IP导入功能的验证提交第一版，目前没有对函号，分类性质标签进行验证，ip格式验证的正则表达式填写的是*，后续版本会更新功能。

2018-07-02 16:04:41 +08:00
parent 736537bc95
commit 85da517ed0
11 changed files with 319 additions and 13 deletions
--- a/src/main/java/com/nis/util/Constants.java
+++ b/src/main/java/com/nis/util/Constants.java
@@ -7,7 +7,15 @@ import java.util.Map;
 import com.google.gson.GsonBuilder;

 public final class Constants {
-	
+	/**
+	 * IP验证正则
+	 */
+	public static final String IPV4_IP_SUBNET_REGEXP=Configurations.getStringProperty("ipv4_ip_subnet_regexp", "*");
+	public static final String IPV6_IP_SUBNET_REGEXP=Configurations.getStringProperty("ipv6_ip_subnet_regexp", "*");
+	public static final String IPV4_IP_RANGE_REGEXP=Configurations.getStringProperty("ipv4_ip_range_regexp", "*");
+	public static final String IPV6_IP_RANGE_REGEXP=Configurations.getStringProperty("ipv6_ip_range_regexp", "*");
+	public static final String IPV4_IP_REGEXP=Configurations.getStringProperty("ipv4_ip_regexp", "*");
+	public static final String IPV6_IP_REGEXP=Configurations.getStringProperty("ipv6_ip_regexp", "*");
 	/**
 	 * 用户自定义域，限速
 	 */
--- a/src/main/java/com/nis/web/controller/BaseController.java
+++ b/src/main/java/com/nis/web/controller/BaseController.java
@@ -7,6 +7,8 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -14,6 +16,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;
+import org.jets3t.service.ServiceException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.i18n.LocaleContextHolder;
@@ -25,6 +28,7 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 import com.beust.jcommander.internal.Lists;
 import com.nis.domain.FunctionRegionDict;
 import com.nis.domain.FunctionServiceDict;
+import com.nis.domain.SysDataDictionaryItem;
 import com.nis.domain.basics.ServiceDictInfo;
 import com.nis.domain.basics.SysDictInfo;
 import com.nis.domain.configuration.AreaBean;
@@ -36,6 +40,7 @@ import com.nis.domain.configuration.IpCfgTemplate;
 import com.nis.domain.configuration.RequestInfo;
 import com.nis.domain.configuration.StringCfgTemplate;
 import com.nis.domain.log.BaseLogEntity;
+import com.nis.exceptions.MaatConvertException;
 import com.nis.util.Configurations;
 //import com.nis.main.ConvertTool;
 import com.nis.util.Constants;
@@ -533,4 +538,248 @@ public class BaseController {
 			params.put("searchCfgId", entry.getCfgId());
 		}
 	}
+	public void checkIpCfg(List<IpCfgTemplate> list) throws ServiceException{
+		Properties prop=this.getMsgProp();
+		List<SysDataDictionaryItem>  ipTypeList = DictUtils.getDictList("IP_TYPE");
+		List<SysDataDictionaryItem>  ipPatternList = DictUtils.getDictList("IP_PATTERN");
+		List<SysDataDictionaryItem>  portPatternList = DictUtils.getDictList("PORT_PATTERN");
+		List<SysDataDictionaryItem>  directionList = DictUtils.getDictList("DIRECTION");
+		StringBuffer msg=new StringBuffer();
+		int line=1;
+		for(IpCfgTemplate value:list){
+			String lineStart=String.format(prop.getProperty("line"), line)+":";
+			StringBuffer errInfo=new StringBuffer();
+			// ip_type check start
+			Integer ipType=value.getIpType();
+			String ipTypeString=null;
+			if(ipType==null){
+				errInfo.append(String.format(prop.getProperty("can_not_null"), prop.getProperty("ip_type"))+";");
+			}else{
+				boolean has=false;
+				for(SysDataDictionaryItem ipTypeItem:ipTypeList){
+					if(ipType==Integer.parseInt(ipTypeItem.getItemCode())){
+						ipTypeString=ipTypeItem.getItemValue();
+						has=true;
+						break;
+					}
+				}
+				if(!has){
+					errInfo.append(String.format(prop.getProperty("is_incorrect"), prop.getProperty("ip_type"))+";");
+				}
+			}
+			// ip_type check end
+			// ip_pattern check start
+			Integer ipPattern=value.getIpPattern();
+			String ipPatternString=null;
+			if(ipPattern==null){
+				errInfo.append(String.format(prop.getProperty("can_not_null"), prop.getProperty("ip_pattern"))+";");
+			}else{
+				boolean has=false;
+				for(SysDataDictionaryItem ipPatternItem:ipPatternList){
+					if(ipPattern==Integer.parseInt(ipPatternItem.getItemCode())){
+						ipPatternString=ipPatternItem.getItemValue();
+						has=true;
+						break;
+					}
+				}
+				if(!has){
+					errInfo.append(String.format(prop.getProperty("is_incorrect"), prop.getProperty("ip_pattern"))+";");
+				}
+			}
+			// ip_pattern check end
+			//client_ip check start
+			String srcIp=value.getSrcIpAddress();
+			String _msg=checkIP(prop,prop.getProperty("client_ip"),srcIp,ipTypeString,ipPatternString);
+			if(StringUtils.isNotBlank(_msg)){
+				errInfo.append(_msg);
+			}
+			//client_ip check end
+			//server_ip check start
+			String destIp=value.getDestIpAddress();
+			if(srcIp.equals(destIp)){
+				String info=String.format(prop.getProperty("are_the_same"),prop.getProperty("client_ip"),prop.getProperty("server_ip"));
+				errInfo.append(info+";");
+			}
+			_msg=checkIP(prop,prop.getProperty("server_ip"),destIp,ipTypeString,ipPatternString);
+			if(StringUtils.isNotBlank(_msg)){
+				errInfo.append(_msg);
+			}
+			//server_ip check end
+			//port_pattern check start
+			Integer portPattern=value.getPortPattern();
+			String portPatternString=null;
+			if(portPattern==null){
+				errInfo.append(String.format(prop.getProperty("can_not_null"), prop.getProperty("port_pattern"))+";");
+			}else{
+				boolean has=false;
+				for(SysDataDictionaryItem portPatternItem:portPatternList){
+					if(portPattern==Integer.parseInt(portPatternItem.getItemCode())){
+						portPatternString=portPatternItem.getItemValue();
+						has=true;
+						break;
+					}
+				}
+				if(!has){
+					errInfo.append(String.format(prop.getProperty("is_incorrect"), prop.getProperty("port_pattern"))+";");
+				}
+			}
+			//port_pattern check end
+			//src_port check start
+			String srcPort=value.getSrcPort();
+			_msg=checkPort(prop,prop.getProperty("client_port"), srcPort, portPatternString);
+			if(StringUtils.isNotBlank(_msg)){
+				errInfo.append(_msg);
+			}
+			//src_port check end
+			//dest_port check start
+			String destPort=value.getDestPort();
+			_msg=checkPort(prop,prop.getProperty("server_port"), destPort, portPatternString);
+			if(StringUtils.isNotBlank(_msg)){
+				errInfo.append(_msg);
+			}
+			//dest_port check end
+			//direction check start
+			Integer direction=value.getDirection();
+			if(direction==null){
+				errInfo.append(String.format(prop.getProperty("can_not_null"), prop.getProperty("direction"))+";");
+			}else{
+				boolean has=false;
+				for(SysDataDictionaryItem directionItem:directionList){
+					if(Integer.parseInt(directionItem.getItemCode())==direction.intValue()){
+						has=true;
+						break;
+					}
+				}
+				if(!has){
+					errInfo.append(String.format(prop.getProperty("is_incorrect"), prop.getProperty("direction"))+";");
+				}
+			}
+			//direction check end
+			//protocol check start
+			Integer protocol= value.getProtocol();
+			if(protocol==null){
+				errInfo.append(String.format(prop.getProperty("can_not_null"), prop.getProperty("direction"))+";");
+			}
+			//direction check end
+			if(StringUtils.isNotBlank(errInfo.toString())){
+				msg.append(lineStart).append(errInfo);
+				if(line<list.size()){
+					msg.append("<br/>");
+				}
+			}
+			line++;
+		}
+		if(StringUtils.isNotBlank(msg.toString())){
+			throw new MaatConvertException(prop.getProperty("save_failed")+"<br/>"+msg.toString());
+		}
+	}
+	/**
+	 * 
+	 * checkIP(IP格式验证)
+	 * (这里描述这个方法适用条件 – 可选)
+	 * @param ipName
+	 * @param ip
+	 * @param ipType
+	 * @param ipPattern
+	 * @return 
+	 *String
+	 * @exception 
+	 * @since  1.0.0
+	 */
+	public static String checkIP(Properties prop,String ipName,String ip,String ipType,String ipPattern){
+		StringBuffer msg=new StringBuffer();
+		if(StringUtils.isBlank(ip)){
+			msg.append(String.format(prop.getProperty("can_not_null"), ipName)+";");
+		}else{
+			if("ipv4".equals(ipType)){
+				if("ip_subnet".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV4_IP_SUBNET_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}else if("ip_range".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV4_IP_RANGE_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}else if("ip".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV4_IP_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}
+			}else if("ipv6".equals(ipType)){
+				if("ip_subnet".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV6_IP_SUBNET_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}else if("ip_range".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV6_IP_RANGE_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}else if("ip".equals(ipPattern)){
+					Pattern pattern=Pattern.compile(Constants.IPV6_IP_REGEXP);
+					Matcher matcher=pattern.matcher(ip);
+					if(!matcher.matches()){//完全匹配
+						msg.append(String.format(prop.getProperty("is_in_wrong_format"), ipName)+";");
+					}
+				}
+			}
+		}
+		return msg.toString();
+	}
+	public static String checkPort(Properties prop,String portName,String port,String portPattern){
+		StringBuffer msg=new StringBuffer();
+		if(StringUtils.isBlank(port)){
+			msg.append(String.format(prop.getProperty("can_not_null"), portName)+";");
+		}else{
+			if("port".equals(portPattern)){
+				try{
+					Integer portInt=Integer.parseInt(port);
+					if(portInt<0||portInt>65535){
+						msg.append(portName+" "+String.format(prop.getProperty("must_between"), "0","65535")+";");
+					}
+				}catch (Exception e) {
+					// TODO: handle exception
+					msg.append(String.format(prop.getProperty("not_number"), portName)+";");
+				}
+			}else if("port_mask".equals(portPattern)){
+				if(port.indexOf("/")==-1){
+					msg.append(String.format(prop.getProperty("is_in_wrong_format"), portName)+";");
+				}else{
+					int index=0;
+					String[] portArray=port.split("/");
+					for(String portPart:portArray){
+						try{
+							Integer portInt=Integer.parseInt(portPart);
+							if(portInt<0||portInt>65535){
+								if(index==0){
+									
+									msg.append(String.format(prop.getProperty("must_between"), portName+" port")+";");
+								}else{
+									msg.append(String.format(prop.getProperty("must_between"), portName+" mask")+";");
+								}
+							}
+						}catch (Exception e) {
+							// TODO: handle exception
+							if(index==0){
+								msg.append(String.format(prop.getProperty("not_number"), portName+" port")+";");
+							}else{
+								msg.append(String.format(prop.getProperty("not_number"), portName+" mask")+";");
+							}
+						}
+						index++;
+					}
+				}
+			}
+		}
+		return msg.toString();
+	}
 }
--- a/src/main/java/com/nis/web/controller/configuration/CommonController.java
+++ b/src/main/java/com/nis/web/controller/configuration/CommonController.java
@@ -11,11 +11,15 @@ package com.nis.web.controller.configuration;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.Properties;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.apache.commons.lang3.StringUtils;
+import org.jets3t.service.ServiceException;
 import org.springframework.beans.BeanUtils;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -23,12 +27,14 @@ import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.mvc.support.RedirectAttributes;

 import com.nis.domain.Page;
+import com.nis.domain.SysDataDictionaryItem;
 import com.nis.domain.configuration.BaseIpCfg;
 import com.nis.domain.configuration.HttpUrlCfg;
 import com.nis.domain.configuration.IpCfgTemplate;
 import com.nis.domain.configuration.IpPortCfg;
 import com.nis.exceptions.MaatConvertException;
 import com.nis.util.Constants;
+import com.nis.util.DictUtils;
 import com.nis.util.excel.ImportExcel;
 import com.nis.web.controller.BaseController;
 import com.nis.web.dao.configuration.IpCfgDao;
@@ -175,7 +181,7 @@ public class CommonController extends BaseController {
 			addMessage(redirectAttributes,"audit_success");
 		}catch(MaatConvertException e){
 			logger.error("审核失败", e);
-			addMessage(redirectAttributes, e.getPrefix()+e.getResult().getReason());
+			addMessage(redirectAttributes, e.getMessage());
 		}catch(Exception e){
 			logger.error("审核失败", e);
 			addMessage(redirectAttributes, "audit_failed");
@@ -201,7 +207,7 @@ public class CommonController extends BaseController {
 			addMessage(redirectAttributes,"audit_success");
 		}catch(MaatConvertException e){
 			logger.error("审核失败", e);
-			addMessage(redirectAttributes, e.getPrefix()+e.getResult().getReason());
+			addMessage(redirectAttributes, e.getMessage());
 		}catch(Exception e){
 			logger.error("审核失败", e);
 			addMessage(redirectAttributes, "audit_failed");
@@ -211,6 +217,7 @@ public class CommonController extends BaseController {
 		try {
 			ImportExcel ei = new ImportExcel(file, 0, 0);
 			List<IpCfgTemplate> list = ei.getDataList(IpCfgTemplate.class);
+			this.checkIpCfg(list);
 			List<BaseIpCfg> ipList = new ArrayList<>();
 			Date date=new Date();
 			for(IpCfgTemplate cfg : list){
--- a/src/main/java/com/nis/web/service/configuration/IpCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/IpCfgService.java
@@ -4,16 +4,22 @@ import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
 import java.util.Map;
+import java.util.Properties;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;

 import org.apache.commons.lang3.StringUtils;
+import org.jets3t.service.ServiceException;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

+import com.nis.domain.SysDataDictionaryItem;
 import com.nis.domain.callback.InlineIp;
 import com.nis.domain.configuration.AreaIpCfg;
 import com.nis.domain.configuration.BaseIpCfg;
+import com.nis.domain.configuration.IpCfgTemplate;
 import com.nis.domain.configuration.IpPortCfg;
 import com.nis.domain.maat.MaatCfg;
 import com.nis.domain.maat.MaatCfg.DigestCfg;
@@ -26,6 +32,7 @@ import com.nis.domain.maat.ToMaatResult;
 import com.nis.exceptions.MaatConvertException;
 import com.nis.util.ConfigServiceUtil;
 import com.nis.util.Constants;
+import com.nis.util.DictUtils;
 import com.nis.util.StringUtil;
 import com.nis.web.dao.configuration.AreaIpCfgDao;
 import com.nis.web.dao.configuration.IpCfgDao;
--- a/src/main/resources/messages/message_en.properties
+++ b/src/main/resources/messages/message_en.properties
@@ -707,3 +707,12 @@ res_group_num=response number
 policy_number_value_valid=\u7B56\u7565\u53F7\u503C\u53EA\u80FD\u4E3A0\uFF0C\u6216\u5927\u4E8E100
 policy_number_value_unique=\u7B56\u7565\u53F7\u5DF2\u5B58\u5728
 #=============about Maintenance=========
+#=============some validation===========
+line=line %s
+can_not_null=%s must not be null
+is_incorrect=%s is incorrect
+are_the_same=%s and %s are the same
+is_in_wrong_format=% is in wrong format
+must_between=must between %s and %s
+not_number=%s is not a number
+#=============some validation===========
--- a/src/main/resources/messages/message_ru.properties
+++ b/src/main/resources/messages/message_ru.properties
@@ -691,3 +691,12 @@ res_group_num=response number
 policy_number_value_valid=\u7B56\u7565\u53F7\u503C\u53EA\u80FD\u4E3A0\uFF0C\u6216\u5927\u4E8E100
 policy_number_value_unique=\u7B56\u7565\u53F7\u5DF2\u5B58\u5728
 #=============about Maintenance=========
+#=============some validation===========
+line=line %s
+can_not_null=%s must not be null
+is_incorrect=%s is incorrect
+are_the_same=%s and %s are the same
+is_in_wrong_format=% is in wrong format
+must_between=must between %s and %s
+not_number=%s is not a number
+#=============some validation===========
--- a/src/main/resources/messages/message_zh_CN.properties
+++ b/src/main/resources/messages/message_zh_CN.properties
@@ -567,11 +567,11 @@ request_error=\u8BF7\u6C42\u9519\u8BEF
 av_voip_ip_title=voip Ip
 av_voip_account_title=voip\u8D26\u53F7
 account=\u8D26\u53F7
-ip_pattern=ip \u683C\u5F0F
+ip_pattern=ip\u683C\u5F0F
 port_pattern=\u7AEF\u53E3\u683C\u5F0F
-port_mask=port Mask
-ip_range=ip Range
-ip_subnet=Subnet
+port_mask=\u7AEF\u53E3\u63A9\u7801
+ip_range=ip\u8303\u56F4
+ip_subnet=ip\u63A9\u7801
 district=\u5339\u914D\u533A\u57DF
 keywords=\u5173\u952E\u5B57
 http_ip_title=HTTP IP\u914D\u7F6E
@@ -744,3 +744,12 @@ res_group_num=\u5E94\u7B54\u6570
 policy_number_value_valid=\u7B56\u7565\u53F7\u503C\u53EA\u80FD\u4E3A0\uFF0C\u6216\u5927\u4E8E100
 policy_number_value_unique=\u7B56\u7565\u53F7\u5DF2\u5B58\u5728
 #=============about Maintenance=========
+#=============some validation===========
+line=\u7B2C%s\u884C
+can_not_null=%s\u4E0D\u80FD\u4E3A\u7A7A
+is_incorrect=%s\u53D6\u503C\u4E0D\u6B63\u786E
+are_the_same=%s\u548C%s\u4E0D\u80FD\u76F8\u7B49
+is_in_wrong_format=%s\u683C\u5F0F\u9519\u8BEF
+must_between=\u5FC5\u987B\u4ECB\u4E8E%s\u548C%s\u4E4B\u95F4
+not_number=%s\u5FC5\u987B\u4E3A\u6570\u5B57
+#=============some validation===========
--- a/src/main/resources/nis.properties
+++ b/src/main/resources/nis.properties
@@ -298,3 +298,10 @@ userregion_ir_strategy=IR_STRATEGY
 userregion_ir_type=ir_type
 userregion_domian_id=DOMIAN_ID
 userregion_domian_str=DOMIAN_STR
+#IP相关验证正则
+ipv4_ip_subnet_regexp=*
+ipv6_ip_subnet_regexp=*
+ipv4_ip_range_regexp=*
+ipv6_ip_range_regexp=*
+ipv4_ip_regexp=*
+ipv6_ip_regexp=*
--- a/src/main/webapp/WEB-INF/include/excel/importIp.jsp
+++ b/src/main/webapp/WEB-INF/include/excel/importIp.jsp
@@ -2,7 +2,7 @@
 <%@ include file="/WEB-INF/include/taglib.jsp"%>
 <script type="text/javascript">
 $(function(){
-	conslole.log("调用须知：调用本页面函数在common.js里，并且需要配置字典MAAT_SERVICE中的项")
+	console.log("调用须知：调用本页面函数在common.js里，并且需要配置字典MAAT_SERVICE中的项")
 });
 </script>
 <div class="modal fade" id="import_modal" tabindex="-1" role="dialog" aria-labelledby="exampleModalLabel" aria-hidden="true">
--- a/src/main/webapp/static/global/plugins/jquery-validation/1.11.0/jquery.validate.method.js
+++ b/src/main/webapp/static/global/plugins/jquery-validation/1.11.0/jquery.validate.method.js
@@ -165,6 +165,7 @@ jQuery.validator.addMethod("notStartZero",function(value, element) {
 			}
 		return true;
 		}, "请填写正确的数值");
+//域名验证正则
 jQuery.validator.addMethod("domainCheck",function(value, element) {
 	var regexp=/^(?=^.{3,255}$)[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+$/;
 	if(this.optional(element)||regexp.test(value)){
--- a/src/main/webapp/static/global/scripts/common.js
+++ b/src/main/webapp/static/global/scripts/common.js
@@ -768,7 +768,7 @@ function validateDataIsLicit(){
 var toImport=function (cfgRegionCode,cfgType){
 	$("#cfgRegionCode").val(cfgRegionCode);
 	$("#cfgType").val(cfgType);
-	if(cfgType){//针对要下发到不同配置的处理
+	if(cfgType){//针对要下发到不同cfgType的处理
 		$('.radio-inline').children('span').each(function(){
 			if($(this).hasClass(cfgType)){
 				$(this).find("input").removeAttr("disabled");