feat: 【高危语句规则】新增高危语句规则管理功能的API,给上层SaaS使用 #2383 #2485
Conversation
| "bk_app_code": "esb_test", | ||
| "bk_app_secret": "xxx", | ||
| "bk_token": "xxx", | ||
| "script_language": [1], |
| "level": 1, | ||
| "action": null, | ||
| "code": "103701001", | ||
| "description": "脚本首行没有定义合法的脚本类型,例如: #!/bin/bash" |
There was a problem hiding this comment.
demo 尽量用英文,方便在中英文文档之间共享
| "lineContent": "rm /tmp", | ||
| "matchContent": "rm /tmp", | ||
| "level": 1, | ||
| "action": null, |
There was a problem hiding this comment.
内置高危语句检测没有action属性
| "line_content": "rm /tmp", | ||
| "matchContent": "rm", | ||
| "level": 3, | ||
| "action": 2, |
There was a problem hiding this comment.
脚本检测API 似乎不应该返回 action 字段,因为只是检测,并不会进行拦截等操作
| @@ -0,0 +1,80 @@ | |||
| ### 功能描述 | |||
|
|
|||
| 脚本检测。 | |||
| "matchContent": "rm", | ||
| "level": 3, | ||
| "action": 2, | ||
| "code": null, |
There was a problem hiding this comment.
错误代码并非高危语句检测需要的字段,可以不返回
| "expression": "rm", | ||
| "script_language_list": [1], | ||
| "description": "drangerous!!!", | ||
| "order": 1, |
| dest_path: /api/job/v3/job-manage/delete_dangerous_rule/ | ||
| dest_http_method: DELETE | ||
|
|
||
| - path: /v2/jobv3/get_dangerous_rule_list/ |
There was a problem hiding this comment.
待确认。需要咨询下 ESB 是否支持用 GET 传 RequestBody
liuliaozhong
force-pushed
the
master_issue_2383
branch
from
6728cd4
to
653eb1f
Compare
| @@ -26,6 +26,7 @@ validation.constraints.InvalidBkCloudId.message=管控区域 ID 非法 | |||
| validation.constraints.InvalidIp.message=IP 非法 | |||
| validation.constraints.InvalidJobTimeout_empty.message=作业超时时间不能为空 | |||
| validation.constraints.InvalidJobTimeout_outOfRange.message=作业超时时间必须在{min}-{max}之间 | |||
| validation.constraints.InvalidJobHighRiskGrammarId_empty.message=语法检测ID不能为空 | |||
There was a problem hiding this comment.
语法检测ID不能为空有点奇怪,改成“高危语句规则 ID"可能更加合理
| "data": [ | ||
| { | ||
| "line": 1, | ||
| "lineContent": "rm /tmp", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式。 lineContent->line_content
There was a problem hiding this comment.
dto是下划线格式,文档从别处copy的,没注意,已改
| { | ||
| "line": 1, | ||
| "lineContent": "rm /tmp", | ||
| "matchContent": "rm /tmp", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式
| { | ||
| "line": 1, | ||
| "line_content": "rm /tmp", | ||
| "matchContent": "rm", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式
| "data": [ | ||
| { | ||
| "line": 1, | ||
| "lineContent": "rm /tmp", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式
| { | ||
| "line": 1, | ||
| "lineContent": "rm /tmp", | ||
| "matchContent": "rm /tmp", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式
| { | ||
| "line": 1, | ||
| "line_content": "rm /tmp", | ||
| "matchContent": "rm", |
There was a problem hiding this comment.
api 所有的字段格式都需要是下划线分隔的,而不是驼峰方式
| if (id > 0) { | ||
| return EsbResp.buildSuccessResp(null); | ||
| } | ||
| return EsbResp.buildCommonFailResp(ErrorCode.INTERNAL_ERROR); |
There was a problem hiding this comment.
这里可以重构下,如果删除报错,直接在 Service 里边处理,抛出异常,而不是用 id 来判断结果
| @@ -49,4 +49,6 @@ public interface DangerousRuleDAO { | |||
| int getMaxPriority(); | |||
|
|
|||
| int getMinPriority(); | |||
|
|
|||
| int updateDangerousRuleStatus(String userName, Long id, Integer status); | |||
There was a problem hiding this comment.
status 参数直接使用枚举类型,方法会更加清晰
No description provided.