屏蔽表已创建

2026-06-04 12:08:25 +08:00
parent e6fa998854
commit acd03a614a
10 changed files with 1492 additions and 1 deletions
@@ -0,0 +1,310 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+	"time"
+
+	"gorm.io/gorm"
+)
+
+const forbiddenWordMatchContains = "contains"
+
+var errBlockingAlreadyExists = errors.New("blocking rule already exists")
+
+func (s *store) ListNodeBlocking(opts listOptions) ([]nodeBlockingRecord, error) {
+	opts = normalizeListOptions(opts)
+	var rows []nodeBlockingRecord
+	q := s.db.Model(&nodeBlockingRecord{}).
+		Order("updated_at DESC").
+		Order("id DESC").
+		Limit(opts.Limit).
+		Offset(opts.Offset)
+	return rows, q.Find(&rows).Error
+}
+
+func (s *store) CountNodeBlocking(opts listOptions) (int64, error) {
+	var total int64
+	return total, s.db.Model(&nodeBlockingRecord{}).Count(&total).Error
+}
+
+func (s *store) CreateNodeBlocking(nodeID string, nodeNum *int64, reason string, enabled bool) (*nodeBlockingRecord, error) {
+	nodeID = strings.TrimSpace(nodeID)
+	if nodeID == "" {
+		return nil, fmt.Errorf("node id is required")
+	}
+	if err := s.ensureNodeBlockingUnique(0, nodeID); err != nil {
+		return nil, err
+	}
+	row := nodeBlockingRecord{NodeID: nodeID, NodeNum: nodeNum, Reason: strings.TrimSpace(reason), Enabled: enabled}
+	if err := s.db.Create(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) UpdateNodeBlocking(id uint64, nodeID string, nodeNum *int64, reason string, enabled bool) (*nodeBlockingRecord, error) {
+	if id == 0 {
+		return nil, fmt.Errorf("blocking rule id is required")
+	}
+	nodeID = strings.TrimSpace(nodeID)
+	if nodeID == "" {
+		return nil, fmt.Errorf("node id is required")
+	}
+	if _, err := s.getNodeBlockingByID(id); err != nil {
+		return nil, err
+	}
+	if err := s.ensureNodeBlockingUnique(id, nodeID); err != nil {
+		return nil, err
+	}
+	updates := map[string]any{"node_id": nodeID, "node_num": nodeNum, "reason": strings.TrimSpace(reason), "enabled": enabled, "updated_at": time.Now()}
+	if err := s.db.Model(&nodeBlockingRecord{}).Where("id = ?", id).Updates(updates).Error; err != nil {
+		return nil, err
+	}
+	return s.getNodeBlockingByID(id)
+}
+
+func (s *store) DeleteNodeBlocking(id uint64) error {
+	result := s.db.Where("id = ?", id).Delete(&nodeBlockingRecord{})
+	if result.Error != nil {
+		return result.Error
+	}
+	if result.RowsAffected == 0 {
+		return gorm.ErrRecordNotFound
+	}
+	return nil
+}
+
+func (s *store) ListIPBlocking(opts listOptions) ([]ipBlockingRecord, error) {
+	opts = normalizeListOptions(opts)
+	var rows []ipBlockingRecord
+	q := s.db.Model(&ipBlockingRecord{}).
+		Order("updated_at DESC").
+		Order("id DESC").
+		Limit(opts.Limit).
+		Offset(opts.Offset)
+	return rows, q.Find(&rows).Error
+}
+
+func (s *store) CountIPBlocking(opts listOptions) (int64, error) {
+	var total int64
+	return total, s.db.Model(&ipBlockingRecord{}).Count(&total).Error
+}
+
+func (s *store) CreateIPBlocking(ipValue string, reason string, enabled bool) (*ipBlockingRecord, error) {
+	value, err := normalizeIPBlockingValue(ipValue)
+	if err != nil {
+		return nil, err
+	}
+	if err := s.ensureIPBlockingUnique(0, value); err != nil {
+		return nil, err
+	}
+	row := ipBlockingRecord{IPValue: value, Reason: strings.TrimSpace(reason), Enabled: enabled}
+	if err := s.db.Create(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) UpdateIPBlocking(id uint64, ipValue string, reason string, enabled bool) (*ipBlockingRecord, error) {
+	if id == 0 {
+		return nil, fmt.Errorf("blocking rule id is required")
+	}
+	value, err := normalizeIPBlockingValue(ipValue)
+	if err != nil {
+		return nil, err
+	}
+	if _, err := s.getIPBlockingByID(id); err != nil {
+		return nil, err
+	}
+	if err := s.ensureIPBlockingUnique(id, value); err != nil {
+		return nil, err
+	}
+	updates := map[string]any{"ip_value": value, "reason": strings.TrimSpace(reason), "enabled": enabled, "updated_at": time.Now()}
+	if err := s.db.Model(&ipBlockingRecord{}).Where("id = ?", id).Updates(updates).Error; err != nil {
+		return nil, err
+	}
+	return s.getIPBlockingByID(id)
+}
+
+func (s *store) DeleteIPBlocking(id uint64) error {
+	result := s.db.Where("id = ?", id).Delete(&ipBlockingRecord{})
+	if result.Error != nil {
+		return result.Error
+	}
+	if result.RowsAffected == 0 {
+		return gorm.ErrRecordNotFound
+	}
+	return nil
+}
+
+func (s *store) ListForbiddenWordBlocking(opts listOptions) ([]forbiddenWordBlockingRecord, error) {
+	opts = normalizeListOptions(opts)
+	var rows []forbiddenWordBlockingRecord
+	q := s.db.Model(&forbiddenWordBlockingRecord{}).
+		Order("updated_at DESC").
+		Order("id DESC").
+		Limit(opts.Limit).
+		Offset(opts.Offset)
+	return rows, q.Find(&rows).Error
+}
+
+func (s *store) CountForbiddenWordBlocking(opts listOptions) (int64, error) {
+	var total int64
+	return total, s.db.Model(&forbiddenWordBlockingRecord{}).Count(&total).Error
+}
+
+func (s *store) CreateForbiddenWordBlocking(word, matchType string, caseSensitive bool, reason string, enabled bool) (*forbiddenWordBlockingRecord, error) {
+	word = strings.TrimSpace(word)
+	if word == "" {
+		return nil, fmt.Errorf("forbidden word is required")
+	}
+	matchType, err := normalizeForbiddenWordMatchType(matchType)
+	if err != nil {
+		return nil, err
+	}
+	if err := s.ensureForbiddenWordBlockingUnique(0, word); err != nil {
+		return nil, err
+	}
+	row := forbiddenWordBlockingRecord{Word: word, MatchType: matchType, CaseSensitive: caseSensitive, Reason: strings.TrimSpace(reason), Enabled: enabled}
+	if err := s.db.Create(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) UpdateForbiddenWordBlocking(id uint64, word, matchType string, caseSensitive bool, reason string, enabled bool) (*forbiddenWordBlockingRecord, error) {
+	if id == 0 {
+		return nil, fmt.Errorf("blocking rule id is required")
+	}
+	word = strings.TrimSpace(word)
+	if word == "" {
+		return nil, fmt.Errorf("forbidden word is required")
+	}
+	matchType, err := normalizeForbiddenWordMatchType(matchType)
+	if err != nil {
+		return nil, err
+	}
+	if _, err := s.getForbiddenWordBlockingByID(id); err != nil {
+		return nil, err
+	}
+	if err := s.ensureForbiddenWordBlockingUnique(id, word); err != nil {
+		return nil, err
+	}
+	updates := map[string]any{"word": word, "match_type": matchType, "case_sensitive": caseSensitive, "reason": strings.TrimSpace(reason), "enabled": enabled, "updated_at": time.Now()}
+	if err := s.db.Model(&forbiddenWordBlockingRecord{}).Where("id = ?", id).Updates(updates).Error; err != nil {
+		return nil, err
+	}
+	return s.getForbiddenWordBlockingByID(id)
+}
+
+func (s *store) DeleteForbiddenWordBlocking(id uint64) error {
+	result := s.db.Where("id = ?", id).Delete(&forbiddenWordBlockingRecord{})
+	if result.Error != nil {
+		return result.Error
+	}
+	if result.RowsAffected == 0 {
+		return gorm.ErrRecordNotFound
+	}
+	return nil
+}
+
+func (s *store) getNodeBlockingByID(id uint64) (*nodeBlockingRecord, error) {
+	var row nodeBlockingRecord
+	if err := s.db.Where("id = ?", id).Take(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) getIPBlockingByID(id uint64) (*ipBlockingRecord, error) {
+	var row ipBlockingRecord
+	if err := s.db.Where("id = ?", id).Take(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) getForbiddenWordBlockingByID(id uint64) (*forbiddenWordBlockingRecord, error) {
+	var row forbiddenWordBlockingRecord
+	if err := s.db.Where("id = ?", id).Take(&row).Error; err != nil {
+		return nil, err
+	}
+	return &row, nil
+}
+
+func (s *store) ensureNodeBlockingUnique(id uint64, nodeID string) error {
+	var existing nodeBlockingRecord
+	q := s.db.Where("node_id = ?", nodeID)
+	if id != 0 {
+		q = q.Where("id <> ?", id)
+	}
+	err := q.Take(&existing).Error
+	if err == nil {
+		return errBlockingAlreadyExists
+	}
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return nil
+	}
+	return err
+}
+
+func (s *store) ensureIPBlockingUnique(id uint64, ipValue string) error {
+	var existing ipBlockingRecord
+	q := s.db.Where("ip_value = ?", ipValue)
+	if id != 0 {
+		q = q.Where("id <> ?", id)
+	}
+	err := q.Take(&existing).Error
+	if err == nil {
+		return errBlockingAlreadyExists
+	}
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return nil
+	}
+	return err
+}
+
+func (s *store) ensureForbiddenWordBlockingUnique(id uint64, word string) error {
+	var existing forbiddenWordBlockingRecord
+	q := s.db.Where("word = ?", word)
+	if id != 0 {
+		q = q.Where("id <> ?", id)
+	}
+	err := q.Take(&existing).Error
+	if err == nil {
+		return errBlockingAlreadyExists
+	}
+	if errors.Is(err, gorm.ErrRecordNotFound) {
+		return nil
+	}
+	return err
+}
+
+func normalizeIPBlockingValue(value string) (string, error) {
+	value = strings.TrimSpace(value)
+	if value == "" {
+		return "", fmt.Errorf("ip value is required")
+	}
+	if ip := net.ParseIP(value); ip != nil {
+		return ip.String(), nil
+	}
+	_, ipNet, err := net.ParseCIDR(value)
+	if err == nil {
+		return ipNet.String(), nil
+	}
+	return "", fmt.Errorf("ip value must be a valid IP or CIDR")
+}
+
+func normalizeForbiddenWordMatchType(matchType string) (string, error) {
+	matchType = strings.TrimSpace(matchType)
+	if matchType == "" {
+		return forbiddenWordMatchContains, nil
+	}
+	if matchType != forbiddenWordMatchContains {
+		return "", fmt.Errorf("unsupported forbidden word match type")
+	}
+	return matchType, nil
+}