EdgeAdmin/internal/web/actions/default/servers/server/settings/waf/index.go

package waf

import (
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
	"github.com/iwind/TeaGo/actions"
	"github.com/iwind/TeaGo/maps"
	"github.com/iwind/TeaGo/types"
)

type IndexAction struct {
	actionutils.ParentAction
}

func (this *IndexAction) Init() {
	this.Nav("", "setting", "index")
	this.SecondMenu("waf")
}

func (this *IndexAction) RunGet(params struct {
	ServerId int64
}) {
	// 服务分组设置
	groupResp, err := this.RPC().ServerGroupRPC().FindEnabledServerGroupConfigInfo(this.AdminContext(), &pb.FindEnabledServerGroupConfigInfoRequest{
		ServerId: params.ServerId,
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}
	this.Data["hasGroupConfig"] = groupResp.HasWAFConfig
	this.Data["groupSettingURL"] = "/servers/groups/group/settings/waf?groupId=" + types.String(groupResp.ServerGroupId)

	webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithServerId(this.AdminContext(), params.ServerId)
	if err != nil {
		this.ErrorPage(err)
		return
	}

	this.Data["webId"] = webConfig.Id
	this.Data["firewallConfig"] = webConfig.FirewallRef

	// 获取当前服务所在集群的WAF设置
	firewallPolicy, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyWithServerId(this.AdminContext(), params.ServerId)
	if err != nil {
		this.ErrorPage(err)
		return
	}
	if firewallPolicy != nil {
		this.Data["firewallPolicy"] = maps.Map{
			"id":       firewallPolicy.Id,
			"name":     firewallPolicy.Name,
			"isOn":     firewallPolicy.IsOn,
			"mode":     firewallPolicy.Mode,
			"modeInfo": firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
		}
	} else {
		this.Data["firewallPolicy"] = nil
	}

	// 当前的Server独立设置
	if webConfig.FirewallRef == nil || webConfig.FirewallRef.FirewallPolicyId == 0 {
		firewallPolicyId, err := dao.SharedHTTPWebDAO.InitEmptyHTTPFirewallPolicy(this.AdminContext(), 0, params.ServerId, webConfig.Id, webConfig.FirewallRef != nil && webConfig.FirewallRef.IsOn)
		if err != nil {
			this.ErrorPage(err)
			return
		}
		this.Data["firewallPolicyId"] = firewallPolicyId
	} else {
		this.Data["firewallPolicyId"] = webConfig.FirewallRef.FirewallPolicyId
	}

	this.Show()
}

func (this *IndexAction) RunPost(params struct {
	WebId        int64
	FirewallJSON []byte

	Must *actions.Must
}) {
	defer this.CreateLogInfo("修改Web %d 的WAF设置", params.WebId)

	// TODO 检查配置

	_, err := this.RPC().HTTPWebRPC().UpdateHTTPWebFirewall(this.AdminContext(), &pb.UpdateHTTPWebFirewallRequest{
		WebId:        params.WebId,
		FirewallJSON: params.FirewallJSON,
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}

	this.Success()
}
阶段性提交 2020-08-21 21:09:42 +08:00			`package waf`

			`import (`
			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"`
优化代码 2020-12-23 09:52:31 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
在服务设置里也显示WAF策略的模式 2021-10-06 09:08:09 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`"github.com/iwind/TeaGo/actions"`
			`"github.com/iwind/TeaGo/maps"`
支持更多的分组全局设置功能 2021-10-07 16:47:14 +08:00			`"github.com/iwind/TeaGo/types"`
阶段性提交 2020-08-21 21:09:42 +08:00			`)`

			`type IndexAction struct {`
			`actionutils.ParentAction`
			`}`

			`func (this *IndexAction) Init() {`
			`this.Nav("", "setting", "index")`
			`this.SecondMenu("waf")`
			`}`

			`func (this *IndexAction) RunGet(params struct {`
			`ServerId int64`
			`}) {`
支持更多的分组全局设置功能 2021-10-07 16:47:14 +08:00			`// 服务分组设置`
			`groupResp, err := this.RPC().ServerGroupRPC().FindEnabledServerGroupConfigInfo(this.AdminContext(), &pb.FindEnabledServerGroupConfigInfoRequest{`
			`ServerId: params.ServerId,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`this.Data["hasGroupConfig"] = groupResp.HasWAFConfig`
			`this.Data["groupSettingURL"] = "/servers/groups/group/settings/waf?groupId=" + types.String(groupResp.ServerGroupId)`

优化代码 2021-01-03 20:25:15 +08:00			`webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithServerId(this.AdminContext(), params.ServerId)`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
实现路径规则部分功能 2020-09-21 19:51:50 +08:00
实现防火墙配置 2020-09-20 20:12:43 +08:00			`this.Data["webId"] = webConfig.Id`
			`this.Data["firewallConfig"] = webConfig.FirewallRef`

集群可以设置默认的WAF策略、缓存策略 2020-12-17 15:50:44 +08:00			`// 获取当前服务所在集群的WAF设置`
优化代码 2020-12-23 09:52:31 +08:00			`firewallPolicy, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyWithServerId(this.AdminContext(), params.ServerId)`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
集群可以设置默认的WAF策略、缓存策略 2020-12-17 15:50:44 +08:00			`if firewallPolicy != nil {`
			`this.Data["firewallPolicy"] = maps.Map{`
在服务设置里也显示WAF策略的模式 2021-10-06 09:08:09 +08:00			`"id": firewallPolicy.Id,`
			`"name": firewallPolicy.Name,`
			`"isOn": firewallPolicy.IsOn,`
			`"mode": firewallPolicy.Mode,`
			`"modeInfo": firewallconfigs.FindFirewallMode(firewallPolicy.Mode),`
集群可以设置默认的WAF策略、缓存策略 2020-12-17 15:50:44 +08:00			`}`
			`} else {`
			`this.Data["firewallPolicy"] = nil`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`}`
阶段性提交 2020-08-21 21:09:42 +08:00
可以单个服务中的WAF中设置出入站规则、黑白名单等 2021-01-18 20:39:58 +08:00			`// 当前的Server独立设置`
			`if webConfig.FirewallRef == nil \|\| webConfig.FirewallRef.FirewallPolicyId == 0 {`
支持更多的分组全局设置功能 2021-10-07 16:47:14 +08:00			`firewallPolicyId, err := dao.SharedHTTPWebDAO.InitEmptyHTTPFirewallPolicy(this.AdminContext(), 0, params.ServerId, webConfig.Id, webConfig.FirewallRef != nil && webConfig.FirewallRef.IsOn)`
可以单个服务中的WAF中设置出入站规则、黑白名单等 2021-01-18 20:39:58 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
			`this.Data["firewallPolicyId"] = firewallPolicyId`
			`} else {`
			`this.Data["firewallPolicyId"] = webConfig.FirewallRef.FirewallPolicyId`
			`}`

阶段性提交 2020-08-21 21:09:42 +08:00			`this.Show()`
			`}`
实现防火墙配置 2020-09-20 20:12:43 +08:00
			`func (this *IndexAction) RunPost(params struct {`
			`WebId int64`
			`FirewallJSON []byte`

			`Must *actions.Must`
			`}) {`
改进操作日志 2020-11-20 15:32:42 +08:00			`defer this.CreateLogInfo("修改Web %d 的WAF设置", params.WebId)`

实现防火墙配置 2020-09-20 20:12:43 +08:00			`// TODO 检查配置`

实现路径规则部分功能 2020-09-21 19:51:50 +08:00			`_, err := this.RPC().HTTPWebRPC().UpdateHTTPWebFirewall(this.AdminContext(), &pb.UpdateHTTPWebFirewallRequest{`
实现防火墙配置 2020-09-20 20:12:43 +08:00			`WebId: params.WebId,`
			`FirewallJSON: params.FirewallJSON,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`this.Success()`
			`}`