From cb6ca74df71819a14ea5defcf3b718842a6e50ad Mon Sep 17 00:00:00 2001
From: Hao Miao <47212914+PushM@users.noreply.github.com>
Date: Thu, 18 Jan 2024 23:35:56 +0800
Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E6=B7=BB=E5=8A=A0AlertMessage=20http?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3=EF=BC=8C=E6=8E=A5=E6=94=B6=E5=91=8A=E8=AD=A6?=
 =?UTF-8?q?=E4=BF=A1=E6=81=AF=E3=80=82=202=E3=80=81AlertMessage=E5=AF=B9?=
 =?UTF-8?q?=E8=B1=A1=E5=A2=9E=E5=8A=A0dynamicRuleId=E5=B1=9E=E6=80=A7?=
 =?UTF-8?q?=E3=80=82=E9=9C=80=E8=A6=81=E5=8F=91=E9=80=81=E6=97=B6=E4=B9=9F?=
 =?UTF-8?q?=E6=90=BA=E5=B8=A6dynamicRuleId=E5=AD=97=E6=AE=B5=203=E3=80=81A?=
 =?UTF-8?q?lertMessageService=E6=B7=BB=E5=8A=A0=E8=8E=B7=E5=8F=96dynamicRu?=
 =?UTF-8?q?le=E5=AF=B9=E5=BA=94=E7=9A=84template=EF=BC=8C=E5=B9=B6?=
 =?UTF-8?q?=E6=A0=B9=E6=8D=AEtemplate=E5=AF=B9AlertMessage=E4=B8=AD?=
 =?UTF-8?q?=E7=9A=84FiveTupleWithMask=E8=BF=9B=E8=A1=8C=E7=AD=9B=E9=80=89?=
 =?UTF-8?q?=E7=AD=96=E7=95=A5=E6=A8=A1=E6=9D=BF=E6=89=80=E9=9C=80=E5=AD=97?=
 =?UTF-8?q?=E6=AE=B5=EF=BC=9B=E6=B7=BB=E5=8A=A0=E7=94=9F=E6=88=90TaskComma?=
 =?UTF-8?q?ndInfo=E5=85=A5Doris=E5=BA=93=204=E3=80=81TaskCommandInfo?=
 =?UTF-8?q?=E6=96=B0=E5=A2=9EtemplateId=E3=80=81protectLevel=E5=B1=9E?=
 =?UTF-8?q?=E6=80=A7=EF=BC=8C=E6=96=B9=E4=BE=BFAlertMessageService?=
 =?UTF-8?q?=E4=B8=AD=E6=9F=A5=E8=AF=A2=E4=BB=BB=E5=8A=A1=E7=9A=84=E7=AD=96?=
 =?UTF-8?q?=E7=95=A5=E6=A8=A1=E6=9D=BF=205=E3=80=81=E5=89=8D=E7=AB=AF?=
 =?UTF-8?q?=E5=93=8D=E5=BA=94=E5=AD=97=E6=AE=B5=E7=9A=84bug=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../entity/rule/dynamicrule/AlertMessage.java |  3 +
 .../rule/dynamicrule/DynamicRuleObject.java   |  6 +-
 .../entity/task/TaskCommandInfo.java          |  5 ++
 .../alertmessage/AlertMessageController.java  |  2 +-
 .../alertmessage/AlertMessageMapper.java      | 16 ++++
 .../alertmessage/AlertMessageService.java     | 55 +++++++++---
 .../resources/mappers/AlertMessageMapper.xml  | 87 +++++++++++++++++++
 .../resources/mappers/StaticRuleMapper.xml    | 15 ++--
 .../resources/mappers/WhiteListMapper.xml     |  5 +-
 .../staticrule/StaticRuleServiceTest.java     |  6 ++
 10 files changed, 181 insertions(+), 19 deletions(-)
 create mode 100644 src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java
 create mode 100644 src/main/resources/mappers/AlertMessageMapper.xml

diff --git a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java
index 9267d03..dacfe32 100644
--- a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java
+++ b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java
@@ -12,4 +12,7 @@ public class AlertMessage {
     @JsonProperty("five_tuple_with_mask")
     private FiveTupleWithMask fiveTupleWithMask;
 
+    @JsonProperty("dynamic_rule_id")
+    private Integer dynamicRuleId;
+
 }
diff --git a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java
index 8b5f762..42771c8 100644
--- a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java
+++ b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java
@@ -3,6 +3,8 @@ package com.realtime.protection.configuration.entity.rule.dynamicrule;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
 import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.Max;
+import jakarta.validation.constraints.Min;
 import jakarta.validation.constraints.NotEmpty;
 import jakarta.validation.constraints.NotNull;
 import lombok.Data;
@@ -71,7 +73,9 @@ public class DynamicRuleObject {
     private Integer templateId;
     @NotNull
     @JsonProperty("dynamic_rule_protect_level")
-    @Schema(description = "防护等级", example = "1", requiredMode = Schema.RequiredMode.REQUIRED)
+    @Max(value = 3)
+    @Min(value = 1)
+    @Schema(description = "防护等级：1代表日常态、2代表应急态、3代表紧急态", example = "1", requiredMode = Schema.RequiredMode.REQUIRED)
     private Integer dynamicRuleProtectLevel;
 
     @NotNull
diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
index 18f65db..fbbcb98 100644
--- a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
+++ b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
@@ -65,4 +65,9 @@ public class TaskCommandInfo {
 
     @Schema(description = "最新下发时间", accessMode = Schema.AccessMode.READ_ONLY)
     private LocalDateTime latestSendTime;
+
+    @Schema(description = "防御策略模板ID", accessMode = Schema.AccessMode.READ_ONLY)
+    private Integer templateId;
+    @Schema(description = "防护等级", accessMode = Schema.AccessMode.READ_ONLY)
+    private Integer protectLevel;
 }
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
index 44e0661..726ed8a 100644
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
@@ -21,7 +21,7 @@ public class AlertMessageController
 
     @PostMapping("/new")
     public ResponseResult receiveAlertMessage(@RequestBody @Valid AlertMessage alertMessage){
-        alertMessageService.receiveAlertMessage(alertMessage);
+        alertMessageService.processAlertMessage(alertMessage);
         return ResponseResult.ok();
     }
 
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java
new file mode 100644
index 0000000..2e8a918
--- /dev/null
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java
@@ -0,0 +1,16 @@
+package com.realtime.protection.server.alertmessage;
+
+import com.realtime.protection.configuration.entity.defense.template.ProtectLevel;
+import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
+import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
+import org.apache.ibatis.annotations.Mapper;
+
+
+@Mapper
+public interface AlertMessageMapper {
+
+    TaskCommandInfo getDynamicTaskInfos(Long taskId) ;
+
+
+    ProtectLevel queryTemplateProtectLevel(Integer templateId, Integer protectLevel, FiveTupleWithMask fiveTupleWithMask);
+}
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
index da8dda1..1caadc1 100644
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
@@ -1,7 +1,8 @@
 package com.realtime.protection.server.alertmessage;
 
+import com.realtime.protection.configuration.entity.defense.template.ProtectLevel;
 import com.realtime.protection.configuration.entity.rule.dynamicrule.AlertMessage;
-import com.realtime.protection.configuration.entity.task.Task;
+import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
 import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
 import com.realtime.protection.server.task.TaskService;
 import org.springframework.stereotype.Service;
@@ -11,28 +12,62 @@ import com.realtime.protection.configuration.utils.enums.StateEnum;
 @Service
 public class AlertMessageService {
     private final CommandService commandService;
+    private final AlertMessageMapper alertMessageMapper;
     private final TaskService taskService;
 
-    public AlertMessageService(CommandService commandService,TaskService taskService) {
+    public AlertMessageService(CommandService commandService,TaskService taskService,
+    AlertMessageMapper alertMessageMapper) {
         this.commandService = commandService;
         this.taskService = taskService;
+        this.alertMessageMapper = alertMessageMapper;
     }
 
-    public void receiveAlertMessage(AlertMessage alertMessage) {
+    public void processAlertMessage(AlertMessage alertMessage) {
         Long taskId = alertMessage.getTaskId();
-        //查task信息
-        Task task = taskService.queryTask(taskId);
         //检查task status是否为running？
-//        if (task.getTaskStatus() != StateEnum.RUNNING.getStateNum()) {
+        Integer taskStatus = taskService.queryTaskStatus(taskId);
+        Integer temp = StateEnum.RUNNING.getStateNum();
+//        if (taskStatus != StateEnum.RUNNING.getStateNum()) {
 //            return;
 //        }
 
-        //task信息和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo
-        TaskCommandInfo dynamicTaskCommandInfo = new TaskCommandInfo();
+        //查task信息,和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo
+        TaskCommandInfo dynamicTaskCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId);
 
+        //根据策略模板更新五元组
+        ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel(
+                dynamicTaskCommandInfo.getTemplateId(),
+                dynamicTaskCommandInfo.getProtectLevel(),
+                alertMessage.getFiveTupleWithMask());
+        updateFiveTupleWithMask(alertMessage.getFiveTupleWithMask(), templateProtectLevel);
+        dynamicTaskCommandInfo.setFiveTupleWithMask(alertMessage.getFiveTupleWithMask());
 
-        //command入库
-        //commandService.createCommand(staticTaskCommandInfo);
+//        command入库
+        commandService.createCommand(dynamicTaskCommandInfo);
 
     }
+
+    private void updateFiveTupleWithMask(FiveTupleWithMask alertMessageFiveTupleW, ProtectLevel templateProtectLevel) {
+        if(!templateProtectLevel.getHasProtectObjectIP()){
+            alertMessageFiveTupleW.setDestinationIP(null);
+            alertMessageFiveTupleW.setMaskDestinationIP(null);
+        }
+        if(!templateProtectLevel.getHasProtectObjectPort()){
+            alertMessageFiveTupleW.setDestinationPort(null);
+            alertMessageFiveTupleW.setMaskDestinationPort(null);
+        }
+        if(!templateProtectLevel.getHasPeerIP()){
+            alertMessageFiveTupleW.setSourceIP(null);
+            alertMessageFiveTupleW.setMaskSourceIP(null);
+        }
+        if(!templateProtectLevel.getHasPeerPort()){
+            alertMessageFiveTupleW.setSourcePort(null);
+            alertMessageFiveTupleW.setMaskSourcePort(null);
+        }
+        if (!templateProtectLevel.getHasProtocol()) {
+            alertMessageFiveTupleW.setProtocol(null);
+            alertMessageFiveTupleW.setMaskProtocol(null);
+        }
+        //目前告警信息还只是五元组，没有url、dns
+    }
 }
diff --git a/src/main/resources/mappers/AlertMessageMapper.xml b/src/main/resources/mappers/AlertMessageMapper.xml
new file mode 100644
index 0000000..2ee28d4
--- /dev/null
+++ b/src/main/resources/mappers/AlertMessageMapper.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.realtime.protection.server.alertmessage.AlertMessageMapper">
+
+    <resultMap id="dynamicCommmandMap" type="com.realtime.protection.configuration.entity.task.TaskCommandInfo">
+        <result column="task_name" property="taskName"/>
+        <result column="task_create_username" property="taskCreateUsername"/>
+        <result column="task_create_depart" property="taskCreateDepart"/>
+        <result column="task_create_userid" property="taskCreateUserId"/>
+    
+        <result column="task_id" property="taskId"/>
+        <result column="dynamic_rule_id" property="ruleId"/>
+    
+        <result column="task_act" property="taskAct"/>
+        <result column="task_type" property="taskType"/>
+        <result column="dynamic_rule_frequency" property="frequency"/>
+        <result column="task_start_time" property="startTime"/>
+        <result column="task_end_time" property="endTime"/>
+    
+        <result column="template_id" property="templateId"/>
+        <result column="dynamic_rule_protect_level" property="protectLevel"/>
+    
+    </resultMap>
+    <resultMap id="protectLevelMap" type="com.realtime.protection.configuration.entity.defense.template.ProtectLevel">
+        <id column="protect_level_id" property="protectLevelId"/>
+        <result column="has_protect_object_ip" property="hasProtectObjectIP"/>
+        <result column="has_protect_object_port" property="hasProtectObjectPort"/>
+        <result column="has_peer_ip" property="hasPeerIP"/>
+        <result column="has_peer_port" property="hasPeerPort"/>
+        <result column="has_protocol" property="hasProtocol"/>
+        <result column="has_url" property="hasURL"/>
+        <result column="has_dns" property="hasDNS"/>
+    </resultMap>
+
+    <select id="queryTemplateProtectLevel" resultMap="protectLevelMap">
+        SELECT
+            t_protect_level.protect_level_id,
+            t_protect_level.has_protect_object_ip,
+            t_protect_level.has_protect_object_port,
+            t_protect_level.has_peer_ip,
+            t_protect_level.has_peer_port,
+            t_protect_level.has_protocol,
+            t_protect_level.has_url,
+            t_protect_level.has_dns
+        FROM t_strategy_template
+        <if test="protectLevel == 1">
+            left join t_protect_level on t_strategy_template.strategy_template_low_level_id = t_protect_level.protect_level_id
+        </if>
+        <if test="protectLevel == 2">
+            left join t_protect_level on t_strategy_template.strategy_template_medium_level_id = t_protect_level.protect_level_id
+        </if>
+        <if test="protectLevel == 3">
+            left join t_protect_level on t_strategy_template.strategy_template_high_level_id = t_protect_level.protect_level_id
+        </if>
+        WHERE t_strategy_template.strategy_template_id = #{templateId}
+    </select>
+
+    <select id="getDynamicTaskInfos"
+            resultMap="dynamicCommmandMap" >
+        select
+            t_task.task_name,
+
+            t_task.task_id,
+            t_dr.dynamic_rule_id,
+
+            t_task.task_create_username,
+            t_task.task_create_depart,
+            t_task.task_create_userid,
+
+            t_task.task_type,
+            t_task.task_act,
+            t_dr.dynamic_rule_frequency,
+
+            t_task.task_start_time,
+            t_task.task_end_time,
+
+            t_dr.template_id,
+            t_dr.dynamic_rule_protect_level
+
+            from t_task
+            left join realtime_protection.t_dynamic_rule t_dr on t_task.task_id = t_dr.dynamic_rule_used_task_id
+            where
+                t_task.task_id = #{task_id}
+    </select>
+</mapper>
\ No newline at end of file
diff --git a/src/main/resources/mappers/StaticRuleMapper.xml b/src/main/resources/mappers/StaticRuleMapper.xml
index a5323be..da3d9d3 100644
--- a/src/main/resources/mappers/StaticRuleMapper.xml
+++ b/src/main/resources/mappers/StaticRuleMapper.xml
@@ -104,12 +104,12 @@
         <result column="static_rule_create_user_id" property="staticRuleCreateUserId"/>
         <result column="static_rule_modify_time" property="staticRuleModifyTime"/>
 
-        <result column="static_rule_sip" property="staticRuleSip"/>
-        <result column="static_rule_msip" property="staticRuleMsip"/>
+        <result column="static_rule_sip_d" property="staticRuleSip"/>
+        <result column="static_rule_msip_d" property="staticRuleMsip"/>
         <result column="static_rule_sport" property="staticRuleSport"/>
         <result column="static_rule_msport" property="staticRuleMsport"/>
-        <result column="static_rule_dip" property="staticRuleDip"/>
-        <result column="static_rule_mdip" property="staticRuleMdip"/>
+        <result column="static_rule_dip_d" property="staticRuleDip"/>
+        <result column="static_rule_mdip_d" property="staticRuleMdip"/>
         <result column="static_rule_dport" property="staticRuleDport"/>
         <result column="static_rule_mdport" property="staticRuleMdport"/>
         <result column="static_rule_protocol" property="staticRuleProtocol"/>
@@ -122,7 +122,12 @@
     </resultMap>
 
     <select id="queryStaticRule"  resultMap="staticRuleMap">
-        SELECT * FROM t_static_rule
+        SELECT *,
+               INET_NTOA(static_rule_sip) as static_rule_sip_d,
+                INET_NTOA(static_rule_msip) as static_rule_msip_d,
+                INET_NTOA(static_rule_dip) as static_rule_dip_d,
+                INET_NTOA(static_rule_mdip) as static_rule_mdip_d
+               FROM t_static_rule
         left join t_task on t_static_rule.static_rule_used_task_id = t_task.task_id
         <where>
             <if test="static_rule_name != null and static_rule_name != ''">
diff --git a/src/main/resources/mappers/WhiteListMapper.xml b/src/main/resources/mappers/WhiteListMapper.xml
index 9ce8458..5011bbb 100644
--- a/src/main/resources/mappers/WhiteListMapper.xml
+++ b/src/main/resources/mappers/WhiteListMapper.xml
@@ -42,7 +42,7 @@
         <id column="white_list_id" property="whiteListId"/>
         <result column="white_list_name" property="whiteListName"/>
         <result column="white_list_system_name" property="whiteListSystemName"/>
-        <result column="white_list_ip" property="whiteListIP"/>
+        <result column="white_list_ip_d" property="whiteListIP"/>
         <result column="white_list_port" property="whiteListPort"/>
         <result column="white_list_url" property="whiteListUrl"/>
         <result column="white_list_protocol" property="whiteListProtocol"/>
@@ -50,7 +50,8 @@
     </resultMap>
 
     <select id="queryWhiteListObject" resultMap="whiteListMap">
-        select * from t_white_list
+        select *, INET_NTOA(white_list_ip) as white_list_ip_d
+               from t_white_list
         <where>
             <if test="whiteListName != null">
                 white_list_name like concat('%', #{whiteListName}, '%')
diff --git a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java
index 071c1d0..085223e 100644
--- a/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java
+++ b/src/test/java/com/realtime/protection/server/rule/staticrule/StaticRuleServiceTest.java
@@ -112,6 +112,12 @@ public class StaticRuleServiceTest extends ProtectionApplicationTests {
         System.out.println(object);
     }
 
+    @Test
+    void testQueryStaticRules(){
+        List<StaticRuleObject> staticRuleObjects = staticRuleService.queryStaticRule(null, null, null, null, 1, 10);
+        System.out.println(staticRuleObjects);
+    }
+
 
 
 }