From eb2b3ec2d0c58526a2261d7122cf169706fca78b Mon Sep 17 00:00:00 2001
From: wangqianli <wangqianli@kylinos.cn>
Date: Tue, 19 Nov 2024 15:40:34 +0800
Subject: [PATCH] add script detection methods

---
 .../controller/agentcontroller/script.go      | 28 +++++++++++++++++--
 cmd/server/app/network/httpserver.go          |  1 +
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/cmd/server/app/network/controller/agentcontroller/script.go b/cmd/server/app/network/controller/agentcontroller/script.go
index 36e64582..ed907131 100644
--- a/cmd/server/app/network/controller/agentcontroller/script.go
+++ b/cmd/server/app/network/controller/agentcontroller/script.go
@@ -46,8 +46,32 @@ func RunCmd(c *gin.Context) {
 }
 
 func RunScriptWithBooleanCheck(c *gin.Context) {
-	// Func Init
-	logger.Debug("process get agent request")
+	logger.Debug("process get agent script request")
+	uuid := c.Query("uuid")
+	cmd := c.Query("cmd")
+
+	// 调用检测高危命令
+	if containsDangerousCommand(cmd) {
+		logger.Warn("Detected dangerous command")
+		response.Fail(c, gin.H{"status": false}, "Dangerous command detected in script.")
+		return
+	}
+
+	agent := agentmanager.GetAgent(uuid)
+	if agent != nil {
+		data, err := agent.RunCommand(cmd)
+		if err != nil {
+			logger.Error("run script error, agent:%s, cmd:%s", uuid, cmd)
+			response.Fail(c, gin.H{"status": false}, err.Error())
+			return
+		}
+		logger.Info("run script on agent result:%v", data)
+		response.Success(c, nil, "run script success")
+		return
+	}
+
+	logger.Info("unknown agent:%s", uuid)
+	response.Fail(c, gin.H{"status": false}, "unknown agent")
 }
 
 func containsDangerousCommand(content string) bool {
diff --git a/cmd/server/app/network/httpserver.go b/cmd/server/app/network/httpserver.go
index 7496e858..67c7eedc 100644
--- a/cmd/server/app/network/httpserver.go
+++ b/cmd/server/app/network/httpserver.go
@@ -209,6 +209,7 @@ func registerAPIs(router *gin.Engine) {
 		macDetails.GET("/agent_overview", agentcontroller.AgentOverviewHandler)
 		macDetails.GET("/agent_list", agentcontroller.AgentListHandler)
 		macDetails.GET("/run_command", agentcontroller.RunCmd)
+		macDetails.GET("/run_script", agentcontroller.RunScriptWithBooleanCheck)
 		macDetails.GET("/os_info", agentcontroller.OSInfoHandler)
 		macDetails.GET("/cpu_info", agentcontroller.CPUInfoHandler)
 		macDetails.GET("/memory_info", agentcontroller.MemoryInfoHandler)
-- 
Gitee