gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
9d6e3a3d4a291b3dc9709e3ad327d32b6a26a515
k18-ntcs-web-ntc/src/main/java/com/nis/util/SchedulerTaskUtil.java
zhangwei 9d6e3a3d4a 增加定时器功能 
Conflicts:
	src/main/webapp/WEB-INF/views/cfg/ipaddr/ipList.jsp
2019-01-26 20:18:01 +06:00

958 lines
44 KiB
Java
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package com.nis.util;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Map;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import com.google.common.collect.Lists;
import com.nis.domain.basics.AsnIpCfg;
import com.nis.domain.callback.InlineIp;
import com.nis.domain.configuration.AppPolicyCfg;
import com.nis.domain.configuration.AvFileSampleCfg;
import com.nis.domain.configuration.AvSignSampleCfg;
import com.nis.domain.configuration.BaseCfg;
import com.nis.domain.configuration.BaseStringCfg;
import com.nis.domain.configuration.CfgIndexInfo;
import com.nis.domain.configuration.ComplexkeywordCfg;
import com.nis.domain.configuration.DdosIpCfg;
import com.nis.domain.configuration.DnsIpCfg;
import com.nis.domain.configuration.DnsResStrategy;
import com.nis.domain.configuration.FileDigestCfg;
import com.nis.domain.configuration.IpPortCfg;
import com.nis.domain.configuration.PxyObjKeyring;
import com.nis.domain.configuration.PxyObjSpoofingIpPool;
import com.nis.domain.configuration.PxyObjTrustedCaCert;
import com.nis.domain.configuration.PxyObjTrustedCaCrl;
import com.nis.domain.maat.MaatCfg;
import com.nis.domain.maat.ToMaatBean;
import com.nis.domain.maat.ToMaatResult;
import com.nis.domain.maat.ToUpdateMaatBeanStatus;
import com.nis.domain.maat.MaatCfg.DigestCfg;
import com.nis.domain.maat.MaatCfg.GroupCfg;
import com.nis.domain.maat.MaatCfg.IpCfg;
import com.nis.domain.maat.MaatCfg.NumBoundaryCfg;
import com.nis.domain.maat.MaatCfg.StringCfg;
import com.nis.domain.maat.ToUpdateMaatBeanStatus.UpdateMaatCfgStatus;
import com.nis.web.dao.configuration.ConfigSynchronizationDao;
import com.nis.web.security.UserUtils;
import com.nis.web.service.BaseService;
import com.nis.web.service.SpringContextHolder;
import com.nis.web.service.configuration.ConfigSynchronizationService;
/**
* 配置任务调度通用类
* 定时任务调用,处理界面配置状态修改,以及下发综合服务处理
* @author ThinkPad
*
*/
public class SchedulerTaskUtil {
//调度任务的配置信息复用配置同步DAO
private Logger logger = LoggerFactory.getLogger(getClass());
/**
* 根据业务与编译ID查询配置修改失效或生效状态并下发至综合服务
* @param serviceId 不可空
* @param compileId 不可空
* @param isValid 配置生效状态0停用1启用
* @param isIssueContent 是否下发内容0不下发1下发
* @return boolean
* @throws SecurityException
* @throws NoSuchFieldException
* @throws IllegalAccessException
* @throws IllegalArgumentException
*/
public boolean updateConfigByServiceAndCompile(Integer serviceId,Integer compileId,Integer isValid,Integer isIssueContent,ConfigSynchronizationDao configSynchronizationDao) throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException{
// SecurityManagerInit();
// Subject subject = login("admin","zdjzsoft");
// System.out.println(subject.getPrincipal());
// System.out.println(subject.hasRole("role1"));
// System.out.println(subject.hasRole("Superman"));
//根据业务查询配置文件,获取该业务的配置域表信息
ServiceConfigTemplateUtil serviceTemplate = new ServiceConfigTemplateUtil();
List<Map<String,Object>> serviceList = serviceTemplate.getServiceListByServiceId(serviceId);
//根据编译ID查询配置表中的配置信息
for(Map<String,Object> service:serviceList){
String tableName = service.get("tableName").toString();
String serviceType = service.get("serviceType").toString();
String className = service.get("className").toString();
BaseCfg entity = new BaseCfg();
entity.setServiceId(serviceId);
entity.setTableName(tableName);
List callBackCfgList = Lists.newArrayList();
if("1".equals(serviceType)){//maat类配置
Date updateTime = new Date();
ToMaatBean maatBean;
MaatCfg maatCfg;
maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
List<MaatCfg> configCompileList;
if(isIssueContent.equals(1)){
//修改配置内容以及状态
// ToMaatBean maatBean;
// MaatCfg maatCfg;
// List<MaatCfg> configCompileList;
List<GroupCfg> groupRelationList;
List<IpCfg> ipRegionList;
List<StringCfg> strRegionList;
List<NumBoundaryCfg> numRegionList;
List<DigestCfg> digestRegionList;
List<IpCfg> areaIpRegionList;
List<IpPortCfg> ipList = new ArrayList();
List<AsnIpCfg> asnIpList = new ArrayList();
List<BaseStringCfg> strList = new ArrayList();
List<ComplexkeywordCfg> complexStrList = new ArrayList();
List<com.nis.domain.configuration.NumBoundaryCfg> numList = new ArrayList();
List<FileDigestCfg> fileList = new ArrayList();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
List<Integer> compileIds = new ArrayList();
List<String> asnGroupIds = new ArrayList();
//获取业务下的配置域
List<Map<String,Object>> cfgList = (List<Map<String, Object>>) service.get("cfgList");
//获取业务下的自定义域
List<Map<String,Object>> userRegionList = (List<Map<String, Object>>) service.get("userRegionList");
entity.setCompileId(compileId);
compileIds.add(compileId);
//查询配置
if("cfg_index_info".equals(tableName)){
List<CfgIndexInfo> list = configSynchronizationDao.getCfgIndexList(entity);
if(isIssueContent.equals(1)){
//查询子域配置详情
if(cfgList!=null){
for(Map<String,Object> m:cfgList){
String regionTable = m.get("tableName").toString();
if("1".equals(m.get("cfgType"))){
ipList.addAll(configSynchronizationDao.getIpPortList(regionTable, compileIds));
}else if("2".equals(m.get("cfgType"))){
strList.addAll(configSynchronizationDao.getStrList(regionTable,compileIds));
}else if("3".equals(m.get("cfgType"))){
complexStrList.addAll(configSynchronizationDao.getComplexStrList(regionTable,compileIds));
}else if("4".equals(m.get("cfgType"))){
}else if("5".equals(m.get("cfgType"))){
fileList.addAll(configSynchronizationDao.getFileDigestList(regionTable, compileIds));
}
}
}
//批量获取regionId,groupId(相同编译下的IP类配置多条ip只获取一个组号分组复用的域配置不需要重新获取regionId,groupId
List<Integer> regionIds = ConfigServiceUtil.getId(3, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
List<Integer> groupIds = ConfigServiceUtil.getId(2, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
entity.setIsValid(isValid);//将最新的配置状态赋给配置对象
entity.setAuditTime(updateTime);
for(CfgIndexInfo cfg:list){
groupRelationList = new ArrayList();
ipRegionList = new ArrayList();
strRegionList = new ArrayList();
numRegionList = new ArrayList();
digestRegionList = new ArrayList();
areaIpRegionList = new ArrayList();
List list1 = new ArrayList();
List<BaseStringCfg> list2 = new ArrayList();
List<ComplexkeywordCfg> list3 = new ArrayList();
List<com.nis.domain.configuration.NumBoundaryCfg> list4 = new ArrayList();
List<FileDigestCfg> list5 = new ArrayList();
String userRegion = "";
//处理自定义域
if(userRegionList!=null){
for(Map<String,Object> n:userRegionList){
Object userRegionPosition = n.get("userRegionPosition");
if(userRegionPosition!=null && (userRegionPosition.toString().equals("1")||userRegionPosition.toString().equals("0"))){
//通过反射机制获取自定义域字段值
String regionColumn = n.get("regionColumn").toString();
Class aClass = null;
if(userRegionPosition.toString().equals(("0"))){
aClass = BaseCfg.class;
}else{
aClass = CfgIndexInfo.class;
}
Object value = "";
if(entity.getServiceId().equals(517)||entity.getServiceId().equals(560)){//代理替换策略
String[] regionArray = regionColumn.split(",");
for(int r=0;r<regionArray.length;r++){
Field field = aClass.getDeclaredField(regionArray[r]);
field.setAccessible(true);
if(n.get("regionKey").equals("substitute")){
value += "/"+BaseService.replaceContentEscape(field.get(cfg)==null?"":field.get(cfg).toString());//自定义域以/分割时的处理
}else{
value += BaseService.replaceContentEscape(field.get(cfg)==null?"":field.get(cfg).toString());
}
}
userRegion += n.get("regionKey")+"="+value+Constants.USER_REGION_SPLIT;
}else{
Field field = aClass.getDeclaredField(regionColumn);
field.setAccessible(true);
value = field.get(cfg);
if(!StringUtil.isEmpty(value)){
if(StringUtil.isEmpty(n.get("regionKey"))){
userRegion = value.toString();
}else{
userRegion += n.get("regionKey")+"="+value+Constants.USER_REGION_SPLIT;
}
}
}
}
}
if(userRegion.endsWith(Constants.USER_REGION_SPLIT)){
userRegion = userRegion.substring(0, userRegion.length()-1);
}
}
for(AsnIpCfg ip:asnIpList){//asn不需要再次获取regionId,groupId
if(ip.getAsnIpGroup().toString().equals(cfg.getUserRegion4())){//根据组号对应
ip.setIsValid(entity.getIsValid());
ip.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
list1.add(ip);
}
}
//ip spoofing
if(cfg.getServiceId().equals(518)){
//IP仿冒策略
//仿冒IP池配置匹配下发或者取消
PxyObjSpoofingIpPool pool=new PxyObjSpoofingIpPool();
pool.setCfgId(Long.valueOf(cfg.getUserRegion3()));
// pxyObjSpoofingIpPoolDao.update(pool);
pool = configSynchronizationDao.getPxyObjSpoofingIpPool(pool.getCfgId());
pool.setIsValid(entity.getIsValid());
pool.setIsAudit(entity.getIsAudit());
pool.setAuditorId(entity.getAuditorId());
pool.setAuditTime(entity.getAuditTime());
List<PxyObjSpoofingIpPool> poolList = new ArrayList<PxyObjSpoofingIpPool>();
String json="";
String areaEffectiveIds="0";
if(isValid==1){
pool.setAreaEffectiveIds(areaEffectiveIds);
pool.setGroupId(pool.getCfgId().intValue());//界面端的配置ID作为策略分组ID
poolList.add(pool);
//调用服务接口下发配置数据
json=BaseService.gsonToJson(poolList);
logger.info("欺骗IP池配置下发配置参数"+json);
//调用服务接口下发配置
try {
ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
if(result!=null){
logger.info("欺骗IP池配置下发响应信息"+result.getMsg());
}
} catch (Exception e) {
logger.error("欺骗IP池配置配置下发失败",e);
throw e;
}
}
}
if(list1.size()>0){
GroupCfg groupCfg=new GroupCfg();
groupCfg.setCompileId(cfg.getCompileId());
groupCfg.setGroupId(Integer.parseInt(cfg.getUserRegion4()));
groupCfg.setIsValid(entity.getIsValid());
groupCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
groupRelationList.add(groupCfg);
ipRegionList.addAll(ConfigConvertUtil.groupReuseCfgAddRemoveConvert(list1,Constants.VALID_YES,null));
}else if(!StringUtil.isEmpty(asnGroupIds)) {
GroupCfg groupCfg=new GroupCfg();
groupCfg.setCompileId(cfg.getCompileId());
groupCfg.setGroupId(Integer.parseInt(cfg.getUserRegion4()));
groupCfg.setIsValid(entity.getIsValid());
groupCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
groupRelationList.add(groupCfg);
ipRegionList.addAll(ipRegionList);
}
//配置域转换
userRegion = ConfigConvertUtil.configCovert(ipList,strList,complexStrList,
numList,fileList,regionIds,groupIds,entity,cfg.getCompileId(),
StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime(),
groupRelationList,ipRegionList,strRegionList,numRegionList,digestRegionList,areaIpRegionList,userRegion);
BeanUtils.copyProperties(cfg, maatCfg);
maatCfg.setAction(cfg.getAction());
maatCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
maatCfg.setIpRegionList(ipRegionList);
maatCfg.setStrRegionList(strRegionList);
maatCfg.setNumRegionList(numRegionList);
maatCfg.setDigestRegionList(digestRegionList);
maatCfg.setGroupRelationList(groupRelationList);
maatCfg.setGroupNum(groupRelationList.size());
maatCfg.setAreaIpRegionList(areaIpRegionList);
maatCfg.setIsValid(entity.getIsValid());
if(!StringUtil.isEmpty(userRegion)){
maatCfg.setUserRegion(userRegion);
}
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(new Date());
maatBean.setCreatorName("TaskScheduler");
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
String json=BaseService.gsonToJson(maatBean);
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容"+json);
//调用服务接口修改配置内容与状态
ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
if(result!=null){
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}
}else{
/*maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
for(CfgIndexInfo cfg:list){
if(StringUtils.isNotEmpty(cfg.getCommonGroupIds())){
maatCfg.setKeepGroupList(Arrays.asList(cfg.getCommonGroupIds().split(",")));
}
maatCfg.setCompileId(compileId);
maatCfg.setServiceId(serviceId);
maatCfg.setIsValid(isValid);//配置状态
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.UPDATE_ACTION);
//调用服务接口取消配置
String json=BaseService.gsonToJson(maatBean);
logger.info("定时器修改配置状态:"+json);
//调用服务接口下发配置
ToMaatResult result = ConfigServiceUtil.put(json,1);
logger.info("定时器修改配置状态响应时间:"+result.getMsg());
if(result!=null){
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}*/
}
}else if("ddos_ip_cfg".equals(tableName)){
List<DdosIpCfg> list = configSynchronizationDao.getDdosIpCfgList(entity);
if(isIssueContent.equals(1)){
//查询子域配置详情
if(cfgList!=null){
for(Map<String,Object> m:cfgList){
String regionTable = m.get("tableName").toString();
if("1".equals(m.get("cfgType"))){
ipList.addAll(configSynchronizationDao.getIpPortList(regionTable, compileIds));
}else if("2".equals(m.get("cfgType"))){
strList.addAll(configSynchronizationDao.getStrList(regionTable,compileIds));
}else if("3".equals(m.get("cfgType"))){
complexStrList.addAll(configSynchronizationDao.getComplexStrList(regionTable,compileIds));
}else if("4".equals(m.get("cfgType"))){
}else if("5".equals(m.get("cfgType"))){
fileList.addAll(configSynchronizationDao.getFileDigestList(regionTable, compileIds));
}
}
}
//批量获取regionId,groupId(相同编译下的IP类配置多条ip只获取一个组号分组复用的域配置不需要重新获取regionId,groupId
List<Integer> regionIds = ConfigServiceUtil.getId(3, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
List<Integer> groupIds = ConfigServiceUtil.getId(2, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
entity.setIsValid(isValid);//将最新的配置状态赋给配置对象
entity.setAuditTime(updateTime);
for(int i=0;i<list.size();i++){
DdosIpCfg cfg=list.get(i);
cfg.setRegionId(regionIds.get(i));
cfg.setGroupId(groupIds.get(i));
cfg.setIsValid(entity.getIsValid());
cfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
groupRelationList = new ArrayList();
ipRegionList = new ArrayList();
strRegionList = new ArrayList();
numRegionList = new ArrayList();
digestRegionList = new ArrayList();
areaIpRegionList = new ArrayList();
List<DdosIpCfg> list1 = new ArrayList();
String userRegion = "";
//处理自定义域
if(userRegionList!=null){
for(Map<String,Object> n:userRegionList){
Object userRegionPosition = n.get("userRegionPosition");
if(userRegionPosition!=null && (userRegionPosition.toString().equals("1")||userRegionPosition.toString().equals("0"))){
//通过反射机制获取自定义域字段值
String regionColumn = n.get("regionColumn").toString();
Class aClass = null;
if(userRegionPosition.toString().equals(("0"))){
aClass = BaseCfg.class;
}else{
aClass = DdosIpCfg.class;
}
Object value = "";
Field field = aClass.getDeclaredField(regionColumn);
field.setAccessible(true);
value = field.get(cfg);
if(!StringUtil.isEmpty(value)){
if(StringUtil.isEmpty(n.get("regionKey"))){
userRegion = value.toString();
}else{
userRegion += n.get("regionKey")+"="+value+Constants.USER_REGION_SPLIT;
}
}
}
}
if(userRegion.endsWith(Constants.USER_REGION_SPLIT)){
userRegion = userRegion.substring(0, userRegion.length()-1);
}
}
list1.add(cfg);
if(list1.size()>0){
Map<String,List> map = ConfigConvertUtil.cfgToMaatConvert(ipRegionList,list1,1,groupRelationList);
groupRelationList=map.get("groupList");
ipRegionList=map.get("dstList");
if(map.get("numRegionList")!=null){
numRegionList.addAll(map.get("numRegionList"));
}
}
BeanUtils.copyProperties(cfg, maatCfg);
maatCfg.setAction(cfg.getAction());
maatCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
maatCfg.setIpRegionList(ipRegionList);
maatCfg.setStrRegionList(strRegionList);
maatCfg.setNumRegionList(numRegionList);
maatCfg.setDigestRegionList(digestRegionList);
maatCfg.setGroupRelationList(groupRelationList);
maatCfg.setGroupNum(groupRelationList.size());
maatCfg.setAreaIpRegionList(areaIpRegionList);
maatCfg.setIsValid(entity.getIsValid());
if(!StringUtil.isEmpty(userRegion)){
maatCfg.setUserRegion(userRegion);
}
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(new Date());
maatBean.setCreatorName("TaskScheduler");
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
String json=BaseService.gsonToJson(maatBean);
logger.info("定时任务修改DDOS配置内容"+json);
//调用服务接口修改配置内容与状态
ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
if(result!=null){
logger.info("定时任务修改DDOS配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}
}else{
/*maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
for(CfgIndexInfo cfg:list){
if(StringUtils.isNotEmpty(cfg.getCommonGroupIds())){
maatCfg.setKeepGroupList(Arrays.asList(cfg.getCommonGroupIds().split(",")));
}
maatCfg.setCompileId(compileId);
maatCfg.setServiceId(serviceId);
maatCfg.setIsValid(isValid);//配置状态
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.UPDATE_ACTION);
//调用服务接口取消配置
String json=BaseService.gsonToJson(maatBean);
logger.info("定时器修改配置状态:"+json);
//调用服务接口下发配置
ToMaatResult result = ConfigServiceUtil.put(json,1);
logger.info("定时器修改配置状态响应时间:"+result.getMsg());
if(result!=null){
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}*/
}
}else if("file_digest_cfg".equals(tableName)){
List<FileDigestCfg> list = configSynchronizationDao.getFileDigestListByService(entity);
if(isIssueContent.equals(1)){
if(cfgList!=null){
for(Map<String,Object> m:cfgList){
String regionTable = m.get("tableName").toString();
if("1".equals(m.get("cfgType"))){
ipList.addAll(configSynchronizationDao.getIpPortList(regionTable, compileIds));
}else if("2".equals(m.get("cfgType"))){
strList.addAll(configSynchronizationDao.getStrList(regionTable,compileIds));
}else if("3".equals(m.get("cfgType"))){
complexStrList.addAll(configSynchronizationDao.getComplexStrList(regionTable,compileIds));
}else if("4".equals(m.get("cfgType"))){
}else if("5".equals(m.get("cfgType"))){
fileList.addAll(configSynchronizationDao.getFileDigestList(regionTable, compileIds));
}
}
}
//批量获取regionId,groupId(相同编译下的IP类配置多条ip只获取一个组号分组复用的域配置不需要重新获取regionId,groupId
List<Integer> regionIds = ConfigServiceUtil.getId(3, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
List<Integer> groupIds = ConfigServiceUtil.getId(2, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
entity.setIsValid(isValid);//将最新的配置状态赋给配置对象
entity.setAuditTime(updateTime);
for(FileDigestCfg cfg:list){
maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
groupRelationList = new ArrayList();
ipRegionList = new ArrayList();
strRegionList = new ArrayList();
numRegionList = new ArrayList();
digestRegionList = new ArrayList();
areaIpRegionList = new ArrayList();
List list1 = new ArrayList();
List<BaseStringCfg> list2 = new ArrayList();
List<ComplexkeywordCfg> list3 = new ArrayList();
List<com.nis.domain.configuration.NumBoundaryCfg> list4 = new ArrayList();
List<FileDigestCfg> list5 = new ArrayList();
String userRegion = "";
//处理自定义域
if(userRegionList!=null){
for(Map<String,Object> n:userRegionList){
Object userRegionPosition = n.get("userRegionPosition");
if(userRegionPosition!=null && (userRegionPosition.toString().equals("1")||userRegionPosition.toString().equals("0"))){
//通过反射机制获取自定义域字段值
String regionColumn = n.get("regionColumn").toString();
Class aClass = null;
if(userRegionPosition.toString().equals(("0"))){
aClass = BaseCfg.class;
}else{
aClass = FileDigestCfg.class;
}
Object value = "";
Field field = aClass.getDeclaredField(regionColumn);
field.setAccessible(true);
value = field.get(cfg);
if(!StringUtil.isEmpty(value)){
if(StringUtil.isEmpty(n.get("regionKey"))){
userRegion = value.toString();
}else{
userRegion += n.get("regionKey")+"="+value+Constants.USER_REGION_SPLIT;
}
}
}
// System.out.println("userRegionList:"+n.get("regionKey")+","+n.get("regionColumn")+","+n.get("handleType"));
}
if(userRegion.endsWith(Constants.USER_REGION_SPLIT)){
userRegion = userRegion.substring(0, userRegion.length()-1);
}
}
//配置域转换
ConfigConvertUtil.configCovert(ipList,strList,complexStrList,
numList,fileList,regionIds,groupIds,entity,cfg.getCompileId(),
StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime(),
groupRelationList,ipRegionList,strRegionList,numRegionList,digestRegionList,areaIpRegionList,userRegion);
BeanUtils.copyProperties(cfg, maatCfg);
maatCfg.setAction(cfg.getAction());
maatCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
maatCfg.setIpRegionList(ipRegionList);
maatCfg.setStrRegionList(strRegionList);
maatCfg.setNumRegionList(numRegionList);
maatCfg.setDigestRegionList(digestRegionList);
maatCfg.setGroupRelationList(groupRelationList);
maatCfg.setGroupNum(groupRelationList.size());
maatCfg.setAreaIpRegionList(areaIpRegionList);
maatCfg.setIsValid(entity.getIsValid());
if(!StringUtil.isEmpty(userRegion)){
maatCfg.setUserRegion(userRegion);
}
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(new Date());
maatBean.setCreatorName("TaskScheduler");
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
String json=BaseService.gsonToJson(maatBean);
logger.info("定时任务下发文件摘要配置内容:"+json);
//调用服务接口更新配置
ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
if(result!=null){
logger.info("定时任务修改文件摘要类配置内容响应信息:"+result.getMsg());
return true;
}else{
return false;
}
}else{
/*maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
for(FileDigestCfg cfg:list){
if(StringUtils.isNotEmpty(cfg.getCommonGroupIds())){
maatCfg.setKeepGroupList(Arrays.asList(cfg.getCommonGroupIds().split(",")));
}
maatCfg.setCompileId(compileId);
maatCfg.setServiceId(serviceId);
maatCfg.setIsValid(isValid);//配置状态
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.UPDATE_ACTION);
//调用服务接口取消配置
String json=BaseService.gsonToJson(maatBean);
logger.info("定时器修改配置状态:"+json);
//调用服务接口下发配置
ToMaatResult result = ConfigServiceUtil.put(json,1);
logger.info("定时器修改配置状态响应时间:"+result.getMsg());
if(result!=null){
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}*/
}
}else if("app_policy_cfg".equals(tableName)){
List<AppPolicyCfg> list = configSynchronizationDao.getAppPolicyList(entity);
if(isIssueContent.equals(1)){
if(cfgList!=null){
for(Map<String,Object> m:cfgList){
String regionTable = m.get("tableName").toString();
if("1".equals(m.get("cfgType"))){
ipList.addAll(configSynchronizationDao.getIpPortList(regionTable, compileIds));
}else if("2".equals(m.get("cfgType"))){
strList.addAll(configSynchronizationDao.getStrList(regionTable,compileIds));
}else if("3".equals(m.get("cfgType"))){
complexStrList.addAll(configSynchronizationDao.getComplexStrList(regionTable,compileIds));
}else if("4".equals(m.get("cfgType"))){
}else if("5".equals(m.get("cfgType"))){
fileList.addAll(configSynchronizationDao.getFileDigestList(regionTable, compileIds));
}
}
}
//批量获取regionId,groupId(相同编译下的IP类配置多条ip只获取一个组号compileIds.size()表示app策略本身有一个字符串域
List<Integer> regionIds = ConfigServiceUtil.getId(3, ipList.size()+strList.size()+compileIds.size()+complexStrList.size()+numList.size()+fileList.size());
List<Integer> groupIds = ConfigServiceUtil.getId(2, ipList.size()+strList.size()+compileIds.size()+complexStrList.size()+numList.size()+fileList.size());
entity.setIsValid(isValid);//将最新的配置状态赋给配置对象
entity.setAuditTime(updateTime);
for(AppPolicyCfg cfg:list){
maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
groupRelationList = new ArrayList();
ipRegionList = new ArrayList();
strRegionList = new ArrayList();
numRegionList = new ArrayList();
digestRegionList = new ArrayList();
areaIpRegionList = new ArrayList();
List list1 = new ArrayList();
List<BaseStringCfg> list2 = new ArrayList();
List<ComplexkeywordCfg> list3 = new ArrayList();
List<com.nis.domain.configuration.NumBoundaryCfg> list4 = new ArrayList();
List<FileDigestCfg> list5 = new ArrayList();
String userRegion = "";
//处理自定义域
if(userRegionList!=null){
for(Map<String,Object> n:userRegionList){
Object userRegionPosition = n.get("userRegionPosition");
if(userRegionPosition!=null && (userRegionPosition.toString().equals("1")||userRegionPosition.toString().equals("0"))){
//通过反射机制获取自定义域字段值
String regionColumn = n.get("regionColumn").toString();
Class aClass = null;
if(userRegionPosition.toString().equals(("0"))){
aClass = BaseCfg.class;
}else{
aClass = AppPolicyCfg.class;
}
Object value = "";
Field field = aClass.getDeclaredField(regionColumn);
field.setAccessible(true);
value = field.get(cfg);
if(!StringUtil.isEmpty(value)){
if(StringUtil.isEmpty(n.get("regionKey"))){
userRegion = value.toString();
}else{
userRegion += n.get("regionKey")+"="+value+Constants.USER_REGION_SPLIT;
}
}
}
}
if(userRegion.endsWith(Constants.USER_REGION_SPLIT)){
userRegion = userRegion.substring(0, userRegion.length()-1);
}
}
//将app码与行为码设置为字符串域
StringBuffer cfgKeywords = new StringBuffer();
BaseStringCfg strCfg = new BaseStringCfg();
if(cfg.getServiceId().equals(35)||cfg.getServiceId().equals(147)||cfg.getServiceId().equals(1059)){//基础协议
cfgKeywords.append(Constants.PROTO_ID_REGION + "=" + cfg.getAppCode());
}else if(cfg.getServiceId().equals(33)||cfg.getServiceId().equals(145)||cfg.getServiceId().equals(1056)){
cfgKeywords.append(Constants.APP_ID_REGION + "=" + cfg.getAppCode());
if(cfg.getBehavCode()!=null){
cfgKeywords.append(Constants.KEYWORD_EXPR);
cfgKeywords.append(Constants.BEHAV_ID_REGION + "=" + cfg.getBehavCode());
}
}else if(cfg.getServiceId().equals(36)||cfg.getServiceId().equals(148)||cfg.getServiceId().equals(1060)){//隧道加密协议
cfgKeywords.append(Constants.PROTO_ID_REGION + "=" + cfg.getAppCode());
if(cfg.getBehavCode()!=null){
cfgKeywords.append(Constants.KEYWORD_EXPR);
cfgKeywords.append(Constants.BEHAV_ID_REGION + "=" + cfg.getBehavCode());
}
}
cfg.setCfgKeywords(cfgKeywords.toString());
BeanUtils.copyProperties(cfg, strCfg,new String[]{"menuNameCode"});
strList.add(strCfg);
//配置域转换
ConfigConvertUtil.configCovert(ipList,strList,complexStrList,
numList,fileList,regionIds,groupIds,entity,cfg.getCompileId(),
StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime(),
groupRelationList,ipRegionList,strRegionList,numRegionList,digestRegionList,areaIpRegionList,userRegion);
BeanUtils.copyProperties(cfg, maatCfg);
maatCfg.setAction(cfg.getAction());
maatCfg.setAuditTime(StringUtil.isEmpty(entity.getAuditTime()) ? cfg.getAuditTime():entity.getAuditTime());
maatCfg.setIpRegionList(ipRegionList);
maatCfg.setStrRegionList(strRegionList);
maatCfg.setNumRegionList(numRegionList);
maatCfg.setDigestRegionList(digestRegionList);
maatCfg.setGroupRelationList(groupRelationList);
maatCfg.setGroupNum(groupRelationList.size());
maatCfg.setAreaIpRegionList(areaIpRegionList);
maatCfg.setIsValid(entity.getIsValid());
if(!StringUtil.isEmpty(userRegion)){
maatCfg.setUserRegion(userRegion);
}
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(new Date());
maatBean.setCreatorName("TaskScheduler");
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.INSERT_ACTION);
String json=BaseService.gsonToJson(maatBean);
logger.info("定时任务下发APP POLICY MAAT配置内容"+json);
//调用服务接口下发配置数据
ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
if(result!=null){
logger.info("定时任务更新APP POLICY配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}
}else{
/*maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
for(AppPolicyCfg cfg:list){
if(StringUtils.isNotEmpty(cfg.getCommonGroupIds())){
maatCfg.setKeepGroupList(Arrays.asList(cfg.getCommonGroupIds().split(",")));
}
maatCfg.setCompileId(compileId);
maatCfg.setServiceId(serviceId);
maatCfg.setIsValid(isValid);//配置状态
configCompileList.add(maatCfg);
}
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.UPDATE_ACTION);
//调用服务接口取消配置
String json=BaseService.gsonToJson(maatBean);
logger.info("定时器修改配置状态:"+json);
//调用服务接口下发配置
ToMaatResult result = ConfigServiceUtil.put(json,1);
logger.info("定时器修改配置状态响应时间:"+result.getMsg());
if(result!=null){
logger.info("定时任务修改NTC/PROXY策略的MAAT配置内容响应信息"+result.getMsg());
return true;
}else{
return false;
}*/
}
}
}else{//只修改配置状态
//下发并修改配置状态的参数类
ToUpdateMaatBeanStatus maatStatusBean = new ToUpdateMaatBeanStatus();
UpdateMaatCfgStatus updateCfg = new UpdateMaatCfgStatus();
List<UpdateMaatCfgStatus> configCompileStartStopList = new ArrayList();
maatStatusBean.setVersion(Constants.MAAT_VERSION);
maatStatusBean.setOpAction(Constants.UPDATE_ACTION);
maatStatusBean.setAuditTime(updateTime);
maatStatusBean.setCreatorName("TaskScheduler");//任务调度定时修改状态
updateCfg.setIsValid(isValid);
updateCfg.setCompileId(compileId);
updateCfg.setAuditTime(updateTime);
updateCfg.setService(serviceId);
configCompileStartStopList.add(updateCfg);
maatStatusBean.setConfigCompileStartStopList(configCompileStartStopList);
//ip spoofing
if(serviceId.equals(518)){
entity.setCompileId(compileId);
List<CfgIndexInfo> list = configSynchronizationDao.getCfgIndexList(entity);
for(CfgIndexInfo cfg:list){
PxyObjSpoofingIpPool pool=new PxyObjSpoofingIpPool();
pool.setCfgId(Long.valueOf(cfg.getUserRegion3()));
pool = configSynchronizationDao.getPxyObjSpoofingIpPool(pool.getCfgId());
List<PxyObjSpoofingIpPool> poolList = new ArrayList<PxyObjSpoofingIpPool>();
pool.setIsValid(0);
pool.setCompileId(pool.getCompileId());
pool.setServiceId(pool.getServiceId());
poolList.add(pool);
//调用服务接口取消配置
String json=BaseService.gsonToJson(poolList);
logger.info("欺骗IP池配置配置参数"+json);
//调用服务接口取消配置
try {
ToMaatResult result = ConfigServiceUtil.put(json, 2);
logger.info("欺骗IP池配置响应信息"+result.getMsg());
} catch (Exception e) {
e.printStackTrace();
logger.info("欺骗IP池配置配置失败");
throw e;
}
}
}
String json=BaseService.gsonToJson(maatStatusBean);
logger.info("MAAT类配置启停状态修改内容"+json);
//调用服务启停接口
String result = ConfigServiceUtil.configStatusUpdate(json);
if(result!=null){
logger.info("MAAT类配置启停状态修改结果"+result);
}else{
return false;
}
/*maatCfg = new MaatCfg();
maatCfg.initDefaultValue();
maatBean = new ToMaatBean();
configCompileList = new ArrayList();
maatCfg.setCompileId(compileId);
maatCfg.setServiceId(serviceId);
maatCfg.setIsValid(isValid);//配置状态
configCompileList.add(maatCfg);
maatBean.setConfigCompileList(configCompileList);
maatBean.setAuditTime(entity.getAuditTime());
maatBean.setCreatorName(entity.getCurrentUser().getName());
maatBean.setVersion(Constants.MAAT_VERSION);
maatBean.setOpAction(Constants.UPDATE_ACTION);
//调用服务接口取消配置
String json=BaseService.gsonToJson(maatBean);
logger.info("定时器修改配置状态:"+json);
//调用服务接口下发配置
ToMaatResult result = ConfigServiceUtil.put(json,1);
logger.info("定时器修改配置状态响应时间:"+result.getMsg());*/
}
}else if("2".equals(serviceType)){//回调类配置
List ids = Lists.newArrayList();
if(isIssueContent.equals(1)){//修改配置内容以及状态
entity.setCompileId(compileId);
//查询配置
if(entity.getServiceId().equals(3)){//ip drop回调类配置用了主表和子表关系
List<CfgIndexInfo> list = configSynchronizationDao.getCfgIndexList(entity);
if(!StringUtil.isEmpty(list)){
List<Integer> compileIdArray = Lists.newArrayList();
compileIdArray.add(compileId);
List subList = configSynchronizationDao.getIpDropList("ip_port_cfg", compileIdArray);
Date updateTime = new Date();
for(int i=0;i<subList.size();i++){
IpPortCfg cfg = (IpPortCfg) subList.get(i);
cfg.setIsValid(isValid);
cfg.setAuditTime(updateTime);
callBackCfgList.add(BaseService.convertCallBackIp(cfg,cfg.getGroupId()));
}
}
}else{
if(className.equals("AvFileSampleCfg")){//YSP文件样例配置
List<AvFileSampleCfg> list = configSynchronizationDao.getAvFileCfgList(entity);
for(int i=0;i<list.size();i++){
AvFileSampleCfg cfg = list.get(i);
Date updateTime = new Date();
cfg.setIsValid(isValid);;
cfg.setAuditTime(updateTime);
callBackCfgList.add(cfg);
}
}else if(className.equals("IpPortCfg")){//dns 欺骗IP等IP类的回调配置
List<IpPortCfg> list = configSynchronizationDao.getIpPortListByService(entity);
Date updateTime = new Date();
for(int i=0;i<list.size();i++){
IpPortCfg cfg = (IpPortCfg) list.get(i);
cfg.setIsValid(isValid);;
cfg.setAuditTime(updateTime);
callBackCfgList.add(BaseService.convertCallBackIp(cfg,cfg.getGroupId()));
}
}
}
}else{
Date updateTime = new Date();
InlineIp updateCfg = new InlineIp();//复用IP回调类的配置表设置下发取消回调配置的参数
updateCfg.setIsValid(isValid);
updateCfg.setCfgId(compileId);
updateCfg.setService(serviceId);
callBackCfgList.add(updateCfg);
}
if(!StringUtil.isEmpty(callBackCfgList)){
//调用服务接口下发配置数据
String json=BaseService.gsonToJson(callBackCfgList);
logger.info("定时器修改回调类配置状态:"+json);
//调用服务接口修改回调类配置状态
ToMaatResult result = ConfigServiceUtil.put(json,2);
logger.info("定时器修改回调类配置状态响应信息:"+result);
if(result==null){
return false;
}else{
return true;
}
}
}
}
return true;
}
//定时器非前台业务需要设置shiro的SecurityManager
private void SecurityManagerInit(){
//1. 获取SecurityManager 工厂此处使用INI配置文件初始化SecurityManager
Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
//2.得道SecurityManager 实例并绑定给SecurityUtils。
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
}
private Subject login(String username,String password) {
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
subject.login(token);
return subject;
}
public static void main(String[] args) {
}
}
Reference in New Issue View Git Blame Copy Permalink