diff --git a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java index f4237bc..6683b37 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java +++ b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java @@ -2,6 +2,7 @@ package com.realtime.protection.configuration.entity.rule.dynamicrule; import com.fasterxml.jackson.annotation.JsonProperty; import com.realtime.protection.configuration.entity.defense.object.ProtectObject; +import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotNull; import lombok.Data; @@ -12,50 +13,76 @@ import java.util.List; public class DynamicRuleObject { @JsonProperty("dynamic_rule_id") + @Schema(description = "动态规则ID", accessMode = Schema.AccessMode.READ_ONLY) private Integer dynamicRuleId; @NotNull @JsonProperty("dynamic_rule_name") + @Schema(description = "动态规则名称", example = "动态规则测试", requiredMode = Schema.RequiredMode.REQUIRED) private String dynamicRuleName; @JsonProperty("dynamic_rule_create_time") + @Schema(hidden = true) private LocalDateTime dynamicRuleCreateTime; @JsonProperty("dynamic_rule_modify_time") + @Schema(hidden = true) private LocalDateTime dynamicRuleModifyTime; @JsonProperty("dynamic_rule_create_username") + @Schema(description = "动态规则创建用户名称", accessMode = Schema.AccessMode.READ_ONLY) private String dynamicRuleCreateUsername; // @JsonProperty("dynamic_rule_audit_status") // private Integer dynamicRuleAuditStatus; @JsonProperty("dynamic_rule_create_depart") + @Schema(description = "动态规则创建用户所属部门", accessMode = Schema.AccessMode.READ_ONLY) private String dynamicRuleCreateDepart; //动态规则选择的防护对象ids? + @NotNull @JsonProperty("protect_object_ids") + @Schema(description = "请求时发送防护对象ID", accessMode = Schema.AccessMode.WRITE_ONLY, requiredMode = Schema.RequiredMode.REQUIRED) private List protectObjectIds; @JsonProperty("protect_objects") + @Schema(description = "响应时回复防护对象完整信息", accessMode = Schema.AccessMode.READ_ONLY) private List protectObjects; //还没有建立外键 @JsonProperty("dynamic_rule_create_user_id") + @Schema(hidden = true) private Integer dynamicRuleCreateUserId; @JsonProperty("dynamic_rule_used_task_id") + @Schema(description = "使用该动态规则的任务ID", accessMode = Schema.AccessMode.READ_ONLY) private Integer dynamicRuleUsedTaskId; + //前端不发送事件类型和来源系统了,而是根据事件类型和来源系统确定策略模板id,发过来template_id @JsonProperty("dynamic_rule_source_system") - private Integer dynamicRuleSourceSystem; + @Schema(description = "动态规则数据来源系统", example = "bw系统", requiredMode = Schema.RequiredMode.REQUIRED) + private String dynamicRuleSourceSystem; @JsonProperty("dynamic_rule_event_type") - private Integer dynamicRuleEventType; + @Schema(description = "动态规则事件类型", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) + private String dynamicRuleEventType; + @NotNull + @JsonProperty("template_id") + @Schema(description = "策略模板id", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) + private Integer templateId; + @NotNull @JsonProperty("dynamic_rule_protect_level") + @Schema(description = "防护等级", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) private Integer dynamicRuleProtectLevel; + @NotNull @JsonProperty("dynamic_rule_priority") + @Schema(description = "优先级", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) private Integer dynamicRulePriority; + @NotNull @JsonProperty("dynamic_rule_range") + @Schema(description = "范围", example = "北京", requiredMode = Schema.RequiredMode.REQUIRED) private String dynamicRuleRange; + @NotNull @JsonProperty("dynamic_rule_frequency") + @Schema(description = "频率", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) private Integer dynamicRuleFrequency; } diff --git a/src/main/java/com/realtime/protection/configuration/entity/rule/staticrule/StaticRuleObject.java b/src/main/java/com/realtime/protection/configuration/entity/rule/staticrule/StaticRuleObject.java index febfab9..08561a9 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/rule/staticrule/StaticRuleObject.java +++ b/src/main/java/com/realtime/protection/configuration/entity/rule/staticrule/StaticRuleObject.java @@ -3,7 +3,11 @@ package com.realtime.protection.configuration.entity.rule.staticrule; import com.alibaba.excel.annotation.ExcelIgnore; import com.alibaba.excel.annotation.ExcelProperty; import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.v3.oas.annotations.media.Schema; +import jakarta.validation.constraints.Max; +import jakarta.validation.constraints.Min; import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.Pattern; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; @@ -18,81 +22,117 @@ import java.time.LocalDateTime; public class StaticRuleObject { @JsonProperty("static_rule_id") @ExcelIgnore + @Schema(description = "静态规则ID", accessMode = Schema.AccessMode.READ_ONLY) private Integer staticRuleId; @NotNull @JsonProperty("static_rule_name") @ExcelProperty("名称") + @Schema(description = "静态规则名称", example = "静态规则测试", requiredMode = Schema.RequiredMode.REQUIRED) private String staticRuleName; @JsonProperty("static_rule_create_time") @ExcelIgnore + @Schema(hidden = true) private LocalDateTime staticRuleCreateTime; @JsonProperty("static_rule_modify_time") @ExcelIgnore + @Schema(hidden = true) private LocalDateTime staticRuleModifyTime; @JsonProperty("static_rule_create_username") @ExcelIgnore + @Schema(description = "静态规则创建用户名称", accessMode = Schema.AccessMode.READ_ONLY) private String staticRuleCreateUsername; @JsonProperty("static_rule_audit_status") @ExcelIgnore + @Schema(description = "静态规则审核状态(0为未审核,1为已退回,2为审核通过)", example = "2", accessMode = Schema.AccessMode.READ_ONLY) private Integer staticRuleAuditStatus; @JsonProperty("static_rule_create_depart") @ExcelIgnore + @Schema(description = "静态规则创建用户所属部门", accessMode = Schema.AccessMode.READ_ONLY) private String staticRuleCreateDepart; @JsonProperty("static_rule_create_user_id") @ExcelIgnore + @Schema(hidden = true) private Integer staticRuleCreateUserId; @JsonProperty("static_rule_used_task_id") @ExcelIgnore + @Schema(hidden = true) private Integer staticRuleUsedTaskId; @JsonProperty("static_rule_sip") @ExcelProperty("源IP地址") + @Pattern(regexp = "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$", message = "Invalid IPv4 Address") + @Schema(description = "源IP地址", example = "1.1.1.1") private String staticRuleSip; @JsonProperty("static_rule_msip") + @Pattern(regexp = "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$", message = "Invalid IPv4 Address") @ExcelProperty("源IP地址掩码") + @Schema(description = "源IP地址掩码", example = "255.255.255.0") private String staticRuleMsip; @JsonProperty("static_rule_sport") @ExcelProperty("源端口") + @Max(value = 65535, message = "port should not be more than 65535") + @Min(value = 1, message = "port should not be less than 1") + @Schema(description = "源端口", example = "8080") private Integer staticRuleSport; @JsonProperty("static_rule_msport") @ExcelProperty("源端口掩码") + @Max(value = 65535, message = "port should not be more than 65535") + @Min(value = 1, message = "port should not be less than 1") + @Schema(description = "源端口掩码", example = "65535") private Integer staticRuleMsport; @JsonProperty("static_rule_dip") + @Pattern(regexp = "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$", message = "Invalid IPv4 Address") @ExcelProperty("目的IP地址") + @Schema(description = "目的IP地址", example = "2.2.2.2") private String staticRuleDip; @JsonProperty("static_rule_mdip") @ExcelProperty("目的IP地址掩码") + @Pattern(regexp = "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$", message = "Invalid IPv4 Address") + @Schema(description = "目的IP地址掩码", example = "255.255.255.0") private String staticRuleMdip; @JsonProperty("static_rule_dport") @ExcelProperty("目的端口") + @Max(value = 65535, message = "port should not be more than 65535") + @Min(value = 1, message = "port should not be less than 1") + @Schema(description = "目的端口", example = "8080") private Integer staticRuleDport; @JsonProperty("static_rule_mdport") @ExcelProperty("目的端口掩码") + @Max(value = 65535, message = "port should not be more than 65535") + @Min(value = 1, message = "port should not be less than 1") + @Schema(description = "目的端口掩码", example = "65535") private Integer staticRuleMdport; @JsonProperty("static_rule_protocol") @ExcelProperty("协议") + @Schema(description = "协议", example = "TCP") private String staticRuleProtocol; @JsonProperty("static_rule_mprotocol") @ExcelProperty("协议掩码") + @Schema(description = "协议掩码", example = "TCP") private String staticRuleMprotocol; @JsonProperty("static_rule_dns") @ExcelProperty("DNS") + @Schema(description = "DNS", example = "www.baidu.com") private String staticRuleDns; @JsonProperty("static_rule_url") @ExcelProperty("URL") + @Schema(description = "URL", example = "www.baidu.com") private String staticRuleURL; @JsonProperty("static_rule_priority") @ExcelProperty("优先级") + @Schema(description = "优先级", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) private Integer staticRulePriority; @JsonProperty("static_rule_range") @ExcelProperty("范围") + @Schema(description = "范围", example = "北京", requiredMode = Schema.RequiredMode.REQUIRED) private String staticRuleRange; @JsonProperty("static_rule_frequency") @ExcelProperty("频率") + @Schema(description = "频率", example = "1", requiredMode = Schema.RequiredMode.REQUIRED) private Integer staticRuleFrequency; } diff --git a/src/main/java/com/realtime/protection/configuration/entity/whitelist/WhiteListObject.java b/src/main/java/com/realtime/protection/configuration/entity/whitelist/WhiteListObject.java index b58fb8a..bef8e90 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/whitelist/WhiteListObject.java +++ b/src/main/java/com/realtime/protection/configuration/entity/whitelist/WhiteListObject.java @@ -3,6 +3,7 @@ package com.realtime.protection.configuration.entity.whitelist; import com.alibaba.excel.annotation.ExcelIgnore; import com.alibaba.excel.annotation.ExcelProperty; import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.Max; import jakarta.validation.constraints.Min; import jakarta.validation.constraints.NotNull; @@ -13,37 +14,51 @@ import lombok.Data; public class WhiteListObject { @JsonProperty("whiteobj_id") @ExcelIgnore + @Schema(description = "白名单对象ID", accessMode = Schema.AccessMode.READ_ONLY) private int whiteListId; @NotNull @JsonProperty("whiteobj_name") @ExcelProperty("名称") + @Schema(description = "白名单对象名称", example = "白名单测试", requiredMode = Schema.RequiredMode.REQUIRED) private String whiteListName; + @NotNull @JsonProperty("whiteobj_system_name") @ExcelProperty("系统名称") + @Schema(description = "白名单对象系统名称", example = "xxx系统", requiredMode = Schema.RequiredMode.REQUIRED) private String whiteListSystemName; + @NotNull @JsonProperty("whiteobj_ip_address") @Pattern(regexp = "^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$", message = "Invalid IPv4 Address") @ExcelProperty("IP地址") + @Schema(description = "白名单对象IPv4地址", example = "1.1.1.1" , requiredMode = Schema.RequiredMode.REQUIRED) private String whiteListIP; + @NotNull @JsonProperty("whiteobj_port") @Max(value = 65535, message = "port should not be more than 65535") @Min(value = 1, message = "port should not be less than 1") @ExcelProperty("端口") + @Schema(description = "白名单对象端口", maximum = "65535", minimum = "1", example = "8080", requiredMode = Schema.RequiredMode.REQUIRED) private int whiteListPort; + @NotNull @JsonProperty("whiteobj_url") @ExcelProperty("URL") + @Schema(description = "白名单对象URL", example = "alice.bob.com", requiredMode = Schema.RequiredMode.REQUIRED) private String whiteListUrl; + @NotNull @JsonProperty("whiteobj_protocol") @ExcelProperty("协议") + @Schema(description = "白名单对象网络协议", example = "TCP", requiredMode = Schema.RequiredMode.REQUIRED) private String whiteListProtocol; + @JsonProperty("audit_status") @ExcelIgnore + @Schema(description = "白名单对象审核状态(0为未审核,1为已退回,2为审核通过)", example = "2") private String whiteListAuditStatus; } diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java index 8abab7f..e980153 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java @@ -1,20 +1,17 @@ package com.realtime.protection.server.rule.dynamicrule; -import com.alibaba.excel.EasyExcel; import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject; import com.realtime.protection.configuration.response.ResponseResult; import jakarta.validation.Valid; import lombok.extern.slf4j.Slf4j; import org.springframework.web.bind.annotation.*; -import org.springframework.web.multipart.MultipartFile; -import java.io.IOException; import java.util.List; @RestController @RequestMapping("dynamicrule") @Slf4j -public class DynamicRuleController { +public class DynamicRuleController implements DynamicRuleControllerApi { private final DynamicRuleService dynamicRuleService; @@ -23,7 +20,8 @@ public class DynamicRuleController { } // 新增 要关联防护对象!!!! - @RequestMapping("/new") + @Override + @PostMapping("/new") public ResponseResult newDynamicRuleObject(@RequestBody @Valid DynamicRuleObject dynamicRuleObject) { log.info("新增动态规则: {}", dynamicRuleObject); //调用service新增 @@ -34,6 +32,7 @@ public class DynamicRuleController { .setData("success", true); } + /* //以excel文件方式批量导入,但动态规则没有这个需求 @PostMapping("/upload") public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException { @@ -41,55 +40,65 @@ public class DynamicRuleController { new DynamicRuleDataListener(dynamicRuleService)).sheet().doRead(); return ResponseResult.ok(); } - + */ //id删除 - @RequestMapping("/{dynamicRuleId}/delete") - public ResponseResult deleteDynamicRuleObject(@PathVariable Integer dynamicRuleId) { - log.info("删除动态规则: {}", dynamicRuleId); + @Override + @DeleteMapping("/{id}/delete") + public ResponseResult deleteDynamicRuleObject(@PathVariable Integer id) { + log.info("删除动态规则: {}", id); //调用service删除 - dynamicRuleService.deleteDynamicRuleObject(dynamicRuleId); + dynamicRuleService.deleteDynamicRuleObject(id); return ResponseResult.ok(); } //批量删除 - @RequestMapping("/delete") - public ResponseResult deleteDynamicRuleObjects(@RequestBody List dynamicRuleIds) { - log.info("批量删除动态规则: {}", dynamicRuleIds); + @Override + @DeleteMapping("/{ids}") + public ResponseResult deleteDynamicRuleObjects(@PathVariable List ids) { + log.info("批量删除动态规则: {}", ids); //调用service删除 return ResponseResult.ok() - .setData("success", dynamicRuleService.deleteDynamicRuleObjects(dynamicRuleIds)); + .setData("success", dynamicRuleService.deleteDynamicRuleObjects(ids)); } //修改 - @RequestMapping("/{dynamicRuleId}/update") - public ResponseResult updateDynamicRuleObject(@PathVariable Integer dynamicRuleId, + @Override + @PostMapping("/{id}/update") + public ResponseResult updateDynamicRuleObject(@PathVariable Integer id, @RequestBody @Valid DynamicRuleObject dynamicRuleObject) { log.info("修改动态规则: {}:{}", - dynamicRuleId, dynamicRuleObject.getDynamicRuleName()); + id, dynamicRuleObject.getDynamicRuleName()); - dynamicRuleService.updateDynamicRuleObject(dynamicRuleId, dynamicRuleObject); + dynamicRuleService.updateDynamicRuleObject(id, dynamicRuleObject); return ResponseResult.ok() - .setData("dynamic_rule_id", dynamicRuleId) + .setData("dynamic_rule_id", id) .setData("success", true); } //id查询 - @RequestMapping("/{dynamicRuleId}/query") - public ResponseResult queryDynamicRuleObjectById(@PathVariable Integer dynamicRuleId) { - log.info("查询动态规则: {}", dynamicRuleId); + @Override + @GetMapping("/{id}/query") + public ResponseResult queryDynamicRuleObjectById(@PathVariable Integer id) { + log.info("查询动态规则: {}", id); + DynamicRuleObject dynamicRuleObject = dynamicRuleService.queryDynamicRuleById(id); + if (dynamicRuleObject == null) { + return ResponseResult.invalid() + .setData("dynamic_rule", null); + } //调用service查询 return ResponseResult.ok() - .setData("dynamic_rule", dynamicRuleService.queryDynamicRuleById(dynamicRuleId)); + .setData("dynamic_rule", dynamicRuleObject); } //分页查询 - @RequestMapping("/query") - public ResponseResult queryDynamicRuleObject(@RequestParam(value = "dynamic_rule_name", required = false) String dynamicRuleName, - @RequestParam(value = "dynamic_rule_id", required = false) Integer dynamicRuleId, + @Override + @GetMapping("/query") + public ResponseResult queryDynamicRuleObject(@RequestParam(value = "name", required = false) String dynamicRuleName, + @RequestParam(value = "id", required = false) Integer dynamicRuleId, @RequestParam(value = "page", defaultValue = "1") Integer page, @RequestParam(value = "page_size", defaultValue = "10") Integer pageSize) { log.info("分页查询动态规则: {}:{}:{}:{}", dynamicRuleName, dynamicRuleId, page, pageSize); @@ -98,5 +107,9 @@ public class DynamicRuleController { .setData("dynamic_rule_list", dynamicRuleService.queryDynamicRuleObject(dynamicRuleName, dynamicRuleId, page, pageSize)); } - //详情查看?? 查看什么 + //详情查看?? 就是按id查询吧 + + + //审核?不需要 + } diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java new file mode 100644 index 0000000..5933c03 --- /dev/null +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java @@ -0,0 +1,145 @@ +package com.realtime.protection.server.rule.dynamicrule; + +import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject; +import com.realtime.protection.configuration.response.ResponseResult; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.responses.ApiResponse; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.validation.Valid; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; + +import java.util.List; + +@Tag(name = "动态规则API", description = "动态规则模块所有接口") +public interface DynamicRuleControllerApi { + + @Operation( + summary = "新建动态规则", + description = "新建一个动态规则", + + responses = { + @ApiResponse( + description = "返回新建对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema( +// title = "ResponseResult和DynamicRule的组合模型", +// description = "ResponseResult的data内DynamicRule", +// anyOf = {ResponseResult.class, DynamicRuleObject.class}) + implementation = ResponseResult.class) + ) + ) + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "动态规则信息") + ) + ResponseResult newDynamicRuleObject(@RequestBody @Valid DynamicRuleObject dynamicRuleObject) ; + + @Operation( + summary = "删除动态规则", + description = "删除一个动态规则", + responses = { + @ApiResponse( + description = "返回删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "动态规则id") + } + ) + ResponseResult deleteDynamicRuleObject(@PathVariable Integer id) ; + + @Operation( + summary = "批量删除动态规则", + description = "批量删除动态规则", + responses = { + @ApiResponse( + description = "返回批量删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "ids", description = "动态规则id列表") + } + ) + public ResponseResult deleteDynamicRuleObjects(@PathVariable List ids) ; + + @Operation( + summary = "修改动态规则", + description = "修改动态规则", + responses = { + @ApiResponse( + description = "返回修改对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "动态规则id") + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "动态规则信息") + ) + public ResponseResult updateDynamicRuleObject( + @PathVariable Integer id, + @RequestBody @Valid DynamicRuleObject dynamicRuleObject) ; + + @Operation( + summary = "查询单个动态规则", + description = "根据动态规则ID查询单个动态规则的所有详细信息", + responses = { + @ApiResponse( + description = "返回查询到的单个动态规则", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "动态规则ID", example = "2") + } + ) + public ResponseResult queryDynamicRuleObjectById(@PathVariable Integer id) ; + + @Operation( + summary = "根据条件查询多个动态规则", + description = "根据查询条件和页码等,查询多个对象并以列表返回", + responses = { + @ApiResponse( + description = "返回多个动态规则", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "name", description = "动态规则名称", example = "test"), + @Parameter(name = "id", description = "动态规则ID", example = "2"), + @Parameter(name = "page", description = "页码", example = "1"), + @Parameter(name = "page_size", description = "每页大小", example = "10") + } + ) + public ResponseResult queryDynamicRuleObject( + @RequestParam(value = "name", required = false) String dynamicRuleName, + @RequestParam(value = "id", required = false) Integer dynamicRuleId, + @RequestParam(value = "page", defaultValue = "1") Integer page, + @RequestParam(value = "page_size", defaultValue = "10") Integer pageSize) ; + + +} \ No newline at end of file diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java index eac36ce..7fa16a3 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java @@ -1,6 +1,7 @@ package com.realtime.protection.server.rule.dynamicrule; import com.realtime.protection.configuration.entity.defense.object.ProtectObject; +import com.realtime.protection.configuration.entity.defense.template.Template; import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; @@ -31,4 +32,6 @@ public interface DynamicRuleMapper { List queryDynamicRuleObject(String dynamicRuleName, Integer dynamicRuleId, Integer page, Integer pageSize); void deleteDynamicRuleProtectObjectConcat(Integer dynamicRuleId); + + Template queryTemplateByRuleId(Integer dynamicRuleId); } diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java index 2da2cac..f7677f4 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java @@ -1,6 +1,7 @@ package com.realtime.protection.server.rule.dynamicrule; import com.alibaba.excel.util.ListUtils; +import com.realtime.protection.configuration.entity.defense.template.Template; import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject; import com.realtime.protection.configuration.utils.SqlSessionWrapper; import org.springframework.stereotype.Service; @@ -26,11 +27,11 @@ public class DynamicRuleService { dynamicRuleMapper.newDynamicRule(dynamicRule); Integer dynamicRuleId = dynamicRule.getDynamicRuleId(); + if (dynamicRule.getProtectObjectIds() != null) { + dynamicRule.getProtectObjectIds().forEach( + protectObjectId -> dynamicRuleMapper.newDynamicRulProtectObjectConcat(dynamicRuleId, protectObjectId)); - dynamicRule.getProtectObjectIds().forEach( - protectObjectId -> dynamicRuleMapper.newDynamicRulProtectObjectConcat(dynamicRuleId, protectObjectId)); - - + } return dynamicRuleId; } @@ -75,8 +76,15 @@ public class DynamicRuleService { //查询DynamicRule DynamicRuleObject dynamicRuleObject = dynamicRuleMapper.queryDynamicRuleById(dynamicRuleId); + if (dynamicRuleObject == null){ + return null; + } //查询DynamicRule关联的ProtectObject dynamicRuleObject.setProtectObjects(dynamicRuleMapper.queryProtectObjectByRuleId(dynamicRuleId)); + //查询DynamicRule关联的template详细信息 + Template template = dynamicRuleMapper.queryTemplateByRuleId(dynamicRuleId); + dynamicRuleObject.setDynamicRuleSourceSystem(template.getSourceSystem()); + dynamicRuleObject.setDynamicRuleEventType(template.getTemplateName()); return dynamicRuleObject; } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java index e2e31c6..c0ca8dc 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java @@ -19,7 +19,7 @@ import java.util.List; @RestController @RequestMapping("/staticrule") @Slf4j -public class StaticRuleController { +public class StaticRuleController implements StaticRuleControllerApi { private final StaticRuleService staticRuleService; @@ -31,6 +31,7 @@ public class StaticRuleController { * 新增静态规则 */ @PostMapping("/new") + @Override public ResponseResult newStaticRuleObject(@RequestBody @Valid StaticRuleObject object) { log.info("新增静态规则: {}", object); //调用service新增 @@ -40,6 +41,7 @@ public class StaticRuleController { //以Excel方式批量导入静态规则 @PostMapping("/upload") + @Override public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException { EasyExcel.read(uploadFile.getInputStream(), StaticRuleObject.class, new StaticRuleDataListener(staticRuleService)).sheet().doRead(); @@ -47,6 +49,7 @@ public class StaticRuleController { } //下载模板文件 + @Override @GetMapping("/download") public void downloadTemplate(HttpServletResponse response) throws IOException { response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"); @@ -59,10 +62,22 @@ public class StaticRuleController { .doWrite(List.of()); } + /** + * 按id删除静态规则 + */ + @Override + @DeleteMapping("/{id}/delete") + public ResponseResult deleteStaticRule(@PathVariable Integer id) { + log.info("根据id删除静态规则:{}", id); + //调用service删除 + staticRuleService.deleteStaticRuleById(id); + return ResponseResult.ok(); + } /** * 删除静态规则(有的删了,有的没删,也返回false) */ + @Override @DeleteMapping("/{ids}") public ResponseResult delete(@PathVariable List ids) { log.info("根据id删除静态规则:{}", ids); @@ -75,11 +90,13 @@ public class StaticRuleController { /** * 修改静态规则 */ - @PutMapping("/update") - public ResponseResult updateStaticRule(@RequestBody @Valid StaticRuleObject object) { + @Override + @PostMapping("/{id}/update") + public ResponseResult updateStaticRule(@PathVariable Integer id, + @RequestBody @Valid StaticRuleObject object) { log.info("修改静态规则: {}", object); //调用service修改 - staticRuleService.updateStaticRule(object); + staticRuleService.updateStaticRule(id, object); return ResponseResult.ok(); } @@ -87,7 +104,8 @@ public class StaticRuleController { * 根据id查询静态规则 * 路径参数:通过请求URL直接传递参数,使用{…}来标识该路径参数,需要使用 @PathVariable 获取路径参数 */ - @RequestMapping("/{id}/query") + @Override + @GetMapping("/{id}/query") public ResponseResult queryStaticRuleById(@PathVariable Integer id) { log.info("根据id查询静态规则:{}", id); StaticRuleObject object = staticRuleService.queryStaticRuleById(id); @@ -97,7 +115,8 @@ public class StaticRuleController { /** * 分页查询静态规则 */ - @RequestMapping("/query") + @Override + @GetMapping("/query") public ResponseResult queryStaticRule(String static_rule_name, Integer static_rule_id, @RequestParam(defaultValue = "1") Integer page, @RequestParam(defaultValue = "10") Integer pageSize @@ -107,4 +126,23 @@ public class StaticRuleController { List pageResult = staticRuleService.queryStaticRule(static_rule_name, static_rule_id, page, pageSize); return ResponseResult.ok().setData("static_rule_list", pageResult); } + + /** + * 修改审核状态 + */ + @Override + @GetMapping("/{id}/audit/{auditStatus}") + public ResponseResult updateStaticRuleAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus) { + if (id <= 0 || auditStatus < 0 || auditStatus > 2) { + return new ResponseResult(400, "id or status is invalid") + .setData("whiteobj_id", id) + .setData("success", false); + } + return ResponseResult.ok() + .setDataMap(staticRuleService.updateAuditStatus(id, auditStatus)) + .setData("staticRule_id", id); + + } + + } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java new file mode 100644 index 0000000..5412cc0 --- /dev/null +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java @@ -0,0 +1,188 @@ +package com.realtime.protection.server.rule.staticrule; + +import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; +import com.realtime.protection.configuration.response.ResponseResult; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.validation.Valid; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.multipart.MultipartFile; + +import java.io.IOException; +import java.util.List; + +@Tag(name = "静态规则API", description = "静态规则模块所有接口") +public interface StaticRuleControllerApi { + + @Operation( + summary = "新增静态规则", + description = "新增一个静态规则", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回新增对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "静态规则信息") + ) + ResponseResult newStaticRuleObject(@RequestBody @Valid StaticRuleObject object) ; + + @Operation( + summary = "批量导入静态规则", + description = "以Excel文件方式批量导入静态规则", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回导入结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "Excel文件") + ) + ResponseResult uploadFile(MultipartFile uploadFile) throws IOException; + + @Operation( + summary = "下载静态规则模板", + description = "下载静态规则模板文件", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回下载结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + } + ) + void downloadTemplate(HttpServletResponse response) throws IOException ; + + @Operation( + summary = "删除静态规则", + description = "删除多个静态规则", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "ids", description = "静态规则id数组") + } + ) + ResponseResult delete(@PathVariable List ids) ; + + @Operation( + summary = "修改静态规则", + description = "修改静态规则", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回修改对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "静态规则id") + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "静态规则信息") + ) + ResponseResult updateStaticRule(@PathVariable Integer id, + @RequestBody @Valid StaticRuleObject object) ; + + @Operation( + summary = "查询单个静态规则", + description = "根据静态规则ID查询单个静态规则的所有详细信息", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回查询到的单个静态规则", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = {@Parameter(name = "id", description = "静态规则ID", example = "38")} + ) + ResponseResult queryStaticRuleById(@PathVariable Integer id) ; + + @Operation( + summary = "分页查询静态规则", + description = "根据查询条件和页码等,查询多个对象并以列表返回", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回多个静态规则", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "static_rule_name", description = "静态规则名称"), + @Parameter(name = "static_rule_id", description = "静态规则id"), + @Parameter(name = "page", description = "页码"), + @Parameter(name = "pageSize", description = "每页条数") + } + ) + ResponseResult queryStaticRule(String static_rule_name, Integer static_rule_id, + @RequestParam(defaultValue = "1") Integer page, + @RequestParam(defaultValue = "10") Integer pageSize); + + + @Operation( + summary = "按id删除静态规则", + description = "按id删除静态规则", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "静态规则id") + } + ) + ResponseResult deleteStaticRule(@PathVariable Integer id) ; + + @Operation( + summary = "更新静态规则审批状态", + description = "更新静态规则审批状态,0未审核、1审核不通过、2审核通过", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回静态规则审核结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "静态规则id"), + @Parameter(name = "auditStatus", description = "要修改为的静态规则审核状态") + } + ) + public ResponseResult updateStaticRuleAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus) ; + + } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java index fa551c7..e70bb06 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java @@ -15,11 +15,11 @@ public interface StaticRuleMapper { //根据主键删除静态规则 @Delete("delete from t_static_rule where static_rule_id = #{id}") - Boolean deleteStaticRuleById(Integer id); + void deleteStaticRuleById(Integer id); //修改静态规则 - void updateStaticRule(StaticRuleObject object); + void updateStaticRule(@Param("id") Integer id, @Param("object") StaticRuleObject object); //按id查询静态规则 //@Select("select * from t_static_rule where static_rule_id = #{id}") @@ -30,7 +30,11 @@ public interface StaticRuleMapper { Integer page, Integer pageSize); - void deleteStaticRules(@Param("whiteListIds") List staticRuleBatch); + void deleteStaticRules(@Param("staticRuleIds") List staticRuleBatch); void newStaticRules(List staticRuleBatch); + + Integer queryAuditStatusById(Integer id); + + Boolean updateAuditStatusById(Integer id, Integer auditStatus); } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java index 706ef7d..2f5ee5c 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java @@ -3,10 +3,14 @@ package com.realtime.protection.server.rule.staticrule; import com.alibaba.excel.util.ListUtils; import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; import com.realtime.protection.configuration.utils.SqlSessionWrapper; +import com.realtime.protection.configuration.utils.status.AuditStatusValidator; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import java.time.LocalDateTime; +import java.util.HashMap; import java.util.List; +import java.util.Map; import java.util.function.Function; @Service @@ -69,12 +73,12 @@ public class StaticRuleService { return sqlSessionWrapper.startBatchSession(StaticRuleMapper.class, deleteStaticRulesFunction, staticRuleIds); } - public void updateStaticRule(StaticRuleObject object) { + public void updateStaticRule(Integer id, StaticRuleObject object) { //判断当前静态规则是否能够修改---是否存在任务选择的静态规则?? //按id查询该静态规则的used_task_id字段,如果不为空,则不能修改 object.setStaticRuleModifyTime(LocalDateTime.now()); //修改静态规则 - staticRuleMapper.updateStaticRule(object); + staticRuleMapper.updateStaticRule(id, object); } public StaticRuleObject queryStaticRuleById(Integer id) { @@ -118,4 +122,22 @@ public class StaticRuleService { } + + @Transactional + public Map updateAuditStatus(Integer id, Integer auditStatus) { + Integer originalAuditStatus = staticRuleMapper.queryAuditStatusById(id); + if (!AuditStatusValidator.setOriginal(originalAuditStatus).checkValidate(auditStatus)) { + throw new IllegalArgumentException("invalid audit status"); + } + Boolean success = staticRuleMapper.updateAuditStatusById(id, auditStatus); + + Map resultMap = new HashMap<>(); + resultMap.put("success", success); + resultMap.put("audit_status", auditStatus); + return resultMap; + } + + public void deleteStaticRuleById(Integer id) { + staticRuleMapper.deleteStaticRuleById(id); + } } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java index a44e290..6e9084a 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java @@ -4,6 +4,7 @@ import com.alibaba.excel.EasyExcel; import com.realtime.protection.configuration.entity.whitelist.WhiteListObject; import com.realtime.protection.configuration.response.ResponseResult; import jakarta.servlet.http.HttpServletResponse; +import jakarta.validation.Valid; import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; @@ -14,7 +15,7 @@ import java.util.List; @RestController @RequestMapping("/whiteobj") -public class WhiteListController { +public class WhiteListController implements WhiteListControllerApi { private final WhiteListService whiteListService; @@ -22,8 +23,9 @@ public class WhiteListController { this.whiteListService = whiteListService; } - @RequestMapping("/new") - public ResponseResult newWhitelistObject(@RequestBody WhiteListObject object) { + @Override + @PostMapping("/new") + public ResponseResult newWhitelistObject(@RequestBody @Valid WhiteListObject object) { Integer whiteListObjectId = whiteListService.newWhiteListObject(object); return ResponseResult.ok() @@ -32,15 +34,18 @@ public class WhiteListController { .setData("success", true); } - //以excel文件方式批量导入 + //以excel文件方式批量导入、 + //post + @Override @PostMapping("/upload") - public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException { + public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException { EasyExcel.read(uploadFile.getInputStream(), WhiteListObject.class, new WhiteListDataListener(whiteListService)).sheet().doRead(); return ResponseResult.ok(); } //下载模板文件 + @Override @GetMapping("/download") public void downloadTemplate(HttpServletResponse response) throws IOException { response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"); @@ -53,9 +58,10 @@ public class WhiteListController { .doWrite(List.of()); } - @RequestMapping("/query") + @Override + @GetMapping("/query") public ResponseResult queryWhiteListObject(@RequestParam(value = "whiteobj_name", required = false) String whiteListName, - @RequestParam(value = "page_size", required = false) Integer whiteListId, + @RequestParam(value = "whiteobj_id", required = false) Integer whiteListId, @RequestParam(value = "page", defaultValue = "1") Integer page, @RequestParam(value = "page_size", defaultValue = "10") Integer pageSize) { if (page <= 0 || pageSize <= 0) { @@ -66,7 +72,8 @@ public class WhiteListController { .setData("whiteobj_list", whiteListService.queryWhiteListObject(whiteListName, whiteListId, page, pageSize)); } - @RequestMapping("/{id}/query") + @Override + @GetMapping("/{id}/query") public ResponseResult queryWhiteListObjectById(@PathVariable Integer id) { if (id <= 0) { return new ResponseResult(400, "id is invalid") @@ -82,6 +89,7 @@ public class WhiteListController { .setData("whiteobj_list", whiteListObject); } + @Override //根据id删除 @DeleteMapping("/{id}/delete") public ResponseResult deleteWhiteListObjectById(@PathVariable Integer id) { @@ -102,20 +110,22 @@ public class WhiteListController { //还要return 白名单名称吗,还要在查表看他的名称 } - @PostMapping("/delete") - public ResponseResult deleteWhiteListObjects(@RequestBody List whiteListObjIds) { + @Override + @DeleteMapping("/{ids}") + public ResponseResult deleteWhiteListObjects(@PathVariable List ids) { //Post不支持body为json。。。 body只能是[9,10] return ResponseResult.ok() - .setData("whiteobj_list", whiteListObjIds) - .setData("success", whiteListService.deleteWhiteListObjects(whiteListObjIds)); + .setData("whiteobj_list", ids) + .setData("success", whiteListService.deleteWhiteListObjects(ids)); } + @Override @PostMapping("/{id}/update") public ResponseResult updateWhiteListObject(@PathVariable Integer id, @RequestBody WhiteListObject object) { object.setWhiteListId(id); - Integer num = whiteListService.updateWhiteListObject(object); + Integer num = whiteListService.updateWhiteListObject(id, object); if (num == 0) { return new ResponseResult(400, "id is invalid") .setData("whiteobj_list", null); @@ -123,7 +133,7 @@ public class WhiteListController { return ResponseResult.ok(); } - +/* //查询ip是否存在于白名单 @RequestMapping("/exist") public ResponseResult existWhiteListObject(@RequestParam(value = "ruleId", required = true) Integer ruleId, @@ -138,9 +148,11 @@ public class WhiteListController { return ResponseResult.ok() .setData("ip_list", ruleInWhiteListIds); } +*/ + @Override //修改审核状态 - @RequestMapping("/{id}/audit/{auditStatus}") + @GetMapping("/{id}/audit/{auditStatus}") public ResponseResult updateWhiteListObjectAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus) { if (id <= 0 || auditStatus < 0 || auditStatus > 2) { diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java new file mode 100644 index 0000000..ce5fac0 --- /dev/null +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListControllerApi.java @@ -0,0 +1,194 @@ +package com.realtime.protection.server.whitelist; + +import com.realtime.protection.configuration.entity.whitelist.WhiteListObject; +import com.realtime.protection.configuration.response.ResponseResult; +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.Parameter; +import io.swagger.v3.oas.annotations.media.Content; +import io.swagger.v3.oas.annotations.media.Schema; +import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.multipart.MultipartFile; + +import java.io.IOException; +import java.util.List; + +@Tag(name = "白名单API", description = "白名单模块所有接口") +public interface WhiteListControllerApi { + + @Operation( + summary = "新增白名单", + description = "新增一个白名单", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回新增对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "白名单信息") + ) + ResponseResult newWhitelistObject(@RequestBody WhiteListObject object) ; + + @Operation( + summary = "批量导入白名单", + description = "以Excel文件方式批量导入白名单", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回导入结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "Excel文件") + ) + ResponseResult uploadFile(MultipartFile uploadFile) throws IOException ; + + @Operation( + summary = "下载白名单模板", + description = "下载白名单模板文件", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回下载结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + } + ) + void downloadTemplate(HttpServletResponse response) throws IOException ; + + @Operation( + summary = "查询白名单", + description = "按页和搜索内容查询白名单相关信息", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回查询到的所有白名单", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "whiteobj_name", description = "白名单名称"), + @Parameter(name = "whiteobj_id", description = "白名单ID"), + @Parameter(name = "page", description = "页码", example = "1"), + @Parameter(name = "page_size", description = "每页查询个数", example = "10") + } + ) + ResponseResult queryWhiteListObject(@RequestParam(value = "whiteobj_name", required = false) String whiteListName, + @RequestParam(value = "whiteobj_id", required = false) Integer whiteListId, + @RequestParam(value = "page", defaultValue = "1") Integer page, + @RequestParam(value = "page_size", defaultValue = "10") Integer pageSize) ; + + @Operation( + summary = "查询单个白名单", + description = "根据白名单ID查询单个白名单的所有详细信息", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回查询到的单个白名单", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "白名单ID", example = "2") + } + ) + ResponseResult queryWhiteListObjectById(@PathVariable Integer id) ; + + @Operation( + summary = "删除白名单", + description = "删除一个白名单", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "白名单id") + } + ) + ResponseResult deleteWhiteListObjectById(@PathVariable Integer id); + + @Operation( + summary = "批量删除白名单", + description = "批量删除白名单", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回删除对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "ids", description = "白名单id数组") + } + ) + ResponseResult deleteWhiteListObjects(@PathVariable List whiteListObjIds) ; + + @Operation( + summary = "修改白名单", + description = "修改白名单", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回修改对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "白名单id") + }, + requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( + description = "白名单信息") + + ) + ResponseResult updateWhiteListObject(@PathVariable Integer id, + @RequestBody WhiteListObject object) ; + + @Operation( + summary = "修改白名单审核状态", + description = "修改白名单审核状态", + responses = { + @io.swagger.v3.oas.annotations.responses.ApiResponse( + description = "返回修改对象结果", + content = @Content( + mediaType = "application/json", + schema = @Schema(implementation = ResponseResult.class) + ) + ) + }, + parameters = { + @Parameter(name = "id", description = "白名单id"), + @Parameter(name = "auditStatus", description = "白名单审核状态(0为未审核,1为已退回,2为审核通过)", example = "2") + } + ) + ResponseResult updateWhiteListObjectAuditStatus(@PathVariable Integer id, + @PathVariable Integer auditStatus) ; + + + + + } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java index dfdbc3f..d80509e 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java @@ -1,7 +1,7 @@ package com.realtime.protection.server.whitelist; import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; -import com.realtime.protection.configuration.entity.task.Command; +import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; import com.realtime.protection.configuration.entity.whitelist.WhiteListObject; import org.apache.ibatis.annotations.Delete; import org.apache.ibatis.annotations.Mapper; @@ -25,7 +25,7 @@ public interface WhiteListMapper { @Delete("delete from t_white_list where white_list_id = #{id}") Integer deleteWhiteListObject(Integer id); - Integer updateWhiteListObject(@Param("object") WhiteListObject object); + Integer updateWhiteListObject(@Param("id")Integer id, @Param("object") WhiteListObject object); List existWhiteListObject(@Param("staticRuleObject") StaticRuleObject staticRuleObject); @@ -37,5 +37,5 @@ public interface WhiteListMapper { void deleteWhiteListObjects(@Param("whiteListIds") List whiteListBatch); - List whiteListCommandJudge(@Param("command") Command command); + List whiteListCommandJudge(@Param("command") FiveTupleWithMask fiveTupleWithMaskInCommand); } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java index 5105edd..3d939c4 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java @@ -101,8 +101,8 @@ public class WhiteListService { } - public Integer updateWhiteListObject(WhiteListObject object) { - return whiteListMapper.updateWhiteListObject(object); + public Integer updateWhiteListObject(Integer id, WhiteListObject object) { + return whiteListMapper.updateWhiteListObject(id, object); } public List queryWhiteListObject(String whiteListName, Integer whiteListId, @@ -132,7 +132,7 @@ public class WhiteListService { public List whiteListCommandJudge(Command command) { //参数应该是指令,不管动态静态 // 命中的whitelist列表:每一列包含ip port url - return whiteListMapper.whiteListCommandJudge(command); + return whiteListMapper.whiteListCommandJudge(command.getFiveTupleWithMask()); } diff --git a/src/main/resources/mappers/DynamicRuleMapper.xml b/src/main/resources/mappers/DynamicRuleMapper.xml index 43a3d2b..815cefe 100644 --- a/src/main/resources/mappers/DynamicRuleMapper.xml +++ b/src/main/resources/mappers/DynamicRuleMapper.xml @@ -4,48 +4,46 @@ "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> - - + + insert into t_dynamic_rule - (dynamic_rule_name, - create_time, modify_time, dynamic_rule_create_username, - dynamic_rule_create_depart, dynamic_rule_source_system, - dynamic_rule_event_type, dynamic_rule_protec_level, - dynamic_rule_priority, dynamic_rule_range, - dynamic_rule_frequency, dynamic_rule_create_user_id) - values (#{object.dynamicRuleName}, - #{object.dynamicRuleCreateTime}, #{object.dynamicRuleModifyTime}, - #{object.dynamicRuleCreateUsername}, #{object.dynamicRuleCreateDepart}, - #{object.dynamicRuleSourceSystem}, - #{object.dynamicRuleEventType}, #{object.dynamicRuleProtectLevel}, - #{object.dynamicRulePriority}, #{object.dynamicRuleRange}, - #{object.dynamicRuleFrequency}, - #{object.dynamicRuleCreateUserId}) + (dynamic_rule_name, + create_time, modify_time, dynamic_rule_create_username, + dynamic_rule_create_depart, template_id, dynamic_rule_protect_level, + dynamic_rule_priority, dynamic_rule_range, + dynamic_rule_frequency, dynamic_rule_create_user_id) + values + (#{object.dynamicRuleName}, + #{object.dynamicRuleCreateTime},#{object.dynamicRuleModifyTime}, + #{object.dynamicRuleCreateUsername},#{object.dynamicRuleCreateDepart}, + #{object.templateId}, #{object.dynamicRuleProtectLevel}, + #{object.dynamicRulePriority}, #{object.dynamicRuleRange}, + #{object.dynamicRuleFrequency}, + #{object.dynamicRuleCreateUserId}) - insert into t_protect_object_dynamic_rule_conn(dynamic_rule_id, protect_object_id) + insert into + t_protect_object_dynamic_rule_conn(dynamic_rule_id, protect_object_id) values (#{dynamicRuleId}, #{protectObjectId}) insert into t_dynamic_rule - (dynamic_rule_name, - create_time, modify_time, dynamic_rule_create_username, - dynamic_rule_create_depart, dynamic_rule_source_system, - dynamic_rule_event_type, dynamic_rule_protec_level, - dynamic_rule_priority, dynamic_rule_range, - dynamic_rule_frequency, dynamic_rule_create_user_id + (dynamic_rule_name, + create_time, modify_time, dynamic_rule_create_username, + dynamic_rule_create_depart, template_id, dynamic_rule_protect_level, + dynamic_rule_priority, dynamic_rule_range, + dynamic_rule_frequency, dynamic_rule_create_user_id ) values (#{object.dynamicRuleName}, #{object.dynamicRuleCreateTime},#{object.dynamicRuleModifyTime}, #{object.dynamicRuleCreateUsername},#{object.dynamicRuleCreateDepart}, - #{object.dynamicRuleSourceSystem}, - #{object.dynamicRuleEventType}, #{object.dynamicRuleProtectLevel}, + #{object.templateId}, #{object.dynamicRuleProtectLevel}, #{object.dynamicRulePriority}, #{object.dynamicRuleRange}, #{object.dynamicRuleFrequency}, #{object.dynamicRuleCreateUserId}) @@ -54,20 +52,18 @@ - - - - - + + + + + - delete - from t_dynamic_rule + delete from t_dynamic_rule where dynamic_rule_id = #{dynamicRuleId} - + - delete - from t_protect_object_dynamic_rule_conn + delete from t_protect_object_dynamic_rule_conn where dynamic_rule_id = #{dynamicRuleId} @@ -83,33 +79,26 @@ update t_dynamic_rule set - dynamic_rule_name = #{object.dynamicRuleName}, - modify_time = #{object.dynamicRuleModifyTime}, - dynamic_rule_source_system = - #{object.dynamicRuleSourceSystem}, - - dynamic_rule_event_type = #{object.dynamicRuleEventType}, - dynamic_rule_protec_level = - #{object.dynamicRuleProtectLevel}, - - dynamic_rule_priority = #{object.dynamicRulePriority}, - dynamic_rule_range = #{object.dynamicRuleRange}, - dynamic_rule_frequency = #{object.dynamicRuleFrequency} + dynamic_rule_name = #{object.dynamicRuleName}, + modify_time = #{object.dynamicRuleModifyTime}, + template_id = #{object.templateId}, + dynamic_rule_protect_level = #{object.dynamicRuleProtectLevel}, + dynamic_rule_priority = #{object.dynamicRulePriority}, + dynamic_rule_range = #{object.dynamicRuleRange}, + dynamic_rule_frequency = #{object.dynamicRuleFrequency} where - dynamic_rule_id = #{dynamicRuleId} + dynamic_rule_id = #{dynamicRuleId} - + - - + @@ -119,7 +108,7 @@ @@ -138,10 +127,10 @@ + select * + from t_strategy_template + inner join t_dynamic_rule + on t_strategy_template.strategy_template_id = t_dynamic_rule.template_id + where t_dynamic_rule.dynamic_rule_id = #{dynamicRuleId} + + + \ No newline at end of file diff --git a/src/main/resources/mappers/StaticRuleMapper.xml b/src/main/resources/mappers/StaticRuleMapper.xml index af362e2..5ca3247 100644 --- a/src/main/resources/mappers/StaticRuleMapper.xml +++ b/src/main/resources/mappers/StaticRuleMapper.xml @@ -26,13 +26,13 @@ insert into t_static_rule(static_rule_name, static_rule_create_time, - static_rule_create_username, static_rule_create_depart, - static_rule_create_user_id, static_rule_sip, static_rule_msip, - static_rule_sport, static_rule_msport, - static_rule_dip, static_rule_mdip, static_rule_dport, static_rule_mdport, - static_rule_protocol, static_rule_mprotocol, static_rule_dns, - static_rule_url, static_rule_priority, static_rule_range, - static_rule_frequency, static_rule_audit_status) + static_rule_create_username, static_rule_create_depart, + static_rule_create_user_id, static_rule_sip, static_rule_msip, + static_rule_sport, static_rule_msport, + static_rule_dip, static_rule_mdip, static_rule_dport, static_rule_mdport, + static_rule_protocol, static_rule_mprotocol, static_rule_dns, + static_rule_url, static_rule_priority, static_rule_range, + static_rule_frequency, static_rule_audit_status) values (#{object.staticRuleName}, #{object.staticRuleCreateTime}, #{object.staticRuleCreateUsername}, @@ -50,36 +50,45 @@ update t_static_rule - - static_rule_name = #{staticRuleName}, + + static_rule_name = #{object.staticRuleName}, - static_rule_sip = INET_ATON(#{staticRuleSip}), - static_rule_msip = INET_ATON(#{staticRuleMsip}), - static_rule_sport = #{staticRuleSport}, - static_rule_msport = #{staticRuleMsport}, - static_rule_dip = INET_ATON(#{staticRuleDip}), - static_rule_mdip = INET_ATON(#{staticRuleMdip}), - static_rule_dport = #{staticRuleDport}, - static_rule_mdport = #{staticRuleMdport}, - static_rule_protocol = #{staticRuleProtocol}, - static_rule_mprotocol = #{staticRuleMprotocol}, - static_rule_dns = #{staticRuleDns}, - static_rule_url = #{staticRuleURL}, - - static_rule_priority = #{staticRulePriority}, + static_rule_sip = INET_ATON(#{object.staticRuleSip}), + static_rule_msip = INET_ATON(#{object.staticRuleMsip}), + static_rule_sport = #{object.staticRuleSport}, + static_rule_msport = #{object.staticRuleMsport}, + static_rule_dip = INET_ATON(#{object.staticRuleDip}), + static_rule_mdip = INET_ATON(#{object.staticRuleMdip}), + static_rule_dport = #{object.staticRuleDport}, + static_rule_mdport = #{object.staticRuleMdport}, + static_rule_protocol = #{object.staticRuleProtocol}, + static_rule_mprotocol = #{object.staticRuleMprotocol}, + static_rule_dns = #{object.staticRuleDns}, + static_rule_url = #{object.staticRuleURL}, + + static_rule_priority = #{object.staticRulePriority}, - - static_rule_range = #{staticRuleRange}, + + static_rule_range = #{object.staticRuleRange}, - - static_rule_frequency = #{staticRuleFrequency}, + + static_rule_frequency = #{object.staticRuleFrequency}, - where static_rule_id = #{staticRuleId} + where static_rule_id = #{id} + + + update t_static_rule + set static_rule_audit_status = #{auditStatus} + where static_rule_id = #{id} - + delete from t_static_rule + where static_rule_id in + + #{id} + @@ -98,7 +107,7 @@ - SELECT * FROM t_static_rule @@ -112,9 +121,12 @@ + \ No newline at end of file diff --git a/src/main/resources/mappers/WhiteListMapper.xml b/src/main/resources/mappers/WhiteListMapper.xml index ce36b4c..1294278 100644 --- a/src/main/resources/mappers/WhiteListMapper.xml +++ b/src/main/resources/mappers/WhiteListMapper.xml @@ -93,7 +93,7 @@ white_list_audit_status = #{object.whiteListAuditStatus}, - where white_list_id = #{object.whiteListId} + where white_list_id = #{id} update t_white_list diff --git a/src/test/java/com/realtime/protection/server/rule/dynamic/DynamicRuleServiceTest.java b/src/test/java/com/realtime/protection/server/rule/dynamic/DynamicRuleServiceTest.java index de3f81e..2c5bd45 100644 --- a/src/test/java/com/realtime/protection/server/rule/dynamic/DynamicRuleServiceTest.java +++ b/src/test/java/com/realtime/protection/server/rule/dynamic/DynamicRuleServiceTest.java @@ -22,13 +22,12 @@ public class DynamicRuleServiceTest { void testNewDynamicRule() { DynamicRuleObject object = new DynamicRuleObject(); object.setDynamicRuleName("UpdateDynamicRule2"); - object.setDynamicRuleEventType(1); object.setDynamicRuleFrequency(1); object.setDynamicRulePriority(1); object.setDynamicRuleRange("北京"); object.setDynamicRuleProtectLevel(2); - object.setDynamicRuleSourceSystem(1); - object.setProtectObjectIds(List.of(new Integer[]{5521, 5520})); + object.setTemplateId(1); + //object.setProtectObjectIds(List.of(new Integer[]{5521, 5520})); Integer objectId = dynamicRuleService.newDynamicRuleObject(object); @@ -37,7 +36,7 @@ public class DynamicRuleServiceTest { @Test void testDeleteDynamicRule() { - dynamicRuleService.deleteDynamicRuleObject(8); + // dynamicRuleService.deleteDynamicRuleObject(8); } @Test @@ -50,15 +49,14 @@ public class DynamicRuleServiceTest { void testUpdateDynamicRule() { DynamicRuleObject object = new DynamicRuleObject(); object.setDynamicRuleName("UpdateDynamicRule2"); - object.setDynamicRuleEventType(1); object.setDynamicRuleFrequency(1); object.setDynamicRulePriority(1); object.setDynamicRuleRange("北京"); object.setDynamicRuleProtectLevel(2); - object.setDynamicRuleSourceSystem(1); - object.setProtectObjectIds(List.of(new Integer[]{5521, 5520})); + object.setTemplateId(1); + //object.setProtectObjectIds(List.of(new Integer[]{5521, 5520})); - dynamicRuleService.updateDynamicRuleObject(9, object); + dynamicRuleService.updateDynamicRuleObject(2, object); } @Test diff --git a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java index d86b764..6016e3c 100644 --- a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java +++ b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java @@ -58,7 +58,6 @@ public class StaticRuleServiceTest { object.setStaticRulePriority(2); object.setStaticRuleFrequency(1); object.setStaticRuleRange("北京"); -// object.setStaticRuleProtectLevel(2); Integer id = staticRuleService.newStaticRuleObject(object); } @@ -103,7 +102,7 @@ public class StaticRuleServiceTest { object.setStaticRuleRange("北京"); // object.setStaticRuleProtectLevel(2); - staticRuleService.updateStaticRule(object); + staticRuleService.updateStaticRule(5, object); } @Test void testQueryStaticRule(){ diff --git a/src/test/java/com/realtime/protection/server/whitelist/WhiteListServiceTest.java b/src/test/java/com/realtime/protection/server/whitelist/WhiteListServiceTest.java index 7706370..4c60974 100644 --- a/src/test/java/com/realtime/protection/server/whitelist/WhiteListServiceTest.java +++ b/src/test/java/com/realtime/protection/server/whitelist/WhiteListServiceTest.java @@ -1,5 +1,7 @@ package com.realtime.protection.server.whitelist; +import com.realtime.protection.configuration.entity.task.Command; +import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; import com.realtime.protection.configuration.entity.whitelist.WhiteListObject; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -9,7 +11,7 @@ import org.springframework.boot.test.context.SpringBootTest; import java.util.ArrayList; import java.util.List; -import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.junit.jupiter.api.Assertions.*; @SpringBootTest class WhiteListServiceTest { @@ -54,10 +56,10 @@ class WhiteListServiceTest { @Test void testUpdateWhiteList() { WhiteListObject object = new WhiteListObject(); - object.setWhiteListId(7); + //object.setWhiteListId(7); object.setWhiteListName("test_update"); - whiteListService.updateWhiteListObject(object); + whiteListService.updateWhiteListObject(7,object); } @Test @@ -72,4 +74,17 @@ class WhiteListServiceTest { whiteListService.updateWhiteListObjectAuditStatus(7, 1); } + @Test + void testWhiteListCommandJudge() { + FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask(); + Command command = new Command(); + fiveTupleWithMask.setDestinationIP("128.1.1.123"); + fiveTupleWithMask.setMaskDestinationIP("255.255.255.0"); + fiveTupleWithMask.setDestinationPort("80"); + command.setFiveTupleWithMask(fiveTupleWithMask); + + List whitelists = whiteListService.whiteListCommandJudge(command); + System.out.println(whitelists); + } + } \ No newline at end of file