From 9ceb2e583e3210289f08da0415a9315a393c36ce Mon Sep 17 00:00:00 2001 From: EnderByEndera <707475564@qq.com> Date: Thu, 11 Apr 2024 08:56:35 +0800 Subject: [PATCH 1/5] =?UTF-8?q?1.=20=E8=A7=A3=E9=99=A4=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E8=A7=84=E5=88=99=E5=8F=91=E9=80=81=E8=AF=B7=E6=B1=82=E6=88=90?= =?UTF-8?q?=E5=8A=9F/=E5=A4=B1=E8=B4=A5=E8=BF=94=E5=9B=9E=E7=8A=B6?= =?UTF-8?q?=E6=80=81=202.=20=E5=9C=A8=E6=8C=87=E4=BB=A4=E4=B8=AD=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0=E5=B1=80=E7=82=B9/=E9=83=A8=E9=97=A8=E4=BF=A1?= =?UTF-8?q?=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../entity/task/FiveTupleWithMask.java | 22 +++++++++++++++++++ .../entity/task/TaskCommandInfo.java | 14 ++++++++++++ .../protection/server/task/TaskService.java | 7 +++++- .../server/task/status/StateHandler.java | 9 +++----- src/main/resources/mappers/CommandMapper.xml | 8 +++---- src/main/resources/mappers/TaskMapper.xml | 4 ++++ 6 files changed, 53 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java b/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java index baf5747..cb8f844 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java +++ b/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java @@ -90,4 +90,26 @@ public class FiveTupleWithMask { assert protocol != null; this.protocolNum = protocol.getNumber(); } + + public void setMask() { + if (this.sourceIP != null && this.maskSourceIP == null) { + this.maskSourceIP = "255.255.255.255"; + } + + if (this.sourcePort != null && this.maskSourcePort == null) { + this.maskSourcePort = "65535"; + } + + if (this.destinationIP != null && this.maskDestinationIP == null) { + this.maskDestinationIP = "255.255.255.255"; + } + + if (this.destinationPort != null && this.maskDestinationPort == null) { + this.maskDestinationPort = "65535"; + } + + if (this.protocol != null && this.maskProtocol == null) { + this.maskProtocol = "255"; // 协议掩码这里填写255以确保覆盖大部分协议 + } + } } diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java index e4c1ac9..7364a9f 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java +++ b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java @@ -48,6 +48,14 @@ public class TaskCommandInfo { @JsonProperty("task_act") private String taskAct; + @Schema(description = "部门", example = "XXX") + @JsonProperty("department") + private String department; + + @Schema(description = "局点", example = "北京") + @JsonProperty("distribute_point") + private String distributePoint; + @Schema(description = "指令下发频率", example = "30") @NotNull(message = "指令下发频率不能为空。") @JsonProperty("frequency") @@ -114,6 +122,8 @@ public class TaskCommandInfo { this.taskName = original.taskName; this.taskType = original.taskType; this.taskAct = original.taskAct; + this.department = original.department; + this.distributePoint = original.distributePoint; this.frequency = original.frequency; this.startTime = original.startTime; this.endTime = original.endTime; @@ -132,4 +142,8 @@ public class TaskCommandInfo { public void setProtocolNum() { this.fiveTupleWithMask.setProtocolNum(); } + + public void setMask() { + this.fiveTupleWithMask.setMask(); + } } diff --git a/src/main/java/com/realtime/protection/server/task/TaskService.java b/src/main/java/com/realtime/protection/server/task/TaskService.java index 20f5847..57732a8 100644 --- a/src/main/java/com/realtime/protection/server/task/TaskService.java +++ b/src/main/java/com/realtime/protection/server/task/TaskService.java @@ -109,7 +109,12 @@ public class TaskService { public List getStaticCommandInfos(Long taskId) { List staticCommandInfos = taskMapper.getStaticCommandInfos(taskId); - staticCommandInfos.forEach(TaskCommandInfo::setProtocolNum); + + staticCommandInfos.forEach(taskCommandInfo -> { + taskCommandInfo.setProtocolNum(); + taskCommandInfo.setMask(); + }); + return staticCommandInfos; } diff --git a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java index 3d52af6..ac9b419 100644 --- a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java +++ b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java @@ -75,14 +75,11 @@ public class StateHandler { // todo: 如果是实时任务或者研判后处置任务,那么就需要在任务启动之后,立刻向动态规则中指定的系统发送日志筛选请求。 // 筛选完成后,系统返回日志,需要由接收端点提取字段,并且合成一条静态规则,再按照任务开始时间、结束时间和任务类型进行指令创建 private Boolean handleJudgedTaskStart(TaskService taskService, Long taskId) { -// return sendFilters(taskService, taskId); -// 还没配置帅选条件发送的url,不配置会出错,所以先注释 - return true; + return sendFilters(taskService, taskId); } private Boolean handleDynamicTaskStart(TaskService taskService, Long taskId) { -// return sendFilters(taskService, taskId); - return true; + return sendFilters(taskService, taskId); } private Boolean handleStaticTaskStart(CommandService commandService, TaskService taskService, Long taskId) { @@ -106,7 +103,7 @@ public class StateHandler { AtomicReference success = new AtomicReference<>(false); Mono mono = client.post() - .uri("") // todo: unfinished + .uri("192.168.107.89:65432") // todo: unfinished .bodyValue(dynamicTaskInfos) .exchangeToMono(res -> { if (res.statusCode().equals(HttpStatus.OK)) { diff --git a/src/main/resources/mappers/CommandMapper.xml b/src/main/resources/mappers/CommandMapper.xml index b446135..75396db 100644 --- a/src/main/resources/mappers/CommandMapper.xml +++ b/src/main/resources/mappers/CommandMapper.xml @@ -4,12 +4,12 @@ "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> - insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, + insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, PROTOCOL, MASK_SRC_IP, MASK_SRC_PORT, MASK_DST_IP, MASK_DST_PORT, MASK_PROTOCOL, VALID_TIME, INVALID_TIME, IS_VALID, IS_JUDGED, SEND_TIMES, SUCCESS_TIMES, CREATE_TIME, LAST_UPDATE, IS_DELETED) - values (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.frequency}, + values (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.department}, #{info.distributePoint}, #{info.frequency}, DEFAULT, #{info.fiveTupleWithMask.sourceIP}, #{info.fiveTupleWithMask.sourcePort}, #{info.fiveTupleWithMask.destinationIP}, #{info.fiveTupleWithMask.destinationPort}, @@ -24,14 +24,14 @@ - insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, + insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, PROTOCOL, MASK_SRC_IP, MASK_SRC_PORT, MASK_DST_IP, MASK_DST_PORT, MASK_PROTOCOL, VALID_TIME, INVALID_TIME, IS_VALID, IS_JUDGED, SEND_TIMES, SUCCESS_TIMES, CREATE_TIME, LAST_UPDATE, IS_DELETED) values - (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.frequency}, + (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.department}, #{info.distributePoint}, #{info.frequency}, DEFAULT, #{info.fiveTupleWithMask.sourceIP}, #{info.fiveTupleWithMask.sourcePort}, #{info.fiveTupleWithMask.destinationIP}, #{info.fiveTupleWithMask.destinationPort}, diff --git a/src/main/resources/mappers/TaskMapper.xml b/src/main/resources/mappers/TaskMapper.xml index 2dece1c..9b23f76 100644 --- a/src/main/resources/mappers/TaskMapper.xml +++ b/src/main/resources/mappers/TaskMapper.xml @@ -161,6 +161,8 @@ + + @@ -204,6 +206,8 @@ t_task.task_type, t_task.task_act, + t_task.task_create_depart, + tsr.static_rule_range, tsr.static_rule_frequency, t_task.task_start_time, From de6437b8b026f00fa34f852b1dc9d2eeddcf8f55 Mon Sep 17 00:00:00 2001 From: EnderByEndera <707475564@qq.com> Date: Mon, 15 Apr 2024 11:25:54 +0800 Subject: [PATCH 2/5] =?UTF-8?q?1.=20=E5=AE=A1=E6=A0=B8=E7=8A=B6=E6=80=81?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E2=80=9C=E8=8D=89=E7=A8=BF=E2=80=9D=202.=20?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=8C=87=E4=BB=A4=E4=B8=AD=E2=80=9C=E4=BB=BB?= =?UTF-8?q?=E5=8A=A1=E5=90=8D=E7=A7=B0=EF=BC=8C=E4=BA=8B=E4=BB=B6=E7=B1=BB?= =?UTF-8?q?=E5=9E=8B=EF=BC=8C=E5=B1=80=E7=82=B9=EF=BC=8C=E9=83=A8=E9=97=A8?= =?UTF-8?q?=E5=9B=9B=E4=B8=AA=E5=AD=97=E6=AE=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../entity/task/TaskCommandInfo.java | 15 +++++++-------- .../configuration/utils/status/AuditStatus.java | 7 ++++--- .../utils/status/AuditStatusValidator.java | 2 +- .../server/task/status/StateHandler.java | 2 +- src/main/resources/mappers/CommandMapper.xml | 15 +++++++++------ 5 files changed, 22 insertions(+), 19 deletions(-) diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java index 7364a9f..1218dbc 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java +++ b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java @@ -25,7 +25,7 @@ public class TaskCommandInfo { @JsonProperty("task_create_username") private String taskCreateUsername; - @Schema(description = "任务创建人处室", accessMode = Schema.AccessMode.READ_ONLY) + @Schema(description = "任务创建人处室", example = "XXX") @JsonProperty("task_create_depart") private String taskCreateDepart; @@ -48,13 +48,13 @@ public class TaskCommandInfo { @JsonProperty("task_act") private String taskAct; - @Schema(description = "部门", example = "XXX") - @JsonProperty("department") - private String department; - - @Schema(description = "局点", example = "北京") + @Schema(description = "局点", example = "123456") @JsonProperty("distribute_point") - private String distributePoint; + private Integer distributePoint; + + @Schema(description = "事件类型(策略模板名称)", example = "DDOS") + @JsonProperty("event_type") + private String eventType; @Schema(description = "指令下发频率", example = "30") @NotNull(message = "指令下发频率不能为空。") @@ -122,7 +122,6 @@ public class TaskCommandInfo { this.taskName = original.taskName; this.taskType = original.taskType; this.taskAct = original.taskAct; - this.department = original.department; this.distributePoint = original.distributePoint; this.frequency = original.frequency; this.startTime = original.startTime; diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java index 42edaa1..8de8b3b 100644 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java +++ b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java @@ -4,9 +4,10 @@ import lombok.Getter; @Getter public enum AuditStatus { - PENDING(0), - UNAUDITED(1), - AUDITED(2); + PENDING(0), // 未审核状态 + RETURNED(1), // 退回状态 + AUDITED(2), // 已审核状态 + DRAFT(3); // 草稿 private final int auditStatus; diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java index 22f53bb..90d15e1 100644 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java +++ b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java @@ -24,7 +24,7 @@ public class AuditStatusValidator { return auditStatusOriginal != 1; } default -> { - log.debug("欲修改的审核状态不正确,需要使用正确的审核状态,当前的审核状态:" + auditStatusOriginal); + log.debug("欲修改的审核状态不正确,需要使用正确的审核状态,当前的审核状态:{}", auditStatusOriginal); return false; } } diff --git a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java index ac9b419..561a30d 100644 --- a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java +++ b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java @@ -103,7 +103,7 @@ public class StateHandler { AtomicReference success = new AtomicReference<>(false); Mono mono = client.post() - .uri("192.168.107.89:65432") // todo: unfinished + .uri("http://192.168.107.89:9081/api/v1/kafkasend") // todo: untested .bodyValue(dynamicTaskInfos) .exchangeToMono(res -> { if (res.statusCode().equals(HttpStatus.OK)) { diff --git a/src/main/resources/mappers/CommandMapper.xml b/src/main/resources/mappers/CommandMapper.xml index 75396db..092d9fe 100644 --- a/src/main/resources/mappers/CommandMapper.xml +++ b/src/main/resources/mappers/CommandMapper.xml @@ -4,12 +4,13 @@ "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> - insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, - PROTOCOL, + insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, TASKNAME, EVENTTYPE, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, + ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, PROTOCOL, MASK_SRC_IP, MASK_SRC_PORT, MASK_DST_IP, MASK_DST_PORT, MASK_PROTOCOL, VALID_TIME, INVALID_TIME, IS_VALID, IS_JUDGED, SEND_TIMES, SUCCESS_TIMES, CREATE_TIME, LAST_UPDATE, IS_DELETED) - values (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.department}, #{info.distributePoint}, #{info.frequency}, + values (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.taskName}, #{info.eventType}, #{info.department}, #{info.distributePoint}, + #{info.frequency}, DEFAULT, #{info.fiveTupleWithMask.sourceIP}, #{info.fiveTupleWithMask.sourcePort}, #{info.fiveTupleWithMask.destinationIP}, #{info.fiveTupleWithMask.destinationPort}, @@ -24,14 +25,16 @@ - insert into t_command(COMMAND_ID, TASK_ID, TASK_ACT, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, - PROTOCOL, + insert into t_command( + COMMAND_ID, TASK_ID, TASK_ACT, TASK_NAME, EVENT_TYPE, DEPARTMENT, DISTRIBUTEPOINT, FREQUENCY, + ADDR_TYPE, SRC_IP, SRC_PORT, DST_IP, DST_PORT, PROTOCOL, MASK_SRC_IP, MASK_SRC_PORT, MASK_DST_IP, MASK_DST_PORT, MASK_PROTOCOL, VALID_TIME, INVALID_TIME, IS_VALID, IS_JUDGED, SEND_TIMES, SUCCESS_TIMES, CREATE_TIME, LAST_UPDATE, IS_DELETED) values - (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.department}, #{info.distributePoint}, #{info.frequency}, + (#{info.UUID}, #{info.taskId}, #{info.taskAct}, #{info.taskName}, #{info.eventType}, #{info.taskCreateDepart}, #{info.distributePoint}, + #{info.frequency}, DEFAULT, #{info.fiveTupleWithMask.sourceIP}, #{info.fiveTupleWithMask.sourcePort}, #{info.fiveTupleWithMask.destinationIP}, #{info.fiveTupleWithMask.destinationPort}, From 7e990754b9cf58a3ad412080e2493bc0d8981dc9 Mon Sep 17 00:00:00 2001 From: EnderByEndera <707475564@qq.com> Date: Wed, 17 Apr 2024 14:01:46 +0800 Subject: [PATCH 3/5] =?UTF-8?q?1.=20=E9=87=8D=E6=9E=84=E5=AE=A1=E6=A0=B8?= =?UTF-8?q?=E7=8A=B6=E6=80=81=EF=BC=8C=E5=B0=86=E5=85=B6=E8=BD=AC=E6=8D=A2?= =?UTF-8?q?=E4=B8=BA=E7=8A=B6=E6=80=81=E6=A8=A1=E5=BC=8F=EF=BC=8C=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0Using=E7=8A=B6=E6=80=81=EF=BC=88=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E4=B8=AD=EF=BC=89=202.=20=E7=AD=96=E7=95=A5=E6=A8=A1=E6=9D=BF?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=96=B9=E6=B3=95=EF=BC=8C=E9=80=9A=E8=BF=87?= =?UTF-8?q?=E5=8F=8D=E5=B0=84=E5=88=A4=E6=96=AD=E9=98=B2=E6=8A=A4=E7=AD=89?= =?UTF-8?q?=E7=BA=A7=E4=B8=AD=E6=98=AF=E5=90=A6=E6=9C=89=E5=AD=97=E6=AE=B5?= =?UTF-8?q?=E4=B8=BAtrue?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../entity/defense/template/Template.java | 52 ++++++++++++++ .../exception/GlobalExceptionHandler.java | 12 ++-- .../utils/NonEmptyFieldFetcher.java | 30 +++++++++ .../configuration/utils/enums/RuleEnum.java | 67 +++++++++++++++++++ .../configuration/utils/enums/StateEnum.java | 1 - .../utils/enums/audit/AuditStatusEnum.java | 55 +++++++++++++++ .../enums/audit/AuditStatusValidator.java | 26 +++++++ .../enums/audit/states/AuditedState.java | 13 ++++ .../enums/audit/states/PendingState.java | 13 ++++ .../enums/audit/states/ReturnedState.java | 13 ++++ .../utils/enums/audit/states/State.java | 5 ++ .../utils/enums/audit/states/UsingState.java | 13 ++++ .../utils/status/AuditStatus.java | 18 ----- .../utils/status/AuditStatusValidator.java | 32 --------- .../configuration/utils/status/StateNum.java | 20 ------ .../defense/object/ProtectObjectService.java | 2 +- .../defense/template/TemplateService.java | 16 +++++ .../rule/staticrule/StaticRuleService.java | 34 +++++++++- .../protection/server/task/TaskService.java | 2 +- .../task/status/StateChangeService.java | 4 +- .../server/task/status/StateHandler.java | 4 +- .../task/status/states/FailedState.java | 1 - .../task/status/states/FinishedState.java | 1 - .../task/status/states/GeneratingState.java | 1 - .../server/task/status/states/PauseState.java | 1 - .../task/status/states/PendingState.java | 1 - .../task/status/states/RunningState.java | 1 - .../task/status/states}/State.java | 2 +- .../server/task/status/states/StopState.java | 1 - .../server/whitelist/WhiteListService.java | 2 +- .../entity/defense/template/TemplateTest.java | 36 ++++++++++ .../utils/enums/RuleEnumTest.java | 24 +++++++ .../rule/dynamic/DynamicRuleServiceTest.java | 2 +- 33 files changed, 411 insertions(+), 94 deletions(-) create mode 100644 src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java create mode 100644 src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java delete mode 100644 src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java delete mode 100644 src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java delete mode 100644 src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java rename src/main/java/com/realtime/protection/{configuration/utils/status => server/task/status/states}/State.java (85%) create mode 100644 src/test/java/com/realtime/protection/configuration/entity/defense/template/TemplateTest.java create mode 100644 src/test/java/com/realtime/protection/configuration/utils/enums/RuleEnumTest.java diff --git a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java index 2e79b80..94c43e1 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java +++ b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java @@ -1,6 +1,7 @@ package com.realtime.protection.configuration.entity.defense.template; import com.fasterxml.jackson.annotation.JsonProperty; +import com.realtime.protection.configuration.utils.NonEmptyFieldFetcher; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotNull; import lombok.Data; @@ -40,6 +41,18 @@ public class Template { @Schema(description = "防御策略模板紧急态字段提取选项") private ProtectLevel protectLevelHigh; + @JsonProperty("has_protect_level_low") + @Schema(description = "日常态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelLow; + + @JsonProperty("has_protect_level_medium") + @Schema(description = "应急态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelMedium; + + @JsonProperty("has_protect_level_high") + @Schema(description = "紧急态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelHigh; + @JsonProperty("template_used_times") @Schema(description = "防御策略模板使用次数", example = "20", accessMode = Schema.AccessMode.READ_ONLY) private Integer usedTimes; @@ -59,4 +72,43 @@ public class Template { @JsonProperty("create_user_depart") @Schema(description = "防御策略模板创建人处室", example = "xxx", accessMode = Schema.AccessMode.READ_ONLY) private String createDepart; + + /** + * 设置是否含有日常/应急/紧急防护等级态字段的字段 + */ + public void setHasProtectLevel() throws IllegalAccessException { + this.hasProtectLevelHigh = hasProtectLevelFields(this.protectLevelHigh); + this.hasProtectLevelMedium = hasProtectLevelFields(this.protectLevelMedium); + this.hasProtectLevelLow = hasProtectLevelFields(this.protectLevelLow); + } + + /** + *仅保留是否含有日常/应急/紧急防护等级态字段以及策略模板名称和ID + */ + public void shortenTemplate() { + this.sourceSystem = null; + this.description = null; + this.protectLevelLow = null; + this.protectLevelMedium = null; + this.protectLevelHigh = null; + this.usedTimes = null; + this.runningTasks = null; + this.createUserId = null; + this.createUsername = null; + this.createDepart = null; + } + + private Boolean hasProtectLevelFields(ProtectLevel protectLevel) throws IllegalAccessException { + return NonEmptyFieldFetcher + .getNonEmptyFields(protectLevel) // 获取所有非空字段 + .stream() // 流式处理 + .filter(field -> field.getType().getName().contains("Boolean")) // 获取所有类型为Boolean的字段 + .anyMatch(field -> { + try { + return (Boolean) field.get(protectLevel); // 返回值为true的字段 + } catch (IllegalAccessException e) { + throw new RuntimeException(e); + } + }); + } } diff --git a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java index 7266af4..113b0e9 100644 --- a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java +++ b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java @@ -32,7 +32,7 @@ public class GlobalExceptionHandler { @Order(3) @ExceptionHandler(value = {Exception.class}) public ResponseResult handleGlobalException(Exception e) { - log.error("遭遇全局异常:" + e.getCause()); + log.error("遭遇全局异常:{}", e.getMessage()); return ResponseResult.error().setMessage(e.getMessage()); } @@ -44,7 +44,7 @@ public class GlobalExceptionHandler { SQLIntegrityConstraintViolationException.class }) public ResponseResult handleSQLException(Exception e) { - log.info("遭遇数据库异常:" + e.getMessage()); + log.info("遭遇数据库异常:{}", e.getMessage()); return ResponseResult.invalid().setMessage( "请检查json字段的完整性,确保json字段按照文档中要求填写。"); } @@ -74,14 +74,14 @@ public class GlobalExceptionHandler { IllegalStateException.class }) public ResponseResult handleHandlerMethodValidationException(Exception e) { - log.debug("遭遇非法参数异常:" + e.getMessage()); + log.debug("遭遇非法参数异常:{}", e.getMessage()); return ResponseResult.invalid().setMessage(e.getMessage()); } @Order(2) @ExceptionHandler(value = NotLoginException.class) public ResponseResult handleNotLoginException(NotLoginException e) { - log.debug("遭遇Sa-Token登录异常,登录类型为:" + e.getLoginType()); + log.debug("遭遇Sa-Token登录异常,登录类型为:{}", e.getLoginType()); return new ResponseResult( 401, e.getMessage() @@ -91,14 +91,14 @@ public class GlobalExceptionHandler { @Order(2) @ExceptionHandler(value = SaTokenException.class) public ResponseResult handleSaTokenException(SaTokenException e) { - log.debug("Sa-token模块遭遇异常:" + e.getMessage()); + log.debug("Sa-token模块遭遇异常:{}", e.getMessage()); return ResponseResult.unAuthorized().setMessage(e.getMessage()); } @Order(2) @ExceptionHandler(value = DorisStartException.class) public ResponseResult handleDorisStartException(DorisStartException e) { - log.warn("Doris数据库遭遇异常:" + e.getMessage()); + log.warn("Doris数据库遭遇异常:{}", e.getMessage()); ResponseResult responseResult = ResponseResult.error() .setMessage("Doris数据库指令生成遭遇异常:" + e.getMessage()); diff --git a/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java b/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java new file mode 100644 index 0000000..c67228e --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java @@ -0,0 +1,30 @@ +package com.realtime.protection.configuration.utils; + +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.List; + +public class NonEmptyFieldFetcher { + public static List getNonEmptyFields(Object object) throws IllegalAccessException { + List nonEmptyFields = new ArrayList<>(); + Class clazz = object.getClass(); + + // 获取类中所有的字段,包括继承的字段 + Field[] fields = clazz.getDeclaredFields(); + + for (Field field : fields) { + // 打开字段的访问权限 + field.setAccessible(true); + + // 获取字段的值 + Object value = field.get(object); + + // 检查字段是否非空 + if (value != null) { + nonEmptyFields.add(field); + } + } + + return nonEmptyFields; + } +} \ No newline at end of file diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java new file mode 100644 index 0000000..5cc7980 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java @@ -0,0 +1,67 @@ +package com.realtime.protection.configuration.utils.enums; + +import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; +import com.realtime.protection.configuration.utils.NonEmptyFieldFetcher; + +import java.lang.reflect.Field; +import java.util.*; + +public enum RuleEnum { + // 不带掩码规则的五元组规则类型对应表 + SIP_SPORT_DIP_PROTOCOL("SIP_SPORT_DIP_PROTOCOL"), + SIP_DIP_DPORT_PROTOCOL("SIP_DIP_DPORT_PROTOCOL"), + SIP_SPORT_PROTOCOL("SIP_SPORT_PROTOCOL"), + SIP_DIP_PROTOCOL("SIP_DIP_PROTOCOL"), + SIP_DPORT_PROTOCOL("SIP_DPORT_PROTOCOL"), + SPORT_DIP_PROTOCOL("SPORT_DIP_PROTOCOL"), + DIP_DPORT_PROTOCOL("DIP_DPORT_PROTOCOL"), + SIP_DIP("SIP_DIP"), + SIP_PROTOCOL("SIP_PROTOCOL"), + DIP_PROTOCOL("DIP_PROTOCOL"), + SIP("SIP"), + DIP("DIP"), + // 带掩码规则的五元组规则类型对应表 + DIP_MDIP("DIP_MDIP"), + DIP_MDIP_PROTOCOL_MPROTOCOL("DIP_MDIP_PROTOCOL_MPROTOCOL"), + DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL("SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP("SIP_MSIP"), + SIP_MSIP_PROTOCOL_MPROTOCOL("SIP_MSIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DIP_MDIP("SIP_MSIP_DIP_MDIP"), + SIP_MSIP_DIP_MDIP_PROTOCOL_MPROTOCOL("SIP_MSIP_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL") + ; + + private final Set rule; + private static final List> ruleEnumList = new ArrayList<>(); + + static { + for (RuleEnum ruleEnum : RuleEnum.values()) { + ruleEnumList.add(ruleEnum.rule); + } + } + + RuleEnum(String ruleName) { + this.rule = new HashSet<>(Arrays.stream(ruleName.split("_")).toList()); + } + + public static Boolean checkValidate(StaticRuleObject staticRuleObject) throws IllegalAccessException { + List nonEmptyFields = NonEmptyFieldFetcher.getNonEmptyFields(staticRuleObject); + List fieldNames = new java.util.ArrayList<>(List.of()); + for (Field field : nonEmptyFields) { + String fieldName = field.getName().toUpperCase().replace("STATICRULE", ""); + // 将合理的非空字段加入fieldNames中 + // 需要去掉STATICRULE字段,仅保留后面的字段 + if (fieldName.contains("IP") + || fieldName.contains("PORT") + || fieldName.contains("PROTOCOL")) fieldNames.add(fieldName); + } + return ruleEnumList.stream().anyMatch(rule -> rule.equals(new HashSet<>(fieldNames))); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java index 386762a..91ea1d8 100644 --- a/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java @@ -1,6 +1,5 @@ package com.realtime.protection.configuration.utils.enums; -import com.realtime.protection.configuration.utils.status.State; import com.realtime.protection.server.task.status.states.*; import lombok.Getter; diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java new file mode 100644 index 0000000..80379c5 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java @@ -0,0 +1,55 @@ +package com.realtime.protection.configuration.utils.enums.audit; + +import com.realtime.protection.configuration.utils.enums.audit.states.*; +import lombok.Getter; + +import java.util.HashMap; +import java.util.Map; + +@Getter +public enum AuditStatusEnum { + PENDING(0, new PendingState()), // 未审核状态 + RETURNED(1, new ReturnedState()), // 退回状态 + AUDITED(2, new AuditedState()), // 已审核状态 + USING(3, new UsingState()); // 使用中状态 + + private final Integer num; + private final State state; + private static final Map NumToStateMap = new HashMap<>(); + private static final Map StateToNumMap = new HashMap<>(); + private static final Map StateToAuditStatusEnumMap = new HashMap<>(); + + static { + for (AuditStatusEnum status : AuditStatusEnum.values()) { + NumToStateMap.put(status.getNum(), status.getState()); + StateToNumMap.put(status.getState(), status.getNum()); + StateToAuditStatusEnumMap.put(status.getState(), status); + } + } + + AuditStatusEnum(int auditStatus, State state) { + this.num = auditStatus; + this.state = state; + } + + public static State getStateByNum(Integer auditStatusNum) { + if (auditStatusNum == null) { + return null; + } + return NumToStateMap.get(auditStatusNum); + } + + public static Integer getNumByState(State state) { + if (state == null) { + return null; + } + return StateToNumMap.get(state); + } + + public static AuditStatusEnum getAuditStatusEnumByState(State state) { + if (state == null) { + return null; + } + return StateToAuditStatusEnumMap.get(state); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java new file mode 100644 index 0000000..6c0c441 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java @@ -0,0 +1,26 @@ +package com.realtime.protection.configuration.utils.enums.audit; + +import com.realtime.protection.configuration.utils.enums.audit.states.State; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class AuditStatusValidator { + + private final State auditStatusOriginal; + + public AuditStatusValidator(Integer auditStatusOriginal) { + this.auditStatusOriginal = AuditStatusEnum.getStateByNum(auditStatusOriginal); + } + + public static AuditStatusValidator setOriginal(Integer auditStatusOriginal) { + return new AuditStatusValidator(auditStatusOriginal); + } + + public Boolean checkValidate(Integer newAuditStatus) { + State newState = AuditStatusEnum.getStateByNum(newAuditStatus); + if (newState == null) { + return false; + } + return auditStatusOriginal.checkValidate(newState); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java new file mode 100644 index 0000000..740ae2c --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class AuditedState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case RETURNED -> false; + case PENDING, USING, AUDITED -> true; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java new file mode 100644 index 0000000..ddec69e --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class PendingState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case USING -> false; + case PENDING, RETURNED, AUDITED -> true; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java new file mode 100644 index 0000000..9e09019 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class ReturnedState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case PENDING, RETURNED -> true; + case AUDITED, USING -> false; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java new file mode 100644 index 0000000..118fdbd --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java @@ -0,0 +1,5 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +public interface State { + Boolean checkValidate(State newState); +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java new file mode 100644 index 0000000..82f156f --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class UsingState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case AUDITED, USING -> true; + case PENDING, RETURNED -> false; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java deleted file mode 100644 index 8de8b3b..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java +++ /dev/null @@ -1,18 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.Getter; - -@Getter -public enum AuditStatus { - PENDING(0), // 未审核状态 - RETURNED(1), // 退回状态 - AUDITED(2), // 已审核状态 - DRAFT(3); // 草稿 - - private final int auditStatus; - - AuditStatus(int auditStatus) { - this.auditStatus = auditStatus; - } - -} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java deleted file mode 100644 index 90d15e1..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java +++ /dev/null @@ -1,32 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public class AuditStatusValidator { - - private final Integer auditStatusOriginal; - - public AuditStatusValidator(Integer auditStatusOriginal) { - this.auditStatusOriginal = auditStatusOriginal; - } - - public static AuditStatusValidator setOriginal(Integer auditStatusOriginal) { - return new AuditStatusValidator(auditStatusOriginal); - } - - public Boolean checkValidate(Integer newAuditStatus) { - switch (newAuditStatus) { - case 0, 1 -> { - return auditStatusOriginal != 2; - } - case 2 -> { - return auditStatusOriginal != 1; - } - default -> { - log.debug("欲修改的审核状态不正确,需要使用正确的审核状态,当前的审核状态:{}", auditStatusOriginal); - return false; - } - } - } -} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java b/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java deleted file mode 100644 index af6a1b8..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.Getter; - -@Getter -public enum StateNum { - PENDING(0), - RUNNING(1), - PAUSED(2), - STOPPED(3), - FAILED(4), - FINISHED(5); - - private final int stateNum; - - StateNum(int stateNum) { - this.stateNum = stateNum; - } - -} diff --git a/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java b/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java index c513d4e..625c62c 100644 --- a/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java +++ b/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java @@ -3,7 +3,7 @@ package com.realtime.protection.server.defense.object; import com.alibaba.excel.util.ListUtils; import com.realtime.protection.configuration.entity.defense.object.ProtectObject; import com.realtime.protection.configuration.utils.SqlSessionWrapper; -import com.realtime.protection.configuration.utils.status.AuditStatusValidator; +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; diff --git a/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java b/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java index c7dcbbc..69b2094 100644 --- a/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java +++ b/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java @@ -1,6 +1,7 @@ package com.realtime.protection.server.defense.template; import com.realtime.protection.configuration.entity.defense.template.Template; +import lombok.SneakyThrows; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -44,6 +45,21 @@ public class TemplateService { return templateMapper.queryTemplate(templateId); } + public List