WAF策略：可以修改分组代号/导入时可以根据名称合并/导出时可以导出停用的分组

2025-11-04 04:54:32 +08:00 · 2021-12-12 20:24:15 +08:00
parent 1c5cddf192
commit 72f8d139c7
13 changed files with 85 additions and 23 deletions
--- a/internal/web/actions/default/servers/components/waf/createGroupPopup.go
+++ b/internal/web/actions/default/servers/components/waf/createGroupPopup.go
@@ -30,6 +30,7 @@ func (this *CreateGroupPopupAction) RunPost(params struct {
 	Type             string

 	Name        string
+	Code        string
 	Description string
 	IsOn        bool

@@ -52,6 +53,7 @@ func (this *CreateGroupPopupAction) RunPost(params struct {
 	createResp, err := this.RPC().HTTPFirewallRuleGroupRPC().CreateHTTPFirewallRuleGroup(this.AdminContext(), &pb.CreateHTTPFirewallRuleGroupRequest{
 		IsOn:        params.IsOn,
 		Name:        params.Name,
+		Code:        params.Code,
 		Description: params.Description,
 	})
 	if err != nil {
--- a/internal/web/actions/default/servers/components/waf/export.go
+++ b/internal/web/actions/default/servers/components/waf/export.go
@@ -32,24 +32,36 @@ func (this *ExportAction) RunGet(params struct {
 		return
 	}

-	inboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
-	outboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
+	enabledInboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
+	enabledOutboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
+
+	disabledInboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
+	disabledOutboundGroups := []*firewallconfigs.HTTPFirewallRuleGroup{}
+
 	if policy.Inbound != nil {
 		for _, g := range policy.Inbound.Groups {
 			if g.IsOn {
-				inboundGroups = append(inboundGroups, g)
+				enabledInboundGroups = append(enabledInboundGroups, g)
+			} else {
+				disabledInboundGroups = append(disabledInboundGroups, g)
 			}
 		}
 	}
 	if policy.Outbound != nil {
 		for _, g := range policy.Outbound.Groups {
 			if g.IsOn {
-				outboundGroups = append(outboundGroups, g)
+				enabledOutboundGroups = append(enabledOutboundGroups, g)
+			} else {
+				disabledOutboundGroups = append(disabledOutboundGroups, g)
 			}
 		}
 	}
-	this.Data["inboundGroups"] = inboundGroups
-	this.Data["outboundGroups"] = outboundGroups
+
+	this.Data["enabledInboundGroups"] = enabledInboundGroups
+	this.Data["enabledOutboundGroups"] = enabledOutboundGroups
+
+	this.Data["disabledInboundGroups"] = disabledInboundGroups
+	this.Data["disabledOutboundGroups"] = disabledOutboundGroups

 	this.Show()
 }
@@ -116,5 +128,6 @@ func (this *ExportAction) RunPost(params struct {
 	ttlcache.DefaultCache.Write(key, configJSON, time.Now().Unix()+600)

 	this.Data["key"] = key
+	this.Data["id"] = params.FirewallPolicyId
 	this.Success()
 }
--- a/internal/web/actions/default/servers/components/waf/exportDownload.go
+++ b/internal/web/actions/default/servers/components/waf/exportDownload.go
@@ -3,6 +3,7 @@ package waf
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/ttlcache"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/iwind/TeaGo/types"
 	"strconv"
 )

@@ -15,7 +16,8 @@ func (this *ExportDownloadAction) Init() {
 }

 func (this *ExportDownloadAction) RunGet(params struct {
-	Key string
+	Key      string
+	PolicyId int64
 }) {
 	item := ttlcache.DefaultCache.Read(params.Key)
 	if item == nil || item.Value == nil {
@@ -27,7 +29,7 @@ func (this *ExportDownloadAction) RunGet(params struct {

 	data, ok := item.Value.([]byte)
 	if ok {
-		this.AddHeader("Content-Disposition", "attachment; filename=\"WAF.json\";")
+		this.AddHeader("Content-Disposition", "attachment; filename=\"WAF-"+types.String(params.PolicyId)+".json\";")
 		this.AddHeader("Content-Length", strconv.Itoa(len(data)))
 		this.Write(data)
 	} else {
--- a/internal/web/actions/default/servers/components/waf/groups.go
+++ b/internal/web/actions/default/servers/components/waf/groups.go
@@ -43,7 +43,8 @@ func (this *GroupsAction) RunGet(params struct {
 					"isOn":        g.IsOn,
 					"description": g.Description,
 					"countSets":   len(g.Sets),
-					"canDelete":   len(g.Code) == 0,
+					"isTemplate":  g.IsTemplate,
+					"canDelete":   !g.IsTemplate,
 				})
 			}
 		}
@@ -60,7 +61,8 @@ func (this *GroupsAction) RunGet(params struct {
 					"isOn":        g.IsOn,
 					"description": g.Description,
 					"countSets":   len(g.Sets),
-					"canDelete":   len(g.Code) == 0,
+					"isTemplate":  g.IsTemplate,
+					"canDelete":   !g.IsTemplate,
 				})
 			}
 		}
--- a/internal/web/actions/default/servers/components/waf/updateGroupPopup.go
+++ b/internal/web/actions/default/servers/components/waf/updateGroupPopup.go
@@ -35,6 +35,7 @@ func (this *UpdateGroupPopupAction) RunGet(params struct {
 		"name":        groupConfig.Name,
 		"description": groupConfig.Description,
 		"isOn":        groupConfig.IsOn,
+		"code":        groupConfig.Code,
 	}

 	this.Show()
@@ -43,6 +44,7 @@ func (this *UpdateGroupPopupAction) RunGet(params struct {
 func (this *UpdateGroupPopupAction) RunPost(params struct {
 	GroupId     int64
 	Name        string
+	Code        string
 	Description string
 	IsOn        bool

@@ -59,6 +61,7 @@ func (this *UpdateGroupPopupAction) RunPost(params struct {
 		FirewallRuleGroupId: params.GroupId,
 		IsOn:                params.IsOn,
 		Name:                params.Name,
+		Code:                params.Code,
 		Description:         params.Description,
 	})
 	if err != nil {