diff --git a/src/main/java/com/nis/web/service/BaseService.java b/src/main/java/com/nis/web/service/BaseService.java index f13b626cf..ce2d81f55 100644 --- a/src/main/java/com/nis/web/service/BaseService.java +++ b/src/main/java/com/nis/web/service/BaseService.java @@ -7,6 +7,7 @@ import java.math.BigDecimal; import java.nio.charset.Charset; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Arrays; import java.util.Date; import java.util.HashMap; import java.util.List; @@ -57,6 +58,7 @@ import com.nis.domain.configuration.AppPolicyCfg; import com.nis.domain.configuration.AppTopicDomainCfg; import com.nis.domain.configuration.AreaBean; import com.nis.domain.configuration.AreaIpCfg; +import com.nis.domain.configuration.AsnKeywordCfg; import com.nis.domain.configuration.BaseCfg; import com.nis.domain.configuration.BaseIpCfg; import com.nis.domain.configuration.BaseStringCfg; @@ -67,6 +69,7 @@ import com.nis.domain.configuration.DnsIpCfg; import com.nis.domain.configuration.DnsResStrategy; import com.nis.domain.configuration.FileDigestCfg; import com.nis.domain.configuration.IpReusePolicyCfg; +import com.nis.domain.configuration.NtcSubscribeIdCfg; import com.nis.domain.configuration.PxyObjKeyring; import com.nis.domain.configuration.PxyObjTrustedCaCert; import com.nis.domain.configuration.PxyObjTrustedCaCrl; @@ -540,6 +543,48 @@ public abstract class BaseService { cfg.setIsValid(baseCfg.getIsValid()); dstList.add(cfg); } + } else if (cfgType == 7) { //ASN关键字配置 + /*//TODO 下发之前是否需要增加asn号的有效性校验,创建配置和下发配置不是在同一时间 + //TODO 考虑增加配置id、表名和ASN组织,以及ASN NO的关系。 + //TODO 如果ASNO 和组织关系没有了,数据需要清理,asn组织和配置id关系没有了,也需要清理 + int regionNum=0; + //多个ASNNO存在一个ASN关键字配置中, + for (int i = 0; i < srcList.size(); i++) { + AsnKeywordCfg asnKeywordCfg=(AsnKeywordCfg)srcList.get(i); + regionNum+=asnKeywordCfg.getCfgKeywords().split(",").length; + + } + + //List groupIdList = ConfigServiceUtil.getId(2, srcList.size()); + List regionIdList = ConfigServiceUtil.getId(3, regionNum); + Integer regionIndex=0;*/ + List listGroupId=new ArrayList<>(); + for (int i = 0; i < srcList.size(); i++) { + AsnKeywordCfg asnKeywordCfg = (AsnKeywordCfg)srcList.get(i); + GroupCfg group = new GroupCfg(); + group.setGroupId(Integer.parseInt(asnKeywordCfg.getUserRegion1())); + group.setCompileId(baseCfg.getCompileId()); + group.setAuditTime(baseCfg.getAuditTime()); + group.setIsValid(baseCfg.getIsValid()); + group.setIsCommonGroup(1);//标识为公共组 //TODO 已下发过的组是否还需标记为公共组 + if(!listGroupId.contains(group.getGroupId())){ + groupRelationList.add(group); + listGroupId.add(group.getGroupId()); + } + + //****************是否下发域信息******* + if("1".equals(asnKeywordCfg.getUserRegion3())){ + StringCfg cfg = new StringCfg(); + BeanUtils.copyProperties(asnKeywordCfg, cfg); + cfg.setGroupId(group.getGroupId()); + cfg.setRegionId(Integer.parseInt(asnKeywordCfg.getUserRegion2())); + cfg.setAuditTime(baseCfg.getAuditTime()); + cfg.setIsValid(baseCfg.getIsValid()); + // 处理配置关键字转译 + cfg.setCfgKeywords(keywordsEscape(asnKeywordCfg.getCfgKeywords())); + dstList.add(cfg); + } + } } else { dstList.addAll(srcList); } @@ -1829,7 +1874,7 @@ public abstract class BaseService { group.setIssuedIPs(asnGroupAddRegion.getValue()+0l); ((AsnGroupInfoDao) batchSqlSession.getMapper(AsnGroupInfoDao.class)).modifyIssuedIp(group);; } - asnIPRegionSendToMaat(toAddRegionAsnIpCfgs,Constants.VALID_YES); + asnIPRegionSendToMaat(toAddRegionAsnIpCfgs,Constants.VALID_YES,Constants.OPACTION_POST); } if(toSendFirstAsnIpCfgs.size()>0) { List configCompileList = new ArrayList(); @@ -2163,7 +2208,7 @@ public abstract class BaseService { List groupReuseList=new ArrayList<>(); GroupReuseCfg groupReuseCfg=new GroupReuseCfg(); /*groupReuseCfg.setUserRegion(userRegion);*/ - groupReuseCfg.setServiceId(tempList.get(0).getServiceId()); + /*groupReuseCfg.setServiceId(tempList.get(0).getServiceId());*/ ipRegionList.addAll(groupReuseCfgAddRemoveConvert(tempList,Constants.VALID_YES,configGroupInfo.getGroupId())); groupReuseCfg.setIpRegionList(ipRegionList); groupReuseCfg.setStrRegionList(strRegionList); @@ -2178,7 +2223,7 @@ public abstract class BaseService { String json=gsonToJson(maatBean); logger.info("app协议IP域新增配置下发配置参数:"+json); //调用服务接口下发配置 - ToMaatResult result = ConfigServiceUtil.postGroupReuseSources(json); + ToMaatResult result = ConfigServiceUtil.auditCommonGroupRegionSources(json,1); logger.info("app协议IP域新增配置响应信息:"+result.getMsg()); }else { throw new RuntimeException("Unknown configGroupInfo isIssued value"); @@ -2248,7 +2293,7 @@ public abstract class BaseService { List groupReuseList=new ArrayList<>(); GroupReuseCfg groupReuseCfg=new GroupReuseCfg(); /*groupReuseCfg.setUserRegion(userRegion);*/ - groupReuseCfg.setServiceId(tempList.get(0).getServiceId()); + /*groupReuseCfg.setServiceId(tempList.get(0).getServiceId());*/ ipRegionList.addAll(groupReuseCfgAddRemoveConvert(tempList,Constants.VALID_YES,configGroupInfo.getGroupId())); groupReuseCfg.setIpRegionList(ipRegionList); groupReuseCfg.setStrRegionList(strRegionList); @@ -2263,7 +2308,7 @@ public abstract class BaseService { String json=gsonToJson(maatBean); logger.info("app协议IP域新增配置下发配置参数:"+json); //调用服务接口下发配置 - ToMaatResult result = ConfigServiceUtil.postGroupReuseSources(json); + ToMaatResult result = ConfigServiceUtil.auditCommonGroupRegionSources(json,1); logger.info("app协议IP域新增配置响应信息:"+result.getMsg()); }else { throw new RuntimeException("Unknown configGroupInfo isIssued value"); @@ -2488,6 +2533,23 @@ public abstract class BaseService { maatCfg.setUserRegion(userRegion); }else if(regionDict.getFunctionId()==563 || regionDict.getFunctionId()==565 || regionDict.getFunctionId()==566) {// APP Payload、HTTP、SSL Admin maatCfg.setUserRegion(Constants.APP_ID_REGION+"="+_cfg.getAppCode()); + }else if(regionDict.getFunctionId()==214) { + String userRegion="nat_type="+_cfg.getUserRegion1()+";spoofing_ip_pool="+_cfg.getUserRegion3(); + maatCfg.setUserRegion(userRegion); + }else if(regionDict.getFunctionId()==212) { + String userRegion=Constants.REPLACE_ZONE_KEY+"="+_cfg.getUserRegion1(); + String substitute=""; + String userRegion2=StringUtil.isEmpty(_cfg.getUserRegion2()) ? "":_cfg.getUserRegion2(); + substitute="/"; + userRegion2 = BaseService.replaceContentEscape(userRegion2); + substitute=substitute+userRegion2; + + String userRegion3=StringUtil.isEmpty(_cfg.getUserRegion3()) ? "":_cfg.getUserRegion3(); + userRegion3 = BaseService.replaceContentEscape(userRegion3); + substitute=substitute+"/"+userRegion3; + + userRegion=userRegion+";"+Constants.REPLACE_SUBSTITUTE_KEY+"="+substitute; + maatCfg.setUserRegion(userRegion); } configCompileList.add(maatCfg); @@ -2733,10 +2795,11 @@ public abstract class BaseService { } /** - * asn ip分组复用新增 + * asn ip分组复用新增[POST],修改[PUT],删除[PUT] + * 首次下发直接走maat,公共组第二次下发直接走addCommonRegion,updateCommonRegion,delCommonRegion * @param asnIpCfgs */ - public void asnIPRegionSendToMaat(List asnIpCfgs,Integer valid) { + public void asnIPRegionSendToMaat(List asnIpCfgs,Integer valid,Integer action) { logger.warn("asnIPRegionSendToMaat start"); long start=System.currentTimeMillis(); GroupReuseAddBean maatBean = new GroupReuseAddBean(); @@ -2754,19 +2817,19 @@ public abstract class BaseService { maatBean.setCreatorName(UserUtils.getUser().getName()); maatBean.setVersion(Constants.MAAT_VERSION); if(valid==Constants.VALID_YES) { - maatBean.setOpAction(Constants.INSERT_ACTION); + maatBean.setOpAction(action); //调用服务接口下发配置数据 String json=gsonToJson(maatBean); if(asnIpCfgs.size()<=100) { - logger.info("asn ip复用域新增配置下发配置参数:"+json); + logger.info("asn ip复用域 "+action+"下发配置参数:"+json); }else { - logger.info("asn ip复用域新增配置下发region条数:"+asnIpCfgs.size()); + logger.info("asn ip复用域 "+action+" 配置下发region条数:"+asnIpCfgs.size()); } //调用服务接口下发配置 - ToMaatResult result =ConfigServiceUtil.postGroupReuseSources(json); - logger.info("asn ip复用域新增配置响应信息:"+result.getMsg()); + ToMaatResult result =ConfigServiceUtil.auditCommonGroupRegionSources(json,action); + logger.info("asn ip复用域 "+action+" 配置响应信息:"+result.getMsg()); }else { - maatBean.setOpAction(Constants.UPDATE_ACTION); + maatBean.setOpAction(action); //调用服务接口下发配置数据 String json=gsonToJson(maatBean); if(asnIpCfgs.size()<=100) { @@ -2776,10 +2839,294 @@ public abstract class BaseService { } //调用服务接口下发配置 - ToMaatResult result = ConfigServiceUtil.put(json,3); + ToMaatResult result = ConfigServiceUtil.auditCommonGroupRegionSources(json,3); logger.info("asn ip复用域删除配置响应信息:"+result.getMsg()); } long end=System.currentTimeMillis(); logger.warn("asnIPRegionSendToMaat finish,cost:"+(end-start)); } + + /** + * ASN关键字配置处理 + * @param asnList + * @param entity + */ + public void handleAsn(List asnList,BaseCfg entity) { + //无效子配置后,再新增子配置 + StringCfgDao stringCfgDao=SpringContextHolder.getBean(StringCfgDao.class); + stringCfgDao.deleteAsnKeyword(entity); + String commonGroupIds="";//公共表存储组织GroupIds + if(asnList != null && asnList.size()>0){ + for (AsnKeywordCfg asnKeywordCfg : asnList) { + BeanUtils.copyProperties(entity, asnKeywordCfg,new String[]{"cfgId","cfgRegionCode","cfgType","userRegion1","userRegion2","userRegion3","userRegion4","userRegion5"}); + asnKeywordCfg.setTableName(AsnKeywordCfg.getTablename()); + asnKeywordCfg.setIsAudit(entity.getIsAudit()); + asnKeywordCfg.setIsValid(entity.getIsValid()); + asnKeywordCfg.setEditTime(entity.getEditTime()); + asnKeywordCfg.setEditorId(entity.getEditorId()); + asnKeywordCfg.setExprType(0); + asnKeywordCfg.setMatchMethod(3); + asnKeywordCfg.setExType("0"); + asnKeywordCfg.setIsHexbin(0); + asnKeywordCfg.setCreateTime(new Date()); + asnKeywordCfg.setCreatorId(UserUtils.getUser().getId()); + stringCfgDao.saveStringCfgBatch(asnKeywordCfg); + + commonGroupIds+=asnKeywordCfg.getUserRegion1()+",";//组织GroupId + } + } + if(!StringUtil.isEmpty(commonGroupIds)){ + commonGroupIds=commonGroupIds.substring(0, commonGroupIds.length()-1); + } + entity.setCommonGroupIds(commonGroupIds); + //return entity; + } + /** + * ASN关键字配置处理 + * @param asnList + * @param entity + */ + public void auditAsnCfg(List groupRelationList,List strRegionList,BaseCfg entity,List asnList){ + //注意:一条配置是一个分组,keywords=asnNos|userRegion1=groupId|userRegion2=isAuditAll 0 1 + if(!StringUtil.isEmpty(asnList)){ + AsnGroupInfoDao asnGroupInfoDao=SpringContextHolder.getBean(AsnGroupInfoDao.class); + ConfigGroupInfoDao configGroupInfoDao=SpringContextHolder.getBean(ConfigGroupInfoDao.class); + + //1、修改域配置为下发状态 + AsnKeywordCfg asnCfg=new AsnKeywordCfg(); + BeanUtils.copyProperties(entity, asnCfg); + asnCfg.setTableName(AsnKeywordCfg.getTablename()); + IpCfgDao ipCfgDao=SpringContextHolder.getBean(IpCfgDao.class); + ipCfgDao.auditCfg(asnCfg); + + //需要标记为下发全部域的groupId集合 + List signAuditAllGroupList=new ArrayList<>(); + //需要标记下发的groupId + List isUsedGroupIdList=new ArrayList<>(); + //所有已被策略引用过的域 + List auditRegionList=new ArrayList<>(); + //所有未被策略过的域 + List notAuditRegionList=new ArrayList<>(); + //域和分组的关系 + Map groupWithRegion=new HashMap<>(); + //所有策略所选asn No + List asnNoList=new ArrayList<>(); + //所有未下发过的asnNo + List notAuditAsnNoList=new ArrayList<>(); + //最新的asn域集合 + List newAsnList=new ArrayList<>(); + + //2、记录标记为下发all的groupId|存储组和asnno的关系|记录需要标记为已下发的group + for (AsnKeywordCfg asnKeywordCfg : asnList) { + asnKeywordCfg.setUserRegion2(StringUtil.isEmpty(asnKeywordCfg.getUserRegion2()) ? "1":"0"); + if("1".equals(asnKeywordCfg.getUserRegion2())){ //是否标记为下发ALL + signAuditAllGroupList.add(Integer.parseInt(asnKeywordCfg.getUserRegion1())); + } + for (String asnstr: asnKeywordCfg.getCfgKeywords().split(",")) { + groupWithRegion.put(asnstr, asnKeywordCfg.getUserRegion1()); + } + if(!isUsedGroupIdList.contains(Integer.parseInt(asnKeywordCfg.getUserRegion1()))){ + isUsedGroupIdList.add(Integer.parseInt(asnKeywordCfg.getUserRegion1())); + } + List list=Arrays.asList(asnKeywordCfg.getCfgKeywords().split(",")); + asnNoList.addAll(list); + } + + //3、//根据asnNoList查询所有下发过的ASN NO + if(!StringUtil.isEmpty(asnNoList)){ + auditRegionList=asnGroupInfoDao.findAsnGroupInfoByAsnNos(asnNoList, 1); + } + //已下发过的ASN NO只需要下发组 + if(!StringUtil.isEmpty(auditRegionList)){ + for (AsnGroupInfo asnGroupInfo : auditRegionList) { + AsnKeywordCfg cfg = new AsnKeywordCfg(); + cfg.initDefaultValue(); + cfg.setTableName(AsnKeywordCfg.getTablename()); + cfg.setCfgType(asnList.get(0).getCfgType()); + cfg.setCompileId(entity.getCompileId()); + cfg.setCfgKeywords(asnGroupInfo.getGroupId().toString());//关键字 + cfg.setUserRegion1(groupWithRegion.get(asnGroupInfo.getAsnId().toString())); //组号 + cfg.setUserRegion2(asnGroupInfo.getRegionId().toString());//regionid + cfg.setUserRegion3("0"); //是否下发域 + cfg.setIsAudit(entity.getIsAudit()); + cfg.setIsValid(entity.getIsValid()); + cfg.setAuditorId(entity.getAuditorId()); + cfg.setAuditTime(entity.getAuditTime()); + cfg.setFunctionId(entity.getFunctionId()); + newAsnList.add(cfg); + } + } + + //4、查询所有未下发过的 ASN NO + if(!StringUtil.isEmpty(asnNoList)){ + notAuditRegionList=asnGroupInfoDao.findAsnGroupInfoByAsnNos(asnNoList, 0); + } + + if(!StringUtil.isEmpty(notAuditRegionList)){ + for (AsnGroupInfo asnGroupInfo : notAuditRegionList) { + AsnKeywordCfg cfg = new AsnKeywordCfg(); + cfg.initDefaultValue(); + cfg.setTableName(AsnKeywordCfg.getTablename()); + cfg.setCompileId(entity.getCompileId()); + cfg.setCfgType(asnList.get(0).getCfgType()); + cfg.setCfgKeywords(asnGroupInfo.getAsnId().toString());//关键字 + cfg.setUserRegion1(groupWithRegion.get(asnGroupInfo.getAsnId().toString())); //groupId + cfg.setUserRegion2(asnGroupInfo.getRegionId().toString());//regionid + cfg.setUserRegion3("1"); //是否下发域 + cfg.setIsAudit(entity.getIsAudit()); + cfg.setIsValid(entity.getIsValid()); + cfg.setAuditorId(entity.getAuditorId()); + cfg.setAuditTime(entity.getAuditTime()); + cfg.setFunctionId(entity.getFunctionId()); + newAsnList.add(cfg); + notAuditAsnNoList.add(asnGroupInfo.getAsnId().toString()); + } + } + //5、修改所有下发的asn no为已下发 + if(!StringUtil.isEmpty(notAuditAsnNoList)){ + asnGroupInfoDao.updateIsUsedAndIsValid(notAuditAsnNoList,1,null); + } + //6、标记组已被策略标记为全部下发 + configGroupInfoDao.updateIsAuditAll(4, 1,signAuditAllGroupList ); + //7、标记组已被策略引用 + configGroupInfoDao.updateIsUsed(4, 1, isUsedGroupIdList); + //8、maat配置转换 + if(!StringUtil.isEmpty(newAsnList)){ + Map map = cfgConvert(strRegionList,newAsnList,7,entity,groupRelationList); + } + } + + + /*if(asnList!=null && asnList.size()>0){ + + for (AsnKeywordCfg asnKeywordCfg : asnList) { + asnNoStr+=asnKeywordCfg.getCfgKeywords()+","; + } + + AsnKeywordCfg cfg = new AsnKeywordCfg(); + cfg.setTableName(AsnKeywordCfg.getTablename()); + cfg.setCompileId(entity.getCompileId()); + cfg.setIsAudit(entity.getIsAudit()); + cfg.setIsValid(entity.getIsValid()); + cfg.setAuditorId(entity.getAuditorId()); + cfg.setAuditTime(entity.getAuditTime()); + cfg.setFunctionId(entity.getFunctionId()); + ipCfgDao.auditCfg(cfg); + Map map = cfgConvert(strRegionList,asnList,7,entity,groupRelationList); + groupRelationList=map.get("groupList"); + strRegionList=map.get("dstList"); + } + //修改配置选中的ASN NO 和 asn orga是否被策略引用过 + if(!StringUtil.isEmpty(asnNoStr)){ + asnNoStr=asnNoStr.substring(0, asnNoStr.length()-1); + if(!StringUtil.isEmpty(asnNoStr)){ + //如果asnGroup由is_use=0,修改为is_use=1;查询asn no下所有未下发的asn ip,并进行下发,走POST接口【暂时不考虑】 + AsnIpCfgDao asnIpCfgDao=SpringContextHolder.getBean(AsnIpCfgDao.class); + AsnIpCfg asnIp=new AsnIpCfg(); + asnIp.setIsAudit(0); + asnIp.setIsValid(0); + List asnIpList=asnIpCfgDao.findAllListByAsnGroup(asnIp, null, asnNoStr); + + //下发asn IP和修改asn ip的状态必须在一个事物中 + //重新修改下发时间,下发人员信息 + AsnIpCfg auditAsnIpCfg=new AsnIpCfg(); + auditAsnIpCfg.setIsAudit(1); + auditAsnIpCfg.setAuditTime(new Date()); + auditAsnIpCfg.setAuditorId(UserUtils.getUser().getId()); + auditAsnIpCfg.setIsValid(1); + auditAllAsnRegionCfg(auditAsnIpCfg, null, asnNoStr); + + AsnGroupInfoDao asnGroupInfoDao=SpringContextHolder.getBean(AsnGroupInfoDao.class); + asnGroupInfoDao.updateIsUsed(asnNoStr, 1); + } + }*/ + + } + + /** + * 配置取消时,需要将公共组id发送至服务端 + * @param maatCfg + * @param entity + * @return + */ + public MaatCfg addKeepGroupList(MaatCfg maatCfg,BaseCfg entity){ + if(!StringUtil.isEmpty(entity.getCommonGroupIds())){ + List keepGroupList = new ArrayList(); + String[] orgGroupIds=entity.getCommonGroupIds().split(","); + for (int i = 0; i < orgGroupIds.length; i++) { + if(!StringUtil.isEmpty(orgGroupIds[i])){ + GroupCfg groupCfg=new GroupCfg(); + groupCfg.setGroupId(Integer.parseInt(orgGroupIds[i])); + keepGroupList.add(groupCfg); + } + } + if(!StringUtil.isEmpty(keepGroupList)){ + maatCfg.setKeepGroupList(keepGroupList); + } + } + return maatCfg; + } + + /** + * 公共组新增域 + * @param srcMap + * @param isValid + * @param cfgType + * @return + */ + public static List convertCommonRegion(Map> srcMap,List commonGroupList,Integer isValid,Integer cfgType) { + for (Integer groupId : srcMap.keySet()) { + GroupReuseCfg groupCfg=new GroupReuseCfg(); + List strRegionList=new ArrayList<>(); + List ipRegionList=new ArrayList<>(); + List numRegionList=new ArrayList<>(); + + for (int i = 0; i < srcMap.get(groupId).size(); i++) { + if (cfgType == 1) { + IpCfg cfg = new IpCfg(); + BaseIpCfg baseIpCfg = (BaseIpCfg)srcMap.get(groupId).get(i); + // 区域IP配置,多条IP配置属于同一个分组,其他业务配置IP,一条配置一个分组 + cfg.setGroupId(groupId); + List cfgs = ipConvert(cfg, baseIpCfg); + ipRegionList.addAll(cfgs); + + } + if(cfgType==4){ + // 一条业务配置创建一个分组 + NumBoundaryCfg cfg = new NumBoundaryCfg(); + BeanUtils.copyProperties(srcMap.get(groupId).get(i), cfg); + cfg.setGroupId(groupId); + numRegionList.add(cfg); + } + if(cfgType==2 || cfgType==3){ + // 一条业务配置创建一个分组 + StringCfg cfg = new StringCfg(); + BaseStringCfg strCfg=(BaseStringCfg)srcMap.get(groupId).get(i); + BeanUtils.copyProperties(srcMap.get(groupId).get(i), cfg); + cfg.setGroupId(groupId); + cfg.setCfgType(strCfg.getCfgType()); + cfg.setRegionId(cfg.getRegionId()); + cfg.setAuditTime(strCfg.getAuditTime()); + cfg.setMatchMethod(strCfg.getMatchMethod()); + cfg.setIsValid(isValid); + cfg.setIsHexbin(strCfg.getIsHexbin()); + cfg.setExprType(strCfg.getExprType()); + // 处理配置关键字转译 + cfg.setCfgKeywords(keywordsEscape(cfg.getCfgKeywords())); + // 增强字符串转换 + cfg.setDistrict(keywordsEscape(cfg.getDistrict())); + strRegionList.add(cfg); + } + + } + + groupCfg.setStrRegionList(strRegionList); + groupCfg.setIpRegionList(ipRegionList); + groupCfg.setNumRegionList(numRegionList); + commonGroupList.add(groupCfg); + } + return commonGroupList; + } + } +