diff --git a/automation/server/internal/module/common/enum/script/script.go b/automation/server/internal/module/common/enum/script/script.go index 17a640636020a42af0177110df31530a49d81a12..d0be6b00ed16c99d31e7f2aaeb73d586ac35954f 100644 --- a/automation/server/internal/module/common/enum/script/script.go +++ b/automation/server/internal/module/common/enum/script/script.go @@ -1,8 +1,6 @@ package script import ( - "database/sql/driver" - "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum" ) @@ -22,6 +20,10 @@ var ScriptTypeMap = enum.EnumMap{ int(SQL): "SQL", } +func (s ScriptType) String() string { + return ScriptTypeMap.String(int(s)) +} + func ParseScriptType(s string) ScriptType { for k, v := range ScriptTypeMap { if v == s { @@ -34,41 +36,3 @@ func ParseScriptType(s string) ScriptType { func GetScriptType() []enum.Item { return ScriptTypeMap.ToItems() } - -type ScriptTypeArr []ScriptType - -func (a ScriptTypeArr) Strings() []string { - intArr := make([]int, len(a)) - for i, v := range a { - intArr[i] = int(v) - } - return enum.MultiEnum(intArr).Strings(enum.EnumMap(ScriptTypeMap)) -} - -func (a ScriptTypeArr) Value() (driver.Value, error) { - intArr := make([]int, len(a)) - for i, v := range a { - intArr[i] = int(v) - } - return enum.MultiEnum(intArr).Value() -} - -func (a *ScriptTypeArr) Scan(value interface{}) error { - var m enum.MultiEnum - if err := m.Scan(value); err != nil { - return err - } - *a = make([]ScriptType, len(m)) - for i, v := range m { - (*a)[i] = ScriptType(v) - } - return nil -} - -func NewScriptTypeArr(strs []string) ScriptTypeArr { - res := make(ScriptTypeArr, 0, len(strs)) - for _, s := range strs { - res = append(res, ParseScriptType(s)) - } - return res -} diff --git a/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go b/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go index 472bf7700c4509bb8835f092862669fa235e76ca..8e82d0fb31686859ddf957824cf03ecb577ec2c5 100644 --- a/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go +++ b/automation/server/internal/module/dangerous_rule/controller/dangerous_rule.go @@ -3,7 +3,6 @@ package controller import ( "gitee.com/openeuler/PilotGo/sdk/response" "github.com/gin-gonic/gin" - "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/script" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/dangerous_rule/model" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/dangerous_rule/service" ) @@ -85,13 +84,13 @@ func DeleteDangerousRuleHandler(c *gin.Context) { func DetectRealtimelyHandler(c *gin.Context) { var req struct { Script string `json:"script"` - ScriptType int `json:"script_type"` + ScriptType string `json:"script_type"` } if err := c.ShouldBindJSON(&req); err != nil { response.Fail(c, nil, err.Error()) return } - rules, err := service.DetectRealtimely(req.Script, script.ScriptType(req.ScriptType)) + rules, err := service.DetectRealtimely(req.Script, req.ScriptType) if err != nil { response.Fail(c, nil, err.Error()) return diff --git a/automation/server/internal/module/dangerous_rule/model/dangerous_rule.go b/automation/server/internal/module/dangerous_rule/model/dangerous_rule.go index e251a1a311b4c41be961fe00f348a882eee03aee..f8e46d26e192c3a34919b3b7497a7b135878e2b4 100644 --- a/automation/server/internal/module/dangerous_rule/model/dangerous_rule.go +++ b/automation/server/internal/module/dangerous_rule/model/dangerous_rule.go @@ -1,52 +1,13 @@ package model -import ( - "encoding/json" - - "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/rule" - "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/script" -) - type DangerousRule struct { - ID int `json:"id" gorm:"primaryKey;autoIncrement;comment:规则ID"` - Expression string `json:"expression" gorm:"type:varchar(255);uniqueIndex:uniq_expression;comment:语法检测表达式"` - Description string `json:"description" gorm:"type:varchar(255);comment:规则描述"` - ScriptTypes script.ScriptTypeArr `json:"script_types" gorm:"type:json;comment:脚本类型"` - Action rule.ActionType `json:"action" gorm:"comment:执行动作: 拦截(脚本不可保存、带参数时是否可执行), 警告(用户二次确认)"` - Creator string `json:"creator" gorm:"comment:创建人"` - CreatedAt string `json:"created_at" gorm:"comment:创建时间"` - UpdatedAt string `json:"updated_at" gorm:"comment:更新时间"` - Status bool `json:"status" gorm:"comment:规则启用、禁用"` -} - -func (r DangerousRule) MarshalJSON() ([]byte, error) { - type Alias DangerousRule - return json.Marshal(&struct { - Action string `json:"action"` - ScriptTypes []string `json:"script_types"` - Alias - }{ - Action: r.Action.String(), - ScriptTypes: r.ScriptTypes.Strings(), - Alias: (Alias)(r), - }) -} - -func (r *DangerousRule) UnmarshalJSON(data []byte) error { - type Alias DangerousRule - aux := &struct { - Action string `json:"action"` - ScriptTypes []string `json:"script_types"` - *Alias - }{ - Alias: (*Alias)(r), - } - - if err := json.Unmarshal(data, &aux); err != nil { - return err - } - - r.Action = rule.ParseActionType(aux.Action) - r.ScriptTypes = script.NewScriptTypeArr(aux.ScriptTypes) - return nil + ID int `json:"id" gorm:"primaryKey;autoIncrement;comment:规则ID"` + Expression string `json:"expression" gorm:"type:varchar(255);uniqueIndex:uniq_expression;comment:语法检测表达式"` + Description string `json:"description" gorm:"type:varchar(255);comment:规则描述"` + ScriptTypes string `json:"script_types" gorm:"comment:脚本类型"` + Action string `json:"action" gorm:"comment:执行动作: 拦截(脚本不可保存、带参数时是否可执行), 警告(用户二次确认)"` + Creator string `json:"creator" gorm:"comment:创建人"` + CreatedAt string `json:"created_at" gorm:"comment:创建时间"` + UpdatedAt string `json:"updated_at" gorm:"comment:更新时间"` + Status bool `json:"status" gorm:"comment:规则启用、禁用"` } diff --git a/automation/server/internal/module/dangerous_rule/service/detect.go b/automation/server/internal/module/dangerous_rule/service/detect.go index 3c975e9806bc27e5f90254e2ba9ae2a8081bfaee..76249eb52ed8db4164bef72228efd59ee354de10 100644 --- a/automation/server/internal/module/dangerous_rule/service/detect.go +++ b/automation/server/internal/module/dangerous_rule/service/detect.go @@ -8,7 +8,6 @@ import ( "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/global" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/rule" - "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/common/enum/script" "openeuler.org/PilotGo/PilotGo-plugin-automation/internal/module/dangerous_rule/model" ) @@ -38,7 +37,7 @@ type DetectRule struct { Keywords []string `json:"keywords"` } -func DetectRealtimely(script string, scriptType script.ScriptType) ([]DetectRule, error) { +func DetectRealtimely(script string, scriptType string) ([]DetectRule, error) { rules, err := detectRules(scriptType) if err != nil { return nil, err @@ -47,17 +46,17 @@ func DetectRealtimely(script string, scriptType script.ScriptType) ([]DetectRule } // Detect 脚本检测主方法 -func Detect(script string, scriptType script.ScriptType) ([]Finding, error) { +func Detect(script string, scriptType string) ([]Finding, error) { return detectInternal(script, scriptType) } // DetectWithVars 支持变量替换 -func DetectWithVars(script string, scriptType script.ScriptType, params map[string]string) ([]Finding, error) { +func DetectWithVars(script string, scriptType string, params map[string]string) ([]Finding, error) { expanded := expandSimpleVars(script, params) return detectInternal(expanded, scriptType) } -func detectInternal(script string, scriptType script.ScriptType) ([]Finding, error) { +func detectInternal(script string, scriptType string) ([]Finding, error) { rules, err := detectRules(scriptType) if err != nil { return nil, err @@ -117,12 +116,13 @@ func detectInternal(script string, scriptType script.ScriptType) ([]Finding, err if findings[i].Action == findings[j].Action { return findings[i].Line < findings[j].Line } - return findings[i].Action == rule.Block + return findings[i].Action < findings[j].Action }) return findings, nil } -func detectRules(scriptType script.ScriptType) ([]DetectRule, error) { + +func detectRules(scriptType string) ([]DetectRule, error) { // 1. 从 Redis 获取高危规则 dangerousRules, err := getetRulesFromRedis() if err != nil { @@ -142,7 +142,8 @@ func detectRules(scriptType script.ScriptType) ([]DetectRule, error) { } // 判断 ScriptTypes 是否包含某个类型 -func containsScriptType(arr script.ScriptTypeArr, t script.ScriptType) bool { +func containsScriptType(scriptTypes string, t string) bool { + arr := strings.Split(scriptTypes, ",") for _, v := range arr { if v == t { return true @@ -156,9 +157,10 @@ func toDetectRule(r model.DangerousRule) DetectRule { dr := DetectRule{ ID: r.ID, Description: r.Description, - Action: r.Action, } + dr.Action = rule.ParseActionType(r.Action) + if r.Expression != "" { if re, err := regexp.Compile(r.Expression); err == nil { dr.Regex = re diff --git a/automation/server/internal/module/script_library/service/tag.go b/automation/server/internal/module/script_library/service/tag.go index fc0e174f856bcf9f7520638b869fbc5df26b3778..013032c019f98ee36a63fe674ed7bf69834024a3 100644 --- a/automation/server/internal/module/script_library/service/tag.go +++ b/automation/server/internal/module/script_library/service/tag.go @@ -17,7 +17,7 @@ func CreateTag(tag *model.Tag) error { Description: tag.Description, Creator: tag.Creator, CreatedAt: time.Now().Format("2006-01-02 15:04:05"), - LastModifyUser: tag.Creator, + LastModifyUser: tag.LastModifyUser, LastModifyUpdatedAt: time.Now().Format("2006-01-02 15:04:05"), }) }