"); + put("/api/v1/whiteobj/query", "白名单API"); + put("/api/v1/whiteobj/push", "白名单API"); + put("/api/v1/whiteobj/download", "白名单API"); + put("/api/v1/user/auth_redirect", "login-controller"); + put("/api/v1/templateold/[^/]+/query", "old防御策略模板API"); + put("/api/v1/templateold/[^/]+/audit/[^/]+", "old防御策略模板API"); + put("/api/v1/templateold/statistics", "old防御策略模板API"); + put("/api/v1/templateold/query", "old防御策略模板API"); + put("/api/v1/templateold/query/source_system", "old防御策略模板API"); + put("/api/v1/templateold/query/level", "old防御策略模板API"); + put("/api/v1/templateold/query/event_name/[^/]+", "old防御策略模板API"); + put("/api/v1/template/[^/]+/query", "策略模板API"); + put("/api/v1/template/[^/]+/history", "策略模板API"); + put("/api/v1/template/[^/]+/audit/[^/]+", "策略模板API"); + put("/api/v1/template/statistics", "策略模板API"); + put("/api/v1/template/query", "策略模板API"); + put("/api/v1/template/query/source_system", "策略模板API"); + put("/api/v1/task/[^/]+/running/[^/]+", "任务控制器API"); + put("/api/v1/task/[^/]+/commands", "任务控制器API"); + put("/api/v1/task/[^/]+/audit/[^/]+", "任务控制器API"); + put("/api/v1/task/[^/]+/query", "任务控制器API"); + put("/api/v1/task/[^/]+/history", "任务控制器API"); + put("/api/v1/task/[^/]+/valid/[^/]+", "任务控制器API"); + put("/api/v1/task/unaudit/statistics", "任务控制器API"); + put("/api/v1/task/statistics", "任务控制器API"); + put("/api/v1/task/result/push", "任务控制器API"); + put("/api/v1/task/query", "任务控制器API"); + put("/api/v1/task/auditinfo/alert/[^/]+", "任务控制器API"); + put("/api/v1/staticrule/[^/]+/query", "静态规则API"); + put("/api/v1/staticrule/[^/]+/history", "静态规则API"); + put("/api/v1/staticrule/[^/]+/audit/[^/]+", "静态规则API"); + put("/api/v1/staticrule/statistics", "静态规则API"); + put("/api/v1/staticrule/query", "静态规则API"); + put("/api/v1/staticrule/query/[^/]+", "静态规则API"); + put("/api/v1/staticrule/download", "静态规则API"); + put("/api/v1/proobj/[^/]+/query", "防护对象API"); + put("/api/v1/proobj/[^/]+/audit/[^/]+", "防护对象API"); + put("/api/v1/proobj/[^/]+/querybatch", "防护对象API"); + put("/api/v1/proobj/[^/]+/history", "防护对象API"); + put("/api/v1/proobj/statistics", "防护对象API"); + put("/api/v1/proobj/query", "防护对象API"); + put("/api/v1/proobj/download", "防护对象API"); + put("/api/v1/nodeTree/get", "node-tree-controller"); + put("/api/v1/dynamicrule/[^/]+/query", "动态规则API"); + put("/api/v1/dynamicrule/[^/]+/history", "动态规则API"); + put("/api/v1/dynamicrule/[^/]+/audit/[^/]+", "动态规则API"); + put("/api/v1/dynamicrule/statistics", "动态规则API"); + put("/api/v1/dynamicrule/query", "动态规则API"); + put("/api/v1/dynamicrule/query/[^/]+", "动态规则API"); + put("/api/v1/dict/type/[^/]+", "字典表API"); + put("/api/v1/alertmessage/[^/]+/alarms", "alert-message-controller"); + put("/api/v1/whiteobj/[^/]+/delete", "白名单API"); + put("/api/v1/whiteobj/[^/]+", "白名单API"); + put("/api/v1/templateold/[^/]+/delete", "old防御策略模板API"); + put("/api/v1/template/[^/]+/delete", "策略模板API"); + put("/api/v1/task/[^/]+/delete", "任务控制器API"); + put("/api/v1/staticrule/[^/]+/delete", "静态规则API"); + put("/api/v1/staticrule/[^/]+", "静态规则API"); + put("/api/v1/proobj/[^/]+/delete", "防护对象API"); + put("/api/v1/proobj/delete/[^/]+", "防护对象API"); + put("/api/v1/dynamicrule/[^/]+/delete", "动态规则API"); + put("/api/v1/dynamicrule/[^/]+", "动态规则API"); + }}; + + public static final Map URL_SUMMARY_MAP = new HashMap() {{ + put("/api/v1/whiteobj/[^/]+/update", "修改白名单"); + put("/api/v1/whiteobj/upload", "批量导入白名单"); + put("/api/v1/whiteobj/new", "新增白名单"); + put("/api/v1/whiteobj/auditbatch", "批量更新审批状态"); + put("/api/v1/whiteobj/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/templateold/[^/]+/update", "更新防御策略模板信息"); + put("/api/v1/templateold/query/templateId", "查询策略模板id"); + put("/api/v1/templateold/new", "新建防御策略模板"); + put("/api/v1/templateold/auditbatch", "批量更新审批状态"); + put("/api/v1/templateold/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/template/[^/]+/update", "更新防御策略模板信息"); + put("/api/v1/template/new", "新建防御策略模板"); + put("/api/v1/template/auditbatch", "批量更新审批状态"); + put("/api/v1/template/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/task/[^/]+/update", "更新任务"); + put("/api/v1/task/send-pcap", "上传pcap文件"); + put("/api/v1/task/new", "添加任务"); + put("/api/v1/task/auditbatch", "批量更新任务审批状态"); + put("/api/v1/task/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/task/api/new", "任务推送外部API"); + put("/api/v1/staticrule/[^/]+/update", "修改静态规则"); + put("/api/v1/staticrule/upload", "批量导入静态规则"); + put("/api/v1/staticrule/new", "新增静态规则"); + put("/api/v1/staticrule/auditbatch", "批量更新静态规则审批状态"); + put("/api/v1/staticrule/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/proobj/[^/]+/update", "更新防护对象"); + put("/api/v1/proobj/upload", "批量上传防护对象"); + put("/api/v1/proobj/new", "新建防护对象"); + put("/api/v1/proobj/auditbatch", "批量更新审批状态"); + put("/api/v1/proobj/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/dynamicrule/[^/]+/update", "修改动态规则"); + put("/api/v1/dynamicrule/new", "新建动态规则"); + put("/api/v1/dynamicrule/auditbatch", "批量更新审批状态"); + put("/api/v1/dynamicrule/auditInfo/[^/]+", "查询审批意见"); + put("/api/v1/whiteobj/[^/]+/query", "查询单个白名单"); + put("/api/v1/whiteobj/[^/]+/history", "查询历史变化"); + put("/api/v1/whiteobj/[^/]+/audit/[^/]+", "修改白名单审核状态"); + put("/api/v1/whiteobj/statistics", "白名单数据统计"); + put("/api/v1/whiteobj/staticrule/check/[^/]+", "查询静态规则命中白名单"); + put("/api/v1/whiteobj/query", "查询白名单"); + put("/api/v1/whiteobj/push", "同步白名单接口"); + put("/api/v1/whiteobj/download", "下载白名单模板"); + put("/api/v1/templateold/[^/]+/query", "查询单个防御策略模板"); + put("/api/v1/templateold/statistics", "数据统计"); + put("/api/v1/templateold/query", "查询多个防御策略模板"); + put("/api/v1/templateold/query/source_system", "查询来源系统名称"); + put("/api/v1/templateold/query/level", "查询所有策略模板是否含有不同类型防护等级"); + put("/api/v1/templateold/query/event_name/[^/]+", "查询事件类型"); + put("/api/v1/template/[^/]+/query", "查询单个防御策略模板"); + put("/api/v1/template/[^/]+/history", "查询历史变化"); + put("/api/v1/template/[^/]+/audit/[^/]+", "按id修改审计状态"); + put("/api/v1/template/statistics", "数据统计"); + put("/api/v1/template/query", "分頁查询策略模板"); + put("/api/v1/template/query/source_system", "查询来源系统名称"); + put("/api/v1/task/[^/]+/running/[^/]+", "修改任务运行状态"); + put("/api/v1/task/[^/]+/commands", "获得任务已推送指令的相关数据"); + put("/api/v1/task/[^/]+/audit/[^/]+", "任务审核状态修改"); + put("/api/v1/task/[^/]+/query", "查询单个任务"); + put("/api/v1/task/[^/]+/history", "查询历史变化"); + put("/api/v1/task/[^/]+/valid/[^/]+", "下发/取消指令下发"); + put("/api/v1/task/unaudit/statistics", "查询规则、任务、配置的未审核数量"); + put("/api/v1/task/statistics", "数据统计"); + put("/api/v1/task/result/push", "处置任务结果推送接口"); + put("/api/v1/task/query", "查询任务"); + put("/api/v1/task/auditinfo/alert/[^/]+", "查询用户下未通知的任务数量"); + put("/api/v1/staticrule/[^/]+/query", "查询单个静态规则"); + put("/api/v1/staticrule/[^/]+/history", "查询历史变化"); + put("/api/v1/staticrule/[^/]+/audit/[^/]+", "更新静态规则审批状态"); + put("/api/v1/staticrule/statistics", "数据统计"); + put("/api/v1/staticrule/query", "分页查询静态规则"); + put("/api/v1/staticrule/query/[^/]+", "批量查询静态规则"); + put("/api/v1/staticrule/download", "下载静态规则模板"); + put("/api/v1/proobj/[^/]+/query", "查询单个防护对象"); + put("/api/v1/proobj/[^/]+/audit/[^/]+", "修改防护对象审核状态"); + put("/api/v1/proobj/[^/]+/querybatch", "批量查询多个防护对象"); + put("/api/v1/proobj/[^/]+/history", "查询历史变化"); + put("/api/v1/proobj/statistics", "数据统计"); + put("/api/v1/proobj/query", "根据条件查询多个防护对象"); + put("/api/v1/proobj/download", "下载模板文件"); + put("/api/v1/dynamicrule/[^/]+/query", "查询单个动态规则"); + put("/api/v1/dynamicrule/[^/]+/history", "查询历史变化"); + put("/api/v1/dynamicrule/[^/]+/audit/[^/]+", "更新批状态"); + put("/api/v1/dynamicrule/statistics", "数据统计"); + put("/api/v1/dynamicrule/query", "根据条件查询多个动态规则"); + put("/api/v1/dynamicrule/query/[^/]+", "查询多个动态规则"); + put("/api/v1/dict/type/[^/]+", "查询字典表数据"); + put("/api/v1/whiteobj/[^/]+/delete", "删除白名单"); + put("/api/v1/whiteobj/[^/]+", "批量删除白名单"); + put("/api/v1/templateold/[^/]+/delete", "删除防御策略模板信息"); + put("/api/v1/template/[^/]+/delete", "删除防御策略模板信息"); + put("/api/v1/task/[^/]+/delete", "删除单个任务"); + put("/api/v1/staticrule/[^/]+/delete", "按id删除静态规则"); + put("/api/v1/staticrule/[^/]+", "删除静态规则"); + put("/api/v1/proobj/[^/]+/delete", "删除防护对象"); + put("/api/v1/proobj/delete/[^/]+", "批量删除防护对象"); + put("/api/v1/dynamicrule/[^/]+/delete", "删除动态规则"); + put("/api/v1/dynamicrule/[^/]+", "批量删除动态规则"); + }}; + private final WebClient webClient = WebClient .builder() .baseUrl("http://39.105.210.156:8090/chanct-log/audit-xgs") @@ -62,8 +273,8 @@ public class AuditAdvice implements ResponseBodyAdvice { @Override public boolean supports(MethodParameter returnType, Class> converterType) { -// return false; - return true; + return false; +// return true; } @Override @@ -72,7 +283,13 @@ public class AuditAdvice implements ResponseBodyAdvice { if (request.getURI().getPath().contains("query")){ return body; } - AuditData auditData = getAuditData(body, request); + AuditData auditData ; + try { + auditData = getAuditData(body, request); + } catch (Exception e) { + log.error("响应解析失败:{}", e.getMessage()); + return body; + } AuditRes auditRes = new AuditRes(auditData); log.info("auditData-----------:"+auditData); @@ -105,25 +322,54 @@ public class AuditAdvice implements ResponseBodyAdvice { } return null; } + // 解析menu和action + private static String extractMenuAndAction(String xForwardedForHeader) { + if (xForwardedForHeader != null) { + // 根据逗号分隔获取第一个 IP 地址 + String[] ips = xForwardedForHeader.trim().split("\\s*,\\s*"); + return ips[0]; + } + return null; + } + + public static String getSummary(String url) { + for (Map.Entry entry : URL_SUMMARY_MAP.entrySet()) { + if (url.matches(entry.getKey())) { + return entry.getValue(); + } + } + return null; + } + + public static String getTag(String url) { + for (Map.Entry entry : URL_TAGS_MAP.entrySet()) { + if (url.matches(entry.getKey())) { + return entry.getValue(); + } + } + return null; + } + @NotNull private static AuditData getAuditData(ResponseResult body, ServerHttpRequest request) { HttpSession session = ((ServletServerHttpRequest) request).getServletRequest().getSession(); AuditData auditData; + log.info(request.getURI().getPath()); if(session==null || session.getAttribute("user")==null){ auditData = new AuditData( "0000000","0000000","NSADD管理员","组织树", + getTag(request.getURI().getPath()), + getSummary(request.getURI().getPath()), + body.toString(), request.getURI().getPath(), - request.getMethod().toString(), - body.getCode()==200?"成功":"失败", - body.getData().toString(), extractFirstIpAddress(request.getHeaders().getFirst("X-Forwarded-For")) ); }else { UserFull user = (UserFull) session.getAttribute("user"); auditData = new AuditData( user.uid, user.getOrgCode(),user.name, user.getOrgName(), - request.getURI().getPath(), - request.getMethod().toString(), + getTag(request.getURI().getPath()), + getSummary(request.getURI().getPath()), body.getCode()==200?"成功":"失败", body.getData().toString(), extractFirstIpAddress(request.getHeaders().getFirst("X-Forwarded-For")) diff --git a/src/main/java/com/realtime/protection/server/task/TaskController.java b/src/main/java/com/realtime/protection/server/task/TaskController.java index 9f737ab..dede71e 100644 --- a/src/main/java/com/realtime/protection/server/task/TaskController.java +++ b/src/main/java/com/realtime/protection/server/task/TaskController.java @@ -371,7 +371,7 @@ public class TaskController implements TaskControllerApi { } @Override - @GetMapping("/auditinfo/alert/{userid}") + @GetMapping("/auditinfo/alert/{userId}") public ResponseResult auditInfoNotification(@PathVariable String userId){ return ResponseResult.ok() diff --git a/src/main/java/com/realtime/protection/server/user/login/LoginController.java b/src/main/java/com/realtime/protection/server/user/login/LoginController.java index 7f2df17..b71f574 100644 --- a/src/main/java/com/realtime/protection/server/user/login/LoginController.java +++ b/src/main/java/com/realtime/protection/server/user/login/LoginController.java @@ -75,6 +75,7 @@ public class LoginController { .setData("userName", userFull.name) .setData("userRole", userFull.getRoleKey()) .setData("UserDepartment", userFull.getOrgName()) + .setData("userdepartment", userFull.getOrgCode()) ; } catch (Exception e) { return ResponseResult.error(e.getMessage());