diff --git a/internal/web/actions/default/servers/server/settings/waf/init.go b/internal/web/actions/default/servers/server/settings/waf/init.go index 5d29c5b9..eb2d352c 100644 --- a/internal/web/actions/default/servers/server/settings/waf/init.go +++ b/internal/web/actions/default/servers/server/settings/waf/init.go @@ -2,6 +2,7 @@ package waf import ( "github.com/TeaOSLab/EdgeAdmin/internal/configloaders" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/server/settings/waf/ipadmin" "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/serverutils" "github.com/TeaOSLab/EdgeAdmin/internal/web/helpers" "github.com/iwind/TeaGo" @@ -14,6 +15,13 @@ func init() { Helper(serverutils.NewServerHelper()). Prefix("/servers/server/settings/waf"). GetPost("", new(IndexAction)). + Get("/ipadmin/allowList", new(ipadmin.AllowListAction)). + Get("/ipadmin/denyList", new(ipadmin.DenyListAction)). + //GetPost("/ipadmin", new(ipadmin.IndexAction)). + //GetPost("/ipadmin/provinces", new(ipadmin.ProvincesAction)). + GetPost("/ipadmin/createIPPopup", new(ipadmin.CreateIPPopupAction)). + GetPost("/ipadmin/updateIPPopup", new(ipadmin.UpdateIPPopupAction)). + Post("/ipadmin/deleteIP", new(ipadmin.DeleteIPAction)). EndAll() }) } diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/allowList.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/allowList.go new file mode 100644 index 00000000..3b622114 --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/allowList.go @@ -0,0 +1,80 @@ +package ipadmin + +import ( + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/iwind/TeaGo/maps" + timeutil "github.com/iwind/TeaGo/utils/time" +) + +type AllowListAction struct { + actionutils.ParentAction +} + +func (this *AllowListAction) Init() { + this.Nav("", "setting", "allowList") + this.SecondMenu("waf") +} + +func (this *AllowListAction) RunGet(params struct { + ServerId int64 +}) { + this.Data["featureIsOn"] = true + + listId, err := dao.SharedIPListDAO.FindAllowIPListIdWithServerId(this.AdminContext(), params.ServerId) + if err != nil { + this.ErrorPage(err) + return + } + + // 创建 + if listId == 0 { + listId, err = dao.SharedIPListDAO.CreateIPListForServerId(this.AdminContext(), params.ServerId, "white") + if err != nil { + this.ErrorPage(err) + return + } + } + + this.Data["listId"] = listId + + // 数量 + countResp, err := this.RPC().IPItemRPC().CountIPItemsWithListId(this.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: listId}) + if err != nil { + this.ErrorPage(err) + return + } + count := countResp.Count + page := this.NewPage(count) + this.Data["page"] = page.AsHTML() + + // 列表 + itemsResp, err := this.RPC().IPItemRPC().ListIPItemsWithListId(this.AdminContext(), &pb.ListIPItemsWithListIdRequest{ + IpListId: listId, + Offset: page.Offset, + Size: page.Size, + }) + if err != nil { + this.ErrorPage(err) + return + } + itemMaps := []maps.Map{} + for _, item := range itemsResp.IpItems { + expiredTime := "" + if item.ExpiredAt > 0 { + expiredTime = timeutil.FormatTime("Y-m-d H:i:s", item.ExpiredAt) + } + + itemMaps = append(itemMaps, maps.Map{ + "id": item.Id, + "ipFrom": item.IpFrom, + "ipTo": item.IpTo, + "expiredTime": expiredTime, + "reason": item.Reason, + }) + } + this.Data["items"] = itemMaps + + this.Show() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/createIPPopup.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/createIPPopup.go new file mode 100644 index 00000000..985bb4cc --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/createIPPopup.go @@ -0,0 +1,81 @@ +package ipadmin + +import ( + "github.com/TeaOSLab/EdgeAdmin/internal/oplogs" + "github.com/TeaOSLab/EdgeAdmin/internal/utils" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/iwind/TeaGo/actions" +) + +type CreateIPPopupAction struct { + actionutils.ParentAction +} + +func (this *CreateIPPopupAction) Init() { + this.Nav("", "", "") +} + +func (this *CreateIPPopupAction) RunGet(params struct { + ListId int64 + Type string +}) { + this.Data["type"] = params.Type + this.Data["listId"] = params.ListId + + this.Show() +} + +func (this *CreateIPPopupAction) RunPost(params struct { + ListId int64 + IpFrom string + IpTo string + ExpiredAt int64 + Reason string + + Must *actions.Must + CSRF *actionutils.CSRF +}) { + // TODO 校验ListId所属用户 + + params.Must. + Field("ipFrom", params.IpFrom). + Require("请输入开始IP") + + // 校验IP格式(ipFrom/ipTo) + ipFromLong := utils.IP2Long(params.IpFrom) + if len(params.IpFrom) > 0 { + if ipFromLong == 0 { + this.Fail("请输入正确的开始IP") + } + } + + ipToLong := utils.IP2Long(params.IpTo) + if len(params.IpTo) > 0 { + if ipToLong == 0 { + this.Fail("请输入正确的结束IP") + } + } + + if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong { + params.IpTo, params.IpFrom = params.IpFrom, params.IpTo + } + + createResp, err := this.RPC().IPItemRPC().CreateIPItem(this.AdminContext(), &pb.CreateIPItemRequest{ + IpListId: params.ListId, + IpFrom: params.IpFrom, + IpTo: params.IpTo, + ExpiredAt: params.ExpiredAt, + Reason: params.Reason, + }) + if err != nil { + this.ErrorPage(err) + return + } + itemId := createResp.IpItemId + + // 日志 + defer this.CreateLog(oplogs.LevelInfo, "在WAF策略 %d 名单中添加IP %d", params.ListId, itemId) + + this.Success() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/deleteIP.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/deleteIP.go new file mode 100644 index 00000000..a5cf1dc2 --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/deleteIP.go @@ -0,0 +1,29 @@ +package ipadmin + +import ( + "github.com/TeaOSLab/EdgeAdmin/internal/oplogs" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" +) + +type DeleteIPAction struct { + actionutils.ParentAction +} + +func (this *DeleteIPAction) RunPost(params struct { + FirewallPolicyId int64 + ItemId int64 +}) { + // 日志 + defer this.CreateLog(oplogs.LevelInfo, "从WAF策略 %d 名单中删除IP %d", params.FirewallPolicyId, params.ItemId) + + // TODO 判断权限 + + _, err := this.RPC().IPItemRPC().DeleteIPItem(this.AdminContext(), &pb.DeleteIPItemRequest{IpItemId: params.ItemId}) + if err != nil { + this.ErrorPage(err) + return + } + + this.Success() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/denyList.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/denyList.go new file mode 100644 index 00000000..a703b424 --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/denyList.go @@ -0,0 +1,80 @@ +package ipadmin + +import ( + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/iwind/TeaGo/maps" + timeutil "github.com/iwind/TeaGo/utils/time" +) + +type DenyListAction struct { + actionutils.ParentAction +} + +func (this *DenyListAction) Init() { + this.Nav("", "setting", "denyList") + this.SecondMenu("waf") +} + +func (this *DenyListAction) RunGet(params struct { + ServerId int64 +}) { + this.Data["featureIsOn"] = true + + listId, err := dao.SharedIPListDAO.FindDenyIPListIdWithServerId(this.AdminContext(), params.ServerId) + if err != nil { + this.ErrorPage(err) + return + } + + // 创建 + if listId == 0 { + listId, err = dao.SharedIPListDAO.CreateIPListForServerId(this.AdminContext(), params.ServerId, "black") + if err != nil { + this.ErrorPage(err) + return + } + } + + this.Data["listId"] = listId + + // 数量 + countResp, err := this.RPC().IPItemRPC().CountIPItemsWithListId(this.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: listId}) + if err != nil { + this.ErrorPage(err) + return + } + count := countResp.Count + page := this.NewPage(count) + this.Data["page"] = page.AsHTML() + + // 列表 + itemsResp, err := this.RPC().IPItemRPC().ListIPItemsWithListId(this.AdminContext(), &pb.ListIPItemsWithListIdRequest{ + IpListId: listId, + Offset: page.Offset, + Size: page.Size, + }) + if err != nil { + this.ErrorPage(err) + return + } + itemMaps := []maps.Map{} + for _, item := range itemsResp.IpItems { + expiredTime := "" + if item.ExpiredAt > 0 { + expiredTime = timeutil.FormatTime("Y-m-d H:i:s", item.ExpiredAt) + } + + itemMaps = append(itemMaps, maps.Map{ + "id": item.Id, + "ipFrom": item.IpFrom, + "ipTo": item.IpTo, + "expiredTime": expiredTime, + "reason": item.Reason, + }) + } + this.Data["items"] = itemMaps + + this.Show() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/index.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/index.go new file mode 100644 index 00000000..4535a802 --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/index.go @@ -0,0 +1,108 @@ +package ipadmin + +import ( + "encoding/json" + "github.com/TeaOSLab/EdgeAdmin/internal/oplogs" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs" + "github.com/iwind/TeaGo/actions" + "github.com/iwind/TeaGo/lists" + "github.com/iwind/TeaGo/maps" + "strings" +) + +type IndexAction struct { + actionutils.ParentAction +} + +func (this *IndexAction) Init() { + this.Nav("", "", "ipadmin") +} + +func (this *IndexAction) RunGet(params struct { + FirewallPolicyId int64 +}) { + this.Data["subMenuItem"] = "region" + + // 当前选中的地区 + policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId) + if err != nil { + this.ErrorPage(err) + return + } + if policyConfig == nil { + this.NotFound("firewallPolicy", params.FirewallPolicyId) + return + } + selectedCountryIds := []int64{} + if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil { + selectedCountryIds = policyConfig.Inbound.Region.DenyCountryIds + } + + countriesResp, err := this.RPC().RegionCountryRPC().FindAllEnabledRegionCountries(this.AdminContext(), &pb.FindAllEnabledRegionCountriesRequest{}) + if err != nil { + this.ErrorPage(err) + return + } + countryMaps := []maps.Map{} + for _, country := range countriesResp.Countries { + countryMaps = append(countryMaps, maps.Map{ + "id": country.Id, + "name": country.Name, + "letter": strings.ToUpper(string(country.Pinyin[0][0])), + "isChecked": lists.ContainsInt64(selectedCountryIds, country.Id), + }) + } + this.Data["countries"] = countryMaps + + this.Show() +} + +func (this *IndexAction) RunPost(params struct { + FirewallPolicyId int64 + CountryIds []int64 + + Must *actions.Must +}) { + // 日志 + defer this.CreateLog(oplogs.LevelInfo, "WAF策略 %d 设置禁止访问的国家和地区", params.FirewallPolicyId) + + policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId) + if err != nil { + this.ErrorPage(err) + return + } + if policyConfig == nil { + this.NotFound("firewallPolicy", params.FirewallPolicyId) + return + } + + if policyConfig.Inbound == nil { + policyConfig.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true} + } + if policyConfig.Inbound.Region == nil { + policyConfig.Inbound.Region = &firewallconfigs.HTTPFirewallRegionConfig{ + IsOn: true, + } + } + policyConfig.Inbound.Region.DenyCountryIds = params.CountryIds + + inboundJSON, err := json.Marshal(policyConfig.Inbound) + if err != nil { + this.ErrorPage(err) + return + } + + _, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{ + HttpFirewallPolicyId: params.FirewallPolicyId, + InboundJSON: inboundJSON, + }) + if err != nil { + this.ErrorPage(err) + return + } + + this.Success() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/provinces.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/provinces.go new file mode 100644 index 00000000..b6592c5c --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/provinces.go @@ -0,0 +1,110 @@ +package ipadmin + +import ( + "encoding/json" + "github.com/TeaOSLab/EdgeAdmin/internal/oplogs" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs" + "github.com/iwind/TeaGo/actions" + "github.com/iwind/TeaGo/lists" + "github.com/iwind/TeaGo/maps" +) + +const ChinaCountryId = 1 + +type ProvincesAction struct { + actionutils.ParentAction +} + +func (this *ProvincesAction) Init() { + this.Nav("", "", "ipadmin") +} + +func (this *ProvincesAction) RunGet(params struct { + FirewallPolicyId int64 +}) { + this.Data["subMenuItem"] = "province" + + // 当前选中的省份 + policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId) + if err != nil { + this.ErrorPage(err) + return + } + if policyConfig == nil { + this.NotFound("firewallPolicy", params.FirewallPolicyId) + return + } + selectedProvinceIds := []int64{} + if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil { + selectedProvinceIds = policyConfig.Inbound.Region.DenyProvinceIds + } + + provincesResp, err := this.RPC().RegionProvinceRPC().FindAllEnabledRegionProvincesWithCountryId(this.AdminContext(), &pb.FindAllEnabledRegionProvincesWithCountryIdRequest{ + CountryId: int64(ChinaCountryId), + }) + if err != nil { + this.ErrorPage(err) + return + } + provinceMaps := []maps.Map{} + for _, province := range provincesResp.Provinces { + provinceMaps = append(provinceMaps, maps.Map{ + "id": province.Id, + "name": province.Name, + "isChecked": lists.ContainsInt64(selectedProvinceIds, province.Id), + }) + } + this.Data["provinces"] = provinceMaps + + this.Show() +} + +func (this *ProvincesAction) RunPost(params struct { + FirewallPolicyId int64 + ProvinceIds []int64 + + Must *actions.Must +}) { + // 日志 + defer this.CreateLog(oplogs.LevelInfo, "WAF策略 %d 设置禁止访问的省份", params.FirewallPolicyId) + + policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId) + if err != nil { + this.ErrorPage(err) + return + } + if policyConfig == nil { + this.NotFound("firewallPolicy", params.FirewallPolicyId) + return + } + + if policyConfig.Inbound == nil { + policyConfig.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true} + } + if policyConfig.Inbound.Region == nil { + policyConfig.Inbound.Region = &firewallconfigs.HTTPFirewallRegionConfig{ + IsOn: true, + } + } + policyConfig.Inbound.Region.DenyProvinceIds = params.ProvinceIds + + inboundJSON, err := json.Marshal(policyConfig.Inbound) + if err != nil { + this.ErrorPage(err) + return + } + + _, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{ + HttpFirewallPolicyId: params.FirewallPolicyId, + InboundJSON: inboundJSON, + }) + if err != nil { + this.ErrorPage(err) + return + } + + this.Success() +} diff --git a/internal/web/actions/default/servers/server/settings/waf/ipadmin/updateIPPopup.go b/internal/web/actions/default/servers/server/settings/waf/ipadmin/updateIPPopup.go new file mode 100644 index 00000000..f25d3d9c --- /dev/null +++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/updateIPPopup.go @@ -0,0 +1,97 @@ +package ipadmin + +import ( + "github.com/TeaOSLab/EdgeAdmin/internal/oplogs" + "github.com/TeaOSLab/EdgeAdmin/internal/utils" + "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils" + "github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb" + "github.com/iwind/TeaGo/actions" + "github.com/iwind/TeaGo/maps" +) + +type UpdateIPPopupAction struct { + actionutils.ParentAction +} + +func (this *UpdateIPPopupAction) Init() { + this.Nav("", "", "") +} + +func (this *UpdateIPPopupAction) RunGet(params struct { + ItemId int64 +}) { + itemResp, err := this.RPC().IPItemRPC().FindEnabledIPItem(this.AdminContext(), &pb.FindEnabledIPItemRequest{IpItemId: params.ItemId}) + if err != nil { + this.ErrorPage(err) + return + } + item := itemResp.IpItem + if item == nil { + this.NotFound("ipItem", params.ItemId) + return + } + + this.Data["item"] = maps.Map{ + "id": item.Id, + "ipFrom": item.IpFrom, + "ipTo": item.IpTo, + "expiredAt": item.ExpiredAt, + "reason": item.Reason, + } + + this.Show() +} + +func (this *UpdateIPPopupAction) RunPost(params struct { + ItemId int64 + + IpFrom string + IpTo string + ExpiredAt int64 + Reason string + + Must *actions.Must + CSRF *actionutils.CSRF +}) { + // 日志 + defer this.CreateLog(oplogs.LevelInfo, "修改WAF策略名单中的IP %d", params.ItemId) + + // TODO 校验ItemId所属用户 + + params.Must. + Field("ipFrom", params.IpFrom). + Require("请输入开始IP") + + // 校验IP格式(ipFrom/ipTo) + ipFromLong := utils.IP2Long(params.IpFrom) + if len(params.IpFrom) > 0 { + if ipFromLong == 0 { + this.Fail("请输入正确的开始IP") + } + } + + ipToLong := utils.IP2Long(params.IpTo) + if len(params.IpTo) > 0 { + if ipToLong == 0 { + this.Fail("请输入正确的结束IP") + } + } + + if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong { + params.IpTo, params.IpFrom = params.IpFrom, params.IpTo + } + + _, err := this.RPC().IPItemRPC().UpdateIPItem(this.AdminContext(), &pb.UpdateIPItemRequest{ + IpItemId: params.ItemId, + IpFrom: params.IpFrom, + IpTo: params.IpTo, + ExpiredAt: params.ExpiredAt, + Reason: params.Reason, + }) + if err != nil { + this.ErrorPage(err) + return + } + + this.Success() +} diff --git a/web/views/@default/clusters/tasks/listPopup.js b/web/views/@default/clusters/tasks/listPopup.js index 38e06086..2b6db9f9 100644 --- a/web/views/@default/clusters/tasks/listPopup.js +++ b/web/views/@default/clusters/tasks/listPopup.js @@ -12,7 +12,7 @@ Tea.context(function () { .done(function () { this.$delay(function () { this.reload() - }, 5000) + }, 3000) }) } diff --git a/web/views/@default/servers/server/settings/waf/@menu.html b/web/views/@default/servers/server/settings/waf/@menu.html new file mode 100644 index 00000000..d2263917 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/@menu.html @@ -0,0 +1,5 @@ + + 设置 + 白名单 + 黑名单 + \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/index.html b/web/views/@default/servers/server/settings/waf/index.html index f8e7f889..2b317e7c 100644 --- a/web/views/@default/servers/server/settings/waf/index.html +++ b/web/views/@default/servers/server/settings/waf/index.html @@ -2,6 +2,7 @@ {$template "/left_menu"}
+ {$template "menu"}
diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/allowList.html b/web/views/@default/servers/server/settings/waf/ipadmin/allowList.html new file mode 100644 index 00000000..a20eb855 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/allowList.html @@ -0,0 +1,46 @@ +{$layout} +{$template "/left_menu"} + +
+ {$template "../menu"} + +
尚未为当前用户开通此功能。
+ + {$ if .featureIsOn} + + 添加IP + | + ID: {{listId}}   + + +

暂时还没有IP。

+ + + + + + + + + + + + + + + + +
IP过期时间备注操作
{{item.ipFrom}} - {{item.ipTo}} + {{item.expiredTime}} + 不过期 + + {{item.reason}} + - + + 修改   + 删除 +
+ +
+ {$end} +
\ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/allowList.js b/web/views/@default/servers/server/settings/waf/ipadmin/allowList.js new file mode 100644 index 00000000..c7079229 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/allowList.js @@ -0,0 +1,36 @@ +Tea.context(function () { + this.updateItem = function (itemId) { + teaweb.popup(Tea.url(".updateIPPopup?listId=" + this.listId, {itemId: itemId}), { + height: "23em", + callback: function () { + teaweb.success("保存成功", function () { + teaweb.reload() + }) + } + }) + } + + this.deleteItem = function (itemId) { + let that = this + teaweb.confirm("确定要删除这个IP吗?", function () { + that.$post(".deleteIP") + .params({ + "listId": this.listId, + "itemId": itemId + }) + .refresh() + }) + } + + /** + * 添加IP名单菜单 + */ + this.createIP = function (type) { + teaweb.popup("/servers/server/settings/waf/ipadmin/createIPPopup?listId=" + this.listId + '&type=' + type, { + height: "23em", + callback: function () { + window.location.reload() + } + }) + } +}) \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/createIPPopup.html b/web/views/@default/servers/server/settings/waf/ipadmin/createIPPopup.html new file mode 100644 index 00000000..7d990d77 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/createIPPopup.html @@ -0,0 +1,42 @@ +{$layout "layout_popup"} + +

添加IP到白名单

+

添加IP到黑名单

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
开始IP * + +
结束IP + +

表示IP段的时候需要填写此项。

+
过期时间 + +

在加入名单某一段时间后会失效,留空表示永久有效。

+
备注
+

添加后将会在5分钟后生效。

+ +
\ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/denyList.html b/web/views/@default/servers/server/settings/waf/ipadmin/denyList.html new file mode 100644 index 00000000..a20eb855 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/denyList.html @@ -0,0 +1,46 @@ +{$layout} +{$template "/left_menu"} + +
+ {$template "../menu"} + +
尚未为当前用户开通此功能。
+ + {$ if .featureIsOn} + + 添加IP + | + ID: {{listId}}   + + +

暂时还没有IP。

+ + + + + + + + + + + + + + + + +
IP过期时间备注操作
{{item.ipFrom}} - {{item.ipTo}} + {{item.expiredTime}} + 不过期 + + {{item.reason}} + - + + 修改   + 删除 +
+ +
+ {$end} +
\ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/denyList.js b/web/views/@default/servers/server/settings/waf/ipadmin/denyList.js new file mode 100644 index 00000000..c7079229 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/denyList.js @@ -0,0 +1,36 @@ +Tea.context(function () { + this.updateItem = function (itemId) { + teaweb.popup(Tea.url(".updateIPPopup?listId=" + this.listId, {itemId: itemId}), { + height: "23em", + callback: function () { + teaweb.success("保存成功", function () { + teaweb.reload() + }) + } + }) + } + + this.deleteItem = function (itemId) { + let that = this + teaweb.confirm("确定要删除这个IP吗?", function () { + that.$post(".deleteIP") + .params({ + "listId": this.listId, + "itemId": itemId + }) + .refresh() + }) + } + + /** + * 添加IP名单菜单 + */ + this.createIP = function (type) { + teaweb.popup("/servers/server/settings/waf/ipadmin/createIPPopup?listId=" + this.listId + '&type=' + type, { + height: "23em", + callback: function () { + window.location.reload() + } + }) + } +}) \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/index.css b/web/views/@default/servers/server/settings/waf/ipadmin/index.css new file mode 100644 index 00000000..e9c43720 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/index.css @@ -0,0 +1,16 @@ +.region-letter-group .item { + padding-left: 1em !important; + padding-right: 1em !important; +} +.country-group { + padding-bottom: 1em; +} +.country-group .country-list .item { + float: left; + width: 12em; + margin-bottom: 0.5em; +} +.country-group .country-list .item .checkbox label { + font-size: 12px !important; +} +/*# sourceMappingURL=index.css.map */ \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/index.css.map b/web/views/@default/servers/server/settings/waf/ipadmin/index.css.map new file mode 100644 index 00000000..be1a9f01 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/index.css.map @@ -0,0 +1 @@ +{"version":3,"sources":["index.less"],"names":[],"mappings":"AAAA,oBACC;EACC,4BAAA;EACA,6BAAA;;AAIF;EAaC,mBAAA;;AAbD,cACC,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AALH,cACC,cACC,MAKC,UAAU;EACT,0BAAA","file":"index.css"} \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/index.html b/web/views/@default/servers/server/settings/waf/ipadmin/index.html new file mode 100644 index 00000000..232040fd --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/index.html @@ -0,0 +1,51 @@ +{$layout} + + {$template "../waf_menu"} + {$template "menu"} + +
+ + + + + + + + + + +
已封禁 + 暂时没有选择封禁区域。 +
+ + ({{country.letter}}){{country.name}} +
+
选择封禁区域 + 选择区域 + +
+ {{group}} +
+
+ + +
+
+
+
+
+

{{letter}}

+
+
+
+ + +
+
+
+
+
+
+
+ +
\ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/index.js b/web/views/@default/servers/server/settings/waf/ipadmin/index.js new file mode 100644 index 00000000..450fcf99 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/index.js @@ -0,0 +1,66 @@ +Tea.context(function () { + this.letterGroups = [ + "ABC", "DEF", "GHI", "JKL", "MNO", "PQR", "STU", "VWX", "YZ" + ]; + this.selectedGroup = "ABC" + this.letterCountries = {} + let that = this + this.countSelectedCountries = this.countries.$count(function (k, country) { + return country.isChecked + }) + this.countries.forEach(function (country) { + if (typeof (that.letterCountries[country.letter]) == "undefined") { + that.letterCountries[country.letter] = [] + } + that.letterCountries[country.letter].push(country) + }) + this.isCheckingAll = false + + this.selectGroup = function (group) { + this.selectedGroup = group + } + + this.selectCountry = function (country) { + country.isChecked = !country.isChecked + this.change() + } + + this.deselectCountry = function (country) { + country.isChecked = false + this.change() + } + + this.checkAll = function () { + this.isCheckingAll = !this.isCheckingAll + + this.countries.forEach(function (country) { + country.isChecked = that.isCheckingAll + }) + + this.change() + } + + this.success = function () { + teaweb.success("保存成功", function () { + teaweb.reload() + }) + } + + this.change = function () { + this.countSelectedCountries = this.countries.$count(function (k, country) { + return country.isChecked + }) + } + + /** + * 添加IP名单菜单 + */ + this.createIP = function (type) { + teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, { + height: "23em", + callback: function () { + window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type + } + }) + } +}) \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/index.less b/web/views/@default/servers/server/settings/waf/ipadmin/index.less new file mode 100644 index 00000000..f6774ab9 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/index.less @@ -0,0 +1,22 @@ +.region-letter-group { + .item { + padding-left: 1em !important; + padding-right: 1em !important; + } +} + +.country-group { + .country-list { + .item { + float: left; + width: 12em; + margin-bottom: 0.5em; + + .checkbox label { + font-size: 12px !important; + } + } + } + + padding-bottom: 1em; +} \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/lists.js b/web/views/@default/servers/server/settings/waf/ipadmin/lists.js new file mode 100644 index 00000000..5d566046 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/lists.js @@ -0,0 +1,36 @@ +Tea.context(function () { + this.updateItem = function (itemId) { + teaweb.popup(Tea.url(".updateIPPopup?firewallPolicyId=" + this.firewallPolicyId, {itemId: itemId}), { + height: "23em", + callback: function () { + teaweb.success("保存成功", function () { + teaweb.reload() + }) + } + }) + } + + this.deleteItem = function (itemId) { + let that = this + teaweb.confirm("确定要删除这个IP吗?", function () { + that.$post(".deleteIP") + .params({ + "firewallPolicyId": this.firewallPolicyId, + "itemId": itemId + }) + .refresh() + }) + } + + /** + * 添加IP名单菜单 + */ + this.createIP = function (type) { + teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, { + height: "23em", + callback: function () { + window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type + } + }) + } +}) \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css new file mode 100644 index 00000000..99e6ff0c --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css @@ -0,0 +1,9 @@ +.province-list .item { + float: left; + width: 12em; + margin-bottom: 0.5em; +} +.province-list .item .checkbox label { + font-size: 12px !important; +} +/*# sourceMappingURL=provinces.css.map */ \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css.map b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css.map new file mode 100644 index 00000000..777cb7a0 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.css.map @@ -0,0 +1 @@ +{"version":3,"sources":["provinces.less"],"names":[],"mappings":"AAAA,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AAJF,cACC,MAKC,UAAU;EACT,0BAAA","file":"provinces.css"} \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/provinces.html b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.html new file mode 100644 index 00000000..ca240b3f --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.html @@ -0,0 +1,46 @@ +{$layout} + + {$template "../waf_menu"} + {$template "menu"} + +
+ + + + + + + + + + +
已封禁 + 暂时没有选择封禁省份。 +
+ + {{province.name}} +
+
选择封禁区域 + + + 选择省份/自治区 +
+
+ + +
+
+ + +
+
+
+ + +
+
+
+
+
+ +
\ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/provinces.js b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.js new file mode 100644 index 00000000..31eff506 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.js @@ -0,0 +1,52 @@ +Tea.context(function () { + this.isCheckingAll = false + + this.countSelectedProvinces = this.provinces.$count(function (k, province) { + return province.isChecked + }) + + this.selectProvince = function (province) { + province.isChecked = !province.isChecked + this.change() + } + + this.deselectProvince = function (province) { + province.isChecked = false + this.change() + } + + this.checkAll = function () { + this.isCheckingAll = !this.isCheckingAll + let that = this + this.provinces.forEach(function (province) { + province.isChecked = that.isCheckingAll + }) + + this.change() + } + + this.success = function () { + teaweb.success("保存成功", function () { + teaweb.reload() + }) + } + + + this.change = function () { + this.countSelectedProvinces = this.provinces.$count(function (k, province) { + return province.isChecked + }) + } + + /** + * 添加IP名单菜单 + */ + this.createIP = function (type) { + teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, { + height: "23em", + callback: function () { + window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type + } + }) + } +}) \ No newline at end of file diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/provinces.less b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.less new file mode 100644 index 00000000..a9bc1668 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/provinces.less @@ -0,0 +1,11 @@ +.province-list { + .item { + float: left; + width: 12em; + margin-bottom: 0.5em; + + .checkbox label { + font-size: 12px !important; + } + } +} diff --git a/web/views/@default/servers/server/settings/waf/ipadmin/updateIPPopup.html b/web/views/@default/servers/server/settings/waf/ipadmin/updateIPPopup.html new file mode 100644 index 00000000..aff914f0 --- /dev/null +++ b/web/views/@default/servers/server/settings/waf/ipadmin/updateIPPopup.html @@ -0,0 +1,40 @@ +{$layout "layout_popup"} + +

修改IP

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + +
开始IP * + +
结束IP + +

表示IP段的时候需要填写此项。

+
过期时间 + +

在加入名单某一段时间后会失效,留空表示永久有效。

+
备注
+ +
\ No newline at end of file