go_gameshield/internal/service/api/flexCdn/cciplist.go

package flexCdn

import (
	"context"
	"fmt"
	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	"github.com/go-nunu/nunu-layout-advanced/internal/repository/api/flexCdn"
	"github.com/go-nunu/nunu-layout-advanced/internal/repository/api/waf"
	"github.com/go-nunu/nunu-layout-advanced/internal/service"
)

type CcIpListService interface {
	GetCcIpList(ctx context.Context, webId int64) ([]string, error)
	AddCcIpListPolicy(ctx context.Context, serverId int64,serverGroupId int64) error
	AddCcWhiteIp(ctx context.Context, webId int64,ip string) error
	DelCcWhiteIp(ctx context.Context, webId int64,ips []string) error
	EditCcWhiteIp(ctx context.Context, webId int64,oldIp string,newIp string) error

}
func NewCcIpListService(
    service *service.Service,
    ccIpListRepository flexCdn.CcIpListRepository,
	cdn CdnService,
	webForwardingRep waf.WebForwardingRepository,
) CcIpListService {
	return &ccIpListService{
		Service:        service,
		ccIpListRepository: ccIpListRepository,
		cdn: cdn,
		webForwardingRep: webForwardingRep,
	}
}

type ccIpListService struct {
	*service.Service
	ccIpListRepository flexCdn.CcIpListRepository
	cdn CdnService
	webForwardingRep waf.WebForwardingRepository
}

func (s *ccIpListService) GetServerId(ctx context.Context, webId int64) (int64, error) {
	webData, err := s.webForwardingRep.GetWebForwarding(ctx, webId)
	if err != nil {
		return 0, err
	}
	return int64(webData.CdnWebId), nil
}

func (s *ccIpListService) GetCcIpList(ctx context.Context, webId int64) ([]string, error) {
	webData, err := s.webForwardingRep.GetWebForwarding(ctx, webId)
	if err != nil {
		return nil, err
	}
	return s.ccIpListRepository.GetCcIpList(ctx, int64(webData.CdnWebId))
}

func (s *ccIpListService) AddCcIpListPolicy(ctx context.Context, serverId int64,serverGroupId int64) error {

	httpWebId, err := s.ccIpListRepository.GetHttpWebId(ctx, serverId)
	if err != nil {
		return err
	}


	// 创建用户自定义防火墙策略
	httpFirewallPolicyId, err := s.cdn.AddWafPolicy(ctx, v1.AddWafPolicy{
		IsOn: true,
		ServerId: serverId,
		ServerGroupId: serverGroupId,
		Name: "用户自定义防火墙策略",
		Description: "",
	})
	if err != nil {
		return err
	}
	if httpFirewallPolicyId == 0 {
		return fmt.Errorf("创建用户自定义防火墙策略失败")
	}
	// 修改防火墙
	err = s.cdn.EditHTTPWebFirewal(ctx, httpWebId, v1.Firewall{
		IsOn:               true,
		IsPrior:            false,
		FirewallPolicyId:   httpFirewallPolicyId,
		IgnoreGlobalRules:  true,
		DefaultCaptchaType: "none",
	})
	if err != nil {
		return err
	}


	return nil
}


// 添加白名单
func (s *ccIpListService) AddCcWhiteIp(ctx context.Context, serverId int64,ip string) error {
	ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white")
	if err != nil {
		return err
	}

	err = s.cdn.AddIpItem(ctx,v1.AddIpItem{
		IpListId: ipListId,
		Value: ip,
		EventLevel: "notice",
		SourceCategory: "cc",
	})
	if err != nil {
		return err
	}
	return nil
}

func (s *ccIpListService) EditCcWhiteIp(ctx context.Context, webId int64,oldIp string,newIp string) error {
	serverId, err := s.GetServerId(ctx, webId)
	if err != nil {
		return err
	}

	ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white")
	if err != nil {
		return err
	}
	ipItemId, err := s.ccIpListRepository.GetIpId(ctx, ipListId,oldIp,"cc")
	if err != nil {
		return err
	}
	err = s.cdn.EditIpItem(ctx,v1.AddIpItem{
		IpItemId: ipItemId,
		Value: newIp,
		EventLevel: "notice",
		SourceCategory: "cc",
	})
	if err != nil {
		return err
	}
	return nil

}

func (s *ccIpListService) DelCcWhiteIp(ctx context.Context, webId int64,ips []string) error {
	serverId, err := s.GetServerId(ctx, webId)
	if err != nil {
		return err
	}

	for _,ip := range ips {
		ipListId, err := s.ccIpListRepository.GetIpListId(ctx, serverId,"white")
		if err != nil {
			return err
		}

		ipItemId, err := s.ccIpListRepository.GetIpId(ctx, ipListId,ip,"cc")
		if err != nil {
			return err
		}
		err = s.cdn.DelIpItem(ctx,ipItemId,ip,"", "", ipListId)
		if err != nil {
			return err
		}

	}
	return nil
}