gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PROXY+IP Spoofing+IP payload增加配置热修改和配置新增直接生效功能

Browse Source
This commit is contained in:
duandongmei
2019-04-14 17:17:58 +08:00
parent a769757728
commit ecb1fed2d5
13 changed files with 227 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/com/nis/web/controller/configuration/proxy/CachePolicyController.java
View File

@@ -106,10 +106,15 @@ public class CachePolicyController extends BaseController{
}
}
cachePolicyService.saveCachePolicy(cfg);
addMessage(redirectAttributes,"success","save_success");
//配置仅保存
if(StringUtil.isEmpty(cfg.getIsValid()) || cfg.getIsValid()!=1) {
addMessage(redirectAttributes, "success", "save_success");
}else {
//配置直接生效
addMessage(redirectAttributes, "success", "audit_success");
}
}catch(Exception e){
logger.error("信息保存失败",e);
e.printStackTrace();
if(e instanceof MaatConvertException) {
addMessage(redirectAttributes,"error","request_service_failed");
}else {
@@ -201,7 +206,7 @@ public class CachePolicyController extends BaseController{
entity.setAuditTime(new Date());
entity.setFunctionId(functionId);
try {
cachePolicyService.auditCachePolicy(entity,isAudit);
cachePolicyService.auditCachePolicy(entity,isAudit,Constants.INSERT_ACTION);
addMessage(redirectAttributes,"success", "audit_success");
} catch ( Exception e) {
e.printStackTrace();

23
src/main/java/com/nis/web/controller/configuration/proxy/ControlPolicyController.java
View File

@@ -67,16 +67,21 @@ public class ControlPolicyController extends BaseController{
@ModelAttribute("cfg")HttpBodyCfg cfg,
@ModelAttribute("areaCfgIds")String areaCfgIds
,RedirectAttributes redirectAttributes){
try{
try {
controlPolicyService.saveOrUpdate(cfg,areaCfgIds);
addMessage(redirectAttributes,"success","save_success");
}catch(Exception e){
logger.error("信息保存失败",e);
if(e instanceof MaatConvertException) {
addMessage(redirectAttributes,"error", "request_service_failed");
//配置仅保存
if(StringUtil.isEmpty(cfg.getIsValid()) || cfg.getIsValid()!=1) {
addMessage(redirectAttributes, "success", "save_success");
}else {
addMessage(redirectAttributes,"error","save_failed");
//配置直接生效
addMessage(redirectAttributes, "success", "audit_success");
}
} catch (MaatConvertException e) {
logger.error("HTTPS配置下发失败",e);
addMessage(redirectAttributes, "error", "request_service_failed");
} catch (Exception e) {
logger.error("HTTPS配置保存失败",e);
addMessage(redirectAttributes, "error", "save_failed");
}
return "redirect:" + adminPath +"/proxy/control/httpReqReplace/list?functionId="+cfg.getFunctionId();
@@ -98,7 +103,7 @@ public class ControlPolicyController extends BaseController{
Date auditTime=new Date();
for(String id :idArray){
try {
controlPolicyService.audit(isAudit,isValid,functionId,id,auditTime,Constants.REPLACE_REQ_KEY_VALUE);
controlPolicyService.audit(isAudit,isValid,functionId,id,auditTime,Constants.REPLACE_REQ_KEY_VALUE,Constants.INSERT_ACTION);
addMessage(redirectAttributes,"success", "audit_success");
} catch ( Exception e) {
logger.error("配置下发失败",e);
@@ -175,7 +180,7 @@ public class ControlPolicyController extends BaseController{
Date auditTime=new Date();
for(String id :idArray){
try {
controlPolicyService.audit(isAudit,isValid,functionId,id,auditTime,Constants.REPLACE_RES_KEY_VALUE);
controlPolicyService.audit(isAudit,isValid,functionId,id,auditTime,Constants.REPLACE_RES_KEY_VALUE,Constants.INSERT_ACTION);
addMessage(redirectAttributes,"success", "audit_success");
} catch ( Exception e) {
e.printStackTrace();

14
src/main/java/com/nis/web/controller/configuration/proxy/HttpRedirectPolicyController.java
View File

@@ -188,10 +188,16 @@ public class HttpRedirectPolicyController extends BaseController {
@ModelAttribute("cfg") CfgIndexInfo cfg, RedirectAttributes redirectAttributes) {
try {
httpRedirectCfgService.saveHttpCfg(cfg);
addMessage(redirectAttributes, "success", "save_success");
//配置仅保存
if(StringUtil.isEmpty(cfg.getIsValid()) || cfg.getIsValid()!=1) {
addMessage(redirectAttributes, "success", "save_success");
}else {
//配置直接生效
addMessage(redirectAttributes, "success", "audit_success");
}
} catch (Exception e) {
logger.error("信息保存失败", e);
e.printStackTrace();
logger.error("save_failed", e);
if (e instanceof MaatConvertException) {
addMessage(redirectAttributes, "error", "request_service_failed");
} else {
@@ -256,7 +262,7 @@ public class HttpRedirectPolicyController extends BaseController {
entity.setAuditTime(new Date());
entity.setFunctionId(functionId);
try {
httpRedirectCfgService.auditHttpCfg(entity, isAudit);
httpRedirectCfgService.auditHttpCfg(entity, isAudit,Constants.INSERT_ACTION);
addMessage(redirectAttributes, "success", "audit_success");
} catch (Exception e) {
e.printStackTrace();

11
src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
View File

@@ -110,7 +110,14 @@ public class InterceptController extends CommonController {
HttpServletResponse response, String ids, CfgIndexInfo entity) {
try {
interceptCfgService.saveInterceptCfg(entity);
addMessage(redirectAttributes, "success", "save_success");
//配置仅保存
if(StringUtil.isEmpty(entity.getIsValid()) || entity.getIsValid()!=1) {
addMessage(redirectAttributes, "success", "save_success");
}else {
//配置直接生效
addMessage(redirectAttributes, "success", "audit_success");
}
} catch (Exception e) {
logger.error("save_failed", e);
if (e instanceof MaatConvertException) {
@@ -175,7 +182,7 @@ public class InterceptController extends CommonController {
entity.setAuditTime(new Date());
entity.setFunctionId(functionId);
try {
interceptCfgService.auditInterceptIpCfg(entity, isAudit);
interceptCfgService.auditInterceptIpCfg(entity, isAudit,Constants.INSERT_ACTION);
addMessage(redirectAttributes, "success", "audit_success");
} catch (Exception e) {
logger.error("intercept ip audit failed", e);

28
src/main/java/com/nis/web/service/configuration/CachePolicyService.java
View File

@@ -167,6 +167,15 @@ public class CachePolicyService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
public void saveCachePolicy(CfgIndexInfo entity){
//设置区域运营商信息
setAreaEffectiveIds(entity);
int isValid=0;
if(!StringUtil.isEmpty(entity.getIsValid()) && entity.getIsValid()==1) {
isValid=1;
}
entity.setIsValid(0);
entity.setIsAudit(0);
if(entity.getCfgId()==null){
Integer compileId = 0;
try {
@@ -206,6 +215,12 @@ public class CachePolicyService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
throw e;
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditCachePolicy(entity, isValid,Constants.INSERT_ACTION);
}
}else{
//处理复杂用户自定义域
if(!StringUtil.isEmpty(entity.getUserRegion())){
@@ -243,6 +258,12 @@ public class CachePolicyService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
areaIpCfgDao.saveAreaIpCfg(cfg);
}
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditCachePolicy(entity, isValid,Constants.UPDATE_ACTION);
}
}
}
public void updateCachePolicyValid(Integer isValid,String ids,Integer functionId){
@@ -276,9 +297,12 @@ public class CachePolicyService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
}
}
public void auditCachePolicy(CfgIndexInfo entity,Integer isAudit) throws MaatConvertException{
public void auditCachePolicy(CfgIndexInfo entity,Integer isAudit,Integer opAction) throws MaatConvertException{
//修改数据库审核状态信息
entity.setTableName(CfgIndexInfo.getTablename());
entity.setIsAudit(isAudit);
entity.setAuditorId(UserUtils.getUser().getId());
entity.setAuditTime(new Date());
commonPolicyDao.auditCfg(entity);
ToMaatBean maatBean = new ToMaatBean();
@@ -377,7 +401,7 @@ public class CachePolicyService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
maatBean.setOpAction(opAction);
//调用服务接口下发配置数据
String json=gsonToJson(maatBean);
logger.info("代理缓存策略下发配置参数:"+json);

22
src/main/java/com/nis/web/service/configuration/ControlPolicyService.java
View File

@@ -56,6 +56,12 @@ public class ControlPolicyService extends BaseService{
Date createTime=new Date();
//设置区域运营商信息
setAreaEffectiveIds(entity);
int isValid=0;
if(!StringUtil.isEmpty(entity.getIsValid()) && entity.getIsValid()==1) {
isValid=1;
}
//新增
if(entity.getCfgId()==null){
entity.setCreatorId(UserUtils.getUser().getId());
@@ -89,6 +95,12 @@ public class ControlPolicyService extends BaseService{
throw new MaatConvertException("<spring:message code=\"request_service_failed\"/>");
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
audit(entity.getIsAudit(), entity.getIsValid(), entity.getFunctionId(), entity.getId().toString(), new Date(), Constants.REPLACE_REQ_KEY_VALUE, Constants.INSERT_ACTION);
}
//修改
}else{
Date editTime=new Date();
@@ -135,6 +147,12 @@ public class ControlPolicyService extends BaseService{
entity.setEditorId(UserUtils.getUser().getId());
entity.setEditTime(editTime);
controlPolicyDao.update(entity);
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
audit(entity.getIsAudit(), entity.getIsValid(), entity.getFunctionId(), entity.getId().toString(), new Date(), Constants.REPLACE_REQ_KEY_VALUE, Constants.UPDATE_ACTION);
}
}
}
@@ -156,7 +174,7 @@ public class ControlPolicyService extends BaseService{
}
}
@Transactional(readOnly=false,rollbackFor=RuntimeException.class)
public void audit(Integer isAudit,Integer isValid,Integer functionId,String id,Date auditTime,String replaceKeyValue){
public void audit(Integer isAudit,Integer isValid,Integer functionId,String id,Date auditTime,String replaceKeyValue,Integer opAction){
HttpBodyCfg entity = new HttpBodyCfg();
List<HttpBodyCfg> list = new ArrayList();
List<AreaIpCfg> areaIpCfgList = new ArrayList();
@@ -234,7 +252,7 @@ public class ControlPolicyService extends BaseService{
maatBean.setAuditTime(auditTime);
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
maatBean.setOpAction(opAction);
//调用服务接口下发配置数据
String json=gsonToJson(maatBean);
logger.info("配置下发配置参数:"+json);

30
src/main/java/com/nis/web/service/configuration/HttpRedirectCfgService.java
View File

@@ -124,6 +124,15 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
public void saveHttpCfg(CfgIndexInfo entity){
//设置区域运营商信息
setAreaEffectiveIds(entity);
int isValid=0;
if(!StringUtil.isEmpty(entity.getIsValid()) && entity.getIsValid()==1) {
isValid=1;
}
entity.setIsValid(0);
entity.setIsAudit(0);
if(entity.getCfgId()==null){
Integer compileId = 0;
try {
@@ -196,11 +205,12 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
logger.info("获取编译ID出错");
throw new MaatConvertException("<spring:message code=\"request_service_failed\"/>:"+e.getMessage());
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditHttpCfg(entity, isValid,Constants.INSERT_ACTION);
}
}else{
// 审核未通过状态的配置 修改后状态改为未审核
entity.setIsValid(0);
entity.setIsAudit(0);
entity.setEditorId(UserUtils.getUser().getId());
entity.setEditTime(new Date());
websiteCfgDao.updateCfgIndex(entity);
@@ -274,6 +284,11 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
areaIpCfgDao.saveAreaIpCfg(cfg);
}
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditHttpCfg(entity, isValid,Constants.UPDATE_ACTION);
}
}
}
public void updateHttpCfgValid(Integer isValid,String ids,Integer functionId){
@@ -338,9 +353,12 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
}
}
public void auditHttpCfg(CfgIndexInfo entity,Integer isAudit) throws MaatConvertException{
public void auditHttpCfg(CfgIndexInfo entity,Integer isAudit,Integer opAction) throws MaatConvertException{
//修改数据库审核状态信息
entity.setTableName(CfgIndexInfo.getTablename());
entity.setIsAudit(isAudit);
entity.setAuditorId(UserUtils.getUser().getId());
entity.setAuditTime(new Date());
websiteCfgDao.auditCfg(entity);
ToMaatBean maatBean = new ToMaatBean();
@@ -515,7 +533,7 @@ public class HttpRedirectCfgService extends CrudService<WebsiteCfgDao,CfgIndexIn
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
maatBean.setOpAction(opAction);
//调用服务接口下发配置数据
String json=gsonToJson(maatBean);
logger.info("http配置下发配置参数"+json);

24
src/main/java/com/nis/web/service/configuration/InterceptCfgService.java
View File

@@ -104,6 +104,11 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
entity.setInterceptPktBinList(null);
}
int isValid=0;
if(!StringUtil.isEmpty(entity.getIsValid()) && entity.getIsValid()==1) {
isValid=1;
}
entity.setIsValid(0);
entity.setIsAudit(0);
@@ -196,7 +201,11 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
}
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditInterceptIpCfg(entity, isValid,Constants.INSERT_ACTION);
}
}else{
if(entity.getServiceId().equals(518)){//ip仿冒策略
//保存IP仿冒池
@@ -266,6 +275,12 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
areaIpCfgDao.saveAreaIpCfg(cfg);
}
}
if(isValid==1) {
entity.setIsAudit(1);
entity.setIsValid(1);
auditInterceptIpCfg(entity, isValid,Constants.UPDATE_ACTION);
}
}
}
/**
@@ -338,9 +353,12 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
* @param isAudit
* @throws MaatConvertException
*/
public void auditInterceptIpCfg(CfgIndexInfo entity,Integer isAudit) throws MaatConvertException{
public void auditInterceptIpCfg(CfgIndexInfo entity,Integer isAudit,Integer opAction) throws MaatConvertException{
//修改数据库审核状态信息
entity.setTableName(CfgIndexInfo.getTablename());
entity.setIsAudit(isAudit);
entity.setAuditorId(UserUtils.getUser().getId());
entity.setAuditTime(new Date());
websiteCfgDao.auditCfg(entity);
ToMaatBean maatBean = new ToMaatBean();
@@ -552,7 +570,7 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo>
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
maatBean.setOpAction(opAction);
//调用服务接口下发配置数据
String json=gsonToJson(maatBean);
logger.info("intercept IP/DNS 配置下发配置参数:"+json);

22
src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp
View File

@@ -497,6 +497,8 @@
<input type="hidden" name="functionId" value="${_cfg.functionId}">
<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
<input type="hidden" id="regionSize" name="regionSize" value="${fn:length(regionList)}">
<input type="hidden" name="isValid" value="${_cfg.isValid}">
<input type="hidden" name="isAudit" value="${_cfg.isAudit}">
<!-- <input type="hidden" id="doLog" name="doLog" value="2"> -->
<div class="form-body">
@@ -925,9 +927,23 @@
<div class="col-md-6">
<div class="row">
<div class="col-md-offset-3 col-md-8">
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
<c:set var="auditPermission" value="false"></c:set>
<!-- 拥有配置新增直接生效的功能权限 -->
<shiro:hasPermission name="save:audit:permission">
<c:set var="auditPermission" value="true"></c:set>
</shiro:hasPermission>
<c:choose>
<c:when test="${!(fns:getUser().isAdmin()) && auditPermission}">
<button id="audit" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:when>
<c:otherwise>
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:otherwise>
</c:choose>
<button id="cancel" type="button" class="btn default">
<spring:message code="cancel" />
</button>

22
src/main/webapp/WEB-INF/views/cfg/proxy/cache/form.jsp vendored
View File

@@ -338,6 +338,8 @@
<input type="hidden" name="cfgId" id="cfgId" value="${_cfg.cfgId}">
<input type="hidden" name="compileId" value="${_cfg.compileId}">
<input type="hidden" name="functionId" value="${_cfg.functionId}">
<input type="hidden" name="isValid" value="${_cfg.isValid}">
<input type="hidden" name="isAudit" value="${_cfg.isAudit}">
<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
<input type="hidden" id="doLog" name="doLog" value="0">
<div class="form-body">
@@ -796,9 +798,23 @@
<div class="col-md-6">
<div class="row">
<div class="col-md-offset-3 col-md-8">
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
<c:set var="auditPermission" value="false"></c:set>
<!-- 拥有配置新增直接生效的功能权限 -->
<shiro:hasPermission name="save:audit:permission">
<c:set var="auditPermission" value="true"></c:set>
</shiro:hasPermission>
<c:choose>
<c:when test="${!(fns:getUser().isAdmin()) && auditPermission}">
<button id="audit" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:when>
<c:otherwise>
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:otherwise>
</c:choose>
<button id="cancel" type="button" class="btn default">
<spring:message code="cancel" />
</button>

22
src/main/webapp/WEB-INF/views/cfg/proxy/control/httpRedirectForm.jsp
View File

@@ -147,6 +147,8 @@
<input type="hidden" name="cfgId" id="cfgId" value="${_cfg.cfgId}">
<input type="hidden" name="compileId" value="${_cfg.compileId}">
<input type="hidden" name="functionId" value="${_cfg.functionId}">
<input type="hidden" name="isValid" value="${_cfg.isValid}">
<input type="hidden" name="isAudit" value="${_cfg.isAudit}">
<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
<div class="form-body">
@@ -397,9 +399,23 @@
<div class="col-md-6">
<div class="row">
<div class="col-md-offset-3 col-md-8">
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
<c:set var="auditPermission" value="false"></c:set>
<!-- 拥有配置新增直接生效的功能权限 -->
<shiro:hasPermission name="save:audit:permission">
<c:set var="auditPermission" value="true"></c:set>
</shiro:hasPermission>
<c:choose>
<c:when test="${!(fns:getUser().isAdmin()) && auditPermission}">
<button id="audit" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:when>
<c:otherwise>
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:otherwise>
</c:choose>
<button id="cancel" type="button" class="btn default">
<spring:message code="cancel" />
</button>

20
src/main/webapp/WEB-INF/views/cfg/proxy/control/httpReqReplaceForm.jsp
View File

@@ -67,6 +67,8 @@ $(function(){
<input type="hidden" name="cfgId" value="${_cfg.cfgId}">
<input type="hidden" name="compileId" value="${_cfg.compileId}">
<input type="hidden" name="functionId" value="${_cfg.functionId}">
<input type="hidden" name="isValid" value="${_cfg.isValid}">
<input type="hidden" name="isAudit" value="${_cfg.isAudit}">
<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
<!-- 配置域类型 -->
<c:forEach items="${regionList}" var="region">
@@ -132,7 +134,23 @@ $(function(){
<div class="col-md-6">
<div class="row">
<div class="col-md-offset-3 col-md-8">
<button id="save" type="submit" class="btn green"><spring:message code="submit"/></button>
<c:set var="auditPermission" value="false"></c:set>
<!-- 拥有配置新增直接生效的功能权限 -->
<shiro:hasPermission name="save:audit:permission">
<c:set var="auditPermission" value="true"></c:set>
</shiro:hasPermission>
<c:choose>
<c:when test="${!(fns:getUser().isAdmin()) && auditPermission}">
<button id="audit" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:when>
<c:otherwise>
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:otherwise>
</c:choose>
<button id="cancel" type="button" class="btn default"><spring:message code="cancel"/></button>
</div>
</div>

20
src/main/webapp/WEB-INF/views/cfg/proxy/control/httpResReplaceForm.jsp
View File

@@ -67,6 +67,8 @@ $(function(){
<input type="hidden" name="cfgId" value="${_cfg.cfgId}">
<input type="hidden" name="compileId" value="${_cfg.compileId}">
<input type="hidden" name="functionId" value="${_cfg.functionId}">
<input type="hidden" name="isValid" value="${_cfg.isValid}">
<input type="hidden" name="isAudit" value="${_cfg.isAudit}">
<input type="hidden" id="serviceId" name="serviceId" value="${_cfg.serviceId}">
<!-- 配置域类型 -->
<c:forEach items="${regionList}" var="region">
@@ -132,7 +134,23 @@ $(function(){
<div class="col-md-6">
<div class="row">
<div class="col-md-offset-3 col-md-8">
<button id="save" type="submit" class="btn green"><spring:message code="submit"/></button>
<c:set var="auditPermission" value="false"></c:set>
<!-- 拥有配置新增直接生效的功能权限 -->
<shiro:hasPermission name="save:audit:permission">
<c:set var="auditPermission" value="true"></c:set>
</shiro:hasPermission>
<c:choose>
<c:when test="${!(fns:getUser().isAdmin()) && auditPermission}">
<button id="audit" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:when>
<c:otherwise>
<button id="save" type="submit" class="btn green">
<spring:message code="submit" />
</button>
</c:otherwise>
</c:choose>
<button id="cancel" type="button" class="btn default"><spring:message code="cancel"/></button>
</div>
</div>