EdgeAdmin/internal/web/actions/default/servers/components/waf/upgradeTemplate.go

// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.

package waf

import (
	"encoding/json"
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
)

type UpgradeTemplateAction struct {
	actionutils.ParentAction
}

func (this *UpgradeTemplateAction) RunPost(params struct {
	PolicyId int64
}) {
	defer this.CreateLogInfo(codes.WAFPolicy_LogUpgradeWAFPolicy, params.PolicyId)

	policy, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.PolicyId)
	if err != nil {
		this.ErrorPage(err)
		return
	}
	if policy == nil {
		this.NotFound("firewallPolicy", params.PolicyId)
		return
	}

	// 检查是否有升级
	var templatePolicy = firewallconfigs.HTTPFirewallTemplate()
	if templatePolicy.Inbound != nil {
		for _, group := range templatePolicy.Inbound.Groups {
			if len(group.Code) == 0 {
				continue
			}
			var oldGroup = policy.FindRuleGroupWithCode(group.Code)
			if oldGroup == nil {
				createGroupResp, err := this.RPC().HTTPFirewallRuleGroupRPC().CreateHTTPFirewallRuleGroup(this.AdminContext(), &pb.CreateHTTPFirewallRuleGroupRequest{
					IsOn:        true,
					Name:        group.Name,
					Code:        group.Code,
					Description: group.Description,
				})
				if err != nil {
					this.ErrorPage(err)
					return
				}
				var groupId = createGroupResp.FirewallRuleGroupId
				policy.Inbound.GroupRefs = append(policy.Inbound.GroupRefs, &firewallconfigs.HTTPFirewallRuleGroupRef{
					IsOn:    true,
					GroupId: groupId,
				})

				for _, set := range group.Sets {
					setJSON, err := json.Marshal(set)
					if err != nil {
						this.ErrorPage(err)
						return
					}
					_, err = this.RPC().HTTPFirewallRuleGroupRPC().AddHTTPFirewallRuleGroupSet(this.AdminContext(), &pb.AddHTTPFirewallRuleGroupSetRequest{
						FirewallRuleGroupId:       groupId,
						FirewallRuleSetConfigJSON: setJSON,
					})
					if err != nil {
						this.ErrorPage(err)
						return
					}
				}

				continue
			}
			for _, set := range group.Sets {
				if len(set.Code) == 0 {
					continue
				}
				var oldSet = oldGroup.FindRuleSetWithCode(set.Code)
				if oldSet == nil {
					setJSON, err := json.Marshal(set)
					if err != nil {
						this.ErrorPage(err)
						return
					}
					_, err = this.RPC().HTTPFirewallRuleGroupRPC().AddHTTPFirewallRuleGroupSet(this.AdminContext(), &pb.AddHTTPFirewallRuleGroupSetRequest{
						FirewallRuleGroupId:       oldGroup.Id,
						FirewallRuleSetConfigJSON: setJSON,
					})
					if err != nil {
						this.ErrorPage(err)
						return
					}
					continue
				}
			}
		}
	}

	// 保存inbound
	inboundJSON, err := policy.InboundJSON()
	if err != nil {
		this.ErrorPage(err)
		return
	}

	outboundJSON, err := policy.OutboundJSON()
	if err != nil {
		this.ErrorPage(err)
		return
	}

	_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallPolicyGroups(this.AdminContext(), &pb.UpdateHTTPFirewallPolicyGroupsRequest{
		HttpFirewallPolicyId: params.PolicyId,
		InboundJSON:          inboundJSON,
		OutboundJSON:         outboundJSON,
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}

	this.Success()
}
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00			`// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.`

			`package waf`

			`import (`
			`"encoding/json"`
			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"`
部分中文转换为多语言代号 2023-06-30 18:08:30 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"`
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"`
			`)`

			`type UpgradeTemplateAction struct {`
			`actionutils.ParentAction`
			`}`

			`func (this *UpgradeTemplateAction) RunPost(params struct {`
			`PolicyId int64`
			`}) {`
部分中文转换为多语言代号 2023-06-30 18:08:30 +08:00			`defer this.CreateLogInfo(codes.WAFPolicy_LogUpgradeWAFPolicy, params.PolicyId)`
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00
			`policy, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.PolicyId)`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`if policy == nil {`
			`this.NotFound("firewallPolicy", params.PolicyId)`
			`return`
			`}`

			`// 检查是否有升级`
			`var templatePolicy = firewallconfigs.HTTPFirewallTemplate()`
			`if templatePolicy.Inbound != nil {`
			`for _, group := range templatePolicy.Inbound.Groups {`
			`if len(group.Code) == 0 {`
			`continue`
			`}`
			`var oldGroup = policy.FindRuleGroupWithCode(group.Code)`
			`if oldGroup == nil {`
			`createGroupResp, err := this.RPC().HTTPFirewallRuleGroupRPC().CreateHTTPFirewallRuleGroup(this.AdminContext(), &pb.CreateHTTPFirewallRuleGroupRequest{`
			`IsOn: true,`
			`Name: group.Name,`
优化代码 2021-10-25 19:01:56 +08:00			`Code: group.Code,`
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00			`Description: group.Description,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`var groupId = createGroupResp.FirewallRuleGroupId`
			`policy.Inbound.GroupRefs = append(policy.Inbound.GroupRefs, &firewallconfigs.HTTPFirewallRuleGroupRef{`
			`IsOn: true,`
			`GroupId: groupId,`
			`})`

			`for _, set := range group.Sets {`
			`setJSON, err := json.Marshal(set)`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`_, err = this.RPC().HTTPFirewallRuleGroupRPC().AddHTTPFirewallRuleGroupSet(this.AdminContext(), &pb.AddHTTPFirewallRuleGroupSetRequest{`
优化代码 2021-10-25 19:01:56 +08:00			`FirewallRuleGroupId: groupId,`
			`FirewallRuleSetConfigJSON: setJSON,`
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`}`

			`continue`
			`}`
			`for _, set := range group.Sets {`
			`if len(set.Code) == 0 {`
			`continue`
			`}`
			`var oldSet = oldGroup.FindRuleSetWithCode(set.Code)`
			`if oldSet == nil {`
			`setJSON, err := json.Marshal(set)`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`_, err = this.RPC().HTTPFirewallRuleGroupRPC().AddHTTPFirewallRuleGroupSet(this.AdminContext(), &pb.AddHTTPFirewallRuleGroupSetRequest{`
优化代码 2021-10-25 19:01:56 +08:00			`FirewallRuleGroupId: oldGroup.Id,`
			`FirewallRuleSetConfigJSON: setJSON,`
WAF模板中有新的规则时，可以在界面上收到提醒并点击加入 2021-10-25 12:02:03 +08:00			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`continue`
			`}`
			`}`
			`}`
			`}`

			`// 保存inbound`
			`inboundJSON, err := policy.InboundJSON()`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`outboundJSON, err := policy.OutboundJSON()`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallPolicyGroups(this.AdminContext(), &pb.UpdateHTTPFirewallPolicyGroupsRequest{`
			`HttpFirewallPolicyId: params.PolicyId,`
			`InboundJSON: inboundJSON,`
			`OutboundJSON: outboundJSON,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`this.Success()`
			`}`