gfwleak/enderbyendera-realtime-protection
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、操作日志增加了url到swagger的tag、summary映射。menu改为接口的tag、action改为接口的summary。

Browse Source 
2、增加UncategorizedSQLException异常全局处理,主要处理doris 并发update错误。
3、login auth接口增加返回部门code
4、用户退回任务提醒的接口bugfix
This commit is contained in:
PushM
2024-06-25 21:02:26 +08:00
parent 949e761fb4
commit b4a7339063
4 changed files with 266 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

262
src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java
View File

@@ -23,6 +23,8 @@ import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import reactor.core.publisher.Mono;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
/**
* 修改人: Fulian Li
@@ -34,6 +36,215 @@ import java.util.Enumeration;
@ControllerAdvice
public class AuditAdvice implements ResponseBodyAdvice<ResponseResult> {
public static final Map<String, String> URL_TAGS_MAP = new HashMap<String, String>() {{
put("/api/v1/whiteobj/[^/]+/update", "白名单API");
put("/api/v1/whiteobj/upload", "白名单API");
put("/api/v1/whiteobj/new", "白名单API");
put("/api/v1/whiteobj/auditbatch", "白名单API");
put("/api/v1/whiteobj/auditInfo/[^/]+", "白名单API");
put("/api/v1/user/doLogin", "login-controller");
put("/api/v1/user/auth", "login-controller");
put("/api/v1/templateold/[^/]+/update", "old防御策略模板API");
put("/api/v1/templateold/query/templateId", "old防御策略模板API");
put("/api/v1/templateold/new", "old防御策略模板API");
put("/api/v1/templateold/auditbatch", "old防御策略模板API");
put("/api/v1/templateold/auditInfo/[^/]+", "old防御策略模板API");
put("/api/v1/template/[^/]+/update", "策略模板API");
put("/api/v1/template/new", "策略模板API");
put("/api/v1/template/auditbatch", "策略模板API");
put("/api/v1/template/auditInfo/[^/]+", "策略模板API");
put("/api/v1/task/[^/]+/update", "任务控制器API");
put("/api/v1/task/send-pcap", "任务控制器API");
put("/api/v1/task/new", "任务控制器API");
put("/api/v1/task/auditbatch", "任务控制器API");
put("/api/v1/task/auditInfo/[^/]+", "任务控制器API");
put("/api/v1/task/api/new", "任务控制器API");
put("/api/v1/staticrule/[^/]+/update", "静态规则API");
put("/api/v1/staticrule/upload", "静态规则API");
put("/api/v1/staticrule/new", "静态规则API");
put("/api/v1/staticrule/auditbatch", "静态规则API");
put("/api/v1/staticrule/auditInfo/[^/]+", "静态规则API");
put("/api/v1/proobj/[^/]+/update", "防护对象API");
put("/api/v1/proobj/upload", "防护对象API");
put("/api/v1/proobj/new", "防护对象API");
put("/api/v1/proobj/auditbatch", "防护对象API");
put("/api/v1/proobj/auditInfo/[^/]+", "防护对象API");
put("/api/v1/dynamicrule/[^/]+/update", "动态规则API");
put("/api/v1/dynamicrule/new", "动态规则API");
put("/api/v1/dynamicrule/auditbatch", "动态规则API");
put("/api/v1/dynamicrule/auditInfo/[^/]+", "动态规则API");
put("/api/v1/alertmessage/new", "alert-message-controller");
put("/api/v1/alertmessage/auditInfo2/[^/]+", "alert-message-controller");
put("/api/v1/alertmessage/auditInfo/[^/]+", "alert-message-controller");
put("/api/v1/whiteobj/[^/]+/query", "白名单API");
put("/api/v1/whiteobj/[^/]+/history", "白名单API");
put("/api/v1/whiteobj/[^/]+/audit/[^/]+", "白名单API");
put("/api/v1/whiteobj/statistics", "白名单API");
put("/api/v1/whiteobj/staticrule/check/[^/]+", "白名单API");
put("/api/v1/whiteobj/query", "白名单API");
put("/api/v1/whiteobj/push", "白名单API");
put("/api/v1/whiteobj/download", "白名单API");
put("/api/v1/user/auth_redirect", "login-controller");
put("/api/v1/templateold/[^/]+/query", "old防御策略模板API");
put("/api/v1/templateold/[^/]+/audit/[^/]+", "old防御策略模板API");
put("/api/v1/templateold/statistics", "old防御策略模板API");
put("/api/v1/templateold/query", "old防御策略模板API");
put("/api/v1/templateold/query/source_system", "old防御策略模板API");
put("/api/v1/templateold/query/level", "old防御策略模板API");
put("/api/v1/templateold/query/event_name/[^/]+", "old防御策略模板API");
put("/api/v1/template/[^/]+/query", "策略模板API");
put("/api/v1/template/[^/]+/history", "策略模板API");
put("/api/v1/template/[^/]+/audit/[^/]+", "策略模板API");
put("/api/v1/template/statistics", "策略模板API");
put("/api/v1/template/query", "策略模板API");
put("/api/v1/template/query/source_system", "策略模板API");
put("/api/v1/task/[^/]+/running/[^/]+", "任务控制器API");
put("/api/v1/task/[^/]+/commands", "任务控制器API");
put("/api/v1/task/[^/]+/audit/[^/]+", "任务控制器API");
put("/api/v1/task/[^/]+/query", "任务控制器API");
put("/api/v1/task/[^/]+/history", "任务控制器API");
put("/api/v1/task/[^/]+/valid/[^/]+", "任务控制器API");
put("/api/v1/task/unaudit/statistics", "任务控制器API");
put("/api/v1/task/statistics", "任务控制器API");
put("/api/v1/task/result/push", "任务控制器API");
put("/api/v1/task/query", "任务控制器API");
put("/api/v1/task/auditinfo/alert/[^/]+", "任务控制器API");
put("/api/v1/staticrule/[^/]+/query", "静态规则API");
put("/api/v1/staticrule/[^/]+/history", "静态规则API");
put("/api/v1/staticrule/[^/]+/audit/[^/]+", "静态规则API");
put("/api/v1/staticrule/statistics", "静态规则API");
put("/api/v1/staticrule/query", "静态规则API");
put("/api/v1/staticrule/query/[^/]+", "静态规则API");
put("/api/v1/staticrule/download", "静态规则API");
put("/api/v1/proobj/[^/]+/query", "防护对象API");
put("/api/v1/proobj/[^/]+/audit/[^/]+", "防护对象API");
put("/api/v1/proobj/[^/]+/querybatch", "防护对象API");
put("/api/v1/proobj/[^/]+/history", "防护对象API");
put("/api/v1/proobj/statistics", "防护对象API");
put("/api/v1/proobj/query", "防护对象API");
put("/api/v1/proobj/download", "防护对象API");
put("/api/v1/nodeTree/get", "node-tree-controller");
put("/api/v1/dynamicrule/[^/]+/query", "动态规则API");
put("/api/v1/dynamicrule/[^/]+/history", "动态规则API");
put("/api/v1/dynamicrule/[^/]+/audit/[^/]+", "动态规则API");
put("/api/v1/dynamicrule/statistics", "动态规则API");
put("/api/v1/dynamicrule/query", "动态规则API");
put("/api/v1/dynamicrule/query/[^/]+", "动态规则API");
put("/api/v1/dict/type/[^/]+", "字典表API");
put("/api/v1/alertmessage/[^/]+/alarms", "alert-message-controller");
put("/api/v1/whiteobj/[^/]+/delete", "白名单API");
put("/api/v1/whiteobj/[^/]+", "白名单API");
put("/api/v1/templateold/[^/]+/delete", "old防御策略模板API");
put("/api/v1/template/[^/]+/delete", "策略模板API");
put("/api/v1/task/[^/]+/delete", "任务控制器API");
put("/api/v1/staticrule/[^/]+/delete", "静态规则API");
put("/api/v1/staticrule/[^/]+", "静态规则API");
put("/api/v1/proobj/[^/]+/delete", "防护对象API");
put("/api/v1/proobj/delete/[^/]+", "防护对象API");
put("/api/v1/dynamicrule/[^/]+/delete", "动态规则API");
put("/api/v1/dynamicrule/[^/]+", "动态规则API");
}};
public static final Map<String, String> URL_SUMMARY_MAP = new HashMap<String, String>() {{
put("/api/v1/whiteobj/[^/]+/update", "修改白名单");
put("/api/v1/whiteobj/upload", "批量导入白名单");
put("/api/v1/whiteobj/new", "新增白名单");
put("/api/v1/whiteobj/auditbatch", "批量更新审批状态");
put("/api/v1/whiteobj/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/templateold/[^/]+/update", "更新防御策略模板信息");
put("/api/v1/templateold/query/templateId", "查询策略模板id");
put("/api/v1/templateold/new", "新建防御策略模板");
put("/api/v1/templateold/auditbatch", "批量更新审批状态");
put("/api/v1/templateold/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/template/[^/]+/update", "更新防御策略模板信息");
put("/api/v1/template/new", "新建防御策略模板");
put("/api/v1/template/auditbatch", "批量更新审批状态");
put("/api/v1/template/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/task/[^/]+/update", "更新任务");
put("/api/v1/task/send-pcap", "上传pcap文件");
put("/api/v1/task/new", "添加任务");
put("/api/v1/task/auditbatch", "批量更新任务审批状态");
put("/api/v1/task/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/task/api/new", "任务推送外部API");
put("/api/v1/staticrule/[^/]+/update", "修改静态规则");
put("/api/v1/staticrule/upload", "批量导入静态规则");
put("/api/v1/staticrule/new", "新增静态规则");
put("/api/v1/staticrule/auditbatch", "批量更新静态规则审批状态");
put("/api/v1/staticrule/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/proobj/[^/]+/update", "更新防护对象");
put("/api/v1/proobj/upload", "批量上传防护对象");
put("/api/v1/proobj/new", "新建防护对象");
put("/api/v1/proobj/auditbatch", "批量更新审批状态");
put("/api/v1/proobj/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/dynamicrule/[^/]+/update", "修改动态规则");
put("/api/v1/dynamicrule/new", "新建动态规则");
put("/api/v1/dynamicrule/auditbatch", "批量更新审批状态");
put("/api/v1/dynamicrule/auditInfo/[^/]+", "查询审批意见");
put("/api/v1/whiteobj/[^/]+/query", "查询单个白名单");
put("/api/v1/whiteobj/[^/]+/history", "查询历史变化");
put("/api/v1/whiteobj/[^/]+/audit/[^/]+", "修改白名单审核状态");
put("/api/v1/whiteobj/statistics", "白名单数据统计");
put("/api/v1/whiteobj/staticrule/check/[^/]+", "查询静态规则命中白名单");
put("/api/v1/whiteobj/query", "查询白名单");
put("/api/v1/whiteobj/push", "同步白名单接口");
put("/api/v1/whiteobj/download", "下载白名单模板");
put("/api/v1/templateold/[^/]+/query", "查询单个防御策略模板");
put("/api/v1/templateold/statistics", "数据统计");
put("/api/v1/templateold/query", "查询多个防御策略模板");
put("/api/v1/templateold/query/source_system", "查询来源系统名称");
put("/api/v1/templateold/query/level", "查询所有策略模板是否含有不同类型防护等级");
put("/api/v1/templateold/query/event_name/[^/]+", "查询事件类型");
put("/api/v1/template/[^/]+/query", "查询单个防御策略模板");
put("/api/v1/template/[^/]+/history", "查询历史变化");
put("/api/v1/template/[^/]+/audit/[^/]+", "按id修改审计状态");
put("/api/v1/template/statistics", "数据统计");
put("/api/v1/template/query", "分頁查询策略模板");
put("/api/v1/template/query/source_system", "查询来源系统名称");
put("/api/v1/task/[^/]+/running/[^/]+", "修改任务运行状态");
put("/api/v1/task/[^/]+/commands", "获得任务已推送指令的相关数据");
put("/api/v1/task/[^/]+/audit/[^/]+", "任务审核状态修改");
put("/api/v1/task/[^/]+/query", "查询单个任务");
put("/api/v1/task/[^/]+/history", "查询历史变化");
put("/api/v1/task/[^/]+/valid/[^/]+", "下发/取消指令下发");
put("/api/v1/task/unaudit/statistics", "查询规则、任务、配置的未审核数量");
put("/api/v1/task/statistics", "数据统计");
put("/api/v1/task/result/push", "处置任务结果推送接口");
put("/api/v1/task/query", "查询任务");
put("/api/v1/task/auditinfo/alert/[^/]+", "查询用户下未通知的任务数量");
put("/api/v1/staticrule/[^/]+/query", "查询单个静态规则");
put("/api/v1/staticrule/[^/]+/history", "查询历史变化");
put("/api/v1/staticrule/[^/]+/audit/[^/]+", "更新静态规则审批状态");
put("/api/v1/staticrule/statistics", "数据统计");
put("/api/v1/staticrule/query", "分页查询静态规则");
put("/api/v1/staticrule/query/[^/]+", "批量查询静态规则");
put("/api/v1/staticrule/download", "下载静态规则模板");
put("/api/v1/proobj/[^/]+/query", "查询单个防护对象");
put("/api/v1/proobj/[^/]+/audit/[^/]+", "修改防护对象审核状态");
put("/api/v1/proobj/[^/]+/querybatch", "批量查询多个防护对象");
put("/api/v1/proobj/[^/]+/history", "查询历史变化");
put("/api/v1/proobj/statistics", "数据统计");
put("/api/v1/proobj/query", "根据条件查询多个防护对象");
put("/api/v1/proobj/download", "下载模板文件");
put("/api/v1/dynamicrule/[^/]+/query", "查询单个动态规则");
put("/api/v1/dynamicrule/[^/]+/history", "查询历史变化");
put("/api/v1/dynamicrule/[^/]+/audit/[^/]+", "更新批状态");
put("/api/v1/dynamicrule/statistics", "数据统计");
put("/api/v1/dynamicrule/query", "根据条件查询多个动态规则");
put("/api/v1/dynamicrule/query/[^/]+", "查询多个动态规则");
put("/api/v1/dict/type/[^/]+", "查询字典表数据");
put("/api/v1/whiteobj/[^/]+/delete", "删除白名单");
put("/api/v1/whiteobj/[^/]+", "批量删除白名单");
put("/api/v1/templateold/[^/]+/delete", "删除防御策略模板信息");
put("/api/v1/template/[^/]+/delete", "删除防御策略模板信息");
put("/api/v1/task/[^/]+/delete", "删除单个任务");
put("/api/v1/staticrule/[^/]+/delete", "按id删除静态规则");
put("/api/v1/staticrule/[^/]+", "删除静态规则");
put("/api/v1/proobj/[^/]+/delete", "删除防护对象");
put("/api/v1/proobj/delete/[^/]+", "批量删除防护对象");
put("/api/v1/dynamicrule/[^/]+/delete", "删除动态规则");
put("/api/v1/dynamicrule/[^/]+", "批量删除动态规则");
}};
private final WebClient webClient = WebClient
.builder()
.baseUrl("http://39.105.210.156:8090/chanct-log/audit-xgs")
@@ -62,8 +273,8 @@ public class AuditAdvice implements ResponseBodyAdvice<ResponseResult> {
@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
// return false;
return true;
return false;
// return true;
}
@Override
@@ -72,7 +283,13 @@ public class AuditAdvice implements ResponseBodyAdvice<ResponseResult> {
if (request.getURI().getPath().contains("query")){
return body;
}
AuditData auditData = getAuditData(body, request);
AuditData auditData ;
try {
auditData = getAuditData(body, request);
} catch (Exception e) {
log.error("响应解析失败:{}", e.getMessage());
return body;
}
AuditRes auditRes = new AuditRes(auditData);
log.info("auditData-----------:"+auditData);
@@ -105,25 +322,54 @@ public class AuditAdvice implements ResponseBodyAdvice<ResponseResult> {
}
return null;
}
// 解析menu和action
private static String extractMenuAndAction(String xForwardedForHeader) {
if (xForwardedForHeader != null) {
// 根据逗号分隔获取第一个 IP 地址
String[] ips = xForwardedForHeader.trim().split("\\s*,\\s*");
return ips[0];
}
return null;
}
public static String getSummary(String url) {
for (Map.Entry<String, String> entry : URL_SUMMARY_MAP.entrySet()) {
if (url.matches(entry.getKey())) {
return entry.getValue();
}
}
return null;
}
public static String getTag(String url) {
for (Map.Entry<String, String> entry : URL_TAGS_MAP.entrySet()) {
if (url.matches(entry.getKey())) {
return entry.getValue();
}
}
return null;
}
@NotNull
private static AuditData getAuditData(ResponseResult body, ServerHttpRequest request) {
HttpSession session = ((ServletServerHttpRequest) request).getServletRequest().getSession();
AuditData auditData;
log.info(request.getURI().getPath());
if(session==null || session.getAttribute("user")==null){
auditData = new AuditData(
"0000000","0000000","NSADD管理员","组织树",
getTag(request.getURI().getPath()),
getSummary(request.getURI().getPath()),
body.toString(),
request.getURI().getPath(),
request.getMethod().toString(),
body.getCode()==200?"成功":"失败",
body.getData().toString(),
extractFirstIpAddress(request.getHeaders().getFirst("X-Forwarded-For"))
);
}else {
UserFull user = (UserFull) session.getAttribute("user");
auditData = new AuditData(
user.uid, user.getOrgCode(),user.name, user.getOrgName(),
request.getURI().getPath(),
request.getMethod().toString(),
getTag(request.getURI().getPath()),
getSummary(request.getURI().getPath()),
body.getCode()==200?"成功":"失败",
body.getData().toString(),
extractFirstIpAddress(request.getHeaders().getFirst("X-Forwarded-For"))