package com.nis.web.service.configuration; import java.util.ArrayList; import java.util.Date; import java.util.List; import java.util.Map; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import com.nis.domain.FunctionRegionDict; import com.nis.domain.SysDataDictionaryItem; import com.nis.domain.callback.InlineIp; import com.nis.domain.configuration.AreaIpCfg; import com.nis.domain.configuration.BaseIpCfg; import com.nis.domain.configuration.IpPortCfg; import com.nis.domain.maat.MaatCfg; import com.nis.domain.maat.MaatCfg.DigestCfg; import com.nis.domain.maat.MaatCfg.GroupCfg; import com.nis.domain.maat.MaatCfg.IpCfg; import com.nis.domain.maat.MaatCfg.NumBoundaryCfg; import com.nis.domain.maat.MaatCfg.StringCfg; import com.nis.domain.maat.ToMaatBean; import com.nis.domain.maat.ToMaatResult; import com.nis.exceptions.MaatConvertException; import com.nis.util.ConfigServiceUtil; import com.nis.util.Constants; import com.nis.util.DictUtils; import com.nis.util.StringUtil; import com.nis.web.dao.configuration.AreaIpCfgDao; import com.nis.web.dao.configuration.IpCfgDao; import com.nis.web.service.CrudService; /** * IP相关配置事务类 * @author dell * */ @Service public class IpCfgService extends CrudService { @Autowired protected IpCfgDao ipCfgDao; @Autowired protected AreaIpCfgDao areaIpCfgDao; /** * * addIpCfg(新增IP类配置) * (继承BaseIpCfg这个类方可使用) * @param baseIpCfg * @return *int * @exception * @since 1.0.0 */ @Transactional(readOnly=false,rollbackFor=RuntimeException.class) public void addIpCfg(BaseIpCfg cfg){ //调用服务接口获取compileId Integer compileId = 0; try { List compileIds = ConfigServiceUtil.getId(1,1); if(!StringUtil.isEmpty(compileIds)){ compileId = compileIds.get(0); } } catch (Exception e) { e.printStackTrace(); logger.info("获取编译ID出错"); throw new MaatConvertException(":"+e.getMessage()); } if(compileId!=0){ cfg.setCompileId(compileId); setAreaEffectiveIds(cfg); if(cfg.getAreaCfg()!=null&&cfg.getAreaCfg().size()>0){ for(AreaIpCfg c:cfg.getAreaCfg()){ c.initDefaultValue(); BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction", "protocol","protocolId","areaEffectiveIds","cfgRegionCode", "cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"}); c.setTableName(AreaIpCfg.getTablename()); } this.saveIpBatch(cfg.getAreaCfg()); } ipCfgDao.insert(cfg); }else{ throw new MaatConvertException(""); } } /** * * updateIpCfg(更新IP类配置) * (继承BaseIpCfg这个类方可使用) * @param baseIpCfg * @return *int * @exception * @since 1.0.0 */ @Transactional(readOnly=false,rollbackFor=RuntimeException.class) public void updateIpCfg(BaseIpCfg cfg){ AreaIpCfg area=new AreaIpCfg(); area.setCompileId(cfg.getCompileId()); area.setFunctionId(cfg.getFunctionId()); areaIpCfgDao.deleteAreaIpCfg(area); //区域IPsetAreaEffectiveIds设置 setAreaEffectiveIds(cfg); Date date=new Date(); if(cfg.getAreaCfg()!=null&&cfg.getAreaCfg().size()>0){ for(AreaIpCfg c:cfg.getAreaCfg()){ c.initDefaultValue(); BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction", "protocol","protocolId","areaEffectiveIds","cfgRegionCode", "cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"}); c.setTableName(AreaIpCfg.getTablename()); c.setCreatorId(cfg.getCurrentUser().getId()); c.setCreateTime(date); } this.saveIpBatch(cfg.getAreaCfg()); } ipCfgDao.update(cfg); } public void audit(BaseIpCfg cfg) throws Exception{ //更新IP配置与区域IP的状态 List beans=new ArrayList<>(); beans.add(cfg); ipCfgDao.audit(cfg); List beans1=new ArrayList<>(); List areaIpCfgList=areaIpCfgDao.getByCompileId(cfg.getCompileId()); for(AreaIpCfg area:areaIpCfgList){ BeanUtils.copyProperties(cfg,area ,new String[]{"cfgRegionCode" ,"cfgType" ,"cfgId" ,"ipType" ,"ipPattern" ,"srcIpAddress" ,"portPattern" ,"srcPort" ,"destPort" ,"protocol" ,"direction" ,"protocolId" }); beans1.add(area); } this.auditIpBatch(beans1); List configCompileList = new ArrayList<>(); List groupRelationList = new ArrayList<>(); List ipRegionList = new ArrayList<>(); List strRegionList = new ArrayList<>(); List numRegionList = new ArrayList<>(); List digestRegionList = new ArrayList<>(); List areaIpRegionList = new ArrayList<>(); ToMaatBean maatBean = new ToMaatBean(); MaatCfg maatCfg = new MaatCfg(); maatCfg.initDefaultValue(); BeanUtils.copyProperties(cfg, maatCfg); String json=""; //获取region List dictList = DictUtils.getFunctionRegionDictList(cfg.getFunctionId()); int maatType=0; //判断下发类型是走maat还是callback List maatServiceList = DictUtils.getDictList("MAAT_SERVICE"); for(SysDataDictionaryItem maatService:maatServiceList){ if(Integer.parseInt(maatService.getItemCode())==cfg.getServiceId().intValue()){ for(FunctionRegionDict f:dictList){ if(maatService.getItemValue().equals(f.getConfigRegionValue())){ maatType=f.getIsMaat(); break; } } break; } } if(cfg.getIsAudit()==Constants.AUDIT_YES){ if(maatType==Constants.CALLBACK_TYPE){ List ipList=new ArrayList<>(); InlineIp ip=convertCallBackIp(cfg,null); ipList.add(ip); //调用服务接口下发配置数据 json=gsonToJson(ipList); logger.info("IP配置下发配置参数:"+json); //调用服务接口下发配置 try { ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json); if(result!=null){ logger.info("IP配置配置下发响应信息:"+result.getMsg()); } } catch (Exception e) { logger.error("IP配置配置下发失败",e); throw e; } }else if(maatType==Constants.MAAT_TYPE){ Map map = cfgConvert(ipRegionList,beans,1,cfg,groupRelationList); ipRegionList=map.get("dstList"); groupRelationList=map.get("groupList"); numRegionList=map.get("numRegionList")==null?new ArrayList<>():map.get("numRegionList"); Map areaMap = cfgConvert(areaIpRegionList,beans1,1,cfg,groupRelationList); groupRelationList=areaMap.get("groupList"); areaIpRegionList=areaMap.get("dstList"); maatCfg.setAreaEffectiveIds(StringUtils.isBlank(cfg.getAreaEffectiveIds())?"0":cfg.getAreaEffectiveIds()); maatCfg.setAction(cfg.getAction()); maatCfg.setAuditTime(cfg.getAuditTime()); maatCfg.setIpRegionList(ipRegionList); maatCfg.setStrRegionList(strRegionList); maatCfg.setNumRegionList(numRegionList); maatCfg.setAreaIpRegionList(areaIpRegionList); maatCfg.setDigestRegionList(digestRegionList); maatCfg.setGroupRelationList(groupRelationList); maatCfg.setGroupNum(groupRelationList.size()); maatCfg.setAreaIpRegionList(areaIpRegionList); if(Constants.SERVICE_IP_MULITIPLEX==cfg.getServiceId().intValue()){ String region=Constants.USERREGION_IR_STRATEGY+"="+cfg.getDnsStrategyId()+Constants.USER_REGION_SPLIT +Constants.USERREGION_IR_TYPE+"="+cfg.getIrType(); maatCfg.setUserRegion(region); }else if(Constants.SERVICE_IP_RATELIMIT==cfg.getServiceId().intValue()){ maatCfg.setUserRegion(Constants.USERREGION_RATE_LIMIT+"="+cfg.getRatelimit()); } if(!StringUtil.isEmpty(cfg.getUserRegion1())){ String userRegion = ""; if(cfg.getUserRegion1().startsWith(Constants.REDIRECT_RESPONSE_CODE_STARTWITH)){ userRegion = Constants.REDIRECT_RESPONSE_CODE_KEY+"="+cfg.getUserRegion1()+ Constants.USER_REGION_SPLIT+ Constants.REDIRECT_URL_KEY+"="+cfg.getUserRegion2(); }else{ userRegion = Constants.REDIRECT_RESPONSE_CODE_KEY+"="+cfg.getUserRegion1()+ Constants.USER_REGION_SPLIT+ Constants.REDIRECT_CONTENT_KEY+"="+cfg.getUserRegion2(); } maatCfg.setUserRegion(userRegion); } configCompileList.add(maatCfg); maatBean.setOpAction(Constants.INSERT_ACTION); maatBean.setConfigCompileList(configCompileList); maatBean.setAuditTime(cfg.getAuditTime()); maatBean.setCreatorName(cfg.getCurrentUser().getName()); maatBean.setVersion(Constants.MAAT_VERSION); //调用服务接口下发配置数据 json=gsonToJson(maatBean); logger.info("IP配置下发配置参数:"+json); //调用服务接口下发配置 try { ToMaatResult result = ConfigServiceUtil.postMaatCfg(json); if(result!=null){ logger.info("IP配置配置下发响应信息:"+result.getMsg()); } } catch (Exception e) { logger.error("IP配置配置下发失败",e); throw e; } } }else if(cfg.getIsAudit()==Constants.AUDIT_NOT_YES){ if(maatType==Constants.CALLBACK_TYPE){ List ipList=new ArrayList<>(); InlineIp ip=convertCallBackIp(cfg,null); ipList.add(ip); //调用服务接口取消配置 json=gsonToJson(ipList); logger.info("IP管控配置参数:"+json); //调用服务接口取消配置 try { ToMaatResult result = ConfigServiceUtil.put(json, 2); logger.info("IP配置取消配置响应信息:"+result.getMsg()); } catch (Exception e) { e.printStackTrace(); logger.info("IP配置取消配置失败"); throw e; } }else if(maatType==Constants.MAAT_TYPE){ maatCfg.setCompileId(cfg.getCompileId()); maatCfg.setServiceId(cfg.getServiceId()); maatCfg.setIsValid(0);//无效 configCompileList.add(maatCfg); maatBean.setConfigCompileList(configCompileList); maatBean.setAuditTime(cfg.getAuditTime()); maatBean.setCreatorName(cfg.getCurrentUser().getName()); maatBean.setVersion(Constants.MAAT_VERSION); maatBean.setOpAction(Constants.UPDATE_ACTION); //调用服务接口取消配置 json=gsonToJson(maatBean); logger.info("IP管控配置参数:"+json); //调用服务接口取消配置 try { ToMaatResult result = ConfigServiceUtil.put(json, 1); logger.info("IP管控取消配置响应信息:"+result.getMsg()); } catch (Exception e) { e.printStackTrace(); logger.info("IP管控取消配置失败"); throw e; } } } } public void auditWhiteIp(BaseIpCfg cfg) throws Exception{ List beans=new ArrayList<>(); beans.add(cfg); ipCfgDao.audit(cfg); List configCompileList = new ArrayList<>(); List groupRelationList = new ArrayList<>(); List ipRegionList = new ArrayList<>(); List strRegionList = new ArrayList<>(); List numRegionList = new ArrayList<>(); List digestRegionList = new ArrayList<>(); List areaIpRegionList = new ArrayList<>(); ToMaatBean maatBean = new ToMaatBean(); MaatCfg maatCfg = new MaatCfg(); maatCfg.initDefaultValue(); BeanUtils.copyProperties(cfg, maatCfg); if(cfg.getIsAudit()==Constants.AUDIT_YES){ maatBean.setOpAction(Constants.INSERT_ACTION); Map map = cfgConvert(ipRegionList,beans,1,cfg,groupRelationList); groupRelationList=map.get("groupList"); ipRegionList=map.get("dstList"); maatCfg.setAreaEffectiveIds("0"); maatCfg.setAction(cfg.getAction()); maatCfg.setAuditTime(cfg.getAuditTime()); maatCfg.setIpRegionList(ipRegionList); maatCfg.setStrRegionList(strRegionList); maatCfg.setNumRegionList(numRegionList); maatCfg.setDigestRegionList(digestRegionList); maatCfg.setGroupRelationList(groupRelationList); maatCfg.setGroupNum(groupRelationList.size()); maatCfg.setAreaIpRegionList(areaIpRegionList); configCompileList.add(maatCfg); maatBean.setConfigCompileList(configCompileList); maatBean.setAuditTime(cfg.getAuditTime()); maatBean.setCreatorName(cfg.getCurrentUser().getName()); maatBean.setVersion(Constants.MAAT_VERSION); //调用服务接口下发配置数据 String json=gsonToJson(maatBean); logger.info("IP白名单下发配置参数:"+json); //调用服务接口下发配置 try { ToMaatResult result = ConfigServiceUtil.postMaatCfg(json); if(result!=null){ logger.info("IP白名单配置下发响应信息:"+result.getMsg()); } } catch (Exception e) { logger.error("IP白名单配置下发失败",e); throw e; } }else if(cfg.getIsAudit()==Constants.AUDIT_NOT_YES){ maatCfg.setCompileId(cfg.getCompileId()); maatCfg.setServiceId(cfg.getServiceId()); maatCfg.setIsValid(Constants.VALID_NO);//无效 configCompileList.add(maatCfg); maatBean.setConfigCompileList(configCompileList); maatBean.setAuditTime(cfg.getAuditTime()); maatBean.setCreatorName(cfg.getCurrentUser().getName()); maatBean.setVersion(Constants.MAAT_VERSION); maatBean.setOpAction(Constants.UPDATE_ACTION); //调用服务接口取消配置 String json=gsonToJson(maatBean); logger.info("IP白名单配置参数:"+json); //调用服务接口取消配置 try { ToMaatResult result = ConfigServiceUtil.put(json, 1); logger.info("IP白名单取消配置响应信息:"+result.getMsg()); } catch (Exception e) { e.printStackTrace(); logger.info("IP白名单取消配置失败"); throw e; } } } @Transactional(readOnly=false,rollbackFor=RuntimeException.class) public void deleteIp(String ids,String compileIds,int functionId){ if(StringUtils.isNotBlank(compileIds)){ for(String compileId:compileIds.split(",")){//强转数字,防止注入 Integer.parseInt(compileId); } ipCfgDao.deleteByCompileIds(new BaseIpCfg().getCurrentUser().getId(),AreaIpCfg.getTablename(),compileIds); } List ipCfgs=new ArrayList(); Date date =new Date(); if(StringUtils.isNotBlank(ids)){ for(String idStr:ids.split(",")){ if(StringUtils.isNotBlank(idStr)){ BaseIpCfg cfg=new BaseIpCfg(); cfg.setCfgId(Long.parseLong(idStr)); cfg.setTableName(IpPortCfg.getTablename()); cfg.setEditorId(cfg.getCurrentUser().getId()); cfg.setEditTime(date); cfg.setIsValid(Constants.VALID_DEL); ipCfgs.add(cfg); } } } this.deleteBatch(ipCfgs, IpCfgDao.class); } /** * * deleteIpCfg(删除IP类配置) * (继承BaseIpCfg这个类方可使用) * @param baseIpCfg * @return *int * @exception * @since 1.0.0 */ @Transactional(readOnly=false,rollbackFor=RuntimeException.class) public void deleteIpCfg(List baseIpCfg, List areaCfg){ List cfgs=new ArrayList<>(); if(areaCfg!=null&&areaCfg.size()>0){ cfgs.addAll(areaCfg); this.deleteBatch(cfgs,IpCfgDao.class); } if(baseIpCfg!=null&&baseIpCfg.size()>0){ this.deleteBatch(baseIpCfg, IpCfgDao.class); } } /** * * getIpCfg(根据IP与类名获取IP配置) * (继承BaseIpCfg这个类方可使用) * @param clazz * @param id * @return *BaseIpCfg * @exception * @since 1.0.0 */ public BaseIpCfg getIpCfgById(BaseIpCfg baseIpCfg){ return ipCfgDao.getById(baseIpCfg.getTableName(), baseIpCfg.getCfgId()); } public BaseIpCfg getIpCfgById(String tableName,long id){ return ipCfgDao.getById(tableName, id); } public Integer getIsValid(BaseIpCfg baseIpCfg){ return ipCfgDao.getIsValid(baseIpCfg); } public Integer getIsValid(String tableName, long id){ return ipCfgDao.getIsValid(tableName,id); } public Integer getIsAudit(BaseIpCfg baseIpCfg){ return ipCfgDao.getIsAudit(baseIpCfg); } public Integer getIsAudit(String tableName, long id){ return ipCfgDao.getIsAudit(tableName,id); } public List getAreaCfgByCompileId(/*int functionId,*/int compileId){ return areaIpCfgDao.getByCompileId(compileId); } public List getListByComileId(String tableName,int functionId,String ids){ return ipCfgDao.getListByComileId(tableName,functionId,ids); } public List getListByCfgId(String tableName,int functionId,String ids){ return ipCfgDao.getListByCfgId(tableName,functionId,ids); } public Integer getCompileId(){ //调用服务接口获取compileId Integer compileId = 0; try { List compileIds = ConfigServiceUtil.getId(1,1); if(!StringUtil.isEmpty(compileIds)){ compileId = compileIds.get(0); } } catch (Exception e) { e.printStackTrace(); logger.info("获取编译ID出错"); throw new MaatConvertException(":"+e.getMessage()); } return compileId; } /** * getListByCfgIdWithName(这里用一句话描述这个方法的作用) * (这里描述这个方法适用条件 – 可选) * @param tablename * @param functionId * @param ids * @return *List * @exception * @since 1.0.0 */ public List getListByCfgIdWithName(String tablename, Integer functionId, String ids) { // TODO Auto-generated method stub return ipCfgDao.getListByCfgIdWithName(tablename,functionId,ids); } }