TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-23 09:50:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF国家/地区封禁、省份封禁增加例外URL、限制URL

Browse Source
This commit is contained in:
GoEdgeLab
2023-05-25 12:02:19 +08:00
parent 08aff79d31
commit d81774f6ee
10 changed files with 121 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
internal/web/actions/default/servers/server/settings/waf/ipadmin/countries.go
View File

@@ -7,6 +7,7 @@ import (
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/maps"
@@ -41,7 +42,7 @@ func (this *CountriesAction) RunGet(params struct {
this.NotFound("firewallPolicy", params.FirewallPolicyId)
return
}
selectedCountryIds := []int64{}
var selectedCountryIds = []int64{}
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
selectedCountryIds = policyConfig.Inbound.Region.DenyCountryIds
}
@@ -51,7 +52,7 @@ func (this *CountriesAction) RunGet(params struct {
this.ErrorPage(err)
return
}
countryMaps := []maps.Map{}
var countryMaps = []maps.Map{}
for _, country := range countriesResp.RegionCountries {
countryMaps = append(countryMaps, maps.Map{
"id": country.Id,
@@ -62,6 +63,18 @@ func (this *CountriesAction) RunGet(params struct {
}
this.Data["countries"] = countryMaps
// except & only URL Patterns
this.Data["exceptURLPatterns"] = []*shared.URLPattern{}
this.Data["onlyURLPatterns"] = []*shared.URLPattern{}
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
if len(policyConfig.Inbound.Region.CountryExceptURLPatterns) > 0 {
this.Data["exceptURLPatterns"] = policyConfig.Inbound.Region.CountryExceptURLPatterns
}
if len(policyConfig.Inbound.Region.CountryOnlyURLPatterns) > 0 {
this.Data["onlyURLPatterns"] = policyConfig.Inbound.Region.CountryOnlyURLPatterns
}
}
// WAF是否启用
webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithServerId(this.AdminContext(), params.ServerId)
if err != nil {
@@ -77,6 +90,9 @@ func (this *CountriesAction) RunPost(params struct {
FirewallPolicyId int64
CountryIds []int64
ExceptURLPatternsJSON []byte
OnlyURLPatternsJSON []byte
Must *actions.Must
}) {
// 日志
@@ -102,6 +118,34 @@ func (this *CountriesAction) RunPost(params struct {
}
policyConfig.Inbound.Region.DenyCountryIds = params.CountryIds
// 例外URL
var exceptURLPatterns = []*shared.URLPattern{}
if len(params.ExceptURLPatternsJSON) > 0 {
err = json.Unmarshal(params.ExceptURLPatternsJSON, &exceptURLPatterns)
if err != nil {
this.Fail("校验例外URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.CountryExceptURLPatterns = exceptURLPatterns
// 限制URL
var onlyURLPatterns = []*shared.URLPattern{}
if len(params.OnlyURLPatternsJSON) > 0 {
err = json.Unmarshal(params.OnlyURLPatternsJSON, &onlyURLPatterns)
if err != nil {
this.Fail("校验限制URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.CountryOnlyURLPatterns = onlyURLPatterns
err = policyConfig.Init()
if err != nil {
this.Fail("配置校验失败:" + err.Error())
return
}
inboundJSON, err := json.Marshal(policyConfig.Inbound)
if err != nil {
this.ErrorPage(err)

48
internal/web/actions/default/servers/server/settings/waf/ipadmin/provinces.go
View File

@@ -7,6 +7,7 @@ import (
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/maps"
@@ -41,7 +42,7 @@ func (this *ProvincesAction) RunGet(params struct {
this.NotFound("firewallPolicy", params.FirewallPolicyId)
return
}
selectedProvinceIds := []int64{}
var selectedProvinceIds = []int64{}
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
selectedProvinceIds = policyConfig.Inbound.Region.DenyProvinceIds
}
@@ -53,7 +54,7 @@ func (this *ProvincesAction) RunGet(params struct {
this.ErrorPage(err)
return
}
provinceMaps := []maps.Map{}
var provinceMaps = []maps.Map{}
for _, province := range provincesResp.RegionProvinces {
provinceMaps = append(provinceMaps, maps.Map{
"id": province.Id,
@@ -63,6 +64,18 @@ func (this *ProvincesAction) RunGet(params struct {
}
this.Data["provinces"] = provinceMaps
// except & only URL Patterns
this.Data["exceptURLPatterns"] = []*shared.URLPattern{}
this.Data["onlyURLPatterns"] = []*shared.URLPattern{}
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
if len(policyConfig.Inbound.Region.ProvinceExceptURLPatterns) > 0 {
this.Data["exceptURLPatterns"] = policyConfig.Inbound.Region.ProvinceExceptURLPatterns
}
if len(policyConfig.Inbound.Region.ProvinceOnlyURLPatterns) > 0 {
this.Data["onlyURLPatterns"] = policyConfig.Inbound.Region.ProvinceOnlyURLPatterns
}
}
// WAF是否启用
webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithServerId(this.AdminContext(), params.ServerId)
if err != nil {
@@ -78,6 +91,9 @@ func (this *ProvincesAction) RunPost(params struct {
FirewallPolicyId int64
ProvinceIds []int64
ExceptURLPatternsJSON []byte
OnlyURLPatternsJSON []byte
Must *actions.Must
}) {
// 日志
@@ -103,6 +119,34 @@ func (this *ProvincesAction) RunPost(params struct {
}
policyConfig.Inbound.Region.DenyProvinceIds = params.ProvinceIds
// 例外URL
var exceptURLPatterns = []*shared.URLPattern{}
if len(params.ExceptURLPatternsJSON) > 0 {
err = json.Unmarshal(params.ExceptURLPatternsJSON, &exceptURLPatterns)
if err != nil {
this.Fail("校验例外URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.ProvinceExceptURLPatterns = exceptURLPatterns
// 限制URL
var onlyURLPatterns = []*shared.URLPattern{}
if len(params.OnlyURLPatternsJSON) > 0 {
err = json.Unmarshal(params.OnlyURLPatternsJSON, &onlyURLPatterns)
if err != nil {
this.Fail("校验限制URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.ProvinceOnlyURLPatterns = onlyURLPatterns
err = policyConfig.Init()
if err != nil {
this.Fail("配置校验失败:" + err.Error())
return
}
inboundJSON, err := json.Marshal(policyConfig.Inbound)
if err != nil {
this.ErrorPage(err)

1
web/views/@default/servers/server/settings/waf/ipadmin/countries.css
View File

@@ -12,5 +12,6 @@
}
.country-group .country-list .item .checkbox label {
font-size: 12px !important;
cursor: pointer !important;
}
/*# sourceMappingURL=countries.css.map */

2
web/views/@default/servers/server/settings/waf/ipadmin/countries.css.map
View File

@@ -1 +1 @@
{"version":3,"sources":["countries.less"],"names":[],"mappings":"AAAA,oBACC;EACC,4BAAA;EACA,6BAAA;;AAIF;EAaC,mBAAA;;AAbD,cACC,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AALH,cACC,cACC,MAKC,UAAU;EACT,0BAAA","file":"countries.css"}
{"version":3,"sources":["countries.less"],"names":[],"mappings":"AAAA,oBACC;EACC,4BAAA;EACA,6BAAA;;AAIF;EAcC,mBAAA;;AAdD,cACC,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AALH,cACC,cACC,MAKC,UAAU;EACT,0BAAA;EACA,0BAAA","file":"countries.css"}

14
web/views/@default/servers/server/settings/waf/ipadmin/countries.html
View File

@@ -12,6 +12,8 @@
<form method="post" class="ui form" data-tea-action="$" data-tea-success="success">
<input type="hidden" name="firewallPolicyId" :value="firewallPolicyId"/>
<input type="hidden" name="exceptURLPatternsJSON" :value="JSON.stringify(exceptURLPatterns)"/>
<input type="hidden" name="onlyURLPatternsJSON" :value="JSON.stringify(onlyURLPatterns)"/>
<table class="ui table selectable definition">
<tr>
<td class="title">已封禁</td>
@@ -24,9 +26,9 @@
</td>
</tr>
<tr>
<td>选择封禁区域</td>
<td>选择封禁区域 *</td>
<td>
<more-options-indicator>选择区域</more-options-indicator>
<more-options-indicator><span v-if="!moreOptionsVisible">选择区域</span><span v-else>完成选择</span></more-options-indicator>
<div class="ui menu tabular tiny region-letter-group" v-show="moreOptionsVisible">
<a href="" v-for="group in letterGroups" class="item" :class="{active: group == selectedGroup}" @click.prevent="selectGroup(group)">{{group}}</a>
@@ -53,6 +55,14 @@
</div>
</td>
</tr>
<tr>
<td>例外URL &nbsp;<tip-icon content="对这些URL将不做任何限制。"></tip-icon></td>
<td><url-patterns-box v-model="exceptURLPatterns"></url-patterns-box></td>
</tr>
<tr>
<td>限制URL &nbsp;<tip-icon content="只对这些URL做限制。"></tip-icon></td>
<td><url-patterns-box v-model="onlyURLPatterns"></url-patterns-box></td>
</tr>
</table>
<submit-btn></submit-btn>
</form>

1
web/views/@default/servers/server/settings/waf/ipadmin/countries.less
View File

@@ -14,6 +14,7 @@
.checkbox label {
font-size: 12px !important;
cursor: pointer !important;
}
}
}

1
web/views/@default/servers/server/settings/waf/ipadmin/provinces.css
View File

@@ -5,5 +5,6 @@
}
.province-list .item .checkbox label {
font-size: 12px !important;
cursor: pointer !important;
}
/*# sourceMappingURL=provinces.css.map */

2
web/views/@default/servers/server/settings/waf/ipadmin/provinces.css.map
View File

@@ -1 +1 @@
{"version":3,"sources":["provinces.less"],"names":[],"mappings":"AAAA,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AAJF,cACC,MAKC,UAAU;EACT,0BAAA","file":"provinces.css"}
{"version":3,"sources":["provinces.less"],"names":[],"mappings":"AAAA,cACC;EACC,WAAA;EACA,WAAA;EACA,oBAAA;;AAJF,cACC,MAKC,UAAU;EACT,0BAAA;EACA,0BAAA","file":"provinces.css"}

12
web/views/@default/servers/server/settings/waf/ipadmin/provinces.html
View File

@@ -12,6 +12,8 @@
<form method="post" class="ui form" data-tea-action="$" data-tea-success="success">
<input type="hidden" name="firewallPolicyId" :value="firewallPolicyId"/>
<input type="hidden" name="exceptURLPatternsJSON" :value="JSON.stringify(exceptURLPatterns)"/>
<input type="hidden" name="onlyURLPatternsJSON" :value="JSON.stringify(onlyURLPatterns)"/>
<table class="ui table selectable definition">
<tr>
<td class="title">已封禁</td>
@@ -28,7 +30,7 @@
<td>
<first-menu>
<menu-item><more-options-indicator>选择省份/自治区</more-options-indicator></menu-item>
<menu-item><more-options-indicator><span v-if="!moreOptionsVisible">选择省份/自治区</span><span v-else>完成选择</span></more-options-indicator></menu-item>
<div class="item right" v-show="moreOptionsVisible">
<div class="ui checkbox" @click.prevent="checkAll">
<input type="checkbox" v-model="isCheckingAll"/>
@@ -48,6 +50,14 @@
<div class="clear"></div>
</td>
</tr>
<tr>
<td>例外URL &nbsp;<tip-icon content="对这些URL将不做任何限制。"></tip-icon></td>
<td><url-patterns-box v-model="exceptURLPatterns"></url-patterns-box></td>
</tr>
<tr>
<td>限制URL &nbsp;<tip-icon content="只对这些URL做限制。"></tip-icon></td>
<td><url-patterns-box v-model="onlyURLPatterns"></url-patterns-box></td>
</tr>
</table>
<submit-btn></submit-btn>
</form>

1
web/views/@default/servers/server/settings/waf/ipadmin/provinces.less
View File

@@ -6,6 +6,7 @@
.checkbox label {
font-size: 12px !important;
cursor: pointer !important;
}
}
}