diff --git a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java index 2e79b80..94c43e1 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java +++ b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java @@ -1,6 +1,7 @@ package com.realtime.protection.configuration.entity.defense.template; import com.fasterxml.jackson.annotation.JsonProperty; +import com.realtime.protection.configuration.utils.NonEmptyFieldFetcher; import io.swagger.v3.oas.annotations.media.Schema; import jakarta.validation.constraints.NotNull; import lombok.Data; @@ -40,6 +41,18 @@ public class Template { @Schema(description = "防御策略模板紧急态字段提取选项") private ProtectLevel protectLevelHigh; + @JsonProperty("has_protect_level_low") + @Schema(description = "日常态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelLow; + + @JsonProperty("has_protect_level_medium") + @Schema(description = "应急态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelMedium; + + @JsonProperty("has_protect_level_high") + @Schema(description = "紧急态字段是否不空", accessMode = Schema.AccessMode.READ_ONLY) + private Boolean hasProtectLevelHigh; + @JsonProperty("template_used_times") @Schema(description = "防御策略模板使用次数", example = "20", accessMode = Schema.AccessMode.READ_ONLY) private Integer usedTimes; @@ -59,4 +72,43 @@ public class Template { @JsonProperty("create_user_depart") @Schema(description = "防御策略模板创建人处室", example = "xxx", accessMode = Schema.AccessMode.READ_ONLY) private String createDepart; + + /** + * 设置是否含有日常/应急/紧急防护等级态字段的字段 + */ + public void setHasProtectLevel() throws IllegalAccessException { + this.hasProtectLevelHigh = hasProtectLevelFields(this.protectLevelHigh); + this.hasProtectLevelMedium = hasProtectLevelFields(this.protectLevelMedium); + this.hasProtectLevelLow = hasProtectLevelFields(this.protectLevelLow); + } + + /** + *仅保留是否含有日常/应急/紧急防护等级态字段以及策略模板名称和ID + */ + public void shortenTemplate() { + this.sourceSystem = null; + this.description = null; + this.protectLevelLow = null; + this.protectLevelMedium = null; + this.protectLevelHigh = null; + this.usedTimes = null; + this.runningTasks = null; + this.createUserId = null; + this.createUsername = null; + this.createDepart = null; + } + + private Boolean hasProtectLevelFields(ProtectLevel protectLevel) throws IllegalAccessException { + return NonEmptyFieldFetcher + .getNonEmptyFields(protectLevel) // 获取所有非空字段 + .stream() // 流式处理 + .filter(field -> field.getType().getName().contains("Boolean")) // 获取所有类型为Boolean的字段 + .anyMatch(field -> { + try { + return (Boolean) field.get(protectLevel); // 返回值为true的字段 + } catch (IllegalAccessException e) { + throw new RuntimeException(e); + } + }); + } } diff --git a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java index 7266af4..113b0e9 100644 --- a/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java +++ b/src/main/java/com/realtime/protection/configuration/exception/GlobalExceptionHandler.java @@ -32,7 +32,7 @@ public class GlobalExceptionHandler { @Order(3) @ExceptionHandler(value = {Exception.class}) public ResponseResult handleGlobalException(Exception e) { - log.error("遭遇全局异常:" + e.getCause()); + log.error("遭遇全局异常:{}", e.getMessage()); return ResponseResult.error().setMessage(e.getMessage()); } @@ -44,7 +44,7 @@ public class GlobalExceptionHandler { SQLIntegrityConstraintViolationException.class }) public ResponseResult handleSQLException(Exception e) { - log.info("遭遇数据库异常:" + e.getMessage()); + log.info("遭遇数据库异常:{}", e.getMessage()); return ResponseResult.invalid().setMessage( "请检查json字段的完整性,确保json字段按照文档中要求填写。"); } @@ -74,14 +74,14 @@ public class GlobalExceptionHandler { IllegalStateException.class }) public ResponseResult handleHandlerMethodValidationException(Exception e) { - log.debug("遭遇非法参数异常:" + e.getMessage()); + log.debug("遭遇非法参数异常:{}", e.getMessage()); return ResponseResult.invalid().setMessage(e.getMessage()); } @Order(2) @ExceptionHandler(value = NotLoginException.class) public ResponseResult handleNotLoginException(NotLoginException e) { - log.debug("遭遇Sa-Token登录异常,登录类型为:" + e.getLoginType()); + log.debug("遭遇Sa-Token登录异常,登录类型为:{}", e.getLoginType()); return new ResponseResult( 401, e.getMessage() @@ -91,14 +91,14 @@ public class GlobalExceptionHandler { @Order(2) @ExceptionHandler(value = SaTokenException.class) public ResponseResult handleSaTokenException(SaTokenException e) { - log.debug("Sa-token模块遭遇异常:" + e.getMessage()); + log.debug("Sa-token模块遭遇异常:{}", e.getMessage()); return ResponseResult.unAuthorized().setMessage(e.getMessage()); } @Order(2) @ExceptionHandler(value = DorisStartException.class) public ResponseResult handleDorisStartException(DorisStartException e) { - log.warn("Doris数据库遭遇异常:" + e.getMessage()); + log.warn("Doris数据库遭遇异常:{}", e.getMessage()); ResponseResult responseResult = ResponseResult.error() .setMessage("Doris数据库指令生成遭遇异常:" + e.getMessage()); diff --git a/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java b/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java new file mode 100644 index 0000000..c67228e --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/NonEmptyFieldFetcher.java @@ -0,0 +1,30 @@ +package com.realtime.protection.configuration.utils; + +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.List; + +public class NonEmptyFieldFetcher { + public static List getNonEmptyFields(Object object) throws IllegalAccessException { + List nonEmptyFields = new ArrayList<>(); + Class clazz = object.getClass(); + + // 获取类中所有的字段,包括继承的字段 + Field[] fields = clazz.getDeclaredFields(); + + for (Field field : fields) { + // 打开字段的访问权限 + field.setAccessible(true); + + // 获取字段的值 + Object value = field.get(object); + + // 检查字段是否非空 + if (value != null) { + nonEmptyFields.add(field); + } + } + + return nonEmptyFields; + } +} \ No newline at end of file diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java new file mode 100644 index 0000000..5cc7980 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/RuleEnum.java @@ -0,0 +1,67 @@ +package com.realtime.protection.configuration.utils.enums; + +import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject; +import com.realtime.protection.configuration.utils.NonEmptyFieldFetcher; + +import java.lang.reflect.Field; +import java.util.*; + +public enum RuleEnum { + // 不带掩码规则的五元组规则类型对应表 + SIP_SPORT_DIP_PROTOCOL("SIP_SPORT_DIP_PROTOCOL"), + SIP_DIP_DPORT_PROTOCOL("SIP_DIP_DPORT_PROTOCOL"), + SIP_SPORT_PROTOCOL("SIP_SPORT_PROTOCOL"), + SIP_DIP_PROTOCOL("SIP_DIP_PROTOCOL"), + SIP_DPORT_PROTOCOL("SIP_DPORT_PROTOCOL"), + SPORT_DIP_PROTOCOL("SPORT_DIP_PROTOCOL"), + DIP_DPORT_PROTOCOL("DIP_DPORT_PROTOCOL"), + SIP_DIP("SIP_DIP"), + SIP_PROTOCOL("SIP_PROTOCOL"), + DIP_PROTOCOL("DIP_PROTOCOL"), + SIP("SIP"), + DIP("DIP"), + // 带掩码规则的五元组规则类型对应表 + DIP_MDIP("DIP_MDIP"), + DIP_MDIP_PROTOCOL_MPROTOCOL("DIP_MDIP_PROTOCOL_MPROTOCOL"), + DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL("SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP("SIP_MSIP"), + SIP_MSIP_PROTOCOL_MPROTOCOL("SIP_MSIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DIP_MDIP("SIP_MSIP_DIP_MDIP"), + SIP_MSIP_DIP_MDIP_PROTOCOL_MPROTOCOL("SIP_MSIP_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DIP_MDIP_PROTOCOL_MPROTOCOL"), + SIP_MSIP_SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL("SIP_MSIP_SPORT_MSPORT_DIP_MDIP_DPORT_MDPORT_PROTOCOL_MPROTOCOL") + ; + + private final Set rule; + private static final List> ruleEnumList = new ArrayList<>(); + + static { + for (RuleEnum ruleEnum : RuleEnum.values()) { + ruleEnumList.add(ruleEnum.rule); + } + } + + RuleEnum(String ruleName) { + this.rule = new HashSet<>(Arrays.stream(ruleName.split("_")).toList()); + } + + public static Boolean checkValidate(StaticRuleObject staticRuleObject) throws IllegalAccessException { + List nonEmptyFields = NonEmptyFieldFetcher.getNonEmptyFields(staticRuleObject); + List fieldNames = new java.util.ArrayList<>(List.of()); + for (Field field : nonEmptyFields) { + String fieldName = field.getName().toUpperCase().replace("STATICRULE", ""); + // 将合理的非空字段加入fieldNames中 + // 需要去掉STATICRULE字段,仅保留后面的字段 + if (fieldName.contains("IP") + || fieldName.contains("PORT") + || fieldName.contains("PROTOCOL")) fieldNames.add(fieldName); + } + return ruleEnumList.stream().anyMatch(rule -> rule.equals(new HashSet<>(fieldNames))); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java index 386762a..91ea1d8 100644 --- a/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/StateEnum.java @@ -1,6 +1,5 @@ package com.realtime.protection.configuration.utils.enums; -import com.realtime.protection.configuration.utils.status.State; import com.realtime.protection.server.task.status.states.*; import lombok.Getter; diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java new file mode 100644 index 0000000..80379c5 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusEnum.java @@ -0,0 +1,55 @@ +package com.realtime.protection.configuration.utils.enums.audit; + +import com.realtime.protection.configuration.utils.enums.audit.states.*; +import lombok.Getter; + +import java.util.HashMap; +import java.util.Map; + +@Getter +public enum AuditStatusEnum { + PENDING(0, new PendingState()), // 未审核状态 + RETURNED(1, new ReturnedState()), // 退回状态 + AUDITED(2, new AuditedState()), // 已审核状态 + USING(3, new UsingState()); // 使用中状态 + + private final Integer num; + private final State state; + private static final Map NumToStateMap = new HashMap<>(); + private static final Map StateToNumMap = new HashMap<>(); + private static final Map StateToAuditStatusEnumMap = new HashMap<>(); + + static { + for (AuditStatusEnum status : AuditStatusEnum.values()) { + NumToStateMap.put(status.getNum(), status.getState()); + StateToNumMap.put(status.getState(), status.getNum()); + StateToAuditStatusEnumMap.put(status.getState(), status); + } + } + + AuditStatusEnum(int auditStatus, State state) { + this.num = auditStatus; + this.state = state; + } + + public static State getStateByNum(Integer auditStatusNum) { + if (auditStatusNum == null) { + return null; + } + return NumToStateMap.get(auditStatusNum); + } + + public static Integer getNumByState(State state) { + if (state == null) { + return null; + } + return StateToNumMap.get(state); + } + + public static AuditStatusEnum getAuditStatusEnumByState(State state) { + if (state == null) { + return null; + } + return StateToAuditStatusEnumMap.get(state); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java new file mode 100644 index 0000000..6c0c441 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/AuditStatusValidator.java @@ -0,0 +1,26 @@ +package com.realtime.protection.configuration.utils.enums.audit; + +import com.realtime.protection.configuration.utils.enums.audit.states.State; +import lombok.extern.slf4j.Slf4j; + +@Slf4j +public class AuditStatusValidator { + + private final State auditStatusOriginal; + + public AuditStatusValidator(Integer auditStatusOriginal) { + this.auditStatusOriginal = AuditStatusEnum.getStateByNum(auditStatusOriginal); + } + + public static AuditStatusValidator setOriginal(Integer auditStatusOriginal) { + return new AuditStatusValidator(auditStatusOriginal); + } + + public Boolean checkValidate(Integer newAuditStatus) { + State newState = AuditStatusEnum.getStateByNum(newAuditStatus); + if (newState == null) { + return false; + } + return auditStatusOriginal.checkValidate(newState); + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java new file mode 100644 index 0000000..740ae2c --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/AuditedState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class AuditedState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case RETURNED -> false; + case PENDING, USING, AUDITED -> true; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java new file mode 100644 index 0000000..ddec69e --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/PendingState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class PendingState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case USING -> false; + case PENDING, RETURNED, AUDITED -> true; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java new file mode 100644 index 0000000..9e09019 --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/ReturnedState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class ReturnedState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case PENDING, RETURNED -> true; + case AUDITED, USING -> false; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java new file mode 100644 index 0000000..118fdbd --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/State.java @@ -0,0 +1,5 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +public interface State { + Boolean checkValidate(State newState); +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java new file mode 100644 index 0000000..82f156f --- /dev/null +++ b/src/main/java/com/realtime/protection/configuration/utils/enums/audit/states/UsingState.java @@ -0,0 +1,13 @@ +package com.realtime.protection.configuration.utils.enums.audit.states; + +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum; + +public class UsingState implements State { + @Override + public Boolean checkValidate(State newState) { + return switch (AuditStatusEnum.getAuditStatusEnumByState(newState)) { + case AUDITED, USING -> true; + case PENDING, RETURNED -> false; + }; + } +} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java deleted file mode 100644 index 8de8b3b..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatus.java +++ /dev/null @@ -1,18 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.Getter; - -@Getter -public enum AuditStatus { - PENDING(0), // 未审核状态 - RETURNED(1), // 退回状态 - AUDITED(2), // 已审核状态 - DRAFT(3); // 草稿 - - private final int auditStatus; - - AuditStatus(int auditStatus) { - this.auditStatus = auditStatus; - } - -} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java b/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java deleted file mode 100644 index 90d15e1..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/AuditStatusValidator.java +++ /dev/null @@ -1,32 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.extern.slf4j.Slf4j; - -@Slf4j -public class AuditStatusValidator { - - private final Integer auditStatusOriginal; - - public AuditStatusValidator(Integer auditStatusOriginal) { - this.auditStatusOriginal = auditStatusOriginal; - } - - public static AuditStatusValidator setOriginal(Integer auditStatusOriginal) { - return new AuditStatusValidator(auditStatusOriginal); - } - - public Boolean checkValidate(Integer newAuditStatus) { - switch (newAuditStatus) { - case 0, 1 -> { - return auditStatusOriginal != 2; - } - case 2 -> { - return auditStatusOriginal != 1; - } - default -> { - log.debug("欲修改的审核状态不正确,需要使用正确的审核状态,当前的审核状态:{}", auditStatusOriginal); - return false; - } - } - } -} diff --git a/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java b/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java deleted file mode 100644 index af6a1b8..0000000 --- a/src/main/java/com/realtime/protection/configuration/utils/status/StateNum.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.realtime.protection.configuration.utils.status; - -import lombok.Getter; - -@Getter -public enum StateNum { - PENDING(0), - RUNNING(1), - PAUSED(2), - STOPPED(3), - FAILED(4), - FINISHED(5); - - private final int stateNum; - - StateNum(int stateNum) { - this.stateNum = stateNum; - } - -} diff --git a/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java b/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java index c513d4e..625c62c 100644 --- a/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java +++ b/src/main/java/com/realtime/protection/server/defense/object/ProtectObjectService.java @@ -3,7 +3,7 @@ package com.realtime.protection.server.defense.object; import com.alibaba.excel.util.ListUtils; import com.realtime.protection.configuration.entity.defense.object.ProtectObject; import com.realtime.protection.configuration.utils.SqlSessionWrapper; -import com.realtime.protection.configuration.utils.status.AuditStatusValidator; +import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; diff --git a/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java b/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java index c7dcbbc..69b2094 100644 --- a/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java +++ b/src/main/java/com/realtime/protection/server/defense/template/TemplateService.java @@ -1,6 +1,7 @@ package com.realtime.protection.server.defense.template; import com.realtime.protection.configuration.entity.defense.template.Template; +import lombok.SneakyThrows; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -44,6 +45,21 @@ public class TemplateService { return templateMapper.queryTemplate(templateId); } + public List