Pull request #6095: REPORT-77480 fix:SSRF漏洞处理10.0版本

Merge in DEC/decision-webui-dcm from ~KEVIN.KING/decision-webui-dcm:release/10.0 to release/10.0 * commit '1a692e797d1afb7c9201e0b4a574f171ec9744d9': REPORT-77480 fix:SSRF漏洞处理 REPORT-77480 fix:SSRF漏洞处理
2 years ago · 5ddf614560
4 changed files with 33 additions and 5 deletions
--- a/src/modules/components/test_status/test_status.ts
+++ b/src/modules/components/test_status/test_status.ts
@ -29,6 +29,7 @@ export class TestStatus extends BI.Widget {
    failDriverMessage: Label;
    driverLink: FloatLeftLayout;
    detail: VerticalLayout;
+    failMaskers:any;

    watch = {
        status: (status: string) => {
@ -38,7 +39,7 @@ export class TestStatus extends BI.Widget {

    render() {
        const { loadingCls, loadingText, successCls, successText, failCls, failText, retryText } = this.options;
-
+        var self=this;
        return {
            type: BI.CenterAdaptLayout.xtype,
            cls: 'bi-z-index-mask',
@ -51,7 +52,7 @@ export class TestStatus extends BI.Widget {
                            cls: 'bi-card',
                            width: 450,
                            height: 250,
-                            single: true,
+                            // single: true,
                            showIndex: this.model.status,
                            ref: (_ref: Tab) => {
                                this.tab = _ref;
@ -70,6 +71,12 @@ export class TestStatus extends BI.Widget {
                                            tipCls: failCls,
                                            tipText: failText,
                                            retryText,
+                                            ref:(_ref:any)=>{
+                                                self.failMaskers=_ref;
+                                                if(this.failMessage.getText()===''){
+                                                    this.failMaskers.populateFail(BI.i18nText("Dec-Conn-ect-Failed"),false);
+                                                }
+                                            },
                                            listeners: [
                                                {
                                                    eventName: TipFail.EVENT_RELOAD,
@ -168,7 +175,7 @@ export class TestStatus extends BI.Widget {
        this.store.setStatus(TEST_STATUS.SUCCESS);
    }

-    setFail(message: string, driver = '', link = '') {
+    setFail(message: string='', driver = '', link = '') {
        this.store.setStatus(TEST_STATUS.FAIL);
        this.failMessage.setText(message);
        this.failDriverMessage.setVisible(!!driver);
--- a/src/modules/components/test_status/tip_icon/tip_fail.ts
+++ b/src/modules/components/test_status/tip_icon/tip_fail.ts
@ -1,5 +1,5 @@
 import { shortcut, store } from '@core/core';
-import { Button } from '@fui/core';
+import { Button, Label } from '@fui/core';
 import { TipFailModel } from './tip_fail.model';

@shortcut()
@ -21,7 +21,7 @@ export class TipFail extends BI.Widget {
    store: TipFailModel['store'];

    detailButton: Button;
-
+    failText:Label;
    watch = {
        isCollapse: (isCollapse: boolean) => {
            this.detailButton.setText(isCollapse ?
@ -29,6 +29,10 @@ export class TipFail extends BI.Widget {
                BI.i18nText('Dec-Dcm_Connection_Detailed_Information'));
        },
    }
+    populateFail(text:string,isVisible:boolean){
+        this.failText.setText(text);
+        this.detailButton.setVisible(isVisible);
+    }

    render() {
        const { tipCls, tipText, retryText } = this.options;
@ -53,6 +57,9 @@ export class TipFail extends BI.Widget {
                            height: 14,
                            bgap: 10,
                            text: tipText,
+                            ref:(_ref:Label)=>{
+                                this.failText=_ref;
+                            }
                        },
                        {
                            type: BI.VerticalAdaptLayout.xtype,
--- a/src/modules/pages/maintain/forms/form.server.ts
+++ b/src/modules/pages/maintain/forms/form.server.ts
@ -20,6 +20,10 @@ export function testConnection(value: Connection): Promise<string[]> {
            const formValue = value;
            api.testConnection(formValue).then(re => {
                if (re && re.errorCode) {
+                    if(re.errorCode === DecCst.ErrorCode.NO_IP_AUTHORIZED){
+                        testStatus.setFail();
+                        return;
+                    }
                // 判断是否是缺少驱动，如果缺少驱动则显示下载驱动的连接
                    if (api.isDriverError(re.errorCode)) {
                        if (formValue.connectionType === connectionType.JDBC) {
--- a/src/modules/pages/maintain/forms/form.ts
+++ b/src/modules/pages/maintain/forms/form.ts
@ -38,6 +38,11 @@ export class MaintainForm extends BI.Widget {
                value.creator = BI.get(this.getFormData(), 'creator');
                this.store.updateConnection(this.connectionName, value).then(result => {
                    if (result.errorCode) {
+                        if(result.errorCode === DecCst.ErrorCode.NO_IP_AUTHORIZED){
+                            BI.Msg.toast(BI.i18nText("Dec-Basic_Save_Fail"),{
+                                level: "error",
+                            });
+                        }
                        this.showError(result);

                        return;
@ -253,6 +258,11 @@ export class MaintainForm extends BI.Widget {
    private addConnection(form: Connection) {
        this.store.addConnection(form).then(result => {
            if (result.errorCode) {
+                if(result.errorCode === DecCst.ErrorCode.NO_IP_AUTHORIZED){
+                    BI.Msg.toast(BI.i18nText("Dec-Basic_Save_Fail"),{
+                        level: "error",
+                    });
+                }
                if (result.errorCode === errorCode.DUPLICATE_NAMES) {
                    if (form.connectionType !== connectionType.JDBC && form.connectionType !== connectionType.JNDI) {
                        // 如果不是jdbc或jndi，即如果是插件，名称重复的时候需要修改名字重新提交给后台