mirror of
https://github.com/TeaOSLab/EdgeAPI.git
synced 2025-11-20 13:00:24 +08:00
增加IP级别和WAF动作相关API
This commit is contained in:
GoEdgeLab
@@ -680,12 +680,13 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
|
||||
IsAllowed: true,
|
||||
IpList: &pb.IPList{Name: "白名单", Id: firewallPolicy.Inbound.AllowListRef.ListId},
|
||||
IpItem: &pb.IPItem{
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
EventLevel: item.EventLevel,
|
||||
},
|
||||
RegionCountry: nil,
|
||||
RegionProvince: nil,
|
||||
@@ -711,12 +712,13 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
|
||||
IsAllowed: false,
|
||||
IpList: &pb.IPList{Name: "黑名单", Id: firewallPolicy.Inbound.DenyListRef.ListId},
|
||||
IpItem: &pb.IPItem{
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
EventLevel: item.EventLevel,
|
||||
},
|
||||
RegionCountry: nil,
|
||||
RegionProvince: nil,
|
||||
|
||||
@@ -51,7 +51,7 @@ func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPIte
|
||||
req.Type = models.IPItemTypeIPv4
|
||||
}
|
||||
|
||||
itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, req.IpListId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type)
|
||||
itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, req.IpListId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -85,7 +85,7 @@ func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPIte
|
||||
req.Type = models.IPItemTypeIPv4
|
||||
}
|
||||
|
||||
err = models.SharedIPItemDAO.UpdateIPItem(tx, req.IpItemId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type)
|
||||
err = models.SharedIPItemDAO.UpdateIPItem(tx, req.IpItemId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -175,13 +175,14 @@ func (this *IPItemService) ListIPItemsWithListId(ctx context.Context, req *pb.Li
|
||||
}
|
||||
|
||||
result = append(result, &pb.IPItem{
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
EventLevel: item.EventLevel,
|
||||
})
|
||||
}
|
||||
|
||||
@@ -218,13 +219,14 @@ func (this *IPItemService) FindEnabledIPItem(ctx context.Context, req *pb.FindEn
|
||||
}
|
||||
|
||||
return &pb.FindEnabledIPItemResponse{IpItem: &pb.IPItem{
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: item.Reason,
|
||||
Type: item.Type,
|
||||
EventLevel: item.EventLevel,
|
||||
}}, nil
|
||||
}
|
||||
|
||||
@@ -248,16 +250,24 @@ func (this *IPItemService) ListIPItemsAfterVersion(ctx context.Context, req *pb.
|
||||
item.Type = models.IPItemTypeIPv4
|
||||
}
|
||||
|
||||
// List类型
|
||||
listType, err := models.SharedIPListDAO.FindIPListTypeCacheable(tx, int64(item.ListId))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
result = append(result, &pb.IPItem{
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: "", // 这里我们不需要这个数据
|
||||
ListId: int64(item.ListId),
|
||||
IsDeleted: item.State == 0,
|
||||
Type: item.Type,
|
||||
Id: int64(item.Id),
|
||||
IpFrom: item.IpFrom,
|
||||
IpTo: item.IpTo,
|
||||
Version: int64(item.Version),
|
||||
ExpiredAt: int64(item.ExpiredAt),
|
||||
Reason: "", // 这里我们不需要这个数据
|
||||
ListId: int64(item.ListId),
|
||||
IsDeleted: item.State == 0,
|
||||
Type: item.Type,
|
||||
EventLevel: item.EventLevel,
|
||||
ListType: listType,
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
126
internal/rpc/services/service_node_cluster_firewall_action.go
Normal file
126
internal/rpc/services/service_node_cluster_firewall_action.go
Normal file
@@ -0,0 +1,126 @@
|
||||
package services
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"github.com/TeaOSLab/EdgeAPI/internal/db/models"
|
||||
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
||||
"github.com/iwind/TeaGo/maps"
|
||||
)
|
||||
|
||||
// 防火墙动作服务
|
||||
type NodeClusterFirewallActionService struct {
|
||||
BaseService
|
||||
}
|
||||
|
||||
// 创建动作
|
||||
func (this *NodeClusterFirewallActionService) CreateNodeClusterFirewallAction(ctx context.Context, req *pb.CreateNodeClusterFirewallActionRequest) (*pb.NodeClusterFirewallActionResponse, error) {
|
||||
adminId, err := this.ValidateAdmin(ctx, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
params := maps.Map{}
|
||||
if len(req.ParamsJSON) > 0 {
|
||||
err = json.Unmarshal(req.ParamsJSON, ¶ms)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
var tx = this.NullTx()
|
||||
actionId, err := models.SharedNodeClusterFirewallActionDAO.CreateFirewallAction(tx, adminId, req.NodeClusterId, req.Name, req.EventLevel, req.Type, params)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &pb.NodeClusterFirewallActionResponse{NodeClusterFirewallActionId: actionId}, nil
|
||||
}
|
||||
|
||||
// 修改动作
|
||||
func (this *NodeClusterFirewallActionService) UpdateNodeClusterFirewallAction(ctx context.Context, req *pb.UpdateNodeClusterFirewallActionRequest) (*pb.RPCSuccess, error) {
|
||||
_, err := this.ValidateAdmin(ctx, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
params := maps.Map{}
|
||||
if len(req.ParamsJSON) > 0 {
|
||||
err = json.Unmarshal(req.ParamsJSON, ¶ms)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
var tx = this.NullTx()
|
||||
err = models.SharedNodeClusterFirewallActionDAO.UpdateFirewallAction(tx, req.NodeClusterFirewallActionId, req.Name, req.EventLevel, req.Type, params)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return this.Success()
|
||||
}
|
||||
|
||||
// 删除动作
|
||||
func (this *NodeClusterFirewallActionService) DeleteNodeClusterFirewallAction(ctx context.Context, req *pb.DeleteNodeClusterFirewallActionRequest) (*pb.RPCSuccess, error) {
|
||||
_, err := this.ValidateAdmin(ctx, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var tx = this.NullTx()
|
||||
err = models.SharedNodeClusterFirewallActionDAO.DisableFirewallAction(tx, req.NodeClusterFirewallActionId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return this.Success()
|
||||
}
|
||||
|
||||
// 查询集群的所有动作
|
||||
func (this *NodeClusterFirewallActionService) FindAllEnabledNodeClusterFirewallActions(ctx context.Context, req *pb.FindAllEnabledNodeClusterFirewallActionsRequest) (*pb.FindAllEnabledNodeClusterFirewallActionsResponse, error) {
|
||||
_, err := this.ValidateAdmin(ctx, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var tx = this.NullTx()
|
||||
actions, err := models.SharedNodeClusterFirewallActionDAO.FindAllEnabledFirewallActions(tx, req.NodeClusterId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
pbActions := []*pb.NodeClusterFirewallAction{}
|
||||
for _, action := range actions {
|
||||
pbActions = append(pbActions, &pb.NodeClusterFirewallAction{
|
||||
Id: int64(action.Id),
|
||||
NodeClusterId: int64(action.ClusterId),
|
||||
Name: action.Name,
|
||||
EventLevel: action.EventLevel,
|
||||
Type: action.Type,
|
||||
ParamsJSON: []byte(action.Params),
|
||||
})
|
||||
}
|
||||
return &pb.FindAllEnabledNodeClusterFirewallActionsResponse{NodeClusterFirewallActions: pbActions}, nil
|
||||
}
|
||||
|
||||
// 查询单个动作
|
||||
func (this *NodeClusterFirewallActionService) FindEnabledNodeClusterFirewallAction(ctx context.Context, req *pb.FindEnabledNodeClusterFirewallActionRequest) (*pb.FindEnabledNodeClusterFirewallActionResponse, error) {
|
||||
_, err := this.ValidateAdmin(ctx, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var tx = this.NullTx()
|
||||
action, err := models.SharedNodeClusterFirewallActionDAO.FindEnabledFirewallAction(tx, req.NodeClusterFirewallActionId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if action == nil {
|
||||
return &pb.FindEnabledNodeClusterFirewallActionResponse{NodeClusterFirewallAction: nil}, nil
|
||||
}
|
||||
return &pb.FindEnabledNodeClusterFirewallActionResponse{NodeClusterFirewallAction: &pb.NodeClusterFirewallAction{
|
||||
Id: int64(action.Id),
|
||||
NodeClusterId: int64(action.ClusterId),
|
||||
Name: action.Name,
|
||||
EventLevel: action.EventLevel,
|
||||
Type: action.Type,
|
||||
ParamsJSON: []byte(action.Params),
|
||||
}}, nil
|
||||
}
|
||||
Reference in New Issue
Block a user