package waf import ( "context" "fmt" v1 "github.com/go-nunu/nunu-layout-advanced/api/v1" "github.com/go-nunu/nunu-layout-advanced/internal/repository/api/flexCdn" "github.com/go-nunu/nunu-layout-advanced/internal/repository/api/waf" "github.com/go-nunu/nunu-layout-advanced/internal/service" flexCdn2 "github.com/go-nunu/nunu-layout-advanced/internal/service/api/flexCdn" ) type CcIpListService interface { GetCcIpList(ctx context.Context, webId int64) ([]v1.CcIpListResponse, error) AddCcIpListPolicy(ctx context.Context, serverId int64,serverGroupId int64) error AddCcWhiteIp(ctx context.Context, webId int64,ip string,comment string) error DelCcWhiteIp(ctx context.Context, webId int64,ips []string) error EditCcWhiteIp(ctx context.Context, webId int64,oldIp string,newIp string,comment string) error GetServerId(ctx context.Context, webId int64) (int64, error) } func NewCcIpListService( service *service.Service, ccIpListRepository flexCdn.CcIpListRepository, cdn flexCdn2.CdnService, webForwardingRep waf.WebForwardingRepository, ) CcIpListService { return &ccIpListService{ Service: service, ccIpListRepository: ccIpListRepository, cdn: cdn, webForwardingRep: webForwardingRep, } } type ccIpListService struct { *service.Service ccIpListRepository flexCdn.CcIpListRepository cdn flexCdn2.CdnService webForwardingRep waf.WebForwardingRepository } func (s *ccIpListService) GetServerId(ctx context.Context, webId int64) (int64, error) { webData, err := s.webForwardingRep.GetWebForwarding(ctx, webId) if err != nil { return 0, err } return int64(webData.CdnWebId), nil } func (s *ccIpListService) GetCcIpList(ctx context.Context, webId int64) ([]v1.CcIpListResponse, error) { webData, err := s.webForwardingRep.GetWebForwarding(ctx, webId) if err != nil { return nil, err } return s.ccIpListRepository.GetCcIpList(ctx, int64(webData.CdnWebId)) } func (s *ccIpListService) AddCcIpListPolicy(ctx context.Context, serverId int64,serverGroupId int64) error { httpWebId, err := s.ccIpListRepository.GetHttpWebId(ctx, serverId) if err != nil { return err } // 创建用户自定义防火墙策略 httpFirewallPolicyId, err := s.cdn.AddWafPolicy(ctx, v1.AddWafPolicy{ IsOn: true, ServerId: serverId, ServerGroupId: serverGroupId, Name: "用户自定义防火墙策略", Description: "", }) if err != nil { return err } if httpFirewallPolicyId == 0 { return fmt.Errorf("创建用户自定义防火墙策略失败") } // 修改防火墙 err = s.cdn.EditHTTPWebFirewal(ctx, httpWebId, v1.Firewall{ IsOn: true, IsPrior: false, FirewallPolicyId: httpFirewallPolicyId, IgnoreGlobalRules: true, DefaultCaptchaType: "none", }) if err != nil { return err } return nil } // 添加白名单 func (s *ccIpListService) AddCcWhiteIp(ctx context.Context, webId int64,ip string,comment string) error { serverId, err := s.GetServerId(ctx, webId) if err != nil { return err } ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white") if err != nil { return err } count, err := s.ccIpListRepository.GetCcIpCount(ctx,ipListId, ip,"cc") if err != nil { return err } if count > 0 { return fmt.Errorf("ip已存在") } err = s.cdn.AddIpItem(ctx,v1.AddIpItem{ IpListId: ipListId, Value: ip, Reason: comment, EventLevel: "notice", SourceCategory: "cc", }) if err != nil { return err } return nil } func (s *ccIpListService) EditCcWhiteIp(ctx context.Context, webId int64,oldIp string,newIp string,comment string) error { serverId, err := s.GetServerId(ctx, webId) if err != nil { return err } ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white") if err != nil { return err } count, err := s.ccIpListRepository.GetCcIpCount(ctx,ipListId, newIp,"cc") if err != nil { return err } if count > 0 { return fmt.Errorf("ip已存在") } ipItemId, err := s.ccIpListRepository.GetIpId(ctx, ipListId,oldIp,"cc") if err != nil { return err } err = s.cdn.EditIpItem(ctx,v1.AddIpItem{ IpItemId: ipItemId, Value: newIp, Reason: comment, EventLevel: "notice", SourceCategory: "cc", }) if err != nil { return err } return nil } func (s *ccIpListService) DelCcWhiteIp(ctx context.Context, webId int64,ips []string) error { serverId, err := s.GetServerId(ctx, webId) if err != nil { return err } for _,ip := range ips { ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white") if err != nil { return err } ipItemId, err := s.ccIpListRepository.GetIpId(ctx, ipListId,ip,"cc") if err != nil { return err } err = s.cdn.DelIpItem(ctx,ipItemId,ip,"", "", ipListId) if err != nil { return err } } return nil }