diff --git a/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go b/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go index 734cfbc88defc61f22339047062ee16d76a5cc90..472bf7700c4509bb8835f092862669fa235e76ca 100644 --- a/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go +++ b/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go @@ -3,6 +3,7 @@ package controller import ( "gitee.com/openeuler/PilotGo/sdk/response" "github.com/gin-gonic/gin" + "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/script" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/dangerous_rule/model" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/dangerous_rule/service" ) @@ -80,3 +81,20 @@ func DeleteDangerousRuleHandler(c *gin.Context) { } response.Success(c, nil, "success") } + +func DetectRealtimelyHandler(c *gin.Context) { + var req struct { + Script string `json:"script"` + ScriptType int `json:"script_type"` + } + if err := c.ShouldBindJSON(&req); err != nil { + response.Fail(c, nil, err.Error()) + return + } + rules, err := service.DetectRealtimely(req.Script, script.ScriptType(req.ScriptType)) + if err != nil { + response.Fail(c, nil, err.Error()) + return + } + response.Success(c, rules, "success") +} diff --git a/automation/server/internal/module/dangerous_rule/router.go b/automation/server/internal/module/dangerous_rule/router.go index 87aaf82b342be68e22e6fbeb5c3a636b97f1f55c..392d7c4a4c95c0c106fb92b1255f0798fdafe5b8 100644 --- a/automation/server/internal/module/dangerous_rule/router.go +++ b/automation/server/internal/module/dangerous_rule/router.go @@ -13,6 +13,7 @@ func DangerousRuleHandler(router *gin.RouterGroup) { api.PUT("/update", controller.UpdateDangerousRuleHandler) api.PUT("/changeStatus", controller.ChangeDangerousRuleStatusHandler) api.DELETE("/delete", controller.DeleteDangerousRuleHandler) + api.POST("/detectRule", controller.DetectRealtimelyHandler) } enumApi := router.Group("/enum") diff --git a/automation/server/internal/module/dangerous_rule/service/detect.go b/automation/server/internal/module/dangerous_rule/service/detect.go index 7552fc6035b94dec16ded8d46b39a5c7073ad0d1..3c975e9806bc27e5f90254e2ba9ae2a8081bfaee 100644 --- a/automation/server/internal/module/dangerous_rule/service/detect.go +++ b/automation/server/internal/module/dangerous_rule/service/detect.go @@ -30,12 +30,20 @@ type Finding struct { Match string `json:"match"` // 匹配到的文本 } -type detectRule struct { - ID int - Description string - Action rule.ActionType - Regex *regexp.Regexp - Keywords []string +type DetectRule struct { + ID int `json:"id"` + Description string `json:"description"` + Action rule.ActionType `json:"action"` + Regex *regexp.Regexp `json:"regex"` + Keywords []string `json:"keywords"` +} + +func DetectRealtimely(script string, scriptType script.ScriptType) ([]DetectRule, error) { + rules, err := detectRules(scriptType) + if err != nil { + return nil, err + } + return rules, nil } // Detect 脚本检测主方法 @@ -50,20 +58,12 @@ func DetectWithVars(script string, scriptType script.ScriptType, params map[stri } func detectInternal(script string, scriptType script.ScriptType) ([]Finding, error) { - // 1. 从 Redis 获取高危规则 - dangerousRules, err := getetRulesFromRedis() + rules, err := detectRules(scriptType) if err != nil { - return nil, fmt.Errorf("获取高危命令失败: %w", err) + return nil, err } - - // 2. 转换为可检测规则(Regex 或 Keywords) - var rules []detectRule - for _, r := range dangerousRules { - // 如果脚本类型不在规则的 ScriptTypes 中,跳过 - if !containsScriptType(r.ScriptTypes, scriptType) { - continue - } - rules = append(rules, toDetectRule(r)) + if len(rules) == 0 { + return nil, nil } lines := splitLines(script) @@ -122,6 +122,24 @@ func detectInternal(script string, scriptType script.ScriptType) ([]Finding, err return findings, nil } +func detectRules(scriptType script.ScriptType) ([]DetectRule, error) { + // 1. 从 Redis 获取高危规则 + dangerousRules, err := getetRulesFromRedis() + if err != nil { + return nil, fmt.Errorf("获取高危命令失败: %w", err) + } + + // 2. 转换为可检测规则(Regex 或 Keywords) + var rules []DetectRule + for _, r := range dangerousRules { + // 如果脚本类型不在规则的 ScriptTypes 中,跳过 + if !containsScriptType(r.ScriptTypes, scriptType) { + continue + } + rules = append(rules, toDetectRule(r)) + } + return rules, nil +} // 判断 ScriptTypes 是否包含某个类型 func containsScriptType(arr script.ScriptTypeArr, t script.ScriptType) bool { @@ -133,9 +151,9 @@ func containsScriptType(arr script.ScriptTypeArr, t script.ScriptType) bool { return false } -// 将 DangerousRule 转换为 detectRule -func toDetectRule(r model.DangerousRule) detectRule { - dr := detectRule{ +// 将 DangerousRule 转换为 DetectRule +func toDetectRule(r model.DangerousRule) DetectRule { + dr := DetectRule{ ID: r.ID, Description: r.Description, Action: r.Action,