fusu
/
go_gameshield


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338
							package admin

import (
	"context"
	"encoding/json"
	"fmt"
	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
	"github.com/go-nunu/nunu-layout-advanced/internal/model"
	adminRep "github.com/go-nunu/nunu-layout-advanced/internal/repository/admin"
	"github.com/go-nunu/nunu-layout-advanced/internal/repository/api/waf"
	"github.com/go-nunu/nunu-layout-advanced/internal/service"
	"github.com/go-nunu/nunu-layout-advanced/pkg/rabbitmq"
	amqp "github.com/rabbitmq/amqp091-go"
	"go.uber.org/zap"
	"strings"
)

type WafLogService interface {
	GetWafLog(ctx context.Context, id int64) (*model.WafLog, error)
	GetWafLogList(ctx context.Context, req adminApi.SearchWafLogParams) (*v1.PaginatedResponse[model.WafLog], error)
	AddWafLog(ctx context.Context, req adminApi.WafLog) error
	BatchAddWafLog(ctx context.Context, reqs []*adminApi.WafLog) error
	PublishIpWafLogTask(ctx context.Context, req adminApi.WafLog)
}
func NewWafLogService(
    service *service.Service,
    wafLogRepository adminRep.WafLogRepository,
	globalLimitRepository waf.GlobalLimitRepository,
	mq *rabbitmq.RabbitMQ,
) WafLogService {
	return &wafLogService{
		Service:        service,
		wafLogRepository: wafLogRepository,
		globalLimitRepository: globalLimitRepository,
		mq : mq,
	}
}

type wafLogService struct {
	*service.Service
	wafLogRepository adminRep.WafLogRepository
	globalLimitRepository waf.GlobalLimitRepository
	mq *rabbitmq.RabbitMQ
}

var ApiDescriptionMap = map[string]string{

	"/webForward/get": "获取web详情",
	"/webForward/getList" : "获取web列表",
	"/webForward/add" : "添加web",
	"/webForward/edit" : "修改web",
	"/webForward/delete" : "删除web",

	"/tcpForward/add" : "添加tcp",
	"/tcpForward/edit" : "修改tcp",
	"/tcpForward/delete" : "删除tcp",
	"/tcpForward/getList" : "获取tcp列表",
	"/tcpForward/get" : "获取tcp详情",

	"/udpForward/add" : "添加udp",
	"/udpForward/edit" : "修改udp",
	"/udpForward/delete" : "删除udp",
	"/udpForward/getList" : "获取udp列表",
	"/udpForward/get" : "获取udp详情",

	"/globalLimit/add" : "添加实例",
	"/globalLimit/edit" : "修改实例",
	"/globalLimit/delete" : "删除实例",

	"/allowAndDeny/get" : "获取黑白名单详情",
	"/allowAndDeny/getList" : "获取黑白名单列表",
	"/allowAndDeny/add" : "添加黑白名单",
	"/allowAndDeny/edit" : "修改黑白名单",
	"/allowAndDeny/delete" : "删除黑白名单",

	"/cc/getList" : "获取CC列表",
	"/cc/editState" : "删除CC黑名单",

	"/ccIpList/getList" : "获取CC白名单列表",
	"/ccIpList/add" : "添加CC白名单",
	"/ccIpList/edit" : "修改CC白名单",
	"/ccIpList/delete" : "删除CC白名单",

	"分配网关组" : "分配网关组",

}
func (s *wafLogService) getFirstPathSegment(path string) (segment []string, ok bool) {
	// 1. 为了统一处理，先去掉路径最前面的 "/"
	// 这样 "/v1/admin" 会变成 "v1/admin"，而 "v1/admin" 保持不变
	trimmedPath := strings.TrimPrefix(path, "/")

	// 如果去掉 "/" 后字符串为空（比如原路径是 "/" 或 ""），则无法提取
	if trimmedPath == "" {
		return nil, false
	}

	// 2. 使用 "/" 作为分隔符来切割字符串
	// "v1/admin/menus" 会被切割成一个字符串切片 (slice): ["v1", "admin", "menus"]
	parts := strings.Split(trimmedPath, "/")

	// 3. 只要切片不为空，第一个元素就是我们需要的值
	// len(parts) > 0 这个检查可以保证程序不会因为空切片而出错
	if len(parts) > 0 {
		return parts, true
	}

	return nil, false
}

func (s *wafLogService) GetWafLog(ctx context.Context, id int64) (*model.WafLog, error) {
	return s.wafLogRepository.GetWafLog(ctx, id)
}

func (s *wafLogService) GetWafLogList(ctx context.Context,req adminApi.SearchWafLogParams) (*v1.PaginatedResponse[model.WafLog], error) {
	return s.wafLogRepository.GetWafLogList(ctx, req)
}

func (s *wafLogService) AddWafLog(ctx context.Context, req adminApi.WafLog) error {
	if req.Api != "" {
		api := strings.TrimPrefix(req.Api, "/v1")

		if _, ok := ApiDescriptionMap[api]; ok {
			req.ApiName = ApiDescriptionMap[api]
		}

		apiType, ok := s.getFirstPathSegment(req.Api)
		if ok {
			req.ApiType = apiType[len(apiType)-1]
		}

	}
	userInfo, err := s.globalLimitRepository.GetUserInfo(ctx, int64(req.Uid))
	if err != nil {
		return err
	}
	req.Name = userInfo.Username
	extraData, err := json.Marshal(req.ExtraData)
	if err != nil {
		return err
	}

	req.RequestIp = userInfo.LastLoginIp

	return s.wafLogRepository.AddWafLog(ctx, &model.WafLog{
		Uid:        req.Uid,
		Name:       req.Name,
		RequestIp:  req.RequestIp,
		RuleId:     req.RuleId,
		HostId:     req.HostId,
		UserAgent:  req.UserAgent,
		Api:        req.Api,
		ApiType:    req.ApiType,
		ApiName:    req.ApiName,
		ExtraData:  extraData,

	})
}

func (s *wafLogService) BatchAddWafLog(ctx context.Context, reqs []*adminApi.WafLog) error {
	if len(reqs) == 0 {
		return nil
	}
	
	wafLogs := make([]*model.WafLog, 0, len(reqs))
	
	for _, req := range reqs {
		if req.Api != "" {
			api := strings.TrimPrefix(req.Api, "/v1")
			if _, ok := ApiDescriptionMap[api]; ok {
				req.ApiName = ApiDescriptionMap[api]
			}
			
			apiType, ok := s.getFirstPathSegment(req.Api)
			if ok {
				req.ApiType = apiType[len(apiType)-1]
			}
		}
		
		userInfo, err := s.globalLimitRepository.GetUserInfo(ctx, int64(req.Uid))
		if err != nil {
			s.Logger.Error("获取用户信息失败", zap.Error(err), zap.Int("uid", req.Uid))
			continue
		}
		
		req.Name = userInfo.Username
		req.RequestIp = userInfo.LastLoginIp
		extraData, err := json.Marshal(req.ExtraData)
		if err != nil {
			s.Logger.Error("序列化额外数据失败", zap.Error(err))
			continue
		}
		
		wafLogs = append(wafLogs, &model.WafLog{
			Uid:        req.Uid,
			Name:       req.Name,
			RequestIp:  req.RequestIp,
			RuleId:     req.RuleId,
			HostId:     req.HostId,
			UserAgent:  req.UserAgent,
			Api:        req.Api,
			ApiType:    req.ApiType,
			ApiName:    req.ApiName,
			ExtraData:  extraData,
		})
	}
	
	// 调用repository层的批量插入方法
	return s.wafLogRepository.BatchAddWafLog(ctx, wafLogs)
}

func (s *wafLogService) PublishIpWafLogTask(ctx context.Context, req adminApi.WafLog) {

	payload := &req

	// Serialize the message
	msgBody, err := json.Marshal(payload)
	if err != nil {
		s.Logger.Error("序列化 WafLog 任务消息失败", zap.Error(err), zap.Int("hostId", payload.HostId), zap.Int("uid", payload.Uid), zap.Any("req", req))
		return
	}

	// Get task configuration
	taskCfg, ok := s.mq.GetTaskConfig("waf_log")
	if !ok {
		s.Logger.Error("无法获取“waf_Log”任务配置")
		return
	}

	// Construct the routing key dynamically based on the action
	routingKey := fmt.Sprintf("wafLog.%s", "add")

	// Construct the amqp.Publishing message
	publishingMsg := amqp.Publishing{
		ContentType:  "application/json",
		Body:         msgBody,
		DeliveryMode: amqp.Persistent, // Persistent message
	}

	// Publish the message
	err = s.mq.PublishWithCh(taskCfg.Exchange, routingKey, publishingMsg)
	if err != nil {
		s.Logger.Error("发布 WafLog 任务消息失败", zap.Error(err), zap.Int("hostId", payload.HostId), zap.Int("uid", payload.Uid), zap.Any("req", req))
	} else {
		s.Logger.Info("已成功发布 WafLog 任务消息", zap.Int("hostId", payload.HostId), zap.Int("uid", payload.Uid), zap.Any("req", req))
	}
}

func (s *wafLogService) ExPortWafLog(ctx context.Context, req adminApi.ExportWafLog) ([]adminApi.ExportWafLogRes, error) {
	data, err := s.wafLogRepository.ExportWafLog(ctx, req)
	if err != nil {
		return nil, err
	}

	var res []adminApi.ExportWafLogRes
	for _, v := range data {
		var AddrBackendList interface{}
		var customHost string
		var port string
		var domain string
		var comment string


		var mapData map[string]interface{}
		err := json.Unmarshal(v.ExtraData, &mapData)
		if err != nil {
			return nil, err
		}


		if strings.Contains(v.ApiName, "tcp") || strings.Contains(v.ApiName, "udp") || strings.Contains(v.ApiName, "web") {

			if mapData["port"] != nil {
				port = mapData["port"].(string)
			}
			if mapData["domain"] != nil {
				domain = mapData["domain"].(string)
			}
			if mapData["backend_list"] != nil {

				if strings.Contains(v.ApiName, "web") {
					var backendList []map[string]interface{}
					err := json.Unmarshal([]byte(mapData["backend_list"].(string)), &backendList)
					if err != nil {
						return nil, err
					}
					for _, v := range backendList {
						if v["addr"] != nil {
							AddrBackendList = v["addr"]
						}
						if v["customHost"] != nil {
							customHost = v["customHost"].(string)
						}
					}
				}else {
					AddrBackendList = mapData["backend_list"]
				}
			}
		}

		if mapData["comment"] != nil {
			comment = mapData["comment"].(string)
		}


		gateWayIpModel, err := s.wafLogRepository.GetWafLogGateWayIp(ctx, int64(v.HostId), int64(v.Uid),v.CreatedAt)
		if err != nil {
			return nil, err
		}
		var gateWayIps []string
		if err := json.Unmarshal(gateWayIpModel.ExtraData, &gateWayIps); err != nil {
			return nil, err
		}
		var exposeAddr []string
		if len(gateWayIps) > 0 {
			for _, v := range gateWayIps {
				exposeAddr = append(exposeAddr, v + ":" + port)
			}
		}

		res = append(res, adminApi.ExportWafLogRes{
			Name:       v.Name,
			RequestIp:  v.RequestIp,
			HostId:     v.HostId,
			ApiName:    v.ApiName,
			AddrBackendList:  AddrBackendList,
			Domain:     domain,
			Comment: 	comment,
			CustomHost: customHost,
			ExposeAddr: exposeAddr,
			CreatedAt:  v.CreatedAt,
		})
	}

	return res, nil

}