实现公用的IP名单

internal/db/models/http_firewall_policy_dao.go

@@ -330,7 +330,7 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdsWithIPListId(tx *
 	ones, err := this.Query(tx).
 		ResultPk().
 		State(HTTPFirewallPolicyStateEnabled).
-		Where("(JSON_CONTAINS(inbound, :listQuery, '$.whiteListRef') OR JSON_CONTAINS(inbound, :listQuery, '$.blackListRef') )").
+		Where("(JSON_CONTAINS(inbound, :listQuery, '$.whiteListRef') OR JSON_CONTAINS(inbound, :listQuery, '$.blackListRef') OR JSON_CONTAINS(inbound, :listQuery, '$.publicWhiteListRefs')  OR JSON_CONTAINS(inbound, :listQuery, '$.publicBlackListRefs'))").
 		Param("listQuery", maps.Map{"isOn": true, "listId": ipListId}.AsJSON()).
 		FindAll()
 	if err != nil {

internal/db/models/ip_item_dao.go

@@ -46,7 +46,7 @@ func init() {
 	})
 }
 
-// 启用条目
+// EnableIPItem 启用条目
 func (this *IPItemDAO) EnableIPItem(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -55,7 +55,7 @@ func (this *IPItemDAO) EnableIPItem(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 禁用条目
+// DisableIPItem 禁用条目
 func (this *IPItemDAO) DisableIPItem(tx *dbs.Tx, id int64) error {
 	version, err := SharedIPListDAO.IncreaseVersion(tx)
 	if err != nil {
@@ -74,7 +74,7 @@ func (this *IPItemDAO) DisableIPItem(tx *dbs.Tx, id int64) error {
 	return this.NotifyUpdate(tx, id)
 }
 
-// 查找启用中的条目
+// FindEnabledIPItem 查找启用中的条目
 func (this *IPItemDAO) FindEnabledIPItem(tx *dbs.Tx, id int64) (*IPItem, error) {
 	result, err := this.Query(tx).
 		Pk(id).
@@ -86,7 +86,7 @@ func (this *IPItemDAO) FindEnabledIPItem(tx *dbs.Tx, id int64) (*IPItem, error)
 	return result.(*IPItem), err
 }
 
-// 创建IP
+// CreateIPItem 创建IP
 func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx, listId int64, ipFrom string, ipTo string, expiredAt int64, reason string, itemType IPItemType, eventLevel string) (int64, error) {
 	version, err := SharedIPListDAO.IncreaseVersion(tx)
 	if err != nil {
@@ -121,7 +121,7 @@ func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx, listId int64, ipFrom string, ipT
 	return itemId, nil
 }
 
-// 修改IP
+// UpdateIPItem 修改IP
 func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, ipFrom string, ipTo string, expiredAt int64, reason string, itemType IPItemType, eventLevel string) error {
 	if itemId <= 0 {
 		return errors.New("invalid itemId")
@@ -165,7 +165,7 @@ func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, ipFrom string, ipT
 	return this.NotifyUpdate(tx, itemId)
 }
 
-// 计算IP数量
+// CountIPItemsWithListId 计算IP数量
 func (this *IPItemDAO) CountIPItemsWithListId(tx *dbs.Tx, listId int64) (int64, error) {
 	return this.Query(tx).
 		State(IPItemStateEnabled).
@@ -173,7 +173,7 @@ func (this *IPItemDAO) CountIPItemsWithListId(tx *dbs.Tx, listId int64) (int64,
 		Count()
 }
 
-// 查找IP列表
+// ListIPItemsWithListId 查找IP列表
 func (this *IPItemDAO) ListIPItemsWithListId(tx *dbs.Tx, listId int64, offset int64, size int64) (result []*IPItem, err error) {
 	_, err = this.Query(tx).
 		State(IPItemStateEnabled).
@@ -186,7 +186,7 @@ func (this *IPItemDAO) ListIPItemsWithListId(tx *dbs.Tx, listId int64, offset in
 	return
 }
 
-// 根据版本号查找IP列表
+// ListIPItemsAfterVersion 根据版本号查找IP列表
 func (this *IPItemDAO) ListIPItemsAfterVersion(tx *dbs.Tx, version int64, size int64) (result []*IPItem, err error) {
 	_, err = this.Query(tx).
 		// 这里不要设置状态参数，因为我们要知道哪些是删除的
@@ -200,7 +200,7 @@ func (this *IPItemDAO) ListIPItemsAfterVersion(tx *dbs.Tx, version int64, size i
 	return
 }
 
-// 查找IPItem对应的列表ID
+// FindItemListId 查找IPItem对应的列表ID
 func (this *IPItemDAO) FindItemListId(tx *dbs.Tx, itemId int64) (int64, error) {
 	return this.Query(tx).
 		Pk(itemId).
@@ -208,7 +208,7 @@ func (this *IPItemDAO) FindItemListId(tx *dbs.Tx, itemId int64) (int64, error) {
 		FindInt64Col(0)
 }
 
-// 查找包含某个IP的Item
+// FindEnabledItemContainsIP 查找包含某个IP的Item
 func (this *IPItemDAO) FindEnabledItemContainsIP(tx *dbs.Tx, listId int64, ip uint64) (*IPItem, error) {
 	query := this.Query(tx).
 		Attr("listId", listId).
@@ -229,7 +229,15 @@ func (this *IPItemDAO) FindEnabledItemContainsIP(tx *dbs.Tx, listId int64, ip ui
 	return one.(*IPItem), nil
 }
 
-// 通知更新
+// ExistsEnabledItem 检查IP是否存在
+func (this *IPItemDAO) ExistsEnabledItem(tx *dbs.Tx, itemId int64) (bool, error) {
+	return this.Query(tx).
+		Pk(itemId).
+		State(IPItemStateEnabled).
+		Exist()
+}
+
+// NotifyUpdate 通知更新
 func (this *IPItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64) error {
 	// 获取ListId
 	listId, err := this.FindItemListId(tx, itemId)

internal/db/models/ip_list_dao.go

@@ -38,7 +38,7 @@ func init() {
 	})
 }
 
-// 启用条目
+// EnableIPList 启用条目
 func (this *IPListDAO) EnableIPList(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -47,7 +47,7 @@ func (this *IPListDAO) EnableIPList(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 禁用条目
+// DisableIPList 禁用条目
 func (this *IPListDAO) DisableIPList(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -56,7 +56,7 @@ func (this *IPListDAO) DisableIPList(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 查找启用中的条目
+// FindEnabledIPList 查找启用中的条目
 func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64) (*IPList, error) {
 	result, err := this.Query(tx).
 		Pk(id).
@@ -68,7 +68,7 @@ func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64) (*IPList, error)
 	return result.(*IPList), err
 }
 
-// 根据主键查找名称
+// FindIPListName 根据主键查找名称
 func (this *IPListDAO) FindIPListName(tx *dbs.Tx, id int64) (string, error) {
 	return this.Query(tx).
 		Pk(id).
@@ -76,7 +76,7 @@ func (this *IPListDAO) FindIPListName(tx *dbs.Tx, id int64) (string, error) {
 		FindStringCol("")
 }
 
-// 获取名单类型
+// FindIPListTypeCacheable 获取名单类型
 func (this *IPListDAO) FindIPListTypeCacheable(tx *dbs.Tx, listId int64) (string, error) {
 	// 检查缓存
 	SharedCacheLocker.RLock()
@@ -106,8 +106,8 @@ func (this *IPListDAO) FindIPListTypeCacheable(tx *dbs.Tx, listId int64) (string
 	return listType, nil
 }
 
-// 创建名单
+// CreateIPList 创建名单
-func (this *IPListDAO) CreateIPList(tx *dbs.Tx, userId int64, listType ipconfigs.IPListType, name string, code string, timeoutJSON []byte) (int64, error) {
+func (this *IPListDAO) CreateIPList(tx *dbs.Tx, userId int64, listType ipconfigs.IPListType, name string, code string, timeoutJSON []byte, description string, isPublic bool) (int64, error) {
 	op := NewIPListOperator()
 	op.IsOn = true
 	op.UserId = userId
@@ -118,6 +118,8 @@ func (this *IPListDAO) CreateIPList(tx *dbs.Tx, userId int64, listType ipconfigs
 	if len(timeoutJSON) > 0 {
 		op.Timeout = timeoutJSON
 	}
+	op.Description = description
+	op.IsPublic = isPublic
 	err := this.Save(tx, op)
 	if err != nil {
 		return 0, err
@@ -125,8 +127,8 @@ func (this *IPListDAO) CreateIPList(tx *dbs.Tx, userId int64, listType ipconfigs
 	return types.Int64(op.Id), nil
 }
 
-// 修改名单
+// UpdateIPList 修改名单
-func (this *IPListDAO) UpdateIPList(tx *dbs.Tx, listId int64, name string, code string, timeoutJSON []byte) error {
+func (this *IPListDAO) UpdateIPList(tx *dbs.Tx, listId int64, name string, code string, timeoutJSON []byte, description string) error {
 	if listId <= 0 {
 		return errors.New("invalid listId")
 	}
@@ -139,16 +141,17 @@ func (this *IPListDAO) UpdateIPList(tx *dbs.Tx, listId int64, name string, code
 	} else {
 		op.Timeout = "null"
 	}
+	op.Description = description
 	err := this.Save(tx, op)
 	return err
 }
 
-// 增加版本
+// IncreaseVersion 增加版本
 func (this *IPListDAO) IncreaseVersion(tx *dbs.Tx) (int64, error) {
 	return SharedSysLockerDAO.Increase(tx, "IP_LIST_VERSION", 1000000)
 }
 
-// 检查用户权限
+// CheckUserIPList 检查用户权限
 func (this *IPListDAO) CheckUserIPList(tx *dbs.Tx, userId int64, listId int64) error {
 	ok, err := this.Query(tx).
 		Pk(listId).
@@ -163,7 +166,49 @@ func (this *IPListDAO) CheckUserIPList(tx *dbs.Tx, userId int64, listId int64) e
 	return ErrNotFound
 }
 
-// 通知更新
+// CountAllEnabledIPLists 计算名单数量
+func (this *IPListDAO) CountAllEnabledIPLists(tx *dbs.Tx, listType string, isPublic bool, keyword string) (int64, error) {
+	var query = this.Query(tx).
+		State(IPListStateEnabled).
+		Attr("type", listType).
+		Attr("isPublic", isPublic)
+	if len(keyword) > 0 {
+		query.Where("(name LIKE :keyword OR description LIKE :keyword)").
+			Param("keyword", "%"+keyword+"%")
+	}
+	return query.Count()
+}
+
+// ListEnabledIPLists 列出单页名单
+func (this *IPListDAO) ListEnabledIPLists(tx *dbs.Tx, listType string, isPublic bool, keyword string, offset int64, size int64) (result []*IPList, err error) {
+	var query = this.Query(tx).
+		State(IPListStateEnabled).
+		Attr("type", listType).
+		Attr("isPublic", isPublic)
+	if len(keyword) > 0 {
+		query.Where("(name LIKE :keyword OR description LIKE :keyword)").
+			Param("keyword", "%"+keyword+"%")
+	}
+	_, err = query.Offset(offset).
+		Limit(size).
+		DescPk().
+		Slice(&result).
+		FindAll()
+	return
+}
+
+// ExistsEnabledIPList 检查IP名单是否存在
+func (this *IPListDAO) ExistsEnabledIPList(tx *dbs.Tx, listId int64) (bool, error) {
+	if listId <= 0 {
+		return false, nil
+	}
+	return this.Query(tx).
+		Pk(listId).
+		State(IPListStateEnabled).
+		Exist()
+}
+
+// NotifyUpdate 通知更新
 func (this *IPListDAO) NotifyUpdate(tx *dbs.Tx, listId int64, taskType NodeTaskType) error {
 	httpFirewallPolicyIds, err := SharedHTTPFirewallPolicyDAO.FindEnabledFirewallPolicyIdsWithIPListId(tx, listId)
 	if err != nil {

internal/db/models/ip_list_model.go

@@ -1,32 +1,36 @@
 package models
 
-// IP名单
+// IPList IP名单
 type IPList struct {
-	Id        uint32 `field:"id"`        // ID
+	Id          uint32 `field:"id"`          // ID
-	IsOn      uint8  `field:"isOn"`      // 是否启用
+	IsOn        uint8  `field:"isOn"`        // 是否启用
-	Type      string `field:"type"`      // 类型
+	Type        string `field:"type"`        // 类型
-	AdminId   uint32 `field:"adminId"`   // 用户ID
+	AdminId     uint32 `field:"adminId"`     // 用户ID
-	UserId    uint32 `field:"userId"`    // 用户ID
+	UserId      uint32 `field:"userId"`      // 用户ID
-	Name      string `field:"name"`      // 列表名
+	Name        string `field:"name"`        // 列表名
-	Code      string `field:"code"`      // 代号
+	Code        string `field:"code"`        // 代号
-	State     uint8  `field:"state"`     // 状态
+	State       uint8  `field:"state"`       // 状态
-	CreatedAt uint64 `field:"createdAt"` // 创建时间
+	CreatedAt   uint64 `field:"createdAt"`   // 创建时间
-	Timeout   string `field:"timeout"`   // 默认超时时间
+	Timeout     string `field:"timeout"`     // 默认超时时间
-	Actions   string `field:"actions"`   // IP触发的动作
+	Actions     string `field:"actions"`     // IP触发的动作
+	Description string `field:"description"` // 描述
+	IsPublic    uint8  `field:"isPublic"`    // 是否公用
 }
 
 type IPListOperator struct {
-	Id        interface{} // ID
+	Id          interface{} // ID
-	IsOn      interface{} // 是否启用
+	IsOn        interface{} // 是否启用
-	Type      interface{} // 类型
+	Type        interface{} // 类型
-	AdminId   interface{} // 用户ID
+	AdminId     interface{} // 用户ID
-	UserId    interface{} // 用户ID
+	UserId      interface{} // 用户ID
-	Name      interface{} // 列表名
+	Name        interface{} // 列表名
-	Code      interface{} // 代号
+	Code        interface{} // 代号
-	State     interface{} // 状态
+	State       interface{} // 状态
-	CreatedAt interface{} // 创建时间
+	CreatedAt   interface{} // 创建时间
-	Timeout   interface{} // 默认超时时间
+	Timeout     interface{} // 默认超时时间
-	Actions   interface{} // IP触发的动作
+	Actions     interface{} // IP触发的动作
+	Description interface{} // 描述
+	IsPublic    interface{} // 是否公用
 }
 
 func NewIPListOperator() *IPListOperator {

internal/rpc/services/service_ip_item.go

@@ -5,16 +5,17 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"net"
 )
 
-// IP条目相关服务
+// IPItemService IP条目相关服务
 type IPItemService struct {
 	BaseService
 }
 
-// 创建IP
+// CreateIPItem 创建IP
 func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPItemRequest) (*pb.CreateIPItemResponse, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -59,7 +60,7 @@ func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPIte
 	return &pb.CreateIPItemResponse{IpItemId: itemId}, nil
 }
 
-// 修改IP
+// UpdateIPItem 修改IP
 func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPItemRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -93,7 +94,7 @@ func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPIte
 	return this.Success()
 }
 
-// 删除IP
+// DeleteIPItem 删除IP
 func (this *IPItemService) DeleteIPItem(ctx context.Context, req *pb.DeleteIPItemRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -123,7 +124,7 @@ func (this *IPItemService) DeleteIPItem(ctx context.Context, req *pb.DeleteIPIte
 	return this.Success()
 }
 
-// 计算IP数量
+// CountIPItemsWithListId 计算IP数量
 func (this *IPItemService) CountIPItemsWithListId(ctx context.Context, req *pb.CountIPItemsWithListIdRequest) (*pb.RPCCountResponse, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -147,7 +148,7 @@ func (this *IPItemService) CountIPItemsWithListId(ctx context.Context, req *pb.C
 	return this.SuccessCount(count)
 }
 
-// 列出单页的IP
+// ListIPItemsWithListId 列出单页的IP
 func (this *IPItemService) ListIPItemsWithListId(ctx context.Context, req *pb.ListIPItemsWithListIdRequest) (*pb.ListIPItemsWithListIdResponse, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -189,7 +190,7 @@ func (this *IPItemService) ListIPItemsWithListId(ctx context.Context, req *pb.Li
 	return &pb.ListIPItemsWithListIdResponse{IpItems: result}, nil
 }
 
-// 查找单个IP
+// FindEnabledIPItem 查找单个IP
 func (this *IPItemService) FindEnabledIPItem(ctx context.Context, req *pb.FindEnabledIPItemRequest) (*pb.FindEnabledIPItemResponse, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -230,7 +231,7 @@ func (this *IPItemService) FindEnabledIPItem(ctx context.Context, req *pb.FindEn
 	}}, nil
 }
 
-// 根据版本列出一组IP
+// ListIPItemsAfterVersion 根据版本列出一组IP
 func (this *IPItemService) ListIPItemsAfterVersion(ctx context.Context, req *pb.ListIPItemsAfterVersionRequest) (*pb.ListIPItemsAfterVersionResponse, error) {
 	// 校验请求
 	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin, rpcutils.UserTypeNode)
@@ -273,3 +274,82 @@ func (this *IPItemService) ListIPItemsAfterVersion(ctx context.Context, req *pb.
 
 	return &pb.ListIPItemsAfterVersionResponse{IpItems: result}, nil
 }
+
+// CheckIPItemStatus 检查IP状态
+func (this *IPItemService) CheckIPItemStatus(ctx context.Context, req *pb.CheckIPItemStatusRequest) (*pb.CheckIPItemStatusResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	// 校验IP
+	ip := net.ParseIP(req.Ip)
+	if len(ip) == 0 {
+		return &pb.CheckIPItemStatusResponse{
+			IsOk:  false,
+			Error: "请输入正确的IP",
+		}, nil
+	}
+	ipLong := utils.IP2Long(req.Ip)
+
+	tx := this.NullTx()
+
+	// 名单类型
+	list, err := models.SharedIPListDAO.FindEnabledIPList(tx, req.IpListId)
+	if err != nil {
+		return nil, err
+	}
+	if list == nil {
+		return &pb.CheckIPItemStatusResponse{
+			IsOk:  false,
+			Error: "IP名单不存在",
+		}, nil
+	}
+	var isAllowed = list.Type == "white"
+
+	// 检查IP名单
+	item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, req.IpListId, ipLong)
+	if err != nil {
+		return nil, err
+	}
+	if item != nil {
+		return &pb.CheckIPItemStatusResponse{
+			IsOk:      true,
+			Error:     "",
+			IsFound:   true,
+			IsAllowed: isAllowed,
+			IpItem: &pb.IPItem{
+				Id:         int64(item.Id),
+				IpFrom:     item.IpFrom,
+				IpTo:       item.IpTo,
+				ExpiredAt:  int64(item.ExpiredAt),
+				Reason:     item.Reason,
+				Type:       item.Type,
+				EventLevel: item.EventLevel,
+			},
+		}, nil
+	}
+
+	return &pb.CheckIPItemStatusResponse{
+		IsOk:      true,
+		Error:     "",
+		IsFound:   false,
+		IsAllowed: false,
+		IpItem:    nil,
+	}, nil
+}
+
+// ExistsEnabledIPItem 检查IP是否存在
+func (this *IPItemService) ExistsEnabledIPItem(ctx context.Context, req *pb.ExistsEnabledIPItemRequest) (*pb.ExistsEnabledIPItemResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	b, err := models.SharedIPItemDAO.ExistsEnabledItem(tx, req.IpItemId)
+	if err != nil {
+		return nil, err
+	}
+	return &pb.ExistsEnabledIPItemResponse{Exists: b}, nil
+}

internal/rpc/services/service_ip_list.go

@@ -3,16 +3,15 @@ package services
 import (
 	"context"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
-	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
-// IP名单相关服务
+// IPListService IP名单相关服务
 type IPListService struct {
 	BaseService
 }
 
-// 创建IP列表
+// CreateIPList 创建IP列表
 func (this *IPListService) CreateIPList(ctx context.Context, req *pb.CreateIPListRequest) (*pb.CreateIPListResponse, error) {
 	// 校验请求
 	_, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -22,34 +21,34 @@ func (this *IPListService) CreateIPList(ctx context.Context, req *pb.CreateIPLis
 
 	tx := this.NullTx()
 
-	listId, err := models.SharedIPListDAO.CreateIPList(tx, userId, req.Type, req.Name, req.Code, req.TimeoutJSON)
+	listId, err := models.SharedIPListDAO.CreateIPList(tx, userId, req.Type, req.Name, req.Code, req.TimeoutJSON, req.Description, req.IsPublic)
 	if err != nil {
 		return nil, err
 	}
 	return &pb.CreateIPListResponse{IpListId: listId}, nil
 }
 
-// 修改IP列表
+// UpdateIPList 修改IP列表
 func (this *IPListService) UpdateIPList(ctx context.Context, req *pb.UpdateIPListRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
-	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
+	_, err := this.ValidateAdmin(ctx, 0)
 	if err != nil {
 		return nil, err
 	}
 
 	tx := this.NullTx()
 
-	err = models.SharedIPListDAO.UpdateIPList(tx, req.IpListId, req.Name, req.Code, req.TimeoutJSON)
+	err = models.SharedIPListDAO.UpdateIPList(tx, req.IpListId, req.Name, req.Code, req.TimeoutJSON, req.Description)
 	if err != nil {
 		return nil, err
 	}
 	return this.Success()
 }
 
-// 查找IP列表
+// FindEnabledIPList 查找IP列表
 func (this *IPListService) FindEnabledIPList(ctx context.Context, req *pb.FindEnabledIPListRequest) (*pb.FindEnabledIPListResponse, error) {
 	// 校验请求
-	_, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin)
+	_, err := this.ValidateAdmin(ctx, 0)
 	if err != nil {
 		return nil, err
 	}
@@ -70,5 +69,79 @@ func (this *IPListService) FindEnabledIPList(ctx context.Context, req *pb.FindEn
 		Name:        list.Name,
 		Code:        list.Code,
 		TimeoutJSON: []byte(list.Timeout),
+		Description: list.Description,
 	}}, nil
 }
+
+// CountAllEnabledIPLists 计算名单数量
+func (this *IPListService) CountAllEnabledIPLists(ctx context.Context, req *pb.CountAllEnabledIPListsRequest) (*pb.RPCCountResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	count, err := models.SharedIPListDAO.CountAllEnabledIPLists(tx, req.Type, req.IsPublic, req.Keyword)
+	if err != nil {
+		return nil, err
+	}
+	return this.SuccessCount(count)
+}
+
+// ListEnabledIPLists 列出单页名单
+func (this *IPListService) ListEnabledIPLists(ctx context.Context, req *pb.ListEnabledIPListsRequest) (*pb.ListEnabledIPListsResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	lists, err := models.SharedIPListDAO.ListEnabledIPLists(tx, req.Type, req.IsPublic, req.Keyword, req.Offset, req.Size)
+	if err != nil {
+		return nil, err
+	}
+	var pbLists []*pb.IPList
+	for _, list := range lists {
+		pbLists = append(pbLists, &pb.IPList{
+			Id:          int64(list.Id),
+			IsOn:        list.IsOn == 1,
+			Type:        list.Type,
+			Name:        list.Name,
+			Code:        list.Code,
+			TimeoutJSON: []byte(list.Timeout),
+			IsPublic:    list.IsPublic == 1,
+			Description: list.Description,
+		})
+	}
+	return &pb.ListEnabledIPListsResponse{IpLists: pbLists}, nil
+}
+
+// DeleteIPList 删除IP名单
+func (this *IPListService) DeleteIPList(ctx context.Context, req *pb.DeleteIPListRequest) (*pb.RPCSuccess, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	err = models.SharedIPListDAO.DisableIPList(tx, req.IpListId)
+	if err != nil {
+		return nil, err
+	}
+	return this.Success()
+}
+
+// ExistsEnabledIPList 检查IPList是否存在
+func (this *IPListService) ExistsEnabledIPList(ctx context.Context, req *pb.ExistsEnabledIPListRequest) (*pb.ExistsEnabledIPListResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	b, err := models.SharedIPListDAO.ExistsEnabledIPList(tx, req.IpListId)
+	if err != nil {
+		return nil, err
+	}
+	return &pb.ExistsEnabledIPListResponse{Exists: b}, nil
+}