2020-11-06 11:02:26 +08:00
|
|
|
|
package ipadmin
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"encoding/json"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
|
2023-06-30 18:08:30 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
|
2020-12-23 09:52:31 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
|
2020-11-06 11:02:26 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
|
2023-07-07 15:28:29 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
|
2020-11-06 11:02:26 +08:00
|
|
|
|
"github.com/iwind/TeaGo/actions"
|
|
|
|
|
|
"github.com/iwind/TeaGo/lists"
|
|
|
|
|
|
"github.com/iwind/TeaGo/maps"
|
|
|
|
|
|
"strings"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type IndexAction struct {
|
|
|
|
|
|
actionutils.ParentAction
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) Init() {
|
|
|
|
|
|
this.Nav("", "", "ipadmin")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) RunGet(params struct {
|
|
|
|
|
|
FirewallPolicyId int64
|
|
|
|
|
|
}) {
|
|
|
|
|
|
this.Data["subMenuItem"] = "region"
|
|
|
|
|
|
|
|
|
|
|
|
// 当前选中的地区
|
2020-12-23 09:52:31 +08:00
|
|
|
|
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
|
2020-11-06 11:02:26 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig == nil {
|
|
|
|
|
|
this.NotFound("firewallPolicy", params.FirewallPolicyId)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
|
|
|
|
|
|
var deniedCountryIds = []int64{}
|
|
|
|
|
|
var allowedCountryIds = []int64{}
|
2023-08-10 09:52:01 +08:00
|
|
|
|
var countryHTML string
|
2024-05-08 17:53:12 +08:00
|
|
|
|
var allowSearchEngine bool
|
2020-11-06 11:02:26 +08:00
|
|
|
|
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
|
2023-07-07 15:28:29 +08:00
|
|
|
|
deniedCountryIds = policyConfig.Inbound.Region.DenyCountryIds
|
|
|
|
|
|
allowedCountryIds = policyConfig.Inbound.Region.AllowCountryIds
|
2023-08-10 09:52:01 +08:00
|
|
|
|
countryHTML = policyConfig.Inbound.Region.CountryHTML
|
2024-05-08 17:53:12 +08:00
|
|
|
|
allowSearchEngine = policyConfig.Inbound.Region.AllowSearchEngine
|
2020-11-06 11:02:26 +08:00
|
|
|
|
}
|
2023-08-10 09:52:01 +08:00
|
|
|
|
this.Data["countryHTML"] = countryHTML
|
2024-05-08 17:53:12 +08:00
|
|
|
|
this.Data["allowSearchEngine"] = allowSearchEngine
|
2020-11-06 11:02:26 +08:00
|
|
|
|
|
2022-08-11 15:25:58 +08:00
|
|
|
|
countriesResp, err := this.RPC().RegionCountryRPC().FindAllRegionCountries(this.AdminContext(), &pb.FindAllRegionCountriesRequest{})
|
2020-11-06 11:02:26 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
var deniesCountryMaps = []maps.Map{}
|
|
|
|
|
|
var allowedCountryMaps = []maps.Map{}
|
2022-01-06 11:13:36 +08:00
|
|
|
|
for _, country := range countriesResp.RegionCountries {
|
2023-07-07 15:28:29 +08:00
|
|
|
|
var countryMap = maps.Map{
|
|
|
|
|
|
"id": country.Id,
|
|
|
|
|
|
"name": country.DisplayName,
|
|
|
|
|
|
"letter": strings.ToUpper(string(country.Pinyin[0][0])),
|
|
|
|
|
|
}
|
|
|
|
|
|
if lists.ContainsInt64(deniedCountryIds, country.Id) {
|
|
|
|
|
|
deniesCountryMaps = append(deniesCountryMaps, countryMap)
|
|
|
|
|
|
}
|
|
|
|
|
|
if lists.ContainsInt64(allowedCountryIds, country.Id) {
|
|
|
|
|
|
allowedCountryMaps = append(allowedCountryMaps, countryMap)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
this.Data["deniedCountries"] = deniesCountryMaps
|
|
|
|
|
|
this.Data["allowedCountries"] = allowedCountryMaps
|
|
|
|
|
|
|
|
|
|
|
|
// except & only URL Patterns
|
|
|
|
|
|
this.Data["exceptURLPatterns"] = []*shared.URLPattern{}
|
|
|
|
|
|
this.Data["onlyURLPatterns"] = []*shared.URLPattern{}
|
|
|
|
|
|
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
|
|
|
|
|
|
if len(policyConfig.Inbound.Region.CountryExceptURLPatterns) > 0 {
|
|
|
|
|
|
this.Data["exceptURLPatterns"] = policyConfig.Inbound.Region.CountryExceptURLPatterns
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(policyConfig.Inbound.Region.CountryOnlyURLPatterns) > 0 {
|
|
|
|
|
|
this.Data["onlyURLPatterns"] = policyConfig.Inbound.Region.CountryOnlyURLPatterns
|
|
|
|
|
|
}
|
2020-11-06 11:02:26 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
this.Show()
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) RunPost(params struct {
|
|
|
|
|
|
FirewallPolicyId int64
|
2023-07-07 15:28:29 +08:00
|
|
|
|
DenyCountryIds []int64
|
|
|
|
|
|
AllowCountryIds []int64
|
|
|
|
|
|
|
|
|
|
|
|
ExceptURLPatternsJSON []byte
|
|
|
|
|
|
OnlyURLPatternsJSON []byte
|
2020-11-06 11:02:26 +08:00
|
|
|
|
|
2024-05-08 17:53:12 +08:00
|
|
|
|
CountryHTML string
|
|
|
|
|
|
AllowSearchEngine bool
|
2023-08-10 09:52:01 +08:00
|
|
|
|
|
2020-11-06 11:02:26 +08:00
|
|
|
|
Must *actions.Must
|
|
|
|
|
|
}) {
|
2020-11-17 15:41:43 +08:00
|
|
|
|
// 日志
|
2023-06-30 18:08:30 +08:00
|
|
|
|
defer this.CreateLogInfo(codes.WAF_LogUpdateForbiddenCountries, params.FirewallPolicyId)
|
2020-11-17 15:41:43 +08:00
|
|
|
|
|
2020-12-23 09:52:31 +08:00
|
|
|
|
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
|
2020-11-06 11:02:26 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig == nil {
|
|
|
|
|
|
this.NotFound("firewallPolicy", params.FirewallPolicyId)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if policyConfig.Inbound == nil {
|
|
|
|
|
|
policyConfig.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig.Inbound.Region == nil {
|
|
|
|
|
|
policyConfig.Inbound.Region = &firewallconfigs.HTTPFirewallRegionConfig{
|
|
|
|
|
|
IsOn: true,
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
policyConfig.Inbound.Region.DenyCountryIds = params.DenyCountryIds
|
|
|
|
|
|
policyConfig.Inbound.Region.AllowCountryIds = params.AllowCountryIds
|
|
|
|
|
|
|
|
|
|
|
|
// 例外URL
|
|
|
|
|
|
var exceptURLPatterns = []*shared.URLPattern{}
|
|
|
|
|
|
if len(params.ExceptURLPatternsJSON) > 0 {
|
|
|
|
|
|
err = json.Unmarshal(params.ExceptURLPatternsJSON, &exceptURLPatterns)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.Fail("校验例外URL参数失败:" + err.Error())
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
policyConfig.Inbound.Region.CountryExceptURLPatterns = exceptURLPatterns
|
|
|
|
|
|
|
2023-08-10 09:52:01 +08:00
|
|
|
|
// 自定义提示
|
|
|
|
|
|
if len(params.CountryHTML) > 32<<10 {
|
|
|
|
|
|
this.Fail("提示内容长度不能超出32K")
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
policyConfig.Inbound.Region.CountryHTML = params.CountryHTML
|
2024-05-08 17:53:12 +08:00
|
|
|
|
policyConfig.Inbound.Region.AllowSearchEngine = params.AllowSearchEngine
|
2023-08-10 09:52:01 +08:00
|
|
|
|
|
2023-07-07 15:28:29 +08:00
|
|
|
|
// 限制URL
|
|
|
|
|
|
var onlyURLPatterns = []*shared.URLPattern{}
|
|
|
|
|
|
if len(params.OnlyURLPatternsJSON) > 0 {
|
|
|
|
|
|
err = json.Unmarshal(params.OnlyURLPatternsJSON, &onlyURLPatterns)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.Fail("校验限制URL参数失败:" + err.Error())
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
policyConfig.Inbound.Region.CountryOnlyURLPatterns = onlyURLPatterns
|
2020-11-06 11:02:26 +08:00
|
|
|
|
|
|
|
|
|
|
inboundJSON, err := json.Marshal(policyConfig.Inbound)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{
|
2020-12-17 15:50:44 +08:00
|
|
|
|
HttpFirewallPolicyId: params.FirewallPolicyId,
|
|
|
|
|
|
InboundJSON: inboundJSON,
|
2020-11-06 11:02:26 +08:00
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
this.Success()
|
|
|
|
|
|
}
|
