EdgeAdmin/internal/web/actions/default/servers/components/waf/createRulePopup.go

package waf

import (
	"encoding/json"
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
	"github.com/iwind/TeaGo/actions"
	"github.com/iwind/TeaGo/maps"
)

type CreateRulePopupAction struct {
	actionutils.ParentAction
}

func (this *CreateRulePopupAction) Init() {
	this.Nav("", "", "")
}

func (this *CreateRulePopupAction) RunGet(params struct {
	Type string
}) {
	// check points
	var checkpointList = []maps.Map{}
	for _, checkpoint := range firewallconfigs.AllCheckpoints {
		if (params.Type == "inbound" && checkpoint.IsRequest) || params.Type == "outbound" {
			checkpointList = append(checkpointList, maps.Map{
				"name":        checkpoint.Name,
				"prefix":      checkpoint.Prefix,
				"description": checkpoint.Description,
				"hasParams":   checkpoint.HasParams,
				"params":      checkpoint.Params,
				"options":     checkpoint.Options,
				"isComposed":  checkpoint.IsComposed,
				"dataType":    checkpoint.DataType,
			})
		}
	}

	// operators
	var operatorMaps = []maps.Map{}
	for _, operator := range firewallconfigs.AllRuleOperators {
		operatorMaps = append(operatorMaps, maps.Map{
			"name":        operator.Name,
			"code":        operator.Code,
			"description": operator.Description,
			"case":        operator.CaseInsensitive,
			"dataType":    operator.DataType,
		})
	}
	this.Data["operators"] = operatorMaps

	this.Data["checkpoints"] = checkpointList

	this.Show()
}

func (this *CreateRulePopupAction) RunPost(params struct {
	RuleId           int64
	Prefix           string
	Operator         string
	Param            string
	ParamFiltersJSON []byte
	OptionsJSON      []byte
	Value            string
	Case             bool
	Description      string

	Must *actions.Must
}) {
	params.Must.
		Field("prefix", params.Prefix).
		Require("请选择参数")


	if len(params.Value) > 4096 {
		this.FailField("value", "对比值内容长度不能超过4096个字符")
		return
	}

	var rule = &firewallconfigs.HTTPFirewallRule{
		Id:   params.RuleId,
		IsOn: true,
	}
	if len(params.Param) > 0 {
		rule.Param = "${" + params.Prefix + "." + params.Param + "}"
	} else {
		rule.Param = "${" + params.Prefix + "}"
	}

	var paramFilters = []*firewallconfigs.ParamFilter{}
	if len(params.ParamFiltersJSON) > 0 {
		err := json.Unmarshal(params.ParamFiltersJSON, &paramFilters)
		if err != nil {
			this.ErrorPage(err)
			return
		}
	}
	rule.ParamFilters = paramFilters

	rule.Operator = params.Operator
	rule.Value = params.Value
	rule.IsCaseInsensitive = params.Case
	rule.Description = params.Description

	if len(params.OptionsJSON) > 0 {
		options := []maps.Map{}
		err := json.Unmarshal(params.OptionsJSON, &options)
		if err != nil {
			this.ErrorPage(err)
			return
		}

		rule.CheckpointOptions = map[string]interface{}{}
		for _, option := range options {
			rule.CheckpointOptions[option.GetString("code")] = option.Get("value")
		}
	}

	// 校验
	err := rule.Init()
	if err != nil {
		this.Fail("校验规则 '" + rule.Param + " " + rule.Operator + " " + rule.Value + "' 失败，原因：" + err.Error())
	}

	this.Data["rule"] = rule
	this.Success()
}
实现WAF部分功能 2020-10-08 11:11:37 +08:00			`package waf`

			`import (`
			`"encoding/json"`
			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"`
			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"`
			`"github.com/iwind/TeaGo/actions"`
			`"github.com/iwind/TeaGo/maps"`
			`)`

			`type CreateRulePopupAction struct {`
			`actionutils.ParentAction`
			`}`

			`func (this *CreateRulePopupAction) Init() {`
			`this.Nav("", "", "")`
			`}`

			`func (this *CreateRulePopupAction) RunGet(params struct {`
			`Type string`
			`}) {`
			`// check points`
优化WAF添加规则表单 2023-08-13 10:00:41 +08:00			`var checkpointList = []maps.Map{}`
[WAF]规则中增加请求Header长度限制和响应Header长度限制 2020-11-18 19:35:32 +08:00			`for _, checkpoint := range firewallconfigs.AllCheckpoints {`
WAF的出站规则支持请求相关参数 2021-06-12 10:53:59 +08:00			`if (params.Type == "inbound" && checkpoint.IsRequest) \|\| params.Type == "outbound" {`
实现WAF部分功能 2020-10-08 11:11:37 +08:00			`checkpointList = append(checkpointList, maps.Map{`
[WAF]规则中增加请求Header长度限制和响应Header长度限制 2020-11-18 19:35:32 +08:00			`"name": checkpoint.Name,`
			`"prefix": checkpoint.Prefix,`
			`"description": checkpoint.Description,`
[waf]支持包含二进制、不支持二进制等操作符；支持对参数值编解码 2020-11-21 20:43:45 +08:00			`"hasParams": checkpoint.HasParams,`
[WAF]规则中增加请求Header长度限制和响应Header长度限制 2020-11-18 19:35:32 +08:00			`"params": checkpoint.Params,`
			`"options": checkpoint.Options,`
			`"isComposed": checkpoint.IsComposed,`
优化WAF规则相关界面 2022-11-16 15:43:08 +08:00			`"dataType": checkpoint.DataType,`
实现WAF部分功能 2020-10-08 11:11:37 +08:00			`})`
			`}`
			`}`

			`// operators`
优化WAF添加规则表单 2023-08-13 10:00:41 +08:00			`var operatorMaps = []maps.Map{}`
			`for _, operator := range firewallconfigs.AllRuleOperators {`
			`operatorMaps = append(operatorMaps, maps.Map{`
			`"name": operator.Name,`
			`"code": operator.Code,`
			`"description": operator.Description,`
			`"case": operator.CaseInsensitive,`
			`"dataType": operator.DataType,`
			`})`
			`}`
			`this.Data["operators"] = operatorMaps`
实现WAF部分功能 2020-10-08 11:11:37 +08:00
			`this.Data["checkpoints"] = checkpointList`

			`this.Show()`
			`}`

			`func (this *CreateRulePopupAction) RunPost(params struct {`
[waf]支持包含二进制、不支持二进制等操作符；支持对参数值编解码 2020-11-21 20:43:45 +08:00			`RuleId int64`
			`Prefix string`
			`Operator string`
			`Param string`
			`ParamFiltersJSON []byte`
			`OptionsJSON []byte`
			`Value string`
			`Case bool`
WAF规则增加备注信息/其他界面优化 2022-01-10 10:28:23 +08:00			`Description string`
实现WAF部分功能 2020-10-08 11:11:37 +08:00
			`Must *actions.Must`
			`}) {`
			`params.Must.`
			`Field("prefix", params.Prefix).`
			`Require("请选择参数")`

WAF规则对比值长度限制为4096个字符 2023-10-08 16:14:50 +08:00
			`if len(params.Value) > 4096 {`
			`this.FailField("value", "对比值内容长度不能超过4096个字符")`
			`return`
			`}`

			`var rule = &firewallconfigs.HTTPFirewallRule{`
实现WAF部分功能 2020-10-08 11:11:37 +08:00			`Id: params.RuleId,`
			`IsOn: true,`
			`}`
			`if len(params.Param) > 0 {`
			`rule.Param = "${" + params.Prefix + "." + params.Param + "}"`
			`} else {`
			`rule.Param = "${" + params.Prefix + "}"`
			`}`
[waf]支持包含二进制、不支持二进制等操作符；支持对参数值编解码 2020-11-21 20:43:45 +08:00
WAF规则对比值长度限制为4096个字符 2023-10-08 16:14:50 +08:00			`var paramFilters = []*firewallconfigs.ParamFilter{}`
[waf]支持包含二进制、不支持二进制等操作符；支持对参数值编解码 2020-11-21 20:43:45 +08:00			`if len(params.ParamFiltersJSON) > 0 {`
			`err := json.Unmarshal(params.ParamFiltersJSON, &paramFilters)`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`}`
			`rule.ParamFilters = paramFilters`

实现WAF部分功能 2020-10-08 11:11:37 +08:00			`rule.Operator = params.Operator`
			`rule.Value = params.Value`
			`rule.IsCaseInsensitive = params.Case`
WAF规则增加备注信息/其他界面优化 2022-01-10 10:28:23 +08:00			`rule.Description = params.Description`
实现WAF部分功能 2020-10-08 11:11:37 +08:00
			`if len(params.OptionsJSON) > 0 {`
			`options := []maps.Map{}`
			`err := json.Unmarshal(params.OptionsJSON, &options)`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`rule.CheckpointOptions = map[string]interface{}{}`
			`for _, option := range options {`
[WAF]规则中增加请求Header长度限制和响应Header长度限制 2020-11-18 19:35:32 +08:00			`rule.CheckpointOptions[option.GetString("code")] = option.Get("value")`
实现WAF部分功能 2020-10-08 11:11:37 +08:00			`}`
			`}`

			`// 校验`
			`err := rule.Init()`
			`if err != nil {`
			`this.Fail("校验规则 '" + rule.Param + " " + rule.Operator + " " + rule.Value + "' 失败，原因：" + err.Error())`
			`}`

			`this.Data["rule"] = rule`
			`this.Success()`
			`}`