fusu
/
go_gameshield


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
							package service

import (
	"context"
	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	"github.com/go-nunu/nunu-layout-advanced/internal/model"
	"github.com/go-nunu/nunu-layout-advanced/internal/repository"
	"strconv"
	"strings"
)

type TcpforwardingService interface {
	GetTcpforwarding(ctx context.Context, id int64) (*model.Tcpforwarding, error)
	AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error
	EditTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error
	DeleteTcpForwarding(ctx context.Context, wafTcpId int) error
}

func NewTcpforwardingService(
	service *Service,
	tcpforwardingRepository repository.TcpforwardingRepository,
	parser ParserService,
	required RequiredService,
	crawler CrawlerService,
	globalRep repository.GlobalLimitRepository,
	hostRep repository.HostRepository,
	wafformatter WafFormatterService,
) TcpforwardingService {
	return &tcpforwardingService{
		Service:                 service,
		tcpforwardingRepository: tcpforwardingRepository,
		parser:                  parser,
		required:                required,
		crawler:                 crawler,
		globalRep:               globalRep,
		hostRep:                 hostRep,
		wafformatter:            wafformatter,
	}
}

type tcpforwardingService struct {
	*Service
	tcpforwardingRepository repository.TcpforwardingRepository
	parser                  ParserService
	required                RequiredService
	crawler                 CrawlerService
	globalRep               repository.GlobalLimitRepository
	hostRep      repository.HostRepository
	wafformatter WafFormatterService
}

func (s *tcpforwardingService) GetTcpforwarding(ctx context.Context, id int64) (*model.Tcpforwarding, error) {
	return s.tcpforwardingRepository.GetTcpforwarding(ctx, id)
}

func (s *tcpforwardingService) require(ctx context.Context,req v1.GlobalRequire) (v1.GlobalRequire, error) {
	res, err := s.wafformatter.require(ctx, req, "tcp")
	if err != nil {
		return v1.GlobalRequire{}, err
	}
	return res, nil
}

func (s *tcpforwardingService) buildWafFormData(req *v1.TcpForwardingDataSend, require v1.GlobalRequire) map[string]interface{} {
	return map[string]interface{}{
		"waf_tcp_id":           req.WafTcpId,
		"tag":                  require.Tag,
		"port":                 req.Port,
		"waf_gateway_group_id": require.WafGatewayGroupId,
		"waf_tcp_limit_id": 	require.LimitRuleId,
		"cc_count":             req.CcCount,
		"cc_duration":          req.CcDuration,
		"cc_block_count":       req.CcBlockCount,
		"cc_block_duration":    req.CcBlockDuration,
		"backend_protocol":     req.BackendProtocol,
		"backend_timeout":      req.BackendTimeout,
		"comment":              req.Comment,
		"backend_list":         req.BackendList,
		"allow_ip_list":        req.AllowIpList,
		"deny_ip_list":         req.DenyIpList,
		"access_rule":          req.AccessRule,
	}
}

func (s *tcpforwardingService) buildTcpForwardingModel(req *v1.TcpForwardingDataRequest, ruleId int, require v1.GlobalRequire) *model.Tcpforwarding {
	return &model.Tcpforwarding{
		HostId:  require.HostId,
		WafTcpId: ruleId,
		Port:    req.Port,
		Tag:     require.Tag,
		Comment: req.Comment,
		WafGatewayGroupId: require.WafGatewayGroupId,
		CcCount: req.CcCount,
		CcDuration: req.CcDuration,
		CcBlockCount: req.CcBlockCount,
		CcBlockDuration: req.CcBlockDuration,
		BackendProtocol: req.BackendProtocol,
		BackendTimeout: req.BackendTimeout,
	}
}

func (s *tcpforwardingService) buildTcpRuleModel(reqData *v1.TcpForwardingDataRequest, require v1.GlobalRequire, localDbId int) *model.TcpForwardingRule {
	return &model.TcpForwardingRule{
		Uid:         require.Uid,
		HostId:      require.HostId,
		TcpId:       localDbId, // 关联到本地数据库的主记录 ID
		BackendList: reqData.BackendList,
		AllowIpList: reqData.AllowIpList,
		DenyIpList:  reqData.DenyIpList,
		AccessRule:  reqData.AccessRule,
	}
}

func (s *tcpforwardingService) prepareWafData(ctx context.Context, req *v1.TcpForwardingRequest) (v1.GlobalRequire, map[string]interface{}, error) {
	// 1. 获取必要的全局信息
	require, err := s.require(ctx, v1.GlobalRequire{
		HostId:  req.HostId,
		Uid:     req.Uid,
		Comment: req.TcpForwardingData.Comment,
	})
	if err != nil {
		return v1.GlobalRequire{}, nil, err
	}

	// 2. 将字符串切片拼接成字符串，用于 WAF API
	backendListStr := strings.Join(req.TcpForwardingData.BackendList, "\n")
	allowIpListStr := strings.Join(req.TcpForwardingData.AllowIpList, "\n")
	denyIpListStr := strings.Join(req.TcpForwardingData.DenyIpList, "\n")

	// 3. 创建用于构建 WAF 表单的数据结构
	formDataBase := v1.TcpForwardingDataSend{
		Tag:               require.Tag,
		WafTcpId:          req.TcpForwardingData.WafTcpId,
		WafGatewayGroupId: require.WafGatewayGroupId,
		WafTcpLimitRuleId: require.LimitRuleId,
		Port:              req.TcpForwardingData.Port,
		CcCount:           req.TcpForwardingData.CcCount,
		CcDuration:        req.TcpForwardingData.CcDuration,
		CcBlockCount:      req.TcpForwardingData.CcBlockCount,
		CcBlockDuration:   req.TcpForwardingData.CcBlockDuration,
		BackendProtocol:   req.TcpForwardingData.BackendProtocol,
		BackendTimeout:    req.TcpForwardingData.BackendTimeout,
		BackendList:       backendListStr,
		AllowIpList:       allowIpListStr,
		DenyIpList:        denyIpListStr,
		AccessRule:        req.TcpForwardingData.AccessRule,
		Comment:           req.TcpForwardingData.Comment,
	}

	// 4. 构建 WAF 表单数据映射
	formData := s.buildWafFormData(&formDataBase, require)

	return require, formData, nil
}

func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error {
	require, formData, err := s.prepareWafData(ctx, req)
	if err != nil {
		return err
	}
	wafTcpId, err := s.wafformatter.sendFormData(ctx, "admin/info/waf_tcp/new", "admin/new/waf_tcp", formData)
	if err != nil {
		return err
	}

	tcpModel := s.buildTcpForwardingModel(&req.TcpForwardingData, wafTcpId, require)

	id, err := s.tcpforwardingRepository.AddTcpforwarding(ctx, tcpModel)
	if err != nil {
		return  err
	}
	TcpRuleModel := s.buildTcpRuleModel(&req.TcpForwardingData, require, id)
	if _, err = s.tcpforwardingRepository.AddTcpforwardingIps(ctx, *TcpRuleModel); err != nil {
		return err
	}
	return  nil
}

func (s *tcpforwardingService) EditTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest) error {
	WafTcpId, err := s.tcpforwardingRepository.GetTcpforwardingWafTcpIdById(ctx, req.Id)
	if err != nil {
		return  err
	}
	req.TcpForwardingData.WafTcpId = WafTcpId
	require, formData, err := s.prepareWafData(ctx, req)
	if err != nil {
		return  err
	}

	_, err = s.wafformatter.sendFormData(ctx, "admin/info/waf_tcp/edit?&__goadmin_edit_pk="+strconv.Itoa(req.TcpForwardingData.WafTcpId), "admin/edit/waf_tcp", formData)
	if err != nil {
		return err
	}
	tcpModel := s.buildTcpForwardingModel(&req.TcpForwardingData, req.TcpForwardingData.WafTcpId, require)
	tcpModel.Id = req.Id
	if err = s.tcpforwardingRepository.EditTcpforwarding(ctx, tcpModel); err != nil {
		return  err
	}
	TcpRuleModel := s.buildTcpRuleModel(&req.TcpForwardingData, require, req.Id)
	if err = s.tcpforwardingRepository.EditTcpforwardingIps(ctx, *TcpRuleModel); err != nil {
		return err
	}
	return  nil
}

func (s *tcpforwardingService) DeleteTcpForwarding(ctx context.Context, wafTcpId int)  error {
	_, err := s.crawler.DeleteRule(ctx, wafTcpId, "admin/delete/waf_tcp?page=1&__pageSize=10&__sort=waf_tcp_id&__sort_type=desc")
	if err != nil {
		return err
	}
	return  nil
}