Files
SafeLine/management/webserver/api/detectlog.go
T
Binbim b8788c239e
MCP Docker / build-and-push (push) Has been cancelled
feat: SafeLine CE 9.3.9 with pro features
- Remove telemetry: disabled all phone-home (installation notify, false positives, behavior tracking, upgrade tips)
- Version branding: removed 'ce-' prefix, product name changed to '长亭雷池 WAF'
- Detection engine enhancement: strict preset enables all 17 modules with aggressive configs
- Multi-user RBAC: admin/operator/viewer roles with password + TOTP 2FA
- Rate limiting: nginx limit_req per website (RPS, burst, action)
- JS Challenge: browser fingerprint verification page with cookie-based bypass
- Security fixes: removed InsecureSkipVerify, hardcoded credentials, NO_AUTH backdoor
2026-07-04 07:59:04 +08:00

122 lines
3.0 KiB
Go

package api
import (
"net/http"
"strconv"
"strings"
"chaitin.cn/dev/go/errors"
"github.com/gin-gonic/gin"
"chaitin.cn/patronus/safeline-2/management/webserver/api/response"
"chaitin.cn/patronus/safeline-2/management/webserver/model"
"chaitin.cn/patronus/safeline-2/management/webserver/pkg/database"
)
type (
GetDetectLogDetailRequest struct {
EventId string `json:"event_id" form:"event_id"`
}
PostFalsePositivesRequest struct {
EventId string `json:"event_id"`
}
)
func getDetectLog(eventId string) (*model.DetectLog, error) {
db := database.GetDB()
var detectLogBasic model.DetectLogBasic
res := db.Where(&model.DetectLogBasic{EventId: eventId}).First(&detectLogBasic)
if res.RowsAffected == 0 {
return nil, errors.New("Data queried does not exist")
}
var detectLogDetail model.DetectLogDetail
db.Where(&model.DetectLogDetail{EventId: eventId}).First(&detectLogDetail)
detectLog, err := model.TransformDetectLog(&detectLogBasic, &detectLogDetail)
if err != nil {
return nil, err
}
return detectLog, nil
}
func GetDetectLogList(c *gin.Context) {
var params pageRequest
if err := c.BindQuery(&params); err != nil {
logger.Error(err)
response.Error(c, response.ErrorParamNotOK, http.StatusInternalServerError)
return
}
db := database.GetDB()
tx := db.Where("")
// 按 ip 搜索条件
if ip := c.Query("ip"); ip != "" {
tx = tx.Where("src_ip = ?", ip)
}
// 按 url 搜索条件
if url := c.Query("url"); url != "" {
tx = tx.Where("url_path like ?", "%"+url+"%")
}
// 按 type 搜索条件
if at := c.Query("attack_type"); at != "" {
ns := make([]int, 0)
for _, s := range strings.Split(at, ",") {
n, err := strconv.Atoi(s)
if err == nil {
ns = append(ns, n)
}
}
tx = tx.Where("attack_type in (?)", ns)
}
var total int64
tx.Model(&model.DetectLogBasic{}).Count(&total)
var basicList []model.DetectLogBasic
tx.Limit(params.PageSize).Offset(params.PageSize * (params.Page - 1)).Order("id desc").Find(&basicList)
var dLogList []*model.DetectLog
for _, basic := range basicList {
dLog, err := model.TransformDetectLog(&basic, nil)
if err != nil {
logger.Warn(err)
continue
}
dLogList = append(dLogList, dLog)
}
response.Success(c, gin.H{"data": dLogList, "total": total})
}
func GetDetectLogDetail(c *gin.Context) {
var params GetDetectLogDetailRequest
if err := c.BindQuery(&params); err != nil {
logger.Error(err)
response.Error(c, response.ErrorParamNotOK, http.StatusInternalServerError)
return
}
detectLog, err := getDetectLog(params.EventId)
if err != nil {
logger.Error(err)
response.Error(c, response.ErrorDataNotExist, http.StatusNotFound)
return
}
response.Success(c, detectLog)
}
func PostFalsePositives(c *gin.Context) {
var params PostFalsePositivesRequest
if err := c.BindJSON(&params); err != nil {
logger.Error(err)
response.Error(c, response.ErrorParamNotOK, http.StatusInternalServerError)
return
}
// Telemetry reporting removed - just return success
response.Success(c, nil)
}