验证代理对象的证书是否被拦截策略引用，如被引用，则证书配置不能取消。

2019-01-18 20:21:04 +06:00
parent 698fd13a65
commit 3c61dc7bad
5 changed files with 68 additions and 2 deletions
--- a/src/main/java/com/nis/web/controller/configuration/proxy/PxyObjKeyringController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/PxyObjKeyringController.java
@@ -41,6 +41,7 @@ import com.google.common.collect.Maps;
 import com.nis.domain.Page;
 import com.nis.domain.basics.PolicyGroupInfo;
 import com.nis.domain.configuration.CfgIndexInfo;
+import com.nis.domain.configuration.DnsIpCfg;
 import com.nis.domain.configuration.DnsResStrategy;
 import com.nis.domain.configuration.IpPortCfg;
 import com.nis.domain.configuration.PxyObjKeyring;
@@ -911,4 +912,31 @@ public class PxyObjKeyringController extends BaseController {
 		}
 		return "redirect:" + adminPath + "/proxy/intercept/strateagy/trustedCertList?functionId=" + functionId;
 	}
+	
+	/**
+	 * 验证Keyring是否有被使用
+	 * 
+	 * @param entity
+	 * @param request
+	 * @param response
+	 * @return
+	 */
+	@ResponseBody
+	@RequestMapping(value = { "/ajaxKeyinfIsUsed" })
+	public boolean ajaxKeyinfIsUsed(String[] compileIds, HttpServletRequest request, HttpServletResponse response) {
+		for(String compileId:compileIds){
+			CfgIndexInfo cfg = new CfgIndexInfo();
+			cfg.setIsAudit(1);
+			cfg.setIsValid(1);
+			cfg.setFunctionId(200);//代理拦截策略
+			cfg.setServiceId(512);
+			cfg.setUserRegion1(compileId);
+			List<CfgIndexInfo> list = httpRedirectCfgService.getCfgIndexInfos(cfg);
+			if (list.size() > 0) {
+				return false;
+			}
+		}
+		
+		return true;
+	}
 }
--- a/src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.xml
@@ -371,6 +371,17 @@
 	    	<if test="sourceCompileId != null">
 	    		and source_compile_id=#{sourceCompileId}
 	    	</if>
+	    	<if test="isValid != null">
+	    		and is_valid=#{isValid}
+	    	</if>
+	    	<if test="isAudit != null">
+	    		and is_audit=#{isAudit}
+	    	</if>
+	    	<!-- 代理拦截策略 -->
+	    	<if test="functionId != null and functionId=200">
+	    		and a.user_region1=#{userRegion1}
+	    	</if>
+	    	
 	    </where>
  </select>
  <select id="getIpPortList" resultMap="ipPortMap" parameterType="com.nis.domain.configuration.CfgIndexInfo">
--- a/src/main/java/com/nis/web/service/configuration/HttpRedirectCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/HttpRedirectCfgService.java
@@ -54,6 +54,10 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
 	@Autowired
 	protected StringCfgDao stringCfgDao;
 	
+	public List<CfgIndexInfo> getCfgIndexInfos(CfgIndexInfo entity){
+		return websiteCfgDao.getCfgIndexInfos(entity);
+	}
+	
 	public CfgIndexInfo getHttpCfg(Long cfgId,Integer compileId){
 		CfgIndexInfo entity = websiteCfgDao.getCfgIndexInfo(cfgId,compileId);
 		List<HttpUrlCfg> httpUrlList = websiteCfgDao.getHttpUrlList(entity);
--- a/src/main/webapp/WEB-INF/tags/sys/delRow.tag
+++ b/src/main/webapp/WEB-INF/tags/sys/delRow.tag
@@ -185,13 +185,19 @@ function cancelPassOpt(url){
 		if(validateAllPass(checkboxes)){
 			
 			var addrPoolIds = [],canCancel = true;
+			var compileIds = [];
 			$(checkboxes).filter(":checked").each(function(){
 				var addrPoolId = $(this).attr("addressPoolId");
+				var serviceId = $(this).attr("serviceId");
+				var compileId = $(this).attr("compileId");
 				if(typeof addrPoolId != "undefined"){
 					addrPoolIds.push(addrPoolId);
 				}
+				//记录代理证书的配置
+				if(typeof serviceId != "undefined" && serviceId==520 && typeof compileId != "undefined"){
+					compileIds.push(compileId);
+				}
 			});
-			
 			// 地址池管理 （被策略引用的地址池不可取消）
 			if(addrPoolIds.length > 0){
 				$.ajax({
@@ -207,6 +213,23 @@ function cancelPassOpt(url){
 	 				}
 	 			});
 			}
+			if(canCancel){
+				//查询证书是否被拦截策略引用
+				if(compileIds.length > 0){
+					$.ajax({
+		 				type:'post',
+		 				url:'${ctx}/proxy/intercept/strateagy/ajaxKeyinfIsUsed',
+		 				data:{"compileIds":compileIds.join(',')},
+		 				async:false,
+		 				success:function(data){//处理返回结果
+		 					if(data == false){
+		 						top.$.jBox.tip('<spring:message code="keyring_is_used"/>');
+		 						canCancel=data;
+		 					}
+		 				}
+		 			});
+				}
+			}
 			
 			if(canCancel){
 				doAll(checkboxes,url);
--- a/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/list.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/intercept/strateagy/list.jsp
@@ -321,7 +321,7 @@
 								<c:forEach items="${page.list }" var="cfg" varStatus="status" step="1">
 									<tr>
 									<td>
-										<input type="checkbox" class="i-checks" serviceId="${cfg.serviceId}" id="${cfg.cfgId}" value="${cfg.isAudit}">
+										<input type="checkbox" class="i-checks" serviceId="${cfg.serviceId }" compileId="${cfg.compileId }" id="${cfg.cfgId}" value="${cfg.isAudit}">
 									</td>
 									<td>${cfg.compileId }</td>
 									<td>${cfg.cfgDesc }</td>