gfwleak/enderbyendera-realtime-protection
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1. 当任务/规则等发生修改时,审核状态将从已审核变为未审核

Browse Source 
2. 查询任务多出一个“审核状态”查询条件,允许查询审核状态为”已审核“和非”已审核“状态的所有任务
This commit is contained in:
EnderByEndera
2024-04-22 15:07:49 +08:00
parent 7e990754b9
commit e5e2e4d72f
14 changed files with 166 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/realtime/protection/configuration/response/AuditAdvice.java
View File

@@ -71,7 +71,7 @@ public class AuditAdvice implements ResponseBodyAdvice<ResponseResult> {
return null;
})
.doOnError(WebClientRequestException.class, err ->
log.warn("审计服务器遭遇异常" + err.getMessage()));
log.warn("审计服务器遭遇异常{}", err.getMessage()));
mono.subscribe(AuditAdvice::handleMono);

9
src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java
View File

@@ -3,6 +3,7 @@ package com.realtime.protection.server.defense.object;
import com.alibaba.excel.util.ListUtils;
import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@@ -74,6 +75,14 @@ public class ProtectObjectService {
}
public Boolean updateProtectObject(ProtectObject protectObject) {
if (!protectObjectMapper.queryProtectObject(protectObject.getProtectObjectId())
.getProtectObjectAuditStatus()
.equals(AuditStatusEnum.AUDITED.getNum())) {
return false;
}
protectObject.setProtectObjectAuditStatus(AuditStatusEnum.PENDING.getNum());
return protectObjectMapper.updateProtectObject(protectObject);
}

7
src/main/java/com/realtime/protection/server/defense/template/TemplateController.java
View File

@@ -64,6 +64,13 @@ public class TemplateController implements TemplateControllerApi {
return ResponseResult.ok().setData("template", template);
}
@Override
@GetMapping("/query/level")
public ResponseResult queryTemplateProtectLevels() {
List<Template> templates = templateService.queryTemplatesShort();
return ResponseResult.ok().setData("templates", templates);
}
@Override
@PostMapping("/{templateId}/update")
public ResponseResult updateTemplate(@PathVariable @Min(1) Integer templateId,

62
src/main/java/com/realtime/protection/server/defense/template/TemplateControllerApi.java
View File

@@ -41,7 +41,6 @@ public interface TemplateControllerApi {
""",
description = """
"success": 新建防御策略模板是否成功
"template_id": 新建防御策略模板ID
"""
)
@@ -104,7 +103,8 @@ public interface TemplateControllerApi {
"hasDNS": true
},
"template_used_times": 0,
"running_tasks": 0
"running_tasks": 0,
"description": "xxx"
},
{
"template_id": 24,
@@ -140,7 +140,8 @@ public interface TemplateControllerApi {
"hasDNS": true
},
"template_used_times": 0,
"running_tasks": 0
"running_tasks": 0,
"description": "xxx"
}
],
"total_num": 708
@@ -231,7 +232,8 @@ public interface TemplateControllerApi {
"hasDNS": true
},
"template_used_times": 0,
"running_tasks": 0
"running_tasks": 0,
"description": "xxx"
}
}
}
@@ -261,6 +263,58 @@ public interface TemplateControllerApi {
)
ResponseResult queryTemplate(@PathVariable Integer templateId) throws IllegalAccessException;
@GetMapping("/query/level")
@Operation(
summary = "查询所有策略模板是否含有不同类型防护等级",
description = "查询所有的策略模板是否还有日常态/应急态/紧急态三种防护等级",
responses = {
@ApiResponse(
description = "返回策略模板防护等级信息",
content = @Content(
mediaType = "application/json",
schema = @Schema(implementation = ResponseResult.class),
examples = @ExampleObject(
name = "example",
value = """
{
"code": 200,
"message": "request succeed",
"data": {
"templates": [
{
"template_id": 18,
"template_name": "洪泛型DDOS攻击-2024-01-18T16:46:14.640176900",
"has_protect_level_low": false,
"has_protect_level_medium": true,
"has_protect_level_high": false
},
{
"template_id": 24,
"template_name": "反射型DDOS攻击-2024-01-12T17:52:32.077477700",
"has_protect_level_low": false,
"has_protect_level_medium": true,
"has_protect_level_high": true
}
],
"total_num": 708
}
}
""",
description =
"""
"has_protect_level_low": 是否包含日常态防护等级
"has_protect_level_medium": 是否包含应急态防护等级
"has_protect_level_high": 是否包含紧急态防护等级
"""
)
)
)
}
)
ResponseResult queryTemplateProtectLevels();
@PostMapping("/{templateId}/update")
@Operation(
summary = "更新防御策略模板信息",

8
src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java
View File

@@ -28,9 +28,7 @@ public class DynamicRuleService {
//判断protectObject id是否有效
boolean ProtectObjIdValid = dynamicRule.getProtectObjectIds().stream()
.allMatch(
protectObjectId -> dynamicRuleMapper.queryProtectObjectById(protectObjectId)
);
.allMatch(dynamicRuleMapper::queryProtectObjectById);
if (!ProtectObjIdValid) {
throw new IllegalArgumentException("protect object id is invalid");
}
@@ -125,9 +123,7 @@ public class DynamicRuleService {
dynamicRuleMapper.deleteDynamicRuleProtectObjectConcat(dynamicRuleId);
//新增DynamicRule关联的ProtectObject
boolean ProtectObjIdValid = dynamicRuleObject.getProtectObjectIds().stream()
.allMatch(
protectObjectId -> dynamicRuleMapper.queryProtectObjectById(protectObjectId)
);
.allMatch(dynamicRuleMapper::queryProtectObjectById);
if (!ProtectObjIdValid) {
throw new IllegalArgumentException("protect object id is invalid");
}

5
src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java
View File

@@ -114,8 +114,8 @@ public class StaticRuleService {
throw new IllegalArgumentException("未知的静态规则ID");
}
if (Objects.equals(staticRuleObject.getStaticRuleAuditStatus(), AuditStatusEnum.USING.getNum())) {
throw new IllegalArgumentException("静态规则当前正在使用,无法更新");
if (!staticRuleObject.getStaticRuleAuditStatus().equals(AuditStatusEnum.AUDITED.getNum())) {
throw new IllegalStateException("无法修改该静态规则,因为其审核状态未处于" + AuditStatusEnum.AUDITED);
}
if (!RuleEnum.checkValidate(object)) {
@@ -125,6 +125,7 @@ public class StaticRuleService {
//判断当前静态规则是否能够修改---是否存在任务选择的静态规则??
//按id查询该静态规则的used_task_id字段如果不为空则不能修改
object.setStaticRuleModifyTime(LocalDateTime.now());
object.setStaticRuleAuditStatus(AuditStatusEnum.PENDING.getNum());
//修改静态规则
return staticRuleMapper.updateStaticRule(id, object);
}

3
src/main/java/com/realtime/protection/server/task/TaskController.java
View File

@@ -70,9 +70,10 @@ public class TaskController implements TaskControllerApi {
@RequestParam(value = "task_type", required = false) Integer taskType,
@RequestParam(value = "task_name", required = false) String taskName,
@RequestParam(value = "task_creator", required = false) String taskCreator,
@RequestParam(value = "audit_status", required = false) Boolean auditStatus,
@RequestParam("page") @Min(1) Integer page,
@RequestParam("page_size") @Min(1) Integer pageSize) {
List<Task> tasks = taskService.queryTasks(taskStatus, taskType, taskName, taskCreator, page, pageSize);
List<Task> tasks = taskService.queryTasks(taskStatus, taskType, taskName, taskCreator, auditStatus, page, pageSize);
return ResponseResult.ok()
.setData("task_list", tasks)
.setData("total_num", taskService.queryTaskTotalNum(taskStatus, taskType, taskName, taskCreator));

2
src/main/java/com/realtime/protection/server/task/TaskControllerApi.java
View File

@@ -181,6 +181,7 @@ public interface TaskControllerApi {
@Parameter(name = "task_type", description = "任务类型1为静态2为实时3为研判后"),
@Parameter(name = "task_name", description = "任务名称"),
@Parameter(name = "task_creator", description = "任务创建人"),
@Parameter(name = "audit_status", description = "审批状态"),
@Parameter(name = "page", description = "页码", example = "1"),
@Parameter(name = "page_size", description = "每页查询个数", example = "10")
}
@@ -189,6 +190,7 @@ public interface TaskControllerApi {
@RequestParam(value = "task_type", required = false) Integer taskType,
@RequestParam(value = "task_name", required = false) String taskName,
@RequestParam(value = "task_creator", required = false) String taskCreator,
@RequestParam(value = "audit_status", required = false) Boolean auditStatus,
@RequestParam("page") @Min(1) Integer page,
@RequestParam("page_size") @Min(1) Integer pageSize);

1
src/main/java/com/realtime/protection/server/task/TaskMapper.java
View File

@@ -23,6 +23,7 @@ public interface TaskMapper {
List<Task> queryTasks(@Param("task_status") Integer taskStatus, @Param("task_type") Integer task_type,
@Param("task_name") String taskName, @Param("task_creator") String taskCreator,
@Param("task_audit_status") Boolean auditStatus,
@Param("page") Integer page, @Param("page_size") Integer pageSize);
Task queryTask(@Param("task_id") Long taskId);

13
src/main/java/com/realtime/protection/server/task/TaskService.java
View File

@@ -5,12 +5,14 @@ import com.realtime.protection.configuration.entity.task.DynamicTaskInfo;
import com.realtime.protection.configuration.entity.task.Task;
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
import com.realtime.protection.configuration.utils.enums.StateEnum;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.List;
import java.util.Objects;
@Service
@Slf4j
@@ -42,8 +44,9 @@ public class TaskService {
@Transactional
public List<Task> queryTasks(Integer taskStatus,
Integer taskType, String taskName, String taskCreator,
Boolean auditStatus,
Integer page, Integer pageSize) {
List<Task> tasks = taskMapper.queryTasks(taskStatus, taskType, taskName, taskCreator, page, pageSize);
List<Task> tasks = taskMapper.queryTasks(taskStatus, taskType, taskName, taskCreator, auditStatus, page, pageSize);
for (Task task : tasks) {
if (task == null) {
continue;
@@ -70,6 +73,12 @@ public class TaskService {
@Transactional
public Boolean updateTask(Task task) {
if (!Objects.equals(taskMapper.queryTaskAuditStatus(task.getTaskId()), AuditStatusEnum.AUDITED.getNum())) {
return false;
}
task.setTaskAuditStatus(AuditStatusEnum.PENDING.getNum());
taskMapper.updateTask(task);
taskMapper.clearTaskConnectedStaticRule(task.getTaskId());
@@ -139,7 +148,7 @@ public class TaskService {
return taskMapper.queryTasksByStatus(StateEnum.FINISHED.getStateNum());
}
public Integer queryTaskTotalNum(Integer taskStatus, Integer taskType, String taskName,String taskCreator) {
public Integer queryTaskTotalNum(Integer taskStatus, Integer taskType, String taskName, String taskCreator) {
return taskMapper.queryTaskTotalNum(taskStatus, taskType, taskName, taskCreator);
}
}

7
src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java
View File

@@ -5,6 +5,7 @@ import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleOb
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
import com.realtime.protection.server.rule.staticrule.StaticRuleMapper;
import org.springframework.stereotype.Service;
@@ -102,6 +103,12 @@ public class WhiteListService {
}
public Integer updateWhiteListObject(Integer id, WhiteListObject object) {
if (!whiteListMapper.queryWhiteListObjectAuditStuatusById(id).equals(AuditStatusEnum.AUDITED.getNum())) {
throw new IllegalStateException("无法修改白名单信息,因为其并未处于" + AuditStatusEnum.AUDITED + "状态");
}
object.setWhiteListAuditStatus(AuditStatusEnum.PENDING.toString());
return whiteListMapper.updateWhiteListObject(id, object);
}

5
src/main/resources/mappers/TaskMapper.xml
View File

@@ -71,6 +71,9 @@
<if test="task_creator != null">
AND task_create_username LIKE CONCAT('%', #{task_creator}, '%')
</if>
<if test="task_audit_status != null">
AND task_audit_status = #{task_audit_status}
</if>
</where>
LIMIT ${(page - 1) * page_size}, #{page_size}
</select>
@@ -78,7 +81,7 @@
<select id="queryStaticRuleIdsFromTaskId" resultType="java.lang.Integer">
SELECT static_rule_id
FROM t_static_rule
WHERE static_rule_used_task_id = #{task_id}
WHERE static_rule_used_task_id = #{task_id} AND static_rule_audit_status = true
</select>
<select id="queryDynamicRuleIdsFromTaskId" resultType="java.lang.Integer">

14
src/test/java/com/realtime/protection/server/task/TaskServiceTest.java
View File

@@ -118,17 +118,17 @@ class TaskServiceTest extends ProtectionApplicationTests {
}
List<Task> tasks = taskService.queryTasks(null, null, null, null, 1, 10);
List<Task> tasks = taskService.queryTasks(null, null, null, null, null, 1, 10);
assertEquals(10, tasks.size());
tasks = taskService.queryTasks(0, null, null, null, 1, 10);
tasks = taskService.queryTasks(0, null, null, null, null, 1, 10);
assertEquals(10, tasks.size());
tasks.forEach(task -> assertEquals(0, task.getTaskStatus()));
tasks = taskService.queryTasks(null, 0, null, null, 1, 10);
tasks = taskService.queryTasks(null, 0, null, null, null, 1, 10);
assertEquals(0, tasks.size());
tasks = taskService.queryTasks(null, null, testName, null, 1, 10);
tasks = taskService.queryTasks(null, null, testName, null, null, 1, 10);
assertEquals(10, tasks.size());
tasks.forEach(task -> assertEquals(testName, task.getTaskName()));
}
@@ -136,7 +136,7 @@ class TaskServiceTest extends ProtectionApplicationTests {
@Test
void testUpdateTasks() {
Task originalTask = taskService.queryTasks(
null, null, null, null, 1, 1)
null, null, null, null, null, 1, 1)
.get(0);
List<StaticRuleObject> staticRuleObjects = staticRuleService.queryStaticRule(
@@ -153,7 +153,7 @@ class TaskServiceTest extends ProtectionApplicationTests {
@Test
void testDeleteTask() {
long testNum = taskService.queryTasks(null, null, null, null, 1, 10)
long testNum = taskService.queryTasks(null, null, null, null, null, 1, 10)
.get(0).getTaskId();
assertTrue(taskService.deleteTask(testNum));
@@ -162,7 +162,7 @@ class TaskServiceTest extends ProtectionApplicationTests {
@Test
void testChangeAuditStatus() {
long testNum = taskService.queryTasks(null, null, null, null, 1, 1)
long testNum = taskService.queryTasks(null, null, null, null, null, 1, 1)
.get(0).getTaskId();
assertTrue(taskService.changeTaskAuditStatus(testNum, 2));

6
src/test/java/com/realtime/protection/server/task/status/CommandServiceTest.java
View File

@@ -36,7 +36,7 @@ class CommandServiceTest extends ProtectionApplicationTests {
@BeforeEach
void mockCommand() {
Task task = taskService.queryTasks(null, null, null, null, 1, 1).get(0);
Task task = taskService.queryTasks(null, null, null, null, null, 1, 1).get(0);
FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask();
fiveTupleWithMask.setMaskSourceIP("192.168.155.24");
@@ -66,7 +66,7 @@ class CommandServiceTest extends ProtectionApplicationTests {
@Test
void createCommands() {
List<TaskCommandInfo> taskCommandInfos = ListUtils.newArrayListWithExpectedSize(100);
Task task = taskService.queryTasks(null, null, null, null, 1, 1).get(0);
Task task = taskService.queryTasks(null, null, null, null, null, 1, 1).get(0);
for (int i = 0; i < 100; i++) {
int port = i + 1000;
TaskCommandInfo taskCommandInfo = new TaskCommandInfo();
@@ -92,7 +92,7 @@ class CommandServiceTest extends ProtectionApplicationTests {
@Test
void queryCommandInfos() {
Task task = taskService.queryTasks(null, null, null, null, 1, 1).get(0);
Task task = taskService.queryTasks(null, null, null, null, null, 1, 1).get(0);
List<TaskCommandInfo> taskCommandInfos = commandService.queryCommandInfos(task.getTaskId(),
null, null, null, null,1, 5);
assertTrue(taskCommandInfos != null && !taskCommandInfos.isEmpty());