IPSpoofing配置批量审核操作增加欺骗IP池配置处理，修正图片样例批量审核功能

author: zhangwenqing <[email protected]> 2019-04-22 17:23:03 +0800
committer: zhangwenqing <[email protected]> 2019-04-22 17:23:03 +0800
commit: f773c95c0bbe65a1e01ce978f0762a95d64f1810 (patch)
tree: 7f97db91020032a23f0255507f18d0188e56016d
parent: 77c7649b6a3a9b21a2003a8e21229775acf6ee2b (diff)
5 files changed, 124 insertions, 6 deletions
diff --git a/src/main/java/com/nis/web/controller/BaseController.java b/src/main/java/com/nis/web/controller/BaseController.java
index 05c9e5416..8358ff057 100644
--- a/src/main/java/com/nis/web/controller/BaseController.java
+++ b/src/main/java/com/nis/web/controller/BaseController.java
@@ -3444,6 +3444,8 @@ public class BaseController {
 		}
 		
 		BaseCfg batchCfg = new BaseCfg();
+		batchCfg.setIsValid(-1);
+		batchCfg.setIsAudit(0);
 		batchCfg.setEditTime(new Date());
 		batchCfg.setEditorId(UserUtils.getUser().getId());
 		
diff --git a/src/main/java/com/nis/web/dao/configuration/CommonPolicyDao.xml b/src/main/java/com/nis/web/dao/configuration/CommonPolicyDao.xml
index dd8949cdd..d46d4837a 100644
--- a/src/main/java/com/nis/web/dao/configuration/CommonPolicyDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/CommonPolicyDao.xml
@@ -815,6 +815,19 @@
 			       	</foreach>
 		    </where>
   		</when>
+  		<when test="tableName == 'pxy_obj_spoofing_ip_pool'" >
+	  		UPDATE ${tableName} SET 
+	  		is_valid = #{entity.isValid,jdbcType=INTEGER},
+	  		is_audit = #{entity.isAudit,jdbcType=INTEGER},
+	  		auditor_id = #{entity.auditorId,jdbcType=INTEGER}, 
+		    audit_time = #{entity.auditTime,jdbcType=TIMESTAMP} 
+		    <where>
+		        AND cfg_id IN 
+		        <foreach collection="compileIds" index="index" item="compileId" open="(" separator="," close=")">
+		               #{compileId}       
+		       	</foreach>
+		    </where>
+  		</when>
   		<otherwise>
   			update ${tableName} set is_audit = #{entity.isAudit,jdbcType=INTEGER},
 		    auditor_id = #{entity.auditorId,jdbcType=INTEGER}, 
@@ -1030,7 +1043,13 @@
 			        <foreach collection="compileIds" index="index" item="compileId" open="(" separator="," close=")">
 			               #{compileId}       
 			       	</foreach>
-		        </when>  
+		        </when>
+		        <when test="tableName == 'pxy_obj_spoofing_ip_pool'" >
+			  		AND cfg_id IN 
+			        <foreach collection="compileIds" index="index" item="compileId" open="(" separator="," close=")">
+			               #{compileId}       
+			       	</foreach>
+		  		</when>
 		        <otherwise>
 			        AND compile_id IN 
 			        <foreach collection="compileIds" index="index" item="compileId" open="(" separator="," close=")">
diff --git a/src/main/java/com/nis/web/service/configuration/CommonPolicyService.java b/src/main/java/com/nis/web/service/configuration/CommonPolicyService.java
index 0c1ca65fa..5b770f822 100644
--- a/src/main/java/com/nis/web/service/configuration/CommonPolicyService.java
+++ b/src/main/java/com/nis/web/service/configuration/CommonPolicyService.java
@@ -40,6 +40,7 @@ import com.nis.domain.configuration.HttpUrlCfg;
 import com.nis.domain.configuration.IpPortCfg;
 import com.nis.domain.configuration.NtcSubscribeIdCfg;
 import com.nis.domain.configuration.PxyObjKeyring;
+import com.nis.domain.configuration.PxyObjSpoofingIpPool;
 import com.nis.domain.configuration.PxyObjTrustedCaCert;
 import com.nis.domain.configuration.PxyObjTrustedCaCrl;
 import com.nis.domain.maat.GroupReuseAddBean;
@@ -61,6 +62,7 @@ import com.nis.util.StringUtil;
 import com.nis.web.dao.configuration.AreaIpCfgDao;
 import com.nis.web.dao.configuration.CommonPolicyDao;
 import com.nis.web.dao.configuration.ConfigSynchronizationDao;
+import com.nis.web.dao.configuration.PxyObjSpoofingIpPoolDao;
 import com.nis.web.dao.configuration.StringCfgDao;
 import com.nis.web.dao.configuration.WebsiteCfgDao;
 import com.nis.web.security.UserUtils;
@@ -73,6 +75,8 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 	protected CommonPolicyDao commonPolicyDao;
 	@Autowired
 	protected ConfigSynchronizationDao synchronizationDao;
+	@Autowired
+	protected PxyObjSpoofingIpPoolDao pxyObjSpoofingIpPoolDao;
 	
 	/**
 	 * maat配置批量失效
@@ -101,8 +105,12 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		maatBean = new ToMaatBean();		
 		configCompileList = new ArrayList();
 		List<Integer> compileIds = new ArrayList();
+		List<String> spoofingPoolCfgIds = new ArrayList();
 		for(BaseCfg cfg:list){
 			compileIds.add(cfg.getCompileId());
+			if(entity.getServiceId().equals(518)){ // IP_Spoofing
+				spoofingPoolCfgIds.add(cfg.getUserRegion3());
+			}
 		}
 		
 		if(!StringUtil.isEmpty(compileIds) && !StringUtil.isEmpty(entity.getTableName())) {
@@ -147,9 +155,39 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		if(cfgList!=null){
 			for(Map<String,Object> m:cfgList){
 				String tableName = m.get("tableName").toString();
-				commonPolicyDao.auditCfgBatch( tableName, entity,compileIds,null);
+				if(tableName.equals("pxy_obj_spoofing_ip_pool")) {
+					commonPolicyDao.auditCfgBatch( tableName, entity,spoofingPoolCfgIds,null);
+				}else {
+					commonPolicyDao.auditCfgBatch( tableName, entity,compileIds,null);
+				}
+			}
+		}
+		
+		if(entity.getServiceId().equals(518)){// IP仿冒策略
+			List<PxyObjSpoofingIpPool> poolList = new ArrayList<PxyObjSpoofingIpPool>();
+			String json="";
+			for (String cfgId : spoofingPoolCfgIds) {
+				PxyObjSpoofingIpPool pool = pxyObjSpoofingIpPoolDao.getPxyObjSpoofingIpPool(Long.parseLong(cfgId));
+				PxyObjSpoofingIpPool cfg = new PxyObjSpoofingIpPool();
+				cfg.setIsValid(0);
+				cfg.setCompileId(pool.getCompileId());
+				cfg.setServiceId(pool.getServiceId());
+				poolList.add(cfg);
+			}
+			// 调用服务接口取消配置
+			json=gsonToJson(poolList);
+			logger.info("欺骗IP池配置批量失效参数："+json);
+			// 调用服务接口取消配置
+			try {
+				ToMaatResult result = ConfigServiceUtil.put(json, 2);
+				logger.info("欺骗IP池配置批量失效响应信息："+result.getMsg());
+			} catch (Exception e) {
+				logger.info("欺骗IP池配置批量失效失败");
+				throw e;
 			}
+			
 		}
+		
 		for(BaseCfg cfg:list){
 			maatCfg = new MaatCfg();
 			maatCfg.setCompileId(cfg.getCompileId());
@@ -300,7 +338,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		
 		if(entity.getIsAudit()==1){
 			//调用服务接口下发配置数据
-			String json=gsonToJson(auditList);
+			String json=gsonToJson(notAuditList);
 			//logger.warn("批量下发配置参数："+json);
 			//调用服务接口下发配置
 			ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
@@ -337,6 +375,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		
 		// 1.获取所有配置的编译ID
 		List<Integer> compileIds = new ArrayList();
+		List<String> spoofingPoolCfgIds = new ArrayList();
 		for(BaseCfg cfg:list){
 			if(entity.getServiceId().equals(1028)) {
 				compileIds.add(Integer.parseInt(cfg.getUserRegion1()));
@@ -345,6 +384,10 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 			}else {
 				compileIds.add(cfg.getCompileId());
 			}
+			
+			if(entity.getServiceId().equals(518)){ // IP_Spoofing
+				spoofingPoolCfgIds.add(cfg.getUserRegion3());
+			}
 		}
 		
 		// 2.更新配置审核状态（主表）
@@ -358,7 +401,11 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		if(cfgList!=null){
 			for(Map<String,Object> m:cfgList){
 				String tableName = m.get("tableName").toString();
-				commonPolicyDao.auditCfgBatch( tableName, entity,compileIds,null);
+				if(tableName.equals("pxy_obj_spoofing_ip_pool")) {
+					commonPolicyDao.auditCfgBatch( tableName, entity,spoofingPoolCfgIds,null);
+				}else {
+					commonPolicyDao.auditCfgBatch( tableName, entity,compileIds,null);
+				}
 			}
 		}
 		
@@ -374,6 +421,7 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 			List<BaseCfg> list, boolean hasData) {
 		// 1.获取所有配置的编译ID
 		List<Integer> compileIds = new ArrayList();
+		List<String> spoofingPoolCfgIds = new ArrayList();
 		for(BaseCfg cfg:list){
 			if(entity.getServiceId().equals(1028)) {
 				compileIds.add(Integer.parseInt(cfg.getUserRegion1()));
@@ -382,6 +430,11 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 			}else {
 				compileIds.add(cfg.getCompileId());
 			}
+			
+			if(entity.getServiceId().equals(518)){ // IP_Spoofing
+				spoofingPoolCfgIds.add(cfg.getUserRegion3());
+			}
+			
 			cfg.setIsValid(-1);
 			cfg.setIsAudit(0);
 		}
@@ -397,7 +450,11 @@ public class CommonPolicyService extends CrudService<WebsiteCfgDao, CfgIndexInfo
 		if(cfgList != null){
 			for(Map<String,Object> m : cfgList){
 				String tableName = m.get("tableName").toString();
-				commonPolicyDao.deleteCfgBatch(tableName, entity, compileIds);
+				if(tableName.equals("pxy_obj_spoofing_ip_pool")) {
+					commonPolicyDao.deleteCfgBatch(tableName, entity, spoofingPoolCfgIds);
+				}else {
+					commonPolicyDao.deleteCfgBatch(tableName, entity, compileIds);
+				}
 			}
 		}
 		
diff --git a/src/main/java/com/nis/web/service/configuration/ConfigSynchronizationService.java b/src/main/java/com/nis/web/service/configuration/ConfigSynchronizationService.java
index d318c84c7..72d9d86ba 100644
--- a/src/main/java/com/nis/web/service/configuration/ConfigSynchronizationService.java
+++ b/src/main/java/com/nis/web/service/configuration/ConfigSynchronizationService.java
@@ -69,6 +69,7 @@ import com.nis.web.dao.basics.AsnGroupInfoDao;
 import com.nis.web.dao.configuration.AppCfgDao;
 import com.nis.web.dao.configuration.CommonPolicyDao;
 import com.nis.web.dao.configuration.ConfigSynchronizationDao;
+import com.nis.web.dao.configuration.PxyObjSpoofingIpPoolDao;
 import com.nis.web.dao.specific.ConfigGroupInfoDao;
 import com.nis.web.dao.specific.SpecificServiceCfgDao;
 import com.nis.web.security.UserUtils;
@@ -94,6 +95,9 @@ public class ConfigSynchronizationService  extends BaseService{
 	protected AsnGroupInfoDao asnGroupInfoDao;
 	@Autowired
 	protected AppCfgDao appCfgDao;
+	@Autowired
+	protected PxyObjSpoofingIpPoolDao pxyObjSpoofingIpPoolDao;
+	
 	private boolean lastServiceTag = false;//标识是否是最后一个同步业务
 	private boolean isFinished = false;
 	/**
@@ -293,8 +297,12 @@ public class ConfigSynchronizationService  extends BaseService{
 		configCompileList = new ArrayList();
 		List<Integer> compileIds = new ArrayList();
 		List<String> asnGroupIds = new ArrayList();
+		List<String> spoofingPoolCfgIds = new ArrayList();
 		for(CfgIndexInfo cfg:list){
 			compileIds.add(cfg.getCompileId());
+			if(entity.getServiceId().equals(518)){ // IP_Spoofing
+				spoofingPoolCfgIds.add(cfg.getUserRegion3());
+			}
 			/*if(entity.getServiceId().equals(37)||entity.getServiceId().equals(149)){
 				asnGroupIds.add(cfg.getUserRegion4());
 			}*/
@@ -335,12 +343,43 @@ public class ConfigSynchronizationService  extends BaseService{
 						if(!StringUtil.isEmpty(asnGroupIds)) {
 							commonPolicyDao.auditCfgBatch(tableName, entity,asnGroupIds,null);
 						}
+					}else if(tableName.equals("pxy_obj_spoofing_ip_pool")) {
+						if(!StringUtil.isEmpty(spoofingPoolCfgIds)) {
+							commonPolicyDao.auditCfgBatch(tableName, entity,spoofingPoolCfgIds,null);
+						}
 					}else{
 						commonPolicyDao.auditCfgBatch( tableName, entity,compileIds,null);
 					}
 				}
 			}
 		}
+		
+		if(entity.getServiceId().equals(518)){// IP仿冒策略
+			List<PxyObjSpoofingIpPool> poolList = new ArrayList<PxyObjSpoofingIpPool>();
+			String json="";
+			for (String cfgId : spoofingPoolCfgIds) {
+				PxyObjSpoofingIpPool pool = new PxyObjSpoofingIpPool();
+				pool = pxyObjSpoofingIpPoolDao.getPxyObjSpoofingIpPool(Long.parseLong(cfgId));
+				pool.setAreaEffectiveIds("0");
+				pool.setGroupId(pool.getCfgId().intValue());// 界面端的配置ID作为策略分组ID
+				poolList.add(pool);
+			}
+			// 调用服务接口下发配置数据
+			json=gsonToJson(poolList);
+			// logger.info("欺骗IP池配置批量下发配置参数："+json);
+			// 调用服务接口下发配置
+			try {
+				ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
+				if(result!=null){
+					logger.info("欺骗IP池配置批量下发响应信息："+result.getMsg());
+				}
+			} catch (Exception e) {
+				logger.error("欺骗IP池配置批量下发失败",e);
+				throw e;
+			}
+			
+		}
+		
 		//批量获取regionId,groupId(相同编译下的IP类配置多条ip只获取一个组号），分组复用的域配置不需要重新获取regionId,groupId
 		List<Integer> regionIds = ConfigServiceUtil.getId(3, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
 		List<Integer> groupIds = ConfigServiceUtil.getId(2, ipList.size()+strList.size()+complexStrList.size()+numList.size()+fileList.size());
@@ -478,7 +517,7 @@ public class ConfigSynchronizationService  extends BaseService{
 			String json=gsonToJson(maatBean);
 			//调用服务接口下发配置数据
 			if(isUpdateCfg) {
-//				logger.info("配置批量下发："+json);
+				logger.info("配置批量下发："+json);
 				//调用服务接口同步回调类配置
 				ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
 				if(result!=null){
diff --git a/src/main/resources/service/service_config.xml b/src/main/resources/service/service_config.xml
index db898858b..117c7d22f 100644
--- a/src/main/resources/service/service_config.xml
+++ b/src/main/resources/service/service_config.xml
@@ -35,6 +35,7 @@
 	<!-- IP Spoofing -->
 	<service id="518" functionId="214" serviceType="1" tableName="cfg_index_info" className="CfgIndexInfo" desc="IP Spoofing">
 	    	<serviceCfg cfgType="1" tableName="ip_port_cfg" ></serviceCfg>
+	    	<serviceCfg cfgType="6" tableName="pxy_obj_spoofing_ip_pool" ></serviceCfg>
 	    	<!-- <serviceCfg cfgType="2" tableName="intercept_pkt_bin" ></serviceCfg> -->
 	    	<userRegion regionKey="nat_type" regionColumn="userRegion1"  userRegionPosition="0"></userRegion>
 	    	<userRegion regionKey="spoofing_ip_pool" regionColumn="userRegion3"  userRegionPosition="0"></userRegion>
author	zhangwenqing <[email protected]>	2019-04-22 17:23:03 +0800
committer	zhangwenqing <[email protected]>	2019-04-22 17:23:03 +0800
commit	f773c95c0bbe65a1e01ce978f0762a95d64f1810 (patch)
tree	7f97db91020032a23f0255507f18d0188e56016d
parent	77c7649b6a3a9b21a2003a8e21229775acf6ee2b (diff)