TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2026-01-22 15:15:47 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d7d0c8fbfebb03cc12abf1a99bdfb3e1baaec3e9
EdgeAdmin/internal/web/actions/default/servers/components/waf/ipadmin/providers.go
GoEdgeLab d7d0c8fbfe v1.4.1
2024-07-27 15:42:58 +08:00

177 lines
5.1 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
package ipadmin
import (
"encoding/json"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/maps"
)
type ProvidersAction struct {
actionutils.ParentAction
}
func (this *ProvidersAction) Init() {
this.Nav("", "", "ipadmin")
}
func (this *ProvidersAction) RunGet(params struct {
FirewallPolicyId int64
}) {
this.Data["subMenuItem"] = "provider"
// 当前选中的运营商
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
if err != nil {
this.ErrorPage(err)
return
}
if policyConfig == nil {
this.NotFound("firewallPolicy", params.FirewallPolicyId)
return
}
var deniedProviderIds = []int64{}
var allowedProviderIds = []int64{}
var providerHTML string
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
deniedProviderIds = policyConfig.Inbound.Region.DenyProviderIds
allowedProviderIds = policyConfig.Inbound.Region.AllowProviderIds
providerHTML = policyConfig.Inbound.Region.ProviderHTML
}
this.Data["providerHTML"] = providerHTML
providerResp, err := this.RPC().RegionProviderRPC().FindAllRegionProviders(this.AdminContext(), &pb.FindAllRegionProvidersRequest{})
if err != nil {
this.ErrorPage(err)
return
}
var deniedProviderMaps = []maps.Map{}
var allowedProviderMaps = []maps.Map{}
for _, provider := range providerResp.RegionProviders {
var providerMap = maps.Map{
"id": provider.Id,
"name": provider.Name,
}
if lists.ContainsInt64(deniedProviderIds, provider.Id) {
deniedProviderMaps = append(deniedProviderMaps, providerMap)
}
if lists.ContainsInt64(allowedProviderIds, provider.Id) {
allowedProviderMaps = append(allowedProviderMaps, providerMap)
}
}
this.Data["deniedProviders"] = deniedProviderMaps
this.Data["allowedProviders"] = allowedProviderMaps
// except & only URL Patterns
this.Data["exceptURLPatterns"] = []*shared.URLPattern{}
this.Data["onlyURLPatterns"] = []*shared.URLPattern{}
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
if len(policyConfig.Inbound.Region.ProviderExceptURLPatterns) > 0 {
this.Data["exceptURLPatterns"] = policyConfig.Inbound.Region.ProviderExceptURLPatterns
}
if len(policyConfig.Inbound.Region.ProviderOnlyURLPatterns) > 0 {
this.Data["onlyURLPatterns"] = policyConfig.Inbound.Region.ProviderOnlyURLPatterns
}
}
this.Show()
}
func (this *ProvidersAction) RunPost(params struct {
FirewallPolicyId int64
DenyProviderIds []int64
AllowProviderIds []int64
ExceptURLPatternsJSON []byte
OnlyURLPatternsJSON []byte
ProviderHTML string
Must *actions.Must
}) {
// 日志
defer this.CreateLogInfo(codes.WAF_LogUpdateForbiddenProviders, params.FirewallPolicyId)
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
if err != nil {
this.ErrorPage(err)
return
}
if policyConfig == nil {
this.NotFound("firewallPolicy", params.FirewallPolicyId)
return
}
if policyConfig.Inbound == nil {
policyConfig.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
}
if policyConfig.Inbound.Region == nil {
policyConfig.Inbound.Region = &firewallconfigs.HTTPFirewallRegionConfig{
IsOn: true,
}
}
policyConfig.Inbound.Region.DenyProviderIds = params.DenyProviderIds
policyConfig.Inbound.Region.AllowProviderIds = params.AllowProviderIds
// 例外URL
var exceptURLPatterns = []*shared.URLPattern{}
if len(params.ExceptURLPatternsJSON) > 0 {
err = json.Unmarshal(params.ExceptURLPatternsJSON, &exceptURLPatterns)
if err != nil {
this.Fail("校验例外URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.ProviderExceptURLPatterns = exceptURLPatterns
// 限制URL
var onlyURLPatterns = []*shared.URLPattern{}
if len(params.OnlyURLPatternsJSON) > 0 {
err = json.Unmarshal(params.OnlyURLPatternsJSON, &onlyURLPatterns)
if err != nil {
this.Fail("校验限制URL参数失败" + err.Error())
return
}
}
policyConfig.Inbound.Region.ProviderOnlyURLPatterns = onlyURLPatterns
// 自定义提示
if len(params.ProviderHTML) > 32<<10 {
this.Fail("提示内容长度不能超出32K")
return
}
policyConfig.Inbound.Region.ProviderHTML = params.ProviderHTML
err = policyConfig.Init()
if err != nil {
this.Fail("配置校验失败:" + err.Error())
return
}
inboundJSON, err := json.Marshal(policyConfig.Inbound)
if err != nil {
this.ErrorPage(err)
return
}
_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{
HttpFirewallPolicyId: params.FirewallPolicyId,
InboundJSON: inboundJSON,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}
Reference in New Issue View Git Blame Copy Permalink