EdgeAPI/internal/rpc/services/service_http_firewall_rule_group.go

package services

import (
	"context"
	"encoding/json"
	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)

// WAF规则分组相关服务
type HTTPFirewallRuleGroupService struct {
	BaseService
}

// 设置是否启用分组
func (this *HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroupIsOn(ctx context.Context, req *pb.UpdateHTTPFirewallRuleGroupIsOnRequest) (*pb.RPCSuccess, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupIsOn(tx, req.FirewallRuleGroupId, req.IsOn)
	if err != nil {
		return nil, err
	}

	return this.Success()
}

// 创建分组
func (this *HTTPFirewallRuleGroupService) CreateHTTPFirewallRuleGroup(ctx context.Context, req *pb.CreateHTTPFirewallRuleGroupRequest) (*pb.CreateHTTPFirewallRuleGroupResponse, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroup(tx, req.IsOn, req.Name, req.Description)
	if err != nil {
		return nil, err
	}
	return &pb.CreateHTTPFirewallRuleGroupResponse{FirewallRuleGroupId: groupId}, nil
}

// 修改分组
func (this *HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroup(ctx context.Context, req *pb.UpdateHTTPFirewallRuleGroupRequest) (*pb.RPCSuccess, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, req.FirewallRuleGroupId, req.IsOn, req.Name, req.Description)
	if err != nil {
		return nil, err
	}

	return this.Success()
}

// 获取分组配置
func (this *HTTPFirewallRuleGroupService) FindEnabledHTTPFirewallRuleGroupConfig(ctx context.Context, req *pb.FindEnabledHTTPFirewallRuleGroupConfigRequest) (*pb.FindEnabledHTTPFirewallRuleGroupConfigResponse, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	groupConfig, err := models.SharedHTTPFirewallRuleGroupDAO.ComposeFirewallRuleGroup(tx, req.FirewallRuleGroupId)
	if err != nil {
		return nil, err
	}
	if groupConfig == nil {
		return &pb.FindEnabledHTTPFirewallRuleGroupConfigResponse{FirewallRuleGroupJSON: nil}, nil
	}
	groupConfigJSON, err := json.Marshal(groupConfig)
	if err != nil {
		return nil, err
	}
	return &pb.FindEnabledHTTPFirewallRuleGroupConfigResponse{FirewallRuleGroupJSON: groupConfigJSON}, nil
}

// 获取分组信息
func (this *HTTPFirewallRuleGroupService) FindEnabledHTTPFirewallRuleGroup(ctx context.Context, req *pb.FindEnabledHTTPFirewallRuleGroupRequest) (*pb.FindEnabledHTTPFirewallRuleGroupResponse, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	group, err := models.SharedHTTPFirewallRuleGroupDAO.FindEnabledHTTPFirewallRuleGroup(tx, req.FirewallRuleGroupId)
	if err != nil {
		return nil, err
	}
	if group == nil {
		return &pb.FindEnabledHTTPFirewallRuleGroupResponse{
			FirewallRuleGroup: nil,
		}, nil
	}

	return &pb.FindEnabledHTTPFirewallRuleGroupResponse{
		FirewallRuleGroup: &pb.HTTPFirewallRuleGroup{
			Id:          int64(group.Id),
			Name:        group.Name,
			IsOn:        group.IsOn == 1,
			Description: group.Description,
			Code:        group.Code,
		},
	}, nil
}

// 修改分组的规则集
func (this *HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroupSets(ctx context.Context, req *pb.UpdateHTTPFirewallRuleGroupSetsRequest) (*pb.RPCSuccess, error) {
	// 校验请求
	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
	if err != nil {
		return nil, err
	}

	tx := this.NullTx()

	err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, req.GetFirewallRuleGroupId(), req.FirewallRuleSetsJSON)
	if err != nil {
		return nil, err
	}
	return this.Success()
}
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`package services`

			`import (`
			`"context"`
			`"encoding/json"`
			`"github.com/TeaOSLab/EdgeAPI/internal/db/models"`
			`rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
			`)`

			`// WAF规则分组相关服务`
			`type HTTPFirewallRuleGroupService struct {`
调整SSL证书目录结构 2020-11-24 15:02:44 +08:00			`BaseService`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`}`

			`// 设置是否启用分组`
实现基本的集群DNS列表、设置、简单数据同步 2020-11-13 18:22:22 +08:00			`func (this HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroupIsOn(ctx context.Context, req pb.UpdateHTTPFirewallRuleGroupIsOnRequest) (*pb.RPCSuccess, error) {`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupIsOn(tx, req.FirewallRuleGroupId, req.IsOn)`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`if err != nil {`
			`return nil, err`
			`}`

调整SSL证书目录结构 2020-11-24 15:02:44 +08:00			`return this.Success()`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`}`

			`// 创建分组`
			`func (this HTTPFirewallRuleGroupService) CreateHTTPFirewallRuleGroup(ctx context.Context, req pb.CreateHTTPFirewallRuleGroupRequest) (*pb.CreateHTTPFirewallRuleGroupResponse, error) {`
			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`groupId, err := models.SharedHTTPFirewallRuleGroupDAO.CreateGroup(tx, req.IsOn, req.Name, req.Description)`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`if err != nil {`
			`return nil, err`
			`}`
			`return &pb.CreateHTTPFirewallRuleGroupResponse{FirewallRuleGroupId: groupId}, nil`
			`}`

			`// 修改分组`
实现基本的集群DNS列表、设置、简单数据同步 2020-11-13 18:22:22 +08:00			`func (this HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroup(ctx context.Context, req pb.UpdateHTTPFirewallRuleGroupRequest) (*pb.RPCSuccess, error) {`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroup(tx, req.FirewallRuleGroupId, req.IsOn, req.Name, req.Description)`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`if err != nil {`
			`return nil, err`
			`}`

调整SSL证书目录结构 2020-11-24 15:02:44 +08:00			`return this.Success()`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`}`

			`// 获取分组配置`
实现点击访问日志显示详情窗口 2020-11-02 21:15:31 +08:00			`func (this HTTPFirewallRuleGroupService) FindEnabledHTTPFirewallRuleGroupConfig(ctx context.Context, req pb.FindEnabledHTTPFirewallRuleGroupConfigRequest) (*pb.FindEnabledHTTPFirewallRuleGroupConfigResponse, error) {`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`groupConfig, err := models.SharedHTTPFirewallRuleGroupDAO.ComposeFirewallRuleGroup(tx, req.FirewallRuleGroupId)`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`if err != nil {`
			`return nil, err`
			`}`
			`if groupConfig == nil {`
实现点击访问日志显示详情窗口 2020-11-02 21:15:31 +08:00			`return &pb.FindEnabledHTTPFirewallRuleGroupConfigResponse{FirewallRuleGroupJSON: nil}, nil`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`}`
			`groupConfigJSON, err := json.Marshal(groupConfig)`
			`if err != nil {`
			`return nil, err`
			`}`
实现点击访问日志显示详情窗口 2020-11-02 21:15:31 +08:00			`return &pb.FindEnabledHTTPFirewallRuleGroupConfigResponse{FirewallRuleGroupJSON: groupConfigJSON}, nil`
			`}`

			`// 获取分组信息`
			`func (this HTTPFirewallRuleGroupService) FindEnabledHTTPFirewallRuleGroup(ctx context.Context, req pb.FindEnabledHTTPFirewallRuleGroupRequest) (*pb.FindEnabledHTTPFirewallRuleGroupResponse, error) {`
			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`group, err := models.SharedHTTPFirewallRuleGroupDAO.FindEnabledHTTPFirewallRuleGroup(tx, req.FirewallRuleGroupId)`
实现点击访问日志显示详情窗口 2020-11-02 21:15:31 +08:00			`if err != nil {`
			`return nil, err`
			`}`
			`if group == nil {`
			`return &pb.FindEnabledHTTPFirewallRuleGroupResponse{`
			`FirewallRuleGroup: nil,`
			`}, nil`
			`}`

			`return &pb.FindEnabledHTTPFirewallRuleGroupResponse{`
			`FirewallRuleGroup: &pb.HTTPFirewallRuleGroup{`
			`Id: int64(group.Id),`
			`Name: group.Name,`
			`IsOn: group.IsOn == 1,`
			`Description: group.Description,`
			`Code: group.Code,`
			`},`
			`}, nil`
实现WAF部分功能 2020-10-07 11:18:12 +08:00			`}`
实现WAF部分功能 2020-10-08 11:11:49 +08:00
			`// 修改分组的规则集`
实现基本的集群DNS列表、设置、简单数据同步 2020-11-13 18:22:22 +08:00			`func (this HTTPFirewallRuleGroupService) UpdateHTTPFirewallRuleGroupSets(ctx context.Context, req pb.UpdateHTTPFirewallRuleGroupSetsRequest) (*pb.RPCSuccess, error) {`
实现WAF部分功能 2020-10-08 11:11:49 +08:00			`// 校验请求`
			`_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)`
			`if err != nil {`
			`return nil, err`
			`}`

所有数据库相关的操作支持事务 2021-01-01 23:31:30 +08:00			`tx := this.NullTx()`

			`err = models.SharedHTTPFirewallRuleGroupDAO.UpdateGroupSets(tx, req.GetFirewallRuleGroupId(), req.FirewallRuleSetsJSON)`
实现WAF部分功能 2020-10-08 11:11:49 +08:00			`if err != nil {`
			`return nil, err`
			`}`
调整SSL证书目录结构 2020-11-24 15:02:44 +08:00			`return this.Success()`
实现WAF部分功能 2020-10-08 11:11:49 +08:00			`}`