gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.修改代理的拦截策略,将IP与域名拦截整合为一个serviceId与functionId,可组合配置;

Browse Source 
2.修改部分界面判断登录用户是否为超级用户的判断依据。
This commit is contained in:
zhangwei
2018-12-28 19:24:36 +06:00
parent 48880ca0ef
commit d2853dc1ab
8 changed files with 86 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/nis/domain/configuration/PxyObjSpoofingIpPool.java
View File

@@ -52,7 +52,7 @@ public class PxyObjSpoofingIpPool extends BaseIpCfg{
this.ipAddress = ipAddress;
}
public Integer getGroupId() {
if(groupId==null || groupId==0){
if((groupId==null || groupId==0) && cfgId!=null){
groupId=cfgId.intValue();
}
return groupId;

2
src/main/java/com/nis/web/service/configuration/InterceptCfgService.java
View File

@@ -486,7 +486,7 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
entity.setUserRegion1(StringUtil.isEmpty(entity.getUserRegion1()) ? "0":entity.getUserRegion1());
maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"="+entity.getUserRegion1());
//监测的域名需下发拦截强度
if(entity.getFunctionId().equals(201)){
if(entity.getFunctionId().equals(200)){
entity.setUserRegion5(StringUtil.isEmpty(entity.getUserRegion5()) ? "1":entity.getUserRegion5());
if(StringUtil.isEmpty(maatCfg.getUserRegion())) {
maatCfg.setUserRegion(Constants.INTERCEPT_DOMAN_INTENSITY_USER_REGION_KEY+"="+entity.getUserRegion5());

22
src/main/resources/sql/20181228/update_pxy_intercept_policy.sql Normal file
View File

@@ -0,0 +1,22 @@
UPDATE `function_service_dict` SET `dict_id`='63', `function_id`='200', `protocol_id`='0', `action`='1', `action_code`='monit', `service_id`='512', `service_name`='ip_intercepter_monit', `service_desc`='', `is_valid`='1', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='1,2', `is_import`='0', `sort`='2' WHERE (`dict_id`='63');
UPDATE `function_service_dict` SET `dict_id`='64', `function_id`='200', `protocol_id`='0', `action`='1', `action_code`='monit', `service_id`='512', `service_name`='domain_monit', `service_desc`='', `is_valid`='0', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='', `is_import`='0', `sort`='2' WHERE (`dict_id`='64');
UPDATE `function_service_dict` SET `dict_id`='99', `function_id`='200', `protocol_id`='0', `action`='128', `action_code`='whitelist', `service_id`='521', `service_name`='ip_intercepter_whitelist', `service_desc`='', `is_valid`='1', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='1,2', `is_import`='0', `sort`='1' WHERE (`dict_id`='99');
UPDATE `function_service_dict` SET `dict_id`='100', `function_id`='200', `protocol_id`='0', `action`='128', `action_code`='whitelist', `service_id`='521', `service_name`='domain_whitelist', `service_desc`='', `is_valid`='0', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='', `is_import`='0', `sort`='1' WHERE (`dict_id`='100');
UPDATE `function_service_dict` SET `dict_id`='108', `function_id`='200', `protocol_id`='0', `action`='64', `action_code`='ratelimit', `service_id`='514', `service_name`='ip_intercepter_ratelimit', `service_desc`='', `is_valid`='1', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='1,2', `is_import`='1', `sort`='3' WHERE (`dict_id`='108');
UPDATE `function_service_dict` SET `dict_id`='109', `function_id`='200', `protocol_id`='0', `action`='64', `action_code`='ratelimit', `service_id`='515', `service_name`='domain_intercepter_ratelimit', `service_desc`='', `is_valid`='0', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `region_code`='', `is_import`='0', `sort`='3' WHERE (`dict_id`='109');
UPDATE `function_region_dict` SET `dict_id`='53', `function_id`='200', `config_district`='', `config_region_code`='1', `config_region_value`='PXY_INTERCEPT_IP', `config_desc`='PXY拦截IP', `is_valid`='1', `is_maat`='1', `region_type`='1', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `config_service_type`='intercept_ratelimit_ip', `config_expr_type`='', `config_match_method`='', `config_ip_type`='4,6', `config_hex`='', `config_multi_keywords`='', `config_ip_pattern`='1,2,3', `config_port_pattern`='1,2', `config_direction`='0', `config_protocol`='6,17', `config_ip_port_show`='1,2,3,4', `config_region_sort`='1', `is_import`='0' WHERE (`dict_id`='53');
UPDATE `function_region_dict` SET `dict_id`='56', `function_id`='200', `config_district`='', `config_region_code`='2', `config_region_value`='PXY_INTERCEPT_DOMAIN', `config_desc`='PXY拦截域名', `is_valid`='1', `is_maat`='1', `region_type`='2', `creator_id`=NULL, `create_time`='0000-00-00 00:00:00', `editor_id`=NULL, `edit_time`='0000-00-00 00:00:00', `config_service_type`='intercept_domain', `config_expr_type`='0', `config_match_method`='1', `config_ip_type`='', `config_hex`='2', `config_multi_keywords`='0', `config_ip_pattern`='', `config_port_pattern`='', `config_direction`='', `config_protocol`='', `config_ip_port_show`='', `config_region_sort`='1', `is_import`='0' WHERE (`dict_id`='56');
UPDATE `sys_menu` SET `id`='721', `parent_id`='719', `parent_ids`='0,1,86,719,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='', `target`='', `icon`='', `is_show`='0', `permission`='', `create_by`='1', `create_date`='2018-06-19 17:29:52', `update_by`='1', `update_date`='2018-12-28 14:21:42', `remarks`='', `del_flag`='1', `menu_bg`='/online-help/proxy/intercept_policy', `quick_action`='0', `is_top`='0', `function_id`='0' WHERE (`id`='721');
UPDATE `sys_menu` SET `id`='722', `parent_id`='719', `parent_ids`='0,1,86,719,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='/proxy/intercept/ip/list?cfgName=ip_intercept', `target`='', `icon`='', `is_show`='1', `permission`='intercept:ip:config', `create_by`='1', `create_date`='2018-06-19 17:38:06', `update_by`='1', `update_date`='2018-12-28 14:26:45', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`='200' WHERE (`id`='722');
UPDATE `sys_menu` SET `id`='756', `parent_id`='748', `parent_ids`='0,1,150,748,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='', `target`='', `icon`='', `is_show`='0', `permission`='', `create_by`='1', `create_date`='2018-06-19 17:29:52', `update_by`='1', `update_date`='2018-12-28 14:21:07', `remarks`='', `del_flag`='1', `menu_bg`='', `quick_action`='0', `is_top`='0', `function_id`=NULL WHERE (`id`='756');
UPDATE `sys_menu` SET `id`='768', `parent_id`='748', `parent_ids`='0,1,150,748,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='/proxy/intercept/ip/list?cfgName=ip_intercept', `target`='', `icon`='', `is_show`='1', `permission`='intercept:ip:confirm', `create_by`='1', `create_date`='2018-07-04 10:16:24', `update_by`='1', `update_date`='2018-12-28 14:19:04', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`='200' WHERE (`id`='768');
UPDATE `sys_menu` SET `id`='851', `parent_id`='850', `parent_ids`='0,1,151,850,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='', `target`='', `icon`='', `is_show`='0', `permission`='', `create_by`='1', `create_date`='2018-07-13 16:27:49', `update_by`='1', `update_date`='2018-12-28 14:21:27', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`=NULL WHERE (`id`='851');
UPDATE `sys_menu` SET `id`='853', `parent_id`='850', `parent_ids`='0,1,151,850,', `code`='intercept_policy', `name`='拦截策略', `sort`='30', `href`='/proxy/intercept/ip/list?cfgName=ip_intercept', `target`='', `icon`='', `is_show`='1', `permission`='intercept:ip:audit', `create_by`='1', `create_date`='2018-07-13 16:29:26', `update_by`='1', `update_date`='2018-12-28 14:20:02', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`='200' WHERE (`id`='853');
UPDATE `sys_menu` SET `id`='1187', `parent_id`='717', `parent_ids`='0,1,86,717,', `code`='spoofing_ip_object', `name`='Spoofing IP Object', `sort`='5030', `href`='/proxy/spoofing/pool/list', `target`='', `icon`='', `is_show`='0', `permission`='proxy:spoofing:pool:config', `create_by`='1', `create_date`='2018-12-16 11:21:04', `update_by`='1', `update_date`='2018-12-27 20:25:31', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`='666' WHERE (`id`='1187');
UPDATE `sys_menu` SET `id`='1189', `parent_id`='750', `parent_ids`='0,1,150,750,', `code`='spoofing_ip_object', `name`='Spoofing IP Object', `sort`='450', `href`='/proxy/spoofing/pool/list', `target`='', `icon`='', `is_show`='0', `permission`='proxy:spoofing:pool:confirm', `create_by`='1', `create_date`='2018-12-16 15:16:44', `update_by`='1', `update_date`='2018-12-27 20:25:50', `remarks`='', `del_flag`='1', `menu_bg`=NULL, `quick_action`='0', `is_top`='0', `function_id`='666' WHERE (`id`='1189');
UPDATE `sys_menu` SET `id`='1190', `parent_id`='865', `parent_ids`='0,1,151,865,', `code`='spoofing_ip_object', `name`='Spoofing IP Object', `sort`='450', `href`='/proxy/spoofing/pool/list', `target`='', `icon`='', `is_show`='0', `permission`='', `create_by`='1', `create_date`='2018-12-16 15:16:44', `update_by`='1', `update_date`='2018-12-27 20:27:12', `remarks`='', `del_flag`='1', `menu_bg`='', `quick_action`='0', `is_top`='0', `function_id`='666' WHERE (`id`='1190');

2
src/main/webapp/WEB-INF/views/basics/sysDictList.jsp
View File

@@ -65,7 +65,7 @@
if(cked.prop("placeholder")!=1){
confirmx("<spring:message code='confirm_message'/>", url+"&sysDictId="+cked.val());
}else{
if(${fns:getUser().loginId=='admin'}){
if(${fns:getUser().isAdmin()}){
confirmx("<spring:message code='confirm_message'/>", url+"&sysDictId="+cked.val());
}else{
top.$.jBox.tip("<spring:message code='initial_data_is_not_allowed_to_edit.'/>", "<spring:message code='info'/>");

2
src/main/webapp/WEB-INF/views/cfg/app/appMultiFeatureCfgForm.jsp
View File

@@ -267,7 +267,7 @@ var delContent = function(contentClassName, addBtnClassName) {
</div>
</div>
</div>
<c:if test="${fns:getUser().loginId eq 'admin' or fns:getUser().loginId eq 'appUser' }">
<c:if test="${fns:getUser().isAdmin() or fns:getUser().loginId eq 'appUser' }">
<div class="row">
<div class="col-md-6">
<div class="form-group">

23
src/main/webapp/WEB-INF/views/cfg/complexCfgForm.jsp
View File

@@ -26,6 +26,27 @@
</div>
</div>
<br>
<!-- 域名拦截增加拦截强度 -->
<c:if test="${_cfg.functionId eq 200}">
<div class="row hidden intensity">
<div class="col-md-6">
<div class="form-group">
<label class="control-label col-md-3"><font color="red">*</font>
<spring:message code="intercept_intensity" />
</label>
<div class="col-md-6">
<select name="userRegion5"
class="selectpicker show-tick form-control required">
<c:forEach items="${fns:getDictList('INTERCEPT_DOMAIN_INTENSITY')}" var="intensityC">
<option value="${intensityC.itemCode}" <c:if test="${_cfg.userRegion5==intensityC.itemCode || (empty _cfg.userRegion5 && intensityC.itemCode eq 1)}">selected</c:if>><spring:message code="${intensityC.itemValue}"/></option>
</c:forEach>
</select>
</div>
<div for="userRegion5"></div>
</div>
</div>
</div>
</c:if>
<c:if test="${!empty region.configDistrict }">
<div class="row">
<div class="col-md-6">
@@ -85,7 +106,7 @@
<!-- 此配置的关键词可以输入多个关键词 -->
<c:if test="${region.configMultiKeywords eq 1}">
<div class="col-md-6">
<input class="form-control required tags" type="text" id="tags_${tabName}"
<input class="form-control required tags" type="text" id="tags_${tabName}${status.index}"
name="${cfgName}.cfgKeywords"
value="${cfg.cfgKeywords}">
</div>

33
src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp
View File

@@ -317,6 +317,7 @@
$(".replaceAction").addClass("hidden");
$(".whiteListAction").addClass("hidden");
$(".spoofingAction").addClass("hidden");
$(".intensity").removeClass("hidden");//域名关联度
if(interceptRatelimitIp == 'intercept_ratelimit_ip'){
$("select[name='"+protocolNamePrefix+"protocol']").find("option").remove();
$("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh");
@@ -336,6 +337,7 @@
$(".replaceAction").addClass("hidden");
$(".whiteListAction").addClass("hidden");
$(".spoofingAction").addClass("hidden");
$(".intensity").addClass("hidden");//域名关联度
if(interceptRatelimitIp == 'intercept_ratelimit_ip'){
$("select[name='"+protocolNamePrefix+"protocol']").find("option").remove();
$("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh");
@@ -356,6 +358,7 @@
$(".replaceAction").removeClass("hidden");
$(".whiteListAction").addClass("hidden");
$(".spoofingAction").addClass("hidden");
$(".intensity").addClass("hidden");//域名关联度
if(interceptRatelimitIp == 'intercept_ratelimit_ip'){
$("select[name='"+protocolNamePrefix+"protocol']").find("option").remove();
$("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh");
@@ -373,6 +376,7 @@
$(".replaceAction").addClass("hidden");
$(".whiteListAction").removeClass("hidden");
$(".spoofingAction").addClass("hidden");
$(".intensity").addClass("hidden");//域名关联度
if(interceptRatelimitIp == 'intercept_ratelimit_ip'){
$("select[name='"+protocolNamePrefix+"protocol']").find("option").remove();
$("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh");
@@ -392,6 +396,7 @@
$(".replaceAction").addClass("hidden");
$(".whiteListAction").addClass("hidden");
$(".spoofingAction").removeClass("hidden");
$(".intensity").addClass("hidden");//域名关联度
if(interceptRatelimitIp == 'intercept_ratelimit_ip'){
$("select[name='"+protocolNamePrefix+"protocol']").find("option").remove();
$("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh");
@@ -410,10 +415,13 @@
</head>
<body>
<!-- fucntion_ID 200-IP 201-DOMAIN -->
<c:if test="${_cfg.functionId eq 200 or _cfg.functionId eq 214}">
<c:if test="${_cfg.functionId eq 214}">
<c:set var="interceptType" value="Ip"/>
</c:if>
<c:if test="${_cfg.functionId eq 201}">
<c:if test="${_cfg.functionId eq 200}">
<c:set var="interceptType" value="Ip"/>
</c:if>
<c:if test="${cfg.functionId eq 201}">
<c:set var="interceptType" value="Domain"/>
</c:if>
<c:if test="${_cfg.functionId eq 212}">
@@ -532,25 +540,6 @@
<spring:message code="action_region" />
<small></small>
</h4>
<!-- 域名拦截增加拦截强度 -->
<c:if test="${_cfg.functionId eq 201}">
<div class="col-md-6">
<div class="form-group">
<label class="control-label col-md-3"><font color="red">*</font>
<spring:message code="intercept_intensity" />
</label>
<div class="col-md-6">
<select name="userRegion5"
class="selectpicker show-tick form-control required">
<c:forEach items="${fns:getDictList('INTERCEPT_DOMAIN_INTENSITY')}" var="intensityC">
<option value="${intensityC.itemCode}" <c:if test="${_cfg.userRegion5==intensityC.itemCode || (empty _cfg.userRegion5 && intensityC.itemCode eq 1)}">selected</c:if>><spring:message code="${intensityC.itemValue}"/></option>
</c:forEach>
</select>
</div>
<div for="userRegion5"></div>
</div>
</div>
</c:if>
<div class="col-md-6">
<div class="form-group">
<label class="control-label col-md-3"><spring:message
@@ -744,7 +733,7 @@
</div> --%>
</div>
<%-- action 为128 白名单时 --%>
<c:if test="${_cfg.functionId eq 201}">
<c:if test="${_cfg.functionId eq 200}">
<div class="row whiteListAction hidden">
<%-- <h4 class="form-section">
<spring:message code="action_region" />

41
src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp
View File

@@ -95,7 +95,10 @@
</head>
<body>
<c:if test="${cfg.functionId eq 200 or cfg.functionId eq 214}">
<c:if test="${cfg.functionId eq 214}">
<c:set var="interceptType" value="Ip"/>
</c:if>
<c:if test="${cfg.functionId eq 200}">
<c:set var="interceptType" value="Ip"/>
</c:if>
<c:if test="${cfg.functionId eq 201}">
@@ -382,15 +385,16 @@
<th column="cfg_id" class="sort-column a.compile_id" style="display: none"><spring:message code="cfg_id"/></th>
<th column="config_describe" class="sort-column a.cfg_desc cfgDesc"><spring:message code="config_describe"/></th>
<th column="block_type" class="sort-column a.action"><spring:message code="block_type"/></th>
<c:if test="${cfg.functionId eq 201 }">
<c:if test="${cfg.functionId eq 200 }">
<th column="userregion2" ><spring:message code="ratelimit"/></th>
<%-- <th column="bandwith" ><spring:message code="bandwith"/></th> --%>
<th column="userregion1" ><spring:message code="intercept_file_strategy"/></th>
<th column="userregion5" ><spring:message code="intercept_intensity"/></th>
</c:if>
<c:if test="${cfg.functionId eq 200 }">
<%-- <th column="bandwith" ><spring:message code="bandwith"/></th> --%>
<%-- <c:if test="${cfg.functionId eq 200 }">
<th column="bandwith" ><spring:message code="bandwith"/></th>
<th column="userRegion1" ><spring:message code="intercept_file_strategy"/></th>
</c:if>
</c:if> --%>
<c:if test="${cfg.functionId eq 212 }">
<th column="userregion1" ><spring:message code="replace_zone"/></th>
<th column="userregion2" ><spring:message code="replaced_content"/></th>
@@ -400,9 +404,9 @@
<th column="userregion1" ><spring:message code="spoofing"/></th>
<th column="userregion2" ><spring:message code="With"/></th>
</c:if>
<c:if test="${cfg.functionId eq 201 }">
<%-- <c:if test="${cfg.functionId eq 201 }">
<th column="userregion1" ><spring:message code="intercept_intensity"/></th>
</c:if>
</c:if> --%>
<th column="is_audit" ><spring:message code="is_audit"/></th>
<%-- <th column="do_log" ><spring:message code="do_log"/></th> --%>
<th column="whether_area_block" ><spring:message code="whether_area_block"/></th>
@@ -450,7 +454,7 @@
</td>
<c:if test="${cfg.functionId eq 201 }">
<c:if test="${cfg.functionId eq 200 }">
<td>
<c:if test="${indexCfg.action eq 64}">
<c:forEach items="${fns:getDictList('RATE_LIMIT')}" var="ratelimitC">
@@ -472,13 +476,22 @@
</c:forEach>
</c:if>
</td>
<td>
<c:if test="${indexCfg.action eq 1 }">
<c:forEach items="${fns:getDictList('INTERCEPT_DOMAIN_INTENSITY') }" var="intentsityC">
<c:if test="${intentsityC.itemCode eq indexCfg.userRegion5 }">
<spring:message code="${intentsityC.itemValue }"/>
</c:if>
</c:forEach>
</c:if>
</td>
</c:if>
<c:if test="${cfg.functionId eq 200 }">
<%-- <td>
<%-- <c:if test="${cfg.functionId eq 200 }">
<td>
<c:if test="${indexCfg.action eq 64}">
${indexCfg.userRegion3 }
</c:if>
</td> --%>
</td>
<td>
<c:if test="${indexCfg.action eq 1}">
<c:forEach items="${certificateList}" var="certificate">
@@ -486,7 +499,7 @@
</c:forEach>
</c:if>
</td>
</c:if>
</c:if> --%>
<c:if test="${cfg.functionId eq 212 }">
<td>
<c:forEach items="${fns:getDictList('INTERCEPT_REPLACE_ZONE')}" var="replaceZoneC">
@@ -519,7 +532,7 @@
</c:forEach> --%>
</td>
</c:if>
<c:if test="${cfg.functionId eq 201 }">
<%-- <c:if test="${cfg.functionId eq 201 }">
<td>
<c:if test="${indexCfg.action eq 1 }">
<c:forEach items="${fns:getDictList('INTERCEPT_DOMAIN_INTENSITY') }" var="intentsityC">
@@ -529,7 +542,7 @@
</c:forEach>
</c:if>
</td>
</c:if>
</c:if> --%>
<td>
<c:choose>
<c:when test="${indexCfg.isAudit eq '0'}"><span class="label label-danger"><spring:message code="created"></spring:message></span></c:when>