实现WAF部分功能

2026-01-29 00:25:48 +08:00 · 2020-10-07 11:18:12 +08:00
parent 7e5869d5d5
commit dff460eecb
5 changed files with 132 additions and 4 deletions
--- a/internal/db/models/http_firewall_policy_dao.go
+++ b/internal/db/models/http_firewall_policy_dao.go
@@ -190,8 +190,8 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(policyId int64) (*firew
 	config.Description = policy.Description

 	// Inbound
+	inbound := &firewallconfigs.HTTPFirewallInboundConfig{}
 	if IsNotNull(policy.Inbound) {
-		inbound := &firewallconfigs.HTTPFirewallInboundConfig{}
 		err = json.Unmarshal([]byte(policy.Inbound), inbound)
 		if err != nil {
 			return nil, err
@@ -214,12 +214,12 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(policyId int64) (*firew
 			inbound.GroupRefs = resultGroupRefs
 			inbound.Groups = resultGroups
 		}
-		config.Inbound = inbound
 	}
+	config.Inbound = inbound

 	// Outbound
+	outbound := &firewallconfigs.HTTPFirewallOutboundConfig{}
 	if IsNotNull(policy.Outbound) {
-		outbound := &firewallconfigs.HTTPFirewallOutboundConfig{}
 		err = json.Unmarshal([]byte(policy.Outbound), outbound)
 		if err != nil {
 			return nil, err
@@ -242,8 +242,8 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(policyId int64) (*firew
 			outbound.GroupRefs = resultGroupRefs
 			outbound.Groups = resultGroups
 		}
-		config.Outbound = outbound
 	}
+	config.Outbound = outbound

 	return config, nil
 }
--- a/internal/db/models/http_firewall_rule_group_dao.go
+++ b/internal/db/models/http_firewall_rule_group_dao.go
@@ -2,6 +2,7 @@ package models

 import (
 	"encoding/json"
+	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
@@ -159,3 +160,31 @@ func (this *HTTPFirewallRuleGroupDAO) UpdateGroupIsOn(groupId int64, isOn bool)
 		Update()
 	return err
 }
+
+// 创建分组
+func (this *HTTPFirewallRuleGroupDAO) CreateGroup(isOn bool, name string, description string) (int64, error) {
+	op := NewHTTPFirewallRuleGroupOperator()
+	op.State = HTTPFirewallRuleStateEnabled
+	op.IsOn = isOn
+	op.Name = name
+	op.Description = description
+	_, err := this.Save(op)
+	if err != nil {
+		return 0, err
+	}
+	return types.Int64(op.Id), nil
+}
+
+// 修改分组
+func (this *HTTPFirewallRuleGroupDAO) UpdateGroup(groupId int64, isOn bool, name string, description string) error {
+	if groupId <= 0 {
+		return errors.New("invalid groupId")
+	}
+	op := NewHTTPFirewallRuleGroupOperator()
+	op.Id = groupId
+	op.IsOn = isOn
+	op.Name = name
+	op.Description = description
+	_, err := this.Save(op)
+	return err
+}