DNS reject增加策略分组功能

2018-06-22 15:59:47 +08:00
parent 41024e872c
commit b6d0ece058
22 changed files with 169 additions and 45 deletions
--- a/src/main/java/com/nis/domain/callback/InlineIp.java
+++ b/src/main/java/com/nis/domain/callback/InlineIp.java
@@ -20,6 +20,8 @@ import com.google.gson.annotations.Expose;
 * @version V1.0
 */
 public class InlineIp {
+	@Expose
+	private Integer id;
 	@Expose
 	private Integer cfgId;
 	@Expose
@@ -52,6 +54,8 @@ public class InlineIp {
 	private Integer isValid;
 	@Expose
 	private Date opTime;
+	@Expose
+	private Long policyGroup;
 	/**
 	 * action
 	 * @return  action
@@ -276,5 +280,17 @@ public class InlineIp {
 	public void setService(Integer service) {
 		this.service = service;
 	}
+	public Integer getId() {
+		return id;
+	}
+	public void setId(Integer id) {
+		this.id = id;
+	}
+	public Long getPolicyGroup() {
+		return policyGroup;
+	}
+	public void setPolicyGroup(Long policyGroup) {
+		this.policyGroup = policyGroup;
+	}
 	
 }
--- a/src/main/java/com/nis/domain/configuration/CfgIndexInfo.java
+++ b/src/main/java/com/nis/domain/configuration/CfgIndexInfo.java
@@ -52,6 +52,22 @@ public class CfgIndexInfo extends BaseCfg<CfgIndexInfo> {
 	private List<BaseStringCfg> stringList;
 	private List<FileDigestCfg> digestList;
 	
+	private Long dnsStrategyId;
+	private String dnsStrategyName;
+	
+	public Long getDnsStrategyId() {
+		return dnsStrategyId;
+	}
+	public void setDnsStrategyId(Long dnsStrategyId) {
+		this.dnsStrategyId = dnsStrategyId;
+	}
+	public String getDnsStrategyName() {
+		return dnsStrategyName;
+	}
+	public void setDnsStrategyName(String dnsStrategyName) {
+		this.dnsStrategyName = dnsStrategyName;
+	}
+	
 	public AvVoipAccountCfg getVoipAccount() {
 		return voipAccount;
 	}
--- a/src/main/java/com/nis/domain/configuration/IpPortCfg.java
+++ b/src/main/java/com/nis/domain/configuration/IpPortCfg.java
@@ -54,4 +54,5 @@ public class IpPortCfg extends BaseIpCfg {
 		return tableName;
 	}
 	
+	
 }
--- a/src/main/java/com/nis/web/controller/configuration/ntc/WebsiteController.java
+++ b/src/main/java/com/nis/web/controller/configuration/ntc/WebsiteController.java
@@ -23,6 +23,7 @@ import com.nis.domain.Page;
 import com.nis.domain.configuration.BaseStringCfg;
 import com.nis.domain.configuration.CfgIndexInfo;
 import com.nis.domain.configuration.ComplexkeywordCfg;
+import com.nis.domain.configuration.DnsResStrategy;
 import com.nis.domain.configuration.ComplexStringCfgTemplate;
 import com.nis.domain.configuration.IpCfgTemplate;
 import com.nis.domain.configuration.StringCfgTemplate;
@@ -299,6 +300,9 @@ public class WebsiteController extends BaseController{
 		}else{
 			initFormCondition(model,entity);
 		}
+		//获取所有响应策略信息
+		List<DnsResStrategy> resStrategys=dnsResStrategyService.findDnsResStrategys(null, 1,1);
+		model.addAttribute("dnsResStrategys", resStrategys);
 		model.addAttribute("_cfg", entity);
 		return "/cfg/website/dnsForm";
 	}
--- a/src/main/java/com/nis/web/controller/configuration/proxy/DnsIpCfgController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/DnsIpCfgController.java
@@ -1,4 +1,4 @@
-package com.nis.web.controller.configuration;
+package com.nis.web.controller.configuration.proxy;

 import java.util.Date;
 import java.util.List;
@@ -48,7 +48,7 @@ public class DnsIpCfgController extends BaseController {
 			initFormCondition(model,cfg);
 		}
 		//获取所有响应策略信息
-		List<DnsResStrategy> resStrategys=dnsResStrategyService.findDnsResStrategys(null, -1);
+		List<DnsResStrategy> resStrategys=dnsResStrategyService.findDnsResStrategys(null, 1,1);
 		model.addAttribute("dnsResStrategys", resStrategys);
 		model.addAttribute("_cfg", cfg);
 		return "/cfg/dnsIpCfgForm";
@@ -77,7 +77,7 @@ public class DnsIpCfgController extends BaseController {
 		return "redirect:" + adminPath +"/cfg/dnsIp/list?functionId="+functionId;
 	}
 	@RequestMapping(value = {"/audit"})
-	@RequiresPermissions(value={"dns:fake:ip:audit"})
+	//@RequiresPermissions(value={"dns:fake:ip:audit"})
 	public String audit(Integer isAudit,Integer isValid,String ids,Integer functionId, RedirectAttributes redirectAttributes) {
 		if(!StringUtil.isEmpty(ids)){
 			String[] idArray = ids.split(",");
--- a/src/main/java/com/nis/web/controller/configuration/proxy/DnsResStrategyController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/DnsResStrategyController.java
@@ -1,4 +1,4 @@
-package com.nis.web.controller.configuration.ntc;
+package com.nis.web.controller.configuration.proxy;

 import java.util.ArrayList;
 import java.util.Date;
@@ -72,6 +72,7 @@ public class DnsResStrategyController extends BaseController  {
 			DnsResStrategy dns0=dnsResStrategyService.getDnsResStrategy(0l,null);
 			if(dns0 == null){
 				cfg.setCfgId(0l);
+				cfg.setCfgDesc("无策略");
 			}
 			initFormCondition(model, cfg);
 			model.addAttribute("isAdd", true);
--- a/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml
@@ -60,7 +60,10 @@
 		left join sys_user e on r.editor_id=e.id
 		left join sys_user u on r.auditor_id=u.id
 		left join request_info ri on r.request_id=ri.id
-    	<where>
+    	<trim prefix="WHERE" prefixOverrides="AND |OR ">
+    		<if test="page !=null and page.where != null and page.where != ''">
+				 AND ${page.where}
+			</if>
    		<if test="cfgId != null">
    			AND r.CFG_ID=#{cfgId,jdbcType=BIGINT}
    		</if>
@@ -163,14 +166,25 @@
 	    	<if test="functionId != null">
 	    		AND r.FUNCTION_ID=#{functionId,jdbcType=INTEGER}
 	    	</if>
-    	</where>
+    		
+	    	<!-- 数据范围过滤 -->
+			${sqlMap.dsf}
+	    </trim>
+	    <choose>
+			<when test="page !=null and page.orderBy != null and page.orderBy != ''">
+				ORDER BY ${page.orderBy}
+			</when>
+			<otherwise>
+				ORDER BY r.CFG_ID desc
+			</otherwise>
+		</choose>
    </select>
    
    <select id="getDnsIpCfg" resultMap="dnsIpCfgMap">
    	select 
-    		<include refid="columns"></include>,
-    	from dns_ip_cfg dic
-    	where dic.cfg_id=#{cfgId}
+    		<include refid="columns"></include>
+    	from dns_ip_cfg r
+    	where r.cfg_id=#{cfgId}
    </select>
    
  <insert id="insert" parameterType="com.nis.domain.configuration.DnsIpCfg" >
--- a/src/main/java/com/nis/web/dao/configuration/DnsResStrategyDao.java
+++ b/src/main/java/com/nis/web/dao/configuration/DnsResStrategyDao.java
@@ -11,6 +11,8 @@ import com.nis.web.dao.MyBatisDao;
@MyBatisDao
 public interface DnsResStrategyDao extends CrudDao<DnsResStrategy> {
 	List<DnsResStrategy> findPage(DnsResStrategy dnsResStrategy);
-	List<DnsResStrategy> findList(@Param("cfgId")Long cfgId,@Param("isValid")Integer isValid);
+	List<DnsResStrategy> findList(@Param("cfgId")Long cfgId
+			,@Param("isAudit")Integer isAudit
+			,@Param("isValid")Integer isValid);
 	
 }
--- a/src/main/java/com/nis/web/dao/configuration/DnsResStrategyDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/DnsResStrategyDao.xml
@@ -145,15 +145,22 @@
   			AND r.is_valid !=-1
   		</if>
 	   	 <if test="isValid == 1">
-   			AND r.is_valid ==1
+   			AND r.is_valid =1
   		</if>
 	   	 <if test="isValid == 0">
-   			AND r.is_valid ==0
+   			AND r.is_valid =0
+   		</if>
+	   	 <if test="isAudit == 0">
+   			AND r.is_audit =0
+   		</if>
+	   	 <if test="isAudit == 1">
+   			AND r.is_audit =1
   		</if>
 	   	 <if test="cfgId != null">
   			AND r.CFG_ID=#{cfgId,jdbcType=BIGINT}
   		</if>
 	    </where>
+	    order by cfg_Id
 	</select>
 	<insert id="insert" parameterType="com.nis.domain.configuration.DnsResStrategy" >
    insert into dns_res_strategy (
--- a/src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/WebsiteCfgDao.xml
@@ -23,6 +23,8 @@
    <result column="lable" property="lable" jdbcType="VARCHAR" />
    <result column="area_effective_ids" property="areaEffectiveIds" jdbcType="VARCHAR" />
    <result column="function_id" property="functionId" jdbcType="INTEGER" />
+    <result column="dns_strategy_id" property="dnsStrategyId" jdbcType="INTEGER" />
+    <result column="dns_strategy_name" property="dnsStrategyName" jdbcType="VARCHAR" />
  </resultMap>
  <resultMap id="ipPortMap" type="com.nis.domain.configuration.IpPortCfg" >
    <id column="cfg_id" property="cfgId" jdbcType="BIGINT" />
@@ -121,7 +123,7 @@
    a.CFG_ID,a.CFG_DESC,a.ACTION,a.IS_VALID,a.IS_AUDIT,
    a.CREATOR_ID,a.CREATE_TIME,a.EDITOR_ID,a.EDIT_TIME,a.AUDITOR_ID,a.AUDIT_TIME,
    a.SERVICE_ID,a.REQUEST_ID,a.COMPILE_ID,a.IS_AREA_EFFECTIVE,a.CLASSIFY,
-    a.ATTRIBUTE,a.LABLE,a.AREA_EFFECTIVE_IDS,a.function_id
+    a.ATTRIBUTE,a.LABLE,a.AREA_EFFECTIVE_IDS,a.function_id,a.dns_strategy_id
  </sql>
  <sql id="IpCfg_Column" >
    a.cfg_id,a.cfg_desc,a.ip_type,a.src_ip_address,a.ip_pattern,a.port_pattern,a.src_port
@@ -148,9 +150,10 @@
 	    <include refid="ConfigIndex_Column" />
 	    <trim prefix="," prefixOverrides=",">
 			, s.name as creator_name,e.name as editor_name,u.name as auditor_name
-			,ri.request_title as requestName
+			,ri.request_title as requestName,dns.cfg_desc as dns_strategy_name
 		</trim>
 	    FROM cfg_index_info a
+	    left join dns_res_strategy dns on a.dns_strategy_id=dns.cfg_id
 	    left join sys_user s on a.creator_id=s.id
 		left join sys_user e on a.editor_id=e.id
 		left join sys_user u on a.auditor_id=u.id
@@ -388,7 +391,8 @@
    ATTRIBUTE,
    LABLE,
    AREA_EFFECTIVE_IDS,
-    function_id
+    function_id,
+    dns_strategy_id
    )values (
   		#{cfgDesc,jdbcType=VARCHAR},
   		#{action,jdbcType=INTEGER}, 
@@ -408,7 +412,8 @@
    	#{attribute,jdbcType=VARCHAR},
    	#{lable,jdbcType=VARCHAR},    
   	 	#{areaEffectiveIds,jdbcType=VARCHAR},
-    	#{functionId,jdbcType=INTEGER}
+    	#{functionId,jdbcType=INTEGER},
+    	#{dnsStrategyId,jdbcType=INTEGER}
    )
  </insert>
  <!-- insert ip_port_cfg表信息 -->
@@ -774,6 +779,7 @@
      <if test="functionId != null" >
        function_id =  #{functionId,jdbcType=INTEGER},
      </if>
+        dns_strategy_id =  #{dnsStrategyId,jdbcType=INTEGER},
      </trim>
    </set>
    where cfg_id = #{cfgId,jdbcType=BIGINT}
--- a/src/main/java/com/nis/web/service/BaseService.java
+++ b/src/main/java/com/nis/web/service/BaseService.java
@@ -528,9 +528,10 @@ public abstract class BaseService {
 		return resStrategy;
 	}
 	//ip转换为callback用ip
-	public InlineIp convertCallBackIp(BaseIpCfg cfg){
+	public InlineIp convertCallBackIp(BaseIpCfg cfg,Long policyGroup){
 		IpCfg c=ipConvert(new IpCfg(),cfg);
 		InlineIp ip=new InlineIp();
+		ip.setId(cfg.getCompileId());
 		ip.setCfgId(cfg.getCompileId());
 		ip.setAction(cfg.getAction());
 		ip.setService(cfg.getServiceId());
@@ -547,6 +548,7 @@ public abstract class BaseService {
 		ip.setDirection(cfg.getDirection());
 		ip.setIsValid(cfg.getIsValid());
 		ip.setOpTime(cfg.getAuditTime());
+		ip.setPolicyGroup(policyGroup);
 		return ip;
 	}
 	//区域IPsetAreaEffectiveIds设置
--- a/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java
@@ -13,6 +13,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

 import com.nis.domain.Page;
+import com.nis.domain.callback.InlineIp;
 import com.nis.domain.callback.NtcDnsResStrategy;
 import com.nis.domain.configuration.AreaBean;
 import com.nis.domain.configuration.AreaIpCfg;
@@ -146,36 +147,36 @@ public class DnsIpCfgService extends BaseService{
 		
 		String json="";
 		if(entity.getIsAudit()==1){
-			List<NtcDnsResStrategy> resStrategyList=new ArrayList<NtcDnsResStrategy>();
-			//NtcDnsResStrategy resStrategy=convertCallBackIp(entity);
-			//resStrategyList.add(resStrategy);
+			List<InlineIp> resStrategyList=new ArrayList<InlineIp>();
+			InlineIp resStrategy=convertCallBackIp(entity,entity.getDnsStrategyId());
+			resStrategyList.add(resStrategy);
 			//调用服务接口下发配置数据
 			json=gsonToJson(resStrategyList);
-			logger.info("DNS响应策略配置下发配置参数："+json);
+			logger.info("DNS欺骗ip配置下发配置参数："+json);
 			//调用服务接口下发配置
 			try {
 				ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
 				if(result!=null){
-					logger.info("DNS响应策略配置下发响应信息："+result.getMsg());
+					logger.info("DNS欺骗ip配置下发响应信息："+result.getMsg());
 				}
 			} catch (Exception e) {
-				logger.error("DNS响应策略配置配置下发失败",e);
+				logger.error("DNS欺骗ip配置下发失败",e);
 				throw e;
 			}
 		}else if(entity.getIsAudit()==3){
-			List<NtcDnsResStrategy> resStrategyList=new ArrayList<>();
-			//NtcDnsResStrategy ntcDnsResStrategy=convertCallBackDnsResStrategy(cfg);
-			//resStrategyList.add(ntcDnsResStrategy);
+			List<InlineIp> resStrategyList=new ArrayList<>();
+			InlineIp resStrategy=convertCallBackIp(entity,entity.getDnsStrategyId());
+			resStrategyList.add(resStrategy);
 			//调用服务接口取消配置
 			json=gsonToJson(resStrategyList);
-			logger.info("DNS响应策略配置配置参数："+json);
+			logger.info("DNS欺骗ip配置参数："+json);
 			//调用服务接口取消配置
 			try {
 				ToMaatResult result = ConfigServiceUtil.put(json, 2);
-				logger.info("DNS响应策略配置响应信息："+result.getMsg());
+				logger.info("DNS欺骗ip配置响应信息："+result.getMsg());
 			} catch (Exception e) {
 				e.printStackTrace();
-				logger.info("DNS响应策略配置配置失败");
+				logger.info("DNS欺骗ip配置配置失败");
 				throw e;
 			}
 		}
--- a/src/main/java/com/nis/web/service/configuration/DnsResStrategyService.java
+++ b/src/main/java/com/nis/web/service/configuration/DnsResStrategyService.java
@@ -56,13 +56,13 @@ public class DnsResStrategyService extends BaseService{
 		page.setList(list);
 		return page;
 	}
-	public List<DnsResStrategy> findDnsResStrategys(Long cfgId,Integer isValid) {
-		List<DnsResStrategy> list=dnsResStrategyDao.findList(cfgId,isValid);
+	public List<DnsResStrategy> findDnsResStrategys(Long cfgId,Integer isValid,Integer isAudit) {
+		List<DnsResStrategy> list=dnsResStrategyDao.findList(cfgId,isValid,isAudit);
 		return list;
 	}
 	
 	public DnsResStrategy getDnsResStrategy(Long id,Integer isValid) {
-		List<DnsResStrategy> list=dnsResStrategyDao.findList(id,isValid);
+		List<DnsResStrategy> list=dnsResStrategyDao.findList(id,isValid,null);
 		DnsResStrategy dnsResStrategy=null;
 		if(list != null && list.size()>0){
 			dnsResStrategy=list.get(0);
@@ -73,7 +73,7 @@ public class DnsResStrategyService extends BaseService{
 	public void saveOrUpdate(DnsResStrategy entity){
 		Date createTime=new Date();
 		setAreaEffectiveIds(entity);
-		 List<DnsResStrategy> list=dnsResStrategyDao.findList(entity.getCfgId(),null);
+		 List<DnsResStrategy> list=dnsResStrategyDao.findList(entity.getCfgId(),null,null);
 		//新增
 		if(list==null || list.size()==0){
 			entity.initDefaultValue();
--- a/src/main/java/com/nis/web/service/configuration/IpCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/IpCfgService.java
@@ -157,7 +157,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 		if(cfg.getIsAudit()==1){
 			if(Constants.DROP_ACTION==cfg.getAction()||Constants.LOOP_ACTION==cfg.getAction()){
 				List<InlineIp> ipList=new ArrayList<>();
-				InlineIp ip=convertCallBackIp(cfg);
+				InlineIp ip=convertCallBackIp(cfg,null);
 				ipList.add(ip);
 				//调用服务接口下发配置数据
 				json=gsonToJson(ipList);
@@ -215,7 +215,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 		}else if(cfg.getIsAudit()==3){
 			if(Constants.DROP_ACTION==cfg.getAction()||Constants.LOOP_ACTION==cfg.getAction()){
 				List<InlineIp> ipList=new ArrayList<>();
-				InlineIp ip=convertCallBackIp(cfg);
+				InlineIp ip=convertCallBackIp(cfg,null);
 				ipList.add(ip);
 				//调用服务接口取消配置
 				json=gsonToJson(ipList);
--- a/src/main/java/com/nis/web/service/configuration/WebsiteCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/WebsiteCfgService.java
@@ -867,7 +867,10 @@ public class WebsiteCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo> {
 			maatCfg.setGroupNum(groupRelationList.size());
 			maatCfg.setAreaIpRegionList(areaIpRegionList);
 			maatCfg.setIsValid(entity.getIsValid());
-			
+			// dns reject userRegion=;dnsStrategyId;
+			if(!StringUtil.isEmpty(entity.getDnsStrategyId())){
+				maatCfg.setUserRegion(Constants.USER_REGION_SPLIT+entity.getDnsStrategyId()+Constants.USER_REGION_SPLIT);
+			}
 			configCompileList.add(maatCfg);
 			maatBean.setConfigCompileList(configCompileList);
 			maatBean.setAuditTime(entity.getAuditTime());
--- a/src/main/webapp/WEB-INF/tags/sys/delRow.tag
+++ b/src/main/webapp/WEB-INF/tags/sys/delRow.tag
@@ -129,14 +129,30 @@ var checkboxes=$("#${id} ${value} tbody tr td input.i-checks:checkbox");
 		  var compileIdStr="";
 		  var ids="";
 		  var compileIds="";
+		  var flag=false;//是否删除的为但是响应策略的无策略配置
 		  checkboxes.each(function(){
 		    if(true == $(this).is(':checked')){
-		      str+=$(this).attr("id")+",";
-		      if($(this).attr("compileId")){
-		    	  compileIdStr +=$(this).attr("compileId")+",";
-		      }
+		    	var id=$(this).attr("id");
+		    	var serviceId=$(this).attr("id");
+		    	if($(this).attr("serviceId")){
+		    		  serviceId=$(this).attr("serviceId");
+		      	}
+		    	if(serviceId == 65 && id==0){
+		    		flag=true;
+		    	}
+		      	str+=$(this).attr("id")+",";
+		      	if($(this).attr("compileId")){
+		    		  compileIdStr +=$(this).attr("compileId")+",";
+		      	}
 		    }
 		  });
+		  
+		  
+		  if(flag && url.indexOf("?isAudit=3") > 1){
+			  top.$.jBox.tip("<spring:message code='one_more'/>", "<spring:message code='info'/>");
+			return;
+		  }
+		  
 		  if(str.substr(str.length-1)== ','){
 		    ids = str.substr(0,str.length-1);
 		  }
--- a/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgForm.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgForm.jsp
@@ -53,6 +53,7 @@ $(function(){
                       	<input type="hidden" name="functionId" value="${_cfg.functionId}">
                       	<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
                       	<input type="hidden" id="protocolId" name="protocolId" value="${_cfg.protocolId}">
+                   				<input type="hidden" id="isAreaEffective" name="isAreaEffective" value="0">
                       	<!-- 配置域类型 -->
                   		<c:forEach items="${regionList}" var="region">
                   			<c:if test="${_cfg.functionId eq region.functionId}">
@@ -76,8 +77,7 @@ $(function(){
 								            <label class="control-label col-md-3"><spring:message code="policy_name"/></label>
 								            <div class="col-md-6">
 								            	<select name="dnsStrategyId" class="selectpicker show-tick form-control">
-													<option value="0"><spring:message code="select"/></option>
-					               					<c:forEach items="${dnsStrategys }" var="dnsStrategy">
+					               					<c:forEach items="${dnsResStrategys }" var="dnsStrategy">
 														<option value="${dnsStrategy.cfgId}" <c:if test="${_cfg.dnsStrategyId==dnsStrategy.cfgId }">selected</c:if>><spring:message code="${dnsStrategy.cfgDesc}"/></option>
 							              			</c:forEach>
 								                </select>
--- a/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/dnsIpCfgList.jsp
@@ -121,7 +121,6 @@
 							 			<sys:delRow url="${ctx}/cfg/dnsIp/form" id="contentTable" label="update"></sys:delRow>
                                        <sys:delRow url="${ctx}/cfg/dnsIp/delete?isValid=-1&functionId=${cfg.functionId }" id="contentTable" label="delete"></sys:delRow>
                                    </shiro:hasPermission>
-                               		<shiro:hasPermission name="dns:fake:ip:audit">
 	                                    <div class="btn-group">
 	                                        <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
 	                                            <i class="fa fa-wrench"></i> <spring:message code="examine"></spring:message>
@@ -133,7 +132,6 @@
 												<li><sys:delRow url="${ctx}/cfg/dnsIp/audit?isAudit=3&isValid=0&functionId=${cfg.functionId }" id="contentTable" label="cancelPass"></sys:delRow></li>            
 				                            </ul>
 				                         </div>
-                                    </shiro:hasPermission>
                                 	<a class="btn  btn-icon-only btn-default setfields tooltips" 
                                      		  data-container="body" data-placement="top" data-original-title=<spring:message code="custom_columns"/> href="javascript:;">
                                             <i class="icon-wrench"></i>
--- a/src/main/webapp/WEB-INF/views/cfg/maintenance/dnsResStrategy/list.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/maintenance/dnsResStrategy/list.jsp
@@ -280,7 +280,7 @@
 							<tbody>
 								<c:forEach items="${page.list }" var="cfg" varStatus="status" step="1">
 									<tr>
-									<td><input type="checkbox" class="i-checks" id="${cfg.cfgId}" value="${cfg.isAudit}"></td>
+									<td><input type="checkbox" class="i-checks" serviceId="${cfg.serviceId}" id="${cfg.cfgId}" value="${cfg.isAudit}"></td>
 									<td>${cfg.cfgId }</td>
 									<td>
 										<a href="javascript:;" data-original-title="${cfg.cfgDesc}"
--- a/src/main/webapp/WEB-INF/views/cfg/website/dnsForm.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/website/dnsForm.jsp
@@ -160,6 +160,21 @@
 										</div>
 									</div>
 								</div>
+								<div class="row">
+									<div class="col-md-6 policy">
+										<div class="form-group">
+											<label class="control-label col-md-3"><spring:message
+													code="policy_name" /></label>
+											<div class="col-md-6">
+												<select name="dnsStrategyId" class="selectpicker show-tick form-control">
+					               					<c:forEach items="${dnsResStrategys }" var="dnsStrategy">
+														<option value="${dnsStrategy.cfgId}" <c:if test="${_cfg.dnsStrategyId==dnsStrategy.cfgId }">selected</c:if>><spring:message code="${dnsStrategy.cfgDesc}"/></option>
+							              			</c:forEach>
+								                </select>
+											</div>
+										</div>
+									</div>
+								</div>
 								<c:set var="ipCfgIndex" value="0"></c:set>
 								<c:set var="complexCfgIndex" value="0"></c:set>
 								<c:forEach items="${regionList}" var="region" varStatus="status">
--- a/src/main/webapp/WEB-INF/views/cfg/website/dnsList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/website/dnsList.jsp
@@ -305,6 +305,7 @@
 								<tr>
 									<th><input type="checkbox" class="i-checks" id="checkAll"></th>
 								    <th class="cfgDesc"><spring:message code="config_describe"/></th>
+								    <th><spring:message code="policy_name"/></th>
 									<th><spring:message code="block_type"/></th>
 									<th><spring:message code="whether_area_block"/></th>
 									<th><spring:message code="letter"/></th>
@@ -329,6 +330,7 @@
 									<input type="checkbox" class="i-checks child-checks" id="${indexCfg.cfgId}" value="${indexCfg.isAudit}">
 									</td>
 								    <td>${indexCfg.cfgDesc }</td>
+								    <td>${indexCfg.dnsStrategyName }</td>
 									<td>
 										<c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
 											<c:if test="${dict.itemCode eq indexCfg.action }">
--- a/src/main/webapp/static/global/scripts/common.js
+++ b/src/main/webapp/static/global/scripts/common.js
@@ -23,6 +23,12 @@ $(function(){
 	$("select[name$='portPattern']").on("change",function(){
 		switchIpInfo(this);
 	});
+	switchAction($("input[name='action']:checked").val());
+	//DNS REJECT 时选择dnsStrategyId
+	$("input[name='action']").on('change',function(){
+		var action=$(this).val();
+		switchAction(action);
+	});
 	$(".glyphicon-plus").on("click",function(){
 		var obj=$(this).parents(".form-section").next(".container-fluid").clone();
 		var len=$(this).parents("div").find(".container-fluid:visible").size();
@@ -344,6 +350,20 @@ var switchIpType=function(obj){
 		}
 	}
 }
+var switchAction=function(action){
+	if(action == 16){ //reject
+		$(".policy").find("input,select,div,button").each(function(){
+			$(this).removeAttr("disabled");
+			$(this).removeClass("hidden");
+			$(this).removeClass("disabled");
+		})
+	}else{
+		$(".policy").find("input,select,div,button").each(function(){
+			$(this).attr("disabled","disabled");
+			$(this).addClass("hidden");
+		})
+	}
+}
 //ipType、ipPattern、portPattern选项变化时调用此方法，添加默认值
 var switchIpInfo=function(obj){
 	var ipType="";