增加全局查看、检索IP功能

2025-12-29 01:06:36 +08:00 · 2021-11-17 19:51:00 +08:00
parent 4d7e82d0a2
commit f7cbf051bd
5 changed files with 255 additions and 12 deletions
--- a/internal/db/models/http_firewall_policy_dao.go
+++ b/internal/db/models/http_firewall_policy_dao.go
@@ -468,6 +468,19 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdsWithIPListId(tx *
 	return result, nil
 }

+// FindEnabledFirewallPolicyWithIPListId 查找使用某个IPList的策略
+func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyWithIPListId(tx *dbs.Tx, ipListId int64) (*HTTPFirewallPolicy, error) {
+	one, err := this.Query(tx).
+		State(HTTPFirewallPolicyStateEnabled).
+		Where("(JSON_CONTAINS(inbound, :listQuery, '$.whiteListRef') OR JSON_CONTAINS(inbound, :listQuery, '$.blackListRef'))").
+		Param("listQuery", maps.Map{"isOn": true, "listId": ipListId}.AsJSON()).
+		Find()
+	if err != nil || one == nil {
+		return nil, err
+	}
+	return one.(*HTTPFirewallPolicy), err
+}
+
 // FindEnabledFirewallPolicyIdWithRuleGroupId 查找包含某个规则分组的策略ID
 func (this *HTTPFirewallPolicyDAO) FindEnabledFirewallPolicyIdWithRuleGroupId(tx *dbs.Tx, ruleGroupId int64) (int64, error) {
 	return this.Query(tx).
--- a/internal/db/models/ip_item_dao.go
+++ b/internal/db/models/ip_item_dao.go
@@ -4,6 +4,7 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -342,6 +343,35 @@ func (this *IPItemDAO) ExistsEnabledItem(tx *dbs.Tx, itemId int64) (bool, error)
 		Exist()
 }

+// CountAllEnabledIPItems 计算数量
+func (this *IPItemDAO) CountAllEnabledIPItems(tx *dbs.Tx, ip string) (int64, error) {
+	var query = this.Query(tx)
+	if len(ip) > 0 {
+		query.Attr("ipFrom", ip)
+	}
+	return query.
+		Where("(listId=" + types.String(firewallconfigs.GlobalListId) + " OR listId IN (SELECT id FROM " + SharedIPListDAO.Table + " WHERE state=1))").
+		State(IPItemStateEnabled).
+		Count()
+}
+
+// ListAllEnabledIPItems 搜索所有IP
+func (this *IPItemDAO) ListAllEnabledIPItems(tx *dbs.Tx, ip string, offset int64, size int64) (result []*IPItem, err error) {
+	var query = this.Query(tx)
+	if len(ip) > 0 {
+		query.Attr("ipFrom", ip)
+	}
+	_, err = query.
+		Where("(listId=" + types.String(firewallconfigs.GlobalListId) + " OR listId IN (SELECT id FROM " + SharedIPListDAO.Table + " WHERE state=1))").
+		State(IPItemStateEnabled).
+		DescPk().
+		Offset(offset).
+		Size(size).
+		Slice(&result).
+		FindAll()
+	return
+}
+
 // NotifyUpdate 通知更新
 func (this *IPItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64) error {
 	// 获取ListId
--- a/internal/db/models/ip_list_dao.go
+++ b/internal/db/models/ip_list_dao.go
@@ -2,6 +2,7 @@ package models

 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
@@ -18,6 +19,15 @@ const (
 )

 var listTypeCacheMap = map[int64]*IPList{} // listId => *IPList
+var DefaultGlobalIPList = &IPList{
+	Id:       uint32(firewallconfigs.GlobalListId),
+	Name:     "全局封锁名单",
+	IsPublic: 1,
+	IsGlobal: 1,
+	Type:     "black",
+	State:    IPListStateEnabled,
+	IsOn:     1,
+}

 type IPListDAO dbs.DAO

@@ -59,7 +69,19 @@ func (this *IPListDAO) DisableIPList(tx *dbs.Tx, id int64) error {
 }

 // FindEnabledIPList 查找启用中的条目
-func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64) (*IPList, error) {
+func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64, cacheMap *utils.CacheMap) (*IPList, error) {
+	if id == firewallconfigs.GlobalListId {
+		return DefaultGlobalIPList, nil
+	}
+
+	var cacheKey = this.Table + ":FindEnabledIPList:" + types.String(id)
+	if cacheMap != nil {
+		cache, ok := cacheMap.Get(cacheKey)
+		if ok {
+			return cache.(*IPList), nil
+		}
+	}
+
 	result, err := this.Query(tx).
 		Pk(id).
 		Attr("state", IPListStateEnabled).
@@ -67,6 +89,11 @@ func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64) (*IPList, error)
 	if result == nil {
 		return nil, err
 	}
+
+	if cacheMap != nil {
+		cacheMap.Put(cacheKey, result)
+	}
+
 	return result.(*IPList), err
 }

@@ -82,14 +109,7 @@ func (this *IPListDAO) FindIPListName(tx *dbs.Tx, id int64) (string, error) {
 func (this *IPListDAO) FindIPListCacheable(tx *dbs.Tx, listId int64) (*IPList, error) {
 	// 全局黑名单
 	if listId == firewallconfigs.GlobalListId {
-		return &IPList{
-			Id:       uint32(listId),
-			IsPublic: 1,
-			IsGlobal: 1,
-			Type:     "black",
-			State:    IPListStateEnabled,
-			IsOn:     1,
-		}, nil
+		return DefaultGlobalIPList, nil
 	}

 	// 检查缓存