Ejemplo n.º 1
0
  /**
   * 保存/更新动态脆弱点
   *
   * @param paraMap 参数Map
   * @param dynaVulnPoint 动态脆弱点
   */
  public void saveOrUpdate(Map paraMap, AsseKnowDynaVuln dynaVulnPoint) {

    String assetCode = (String) paraMap.get("assetCode");
    AsseInfoAsse asseInfoAsse = assetDao.find(assetCode);
    dynaVulnPoint.setAsse(asseInfoAsse);
    dynaVulnPoint.setAsseInfoBusiId(asseInfoAsse.getAsseInfoBusiId());
    vulnAnalDao.saveOrUpdate(dynaVulnPoint);
  }
Ejemplo n.º 2
0
  /**
   * 批量保存/更新动态脆弱点
   *
   * @param paraMaps 参数Map
   * @param asseInfoProj 测评项目
   */
  public void batchSaveOrUpdate(Map paraMaps, AsseInfoProj asseInfoProj) {

    List<AsseKnowDynaVuln> dynaVulnPoints = new ArrayList<AsseKnowDynaVuln>();
    String[] dynaVulnPoinIds = (String[]) paraMaps.get("dynaVulnPoinIds");
    String assetCode = (String) paraMaps.get("assetCode");
    AsseInfoAsse asseInfoAsse = assetDao.find(assetCode);
    for (int i = 0; i < dynaVulnPoinIds.length; i++) {
      AsseKnowDynaVuln dynaVulnPoint = vulnAnalDao.find(new Integer(dynaVulnPoinIds[i]));
      dynaVulnPoint.setAsseInfoProjId(asseInfoProj.getId());
      dynaVulnPoint.setAsse(asseInfoAsse);
      dynaVulnPoint.setAsseInfoBusiId(asseInfoAsse.getAsseInfoBusiId());
      dynaVulnPoints.add(dynaVulnPoint);
    }
    vulnAnalDao.batchSaveOrUpdate(dynaVulnPoints);
  }
Ejemplo n.º 3
0
  /** 保存/更新动态威胁 */
  @SuppressWarnings("null")
  public ActionForward saveOrUpdateThre(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    boolean flag = true;
    AsseKnowDynaThreForm asseKnowDynaThreForm = (AsseKnowDynaThreForm) form;
    AsseKnowDynaThre asseKnowDynaThre = new AsseKnowDynaThre();
    asseKnowDynaThre.setAsseInfoProjId(asseKnowDynaThreForm.getAsseInfoProjId());
    asseKnowDynaThre.setAsseKnowStatThreId(asseKnowDynaThreForm.getAsseKnowStatThreId());
    asseKnowDynaThre.setAsseKnowStatThreKindId(asseKnowDynaThreForm.getAsseKnowStatThreKindId());
    asseKnowDynaThre.setPossibility(asseKnowDynaThreForm.getPossibility());
    asseKnowDynaThre.setThreCode(asseKnowDynaThreForm.getThreCode());
    AsseInfoAsse asseInfoAsse = assetService.findByAssetCode(asseKnowDynaThreForm.getAssetCode());
    Integer asseDynaVulnPoinId = asseKnowDynaThreForm.getAsseDynaVulnPoinId();
    if (asseDynaVulnPoinId != null && !"".equals(asseDynaVulnPoinId)) {
      AsseKnowDynaVuln asseKnowDynaVuln = vulnAnalService.find(asseDynaVulnPoinId);
      asseKnowDynaThre.setAsse(asseKnowDynaVuln.getAsse());
      asseKnowDynaThre.setDynaVuln(asseKnowDynaVuln);
    }

    if (asseKnowDynaThreForm.getId() != null && asseKnowDynaThreForm.getId() > 0) {
      flag = false;
      asseKnowDynaThre.setId(asseKnowDynaThreForm.getId());
      threAnalService.saveOrUpdate(asseKnowDynaThre);
    } else {
      if (!threAnalService.checkExitDynaVulnPoint(
          asseKnowDynaThreForm.getAsseInfoProjId(),
          asseInfoAsse,
          asseKnowDynaThreForm.getAsseKnowStatThreKindId(),
          asseKnowDynaThreForm.getAsseKnowStatThreId())) {
        asseKnowDynaThre.setId(null);
        threAnalService.saveOrUpdate(asseKnowDynaThre);
      } else {
        // 该资产关联的脆弱点已存在
        ActionErrors errors = new ActionErrors();
        errors.add("repeatDynaThre", new ActionMessage("asse.err.dynaThre.repeat"));
        saveErrors(request, errors);
      }
    }

    // 添加日志
    OperatorDetails user = SecurityUserHolder.getCurrentUser();
    SystemLog log = new SystemLog();
    log.setUsername(user.getUsername());
    List<Role> list = user.getRoleList();
    String roles = "";
    for (Role role : list) {
      roles += role.getRole() + ",";
    }
    log.setRoleName(roles.substring(0, roles.length() - 1));
    log.setTime(new Timestamp(new Date().getTime()));
    log.setModuleName(SystemModelInfo.MOD_RAM);
    if (flag) {
      log.setOperationDesc(
          "风险评估模块,新增动态威胁,ID为:"
              + asseKnowDynaThre.getId()
              + ",所属项目ID:"
              + asseKnowDynaThre.getAsseInfoProjId());
    } else {
      log.setOperationDesc(
          "风险评估模块,修改动态威胁,ID为:"
              + asseKnowDynaThre.getId()
              + ",所属项目ID:"
              + asseKnowDynaThre.getAsseInfoProjId());
    }
    log.setControl("成功");
    logService.saveSystemLog(log);
    request.setAttribute("asseKnowDynaThre", asseKnowDynaThre);
    return showVulnThre(mapping, form, request, response);
  }