diff --git a/internal/db/models/http_firewall_policy_dao.go b/internal/db/models/http_firewall_policy_dao.go index 8093f082..4c2dd25f 100644 --- a/internal/db/models/http_firewall_policy_dao.go +++ b/internal/db/models/http_firewall_policy_dao.go @@ -37,12 +37,12 @@ func init() { }) } -// 初始化 +// Init 初始化 func (this *HTTPFirewallPolicyDAO) Init() { _ = this.DAOObject.Init() } -// 启用条目 +// EnableHTTPFirewallPolicy 启用条目 func (this *HTTPFirewallPolicyDAO) EnableHTTPFirewallPolicy(tx *dbs.Tx, id int64) error { _, err := this.Query(tx). Pk(id). @@ -51,7 +51,7 @@ func (this *HTTPFirewallPolicyDAO) EnableHTTPFirewallPolicy(tx *dbs.Tx, id int64 return err } -// 禁用条目 +// DisableHTTPFirewallPolicy 禁用条目 func (this *HTTPFirewallPolicyDAO) DisableHTTPFirewallPolicy(tx *dbs.Tx, policyId int64) error { _, err := this.Query(tx). Pk(policyId). @@ -64,7 +64,7 @@ func (this *HTTPFirewallPolicyDAO) DisableHTTPFirewallPolicy(tx *dbs.Tx, policyI return this.NotifyUpdate(tx, policyId) } -// 查找启用中的条目 +// FindEnabledHTTPFirewallPolicy 查找启用中的条目 func (this *HTTPFirewallPolicyDAO) FindEnabledHTTPFirewallPolicy(tx *dbs.Tx, id int64) (*HTTPFirewallPolicy, error) { result, err := this.Query(tx). Pk(id). @@ -76,7 +76,7 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledHTTPFirewallPolicy(tx *dbs.Tx, id return result.(*HTTPFirewallPolicy), err } -// 根据主键查找名称 +// FindHTTPFirewallPolicyName 根据主键查找名称 func (this *HTTPFirewallPolicyDAO) FindHTTPFirewallPolicyName(tx *dbs.Tx, id int64) (string, error) { return this.Query(tx). Pk(id). @@ -84,7 +84,7 @@ func (this *HTTPFirewallPolicyDAO) FindHTTPFirewallPolicyName(tx *dbs.Tx, id int FindStringCol("") } -// 查找所有可用策略 +// FindAllEnabledFirewallPolicies 查找所有可用策略 func (this *HTTPFirewallPolicyDAO) FindAllEnabledFirewallPolicies(tx *dbs.Tx) (result []*HTTPFirewallPolicy, err error) { _, err = this.Query(tx). State(HTTPFirewallPolicyStateEnabled). @@ -94,7 +94,7 @@ func (this *HTTPFirewallPolicyDAO) FindAllEnabledFirewallPolicies(tx *dbs.Tx) (r return } -// 创建策略 +// CreateFirewallPolicy 创建策略 func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64, serverId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte) (int64, error) { op := NewHTTPFirewallPolicyOperator() op.UserId = userId @@ -113,7 +113,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64 return types.Int64(op.Id), err } -// 修改策略的Inbound和Outbound +// UpdateFirewallPolicyInboundAndOutbound 修改策略的Inbound和Outbound func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInboundAndOutbound(tx *dbs.Tx, policyId int64, inboundJSON []byte, outboundJSON []byte) error { if policyId <= 0 { return errors.New("invalid policyId") @@ -138,7 +138,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInboundAndOutbound(tx *db return this.NotifyUpdate(tx, policyId) } -// 修改策略的Inbound +// UpdateFirewallPolicyInbound 修改策略的Inbound func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(tx *dbs.Tx, policyId int64, inboundJSON []byte) error { if policyId <= 0 { return errors.New("invalid policyId") @@ -158,7 +158,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(tx *dbs.Tx, polic return this.NotifyUpdate(tx, policyId) } -// 修改策略 +// UpdateFirewallPolicy 修改策略 func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte) error { if policyId <= 0 { return errors.New("invalid policyId") @@ -189,18 +189,28 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int return this.NotifyUpdate(tx, policyId) } -// 计算所有可用的策略数量 -func (this *HTTPFirewallPolicyDAO) CountAllEnabledFirewallPolicies(tx *dbs.Tx) (int64, error) { - return this.Query(tx). +// CountAllEnabledFirewallPolicies 计算所有可用的策略数量 +func (this *HTTPFirewallPolicyDAO) CountAllEnabledFirewallPolicies(tx *dbs.Tx, keyword string) (int64, error) { + query := this.Query(tx) + if len(keyword) > 0 { + query.Where("(name LIKE :keyword)"). + Param("keyword", "%"+keyword+"%") + } + return query. State(HTTPFirewallPolicyStateEnabled). Attr("userId", 0). Attr("serverId", 0). Count() } -// 列出单页的策略 -func (this *HTTPFirewallPolicyDAO) ListEnabledFirewallPolicies(tx *dbs.Tx, offset int64, size int64) (result []*HTTPFirewallPolicy, err error) { - _, err = this.Query(tx). +// ListEnabledFirewallPolicies 列出单页的策略 +func (this *HTTPFirewallPolicyDAO) ListEnabledFirewallPolicies(tx *dbs.Tx, keyword string, offset int64, size int64) (result []*HTTPFirewallPolicy, err error) { + query := this.Query(tx) + if len(keyword) > 0 { + query.Where("(name LIKE :keyword)"). + Param("keyword", "%"+keyword+"%") + } + _, err = query. State(HTTPFirewallPolicyStateEnabled). Attr("userId", 0). Attr("serverId", 0). @@ -212,7 +222,7 @@ func (this *HTTPFirewallPolicyDAO) ListEnabledFirewallPolicies(tx *dbs.Tx, offse return } -// 组合策略配置 +// ComposeFirewallPolicy 组合策略配置 func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId int64) (*firewallconfigs.HTTPFirewallPolicy, error) { policy, err := this.FindEnabledHTTPFirewallPolicy(tx, policyId) if err != nil { @@ -297,7 +307,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in return config, nil } -// 检查用户防火墙策略 +// CheckUserFirewallPolicy 检查用户防火墙策略 func (this *HTTPFirewallPolicyDAO) CheckUserFirewallPolicy(tx *dbs.Tx, userId int64, firewallPolicyId int64) error { ok, err := this.Query(tx). Pk(firewallPolicyId). @@ -315,7 +325,7 @@ func (this *HTTPFirewallPolicyDAO) CheckUserFirewallPolicy(tx *dbs.Tx, userId in return ErrNotFound } -// 查找包含某个IPList的所有策略 +// FindEnabledFirewallPolicyIdsWithIPListId 查找包含某个IPList的所有策略 func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdsWithIPListId(tx *dbs.Tx, ipListId int64) ([]int64, error) { ones, err := this.Query(tx). ResultPk(). @@ -333,7 +343,7 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdsWithIPListId(tx * return result, nil } -// 查找包含某个规则分组的策略ID +// FindEnabledFirewallPolicyIdWithRuleGroupId 查找包含某个规则分组的策略ID func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdWithRuleGroupId(tx *dbs.Tx, ruleGroupId int64) (int64, error) { return this.Query(tx). ResultPk(). @@ -343,7 +353,7 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdWithRuleGroupId(tx FindInt64Col(0) } -// 设置某个策略所属的服务ID +// UpdateFirewallPolicyServerId 设置某个策略所属的服务ID func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyServerId(tx *dbs.Tx, policyId int64, serverId int64) error { _, err := this.Query(tx). Pk(policyId). @@ -352,7 +362,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyServerId(tx *dbs.Tx, poli return err } -// 通知更新 +// NotifyUpdate 通知更新 func (this *HTTPFirewallPolicyDAO) NotifyUpdate(tx *dbs.Tx, policyId int64) error { webIds, err := SharedHTTPWebDAO.FindAllWebIdsWithHTTPFirewallPolicyId(tx, policyId) if err != nil { diff --git a/internal/rpc/services/service_http_firewall_policy.go b/internal/rpc/services/service_http_firewall_policy.go index 65a85d61..a9cf0f86 100644 --- a/internal/rpc/services/service_http_firewall_policy.go +++ b/internal/rpc/services/service_http_firewall_policy.go @@ -15,12 +15,12 @@ import ( "net" ) -// HTTP防火墙(WAF)相关服务 +// HTTPFirewallPolicyService HTTP防火墙(WAF)相关服务 type HTTPFirewallPolicyService struct { BaseService } -// 获取所有可用策略 +// FindAllEnabledHTTPFirewallPolicies 获取所有可用策略 func (this *HTTPFirewallPolicyService) FindAllEnabledHTTPFirewallPolicies(ctx context.Context, req *pb.FindAllEnabledHTTPFirewallPoliciesRequest) (*pb.FindAllEnabledHTTPFirewallPoliciesResponse, error) { // 校验请求 _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin) @@ -50,7 +50,7 @@ func (this *HTTPFirewallPolicyService) FindAllEnabledHTTPFirewallPolicies(ctx co return &pb.FindAllEnabledHTTPFirewallPoliciesResponse{FirewallPolicies: result}, nil } -// 创建防火墙策略 +// CreateHTTPFirewallPolicy 创建防火墙策略 func (this *HTTPFirewallPolicyService) CreateHTTPFirewallPolicy(ctx context.Context, req *pb.CreateHTTPFirewallPolicyRequest) (*pb.CreateHTTPFirewallPolicyResponse, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -118,7 +118,7 @@ func (this *HTTPFirewallPolicyService) CreateHTTPFirewallPolicy(ctx context.Cont return &pb.CreateHTTPFirewallPolicyResponse{HttpFirewallPolicyId: policyId}, nil } -// 创建空防火墙策略 +// CreateEmptyHTTPFirewallPolicy 创建空防火墙策略 func (this *HTTPFirewallPolicyService) CreateEmptyHTTPFirewallPolicy(ctx context.Context, req *pb.CreateEmptyHTTPFirewallPolicyRequest) (*pb.CreateEmptyHTTPFirewallPolicyResponse, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -164,7 +164,7 @@ func (this *HTTPFirewallPolicyService) CreateEmptyHTTPFirewallPolicy(ctx context return &pb.CreateEmptyHTTPFirewallPolicyResponse{HttpFirewallPolicyId: policyId}, nil } -// 修改防火墙策略 +// UpdateHTTPFirewallPolicy 修改防火墙策略 func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Context, req *pb.UpdateHTTPFirewallPolicyRequest) (*pb.RPCSuccess, error) { // 校验请求 _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin) @@ -292,7 +292,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont return this.Success() } -// 修改分组信息 +// UpdateHTTPFirewallPolicyGroups 修改分组信息 func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicyGroups(ctx context.Context, req *pb.UpdateHTTPFirewallPolicyGroupsRequest) (*pb.RPCSuccess, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -317,7 +317,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicyGroups(ctx contex return this.Success() } -// 修改inbound信息 +// UpdateHTTPFirewallInboundConfig 修改inbound信息 func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallInboundConfig(ctx context.Context, req *pb.UpdateHTTPFirewallInboundConfigRequest) (*pb.RPCSuccess, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -342,7 +342,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallInboundConfig(ctx conte return this.Success() } -// 计算可用的防火墙策略数量 +// CountAllEnabledHTTPFirewallPolicies 计算可用的防火墙策略数量 func (this *HTTPFirewallPolicyService) CountAllEnabledHTTPFirewallPolicies(ctx context.Context, req *pb.CountAllEnabledHTTPFirewallPoliciesRequest) (*pb.RPCCountResponse, error) { // 校验请求 _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin) @@ -352,14 +352,14 @@ func (this *HTTPFirewallPolicyService) CountAllEnabledHTTPFirewallPolicies(ctx c tx := this.NullTx() - count, err := models.SharedHTTPFirewallPolicyDAO.CountAllEnabledFirewallPolicies(tx) + count, err := models.SharedHTTPFirewallPolicyDAO.CountAllEnabledFirewallPolicies(tx, req.Keyword) if err != nil { return nil, err } return this.SuccessCount(count) } -// 列出单页的防火墙策略 +// ListEnabledHTTPFirewallPolicies 列出单页的防火墙策略 func (this *HTTPFirewallPolicyService) ListEnabledHTTPFirewallPolicies(ctx context.Context, req *pb.ListEnabledHTTPFirewallPoliciesRequest) (*pb.ListEnabledHTTPFirewallPoliciesResponse, error) { // 校验请求 _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin) @@ -369,7 +369,7 @@ func (this *HTTPFirewallPolicyService) ListEnabledHTTPFirewallPolicies(ctx conte tx := this.NullTx() - policies, err := models.SharedHTTPFirewallPolicyDAO.ListEnabledFirewallPolicies(tx, req.Offset, req.Size) + policies, err := models.SharedHTTPFirewallPolicyDAO.ListEnabledFirewallPolicies(tx, req.Keyword, req.Offset, req.Size) if err != nil { return nil, err } @@ -389,7 +389,7 @@ func (this *HTTPFirewallPolicyService) ListEnabledHTTPFirewallPolicies(ctx conte return &pb.ListEnabledHTTPFirewallPoliciesResponse{HttpFirewallPolicies: result}, nil } -// 删除某个防火墙策略 +// DeleteHTTPFirewallPolicy 删除某个防火墙策略 func (this *HTTPFirewallPolicyService) DeleteHTTPFirewallPolicy(ctx context.Context, req *pb.DeleteHTTPFirewallPolicyRequest) (*pb.RPCSuccess, error) { // 校验请求 _, _, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeAdmin) @@ -407,7 +407,7 @@ func (this *HTTPFirewallPolicyService) DeleteHTTPFirewallPolicy(ctx context.Cont return this.Success() } -// 查找单个防火墙配置 +// FindEnabledHTTPFirewallPolicyConfig 查找单个防火墙配置 func (this *HTTPFirewallPolicyService) FindEnabledHTTPFirewallPolicyConfig(ctx context.Context, req *pb.FindEnabledHTTPFirewallPolicyConfigRequest) (*pb.FindEnabledHTTPFirewallPolicyConfigResponse, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -441,7 +441,7 @@ func (this *HTTPFirewallPolicyService) FindEnabledHTTPFirewallPolicyConfig(ctx c return &pb.FindEnabledHTTPFirewallPolicyConfigResponse{HttpFirewallPolicyJSON: configJSON}, nil } -// 获取防火墙的基本信息 +// FindEnabledHTTPFirewallPolicy 获取防火墙的基本信息 func (this *HTTPFirewallPolicyService) FindEnabledHTTPFirewallPolicy(ctx context.Context, req *pb.FindEnabledHTTPFirewallPolicyRequest) (*pb.FindEnabledHTTPFirewallPolicyResponse, error) { // 校验请求 _, userId, err := this.ValidateAdminAndUser(ctx, 0, 0) @@ -475,7 +475,7 @@ func (this *HTTPFirewallPolicyService) FindEnabledHTTPFirewallPolicy(ctx context }}, nil } -// 导入策略数据 +// ImportHTTPFirewallPolicy 导入策略数据 func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Context, req *pb.ImportHTTPFirewallPolicyRequest) (*pb.RPCSuccess, error) { _, err := this.ValidateAdmin(ctx, 0) if err != nil { @@ -633,7 +633,7 @@ func (this *HTTPFirewallPolicyService) ImportHTTPFirewallPolicy(ctx context.Cont return this.Success() } -// 检查IP状态 +// CheckHTTPFirewallPolicyIPStatus 检查IP状态 func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx context.Context, req *pb.CheckHTTPFirewallPolicyIPStatusRequest) (*pb.CheckHTTPFirewallPolicyIPStatusResponse, error) { _, err := this.ValidateAdmin(ctx, 0) if err != nil {