2020-11-07 19:40:24 +08:00
|
|
|
package services
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"github.com/TeaOSLab/EdgeAPI/internal/db/models"
|
2021-01-03 21:37:47 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAPI/internal/errors"
|
2020-11-07 19:40:24 +08:00
|
|
|
rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
|
2021-06-23 13:12:54 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAPI/internal/utils"
|
2020-11-07 19:40:24 +08:00
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
2021-01-03 21:37:47 +08:00
|
|
|
"net"
|
2020-11-07 19:40:24 +08:00
|
|
|
)
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// IPItemService IP条目相关服务
|
2020-11-07 19:40:24 +08:00
|
|
|
type IPItemService struct {
|
2020-11-24 15:02:44 +08:00
|
|
|
BaseService
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// CreateIPItem 创建IP
|
2020-11-07 19:40:24 +08:00
|
|
|
func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPItemRequest) (*pb.CreateIPItemResponse, error) {
|
|
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-03 21:37:47 +08:00
|
|
|
if len(req.IpFrom) == 0 {
|
|
|
|
|
return nil, errors.New("'ipFrom' should not be empty")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ipFrom := net.ParseIP(req.IpFrom)
|
|
|
|
|
if ipFrom == nil {
|
|
|
|
|
return nil, errors.New("invalid 'ipFrom'")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(req.IpTo) > 0 {
|
|
|
|
|
ipTo := net.ParseIP(req.IpTo)
|
|
|
|
|
if ipTo == nil {
|
|
|
|
|
return nil, errors.New("invalid 'ipTo'")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2021-01-03 20:18:07 +08:00
|
|
|
if userId > 0 {
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, req.IpListId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-02 15:25:40 +08:00
|
|
|
if len(req.Type) == 0 {
|
|
|
|
|
req.Type = models.IPItemTypeIPv4
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
2020-11-10 09:22:10 +08:00
|
|
|
|
2021-02-06 17:38:04 +08:00
|
|
|
itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, req.IpListId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
|
2021-01-17 16:48:00 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-07 19:40:24 +08:00
|
|
|
return &pb.CreateIPItemResponse{IpItemId: itemId}, nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// UpdateIPItem 修改IP
|
2020-11-13 18:22:22 +08:00
|
|
|
func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPItemRequest) (*pb.RPCSuccess, error) {
|
2020-11-07 19:40:24 +08:00
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2021-01-03 20:18:07 +08:00
|
|
|
if userId > 0 {
|
|
|
|
|
listId, err := models.SharedIPItemDAO.FindItemListId(tx, req.IpItemId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, listId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-02 15:25:40 +08:00
|
|
|
if len(req.Type) == 0 {
|
|
|
|
|
req.Type = models.IPItemTypeIPv4
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
2021-01-17 16:48:00 +08:00
|
|
|
|
2021-02-06 17:38:04 +08:00
|
|
|
err = models.SharedIPItemDAO.UpdateIPItem(tx, req.IpItemId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
|
2021-01-17 16:48:00 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-24 15:02:44 +08:00
|
|
|
return this.Success()
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// DeleteIPItem 删除IP
|
2020-11-13 18:22:22 +08:00
|
|
|
func (this *IPItemService) DeleteIPItem(ctx context.Context, req *pb.DeleteIPItemRequest) (*pb.RPCSuccess, error) {
|
2020-11-07 19:40:24 +08:00
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2021-01-03 20:18:07 +08:00
|
|
|
if userId > 0 {
|
|
|
|
|
listId, err := models.SharedIPItemDAO.FindItemListId(tx, req.IpItemId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, listId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
err = models.SharedIPItemDAO.DisableIPItem(tx, req.IpItemId)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2021-01-17 16:48:00 +08:00
|
|
|
|
2020-11-24 15:02:44 +08:00
|
|
|
return this.Success()
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// CountIPItemsWithListId 计算IP数量
|
2020-11-12 14:41:28 +08:00
|
|
|
func (this *IPItemService) CountIPItemsWithListId(ctx context.Context, req *pb.CountIPItemsWithListIdRequest) (*pb.RPCCountResponse, error) {
|
2020-11-07 19:40:24 +08:00
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2021-01-03 20:18:07 +08:00
|
|
|
if userId > 0 {
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, req.IpListId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
count, err := models.SharedIPItemDAO.CountIPItemsWithListId(tx, req.IpListId)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2020-11-24 17:36:47 +08:00
|
|
|
return this.SuccessCount(count)
|
2020-11-07 19:40:24 +08:00
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// ListIPItemsWithListId 列出单页的IP
|
2020-11-07 19:40:24 +08:00
|
|
|
func (this *IPItemService) ListIPItemsWithListId(ctx context.Context, req *pb.ListIPItemsWithListIdRequest) (*pb.ListIPItemsWithListIdResponse, error) {
|
|
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2021-01-03 20:18:07 +08:00
|
|
|
if userId > 0 {
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, req.IpListId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
items, err := models.SharedIPItemDAO.ListIPItemsWithListId(tx, req.IpListId, req.Offset, req.Size)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
result := []*pb.IPItem{}
|
|
|
|
|
for _, item := range items {
|
2021-02-02 15:25:40 +08:00
|
|
|
if len(item.Type) == 0 {
|
|
|
|
|
item.Type = models.IPItemTypeIPv4
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-07 19:40:24 +08:00
|
|
|
result = append(result, &pb.IPItem{
|
2021-02-06 17:38:04 +08:00
|
|
|
Id: int64(item.Id),
|
|
|
|
|
IpFrom: item.IpFrom,
|
|
|
|
|
IpTo: item.IpTo,
|
|
|
|
|
Version: int64(item.Version),
|
|
|
|
|
ExpiredAt: int64(item.ExpiredAt),
|
|
|
|
|
Reason: item.Reason,
|
|
|
|
|
Type: item.Type,
|
|
|
|
|
EventLevel: item.EventLevel,
|
2020-11-07 19:40:24 +08:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &pb.ListIPItemsWithListIdResponse{IpItems: result}, nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// FindEnabledIPItem 查找单个IP
|
2020-11-07 19:40:24 +08:00
|
|
|
func (this *IPItemService) FindEnabledIPItem(ctx context.Context, req *pb.FindEnabledIPItemRequest) (*pb.FindEnabledIPItemResponse, error) {
|
|
|
|
|
// 校验请求
|
2021-01-03 20:18:07 +08:00
|
|
|
_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
|
|
|
|
item, err := models.SharedIPItemDAO.FindEnabledIPItem(tx, req.IpItemId)
|
2020-11-07 19:40:24 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if item == nil {
|
|
|
|
|
return &pb.FindEnabledIPItemResponse{IpItem: nil}, nil
|
|
|
|
|
}
|
2021-01-03 20:18:07 +08:00
|
|
|
|
|
|
|
|
if userId > 0 {
|
|
|
|
|
err = models.SharedIPListDAO.CheckUserIPList(tx, userId, int64(item.ListId))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-02 15:25:40 +08:00
|
|
|
if len(item.Type) == 0 {
|
|
|
|
|
item.Type = models.IPItemTypeIPv4
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-07 19:40:24 +08:00
|
|
|
return &pb.FindEnabledIPItemResponse{IpItem: &pb.IPItem{
|
2021-02-06 17:38:04 +08:00
|
|
|
Id: int64(item.Id),
|
|
|
|
|
IpFrom: item.IpFrom,
|
|
|
|
|
IpTo: item.IpTo,
|
|
|
|
|
Version: int64(item.Version),
|
|
|
|
|
ExpiredAt: int64(item.ExpiredAt),
|
|
|
|
|
Reason: item.Reason,
|
|
|
|
|
Type: item.Type,
|
|
|
|
|
EventLevel: item.EventLevel,
|
2020-11-07 19:40:24 +08:00
|
|
|
}}, nil
|
|
|
|
|
}
|
2020-11-09 10:44:00 +08:00
|
|
|
|
2021-06-23 13:12:54 +08:00
|
|
|
// ListIPItemsAfterVersion 根据版本列出一组IP
|
2020-11-09 10:44:00 +08:00
|
|
|
func (this *IPItemService) ListIPItemsAfterVersion(ctx context.Context, req *pb.ListIPItemsAfterVersionRequest) (*pb.ListIPItemsAfterVersionResponse, error) {
|
|
|
|
|
// 校验请求
|
2021-07-11 18:05:57 +08:00
|
|
|
_, _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin, rpcutils.UserTypeNode)
|
2020-11-09 10:44:00 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-01 23:31:30 +08:00
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
2020-11-09 10:44:00 +08:00
|
|
|
result := []*pb.IPItem{}
|
2021-01-01 23:31:30 +08:00
|
|
|
items, err := models.SharedIPItemDAO.ListIPItemsAfterVersion(tx, req.Version, req.Size)
|
2020-11-09 10:44:00 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
for _, item := range items {
|
2021-02-02 15:25:40 +08:00
|
|
|
if len(item.Type) == 0 {
|
|
|
|
|
item.Type = models.IPItemTypeIPv4
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-06 17:38:04 +08:00
|
|
|
// List类型
|
|
|
|
|
listType, err := models.SharedIPListDAO.FindIPListTypeCacheable(tx, int64(item.ListId))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-09 10:44:00 +08:00
|
|
|
result = append(result, &pb.IPItem{
|
2021-02-06 17:38:04 +08:00
|
|
|
Id: int64(item.Id),
|
|
|
|
|
IpFrom: item.IpFrom,
|
|
|
|
|
IpTo: item.IpTo,
|
|
|
|
|
Version: int64(item.Version),
|
|
|
|
|
ExpiredAt: int64(item.ExpiredAt),
|
|
|
|
|
Reason: "", // 这里我们不需要这个数据
|
|
|
|
|
ListId: int64(item.ListId),
|
|
|
|
|
IsDeleted: item.State == 0,
|
|
|
|
|
Type: item.Type,
|
|
|
|
|
EventLevel: item.EventLevel,
|
|
|
|
|
ListType: listType,
|
2020-11-09 10:44:00 +08:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &pb.ListIPItemsAfterVersionResponse{IpItems: result}, nil
|
|
|
|
|
}
|
2021-06-23 13:12:54 +08:00
|
|
|
|
|
|
|
|
// CheckIPItemStatus 检查IP状态
|
|
|
|
|
func (this *IPItemService) CheckIPItemStatus(ctx context.Context, req *pb.CheckIPItemStatusRequest) (*pb.CheckIPItemStatusResponse, error) {
|
|
|
|
|
_, err := this.ValidateAdmin(ctx, 0)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 校验IP
|
|
|
|
|
ip := net.ParseIP(req.Ip)
|
|
|
|
|
if len(ip) == 0 {
|
|
|
|
|
return &pb.CheckIPItemStatusResponse{
|
|
|
|
|
IsOk: false,
|
|
|
|
|
Error: "请输入正确的IP",
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
ipLong := utils.IP2Long(req.Ip)
|
|
|
|
|
|
|
|
|
|
tx := this.NullTx()
|
|
|
|
|
|
|
|
|
|
// 名单类型
|
|
|
|
|
list, err := models.SharedIPListDAO.FindEnabledIPList(tx, req.IpListId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if list == nil {
|
|
|
|
|
return &pb.CheckIPItemStatusResponse{
|
|
|
|
|
IsOk: false,
|
|
|
|
|
Error: "IP名单不存在",
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
var isAllowed = list.Type == "white"
|
|
|
|
|
|
|
|
|
|
// 检查IP名单
|
|
|
|
|
item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, req.IpListId, ipLong)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if item != nil {
|
|
|
|
|
return &pb.CheckIPItemStatusResponse{
|
|
|
|
|
IsOk: true,
|
|
|
|
|
Error: "",
|
|
|
|
|
IsFound: true,
|
|
|
|
|
IsAllowed: isAllowed,
|
|
|
|
|
IpItem: &pb.IPItem{
|
|
|
|
|
Id: int64(item.Id),
|
|
|
|
|
IpFrom: item.IpFrom,
|
|
|
|
|
IpTo: item.IpTo,
|
|
|
|
|
ExpiredAt: int64(item.ExpiredAt),
|
|
|
|
|
Reason: item.Reason,
|
|
|
|
|
Type: item.Type,
|
|
|
|
|
EventLevel: item.EventLevel,
|
|
|
|
|
},
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return &pb.CheckIPItemStatusResponse{
|
|
|
|
|
IsOk: true,
|
|
|
|
|
Error: "",
|
|
|
|
|
IsFound: false,
|
|
|
|
|
IsAllowed: false,
|
|
|
|
|
IpItem: nil,
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ExistsEnabledIPItem 检查IP是否存在
|
|
|
|
|
func (this *IPItemService) ExistsEnabledIPItem(ctx context.Context, req *pb.ExistsEnabledIPItemRequest) (*pb.ExistsEnabledIPItemResponse, error) {
|
|
|
|
|
_, err := this.ValidateAdmin(ctx, 0)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var tx = this.NullTx()
|
|
|
|
|
b, err := models.SharedIPItemDAO.ExistsEnabledItem(tx, req.IpItemId)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return &pb.ExistsEnabledIPItemResponse{Exists: b}, nil
|
|
|
|
|
}
|
