劫持、注入、镜像、阻断页面、拦截证书内容引用时的处理

src/main/java/com/nis/domain/callback/ProxyFileHijackCfg.java

@@ -20,20 +20,13 @@ public class ProxyFileHijackCfg extends BaseCfg<ProxyFileHijackCfg>{
 	private String path;//储存路径
 	@ExcelField(title="content_name",sort=4)
 	private String contentName;//内容格式
-    private String quote;//判断与其他菜单是否关联使用中
 		
 	public String getContentName() {
 		return contentName;
 	}
 	public void setContentName(String contentName) {
 		this.contentName = contentName;
-	}
-	public String getQuote() {
-		return quote;
-	}
-	public void setQuote(String quote) {
-		this.quote = quote;
-	}
+	}	
 	public String getIndexTable() {
 		return indexTable;
 	}

src/main/java/com/nis/domain/callback/ProxyFileInsertScriptCfg.java

@@ -12,8 +12,7 @@ public class ProxyFileInsertScriptCfg extends BaseCfg<ProxyFileInsertScriptCfg>{
 	@ExcelField(title="format",sort=3)
 	private String format;//css/js
 	@ExcelField(title="file_insert_script",sort=2)
-	private String path;//储存路径
-	private String quote;//判断与其他菜单是否关联使用中
+	private String path;//储存路径	
 	public String getIndexTable() {
 		return indexTable;
 	}
@@ -38,10 +37,4 @@ public class ProxyFileInsertScriptCfg extends BaseCfg<ProxyFileInsertScriptCfg>{
 	public void setPath(String path) {
 		this.path = path;
 	}
-	public String getQuote() {
-		return quote;
-	}
-	public void setQuote(String quote) {
-		this.quote = quote;
-	}	
 }

src/main/java/com/nis/domain/callback/ProxyFileResponsePageCfg.java

@@ -15,16 +15,7 @@ public class ProxyFileResponsePageCfg extends BaseCfg<ProxyFileResponsePageCfg>
 	private String url;//文件保存的url
 	private String contentType;//内容类型，如text/html，取字典表contentType
 	private String md5;//文件md5值
-	private Long contentLength;//文件长度
-	private String quote;//引用状态
-		
-	public String getQuote() {
-		return quote;
-	}
-
-	public void setQuote(String quote) {
-		this.quote = quote;
-	}
+	private Long contentLength;//文件长度	
 
 	public String getIndexTable() {
 		return indexTable;

src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java

@@ -132,10 +132,8 @@ public class InterceptController extends CommonController {
 				String keyring = request.getParameter("keyring");
 				if(StringUtils.isNotBlank(keyring)) {
 					entity.getUserRegion().put("keyring", Long.parseLong(keyring));
-					entity.setUserRegion4(keyring);
 				}else {
 					entity.getUserRegion().put("keyring", 0);
-					entity.setUserRegion4("0");
 				}
 				Map<String,Object> map = new HashMap();
 				//exclusions
@@ -237,10 +235,9 @@ public class InterceptController extends CommonController {
 				if("1".equals(enable)) {
 					if(StringUtils.isNotBlank(mirror_profile)){
 						map.put("mirror_profile", mirror_profile.trim());
-						entity.setUserRegion5(mirror_profile.trim());
 					}
-				}				
-				entity.getUserRegion().put("decrypt_mirror", map);				
+				}
+				entity.getUserRegion().put("decrypt_mirror", map);
 			}
 			interceptCfgService.saveInterceptCfg(entity);
 			//配置仅保存

src/main/java/com/nis/web/controller/configuration/proxy/PxyObjKeyringController.java

@@ -1012,31 +1012,4 @@ public class PxyObjKeyringController extends BaseController {
 		}
 		return "redirect:" + adminPath + "/proxy/intercept/strateagy/trustedCertList?functionId=" + functionId;
 	}
-	
-	/**
-	 * 验证Keyring是否有被使用
-	 * 
-	 * @param entity
-	 * @param request
-	 * @param response
-	 * @return
-	 */
-	@ResponseBody
-	@RequestMapping(value = { "/ajaxKeyinfIsUsed" })
-	public boolean ajaxKeyinfIsUsed(String[] compileIds, HttpServletRequest request, HttpServletResponse response) {
-		for(String compileId:compileIds){
-			CfgIndexInfo cfg = new CfgIndexInfo();
-			cfg.setIsAudit(1);
-			cfg.setIsValid(1);
-			cfg.setFunctionId(200);//代理拦截策略
-			cfg.setServiceId(512);
-			cfg.setUserRegion1(compileId);
-			List<CfgIndexInfo> list = httpRedirectCfgService.getCfgIndexInfos(cfg);
-			if (list.size() > 0) {
-				return false;
-			}
-		}
-		
-		return true;
-	}
 }

src/main/java/com/nis/web/controller/configuration/proxy/StatusOfUsedController.java

@@ -0,0 +1,99 @@
+package com.nis.web.controller.configuration.proxy;
+
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import com.nis.domain.configuration.CfgIndexInfo;
+import com.nis.web.controller.BaseController;
+import com.nis.web.service.BaseService;
+import com.nis.web.service.configuration.StatusOfUsedService;
+
+@Controller
+@RequestMapping("${adminPath}/proxy/statusOfUsed")
+public class StatusOfUsedController extends BaseController{
+	@Autowired
+	protected StatusOfUsedService statusOfUsedService;
+	
+	@ResponseBody
+	@RequestMapping(value = { "/ajaxRequest" })
+	public boolean statusOfUsed(String[] compileIds, HttpServletRequest request, HttpServletResponse response) {
+		Integer isValid = Integer.parseInt(request.getParameter("isValid"));		
+		Integer ServiceId = Integer.parseInt(request.getParameter("serviceId"));
+		Integer functionId = 0;
+		String key = "";
+		//拦截证书策略
+		if(ServiceId==520){
+			functionId = 200;
+			ServiceId = 512;
+			key = "keyring";
+		}//流量转发目的地址
+		if(ServiceId==645){
+			functionId = 200;
+			ServiceId = 512;
+			key = "mirror_profile";
+		}
+		//劫持文件、注入脚本文件
+		else if(ServiceId==643 || ServiceId==644){
+			functionId = 215;
+			ServiceId = 656;
+		}//访问阻断页面
+		else if(ServiceId==646){
+			functionId = 207;
+			ServiceId = 576;
+		}
+		if(ServiceId == 576 || ServiceId==656){
+			for(String compileId:compileIds){
+				CfgIndexInfo cfg = new CfgIndexInfo();				
+				if(ServiceId==656){
+					cfg.setUserRegion4(compileId);
+				}else if(ServiceId==576){
+					cfg.setUserRegion3(compileId);
+				}		
+				cfg.setIsValid(isValid);
+				cfg.setFunctionId(functionId);
+				cfg.setServiceId(ServiceId);
+				
+				List<CfgIndexInfo> list = statusOfUsedService.getStatusOfUsed(cfg);
+				if (list.size() > 0) {
+					return false;
+				}
+		   }
+			return true;
+		}else if(ServiceId==512){
+			   CfgIndexInfo cfg = new CfgIndexInfo();
+			   cfg.setIsValid(isValid);
+			   cfg.setFunctionId(functionId);
+			   cfg.setServiceId(ServiceId);
+			   List<CfgIndexInfo> list = statusOfUsedService.getStatusOfUsed(cfg);
+			   Map<String,Map<String,Object>> tempMap = new HashMap<>();
+			   for(CfgIndexInfo temp:list){
+				   tempMap = BaseService.gsonFromJson(temp.getUserRegion1(), Map.class);
+				   String value = "";
+				   if("keyring".equals(key)){
+					   value = String.valueOf(tempMap.get(key)); 
+				   }else if("mirror_profile".equals(key)){
+					   value = String.valueOf(tempMap.get("decrypt_mirror").get("mirror_profile")); 
+				   }
+				   
+				   for(String s: compileIds){
+				        if(s.equals(value))
+				            return false;
+				    }				        
+			   }
+			   return true;
+		}	
+		
+		return true;
+	}
+}
+

src/main/java/com/nis/web/dao/configuration/ProxyFileHijackDao.xml

@@ -51,14 +51,13 @@
 	    <include refid="ProxyFileHijackCfgColumn" />
 	    <trim prefix="," prefixOverrides=",">
 			, s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName,max(i.is_valid) as quote
+			,ri.request_title as requestName
 		</trim>
 	    FROM PXY_PROFILE_HIJACK_FILES a
 	    left join sys_user s on a.creator_id=s.id
 		left join sys_user e on a.editor_id=e.id
 		left join sys_user u on a.auditor_id=u.id
-		left join request_info ri on a.request_id=ri.id
-		left join cfg_index_info i on a.COMPILE_ID=i.user_region4 
+		left join request_info ri on a.request_id=ri.id 
 	    <trim prefix="WHERE" prefixOverrides="AND |OR ">
 	    	<if test="page !=null and page.where != null and page.where != ''">
 				 AND ${page.where}
@@ -156,7 +155,6 @@
 	    	<!-- 数据范围过滤 -->
 			${sqlMap.dsf}
 	    </trim>
-	    group by compile_id
 	    <choose>
 			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
 				ORDER BY ${page.orderBy},a.is_audit,a.CFG_ID desc

src/main/java/com/nis/web/dao/configuration/ProxyFileInsertScriptDao.xml

@@ -51,14 +51,13 @@
 	    <include refid="ProxyFileInsertScriptCfgColumn" />
 	    <trim prefix="," prefixOverrides=",">
 			, s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName,max(i.is_valid) as quote
+			,ri.request_title as requestName
 		</trim>
 	    FROM PXY_PROFILE_INSERT_SCRIPTS a
 	    left join sys_user s on a.creator_id=s.id
 		left join sys_user e on a.editor_id=e.id
 		left join sys_user u on a.auditor_id=u.id
-		left join request_info ri on a.request_id=ri.id
-		left join cfg_index_info i on a.COMPILE_ID=i.user_region4 		
+		left join request_info ri on a.request_id=ri.id	
 	    <trim prefix="WHERE" prefixOverrides="AND |OR ">
 	    	<if test="page !=null and page.where != null and page.where != ''">
 				 AND ${page.where}
@@ -154,8 +153,7 @@
 	    	</if>	    	
 	    	<!-- 数据范围过滤 -->
 			${sqlMap.dsf}
-	    </trim>
-	    group by compile_id
+	    </trim>	    
 	    <choose>
 			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
 				ORDER BY ${page.orderBy},a.is_audit,a.CFG_ID desc

src/main/java/com/nis/web/dao/configuration/ProxyFileResponsePageDao.xml

@@ -53,14 +53,13 @@
 	    <include refid="ProxyFileResponsePageCfgColumn" />
 	    <trim prefix="," prefixOverrides=",">
 			, s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName,max(i.is_valid) as quote
+			,ri.request_title as requestName
 		</trim>
 	    FROM pxy_profile_response_pages a
 	    left join sys_user s on a.creator_id=s.id
 		left join sys_user e on a.editor_id=e.id
 		left join sys_user u on a.auditor_id=u.id
 		left join request_info ri on a.request_id=ri.id
-		left join cfg_index_info i on a.COMPILE_ID=i.user_region3
 		
 	    <trim prefix="WHERE" prefixOverrides="AND |OR ">
 	    	<if test="page !=null and page.where != null and page.where != ''">
@@ -160,8 +159,7 @@
 	    	</if>
 	    	<!-- 数据范围过滤 -->
 			${sqlMap.dsf}
-	    </trim>
-	    group by compile_id
+	    </trim>	    
 	    <choose>
 			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
 				ORDER BY ${page.orderBy},a.is_audit,a.CFG_ID desc

src/main/java/com/nis/web/dao/configuration/ProxyFileTrafficMirrorDao.xml

@@ -50,14 +50,13 @@
 	    <include refid="ProxyFileTrafficMirrorCfgColumn" />
 	    <trim prefix="," prefixOverrides=",">
 			, s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName,max(i.is_valid) as userRegion5
+			,ri.request_title as requestName
 		</trim>
 	    FROM PXY_PROFILE_TRAFFIC_MIRROR a
 	    left join sys_user s on a.creator_id=s.id
 		left join sys_user e on a.editor_id=e.id
 		left join sys_user u on a.auditor_id=u.id
-		left join request_info ri on a.request_id=ri.id
-		left join cfg_index_info i on a.COMPILE_ID=i.user_region5
+		left join request_info ri on a.request_id=ri.id		
 	    <trim prefix="WHERE" prefixOverrides="AND |OR ">
 	    	<if test="page !=null and page.where != null and page.where != ''">
 				 AND ${page.where}
@@ -156,8 +155,7 @@
 	    	</if>	    	
 	    	<!-- 数据范围过滤 -->
 			${sqlMap.dsf}
-	    </trim>
-	    group by compile_id
+	    </trim>	    
 	    <choose>
 			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
 				ORDER BY ${page.orderBy},a.is_audit,a.CFG_ID desc

src/main/java/com/nis/web/dao/configuration/PxyObjKeyringDao.xml

@@ -142,14 +142,13 @@
 			<include refid="PxyObjKeyringColumns"/>
 		<trim prefix="," prefixOverrides=",">
 			,s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName,max(i.is_valid) as userRegion4
+			,ri.request_title as requestName
 		</trim>
 	    FROM  pxy_obj_keyring r
 	    left join sys_user s on r.creator_id=s.id
 		left join sys_user e on r.editor_id=e.id
 		left join sys_user u on r.auditor_id=u.id
 		left join request_info ri on r.request_id=ri.id
-		left join cfg_index_info i on r.COMPILE_ID=i.user_region4
 		<trim prefix="WHERE" prefixOverrides="AND |OR ">
 	    	<if test="page !=null and page.where != null and page.where != ''">
 				 AND ${page.where}
@@ -230,7 +229,6 @@
 	    	<!-- 数据范围过滤 -->
 			${sqlMap.dsf}
 	    </trim>
-	    group by compile_id
 	    <choose>
 			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
 				ORDER BY ${page.orderBy},r.is_audit,r.CFG_ID desc

src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.java

@@ -26,6 +26,7 @@ import com.nis.web.dao.MyBatisDao;
 public interface WebsiteCfgDao extends CrudDao<CfgIndexInfo>{
 
 	public List<CfgIndexInfo> getCfgIndexInfos(CfgIndexInfo entity);
+	public List<CfgIndexInfo> getStatusOfUsed(CfgIndexInfo entity);
 	public CfgIndexInfo getCfgIndexInfo(@Param("cfgId")Long id,@Param("compileId")Integer compileId);
 	public List<CfgIndexInfo> getWebsiteList(CfgIndexInfo entity);
 	public List<IpPortCfg> getIpPortList(CfgIndexInfo entity);

src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.xml

@@ -1177,4 +1177,42 @@
   <delete id="deleteDnsDomainCfg">
   	delete from dns_domain_cfg where compile_id=#{compileId} and function_id=#{functionId}
   </delete>
+  
+  <select id="getStatusOfUsed" resultMap="CfgIndexInfoMap" parameterType="com.nis.domain.configuration.CfgIndexInfo">
+		 SELECT 
+	    <include refid="ConfigIndex_Column" />
+	    FROM cfg_index_info a 
+	    <where>
+	    	<if test="cfgId != null">
+	    		and cfg_id=#{cfgId}
+	    	</if>
+	    	<if test="compileId != null">
+	    		and compile_id=#{compileId}
+	    	</if>
+	    	<if test="functionId != null">
+	    		and function_id=#{functionId}
+	    	</if>
+	    	<if test="serviceId != null">
+	    		and service_id=#{serviceId}
+	    	</if>
+	    	<if test="sourceCompileId != null">
+	    		and source_compile_id=#{sourceCompileId}
+	    	</if>
+	    	<if test="isValid != null and isValid != -1">
+	    		and is_valid=#{isValid}
+	    	</if>
+	    	<if test="isValid == -1">
+	    		and is_valid &gt; #{isValid}
+	    	</if>	    	
+	    	<!-- 访问阻断页面 -->
+	    	<if test="functionId != null and functionId==207">
+	    		and a.user_region3 = #{userRegion3,jdbcType=VARCHAR}
+	    	</if>
+	    	<!-- 劫持、注入脚本 -->
+	    	<if test="functionId != null and functionId==215">
+	    		and a.user_region4 = #{userRegion4,jdbcType=VARCHAR}
+	    	</if>
+	    	
+	    </where>
+  </select>
 </mapper>

src/main/java/com/nis/web/service/configuration/CommonPolicyService.java

@@ -459,9 +459,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 				List<ProxyObjKeyring> convertList = Lists.newArrayList();
 				for (Object object : auditList) {
 					PxyObjKeyring cfg = (PxyObjKeyring)object;
-					if(!"1".equals(cfg.getUserRegion4())){
-						convertList.add(BaseService.convertCallBackProxyObjKeyring(cfg));
-					}
+					convertList.add(BaseService.convertCallBackProxyObjKeyring(cfg));
 				}
 				if(convertList.size() > 0) {
 					auditList = convertList;
@@ -484,20 +482,16 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 				List<ProxyFileHijackCfgAudit> convertList = Lists.newArrayList();
 				for (Object object : auditList) {
 					ProxyFileHijackCfg cfg = (ProxyFileHijackCfg)object;
-					if(!"1".equals(cfg.getQuote())){
-						convertList.add(BaseService.convertCallBackProxyFileHijack(cfg));
-					}
+					convertList.add(BaseService.convertCallBackProxyFileHijack(cfg));
 				}
 				if(convertList.size() > 0) {
 					auditList = convertList;
 				}
-			}else if(entity.getServiceId().equals(644)) { // 脚本注入
+			}else if(entity.getServiceId().equals(644)) { // 劫持文件
 				List<ProxyFileInsertScriptCfgAudit> convertList = Lists.newArrayList();
 				for (Object object : auditList) {
 					ProxyFileInsertScriptCfg cfg = (ProxyFileInsertScriptCfg)object;
-					if(!"1".equals(cfg.getQuote())){
-						convertList.add(BaseService.convertCallBackProxyFileInsertScript(cfg));
-					}
+					convertList.add(BaseService.convertCallBackProxyFileInsertScript(cfg));
 				}
 				if(convertList.size() > 0) {
 					auditList = convertList;
@@ -506,9 +500,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 				List<ProxyFileTrafficMirrorCfgAudit> convertList = Lists.newArrayList();
 				for (Object object : auditList) {
 					ProxyFileTrafficMirrorCfg cfg = (ProxyFileTrafficMirrorCfg)object;
-					if(!"1".equals(cfg.getUserRegion5())){
-						convertList.add(BaseService.convertCallBackProxyFileTrafficMirror(cfg));
-					}
+					convertList.add(BaseService.convertCallBackProxyFileTrafficMirror(cfg));
 				}
 				if(convertList.size() > 0) {
 					auditList = convertList;
@@ -526,9 +518,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 				List<ProxyFileResponsePageCfgAudit> convertList = Lists.newArrayList();
 				for (Object object : auditList) {
 					ProxyFileResponsePageCfg cfg = (ProxyFileResponsePageCfg)object;
-					if(!"1".equals(cfg.getQuote())){
-						convertList.add(BaseService.convertCallBackProxyFileResponsePage(cfg));
-					}
+					convertList.add(BaseService.convertCallBackProxyFileResponsePage(cfg));
 				}
 				if(convertList.size() > 0) {
 					auditList = convertList;

src/main/java/com/nis/web/service/configuration/StatusOfUsedService.java

@@ -0,0 +1,21 @@
+package com.nis.web.service.configuration;
+
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.nis.domain.configuration.CfgIndexInfo;
+import com.nis.web.dao.configuration.WebsiteCfgDao;
+import com.nis.web.service.CrudService;
+
+@Service
+public class StatusOfUsedService extends CrudService<WebsiteCfgDao, CfgIndexInfo> {
+	
+	@Autowired
+	protected WebsiteCfgDao websiteCfgDao;
+	
+	public List<CfgIndexInfo> getStatusOfUsed(CfgIndexInfo entity){
+		return websiteCfgDao.getStatusOfUsed(entity);
+	}
+}