feat(system-security): Optimize Route Matching for Secure Entry

zhengkunwang223 · zhengkunwang223 · commit 45a192272286 · 2024-12-23T19:05:25.000+08:00
diff --git a/agent/app/service/app.go b/agent/app/service/app.go
@@ -70,10 +70,7 @@ func (a AppService) PageApp(req request.AppSearch) (interface{}, error) {
 	if req.Resource != "" && req.Resource != "all" {
 		opts = append(opts, appRepo.WithResource(req.Resource))
 	}
-	if req.Type == "php" {
-		info, _ := NewISettingService().GetSettingInfo()
-		opts = append(opts, appRepo.WithPanelVersion(info.SystemVersion))
-	}
+
 	if req.ShowCurrentArch {
 		info, err := NewIDashboardService().LoadOsInfo()
 		if err != nil {
@@ -101,12 +98,22 @@ func (a AppService) PageApp(req request.AppSearch) (interface{}, error) {
 		opts = append(opts, commonRepo.WithByIDs(appIds))
 	}
 	var res response.AppRes
+
 	total, apps, err := appRepo.Page(req.Page, req.PageSize, opts...)
 	if err != nil {
 		return nil, err
 	}
 	var appDTOs []*response.AppDto
+	info := &dto.SettingInfo{}
+	if req.Type == "php" {
+		info, _ = NewISettingService().GetSettingInfo()
+	}
 	for _, ap := range apps {
+		if req.Type == "php" {
+			if ap.RequiredPanelVersion == 0 || !common.CompareAppVersion(fmt.Sprintf("%f", ap.RequiredPanelVersion), info.SystemVersion) {
+				continue
+			}
+		}
 		appDTO := &response.AppDto{
 			ID:          ap.ID,
 			Name:        ap.Name,
@@ -789,7 +796,7 @@ func (a AppService) GetAppUpdate() (*response.AppUpdateRes, error) {
 		return res, err
 	}
 	if list.Extra.Version != "" && setting.SystemVersion != list.Extra.Version && !common.CompareVersion(setting.SystemVersion, list.Extra.Version) {
-		global.LOG.Errorf("The current version is too low to synchronize with the App Store. The minimum required version is %s", list.Extra.Version)
+		global.LOG.Errorf("The current version %s is too low to synchronize with the App Store. The minimum required version is %s", setting.SystemVersion, list.Extra.Version)
 		return nil, buserr.New("ErrVersionTooLow")
 	}
 	res.AppList = list
diff --git a/agent/app/service/runtime.go b/agent/app/service/runtime.go
@@ -86,6 +86,13 @@ func (r *RuntimeService) Create(create request.RuntimeCreate) (*model.Runtime, e
 	}
 	fileOp := files.NewFileOp()
 
+	runtimeDir := path.Join(constant.RuntimeDir, create.Type)
+	if !fileOp.Stat(runtimeDir) {
+		if err := fileOp.CreateDir(runtimeDir, constant.DirPerm); err != nil {
+			return nil, err
+		}
+	}
+
 	switch create.Type {
 	case constant.RuntimePHP:
 		if create.Resource == constant.ResourceLocal {
diff --git a/agent/utils/common/common.go b/agent/utils/common/common.go
@@ -47,6 +47,33 @@ func CompareVersion(version1, version2 string) bool {
 	return false
 }
 
+func CompareAppVersion(version1, version2 string) bool {
+	v1s := extractNumbers(version1)
+	v2s := extractNumbers(version2)
+
+	maxLen := max(len(v1s), len(v2s))
+	v1s = append(v1s, make([]string, maxLen-len(v1s))...)
+	v2s = append(v2s, make([]string, maxLen-len(v2s))...)
+
+	for i := 0; i < maxLen; i++ {
+		v1, err1 := strconv.Atoi(v1s[i])
+		v2, err2 := strconv.Atoi(v2s[i])
+		if err1 != nil {
+			v1 = 0
+		}
+		if err2 != nil {
+			v2 = 0
+		}
+		if v1 > v2 {
+			return true
+		}
+		if v1 < v2 {
+			return false
+		}
+	}
+	return true
+}
+
 func ComparePanelVersion(version1, version2 string) bool {
 	if version1 == version2 {
 		return false
diff --git a/core/constant/common.go b/core/constant/common.go
@@ -132,6 +132,7 @@ var WebUrlMap = map[string]struct{}{
 	"/xpack/alert/log":         {},
 	"/xpack/alert/setting":     {},
 	"/xpack/setting":           {},
+	"xpack/node":               {},
 }
 
 var DynamicRoutes = []string{
diff --git a/core/init/viper/viper.go b/core/init/viper/viper.go
@@ -20,7 +20,7 @@ func Init() {
 	baseDir := "/opt"
 	port := "9999"
 	mode := ""
-	version := "v1.0.0"
+	version := "v2.0.0"
 	username, password, entrance := "", "", ""
 	v := viper.NewWithOptions()
 	v.SetConfigType("yaml")
diff --git a/frontend/src/routers/router.ts b/frontend/src/routers/router.ts
@@ -75,7 +75,7 @@ export const routes: RouteRecordRaw[] = [
     {
         path: '/:code?',
         name: 'entrance',
-        component: () => import('@/views/login/entrance/index.vue'),
+        component: () => import('@/views/login/index.vue'),
         props: true,
     },
     ...routerArray,
diff --git a/frontend/src/views/login/entrance/index.vue b/frontend/src/views/login/entrance/index.vue
diff --git a/frontend/src/views/login/index.vue b/frontend/src/views/login/index.vue
@@ -29,9 +29,20 @@ import { getXpackSettingForTheme } from '@/utils/xpack';
 const gStore = GlobalStore();
 const loading = ref();
 
+const mySafetyCode = defineProps({
+    code: {
+        type: String,
+        default: '',
+    },
+});
+
 const screenWidth = ref(null);
 
 const getStatus = async () => {
+    let code = mySafetyCode.code;
+    if (code != '') {
+        gStore.entrance = code;
+    }
     loading.value = true;
     await checkIsSafety(gStore.entrance)
         .then((res) => {

Original file line number	Diff line number	Diff line change
`@@ -132,6 +132,7 @@ var WebUrlMap = map[string]struct{}{`
`132`	`132`	`"/xpack/alert/log": {},`
`133`	`133`	`"/xpack/alert/setting": {},`
`134`	`134`	`"/xpack/setting": {},`
	`135`	`+ "xpack/node": {},`
`135`	`136`	`}`
`136`	`137`
`137`	`138`	`var DynamicRoutes = []string{`
Original file line number	Diff line number	Diff line change
`@@ -75,7 +75,7 @@ export const routes: RouteRecordRaw[] = [`
`75`	`75`	`{`
`76`	`76`	`path: '/:code?',`
`77`	`77`	`name: 'entrance',`
`78`		`- component: () => import('@/views/login/entrance/index.vue'),`
	`78`	`+ component: () => import('@/views/login/index.vue'),`
`79`	`79`	`props: true,`
`80`	`80`	`},`
`81`	`81`	`...routerArray,`