增加白名单配置

2024-12-02 18:20:55 +08:00 · 2024-12-02 18:20:55 +08:00 · b87165b850
commit b87165b850
parent 00829ae822
4 changed files with 42 additions and 2 deletions
--- a/chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java
+++ b/chsm-common/src/main/java/com/sunyard/chsm/config/IpFilter.java
@ -13,7 +13,6 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.ApplicationArguments;
 import org.springframework.boot.ApplicationRunner;
 import org.springframework.http.MediaType;
-import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
 import org.springframework.web.filter.OncePerRequestFilter;

@ -35,7 +34,6 @@ import java.util.stream.Collectors;
 * @since 2024/12/2
 */
@Slf4j
-@Component
 public class IpFilter extends OncePerRequestFilter implements ApplicationRunner {

    public static List<String> whiteIps = new ArrayList<>();
@ -57,6 +55,7 @@ public class IpFilter extends OncePerRequestFilter implements ApplicationRunner
            chain.doFilter(request, response);
            return;
        }
+        logger.warn("forbidden for ip: " + ip);
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        response.setContentType(MediaType.TEXT_PLAIN_VALUE);
        response.getWriter().println("this ip is forbidden");
--- a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/IpWhitelistService.java
+++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/IpWhitelistService.java
@ -16,4 +16,7 @@ public interface IpWhitelistService {
    void update(IpWhitelistDTO.IpSave save);

    void delete(Long[] ids);
+
+    void enableWhiteIpEvent();
+
 }
--- a/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java
+++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/service/impl/IpWhitelistServiceImpl.java
@ -10,6 +10,7 @@ import com.sunyard.chsm.enums.EnableStatus;
 import com.sunyard.chsm.mapper.IpWhitelisttMapper;
 import com.sunyard.chsm.model.entity.IpWhitelist;
 import com.sunyard.chsm.service.IpWhitelistService;
+import com.sunyard.chsm.utils.IpUtils;
 import com.sunyard.ssp.utils.SecurityUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@ -17,8 +18,11 @@ import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;

 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import java.time.LocalDateTime;
 import java.time.LocalTime;
 import java.util.List;
@ -152,4 +156,32 @@ public class IpWhitelistServiceImpl implements IpWhitelistService {
            }
        }
    }
+
+    @Override
+    public void enableWhiteIpEvent() {
+
+        ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        HttpServletRequest request = servletRequestAttributes.getRequest();
+        String ip = IpUtils.getIpAddress(request);
+        IpWhitelist whiteIP = ipWhitelisttMapper.selectOne(
+                new LambdaQueryWrapper<IpWhitelist>().eq(IpWhitelist::getIp, ip).eq(IpWhitelist::getScope, global)
+        );
+        if (whiteIP == null) {
+            IpWhitelist whitelist = new IpWhitelist();
+            whitelist.setId(IdWorker.getId());
+            whitelist.setAppId(0L);
+            whitelist.setIp(ip);
+            whitelist.setScope(global);
+            whitelist.setStatus(EnableStatus.ENABLED.getCode());
+            whitelist.setCreator(securityUtil.getCurrUser().getRealname());
+            whitelist.setCreateTime(LocalDateTime.now());
+            whitelist.setRemark("enableWhitelist");
+            ipWhitelisttMapper.insert(whitelist);
+        } else {
+            IpWhitelist up = new IpWhitelist();
+            up.setId(whiteIP.getId());
+            up.setStatus(EnableStatus.ENABLED.getCode());
+            ipWhitelisttMapper.updateById(up);
+        }
+    }
 }
--- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java
+++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/serviceimpl/ParamConfServiceImpl.java
@ -5,6 +5,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.sunyard.chsm.config.IpFilter;
 import com.sunyard.chsm.mapper.ParamConfMapper;
 import com.sunyard.chsm.model.entity.ParamConf;
+import com.sunyard.chsm.service.IpWhitelistService;
 import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService;
 import com.sunyard.ssp.modules.user.entity.ScPermission;
 import com.sunyard.ssp.modules.user.service.IScPermissionService;
@ -49,6 +50,8 @@ public class ParamConfServiceImpl extends ServiceImpl<ParamConfMapper, ParamConf

    @Autowired
    private ParamConfMapper paramConfMapper;
+    @Autowired
+    private IpWhitelistService ipWhitelistService;

 //    @Autowired
 //    private IIpWhitelistService iIpWhitelistService;
@ -142,6 +145,9 @@ public class ParamConfServiceImpl extends ServiceImpl<ParamConfMapper, ParamConf
                && IP_WHITELIST_SWITCH.equals(paramConf.getKey())) {

            IpFilter.enableWhiteIp = Objects.equals("true", paramConf.getValue());
+            if(IpFilter.enableWhiteIp) {
+                ipWhitelistService.enableWhiteIpEvent();
+            }
 //            iIpWhitelistService.messengerWhitelistUpdate();
        }
    }