mirror of
https://github.com/veops/oneterm.git
synced 2025-11-01 03:12:39 +08:00
94 lines
3.0 KiB
Go
94 lines
3.0 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/veops/oneterm/internal/model"
|
|
"github.com/veops/oneterm/internal/repository"
|
|
"github.com/veops/oneterm/internal/tunneling"
|
|
"github.com/veops/oneterm/pkg/utils"
|
|
"golang.org/x/crypto/ssh"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
// GatewayService handles gateway business logic
|
|
type GatewayService struct {
|
|
repo repository.GatewayRepository
|
|
tunnelManager *tunneling.TunnelManager
|
|
}
|
|
|
|
// NewGatewayService creates a new gateway service
|
|
func NewGatewayService() *GatewayService {
|
|
return &GatewayService{
|
|
repo: repository.NewGatewayRepository(),
|
|
tunnelManager: tunneling.NewTunnelManager(),
|
|
}
|
|
}
|
|
|
|
// ValidatePublicKey validates the given public key
|
|
func (s *GatewayService) ValidatePublicKey(gateway *model.Gateway) error {
|
|
if gateway.AccountType != model.AUTHMETHOD_PUBLICKEY {
|
|
return nil
|
|
}
|
|
|
|
var err error
|
|
if gateway.Phrase == "" {
|
|
_, err = ssh.ParsePrivateKey([]byte(gateway.Pk))
|
|
} else {
|
|
_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(gateway.Pk), []byte(gateway.Phrase))
|
|
}
|
|
return err
|
|
}
|
|
|
|
// EncryptSensitiveData encrypts sensitive gateway data
|
|
func (s *GatewayService) EncryptSensitiveData(gateway *model.Gateway) {
|
|
gateway.Password = utils.EncryptAES(gateway.Password)
|
|
gateway.Pk = utils.EncryptAES(gateway.Pk)
|
|
gateway.Phrase = utils.EncryptAES(gateway.Phrase)
|
|
}
|
|
|
|
// DecryptSensitiveData decrypts sensitive gateway data
|
|
func (s *GatewayService) DecryptSensitiveData(gateways []*model.Gateway) {
|
|
for _, g := range gateways {
|
|
g.Password = utils.DecryptAES(g.Password)
|
|
g.Pk = utils.DecryptAES(g.Pk)
|
|
g.Phrase = utils.DecryptAES(g.Phrase)
|
|
}
|
|
}
|
|
|
|
// AttachAssetCount attaches asset count to gateways
|
|
func (s *GatewayService) AttachAssetCount(ctx context.Context, gateways []*model.Gateway) error {
|
|
return s.repo.AttachAssetCount(ctx, gateways)
|
|
}
|
|
|
|
// CheckAssetDependencies checks if gateway has dependent assets
|
|
func (s *GatewayService) CheckAssetDependencies(ctx context.Context, id int) (string, error) {
|
|
return s.repo.CheckAssetDependencies(ctx, id)
|
|
}
|
|
|
|
// BuildQuery constructs gateway query with basic filters
|
|
func (s *GatewayService) BuildQuery(ctx *gin.Context) *gorm.DB {
|
|
return s.repo.BuildQuery(ctx)
|
|
}
|
|
|
|
// FilterByAssetIds filters gateways by related asset IDs
|
|
func (s *GatewayService) FilterByAssetIds(db *gorm.DB, assetIds []int) *gorm.DB {
|
|
return s.repo.FilterByAssetIds(db, assetIds)
|
|
}
|
|
|
|
// GetTunnelBySessionId gets a gateway tunnel by session ID
|
|
func (s *GatewayService) GetTunnelBySessionId(sessionId string) *tunneling.GatewayTunnel {
|
|
return s.tunnelManager.GetTunnelBySessionId(sessionId)
|
|
}
|
|
|
|
// OpenTunnel opens a new gateway tunnel
|
|
func (s *GatewayService) OpenTunnel(isConnectable bool, sessionId, remoteIp string, remotePort int, gateway *model.Gateway) (*tunneling.GatewayTunnel, error) {
|
|
return s.tunnelManager.OpenTunnel(isConnectable, sessionId, remoteIp, remotePort, gateway)
|
|
}
|
|
|
|
// CloseTunnels closes gateway tunnels by session IDs
|
|
func (s *GatewayService) CloseTunnels(sessionIds ...string) {
|
|
s.tunnelManager.CloseTunnels(sessionIds...)
|
|
}
|