enderbyendera-realtime-protection/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java

package com.realtime.protection.server.alertmessage;

import com.baomidou.dynamic.datasource.annotation.DSTransactional;
import com.realtime.protection.configuration.entity.alert.AlertMessage;
import com.realtime.protection.configuration.entity.defense.template.ProtectLevel;
import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
import com.realtime.protection.configuration.utils.enums.StateEnum;
import com.realtime.protection.configuration.utils.enums.TaskTypeEnum;
import com.realtime.protection.server.command.CommandService;
import org.springframework.stereotype.Service;

import java.util.List;
import java.util.UUID;

// AlertMessage的UUID在mapper插入数据库时生成了，这里提前生成好像美神恶魔用
@Service
public class AlertMessageService {
    private final CommandService commandService;
    private final AlertMessageMapper alertMessageMapper;

    public AlertMessageService(
            CommandService commandService,
    AlertMessageMapper alertMessageMapper) {
        this.commandService = commandService;
        this.alertMessageMapper = alertMessageMapper;
    }

    @DSTransactional
    public String processAlertMessage(AlertMessage alertMessage) {
        TaskCommandInfo dynamicTaskCommandInfo = generateDynamicCommand(alertMessage);

        Integer taskStatus = dynamicTaskCommandInfo.getTaskStatus();
        Integer taskType = dynamicTaskCommandInfo.getTaskType();
        String alertMessageUUID = null;

        if (taskType == TaskTypeEnum.DYNAMIC.getTaskType())//实时
            switch (StateEnum.getStateEnumByNum(taskStatus)) {
                case RUNNING:
                    alertMessageUUID = insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, true, alertMessage);
                    break;
                case PAUSED:
                    alertMessageUUID = insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, true, alertMessage);
                    break;
                default://主要是stop
                    //command不入库
                    //alertmessage入库
                    alertMessageUUID = insertAlertMessageOnly(alertMessage);
                    break;
            }
        else if (taskType == TaskTypeEnum.JUDGED.getTaskType())//研判后
            switch (StateEnum.getStateEnumByNum(taskStatus)) {
                case RUNNING:
                    alertMessageUUID = insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, false, alertMessage);
                    break;
                case PAUSED:
                    alertMessageUUID = insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, false, alertMessage);
                    break;
                default://主要是stop
                    //command不入库
                    //alertmessage入库
                    alertMessageUUID = insertAlertMessageOnly(alertMessage);
            }
        return alertMessageUUID;
    }


    private TaskCommandInfo generateDynamicCommand(AlertMessage alertMessage){
        Long taskId = alertMessage.getTaskId();
        Integer DynamicRuleId = alertMessage.getDynamicRuleId();
//        查task信息
//        （1）查询生成指令所需信息：和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo;
//        （2）额外信息：并额外查询templateId、protectLevel和taskStatus
        TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId, DynamicRuleId);
        if (dynamicCommandInfo == null || dynamicCommandInfo.getTemplateId() == null){
            throw new IllegalArgumentException("taskId: " + taskId + " DynamicRuleId: " + DynamicRuleId + " 不正确");
        }
//        根据templateId、protectLevel获取策略模板
        ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel(
                dynamicCommandInfo.getTemplateId(),
                dynamicCommandInfo.getProtectLevel());
        //根据策略模板和alertMessage中的FiveTupleWithMask生成要下发五元组信息
        FiveTupleWithMask fiveTupleWithMaskNew =  updateFiveTupleWithMask(alertMessage.getFiveTupleWithMask(),
                templateProtectLevel);
        //指令加入策略模板筛选后的fiveTupleWithMaskNew
        dynamicCommandInfo.setFiveTupleWithMask(fiveTupleWithMaskNew);

        return dynamicCommandInfo;
    }

    @DSTransactional
    private String insertCommandAndAlertMessage(TaskCommandInfo dynamicTaskCommandInfo,
                                              Boolean isValid,
                                              Boolean isJudged,
                                              AlertMessage alertMessage){
        //command入库
        dynamicTaskCommandInfo.setIsValid(isValid);
        dynamicTaskCommandInfo.setIsJudged(isJudged);
        String commandUUID = commandService.createCommand(dynamicTaskCommandInfo);

        //alertmessage入库
        alertMessage.setCommandUUID(commandUUID);
        String alertMessageUUID = UUID.randomUUID().toString();
        alertMessage.setAlertMessageUUID(alertMessageUUID);
        alertMessageMapper.insertAlertMessage(alertMessage);

        return alertMessageUUID;
    }
    private String insertAlertMessageOnly(AlertMessage alertMessage){
        //alertmessage入库
        alertMessage.setCommandUUID(null);
        String alertMessageUUID = UUID.randomUUID().toString();
        alertMessage.setAlertMessageUUID(alertMessageUUID);
        alertMessageMapper.insertAlertMessage(alertMessage);

        return alertMessageUUID;

    }



    private FiveTupleWithMask updateFiveTupleWithMask(FiveTupleWithMask fiveTupleWithMask, ProtectLevel templateProtectLevel) {

        FiveTupleWithMask newFiveTupleWithMask = new FiveTupleWithMask();
        newFiveTupleWithMask.copyFiveTupleWithMask(fiveTupleWithMask);

        if(!templateProtectLevel.getHasProtectObjectIP()){
            newFiveTupleWithMask.setDestinationIP(null);
            newFiveTupleWithMask.setMaskDestinationIP(null);
        }
        if(!templateProtectLevel.getHasProtectObjectPort()){
            newFiveTupleWithMask.setDestinationPort(null);
            newFiveTupleWithMask.setMaskDestinationPort(null);
        }
        if(!templateProtectLevel.getHasPeerIP()){
            newFiveTupleWithMask.setSourceIP(null);
            newFiveTupleWithMask.setMaskSourceIP(null);
        }
        if(!templateProtectLevel.getHasPeerPort()){
            newFiveTupleWithMask.setSourcePort(null);
            newFiveTupleWithMask.setMaskSourcePort(null);
        }
        if (!templateProtectLevel.getHasProtocol()) {
            newFiveTupleWithMask.setProtocol(null);
            newFiveTupleWithMask.setMaskProtocol(null);
        }
        //目前告警信息还只是五元组，没有url、dns
        return newFiveTupleWithMask;
    }



    public List<AlertMessage> queryAlarmsByCommandId(String commandId) {

        return alertMessageMapper.queryAlermsByCommandId(commandId);
    }
}