feat: 导出udm-auth未加密数据
This commit is contained in:
TsMask
@@ -205,6 +205,7 @@ INSERT INTO `sys_menu` VALUES (1129, 'Reset', 2109, 1, '', '', '1', '1', 'B', '1
|
||||
INSERT INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, '');
|
||||
INSERT INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, '');
|
||||
INSERT INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
|
||||
INSERT INTO `sys_menu` VALUES (1133, 'Export DecData', 2009, 6, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export-dec', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
|
||||
INSERT INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark');
|
||||
INSERT INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark');
|
||||
INSERT INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark');
|
||||
|
||||
@@ -188,6 +188,7 @@ REPLACE INTO `sys_menu` VALUES (1129, 'Reset', 2109, 1, '', '', '1', '1', 'B', '
|
||||
REPLACE INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, '');
|
||||
REPLACE INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, '');
|
||||
REPLACE INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
|
||||
REPLACE INTO `sys_menu` VALUES (1133, 'Export DecData', 2009, 6, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export-dec', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
|
||||
REPLACE INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark');
|
||||
REPLACE INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark');
|
||||
REPLACE INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark');
|
||||
|
||||
@@ -2,12 +2,15 @@ package controller
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"be.ems/src/framework/constants/uploadsubpath"
|
||||
"be.ems/src/framework/i18n"
|
||||
"be.ems/src/framework/resp"
|
||||
"be.ems/src/framework/telnet"
|
||||
"be.ems/src/framework/utils/ctx"
|
||||
"be.ems/src/framework/utils/file"
|
||||
@@ -642,3 +645,83 @@ func (s *UDMAuthController) Import(c *gin.Context) {
|
||||
}
|
||||
c.JSON(200, result.OkMsg(resultMsg))
|
||||
}
|
||||
|
||||
// UDM鉴权用户导出解密数据
|
||||
//
|
||||
// GET /export-dec
|
||||
//
|
||||
// @Tags network_data/udm/auth
|
||||
// @Accept json
|
||||
// @Produce json
|
||||
// @Param data body object true "Request Param"
|
||||
// @Success 200 {object} object "Response Results"
|
||||
// @Security TokenAuth
|
||||
// @Summary UDM Authenticated User Export Decrypted Data
|
||||
// @Description UDM Authenticated User Export Decrypted Data
|
||||
// @Router /neData/udm/auth/export-dec [get]
|
||||
func (s *UDMAuthController) ExportDec(c *gin.Context) {
|
||||
language := ctx.AcceptLanguage(c)
|
||||
neId := c.Query("neId")
|
||||
if neId == "" {
|
||||
c.JSON(400, result.CodeMsg(400, i18n.TKey(language, "app.common.err400")))
|
||||
return
|
||||
}
|
||||
|
||||
// 查询网元获取IP
|
||||
neInfo := s.neInfoService.SelectNeInfoByNeTypeAndNeID("UDM", neId)
|
||||
if neInfo.NeId != neId || neInfo.IP == "" {
|
||||
c.JSON(200, result.ErrMsg(i18n.TKey(language, "app.common.noNEInfo")))
|
||||
return
|
||||
}
|
||||
// 网元主机的Telnet客户端
|
||||
telnetClient, err := s.neInfoService.NeRunTelnetClient("UDM", neId, 1)
|
||||
if err != nil {
|
||||
c.JSON(200, result.ErrMsg(err.Error()))
|
||||
return
|
||||
}
|
||||
defer telnetClient.Close()
|
||||
|
||||
// 发送MML
|
||||
// 导出解密的ki和opc 需要执行 dec authdat:imsi=all
|
||||
// 生成文件 /user/local/etc/udm/authdata.txt
|
||||
cmd := "dec authdat:imsi=all"
|
||||
data, err := telnet.ConvertToStr(telnetClient, cmd)
|
||||
if err != nil {
|
||||
c.JSON(200, result.ErrMsg(err.Error()))
|
||||
return
|
||||
}
|
||||
|
||||
// 命令ok时
|
||||
if strings.Contains(data, "ok") {
|
||||
// 网元主机的SSH客户端
|
||||
sshClient, err := s.neInfoService.NeRunSSHClient(neInfo.NeType, neInfo.NeId)
|
||||
if err != nil {
|
||||
c.JSON(200, resp.ErrMsg(err.Error()))
|
||||
return
|
||||
}
|
||||
defer sshClient.Close()
|
||||
// 网元主机的SSH客户端进行文件传输
|
||||
sftpClient, err := sshClient.NewClientSFTP()
|
||||
if err != nil {
|
||||
c.JSON(200, resp.ErrMsg(err.Error()))
|
||||
return
|
||||
}
|
||||
defer sftpClient.Close()
|
||||
|
||||
// 复制到本地
|
||||
nePath := "/usr/local/etc/udm/authdata.txt"
|
||||
localFilePath := filepath.Join("/tmp/omc/pull", filepath.Base(nePath))
|
||||
if runtime.GOOS == "windows" {
|
||||
localFilePath = fmt.Sprintf("C:%s", localFilePath)
|
||||
}
|
||||
if err = sftpClient.CopyFileRemoteToLocal(nePath, localFilePath); err != nil {
|
||||
c.JSON(200, resp.ErrMsg(err.Error()))
|
||||
return
|
||||
}
|
||||
sshClient.RunCMD("sudo rm -rf /user/local/etc/udm/authdata.txt")
|
||||
defer os.Remove(localFilePath)
|
||||
c.FileAttachment(localFilePath, filepath.Base(nePath))
|
||||
return
|
||||
}
|
||||
c.JSON(200, result.ErrMsg("unexpected result"))
|
||||
}
|
||||
|
||||
@@ -194,6 +194,10 @@ func Setup(router *gin.Engine) {
|
||||
middleware.PreAuthorize(nil),
|
||||
controller.NewAMF.NbStateList,
|
||||
)
|
||||
amfGroup.GET("/log/audit",
|
||||
middleware.PreAuthorize(nil),
|
||||
controller.NewAMF.AuditLog,
|
||||
)
|
||||
}
|
||||
|
||||
// 网元UPF
|
||||
@@ -257,6 +261,11 @@ func Setup(router *gin.Engine) {
|
||||
collectlogs.OperateLog(collectlogs.OptionNew("log.operate.title.udmAuth", collectlogs.BUSINESS_TYPE_IMPORT)),
|
||||
controller.NewUDMAuth.Import,
|
||||
)
|
||||
udmAuthGroup.GET("/export-dec",
|
||||
middleware.PreAuthorize(map[string][]string{"hasPerms": {"neUser:auth:export-dec"}}),
|
||||
collectlogs.OperateLog(collectlogs.OptionNew("log.operate.title.udmAuth", collectlogs.BUSINESS_TYPE_EXPORT)),
|
||||
controller.NewUDMAuth.ExportDec,
|
||||
)
|
||||
}
|
||||
|
||||
// 备份数据
|
||||
|
||||
Reference in New Issue
Block a user