snat配置下发优化

app相关数据更改
2018-12-08 15:42:59 +08:00
parent 7e25680213
commit a029084563
7 changed files with 82 additions and 40 deletions
--- a/src/main/java/com/nis/web/dao/configuration/IpMultiplexDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/IpMultiplexDao.xml
@@ -11,7 +11,7 @@
 		<result column="ip_type" property="ipType" jdbcType="INTEGER" />
    	<result column="ip_pattern" property="ipPattern" jdbcType="INTEGER" />
    	<result column="src_ip_address" property="srcIpAddress" jdbcType="VARCHAR" />
-    	
+    	<result column="translate_param" property="translateParam" jdbcType="VARCHAR" />
 		<result column="do_log" property="doLog" jdbcType="INTEGER" />
 		<result column="is_valid" property="isValid" jdbcType="INTEGER" />
 	    <result column="is_audit" property="isAudit" jdbcType="INTEGER" />
@@ -77,7 +77,7 @@
 	
 	<sql id="policyColumns">
 		r.CFG_ID,r.CFG_DESC,r.ADDR_POOL_ID,r.USER_NAME,r.USER_TYPE,r.IP_TYPE,r.IP_PATTERN,r.SRC_IP_ADDRESS,
-		r.ACTION,r.DO_LOG,r.IS_VALID,r.IS_AUDIT,r.CFG_REGION_CODE,r.CFG_TYPE,r.FUNCTION_ID,
+		r.TRANSLATE_PARAM,r.ACTION,r.DO_LOG,r.IS_VALID,r.IS_AUDIT,r.CFG_REGION_CODE,r.CFG_TYPE,r.FUNCTION_ID,
 		r.SERVICE_ID,r.COMPILE_ID,r.REQUEST_ID,r.CLASSIFY,r.ATTRIBUTE,r.LABLE,
    	r.CREATOR_ID,r.CREATE_TIME,r.EDITOR_ID,r.EDIT_TIME,r.AUDITOR_ID,r.AUDIT_TIME,
    	r.CANCEL_REQUEST_ID,r.IS_AREA_EFFECTIVE,r.AREA_EFFECTIVE_IDS,
@@ -225,6 +225,7 @@
 			ip_type,
    		ip_pattern,
    		src_ip_address,
+    		translate_param,
 			action,
 			do_log,
 			is_valid,
@@ -259,6 +260,7 @@
 			#{ipType,jdbcType=INTEGER},
    		#{ipPattern,jdbcType=INTEGER},
    		#{srcIpAddress,jdbcType=VARCHAR},
+    		#{translateParam,jdbcType=VARCHAR},
 	   		#{action,jdbcType=INTEGER},
 	   		#{doLog,jdbcType=INTEGER},
 			0,
@@ -404,7 +406,7 @@
 	    FROM 
 	    	ip_reuse_policy_cfg r
 	    WHERE
-	     	r.addr_pool_id = #{addrPoolId} AND r.is_valid != -1
+	     	r.addr_pool_id = #{addrPoolId} AND r.is_valid !=-1 and r.is_audit !=3
 	</select>
 	
 	<update id="updateDnatPolicyStatus" parameterType="com.nis.domain.configuration.IpReuseDnatPolicyCfg">
--- a/src/main/java/com/nis/web/service/BaseService.java
+++ b/src/main/java/com/nis/web/service/BaseService.java
@@ -61,6 +61,7 @@ import com.nis.domain.configuration.DdosIpCfg;
 import com.nis.domain.configuration.DnsIpCfg;
 import com.nis.domain.configuration.DnsResStrategy;
 import com.nis.domain.configuration.FileDigestCfg;
+import com.nis.domain.configuration.IpReusePolicyCfg;
 import com.nis.domain.configuration.PxyObjKeyring;
 import com.nis.domain.configuration.PxyObjTrustedCaCert;
 import com.nis.domain.configuration.PxyObjTrustedCaCrl;
@@ -93,6 +94,7 @@ import com.nis.web.dao.configuration.StringCfgDao;
 import com.nis.web.dao.specific.ConfigGroupInfoDao;
 import com.nis.web.dao.specific.SpecificServiceCfgDao;
 import com.nis.web.security.UserUtils;
+import com.nis.web.service.basics.SysDictInfoService;

 /**
 * Service基类
@@ -1330,6 +1332,22 @@ public abstract class BaseService {
 		proxyObjKeyring.setOpTime(cfg.getAuditTime());
 		return proxyObjKeyring;
 	}
+	// 拦截策略
+	public static IpReusePolicyCfg convertCallBackSnatPolicy(IpReusePolicyCfg cfg) {
+		if(cfg != null) {
+			String areaEffectiveIds=cfg.getAreaEffectiveIds();
+			if(StringUtils.isEmpty(areaEffectiveIds)){
+				areaEffectiveIds="0";
+			}else {
+				// 组织区域、运营商配置下发格式
+				SysDictInfoService service = SpringContextHolder.getBean(SysDictInfoService.class);
+				areaEffectiveIds = service.setEffectiveRange(areaEffectiveIds);
+			}
+			cfg.setAreaEffectiveIds(areaEffectiveIds);
+			cfg.setUserName(keywordsEscape(cfg.getUserName()));
+		}
+		return cfg;
+	}

 	// 可信证书
 	public static List<ProxyObjTrustedCa> convertCallBackProxyObjTrustedCa(PxyObjTrustedCaCert cfgCert,
@@ -1340,7 +1358,7 @@ public abstract class BaseService {
 			proxyObjTrustedCaCert.setId(Long.valueOf(cfgCert.getCompileId()));
 			proxyObjTrustedCaCert.setCfgId(cfgCert.getCompileId());
 			proxyObjTrustedCaCert.setCertId(cfgCert.getCompileId());
-			proxyObjTrustedCaCert.setCertName(cfgCert.getCfgDesc());
+			proxyObjTrustedCaCert.setCertName(keywordsEscape(cfgCert.getCfgDesc()));
 			proxyObjTrustedCaCert.setCertFile(cfgCert.getCertFile());
 			proxyObjTrustedCaCert.setService(cfgCert.getServiceId());
 			proxyObjTrustedCaCert.setIsValid(cfgCert.getIsValid());
--- a/src/main/java/com/nis/web/service/configuration/IpMultiplexService.java
+++ b/src/main/java/com/nis/web/service/configuration/IpMultiplexService.java
@@ -64,7 +64,7 @@ public class IpMultiplexService extends BaseService{
 			entity.setIpPattern(null);
 			entity.setSrcIpAddress("");
 		}else{
-			entity.setUserName("");
+			entity.setUserName(entity.getSrcIpAddress());
 		}
 		
 		// 更新策略信息
@@ -132,22 +132,9 @@ public class IpMultiplexService extends BaseService{
 		cfg = this.getPolicyCfg(cfg.getCfgId(), null);
 		String json="";
 		if(cfg.getIsAudit() == Constants.AUDIT_YES){
-			String areaEffectiveIds = cfg.getIsAreaEffective() == 1?sysDictInfoService.setEffectiveRange(cfg.getAreaEffectiveIds()):"0";
-			Map<String, Object> params = new HashMap<String,Object>();
-			params.put("configId", cfg.getCompileId());
-			params.put("addrPoolId", cfg.getAddrPoolId());
-			params.put("userType", cfg.getUserType());
-			params.put("userId", keywordsEscape(StringUtils.isNotBlank(cfg.getUserName())?cfg.getUserName():cfg.getSrcIpAddress()));
-			params.put("doLog", cfg.getDoLog());
-			params.put("action", cfg.getAction());
-			params.put("service", cfg.getServiceId());
-			params.put("isValid", 1);
-			params.put("opTime", auditTime);
-			params.put("translateParam", "byconn=10");
-			params.put("effectiveRange", areaEffectiveIds);
-			
+			cfg=convertCallBackSnatPolicy(cfg);
 			List list = Lists.newArrayList();
-			list.add(params);
+			list.add(cfg);
 			//调用服务接口下发配置数据
 			json=gsonToJson(list);
 			logger.info("SNAT策略配置下发参数："+json);
@@ -163,22 +150,9 @@ public class IpMultiplexService extends BaseService{
 			}
 			
 		}else if(cfg.getIsAudit() == Constants.AUDIT_NOT_YES){
-			String areaEffectiveIds = cfg.getIsAreaEffective() == 1?sysDictInfoService.setEffectiveRange(cfg.getAreaEffectiveIds()):"0";
-			Map<String, Object> params = new HashMap<String,Object>();
-			params.put("configId", cfg.getCompileId());
-			params.put("addrPoolId", cfg.getAddrPoolId());
-			params.put("userType", cfg.getUserType());
-			params.put("userId", keywordsEscape(StringUtils.isNotBlank(cfg.getUserName())?cfg.getUserName():cfg.getSrcIpAddress()));
-			params.put("doLog", cfg.getDoLog());
-			params.put("action", cfg.getAction());
-			params.put("service", cfg.getServiceId());
-			params.put("isValid", 0);
-			params.put("opTime", auditTime);
-			params.put("translateParam", "byconn=10");
-			params.put("effectiveRange", areaEffectiveIds);
-			
+			cfg=convertCallBackSnatPolicy(cfg);
 			List list = Lists.newArrayList();
-			list.add(params);
+			list.add(cfg);
 			//调用服务接口取消配置
 			json=gsonToJson(list);
 			logger.info("SNAT策略配置下发参数："+json);