diff --git a/src/main/resources/sql/deploymentsql/20190508help_document.sql b/src/main/resources/sql/deploymentsql/20190508help_document.sql new file mode 100644 index 000000000..121eec747 --- /dev/null +++ b/src/main/resources/sql/deploymentsql/20190508help_document.sql @@ -0,0 +1,612 @@ +-- ---------------------------- +-- Table structure for help_document +-- ---------------------------- +DROP TABLE IF EXISTS `help_document`; +CREATE TABLE `help_document` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `file_name` varchar(100) DEFAULT '', + `file_comment` text DEFAULT NULL, + `back_file_comment` text DEFAULT NULL, + PRIMARY KEY (`id`), + KEY `INDEX_FILE_NAME` (`file_name`) +) ENGINE=InnoDB AUTO_INCREMENT=45 DEFAULT CHARSET=utf8mb4; + +-- ---------------------------- +-- Records of help_document +-- ---------------------------- +INSERT INTO `help_document` VALUES ('1', 'cache_policy.md', 'Cache Policy + +On National Proxy System, Individual Cache policy rules determine +whether to cache or not based on traffic attributes, such as URL and +Cookies. For cache action, the optimization parameters are: + +*A Cache key* - is a unique string that lets the National Proxy System +look for web content when requests hit them. It’s made up of a hostname, +path, and cookie parts. By default, the Proxy use the entire URL as the +cache key. Selecting the correct cache key will ensure maximum cache +footprint and increase cache hits. + +*Ignore Query String in URL* - in case the query strings doesn’t +actually indicate that the object need to be different then you could +EXCLUDE them from the cache key. For example, after ignoring “sqp” and +“rs” of URL: “https://example.com/pic.jpg?~~sqp=UAAI&rs=AOn4~~”. + +*Include Cookie Values* - in case the server send different content for +the same URL based on the cookie value, you can include that cookie +value as a part of cache key. For example, the server may set a cookie +at the client called "prefLang=ru" to record user preferred language, +you could add "prefLang" to distinguish different web content. + +*Disable Revalidate* - is an ON-OFF switch. The pragma-no-cache header +in a client’s request causes the proxy to re-fetch the entire object +from the original server, even if the cached copy of the object is +fresh. By default this option is switch OFF, which means a client’s +non-conditional request results in a conditional GET request sent to the +original server if the object is already in cache. The conditional +request allows the original server to return the 304 Not Modified +response, if the content in cache is still fresh. Thereby, the +server-side bandwidth and latency consumed are lesser as the full +content is not retrieved again from the original server. + +*Cache Dynamic Content* - is an ON-OFF switch. A URL is considered +dynamic if it ends in “.asp(x)” or contains a question mark (?), a +semicolon (;), or “cgi”. *Ignore Query String* overrides this option +(switch on). + +*Cache Cookied Content* - is an ON-OFF switch. By default, the Proxy +does NOT cache cookied content of any type. If this option is switch on, +the system cache all cookied content except HTML. + +*Ignore Request no-cache Headers* - is an ON-OFF switch. By default, the +proxy strictly observes client Cache-Control: no-cache directives. As +known as: + +i. Authorization + +ii. WWW-Authenticate + +iii. Cache-Control: no-store + +iv. Cache-Control: no-cache + +If a requested object contains a no-cache header, then proxy forwards +the request to the origin server even if it has a fresh copy in cache. +You can configure proxy to ignore client no-cache directives such that +it ignores no-cache headers from client requests and serves the object +from its cache. + +*Ignore Response no-cache Headers* - is an ON-OFF switch. By default, a +response from an origin server with a no-cache header is not stored in +the cache. As known as: + +i. Cache-Control: no-store + +ii. Cache-Control: private + +iii. Set-Cookie + +iv. Cache-Control: no-cache + +v. WWW-Authenticate + +vi. Expires header with a value of 0 (zero) or a past date. + +If you configure proxy to ignore no-cache headers, then proxy also +ignores no-store headers. The default behavior of observing no-cache +directives is appropriate in most cases. + +*Forcing Object Caching* - is an ON-OFF switch. You can force Proxy to +cache specific URLs (including dynamic URLs) for a specified duration, +regardless of Cache-Control response headers. + +*Minimum Use* - sets the number of times an item must be requested by +clients before Proxy caches it. This is useful if the cache is +constantly filling up, as it ensures that only the most frequently +accessed items are added to the cache. By default, Proxy cache object at +its first appearance. The counter resets in every 30 minutes. Note that +the requests is counted independently on each processing unit. + +*Max Cache Object Size* - sets the upper limit of an object size, larger +object will not be cached. By default, Proxy does not cache object +larger than 1 GB. + +*Cache Pinning Time* - configures Proxy to keep certain objects in the +cache for a specified time. You can use this option to ensure that the +most popular objects are in cache when needed and to prevent cache +manager from deleting important objects. Proxy observes Cache-Control +headers and pins an object in the cache only if it is indeed cacheable. + +*Max Cache Size* - sets the upper limit of the size of storage for a +policy. By default, Proxy uses all available disk space. When the cache +size reaches the limit, the cache manager removes the files that were +least recently used to bring the cache size back under the limit. + +*Inactive Time* - specifies how long an item can remain in the cache +without being accessed. A file that has not been requested for this time +is automatically deleted from the cache by the cache manager, regardless +of whether or not it has expired. + +', null); +INSERT INTO `help_document` VALUES ('2', 'control_policy.md', 'Control Policy + +On National Proxy System, Individual Control policy rules determine +whether to allow, block, redirect or replace a session based on traffic +attributes, such as URL, request header fields, request body keywords, +response header fields, response body keywords, IP address, Subscribe ID +and their combination. You could specify these attributes in the submenu +of *Control Policy*. + +The attributes are detailed in following context: + +*URL* - From proxy’s perspective, a HTTP URL consists of a hierarchical +sequence of three components: URL = hostname/path[?query] . The URL path +name can also be specified by the user in the local writing system. If +not already encoded, it is converted to UTF-8, and any characters not +part of the basic URL character set are escaped as hexadecimal using +percent-encoding; for example, search keywords “русский” in Google +produces URL: + +https://www.google.com/search?q=%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9 + +To perform policy action on above URL, you could input the whole URL in +the input box. Or, you could input original keywords and let the Proxy +do the decoding, e.g. “google.com/search” & “русский”. Note that the +scheme string MUST be excluded from the URL, it’s “https://” in this +case. + +NOTE Maximum HTTP/HTTPS URL length is 1023 characters + +*Request Header* - is used to set conditions on request header fields. +Header fields are colon-separated key-value pairs in clear-text string +format, terminated by a carriage return (CR) and line feed (LF) +character sequence. For example, “user-agent: Mozilla/5.0 (Windows NT +10.0; Win64; x64)“ is a header filed in request header. The *Matching +District* is used to configure the field’s key, if the key was +presented, the Proxy will search in the value for *Keywords*. + +*Response Header* - is used to set conditions on response header fields. +Its configuration is similar to *Request Header*. + +*Request Body* - is used to set conditions on request’s body message. +The Proxy searches the pre-configured *Keywords* in it. You can +configure non-ASCII or non-utf8 keywords by turn on HEX. + +*Response Body* - is used to set conditions on response’s body message. +Its configuration is similar to *Request Body*. + +You could select one of the five actions for above attributes, as known +as: + +*Monitor* - the Proxy produce a log to record matched HTTP session +information. + +*Block* - the Proxy terminate matched HTTP session with an error page +and produce a log. You MUST specify a *Response Code* and a *Response +Content* to generate an error page. + +*Redirect*—the Proxy redirect matched HTTP session to a predefined URL. +Since redirection need to be performed before delivering response to +client, condition of response body is not applicable in this action. You +MUST configure the redirect response via *Response Code* and *Response +URL*. The Response URL MUST start with a scheme (http:// or https://). +You SHOULD NOT select **301** as *Response Code* unless you exactly know +what you are doing. This action produces a log. + +*Replace*—the Proxy *Searches in* a given HTTP part to *Find* a given +string, and *Replace* any matches *with* another given string. If no +match was found, the session remained untouched. For performance +concerns, condition of request body and response body is not available +in this action. For example, you can configure the Proxy to search in +the response body of URL “www.example.com/index.html”, find every +“string1” and replace with “string2”. This action produces a log. + +*Whitelist*—the Proxy pass-through the matched sessions and produce no +log. + +National Proxy will enforce policy check on traffic attributes, policies +have been created that there will be some that overlap or are subsets of +the parameters that the policies use to determine which policy should be +matched against the traffic. The execute order of policy is “first +match, first served”. In case of an incoming traffic attribute matches +one more policy, the priority order is *Whitelist \> Block \> +Redirect \> Replace \> Monitor*, action with higher priority overrides +others. If multiple policies of same action are matched, policy with +bigger ID number is precedence. +', null); +INSERT INTO `help_document` VALUES ('3', 'intercept_policy.md', 'Intercept Policy + +An Intercept policy rule allows you to define traffic that you want the +National Proxy to decrypt and to define traffic that you choose to +exclude from decryption because the traffic is personal or because of +local regulations. A connection is intercepted/optimized based on +traffic attributes, such as IP address, domain name (via SNI matching) +and Subscribe ID. You could specify these attributes in *IP Intercept* +and *Domain Intercept*. + +Both *IP intercept* and *Domain Intercept* are subject two actions: + +*Intercept*—the National Proxy System intercepts network traffic for +further control policy and cache policy checking. Interception requires +certificates to establish the National Proxy as a trusted third party. +National Proxy deployed in transparent mode, which means the users don`t +have any proxy settings in their browser. When a connection is set to +intercept, the proxy terminates the connection and initiates a new +connection between client and server. If the connection is SSL +encrypted, the original certificate is replaced with a substitute one. + +*Bypass*—the Proxy passes through the network connection without apply +an optimization or policy checking. You can also use bypass action when +excluding servers from SSL decryption for technical reasons (the site +breaks decryption for reasons such as certificate pinning, unsupported +ciphers, or mutual authentication). Apple Store, WhatsApp, Telegram, +Microsoft Windows Update are common SSL pinning application. In case of +traffic matches one more policy, bypass overrides intercept. + +When *Intercept Related Domains* is enabled, domains that share one +certificates with the specified domain are considered as the same. For +example, if the intercept facebook.com with I*ntercept Related Domain* +option, then \*.xx.fbcdn.net, fb.com, .messenger.com and etc. are also +intercepted. There may be side effects that intercept undesired websites +that share one certificate. For example, two websites hosted in a same +CDN provider (Content Delivery Network) or different products of one +company. + +*Key ring* determines which certificate will be used to generate +substitute certificate. You could configure key ring through *Proxy +Policy Object* page. If no key ring is specified, proxy will use the +default one. + +Intercept policy produces no log. You can find out if the interception +is successful by checking if the certificate is issued by your +pre-configured Root CA. You need a PC which traffic has already directed +to the Proxy, and a web browser to test the policy. For Chrome and +Microsoft Internet Explorer, you could click the lock icon on the +address bar to view certificate. For Firefox, after you clicking the +lock icon, click “\>” button to show connection details, click “more +information”, and then click “view certificate”. If the browser warning +that the connection is not secure, one possible reason is you haven’t +install/trust the root certificate yet. + +**Note:** You should exercise caution because web applications may not +cooperate with SSL interception. Reasons that sites break decryption +technically include pinned certificates, mutual authentication, +incomplete certificate chains, unsupported ciphers, and non-standard SSL +implementation. If a site uses an incomplete certificate chain, the +National Proxy doesn’t automatically fix the chain as a browser would. +You need to manually download the missing sub-CA certificates and load +and deploy them onto the proxy.', null); +INSERT INTO `help_document` VALUES ('4', 'proxy_policy_object.md', 'Proxy Policy Object + +A policy object is a single object or a collective unit that groups +discrete identities such as IP addresses, URLs, applications, or users. +With policy objects that are a collective unit, you can reference the +object in policy instead of manually selecting multiple objects one at a +time. Typically, when creating a policy object, you group objects that +require similar permissions in policy. + +1. Key Ring + +On National Proxy System, Key Ring is a pair of private key and public +certificate. You can also import a certificate chain containing multiple +certificates. Key Ring is a policy object, you can reference it in +*Intercept Policy*. + +There are three *Certificate Type:* + +*End-entity Certificate*— is used for web servers to identify +themselves. The *Public Key File* MUST be .p12 format that contains +entire certificate chain. The Private Key File could be .pem, .key or +.p12 format. This certificate type is not applicable to *Domain +Intercept* for it cannot be used to sign other certificates. *Expire +After* parameter is also not applicable to end-entity certificate for +the same reason. + +*Intermedia Certificate* - is used to sign other certificates. An +intermediate certificate must be signed by another intermediate +certificate, or a root certificate. The *Public Key File* MUST be .p12 +format that contains entire certificate chain. The *Expire After* +parameter indicates the expiration of the substitute certificate that +was issued by this intermedia certificate. + +*Root Certificate* - is used to sign other certificates. The *Public Key +File* could be .der, .cer, .crt or .pem format. The *Expire After* +parameter has the same meaning as Intermedia Certificate. + +*CRL* - or Certificate Revocation List, is a list of digital +certificates that have been revoked by the issuing certificate authority +(CA) before their scheduled expiration date and should no longer be +trusted. On Key Ring settings, CRL is an HTTP URL that point to a valid +.crl file. Invalid URL or .crl file may produce certificate warnings on +some browser, i.e. Internet Explorer 11. + +Specification of certificate formats: + +*.pem* – (Privacy-enhanced Electronic Mail) Base64 encoded DER +certificate, enclosed between "-----BEGIN CERTIFICATE-----" and +"-----END CERTIFICATE-----" + +*.cer, .crt, .der* – usually in binary DER form, but Base64-encoded +certificates are common too (see .pem above) + +*.p12* – PKCS\#12, may contain certificate(s) (public) and private keys +(without password protected) + +1. Trusted Certificate + +National Proxy System has a build-in trusted certificate authorities +list. When the original certificate is issued by a certificate authority +that not in the list, the proxy will issued the substitute certificate +with an untrusted root certificate, and so consequently, the browser +could identify unsecure connections. + +You can add a custom certificate authority to the trusted certificate +authorities of the system. + +The certificate MUST be PEM format. + +Following are the National Proxy System’s default trusted certificate +authorities: + +ACCVRAIZ1 + +Actalis Authentication Root CA + +AddTrust External CA Root + +AffirmTrust Commercial + +AffirmTrust Networking + +AffirmTrust Premium + +AffirmTrust Premium ECC + +Amazon Root CA 1 + +Amazon Root CA 2 + +Amazon Root CA 3 + +Amazon Root CA 4 + +Atos TrustedRoot 2011 + +Autoridad de Certificacion Firmaprofesional CIF A62634068 + +Baltimore CyberTrust Root + +Buypass Class 2 Root CA + +Buypass Class 3 Root CA + +CA Disig Root R2 + +CFCA EV ROOT + +COMODO Certification Authority + +COMODO ECC Certification Authority + +COMODO RSA Certification Authority + +Certigna + +Certinomis - Root CA + +Class 2 Primary CA + +Certplus Root CA G1 + +Certplus Root CA G2 + +Certum Trusted Network CA + +Certum Trusted Network CA 2 + +Chambers of Commerce Root - 2008 + +AAA Certificate Services + +Cybertrust Global Root + +D-TRUST Root Class 3 CA 2 2009 + +D-TRUST Root Class 3 CA 2 EV 2009 + +DST Root CA X3 + +Deutsche Telekom Root CA 2 + +DigiCert Assured ID Root CA + +DigiCert Assured ID Root G2 + +DigiCert Assured ID Root G3 + +DigiCert Global Root CA + +DigiCert Global Root G2 + +DigiCert Global Root G3 + +DigiCert High Assurance EV Root CA + +DigiCert Trusted Root G4 + +E-Tugra Certification Authority + +EC-ACC + +EE Certification Centre Root CA + +Entrust.net Certification Authority (2048) + +Entrust Root Certification Authority + +Entrust Root Certification Authority - EC1 + +Entrust Root Certification Authority - G2 + +GDCA TrustAUTH R5 ROOT + +GeoTrust Global CA + +GeoTrust Primary Certification Authority + +GeoTrust Primary Certification Authority - G2 + +GeoTrust Primary Certification Authority - G3 + +GeoTrust Universal CA + +GeoTrust Universal CA 2 + +GlobalSign + +GlobalSign + +GlobalSign Root CA + +GlobalSign + +GlobalSign + +Global Chambersign Root - 2008 + +Go Daddy Root Certificate Authority - G2 + +Hellenic Academic and Research Institutions ECC RootCA 2015 + +Hellenic Academic and Research Institutions RootCA 2011 + +Hellenic Academic and Research Institutions RootCA 2015 + +Hongkong Post Root CA 1 + +ISRG Root X1 + +IdenTrust Commercial Root CA 1 + +IdenTrust Public Sector Root CA 1 + +Izenpe.com + +LuxTrust Global Root 2 + +Microsec e-Szigno Root CA 2009 + +NetLock Arany (Class Gold) F?tanúsítvány + +Network Solutions Certificate Authority + +OISTE WISeKey Global Root GA CA + +OISTE WISeKey Global Root GB CA + +OpenTrust Root CA G1 + +OpenTrust Root CA G2 + +OpenTrust Root CA G3 + +QuoVadis Root Certification Authority + +QuoVadis Root CA 1 G3 + +QuoVadis Root CA 2 + +QuoVadis Root CA 2 G3 + +QuoVadis Root CA 3 + +QuoVadis Root CA 3 G3 + +SSL.com EV Root Certification Authority ECC + +SSL.com EV Root Certification Authority RSA R2 + +SSL.com Root Certification Authority ECC + +SSL.com Root Certification Authority RSA + +SZAFIR ROOT CA2 + +SecureSign RootCA11 + +SecureTrust CA + +Secure Global CA + +Sonera Class2 CA + +Staat der Nederlanden EV Root CA + +Staat der Nederlanden Root CA - G2 + +Staat der Nederlanden Root CA - G3 + +Starfield Root Certificate Authority - G2 + +Starfield Services Root Certificate Authority - G2 + +SwissSign Gold CA - G2 + +SwissSign Silver CA - G2 + +T-TeleSec GlobalRoot Class 2 + +T-TeleSec GlobalRoot Class 3 + +TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 + +TWCA Global Root CA + +TWCA Root Certification Authority + +TeliaSonera Root CA v1 + +TrustCor ECA-1 + +TrustCor RootCert CA-1 + +TrustCor RootCert CA-2 + +TüRKTRUST Elektronik Sertifika Hizmet Sa?lay?c?s? H5 + +USERTrust ECC Certification Authority + +USERTrust RSA Certification Authority + +VeriSign Class 3 Public Primary Certification Authority - G4 + +VeriSign Class 3 Public Primary Certification Authority - G5 + +VeriSign Universal Root Certification Authority + +VeriSign Class 3 Public Primary Certification Authority - G3 + +Visa eCommerce Root + +XRamp Global Certification Authority + +thawte Primary Root CA + +thawte Primary Root CA - G2 + +thawte Primary Root CA - G3 + +Microsoft Root Authority + +Microsoft Root Certificate Authority + +Microsoft Root Certificate Authority 2010 + +Microsoft Root Certificate Authority 2011 + +Baltimore CyberTrust Root + +', null); + +commit; + + diff --git a/src/main/resources/sql/deploymentsql/20190508other_sql.sql b/src/main/resources/sql/deploymentsql/20190508other_sql.sql new file mode 100644 index 000000000..ab782c4a5 --- /dev/null +++ b/src/main/resources/sql/deploymentsql/20190508other_sql.sql @@ -0,0 +1,191 @@ +CREATE TABLE `inner_protection_list` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `keyword` varchar(500) NOT NULL COMMENT '关键词', + `target_type` varchar(128) DEFAULT '' COMMENT '类型', + `description` varchar(200) DEFAULT '', + `is_valid` int(2) NOT NULL DEFAULT 0 COMMENT '-1删除 1有效', + `create_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `editor_id` int(11) DEFAULT NULL, + `creator_id` int(11) NOT NULL, + `edit_time` datetime DEFAULT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB AUTO_INCREMENT=108 DEFAULT CHARSET=utf8mb4; +INSERT INTO `inner_protection_list` VALUES ('104', '.com', 'domainCheck', 'protection domain', '1', '2019-03-26 13:54:28', '1', '1', '2019-04-02 11:16:36'); +INSERT INTO `inner_protection_list` VALUES ('106', '.com', 'urlCheck', 'protection url', '1', '2019-03-27 11:08:24', '1', '1', '2019-04-02 11:21:52'); +commit; + + +DROP PROCEDURE IF EXISTS `proc_statistics_config`; +delimiter ;; +CREATE DEFINER=`root`@`%` PROCEDURE `proc_statistics_config`() +BEGIN + + DECLARE ntime VARCHAR(40);/*当前时间*/ + + DECLARE otime VARCHAR(40);/*上次统计时间*/ + + DECLARE nRow VARCHAR(40);/*本次统计条数*/ + + DECLARE tabName VARCHAR(500); + + DECLARE description VARCHAR(500); + + DECLARE deleteSql VARCHAR(500); + + DECLARE done INT;/*游标标识*/ + + DECLARE flag INT;/*循环标识*/ + + DECLARE t_error INT;/*错误标识*/ + + DECLARE proc_log_table VARCHAR(100);/*存储过程日志表*/ + + DECLARE proc_name VARCHAR(100);/*存储过程名称*/ + + DECLARE icursor CURSOR FOR SELECT tab_name FROM statistics_tables where is_valid=1; + + DECLARE CONTINUE HANDLER FOR NOT found SET done=1; + + DECLARE CONTINUE HANDLER FOR SQLEXCEPTION set t_error=1; + + select max(statistic_time) into otime from cfg_num_statistics; + + SET done=0; + + SET t_error=0; + + SET proc_log_table='proc_exec_log'; + + SET proc_name='proc_statistics_config'; + + SET ntime=DATE_FORMAT(SYSDATE(),'%Y-%m-%d %H:%i:%S'); + + OPEN icursor; + + loop_iloop:LOOP + + FETCH icursor INTO tabName; + + SET description=tabName; + + set @descriptionStart=concat(description,'表统计start'); + + /*统计当前配置表数据到统计表中start*/ + + set @v_log_sql1 := concat('insert into ',proc_log_table,'(proc_name,table_name,log_time,description) values(?,?,?,?)'); + + PREPARE execs FROM @v_log_sql1; + + EXECUTE execs using proc_name,proc_log_table,ntime,@descriptionStart; + + DEALLOCATE PREPARE execs; + + COMMIT; + + + #20190328 增加定时任务后is_audit=1 && (is_valid=1 || is_valid=0) 即为approved (增加cfg_state=4[is_valid=0 && is_audit=1],代表定时任务审核过的),而cfg_state=1仅仅代表审核通过且有效的,界面展示的approved值实际包含cfg_state=4和cfg_state=1 + set @insert_statistics_sql := concat('insert into cfg_num_statistics(statistic_time,audit_time,function_id,service_id,action,compile_id,cfg_state) select ','''',ntime,'''',',','audit_time,function_id,service_id,action,compile_id,if(is_valid=-1,-1,if(is_valid=1,1,if(is_audit=0,0,if(is_audit=1,4,if(is_audit=2,2,if(is_audit=3,3,0)))))) cfg_state from ',tabName); + + + PREPARE execs FROM @insert_statistics_sql; + + EXECUTE execs; + + DEALLOCATE PREPARE execs; + + COMMIT; + + + + set @descriptionEnd=concat(description,'表统计end'); + + set @v_log_sql2 := concat('insert into ',proc_log_table,'(proc_name,table_name,log_time,description) values(?,?,?,?)'); + + PREPARE execs FROM @v_log_sql2; + + EXECUTE execs using proc_name,proc_log_table,ntime,@descriptionEnd; + + DEALLOCATE PREPARE execs; + + COMMIT; + + /*异常退出loop*/ + IF t_error=1 THEN + LEAVE loop_iloop; + END IF; + + /*循环结束退出loop*/ + IF done=1 THEN + + LEAVE loop_iloop; + + ELSE + + SET flag=0; + + END IF; + + IF flag=0 THEN + + SET done=0; + + END IF; + + END LOOP loop_iloop; + + CLOSE icursor; + /*取出本次统计条数*/ + SELECT count(statistic_time) INTO nRow from cfg_num_statistics where statistic_time=ntime; + + + IF t_error=1 THEN /*如果异常清楚本次数据*/ + delete from cfg_num_statistics where statistic_time=ntime; + COMMIT; + ELSEIF nRow > 0 THEN /*判断本次统计是否有数据录入,如果有则删除上次统计数据,如果没有则不清除上次统计数据*/ + + delete from cfg_num_statistics where statistic_time=otime; + COMMIT; + END IF; + COMMIT; +END +;; +delimiter ; + +#执行存储过程 +call exec_procs(); + +-- ------------ +-- 定时任务新增一个type属性,旧数据修改,修改全量同步状态为3(已完成) +-- ------------ +ALTER TABLE schedule_cfg ADD type int(1) DEFAULT 1 COMMENT '1:定时任务;2:全量同步时未执行的任务'; +update schedule_cfg set type=1; +update sys_data_dictionary_item t set t.item_value=3 where t.dictionary_id=142; + +-- ------------ +-- 系统管理->管理员用户预警 +-- ------------ +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('2', '0,1,2,', 'admin_user_warn', 'admin user warn', '5060', '/sys/warn/userWarnList', '', '', '1', 'sys:warnList:view', '1', '2019-03-28 10:06:26', '1', '2019-03-28 11:36:42', '', '1', NULL, '0', '0', NULL); + +CREATE TABLE `sys_user_warn` ( + `service_id` int(11) NOT NULL COMMENT '业务ID', + `service_desc` varchar(255) DEFAULT '' COMMENT '业务描述', + `interface_cfg_total` int(11) DEFAULT NULL COMMENT '界面配置数量', + `system_cfg_total` int(11) DEFAULT NULL COMMENT '服务配置数量', + `time` datetime DEFAULT NULL COMMENT '数据插入时间', + `remark` varchar(255) DEFAULT NULL COMMENT '备注', + PRIMARY KEY (`service_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='管理员用户预警表'; +-- 配置保护名单管理 +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('109', '0,1,109,', 'protection_list_manage', 'protection list manage', '5060', '/basics/innerProtectionList/list', '', 'fa fa-sticky-note-o', '1', 'basic:inner_protection_list:list', '1', '2019-03-25 15:28:34', '1', '2019-03-26 15:04:47', '', '1', NULL, '0', '0', NULL); + +-- ------------ +-- 审核并下发功能,只有将此菜单分配给保存并下发用户的角色,此角色下的用户新增的配置可直接下发(此版本注意角色分配) +-- 新增审核并下发菜单 +-- ------------ +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (86, '0,1,86,', 'save_and_audit', 'save and audit', 5060, '', '', '', 0, 'save:audit:permission', '1', '2019-04-08 11:30:31', '1', '2019-04-08 11:47:16', 'save_and_audit', 1, NULL, 0, 0, NULL); +-- 新增审核并下发角色 +INSERT INTO `sys_role`(`NAME`, `DATA_SCOPE`, `REMARK`, `STATUS`, `CREATE_TIME`, `ROLE_TYPE`) VALUES ('saveAndAudit', 1, '', 1, '2019-04-09 11:33:40', 'user'); +-- 首先为saveAndAudit角色分配save_and_audit菜单。 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='saveAndAudit' and m.code='save_and_audit' + + diff --git a/src/main/resources/sql/deploymentsql/20190520extends_ip_port_pattern.sql b/src/main/resources/sql/deploymentsql/20190520extends_ip_port_pattern.sql new file mode 100644 index 000000000..d95a0a3be --- /dev/null +++ b/src/main/resources/sql/deploymentsql/20190520extends_ip_port_pattern.sql @@ -0,0 +1,104 @@ +#function_region_dict 瀵瑰簲ip_pattern锛宲ort_pattern鐨勫瓧娈甸暱搴︽嫇灞曚竴鍊嶏紝浣跨敤鍒嗗彿鍒嗛殧婧/鐩殑 +ALTER TABLE function_region_dict MODIFY config_ip_pattern VARCHAR(20) COMMENT "ip鐨勬牸寮 1:ip鎺╃爜;2:IP鑼冨洿;3:IP;浣跨敤閫楀彿鍒嗛殧,婧恑p涓庣洰鐨処P浣跨敤;鍒嗛殧"; +ALTER TABLE function_region_dict MODIFY config_port_pattern VARCHAR(20) COMMENT "绔彛鐨勬牸寮忥紝1:port;2:port_mask;浣跨敤閫楀彿鍒嗛殧,婧愮鍙d笌鐩殑绔彛浣跨敤;鍒嗛殧"; +#鍚勮〃淇敼ip_pattern锛宲ort_pattern +#app_ip_cfg +ALTER TABLE app_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE app_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE app_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE app_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#app_ip_range_cfg +ALTER TABLE app_ip_range_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE app_ip_range_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE app_ip_range_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE app_ip_range_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#area_ip_cfg +ALTER TABLE area_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE area_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE area_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE area_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#asn_ip_cfg +ALTER TABLE asn_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE asn_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE asn_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE asn_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#av_cont_ip_cfg +ALTER TABLE av_cont_ip_cfg change ip_pattern src_ip_pattern int COMMENT '婧恑p鏍煎紡'; +ALTER TABLE av_cont_ip_cfg add dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE av_cont_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE av_cont_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#av_pic_ip_cfg +ALTER TABLE av_pic_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE av_pic_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE av_pic_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE av_pic_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#av_voip_ip_cfg +ALTER TABLE av_voip_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE av_voip_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE av_voip_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE av_voip_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#ddos_ip_cfg +ALTER TABLE ddos_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE ddos_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE ddos_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE ddos_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#dns_ip_cfg +ALTER TABLE dns_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE dns_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE dns_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE dns_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#ip_port_cfg +ALTER TABLE ip_port_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE ip_port_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE ip_port_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE ip_port_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#ip_reuse_ip_cfg +ALTER TABLE ip_reuse_ip_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE ip_reuse_ip_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +ALTER TABLE ip_reuse_ip_cfg CHANGE port_pattern src_port_pattern INT COMMENT '婧愮鍙f牸寮'; +ALTER TABLE ip_reuse_ip_cfg ADD dest_port_pattern INT COMMENT '鐩殑绔彛鏍煎紡'; +#ip_reuse_policy_cfg +ALTER TABLE ip_reuse_policy_cfg CHANGE ip_pattern src_ip_pattern INT COMMENT '婧恑p鏍煎紡'; +ALTER TABLE ip_reuse_policy_cfg ADD dest_ip_pattern INT COMMENT '鐩殑ip鏍煎紡'; +#淇敼瀛楀吀鐨勫 +UPDATE function_region_dict SET config_ip_pattern ="1,2,3;1,2,3" WHERE config_ip_pattern="1,2,3"; +UPDATE function_region_dict SET config_ip_pattern ="1;1" WHERE config_ip_pattern="1"; +UPDATE function_region_dict SET config_ip_pattern ="3;3" WHERE config_ip_pattern="3"; +UPDATE function_region_dict SET config_ip_pattern ="1,3;1,3" WHERE config_ip_pattern="1,3"; + +UPDATE function_region_dict SET config_port_pattern ="1;1" WHERE config_port_pattern="1"; +UPDATE function_region_dict SET config_port_pattern ="1,2;1,2" WHERE config_port_pattern="1,2"; +#Spoofing IP淇敼鍙樉绀虹洰鐨処P +UPDATE function_region_dict SET config_ip_port_show=3 WHERE function_id=401; +#ASN IP淇敼鍙樉绀虹洰鐨処P +UPDATE function_region_dict SET config_ip_port_show=3 WHERE function_id=600; +#sql 鏇存柊瀛楁璇彞 +UPDATE app_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM app_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE app_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM app_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE app_ip_range_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM app_ip_range_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE app_ip_range_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM app_ip_range_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE area_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM area_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE area_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM area_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE asn_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM asn_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE asn_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM asn_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE av_cont_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM av_cont_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE av_cont_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM av_cont_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE av_pic_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM av_pic_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE av_pic_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM av_pic_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE av_voip_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM av_voip_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE av_voip_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM av_voip_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE ddos_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM ddos_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE ddos_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM ddos_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE dns_ip_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM dns_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE dns_ip_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM dns_ip_cfg a) b WHERE b.cfg_id=c.`cfg_id`); + +UPDATE ip_port_cfg c SET c.dest_ip_pattern =(SELECT b.src_ip_pattern FROM ( SELECT a.src_ip_pattern,a.`cfg_id` FROM ip_port_cfg a) b WHERE b.cfg_id=c.`cfg_id`); +UPDATE ip_port_cfg c SET c.dest_port_pattern =(SELECT b.src_port_pattern FROM ( SELECT a.src_port_pattern,a.`cfg_id` FROM ip_port_cfg a) b WHERE b.cfg_id=c.`cfg_id`); \ No newline at end of file diff --git a/src/main/resources/sql/deploymentsql/2_statistics.sql b/src/main/resources/sql/deploymentsql/2_statistics.sql new file mode 100644 index 000000000..3e8567387 --- /dev/null +++ b/src/main/resources/sql/deploymentsql/2_statistics.sql @@ -0,0 +1,4 @@ +#实时报表-流量统计下新增的统计菜单 +INSERT INTO `sys_menu` ( `parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ( '875', '0,1,780,875,', 'statistics', 'Statistics', '39', '/dashboard/traffic/commonNewList', '', '', '1', '', '1', '2019-05-06 14:07:08', '1', '2019-05-27 15:24:41', '', '1', NULL, '0', '0', NULL); +#为用admin角色分配菜单 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.href='/dashboard/traffic/commonNewList'; diff --git a/src/main/resources/sql/deploymentsql/3_proxy_new_function.sql b/src/main/resources/sql/deploymentsql/3_proxy_new_function.sql new file mode 100644 index 000000000..348613b3d --- /dev/null +++ b/src/main/resources/sql/deploymentsql/3_proxy_new_function.sql @@ -0,0 +1,347 @@ +锘縰pdate function_service_dict set action=2,action_code='forward' where service_id=512 and is_valid=1; +#fail method瀛楀吀 +INSERT INTO `sys_data_dictionary_name`(`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('fail_method', 'FAIL_METHOD', '鐢ㄤ簬浠g悊鎷︽埅绛栫暐', NULL, '2019-05-09 11:01:16', '2019-05-09 11:01:21', 1); +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4096, 'pass-through', 'Pass-Through', '榛樿', 1, 1, 1, 154); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'pass-through', 'Pass-Through', '榛樿', 1, 1, 1, id from sys_data_dictionary_name where mark='FAIL_METHOD'; +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4097, 'fail-close', 'Fail-Close', NULL, 2, 1, 1, 154); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'fail-close', 'Fail-Close', NULL, 2, 1, 1, id from sys_data_dictionary_name where mark='FAIL_METHOD'; +#SSL version瀛楀吀 +INSERT INTO `sys_data_dictionary_name`(`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('SSL_VERSION', 'SSL_VERSION', '鐢ㄤ簬浠g悊鎷︽埅绛栫暐锛孲SL鐗堟湰', NULL, '2019-05-09 11:50:43', '2019-05-09 11:50:46', 1); +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4099, 'ssl3', 'SSLv3', 'min default', 1, 1, 1, 155); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'ssl3', 'SSLv3', 'min default', 1, 1, 1, id from sys_data_dictionary_name where mark='SSL_VERSION'; +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4100, 'tls10', 'TLSv1.0', NULL, 2, 1, 1, 155); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'tls10', 'TLSv1.0', NULL, 2, 1, 1, id from sys_data_dictionary_name where mark='SSL_VERSION'; +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4101, 'tls11', 'TLSv1.1', NULL, 3, 1, 1, 155); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'tls11', 'TLSv1.1', NULL, 3, 1, 1, id from sys_data_dictionary_name where mark='SSL_VERSION'; +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4102, 'tls12', 'TLSv1.2', NULL, 4, 1, 1, 155); +INSERT INTO `sys_data_dictionary_item` (`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select'tls12', 'TLSv1.2', NULL, 4, 1, 1, id from sys_data_dictionary_name where mark='SSL_VERSION'; +#INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4103, 'tls13', 'TLSv1.3', 'max default', 5, 1, 1, 155); +INSERT INTO `sys_data_dictionary_item`(`item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) select 'tls13', 'TLSv1.3', 'max default', 5, 1, 1, id from sys_data_dictionary_name where mark='SSL_VERSION'; + + +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1121, '0,1,86,717,1121,', 'hijack_file_strategy', '鍔寔鏂囦欢', 4, '/proxy/fileHijack/list', '', '', 1, 'proxy:fileHijack:config', '1', '2019-05-09 11:16:20', '1', '2019-05-09 11:16:20', '', 1, NULL, 0, 0, 513); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1122, '0,1,150,750,1122,', 'hijack_file_strategy', '鍔寔鏂囦欢', 422, '/proxy/fileHijack/list', '', '', 1, 'proxy:fileHijack:confirm', '1', '2019-05-09 14:58:10', '1', '2019-05-09 14:58:10', '', 1, NULL, 0, 0, 513); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1123, '0,1,151,865,1123,', 'hijack_file_strategy', '鍔寔鏂囦欢', 35, '/proxy/fileHijack/list', '', '', 1, 'proxy:fileHijack:audit', '1', '2019-05-09 14:59:54', '1', '2019-05-09 14:59:54', '', 1, NULL, 0, 0, 513); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1121, '0,1,86,717,1121,', 'file_insert_script', '娉ㄥ叆鑴氭湰鏂囦欢', 4, '/proxy/fileInsertScript/list', '', '', 1, 'proxy:fileInsertScript:config', '1', '2019-05-09 16:03:58', '1', '2019-05-09 16:03:58', '', 1, NULL, 0, 0, 514); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1122, '0,1,150,750,1122,', 'file_insert_script', '娉ㄥ叆鑴氭湰鏂囦欢', 424, '/proxy/fileInsertScript/list', '', '', 1, 'proxy:fileInsertScript:confirm', '1', '2019-05-09 16:06:17', '1', '2019-05-09 16:06:17', '', 1, NULL, 0, 0, 514); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1123, '0,1,151,865,1123,', 'file_insert_script', '娉ㄥ叆鑴氭湰鏂囦欢', 37, '/proxy/fileInsertScript/list', '', '', 1, 'proxy:fileInsertScript:audit', '1', '2019-05-09 16:07:13', '1', '2019-05-09 16:07:13', '', 1, NULL, 0, 0, 514); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1121, '0,1,86,717,1121,', 'traffic_mirror_address', '娴侀噺杞彂鐩殑鍦板潃', 8, '/proxy/fileTrafficMirror/list', '', '', 1, 'proxy:fileTrafficMirror:config', '1', '2019-05-09 16:03:58', '1', '2019-05-09 16:03:58', '', 1, NULL, 0, 0, 515); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1122, '0,1,150,750,1122,', 'traffic_mirror_address', '娴侀噺杞彂鐩殑鍦板潃', 426, '/proxy/fileTrafficMirror/list', '', '', 1, 'proxy:fileTrafficMirror:confirm', '1', '2019-05-09 16:06:17', '1', '2019-05-09 16:06:17', '', 1, NULL, 0, 0, 515); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1123, '0,1,151,865,1123,', 'traffic_mirror_address', '娴侀噺杞彂鐩殑鍦板潃', 39, '/proxy/fileTrafficMirror/list', '', '', 1, 'proxy:fileTrafficMirror:audit', '1', '2019-05-09 16:07:13', '1', '2019-05-09 16:07:13', '', 1, NULL, 0, 0, 515); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1121, '0,1,86,717,1121,', 'visit_response_page', '璁块棶闃绘柇椤甸潰', 10, '/proxy/fileResponsePage/list', '', '', 1, 'proxy:fileResponsePage:config', '1', '2019-05-09 11:16:20', '1', '2019-05-09 11:16:20', '', 1, NULL, 0, 0, 516); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1122, '0,1,150,750,1122,', 'visit_response_page', '璁块棶闃绘柇椤甸潰', 428, '/proxy/fileResponsePage/list', '', '', 1, 'proxy:fileResponsePage:confirm', '1', '2019-05-09 14:58:10', '1', '2019-05-09 14:58:10', '', 1, NULL, 0, 0, 516); +INSERT INTO sys_menu (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES (1123, '0,1,151,865,1123,', 'visit_response_page', '璁块棶闃绘柇椤甸潰', 41, '/proxy/fileResponsePage/list', '', '', 1, 'proxy:fileResponsePage:audit', '1', '2019-05-09 14:59:54', '1', '2019-05-09 14:59:54', '', 1, NULL, 0, 0, 516); + +INSERT INTO function_service_dict (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (513, 0, 1, 'monit', 643, 'hijack_file_strategy', '', 1, NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', 0, 1, ''); +INSERT INTO function_service_dict (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (514, 0, 1, 'monit', 644, 'file_insert_script', '', 1, NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', 0, 1, ''); +INSERT INTO function_service_dict (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (515, 0, 1, 'monit', 645, 'file_traffic_mirror', NULL, 1, NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', NULL, 0, 1, NULL); +INSERT INTO function_service_dict (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (512, 0, 1, 'monit', 608, 'file_strategy', NULL, 0, NULL, '2019-05-17 11:46:48', NULL, '2019-05-17 11:46:51', NULL, 0, 1, NULL); +INSERT INTO function_service_dict (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (516, 0, 1, 'monit', 646, 'visit_response_page', NULL, 1, NULL, '2019-05-17 11:46:48', NULL, '2019-05-17 11:46:51', NULL, 0, 1, NULL); + +#娉ㄥ叆鑴氭湰鏂囦欢 +SET NAMES utf8mb4; +SET FOREIGN_KEY_CHECKS = 0; +CREATE TABLE `pxy_profile_insert_scripts` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '涓婚敭锛岃嚜澧', + `cfg_desc` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT 'profile_name', + `cfg_type` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + `action` int(11) NULL DEFAULT NULL, + `is_valid` int(11) NOT NULL COMMENT '0鏃犳晥锛1鏈夋晥锛-1鍒犻櫎;1锛 鏈鏍告椂閰嶇疆鍙垹闄;2锛 瀹℃牳閫氳繃锛屾瀛楁缃1;3锛 鍙栨秷瀹℃牳閫氳繃锛屾瀛楁缃0', + `is_audit` int(11) NOT NULL COMMENT '0鏈鏍革紝1瀹℃牳閫氳繃锛2瀹℃牳鏈氳繃锛3鍙栨秷瀹℃牳閫氳繃;1锛 瀹℃牳鏈氳繃锛岄厤缃彲淇敼;2锛 瀹℃牳閫氳繃锛岄厤缃笉鍙垹闄わ紝鍙兘鍙栨秷瀹℃牳閫氳繃', + `creator_id` int(11) NOT NULL COMMENT '鍙栬嚜sys_user.id', + `create_time` datetime(0) NULL DEFAULT NULL, + `editor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `edit_time` datetime(0) NULL DEFAULT NULL, + `auditor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `audit_time` datetime(0) NULL DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '鍙傝冪郴缁熶笟鍔$被鍨嬬鐞嗚〃', + `request_id` int(11) NOT NULL COMMENT '鍙栬嚜request_info.id', + `compile_id` int(11) NULL DEFAULT NULL COMMENT 'profile_id銆佸彇鑷湇鍔℃帴鍙h繑鍥炵殑maat閰嶇疆鐨勭紪璇慽d锛岄厤缃垵濮嬪叆搴撴椂鑾峰彇銆', + `is_area_effective` int(11) NOT NULL COMMENT '0鍚︼紝1鏄', + `classify` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鍒嗙被id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `attribute` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鎬ц川id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `lable` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鏍囩id,澶氫釜鐢ㄨ嫳鏂囬楀彿鍒嗛殧', + `area_effective_ids` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '澶氫釜鑻辨枃閫楀彿鍒嗛殧', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) NULL DEFAULT NULL, + `format` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍐呭绫诲瀷锛屸渧ideo/mp4鈥 锛坋xe銆乤pk锛', + `path` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍌ㄥ瓨璺緞', + `cancel_request_id` int(11) NULL DEFAULT NULL COMMENT '鍙栨秷瀹℃牳鏉ュ嚱', + PRIMARY KEY (`cfg_id`) USING BTREE +) ENGINE = InnoDB AUTO_INCREMENT = 46 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic; + +SET FOREIGN_KEY_CHECKS = 1; + +#鍐呭鍔寔鏂囦欢 +SET NAMES utf8mb4; +SET FOREIGN_KEY_CHECKS = 0; +CREATE TABLE `pxy_profile_hijack_files` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '涓婚敭锛岃嚜澧', + `cfg_desc` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT 'profile_name', + `cfg_type` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + `action` int(11) NULL DEFAULT NULL, + `is_valid` int(11) NOT NULL COMMENT '0鏃犳晥锛1鏈夋晥锛-1鍒犻櫎;1锛 鏈鏍告椂閰嶇疆鍙垹闄;2锛 瀹℃牳閫氳繃锛屾瀛楁缃1;3锛 鍙栨秷瀹℃牳閫氳繃锛屾瀛楁缃0', + `is_audit` int(11) NOT NULL COMMENT '0鏈鏍革紝1瀹℃牳閫氳繃锛2瀹℃牳鏈氳繃锛3鍙栨秷瀹℃牳閫氳繃;1锛 瀹℃牳鏈氳繃锛岄厤缃彲淇敼;2锛 瀹℃牳閫氳繃锛岄厤缃笉鍙垹闄わ紝鍙兘鍙栨秷瀹℃牳閫氳繃', + `creator_id` int(11) NOT NULL COMMENT '鍙栬嚜sys_user.id', + `create_time` datetime(0) NULL DEFAULT NULL, + `editor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `edit_time` datetime(0) NULL DEFAULT NULL, + `auditor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `audit_time` datetime(0) NULL DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '鍙傝冪郴缁熶笟鍔$被鍨嬬鐞嗚〃', + `request_id` int(11) NOT NULL COMMENT '鍙栬嚜request_info.id', + `compile_id` int(11) NULL DEFAULT NULL COMMENT 'profile_id銆佸彇鑷湇鍔℃帴鍙h繑鍥炵殑maat閰嶇疆鐨勭紪璇慽d锛岄厤缃垵濮嬪叆搴撴椂鑾峰彇銆', + `is_area_effective` int(11) NOT NULL COMMENT '0鍚︼紝1鏄', + `classify` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鍒嗙被id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `attribute` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鎬ц川id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `lable` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鏍囩id,澶氫釜鐢ㄨ嫳鏂囬楀彿鍒嗛殧', + `area_effective_ids` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '澶氫釜鑻辨枃閫楀彿鍒嗛殧', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) NULL DEFAULT NULL, + `content_type` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍐呭绫诲瀷锛屸渧ideo/mp4鈥 锛坋xe銆乤pk锛', + `path` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍌ㄥ瓨璺緞', + `cancel_request_id` int(11) NULL DEFAULT NULL COMMENT '鍙栨秷瀹℃牳鏉ュ嚱', + `content_name` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + PRIMARY KEY (`cfg_id`) USING BTREE +) ENGINE = InnoDB AUTO_INCREMENT = 58 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic; + +SET FOREIGN_KEY_CHECKS = 1; + +#娴侀噺杞彂鐩殑鍦板潃 +SET NAMES utf8mb4; +SET FOREIGN_KEY_CHECKS = 0; +CREATE TABLE `pxy_profile_traffic_mirror` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '涓婚敭锛岃嚜澧', + `cfg_desc` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT 'profile_name', + `cfg_type` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + `action` int(11) NULL DEFAULT NULL, + `is_valid` int(11) NOT NULL COMMENT '0鏃犳晥锛1鏈夋晥锛-1鍒犻櫎;1锛 鏈鏍告椂閰嶇疆鍙垹闄;2锛 瀹℃牳閫氳繃锛屾瀛楁缃1;3锛 鍙栨秷瀹℃牳閫氳繃锛屾瀛楁缃0', + `is_audit` int(11) NOT NULL COMMENT '0鏈鏍革紝1瀹℃牳閫氳繃锛2瀹℃牳鏈氳繃锛3鍙栨秷瀹℃牳閫氳繃;1锛 瀹℃牳鏈氳繃锛岄厤缃彲淇敼;2锛 瀹℃牳閫氳繃锛岄厤缃笉鍙垹闄わ紝鍙兘鍙栨秷瀹℃牳閫氳繃', + `creator_id` int(11) NOT NULL COMMENT '鍙栬嚜sys_user.id', + `create_time` datetime(0) NULL DEFAULT NULL, + `editor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `edit_time` datetime(0) NULL DEFAULT NULL, + `auditor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `audit_time` datetime(0) NULL DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '鍙傝冪郴缁熶笟鍔$被鍨嬬鐞嗚〃', + `request_id` int(11) NOT NULL COMMENT '鍙栬嚜request_info.id', + `compile_id` int(11) NULL DEFAULT NULL COMMENT 'profile_id銆佸彇鑷湇鍔℃帴鍙h繑鍥炵殑maat閰嶇疆鐨勭紪璇慽d锛岄厤缃垵濮嬪叆搴撴椂鑾峰彇銆', + `is_area_effective` int(11) NOT NULL COMMENT '0鍚︼紝1鏄', + `classify` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鍒嗙被id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `attribute` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鎬ц川id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `lable` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鏍囩id,澶氫釜鐢ㄨ嫳鏂囬楀彿鍒嗛殧', + `area_effective_ids` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '澶氫釜鑻辨枃閫楀彿鍒嗛殧', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) NULL DEFAULT NULL, + `addr_list` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍦板潃鍒楄〃锛孞SON鏍煎紡锛寁lan鍜宮ac浜掓枼', + `addr_type` varchar(4) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT 'vlan锛宮ac', + `cancel_request_id` int(11) NULL DEFAULT NULL COMMENT '鍙栨秷瀹℃牳鏉ュ嚱', + PRIMARY KEY (`cfg_id`) USING BTREE +) ENGINE = InnoDB AUTO_INCREMENT = 54 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic; + +SET FOREIGN_KEY_CHECKS = 1; + + +#璁块棶闃绘柇鐣岄潰 +SET NAMES utf8mb4; +SET FOREIGN_KEY_CHECKS = 0; + +-- ---------------------------- +-- Table structure for pxy_profile_response_pages +-- ---------------------------- +DROP TABLE IF EXISTS `pxy_profile_response_pages`; +CREATE TABLE `pxy_profile_response_pages` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '涓婚敭锛岃嚜澧', + `cfg_desc` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + `cfg_type` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL, + `action` int(11) NULL DEFAULT NULL, + `is_valid` int(11) NOT NULL COMMENT '0鏃犳晥锛1鏈夋晥锛-1鍒犻櫎;1锛 鏈鏍告椂閰嶇疆鍙垹闄;2锛 瀹℃牳閫氳繃锛屾瀛楁缃1;3锛 鍙栨秷瀹℃牳閫氳繃锛屾瀛楁缃0', + `is_audit` int(11) NOT NULL COMMENT '0鏈鏍革紝1瀹℃牳閫氳繃锛2瀹℃牳鏈氳繃锛3鍙栨秷瀹℃牳閫氳繃;1锛 瀹℃牳鏈氳繃锛岄厤缃彲淇敼;2锛 瀹℃牳閫氳繃锛岄厤缃笉鍙垹闄わ紝鍙兘鍙栨秷瀹℃牳閫氳繃', + `creator_id` int(11) NOT NULL COMMENT '鍙栬嚜sys_user.id', + `create_time` datetime(0) NULL DEFAULT NULL, + `editor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `edit_time` datetime(0) NULL DEFAULT NULL, + `auditor_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜sys_user.id', + `audit_time` datetime(0) NULL DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '鍙傝冪郴缁熶笟鍔$被鍨嬬鐞嗚〃', + `request_id` int(11) NOT NULL COMMENT '鍙栬嚜request_info.id', + `compile_id` int(11) NULL DEFAULT NULL COMMENT '鍙栬嚜鏈嶅姟鎺ュ彛杩斿洖鐨刴aat閰嶇疆鐨勭紪璇慽d锛岄厤缃垵濮嬪叆搴撴椂鑾峰彇銆', + `is_area_effective` int(11) NOT NULL COMMENT '0鍚︼紝1鏄', + `classify` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鍒嗙被id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `attribute` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鎬ц川id锛屽涓敤鑻辨枃閫楀彿鍒嗛殧', + `lable` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '鏍囩id,澶氫釜鐢ㄨ嫳鏂囬楀彿鍒嗛殧', + `area_effective_ids` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '澶氫釜鑻辨枃閫楀彿鍒嗛殧', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) NULL DEFAULT NULL, + `file_desc` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鏂囦欢鍚嶇О', + `url` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鏂囦欢淇濆瓨鐨剈rl', + `content_type` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鍐呭绫诲瀷锛屽text/html锛屽彇瀛楀吀琛╟ontentType', + `content_length` int(11) NOT NULL DEFAULT 0 COMMENT '鏂囦欢闀垮害', + `md5` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '鏂囦欢md5鍊', + `cancel_request_id` int(11) NULL DEFAULT NULL COMMENT '鍙栨秷瀹℃牳鏉ュ嚱', + PRIMARY KEY (`cfg_id`) USING BTREE +) ENGINE = InnoDB AUTO_INCREMENT = 49 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic; + +SET FOREIGN_KEY_CHECKS = 1; + +#涓篴dmin瑙掕壊鍒嗛厤鏂扮殑鑿滃崟鏉冮檺 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.code in ('hijack_file_strategy','file_insert_script','traffic_mirror_address','visit_response_page'); + + +# 鑿滃崟 +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('724', '0,1,86,719,724,', 'http_manipulation', 'HTTP鎿嶆帶', '330', '/proxy/control/manipulatPolicy/list', '', '', '1', 'http_manipulation:config', '1', '2019-05-07 15:04:51', '1', '2019-05-07 15:53:45', '', '1', NULL, '0', '0', '215'); +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('757', '0,1,150,748,757,', 'http_manipulation', 'HTTP鎿嶆帶', '180', '/proxy/control/manipulatPolicy/list', '', '', '1', 'http_manipulation:confirm', '1', '2019-05-10 15:05:33', '1', '2019-05-10 15:05:33', '', '1', NULL, '0', '0', '215'); +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('852', '0,1,151,850,852,', 'http_manipulation', 'HTTP鎿嶆帶', '180', '/proxy/control/manipulatPolicy/list', '', '', '1', 'http_manipulation:audit', '1', '2019-05-10 15:06:30', '1', '2019-05-10 15:06:30', '', '1', NULL, '0', '0', '215'); + +# 閰嶇疆琛 +INSERT INTO `function_service_dict` (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES ('215', '0', '48', 'redirect', '656', 'http_manipulation', NULL, '1', '1', '2019-05-07 15:46:17', NULL, NULL, '1,2,3,4,5,6', '1', '0', '1;0,1,2;2'); + +ALTER TABLE function_region_dict AUTO_INCREMENT = 700; +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', '', '2', 'PXY_CTRL_HTTP_URL', 'HTTP URL绠℃帶閰嶇疆', '1', '1', '2', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', 'https_url', '0,1', '0,1,2,3', '', '0', '1', '', '', '', '', '', '1', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', 'User-Agent,Cookie,others', '3', 'PXY_CTRL_HTTP_REQ_HDR', 'HTTP璇锋眰澶村煙绠℃帶閰嶇疆', '1', '1', '3', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', '0,1', '0,1,2,3', '', '0,1,2', '1', '', '', '', '', '', '2', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', 'set-cookie,Content-Type,others', '4', 'PXY_CTRL_HTTP_RES_HDR', 'HTTP搴旂瓟澶村煙绠℃帶閰嶇疆', '1', '1', '3', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', '0,1', '0,1,2,3', '', '0,1,2', '1', '', '', '', '', '', '3', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', '', '5', 'PXY_CTRL_HTTP_REQ_BODY', 'HTTP璇锋眰鍐呭绠℃帶閰嶇疆', '1', '1', '2', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', '0,1', '0,1,2,3', '', '0,1,2', '1', '', '', '', '', '', '4', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', '', '6', 'PXY_CTRL_HTTP_RES_BODY', 'HTTP搴旂瓟鍐呭绠℃帶閰嶇疆', '1', '1', '2', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', '0,1', '0,1,2,3', '', '0,1,2', '1', '', '', '', '', '', '5', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', '', '1', 'PXY_CTRL_IP', 'HTTP IP绠℃帶閰嶇疆', '1', '1', '1', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', '', '', '', '4,6', '', '', '1,2,3;1,2,3', '1,2;1,2', '0', '0,6,17', '1,2,3,4', '6', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('215', '', '3', 'PXY_CTRL_SUBSCRIBE_ID', 'proxy SUBSCRIBE瀛楃涓查厤缃', '1', '1', '2', NULL, '0000-00-00 00:00:00', NULL, '0000-00-00 00:00:00', 'subscribe_id', '0', '3', '', '0', '0', '', '', '', '', '', '7', '0'); + +#浠g悊鐩稿叧鐨勫簲绛斿ご鐨刣istrict鐨勫約et-cookie淇敼涓篠et-Cookie +update function_region_dict set config_district='Set-Cookie,Content-Type,others' where function_id in(210,207,215) and config_region_value='PXY_CTRL_HTTP_RES_HDR'; + +#涓篴dmin瑙掕壊鍒嗛厤鎿嶆帶鑿滃崟鏉冮檺 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.code in ('http_manipulation'); +#鍒犻櫎鎷︽埅闄愰熶笟鍔 +update function_service_dict set is_valid=0 where action_code='ratelimit' and service_id=514 and function_id=200; +#鍒犻櫎service銆乺egion瀛楀吀*****************纭鏄惁鍒犻櫎server_conf.xml +update function_region_dict set is_Valid=0 where function_id in(208,209) and is_valid=1; +update function_service_dict set is_Valid=0 where function_id in(208,209) and is_valid=1; +#鍒犻櫎鏃ч厤缃 +#200锛氭嫤鎴/210锛氱洃娴/207锛氶樆鏂/208锛氶噸瀹氬悜/209锛氭浛鎹/211锛氱櫧鍚嶅崟 +#鏃х殑IP閰嶇疆鍒犻櫎 +update ip_port_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑URL閰嶇疆鍒犻櫎 +update http_url_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑REQ_HEADER閰嶇疆鍒犻櫎 +update http_req_head_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑RES_HEADER閰嶇疆鍒犻櫎 +update http_res_head_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑HTTP BODY閰嶇疆鍒犻櫎 +update http_body_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑HTTP BODY閰嶇疆鍒犻櫎 +update ntc_subscribe_id_cfg set is_valid=-1,is_audit=0 where compile_id in (select compile_id from cfg_index_info where function_id in(210,200,207,208,209,211) and is_valid != -1); +#鏃х殑閰嶇疆鍒犻櫎 +update cfg_index_info set is_valid=-1,is_audit=0 where function_id in(210,200,207,208,209,211) and is_valid != -1; +#鏃х殑keyring閰嶇疆鍒犻櫎 +update pxy_obj_keyring set is_valid=-1,is_audit=0 where is_valid != -1; +#鏃х殑鍙俊璇佷功閰嶇疆鍒犻櫎 +update pxy_obj_trusted_ca_cert set is_valid=-1,is_audit=0 where is_valid != -1; +#鏃х殑鍙俊璇佷功CRL閰嶇疆鍒犻櫎 +update pxy_obj_trusted_ca_crl set is_valid=-1,is_audit=0 where is_valid != -1; + +#鍔寔鐩稿叧瀛楀吀琛 +INSERT INTO `sys_data_dictionary_name`(`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) +VALUES ('鍔寔鏂囦欢鍐呭鏍煎紡', 'CONTENT_TYPE_HIJACK', 'hijack content-type', '', '2019-05-21 00:00:00', '2019-05-21 00:00:00', 1); + + +#娣诲姞瀛楀吀淇℃伅 +INSERT into sys_data_dictionary_item(item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) +VALUES('image/gif','image/gif','gif',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('image/jpeg','image/jpeg','jpg',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('image/png','image/png','png',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('image/svg+xml','image/svg+xml','svg',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('application/x-msdos-program','application/x-msdos-program','exe',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('application/x-msdownload','application/x-msdownload','exe',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('application/octet-stream','application/octet-stream','exe',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('application/vnd.android.package-archive','application/vnd.android.package-archive','apk',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')), +('text/html','text/html','html',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_HIJACK')); + +#鏂囦欢绛栫暐鐩稿叧瀛楀吀琛 +INSERT INTO `sys_data_dictionary_name`(`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) +VALUES('鏂囦欢绛栫暐鍐呭鏍煎紡', 'CONTENT_TYPE_FILESTRATEGY', 'fileStrategy content-type', '', '2019-05-21 00:00:00', '2019-05-21 00:00:00', 1); + +INSERT into sys_data_dictionary_item(item_code,item_value,item_sort,`status`,type,dictionary_id) +VALUES('template','template',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_FILESTRATEGY')), +('html','html',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_FILESTRATEGY')); + +#娉ㄥ叆鑴氭湰鐩稿叧瀛楀吀琛 +INSERT INTO `sys_data_dictionary_name`(`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) +VALUES('娉ㄥ叆鑴氭湰鏂囦欢鍐呭鏍煎紡', 'CONTENT_TYPE_INSERTSCRIPT', 'insertScript content-type', '', '2019-05-21 00:00:00', '2019-05-21 00:00:00', 1); + +INSERT into sys_data_dictionary_item(item_code,item_value,item_sort,`status`,type,dictionary_id) +VALUES('css','css',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_INSERTSCRIPT')), +('js','js',0,1,1,(SELECT id FROM sys_data_dictionary_name WHERE mark='CONTENT_TYPE_INSERTSCRIPT')); + + +#鍙俊璇佷功鍒楄〃澧炲姞鏄惁鍐呯疆璇佷功灞炴 +alter table pxy_obj_trusted_ca_cert add built_in int(1) default 0 comment 'is built-in'; +#淇敼宸叉湁璇佷功涓洪潪鍐呯疆璇佷功 +update pxy_obj_trusted_ca_cert set built_in=0 where built_in is null; + +#鎷︽埅绛栫暐鍐呯疆0鍜1鍙烽厤缃 +INSERT INTO `cfg_index_info` +(`cfg_desc`, `action`, `is_valid`, `is_audit`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `auditor_id`, `audit_time`, `service_id`, `request_id`, `compile_id`, `is_area_effective`, `classify`, `attribute`, `lable`, `area_effective_ids`, `function_id`, `dns_strategy_id`, `do_log`, `user_region1`, `user_region2`, `user_region3`, `user_region4`, `user_region5`, `office_id`, `cancel_request_id`, `source_compile_id`, `do_blacklist`, `common_group_ids`) +VALUES ('default intercept policy', 128, 0, 0, 6, now(), NULL, NULL, NULL, NULL, 521, 0, 0, 0, '0', '0', '0', '', 200, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, ''); +INSERT INTO `http_url_cfg` +(`cfg_desc`, `cfg_keywords`, `action`, `is_valid`, `is_audit`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `auditor_id`, `audit_time`, `service_id`, `request_id`, `compile_id`, `is_area_effective`, `classify`, `attribute`, `lable`, `expr_type`, `match_method`, `is_hexbin`, `area_effective_ids`, `function_id`, `cfg_region_code`, `cfg_type`, `ratelimit`, `user_region1`, `user_region2`, `user_region3`, `user_region4`, `user_region5`) +VALUES ('default intercept policy', '20190946.com', 128, 0, 0, 6, now(), NULL, NULL, NULL, NULL, 521, 0, 0, 0, '0', '0', '0', 0, 1, 2, '', 200, 2, 'PXY_INTERCEPT_DOMAIN', NULL, NULL, NULL, NULL, NULL, NULL); +INSERT INTO `cfg_index_info` +(`cfg_desc`, `action`, `is_valid`, `is_audit`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `auditor_id`, `audit_time`, `service_id`, `request_id`, `compile_id`, `is_area_effective`, `classify`, `attribute`, `lable`, `area_effective_ids`, `function_id`, `dns_strategy_id`, `do_log`, `user_region1`, `user_region2`, `user_region3`, `user_region4`, `user_region5`, `office_id`, `cancel_request_id`, `source_compile_id`, `do_blacklist`, `common_group_ids`) +VALUES ('built-in fe3.delivery.mp.microsoft.com', 128, 0, 0, 6, now(), NULL, NULL, NULL, NULL, 521, 0, 1, 0, '0', '0', '0', '', 200, NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 0, ''); +INSERT INTO `http_url_cfg` +(`cfg_desc`, `cfg_keywords`, `action`, `is_valid`, `is_audit`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `auditor_id`, `audit_time`, `service_id`, `request_id`, `compile_id`, `is_area_effective`, `classify`, `attribute`, `lable`, `expr_type`, `match_method`, `is_hexbin`, `area_effective_ids`, `function_id`, `cfg_region_code`, `cfg_type`, `ratelimit`, `user_region1`, `user_region2`, `user_region3`, `user_region4`, `user_region5`) +VALUES ('built-in fe3.delivery.mp.microsoft.com', 'fe3.delivery.mp.microsoft.com', 128, 0, 0, 6, now(), NULL, NULL, NULL, NULL, 521, 0, 1, 0, '0', '0', '0', 0, 3, 2, '', 200, 2, 'PXY_INTERCEPT_DOMAIN', NULL, NULL, NULL, NULL, NULL, NULL); + + + + +#鏃ュ織妫绱-鍥藉浠g悊涓嬫柊澧濰TTP(S)鎿嶆帶鑿滃崟 +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('951', '0,1,152,951,', 'http_manipulation', 'HTTP鎿嶆帶', '5', '/log/pxy/httpManipulList?searchAction=48', '', '', '1', '', '1', '2019-05-29 09:59:03', '1', '2019-05-29 09:59:03', '', '1', NULL, '0', '0', '215'); +#淇敼鏃ュ織妫绱->鍥藉浠g悊->HTTP(S)闃绘柇 url +UPDATE `sys_menu` SET `href`='/log/pxy/httpBlockLists?searchAction=16' WHERE code='http_block' and href='/log/pxy/httpBlocklogs' and permission= ''; +#淇敼鏃ュ織妫绱->鍥藉浠g悊->HTTP(S)鐩戞祴 url +UPDATE `sys_menu` SET `href`='/log/pxy/httpMonitLists?searchAction=1' WHERE code='http_monit' and href='/log/pxy/httpMonitogs' and permission= ''; + + +#涓篴dmin瑙掕壊鍒嗛厤鏂扮殑鑿滃崟鏉冮檺 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.code in ('http_manipulation') and href='/log/pxy/httpManipulList?searchAction=48'; + + +#娣诲姞HTTP(s)鎿嶆帶鏃ュ織 pinningst瀛楁鐨勫瓧鍏稿唴瀹 +INSERT INTO `sys_data_dictionary_name` ( `module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ( 'HTTP(S)鎿嶆帶鏃ュ織', 'PINNING', 'pinning鐘舵', 'user:ceiec,2019-05-31 10:02:51edit', '2019-05-31 10:02:13', '2019-05-31 10:02:51', '1'); +#sys_data_dictionary_item 琛ㄤ腑鐨刣ictionary_id 涓 sys_data_dictionary_name 琛ㄧ敓鎴愮殑涓婚敭ID鐨勫 +INSERT into sys_data_dictionary_item(item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) +VALUES('0', 'not pinning', '', 1, 1, 1,(SELECT id FROM sys_data_dictionary_name WHERE mark='PINNING')), +('1', 'pinning', '', 2, 1, 1,(SELECT id FROM sys_data_dictionary_name WHERE mark='PINNING')), +('2', 'maybe pinning', '', 3, 1, 1,(SELECT id FROM sys_data_dictionary_name WHERE mark='PINNING')); + +#娣诲姞HTTP(s)鎿嶆帶鏃ュ織 INTERCEPT_STATE瀛楁鐨勫瓧鍏稿唴瀹 +INSERT INTO `sys_data_dictionary_name` (`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('鎷︽埅鐘舵', 'INTERCEPT_STATE', '', '', '2019-06-03 15:20:00', '2019-06-03 15:20:00', '1'); +#sys_data_dictionary_item 琛ㄤ腑鐨刣ictionary_id 涓 sys_data_dictionary_name 琛ㄧ敓鎴愮殑涓婚敭ID鐨勫 +INSERT INTO sys_data_dictionary_item(item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) +VALUES ( '0', 'passthrough', '', 1, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE')), +('1', 'intercept', '', 2, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE')), +('2', 'shutdown', '', 3, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE')); + + +#娣诲姞HTTP(s)鎿嶆帶鏃ュ織 SSL_CERT_VERIFY瀛楁鐨勫瓧鍏稿唴瀹 +INSERT INTO `sys_data_dictionary_name` (`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('璇佷功鏍¢獙缁撴灉', 'SSL_CERT_VERIFY', '', '', '2019-06-03 15:42:08', '2019-06-03 15:42:08', '1'); +#sys_data_dictionary_item 琛ㄤ腑鐨刣ictionary_id 涓 sys_data_dictionary_name 琛ㄧ敓鎴愮殑涓婚敭ID鐨勫 +INSERT INTO `sys_data_dictionary_item` (item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) +VALUES ('0', 'verify unapproved', '鏍¢獙鏈氳繃', 1, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='SSL_CERT_VERIFY')), + ('1', 'verify approved', '鏍¢獙閫氳繃', 2, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='SSL_CERT_VERIFY')); + + +#鍒犻櫎閲嶅畾鍚戙佹浛鎹㈤厤缃佸鏍搞佸璁°佹棩蹇楄彍鍗 +UPDATE `sys_menu` SET `del_flag`='0' WHERE code ='http_redirect'; +UPDATE `sys_menu` SET `del_flag`='0' WHERE code ='http_replace'; +#####************* +#瀹炴椂鎶ヨ〃->鍥藉浠g悊鑿滃崟鍜屽畠涓嬮潰鐨勫瓙鑿滃崟閮界疆涓哄け鏁 +UPDATE `sys_menu` SET `del_flag`='0' WHERE href ='/report/list?cfgName=http_block'; +UPDATE `sys_menu` SET `del_flag`='0' WHERE href ='/report/list?cfgName=http_redirect'; +UPDATE `sys_menu` SET `del_flag`='0' WHERE href ='/report/list?cfgName=http_replace'; +UPDATE `sys_menu` SET `del_flag`='0' WHERE href ='/report/list?cfgName=http_monit'; +UPDATE `sys_menu` SET `del_flag`='0' WHERE `code`='Proxy' and parent_id='780'; + + + + diff --git a/src/main/resources/sql/deploymentsql/4_objectlist_group_function.sql b/src/main/resources/sql/deploymentsql/4_objectlist_group_function.sql new file mode 100644 index 000000000..ab46301ad --- /dev/null +++ b/src/main/resources/sql/deploymentsql/4_objectlist_group_function.sql @@ -0,0 +1,268 @@ +CREATE TABLE `ip_comm_cfg` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键,自增', + `cfg_desc` varchar(128) DEFAULT NULL, + `cfg_type` varchar(64) DEFAULT '', + `cfg_region_code` int(11) DEFAULT NULL, + `ip_type` int(11) NOT NULL COMMENT 'IPV4=4,IPV6=6', + `src_ip_pattern` int(11) DEFAULT NULL COMMENT '源ip格式', + `dest_ip_pattern` int(11) DEFAULT NULL COMMENT '目的ip格式', + `src_ip_address` varchar(128) NOT NULL, + `dest_ip_address` varchar(128) NOT NULL, + `src_port_pattern` int(11) DEFAULT NULL COMMENT '源端口格式', + `dest_port_pattern` int(11) DEFAULT NULL COMMENT '目的端口格式', + `src_port` varchar(16) NOT NULL, + `dest_port` varchar(16) NOT NULL, + `direction` int(11) NOT NULL COMMENT '0双向,1单向,默认缺省为双向。', + `protocol` int(11) NOT NULL COMMENT '6表示tcp,17表示udp,0表示任意', + `protocol_id` int(11) NOT NULL COMMENT '非0时,maat规范需写入通用IP配置表与通用协议类型配置表 此表固定写0', + `action` int(11) NOT NULL COMMENT '1:阻断,2:监测, 5: FD 白名单,6:监测白名单,7: FD 监测都白名单,应与业务ID所代表的逻辑相匹配,8-灰名单', + `is_valid` int(11) NOT NULL COMMENT '0无效,1有效,-1删除\r\n1) 未审核时配置可删除\r\n2) 审核通过,此字段置1\r\n3) 取消审核通过,此字段置0', + `is_audit` int(11) NOT NULL COMMENT '0未审核,1审核通过,2审核未通过,3取消审核通过\r\n1) 审核未通过,配置可修改\r\n2) 审核通过,配置不可删除,只能取消审核通过', + `creator_id` int(11) NOT NULL COMMENT '取自sys_user.id', + `create_time` datetime NOT NULL, + `editor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `edit_time` datetime DEFAULT NULL, + `auditor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `audit_time` datetime DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '参考系统业务类型管理表', + `request_id` int(11) NOT NULL COMMENT '取自request_info.id', + `compile_id` int(11) NOT NULL COMMENT '取自服务接口返回的maat配置的编译id,配置初始入库时获取。', + `is_area_effective` int(11) NOT NULL COMMENT '0否,1是', + `classify` varchar(128) DEFAULT NULL COMMENT '分类id,多个用英文逗号分隔', + `attribute` varchar(128) DEFAULT NULL COMMENT '性质id,多个用英文逗号分隔', + `lable` varchar(128) DEFAULT NULL COMMENT '标签id,多个用英文逗号分隔', + `area_effective_ids` varchar(1024) DEFAULT NULL COMMENT '多个英文逗号分隔', + `function_id` int(11) NOT NULL, + `ratelimit` varchar(10) DEFAULT NULL COMMENT '限速比例,0到1之间', + `region_id` int(11) DEFAULT NULL, + `group_id` int(11) DEFAULT NULL, + `user_region1` varchar(1024) DEFAULT NULL COMMENT '预留自定义域1', + `user_region2` varchar(1024) DEFAULT NULL COMMENT '预留自定义域2', + `user_region3` varchar(1024) DEFAULT NULL COMMENT '预留自定义域3', + `user_region4` varchar(1024) DEFAULT NULL COMMENT '预留自定义域4', + `user_region5` varchar(1024) DEFAULT NULL COMMENT '预留自定义域5', + `cancel_request_id` int(11) DEFAULT NULL COMMENT '取消审核来函', + PRIMARY KEY (`cfg_id`) USING BTREE +) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; + + +CREATE TABLE `url_comm_cfg` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键,自增', + `cfg_desc` varchar(128) DEFAULT NULL, + `cfg_keywords` varchar(2048) NOT NULL, + `action` int(11) NOT NULL COMMENT '1:阻断,2:监测, 5: FD 白名单,6:监测白名单,7: FD 监测都白名单,应与业务ID所代表的逻辑相匹配,8-灰名单', + `is_valid` int(11) NOT NULL COMMENT '0无效,1有效,-1删除;1) 未审核时配置可删除;2) 审核通过,此字段置1;3) 取消审核通过,此字段置0', + `is_audit` int(11) NOT NULL COMMENT '0未审核,1审核通过,2审核未通过,3取消审核通过;1) 审核未通过,配置可修改;2) 审核通过,配置不可删除,只能取消审核通过', + `creator_id` int(11) NOT NULL COMMENT '取自sys_user.id', + `create_time` datetime NOT NULL, + `editor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `edit_time` datetime DEFAULT NULL, + `auditor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `audit_time` datetime DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '参考系统业务类型管理表', + `request_id` int(11) NOT NULL COMMENT '取自request_info.id', + `compile_id` int(11) NOT NULL COMMENT '取自服务接口返回的maat配置的编译id,配置初始入库时获取。', + `is_area_effective` int(11) NOT NULL COMMENT '0否,1是', + `classify` varchar(128) DEFAULT NULL COMMENT '分类id,多个用英文逗号分隔', + `attribute` varchar(128) DEFAULT NULL COMMENT '性质id,多个用英文逗号分隔', + `lable` varchar(128) DEFAULT NULL COMMENT '标签id,多个用英文逗号分隔', + `expr_type` int(11) NOT NULL COMMENT '0:无表达式,1:与表达式', + `match_method` int(11) NOT NULL COMMENT 'expr_type:0时有意义,其它情况必须置0。0:子串匹配;1:右匹配;2:左匹配;3:完全匹配', + `is_hexbin` int(11) NOT NULL COMMENT '默认为0:大小写不敏感,且非HEX;1:HEX格式二进制;2:大小写敏感,且非HEX', + `area_effective_ids` varchar(1024) DEFAULT NULL COMMENT '多个英文逗号分隔', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) DEFAULT NULL, + `cfg_type` varchar(64) DEFAULT NULL, + `ratelimit` varchar(10) DEFAULT NULL COMMENT '限速比例,0到1之间', + `region_id` int(11) NOT NULL, + `group_id` int(11) NOT NULL, + `user_region1` varchar(1024) DEFAULT NULL COMMENT '预留自定义域1', + `user_region2` varchar(1024) DEFAULT NULL COMMENT '预留自定义域2', + `user_region3` varchar(1024) DEFAULT NULL COMMENT '预留自定义域3', + `user_region4` varchar(1024) DEFAULT NULL COMMENT '预留自定义域4', + `user_region5` varchar(1024) DEFAULT NULL COMMENT '预留自定义域5', + PRIMARY KEY (`cfg_id`) USING BTREE, + KEY `http_url_cfg_compileId` (`compile_id`), + KEY `http_url_cfg_functionId` (`function_id`) +) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; + +CREATE TABLE `domain_comm_cfg` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键,自增', + `cfg_desc` varchar(128) DEFAULT NULL, + `cfg_keywords` varchar(2048) NOT NULL, + `action` int(11) NOT NULL COMMENT '1:阻断,2:监测, 5: FD 白名单,6:监测白名单,7: FD 监测都白名单,应与业务ID所代表的逻辑相匹配,8-灰名单', + `is_valid` int(11) NOT NULL COMMENT '0无效,1有效,-1删除;1) 未审核时配置可删除;2) 审核通过,此字段置1;3) 取消审核通过,此字段置0', + `is_audit` int(11) NOT NULL COMMENT '0未审核,1审核通过,2审核未通过,3取消审核通过;1) 审核未通过,配置可修改;2) 审核通过,配置不可删除,只能取消审核通过', + `creator_id` int(11) NOT NULL COMMENT '取自sys_user.id', + `create_time` datetime NOT NULL, + `editor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `edit_time` datetime DEFAULT NULL, + `auditor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `audit_time` datetime DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '参考系统业务类型管理表', + `request_id` int(11) NOT NULL COMMENT '取自request_info.id', + `compile_id` int(11) NOT NULL COMMENT '取自服务接口返回的maat配置的编译id,配置初始入库时获取。', + `is_area_effective` int(11) NOT NULL COMMENT '0否,1是', + `classify` varchar(128) DEFAULT NULL COMMENT '分类id,多个用英文逗号分隔', + `attribute` varchar(128) DEFAULT NULL COMMENT '性质id,多个用英文逗号分隔', + `lable` varchar(128) DEFAULT NULL COMMENT '标签id,多个用英文逗号分隔', + `expr_type` int(11) NOT NULL COMMENT '0:无表达式,1:与表达式', + `match_method` int(11) NOT NULL COMMENT 'expr_type:0时有意义,其它情况必须置0。0:子串匹配;1:右匹配;2:左匹配;3:完全匹配', + `is_hexbin` int(11) NOT NULL COMMENT '默认为0:大小写不敏感,且非HEX;1:HEX格式二进制;2:大小写敏感,且非HEX', + `area_effective_ids` varchar(1024) DEFAULT NULL COMMENT '多个英文逗号分隔', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) DEFAULT NULL, + `cfg_type` varchar(64) DEFAULT NULL, + `ratelimit` varchar(10) DEFAULT NULL COMMENT '限速比例,0到1之间', + `region_id` int(11) NOT NULL, + `group_id` int(11) NOT NULL, + `user_region1` varchar(1024) DEFAULT NULL COMMENT '预留自定义域1', + `user_region2` varchar(1024) DEFAULT NULL COMMENT '预留自定义域2', + `user_region3` varchar(1024) DEFAULT NULL COMMENT '预留自定义域3', + `user_region4` varchar(1024) DEFAULT NULL COMMENT '预留自定义域4', + `user_region5` varchar(1024) DEFAULT NULL COMMENT '预留自定义域5', + PRIMARY KEY (`cfg_id`) USING BTREE, + KEY `http_url_cfg_compileId` (`compile_id`), + KEY `http_url_cfg_functionId` (`function_id`) +) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; + +CREATE TABLE `scriberid_comm_cfg` ( + `cfg_id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键,自增', + `cfg_desc` varchar(128) DEFAULT NULL, + `cfg_keywords` varchar(2048) NOT NULL, + `action` int(11) NOT NULL COMMENT '1:阻断,2:监测, 5: FD 白名单,6:监测白名单,7: FD 监测都白名单,应与业务ID所代表的逻辑相匹配,8-灰名单', + `is_valid` int(11) NOT NULL COMMENT '0无效,1有效,-1删除;1) 未审核时配置可删除;2) 审核通过,此字段置1;3) 取消审核通过,此字段置0', + `is_audit` int(11) NOT NULL COMMENT '0未审核,1审核通过,2审核未通过,3取消审核通过;1) 审核未通过,配置可修改;2) 审核通过,配置不可删除,只能取消审核通过', + `creator_id` int(11) NOT NULL COMMENT '取自sys_user.id', + `create_time` datetime NOT NULL, + `editor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `edit_time` datetime DEFAULT NULL, + `auditor_id` int(11) DEFAULT NULL COMMENT '取自sys_user.id', + `audit_time` datetime DEFAULT NULL, + `service_id` int(11) NOT NULL COMMENT '参考系统业务类型管理表', + `request_id` int(11) NOT NULL COMMENT '取自request_info.id', + `compile_id` int(11) NOT NULL COMMENT '取自服务接口返回的maat配置的编译id,配置初始入库时获取。', + `is_area_effective` int(11) NOT NULL COMMENT '0否,1是', + `classify` varchar(128) DEFAULT NULL COMMENT '分类id,多个用英文逗号分隔', + `attribute` varchar(128) DEFAULT NULL COMMENT '性质id,多个用英文逗号分隔', + `lable` varchar(128) DEFAULT NULL COMMENT '标签id,多个用英文逗号分隔', + `expr_type` int(11) NOT NULL COMMENT '0:无表达式,1:与表达式', + `match_method` int(11) NOT NULL COMMENT 'expr_type:0时有意义,其它情况必须置0。0:子串匹配;1:右匹配;2:左匹配;3:完全匹配', + `is_hexbin` int(11) NOT NULL COMMENT '默认为0:大小写不敏感,且非HEX;1:HEX格式二进制;2:大小写敏感,且非HEX', + `area_effective_ids` varchar(1024) DEFAULT NULL COMMENT '多个英文逗号分隔', + `function_id` int(11) NOT NULL, + `cfg_region_code` int(11) DEFAULT NULL, + `cfg_type` varchar(64) DEFAULT NULL, + `ratelimit` varchar(10) DEFAULT NULL COMMENT '限速比例,0到1之间', + `region_id` int(11) NOT NULL, + `group_id` int(11) NOT NULL, + `user_region1` varchar(1024) DEFAULT NULL COMMENT '预留自定义域1', + `user_region2` varchar(1024) DEFAULT NULL COMMENT '预留自定义域2', + `user_region3` varchar(1024) DEFAULT NULL COMMENT '预留自定义域3', + `user_region4` varchar(1024) DEFAULT NULL COMMENT '预留自定义域4', + `user_region5` varchar(1024) DEFAULT NULL COMMENT '预留自定义域5', + PRIMARY KEY (`cfg_id`) USING BTREE, + KEY `http_url_cfg_compileId` (`compile_id`), + KEY `http_url_cfg_functionId` (`function_id`) +) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC; + + +# 菜单 +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('109', '0,1,109,', 'common_group_manage', '公共组管理', '5090', '/basics/commonGroup/list', '', 'fa fa-object-ungroup', '1', '', '1', '2019-05-27 16:15:23', '1', '2019-05-28 15:28:59', '', '1', NULL, '0', '0', NULL); +#为admin用户分配角色 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.code in ('common_group_manage') and m.href='/basics/commonGroup/list'; +# 配置 +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('605', '', '1', 'ip_group_configuration', 'IP公共组管理', '1', '1', '1', NULL, '2019-05-27 14:50:16', NULL, NULL, '', '', '', '4,6', '', '', '1,2,3;1,2,3', '1,2;1,2', '0,1', '0,6,17', '1,2,3,4', '1', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('606', '', '2', 'url_group_configuration', 'URL公共组管理', '1', '1', '2', NULL, '2019-05-27 16:00:39', NULL, NULL, '', '0,1', '0,1,2,3', '', '0', '1', NULL, NULL, NULL, NULL, NULL, '1', '1'); +INSERT INTO `function_region_dict`(`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('607', '', '1', 'domain_group_configuration', '域名公共组管理', '1', '1', '2', NULL, '2019-06-06 14:43:53', NULL, NULL, '', '0', '1,3', '', '2', '0', NULL, NULL, NULL, NULL, NULL, '1', '1'); +INSERT INTO `function_region_dict` (`function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES ('608', '', '1', 'scriberid_group_configuration', '账号公共组管理', '1', '1', '2', NULL, '2019-06-06 15:32:02', NULL, NULL, '', '0', '3', '', '0', '0', NULL, NULL, NULL, NULL, NULL, '1', '1'); + +INSERT INTO `function_service_dict` (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES ('605', '0', '1', 'monit', '0', 'ip_common_group', NULL, '1', '1', '2019-05-27 14:47:47', NULL, NULL, '1', '1', '0', NULL); +INSERT INTO `function_service_dict` (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES ('606', '0', '1', 'monit', '0', 'url_common_group', NULL, '1', '1', '2019-05-27 15:59:43', NULL, NULL, '2', '1', '0', NULL); +INSERT INTO `function_service_dict` (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES ('607', '0', '1', 'monit', '0', 'domain_common_group', '', '1', NULL, '2019-06-06 15:24:56', NULL, NULL, '2', '1', '0', NULL); +INSERT INTO `function_service_dict` (`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES ('608', '0', '1', 'monit', '0', 'scriberid_common_group', NULL, '1', NULL, '2019-06-06 15:24:52', NULL, NULL, '2', '1', '0', NULL); + + +# 字典 +INSERT INTO `sys_data_dictionary_item` ( + `item_code`, + `item_value`, + `item_desc`, + `item_sort`, + `status`, + `type`, + `dictionary_id` +) +VALUES + ( + '5', + 'IP GROUP', + '普通IP组', + '0', + '1', + '1', + (SELECT id FROM sys_data_dictionary_name WHERE mark = 'GROUP_TYPE') + ), + ( + '7', + 'URL GROUP', + '普通URL组', + '0', + '1', + '1', + (SELECT id FROM sys_data_dictionary_name WHERE mark = 'GROUP_TYPE') + ), + ( + '8', + 'DOMAIN GROUP', + '普通域名组', + '0', + '1', + '1', + (SELECT id FROM sys_data_dictionary_name WHERE mark = 'GROUP_TYPE') + ), + ( + '9', + 'SCRIBERID GROUP', + '普通账号组', + '0', + '1', + '1', + (SELECT id FROM sys_data_dictionary_name WHERE mark = 'GROUP_TYPE') + ); + +# 增加字段 +ALTER TABLE policy_group_info add ud_flag INT(2) NOT NULL DEFAULT 0 COMMENT '0:不可用,1:未被引用(可用),2:已被引用(可用)|默认0'; +# 修改表字段注释 +ALTER TABLE policy_group_info MODIFY COLUMN group_type INT(2) DEFAULT NULL COMMENT '1:dns 2:ip复用, 4:asn, 5:IP通用组, 7:URL通用组, 8:Domain通用组, 9:SubscribeId通用组'; + +#function_service_dict +INSERT INTO `function_service_dict`(`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (888, 0, 1, 'monit', 0, 'obj_group_monit', NULL, 1, NULL, NULL, NULL, NULL, NULL, 0, 0, '1;1,2;2'); +INSERT INTO `function_service_dict`(`function_id`, `protocol_id`, `action`, `action_code`, `service_id`, `service_name`, `service_desc`, `is_valid`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `region_code`, `is_import`, `sort`, `config_do_log`) VALUES (888, 0, 16, 'reject', -1, 'obj_group_reject', NULL, 1, NULL, NULL, NULL, NULL, NULL, 0, 0, '1;0,1,2;2'); +#functiuon_region_dict; +INSERT INTO `function_region_dict`( `function_id`, `config_district`, `config_region_code`, `config_region_value`, `config_desc`, `is_valid`, `is_maat`, `region_type`, `creator_id`, `create_time`, `editor_id`, `edit_time`, `config_service_type`, `config_expr_type`, `config_match_method`, `config_ip_type`, `config_hex`, `config_multi_keywords`, `config_ip_pattern`, `config_port_pattern`, `config_direction`, `config_protocol`, `config_ip_port_show`, `config_region_sort`, `is_import`) VALUES (888, '', 0, '0', '0', 1, 1, 0, NULL, NULL, NULL, NULL, '', '', '', '', '', '', NULL, NULL, NULL, NULL, NULL, 1, 1); +#sys_menu +#审计菜单 Object-List-Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select id, CONCAT('0,1,',id),'object_list_group', 'Object-List-Group', 5060, '', '', '', 1, '', '1', '2019-06-13 19:46:56', '1', '2019-06-13 19:46:56', '', 1, NULL, 0, 0, NULL from sys_menu s1 where s1.code='audit_manage' and s1.del_flag=1; +#审核菜单 Object-List-Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select id, CONCAT('0,1,',id),'object_list_group', 'Object-List-Group', 5060, '', '', '', 1, '', '1', '2019-06-13 19:46:56', '1', '2019-06-13 19:46:56', '', 1, NULL, 0, 0, NULL from sys_menu s1 where s1.code='examine_manage' and s1.del_flag=1; +#配置菜单 Object-List-Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select id, CONCAT('0,1,',id),'object_list_group', 'Object-List-Group', 5060, '', '', '', 1, '', '1', '2019-06-13 19:46:56', '1', '2019-06-13 19:46:56', '', 1, NULL, 0, 0, NULL from sys_menu s1 where s1.code='configuration_manage' and s1.del_flag=1; +#审计置菜单 Policy Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select s1.id,CONCAT_WS(',','0,1',s2.id,s1.id), 'policy_group', 'Policy Group', 30, '/objgroup/list', '', '', 1, 'objgroup:audit', '1', '2019-06-13 19:47:42', '1', '2019-06-13 19:47:42', '', 1, NULL, 0, 0, 888 from sys_menu s1,sys_menu s2 where s2.code='audit_manage' and s2.del_flag=1 and s1.parent_id=s2.id and s1.code='object_list_group'; +#审核置菜单 Policy Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select s1.id,CONCAT_WS(',','0,1',s2.id,s1.id), 'policy_group', 'Policy Group', 30, '/objgroup/list', '', '', 1, 'objgroup:confirm', '1', '2019-06-13 19:47:42', '1', '2019-06-13 19:47:42', '', 1, NULL, 0, 0, 888 from sys_menu s1,sys_menu s2 where s2.code='examine_manage' and s2.del_flag=1 and s1.parent_id=s2.id and s1.code='object_list_group'; +#配置置菜单 Policy Group +INSERT INTO `sys_menu`(`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) select s1.id,CONCAT_WS(',','0,1',s2.id,s1.id), 'policy_group', 'Policy Group', 30, '/objgroup/list', '', '', 1, 'objgroup:config', '1', '2019-06-13 19:47:42', '1', '2019-06-13 19:47:42', '', 1, NULL, 0, 0, 888 from sys_menu s1,sys_menu s2 where s2.code='configuration_manage' and s2.del_flag=1 and s1.parent_id=s2.id and s1.code='object_list_group'; + + +# Object List +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`)SELECT s1.id, CONCAT_WS(',', s1.parent_ids, s1.id), 'object_list', 'Object List', '60', '', '', '', '1', '', '1', '2019-06-12 10:12:05', '1', '2019-06-12 10:12:05', '', '1', NULL, '0', '0', NULL FROM sys_menu s1, sys_menu s2 WHERE s2.CODE = 'configuration_manage' AND s2.del_flag = 1 AND s1.parent_id = s2.id AND s1.CODE = 'object_list_group'; +# IP、URL、Domain、SubscribeId +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`)SELECT s.id, CONCAT_WS(',', s.parent_ids, s.id), 'ip_group_configuration', 'IP公共组管理', '340', '/basics/ip/list', '', '', '1', 'ip:common:config', '1', '2019-05-27 14:06:23', '1', '2019-06-12 10:13:38', '', '1', NULL, '0', '0', '605' FROM sys_menu s WHERE s.CODE = 'object_list' AND s.del_flag = 1; +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`)SELECT s.id, CONCAT_WS(',', s.parent_ids, s.id), 'url_group_configuration', 'URL公共组管理', '350', '/basics/url/list', '', '', '1', 'url:common:config', '1', '2019-05-27 15:54:43', '1', '2019-06-12 10:12:56', '', '1', NULL, '0', '0', '606' FROM sys_menu s WHERE s.CODE = 'object_list' AND s.del_flag = 1; +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`)SELECT s.id, CONCAT_WS(',', s.parent_ids, s.id), 'domain_group_configuration', '域名公共组管理', '360', '/basics/domain/list', '', '', '1', 'domain:common:config', '1', '2019-06-06 15:18:43', '1', '2019-06-12 10:14:32', '', '1', NULL, '0', '0', '607' FROM sys_menu s WHERE s.CODE = 'object_list' AND s.del_flag = 1; +INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`)SELECT s.id, CONCAT_WS(',', s.parent_ids, s.id), 'scriberid_group_configuration', '账号公共组管理', '370', '/basics/scriberId/list', '', '', '1', 'scriberid:common:config', '1', '2019-06-06 15:20:51', '1', '2019-06-12 10:14:05', '', '1', NULL, '0', '0', '608' FROM sys_menu s WHERE s.CODE = 'object_list' AND s.del_flag = 1; + +#为admin用户分配角色 +insert into sys_privilege (PRIVILEGE_MASTER,PRIVILEGE_MASTER_VALUE,PRIVILEGE_ACCESS,PRIVILEGE_ACCESS_VALUE,PRIVILEGE_OPERATION ) select 'ROLE',r.id,1000,m.id,1 from sys_role r,sys_menu m where r.name='admin' and m.code in ('object_list_group','policy_group','object_list','ip_group_configuration','url_group_configuration','domain_group_configuration','scriberid_group_configuration'); \ No newline at end of file