/** * Frame 修改归并窗这个不涉及到权限 所以方法名称特殊点 * * @param mapping * @param form * @param request * @param response * @return * @throws Exception */ public ActionForward alertSorUfusion( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { try { init(); AlertFusionRuleBO entityAlertFusionRuleBO = new AlertFusionRuleBO(); String fusionTime = request.getParameter("fusionTime"); if (fusionTime != null) { entityAlertFusionRuleBO.setFusionTime(Integer.parseInt(fusionTime)); } alertFusionRuleServices.saveOrUpdateAlertFusionRuleServices(entityAlertFusionRuleBO); log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("修改归并时间"); log.setControl("成功"); systemlogService.saveSystemLog(log); return this.getListPageAlertAction(mapping, form, request, response); } catch (Exception e) { log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("修改归并时间"); log.setControl("失败"); systemlogService.saveSystemLog(log); return null; } }
/** * 查询所有的告警类型信息 * * @param mapping * @param form * @param request * @param response * @return * @throws Exception */ public ActionForward getListAlertType( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { try { init(); List<AlertTypeBO> alertTypelist = alertTypeService.getLisByAlertTypeService(); request.getSession().setAttribute("altypeList", alertTypelist); log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("查询所有的告警类型信息"); log.setControl("成功"); systemlogService.saveSystemLog(log); return this.getListPageAlertAction(mapping, form, request, response); } catch (Exception e) { log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("查询所有的告警类型信息"); log.setControl("失败"); systemlogService.saveSystemLog(log); return null; } }
public ActionForward saveorupdate( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) { boolean flag = false; System.out.println("~~~~增加或更新打印信息~~~~~"); FilePrintFrom fileform = (FilePrintFrom) form; RespFilePrint file = new RespFilePrint(); System.out.println("id===" + fileform.getId()); System.out.println("content===" + fileform.getPrintcontent()); System.out.println("procid===" + fileform.getSelectresp()); request.setAttribute("printres", fileform.getPrintcontent()); request.setAttribute("selectid", fileform.getSelectresp()); if (fileform.getId() == 0) { flag = true; file.setId(null); } else { file.setId(fileform.getId()); } file.setContent(fileform.getPrintcontent()); file.setRespInfo(respInfoService.findrespInfoById(fileform.getSelectresp())); respInfoService.saveorupdate(file); // 添加日志 OperatorDetails user = SecurityUserHolder.getCurrentUser(); SystemLog log = new SystemLog(); log.setUsername(user.getUsername()); List<Role> list = user.getRoleList(); String roles = ""; for (Role role : list) { roles += role.getRole() + ","; } log.setRoleName(roles.substring(0, roles.length() - 1)); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_ERM); if (flag) { log.setOperationDesc( "应急响应模块文件打印,新增打印信息,ID为:" + file.getId() + ",所属预案名称为:" + file.getRespInfo().getName()); } else { log.setOperationDesc( "应急响应模块文件打印,修改打印信息,ID为:" + file.getId() + ",所属预案名称为:" + file.getRespInfo().getName()); } log.setControl("成功"); logService.saveSystemLog(log); request.setAttribute("respMenu", "fp"); return mapping.findForward("filecount"); }
/** 动态威胁与动态脆弱点关联 */ @SuppressWarnings("unchecked") public ActionForward relateToVuln( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { String vulnKindIdSelect = request.getParameter("vulnKindIdSelect"); String vulnIdSelect = request.getParameter("vulnIdSelect"); String ip = request.getParameter("ip"); request.setAttribute("ip", ip); request.setAttribute("vulnKindIdSelect", vulnKindIdSelect); request.setAttribute("vulnIdSelect", vulnIdSelect); AsseKnowDynaThreForm asseKnowDynaThreForm = (AsseKnowDynaThreForm) form; String[] dynaThreIds = asseKnowDynaThreForm.getDynaThreIds(); Map paraMaps = new HashMap(); paraMaps.put("dynaThreIds", dynaThreIds); paraMaps.put("vulnId", vulnIdSelect); AsseInfoProj asseInfoProj = loadAsseInfoproj(request); threAnalService.relateToVuln(paraMaps, asseInfoProj); // 添加日志 OperatorDetails user = SecurityUserHolder.getCurrentUser(); SystemLog log = new SystemLog(); log.setUsername(user.getUsername()); List<Role> list = user.getRoleList(); String roles = ""; for (Role role : list) { roles += role.getRole() + ","; } log.setRoleName(roles.substring(0, roles.length() - 1)); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_RAM); String s = ""; for (String str : dynaThreIds) { s += str + ","; } log.setOperationDesc( "风险评估模块,动态威胁与动态脆弱点关联,动态威胁ID为:" + s.substring(0, s.length() - 1) + "动态脆弱点ID为:" + vulnIdSelect); log.setControl("成功"); logService.saveSystemLog(log); return showVulnThre(mapping, form, request, response); }
/** * Frame 跳转专用 * * @param mapping * @param form * @param request * @param response * @return * @throws Exception */ public ActionForward alertRuleFwd( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { String alertId = request.getParameter("alertId"); try { init(); if (alertId != null && (!alertId.equals(""))) { AlertInfoBO alertInfobo = alertService.getByIdAlertService(Integer.parseInt(alertId)); if (alertInfobo != null) { request.setAttribute("alertInfobo", alertInfobo); String fusion = alertInfobo.getFusioin(); int fusionCount = 0; List fustionTimeList = new ArrayList(); if (fusion != null && fusion.trim().length() > 0) { String strs[] = fusion.split(","); if (strs != null && strs.length > 0) { fusionCount = strs.length; for (String string : strs) { fustionTimeList.add(string); } } } request.setAttribute("fusionCount", fusionCount); request.setAttribute("fustionTimeAll", fustionTimeList); if (alertInfobo.getStatus() != null && alertInfobo.getStatus() == 1) { // 如果状态是未读 就更新状态为只读 alertInfobo.setStatus(0); alertService.updateAlertService(alertInfobo); } if (alertInfobo.getIfnew() != null && alertInfobo.getIfnew() == 1) { alertInfobo.setIfnew(0); alertService.updateAlertService(alertInfobo); } if (alertInfobo != null && alertInfobo.getDomain_id() != null) { Integer domain_id = alertInfobo.getDomain_id(); Domain domain = domainService.findById(domain_id); request.setAttribute("department", domain); } // 触发规则列表 List alertRuleList = new ArrayList(); if (alertInfobo.getRule() != null && alertInfobo.getRule().trim().length() != 0) { String strs[] = alertInfobo.getRule().split(","); for (int i = 0; i < strs.length; i++) { AlertRuleBO rule = alertRuleService.getByIdAlertRuleService(Integer.parseInt(strs[i])); alertRuleList.add(rule); } } request.setAttribute("alertruleList", alertRuleList); } } log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("查询告警类型信息详情"); log.setControl("成功"); systemlogService.saveSystemLog(log); return mapping.findForward("alertLinkage"); } catch (Exception e) { log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("查询告警类型信息详情"); log.setControl("失败"); systemlogService.saveSystemLog(log); return null; } }
/** * 多条件查询告警信息 并且分页显示 * * @param mapping * @param form * @param request * @param response * @return * @throws Exception */ public ActionForward getListPageAlertAction( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { AlertForm alertForm = (AlertForm) form; HttpSession session = request.getSession(); Page page = new Page(); request.setAttribute("alertinfoQuery", alertForm.getAlertquer()); try { init(); log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("多条件查询告警信息 并且分页显示"); log.setControl("成功"); systemlogService.saveSystemLog(log); // 根据类型查找子类型 List<AlertTypeBO> subTypeList = new ArrayList(); if (alertForm.getAlertquer().getAlertType() != null && alertForm.getAlertquer().getAlertType().trim().length() > 0) { subTypeList = alertDwrService.getSubTypeByNameService(alertForm.getAlertquer().getAlertType()); } request.setAttribute("subTypeList", subTypeList); // 获得当前页 String curpage = request.getParameter("curpage") != null && (!request.getParameter("curpage").equals("")) ? request.getParameter("curpage") : "1"; if (request.getParameter("pageSize") != null && (!request.getParameter("pageSize").equals(""))) { int pagesize = Integer.parseInt(request.getParameter("pageSize")); request.setAttribute("pageSize", request.getParameter("pageSize")); page.setEveryPage(pagesize); } else { page.setEveryPage(10); } // 如果第一次进来就初始化条件为NULL if (request.getParameter("first") != null) { alertForm.setAlertquer(new AlertQueryVO()); request.setAttribute("subTypeList", null); request.setAttribute("alertinfoQuery", null); } // 设置当前页跟开始位置 page.setCurrentPage(Integer.parseInt(curpage)); page.setBeginIndex((page.getCurrentPage() - 1) * page.getEveryPage()); OperatorDetails user = SecurityUserHolder.getCurrentUser(); if (user.getUsername().equals("admin")) { PageResult result = alertService.getListPageAlertService(page, alertForm.getAlertquer()); request.setAttribute("page", result.getPage()); request.setAttribute("list", result.getPageList()); } else { List<Domain> listDomain = user.getDomainList(); PageResult result = alertService.getListPageAlertService(page, alertForm.getAlertquer(), listDomain); if (result != null) { request.setAttribute("page", result.getPage()); request.setAttribute("list", result.getPageList()); } } // 告警浏览 if (request.getParameter("home") != null && request.getParameter("home").trim().equals("1")) { AlertFusionRuleBO alertFusionRuleBO = alertFusionRuleServices.getAlertFusionRuleServices(); request.setAttribute("alertFusionRuleBO", alertFusionRuleBO); session.setAttribute("topcss", "alertIndex"); return mapping.findForward("alertHome"); } // 弹出告警监控 小窗口 if (request.getParameter("MinWindow") != null) { if (request.getSession().getAttribute("altypeList") == null) { this.getListAlertType(mapping, alertForm, request, response); } AlertFusionRuleBO alertFusionRuleBO = alertFusionRuleServices.getAlertFusionRuleServices(); request.setAttribute("alertFusionRuleBO", alertFusionRuleBO); request.setAttribute("monitorTime", new Timestamp(System.currentTimeMillis())); return mapping.findForward("AlertMinWindow"); } session.setAttribute("topcss", "alertIndex"); return mapping.findForward("alertIndex"); } catch (Exception e) { log.setUsername(username); log.setRoleName(rolenames); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_AIM); log.setOperationDesc("多条件查询告警信息 并且分页显示"); log.setControl("失败"); systemlogService.saveSystemLog(log); return null; } }
/** 漏洞与威胁关联 */ @SuppressWarnings("unchecked") public ActionForward relateLeakToThre( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { String vulnKindIdSelect = request.getParameter("vulnKindIdSelect"); String vulnIdSelect = request.getParameter("vulnIdSelect"); String ip = request.getParameter("ip"); request.setAttribute("ip", ip); request.setAttribute("vulnKindIdSelect", vulnKindIdSelect); request.setAttribute("vulnIdSelect", vulnIdSelect); String[] leakThreIds = request.getParameterValues("leakThreId"); for (int i = 0; i < leakThreIds.length; i++) { System.out.println("leakThreIds[" + i + "]:" + leakThreIds[i]); } int indexArray[] = new int[leakThreIds.length]; List leakThreList = (List) request.getSession().getAttribute("leakThreList"); AsseKnowDynaLeakThre dynaLeakThre = null; for (int m = 0; m < leakThreIds.length; m++) { for (int i = 0; i < leakThreList.size(); i++) { dynaLeakThre = (AsseKnowDynaLeakThre) leakThreList.get(i); if (leakThreIds[m].equals(dynaLeakThre.getId().toString())) { indexArray[m] = i; } } } for (int i = 0; i < indexArray.length; i++) { System.out.println(indexArray[i]); } String[] leakThreKindIds = request.getParameterValues("leakThreKindId"); String[] leakThreKindIds1 = new String[leakThreIds.length]; for (int i = 0; i < indexArray.length; i++) { leakThreKindIds1[i] = leakThreKindIds[indexArray[i]]; } for (int i = 0; i < leakThreKindIds1.length; i++) { System.out.println("leakThreKindIds1[" + i + "]:" + leakThreKindIds1[i]); } String[] leakCveThreIds = request.getParameterValues("leakCveThreId"); String[] leakCveThreIds1 = new String[leakThreIds.length]; for (int i = 0; i < indexArray.length; i++) { leakCveThreIds1[i] = leakCveThreIds[indexArray[i]]; } for (int i = 0; i < leakCveThreIds1.length; i++) { System.out.println("leakCveThreIds1[" + i + "]:" + leakCveThreIds1[i]); } String[] dynaLeakThreLeves = request.getParameterValues("dynaLeakThreLeve"); String[] dynaLeakThreLeves1 = new String[leakThreIds.length]; for (int i = 0; i < indexArray.length; i++) { dynaLeakThreLeves1[i] = dynaLeakThreLeves[indexArray[i]]; } for (int i = 0; i < dynaLeakThreLeves1.length; i++) { System.out.println("dynaLeakThreLeves1[" + i + "]:" + dynaLeakThreLeves1[i]); } Map paraMap = new HashMap(); paraMap.put("leakThreIds", leakThreIds); paraMap.put("leakThreKindIds", leakThreKindIds1); paraMap.put("leakCveThreIds", leakCveThreIds1); paraMap.put("dynaLeakThreLeves", dynaLeakThreLeves1); AsseInfoProj asseInfoProj = loadAsseInfoproj(request); dynaLeakThreService.relateLeakToThre(paraMap, asseInfoProj); // 添加日志 OperatorDetails user = SecurityUserHolder.getCurrentUser(); SystemLog log = new SystemLog(); log.setUsername(user.getUsername()); List<Role> list = user.getRoleList(); String roles = ""; for (Role role : list) { roles += role.getRole() + ","; } log.setRoleName(roles.substring(0, roles.length() - 1)); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_RAM); String s = ""; for (String str : leakThreIds) { s += str + ","; } log.setOperationDesc( "风险评估模块,漏洞与威胁关联,漏洞ID为:" + s.substring(0, s.length() - 1) + ",威胁ID为:" + vulnIdSelect); log.setControl("成功"); logService.saveSystemLog(log); return showVulnThre(mapping, form, request, response); }
/** 保存/更新动态威胁 */ @SuppressWarnings("null") public ActionForward saveOrUpdateThre( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { boolean flag = true; AsseKnowDynaThreForm asseKnowDynaThreForm = (AsseKnowDynaThreForm) form; AsseKnowDynaThre asseKnowDynaThre = new AsseKnowDynaThre(); asseKnowDynaThre.setAsseInfoProjId(asseKnowDynaThreForm.getAsseInfoProjId()); asseKnowDynaThre.setAsseKnowStatThreId(asseKnowDynaThreForm.getAsseKnowStatThreId()); asseKnowDynaThre.setAsseKnowStatThreKindId(asseKnowDynaThreForm.getAsseKnowStatThreKindId()); asseKnowDynaThre.setPossibility(asseKnowDynaThreForm.getPossibility()); asseKnowDynaThre.setThreCode(asseKnowDynaThreForm.getThreCode()); AsseInfoAsse asseInfoAsse = assetService.findByAssetCode(asseKnowDynaThreForm.getAssetCode()); Integer asseDynaVulnPoinId = asseKnowDynaThreForm.getAsseDynaVulnPoinId(); if (asseDynaVulnPoinId != null && !"".equals(asseDynaVulnPoinId)) { AsseKnowDynaVuln asseKnowDynaVuln = vulnAnalService.find(asseDynaVulnPoinId); asseKnowDynaThre.setAsse(asseKnowDynaVuln.getAsse()); asseKnowDynaThre.setDynaVuln(asseKnowDynaVuln); } if (asseKnowDynaThreForm.getId() != null && asseKnowDynaThreForm.getId() > 0) { flag = false; asseKnowDynaThre.setId(asseKnowDynaThreForm.getId()); threAnalService.saveOrUpdate(asseKnowDynaThre); } else { if (!threAnalService.checkExitDynaVulnPoint( asseKnowDynaThreForm.getAsseInfoProjId(), asseInfoAsse, asseKnowDynaThreForm.getAsseKnowStatThreKindId(), asseKnowDynaThreForm.getAsseKnowStatThreId())) { asseKnowDynaThre.setId(null); threAnalService.saveOrUpdate(asseKnowDynaThre); } else { // 该资产关联的脆弱点已存在 ActionErrors errors = new ActionErrors(); errors.add("repeatDynaThre", new ActionMessage("asse.err.dynaThre.repeat")); saveErrors(request, errors); } } // 添加日志 OperatorDetails user = SecurityUserHolder.getCurrentUser(); SystemLog log = new SystemLog(); log.setUsername(user.getUsername()); List<Role> list = user.getRoleList(); String roles = ""; for (Role role : list) { roles += role.getRole() + ","; } log.setRoleName(roles.substring(0, roles.length() - 1)); log.setTime(new Timestamp(new Date().getTime())); log.setModuleName(SystemModelInfo.MOD_RAM); if (flag) { log.setOperationDesc( "风险评估模块,新增动态威胁,ID为:" + asseKnowDynaThre.getId() + ",所属项目ID:" + asseKnowDynaThre.getAsseInfoProjId()); } else { log.setOperationDesc( "风险评估模块,修改动态威胁,ID为:" + asseKnowDynaThre.getId() + ",所属项目ID:" + asseKnowDynaThre.getAsseInfoProjId()); } log.setControl("成功"); logService.saveSystemLog(log); request.setAttribute("asseKnowDynaThre", asseKnowDynaThre); return showVulnThre(mapping, form, request, response); }