集群可以设置默认的WAF策略、缓存策略

2026-04-29 01:35:22 +08:00 · 2020-12-17 15:50:44 +08:00
parent 5c4d3c31f0
commit 65384082f7
100 changed files with 1172 additions and 488 deletions
--- a/internal/web/models/base_dao.go
+++ b/internal/web/models/base_dao.go
@@ -0,0 +1,18 @@
+package models
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
+	"github.com/iwind/TeaGo/logs"
+)
+
+type BaseDAO struct {
+}
+
+func (this *BaseDAO) RPC() *rpc.RPCClient {
+	client, err := rpc.SharedRPC()
+	if err != nil {
+		logs.Println("[MODEL]get shared rpc client failed: " + err.Error())
+		return nil
+	}
+	return client
+}
--- a/internal/web/models/http_cache_policy_dao.go
+++ b/internal/web/models/http_cache_policy_dao.go
@@ -3,7 +3,6 @@ package models
 import (
 	"context"
 	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 )
@@ -11,25 +10,60 @@ import (
 var SharedHTTPCachePolicyDAO = new(HTTPCachePolicyDAO)

 type HTTPCachePolicyDAO struct {
+	BaseDAO
 }

 // 查找缓存策略配置
-func (this *HTTPCachePolicyDAO) FindEnabledCachePolicyConfig(ctx context.Context, cachePolicyId int64) (*serverconfigs.HTTPCachePolicy, error) {
-	rpcClient, err := rpc.SharedRPC()
+func (this *HTTPCachePolicyDAO) FindEnabledHTTPCachePolicyConfig(ctx context.Context, cachePolicyId int64) (*serverconfigs.HTTPCachePolicy, error) {
+	resp, err := this.RPC().HTTPCachePolicyRPC().FindEnabledHTTPCachePolicyConfig(ctx, &pb.FindEnabledHTTPCachePolicyConfigRequest{HttpCachePolicyId: cachePolicyId})
 	if err != nil {
 		return nil, err
 	}
-	resp, err := rpcClient.HTTPCachePolicyRPC().FindEnabledHTTPCachePolicyConfig(ctx, &pb.FindEnabledHTTPCachePolicyConfigRequest{CachePolicyId: cachePolicyId})
-	if err != nil {
-		return nil, err
-	}
-	if len(resp.CachePolicyJSON) == 0 {
+	if len(resp.HttpCachePolicyJSON) == 0 {
 		return nil, nil
 	}
 	config := &serverconfigs.HTTPCachePolicy{}
-	err = json.Unmarshal(resp.CachePolicyJSON, config)
+	err = json.Unmarshal(resp.HttpCachePolicyJSON, config)
 	if err != nil {
 		return nil, err
 	}
 	return config, nil
 }
+
+// 查找缓存策略信息
+func (this *HTTPCachePolicyDAO) FindEnabledHTTPCachePolicy(ctx context.Context, cachePolicyId int64) (*pb.HTTPCachePolicy, error) {
+	resp, err := this.RPC().HTTPCachePolicyRPC().FindEnabledHTTPCachePolicy(ctx, &pb.FindEnabledHTTPCachePolicyRequest{
+		HttpCachePolicyId: cachePolicyId,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return resp.HttpCachePolicy, nil
+}
+
+// 根据服务ID查找缓存策略
+func (this *HTTPCachePolicyDAO) FindEnabledHTTPCachePolicyWithServerId(ctx context.Context, serverId int64) (*pb.HTTPCachePolicy, error) {
+	serverResp, err := this.RPC().ServerRPC().FindEnabledServer(ctx, &pb.FindEnabledServerRequest{ServerId: serverId})
+	if err != nil {
+		return nil, err
+	}
+	server := serverResp.Server
+	if server == nil {
+		return nil, nil
+	}
+	if server.Cluster == nil {
+		return nil, nil
+	}
+	clusterId := server.Cluster.Id
+	cluster, err := SharedNodeClusterDAO.FindEnabledNodeCluster(ctx, clusterId)
+	if err != nil {
+		return nil, err
+	}
+	if cluster == nil {
+		return nil, nil
+	}
+	if cluster.HttpCachePolicyId == 0 {
+		return nil, nil
+	}
+	return SharedHTTPCachePolicyDAO.FindEnabledHTTPCachePolicy(ctx, cluster.HttpCachePolicyId)
+}
--- a/internal/web/models/http_firewall_policy_dao.go
+++ b/internal/web/models/http_firewall_policy_dao.go
@@ -14,36 +14,20 @@ var SharedHTTPFirewallPolicyDAO = new(HTTPFirewallPolicyDAO)

 // WAF策略相关
 type HTTPFirewallPolicyDAO struct {
-}
-
-// 查找WAF策略基本信息
-func (this *HTTPFirewallPolicyDAO) FindEnabledPolicy(ctx context.Context, policyId int64) (*pb.HTTPFirewallPolicy, error) {
-	client, err := rpc.SharedRPC()
-	if err != nil {
-		return nil, err
-	}
-	resp, err := client.HTTPFirewallPolicyRPC().FindEnabledFirewallPolicy(ctx, &pb.FindEnabledFirewallPolicyRequest{FirewallPolicyId: policyId})
-	if err != nil {
-		return nil, err
-	}
-	return resp.FirewallPolicy, nil
+	BaseDAO
 }

 // 查找WAF策略配置
 func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyConfig(ctx context.Context, policyId int64) (*firewallconfigs.HTTPFirewallPolicy, error) {
-	client, err := rpc.SharedRPC()
+	resp, err := this.RPC().HTTPFirewallPolicyRPC().FindEnabledHTTPFirewallPolicyConfig(ctx, &pb.FindEnabledHTTPFirewallPolicyConfigRequest{HttpFirewallPolicyId: policyId})
 	if err != nil {
 		return nil, err
 	}
-	resp, err := client.HTTPFirewallPolicyRPC().FindEnabledFirewallPolicyConfig(ctx, &pb.FindEnabledFirewallPolicyConfigRequest{FirewallPolicyId: policyId})
-	if err != nil {
-		return nil, err
-	}
-	if len(resp.FirewallPolicyJSON) == 0 {
+	if len(resp.HttpFirewallPolicyJSON) == 0 {
 		return nil, nil
 	}
 	firewallPolicy := &firewallconfigs.HTTPFirewallPolicy{}
-	err = json.Unmarshal(resp.FirewallPolicyJSON, firewallPolicy)
+	err = json.Unmarshal(resp.HttpFirewallPolicyJSON, firewallPolicy)
 	if err != nil {
 		return nil, err
 	}
@@ -111,8 +95,8 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyWhiteIPListId(ctx context.Co
 			return 0, err
 		}
 		_, err = client.HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(ctx, &pb.UpdateHTTPFirewallInboundConfigRequest{
-			FirewallPolicyId: policyId,
-			InboundJSON:      inboundJSON,
+			HttpFirewallPolicyId: policyId,
+			InboundJSON:          inboundJSON,
 		})
 		if err != nil {
 			return 0, err
@@ -125,11 +109,6 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyWhiteIPListId(ctx context.Co

 // 查找WAF的黑名单
 func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyBlackIPListId(ctx context.Context, policyId int64) (int64, error) {
-	client, err := rpc.SharedRPC()
-	if err != nil {
-		return 0, err
-	}
-
 	config, err := this.FindEnabledPolicyConfig(ctx, policyId)
 	if err != nil {
 		return 0, err
@@ -141,7 +120,7 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyBlackIPListId(ctx context.Co
 		config.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
 	}
 	if config.Inbound.BlackListRef == nil || config.Inbound.BlackListRef.ListId == 0 {
-		createResp, err := client.IPListRPC().CreateIPList(ctx, &pb.CreateIPListRequest{
+		createResp, err := this.RPC().IPListRPC().CreateIPList(ctx, &pb.CreateIPListRequest{
 			Type:        "black",
 			Name:        "黑名单",
 			Code:        "black",
@@ -159,9 +138,9 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyBlackIPListId(ctx context.Co
 		if err != nil {
 			return 0, err
 		}
-		_, err = client.HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(ctx, &pb.UpdateHTTPFirewallInboundConfigRequest{
-			FirewallPolicyId: policyId,
-			InboundJSON:      inboundJSON,
+		_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(ctx, &pb.UpdateHTTPFirewallInboundConfigRequest{
+			HttpFirewallPolicyId: policyId,
+			InboundJSON:          inboundJSON,
 		})
 		if err != nil {
 			return 0, err
@@ -171,3 +150,41 @@ func (this *HTTPFirewallPolicyDAO) FindEnabledPolicyBlackIPListId(ctx context.Co

 	return config.Inbound.BlackListRef.ListId, nil
 }
+
+// 查找WAF信息
+func (this *HTTPFirewallPolicyDAO) FindEnabledHTTPFirewallPolicy(ctx context.Context, firewallPolicyId int64) (*pb.HTTPFirewallPolicy, error) {
+	resp, err := this.RPC().HTTPFirewallPolicyRPC().FindEnabledHTTPFirewallPolicy(ctx, &pb.FindEnabledHTTPFirewallPolicyRequest{
+		HttpFirewallPolicyId: firewallPolicyId,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return resp.HttpFirewallPolicy, nil
+}
+
+// 根据服务Id查找WAF策略
+func (this *HTTPFirewallPolicyDAO) FindEnabledHTTPFirewallPolicyWithServerId(ctx context.Context, serverId int64) (*pb.HTTPFirewallPolicy, error) {
+	serverResp, err := this.RPC().ServerRPC().FindEnabledServer(ctx, &pb.FindEnabledServerRequest{ServerId: serverId})
+	if err != nil {
+		return nil, err
+	}
+	server := serverResp.Server
+	if server == nil {
+		return nil, nil
+	}
+	if server.Cluster == nil {
+		return nil, nil
+	}
+	clusterId := server.Cluster.Id
+	cluster, err := SharedNodeClusterDAO.FindEnabledNodeCluster(ctx, clusterId)
+	if err != nil {
+		return nil, err
+	}
+	if cluster == nil {
+		return nil, nil
+	}
+	if cluster.HttpFirewallPolicyId == 0 {
+		return nil, nil
+	}
+	return SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicy(ctx, cluster.HttpFirewallPolicyId)
+}
--- a/internal/web/models/node_cluster_dao.go
+++ b/internal/web/models/node_cluster_dao.go
@@ -0,0 +1,21 @@
+package models
+
+import (
+	"context"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+var SharedNodeClusterDAO = new(NodeClusterDAO)
+
+type NodeClusterDAO struct {
+	BaseDAO
+}
+
+// 查找集群
+func (this *NodeClusterDAO) FindEnabledNodeCluster(ctx context.Context, clusterId int64) (*pb.NodeCluster, error) {
+	clusterResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeCluster(ctx, &pb.FindEnabledNodeClusterRequest{NodeClusterId: clusterId})
+	if err != nil {
+		return nil, err
+	}
+	return clusterResp.Cluster, nil
+}
--- a/internal/web/models/server_dao.go
+++ b/internal/web/models/server_dao.go
@@ -0,0 +1,7 @@
+package models
+
+var SharedServerDAO = new(ServerDAO)
+
+type ServerDAO struct {
+	BaseDAO
+}