OMC/be.ems
1
0
Fork 0
Code Issues Releases 3 Activity

feat: 导出udm-auth未加密数据

Browse Source
This commit is contained in:
TsMask
2025-09-28 18:14:05 +08:00
parent bc55dfb9d5
commit f4fdde0cf3
4 changed files with 94 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
database/install/sys_menu.sql
View File

@@ -205,6 +205,7 @@ INSERT INTO `sys_menu` VALUES (1129, 'Reset', 2109, 1, '', '', '1', '1', 'B', '1
INSERT INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, ''); INSERT INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, '');
INSERT INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, ''); INSERT INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, '');
INSERT INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, ''); INSERT INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
INSERT INTO `sys_menu` VALUES (1133, 'Export DecData', 2009, 6, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export-dec', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
INSERT INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark'); INSERT INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark');
INSERT INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark'); INSERT INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark');
INSERT INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark'); INSERT INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark');

1
database/upgrade/upg_sys_menu.sql
View File

@@ -188,6 +188,7 @@ REPLACE INTO `sys_menu` VALUES (1129, 'Reset', 2109, 1, '', '', '1', '1', 'B', '
REPLACE INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, ''); REPLACE INTO `sys_menu` VALUES (1130, 'Execute', 2109, 2, '', '', '1', '1', 'B', '1', '1', 'mmlManage:udmOperate:execute', '#', 'bluearcus', 1756903248527, '', 0, '');
REPLACE INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, ''); REPLACE INTO `sys_menu` VALUES (1131, 'Display User Online Infomation', 2132, 10, '', '', '1', '1', 'B', '1', '1', 'dashboard:overview:onlineInfo', '#', 'bluearcus', 1757062839936, '', 0, '');
REPLACE INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, ''); REPLACE INTO `sys_menu` VALUES (1132, 'menu.common.export', 2009, 5, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
REPLACE INTO `sys_menu` VALUES (1133, 'Export DecData', 2009, 6, '', '', '1', '1', 'B', '1', '1', 'neUser:auth:export-dec', '#', 'bluearcus', 1756438214960, 'bluearcus', 1756456767639, '');
REPLACE INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark'); REPLACE INTO `sys_menu` VALUES (2009, 'menu.ueUser.authUDM', 2075, 1, 'auth', 'neUser/auth/index', '1', '1', 'M', '1', '1', 'neUser:auth:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.authUDMRemark');
REPLACE INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark'); REPLACE INTO `sys_menu` VALUES (2010, 'menu.ueUser.subUDM', 2075, 2, 'sub', 'neUser/sub/index', '1', '1', 'M', '1', '1', 'neUser:sub:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.subUDMRemark');
REPLACE INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark'); REPLACE INTO `sys_menu` VALUES (2011, 'menu.ueUser.voipUDM', 2075, 3, 'voip', 'neUser/voip/index', '1', '1', 'M', '1', '1', 'neUser:voip:index', 'icon-xiangmuchengyuan', 'supervisor', 1700000000000, NULL, 0, 'menu.ueUser.voipUDMRemark');

83
src/modules/network_data/controller/udm_auth.go
View File

@@ -2,12 +2,15 @@ package controller
import ( import (
"fmt" "fmt"
"os"
"path/filepath" "path/filepath"
"runtime"
"strings" "strings"
"time" "time"
"be.ems/src/framework/constants/uploadsubpath" "be.ems/src/framework/constants/uploadsubpath"
"be.ems/src/framework/i18n" "be.ems/src/framework/i18n"
"be.ems/src/framework/resp"
"be.ems/src/framework/telnet" "be.ems/src/framework/telnet"
"be.ems/src/framework/utils/ctx" "be.ems/src/framework/utils/ctx"
"be.ems/src/framework/utils/file" "be.ems/src/framework/utils/file"
@@ -642,3 +645,83 @@ func (s *UDMAuthController) Import(c *gin.Context) {
} }
c.JSON(200, result.OkMsg(resultMsg)) c.JSON(200, result.OkMsg(resultMsg))
} }
// UDM鉴权用户导出解密数据
//
// GET /export-dec
//
// @Tags network_data/udm/auth
// @Accept json
// @Produce json
// @Param data body object true "Request Param"
// @Success 200 {object} object "Response Results"
// @Security TokenAuth
// @Summary UDM Authenticated User Export Decrypted Data
// @Description UDM Authenticated User Export Decrypted Data
// @Router /neData/udm/auth/export-dec [get]
func (s *UDMAuthController) ExportDec(c *gin.Context) {
language := ctx.AcceptLanguage(c)
neId := c.Query("neId")
if neId == "" {
c.JSON(400, result.CodeMsg(400, i18n.TKey(language, "app.common.err400")))
return
}
// 查询网元获取IP
neInfo := s.neInfoService.SelectNeInfoByNeTypeAndNeID("UDM", neId)
if neInfo.NeId != neId || neInfo.IP == "" {
c.JSON(200, result.ErrMsg(i18n.TKey(language, "app.common.noNEInfo")))
return
}
// 网元主机的Telnet客户端
telnetClient, err := s.neInfoService.NeRunTelnetClient("UDM", neId, 1)
if err != nil {
c.JSON(200, result.ErrMsg(err.Error()))
return
}
defer telnetClient.Close()
// 发送MML
// 导出解密的ki和opc 需要执行 dec authdat:imsi=all
// 生成文件 /user/local/etc/udm/authdata.txt
cmd := "dec authdat:imsi=all"
data, err := telnet.ConvertToStr(telnetClient, cmd)
if err != nil {
c.JSON(200, result.ErrMsg(err.Error()))
return
}
// 命令ok时
if strings.Contains(data, "ok") {
// 网元主机的SSH客户端
sshClient, err := s.neInfoService.NeRunSSHClient(neInfo.NeType, neInfo.NeId)
if err != nil {
c.JSON(200, resp.ErrMsg(err.Error()))
return
}
defer sshClient.Close()
// 网元主机的SSH客户端进行文件传输
sftpClient, err := sshClient.NewClientSFTP()
if err != nil {
c.JSON(200, resp.ErrMsg(err.Error()))
return
}
defer sftpClient.Close()
// 复制到本地
nePath := "/usr/local/etc/udm/authdata.txt"
localFilePath := filepath.Join("/tmp/omc/pull", filepath.Base(nePath))
if runtime.GOOS == "windows" {
localFilePath = fmt.Sprintf("C:%s", localFilePath)
}
if err = sftpClient.CopyFileRemoteToLocal(nePath, localFilePath); err != nil {
c.JSON(200, resp.ErrMsg(err.Error()))
return
}
sshClient.RunCMD("sudo rm -rf /user/local/etc/udm/authdata.txt")
defer os.Remove(localFilePath)
c.FileAttachment(localFilePath, filepath.Base(nePath))
return
}
c.JSON(200, result.ErrMsg("unexpected result"))
}

9
src/modules/network_data/network_data.go
View File

@@ -194,6 +194,10 @@ func Setup(router *gin.Engine) {
middleware.PreAuthorize(nil), middleware.PreAuthorize(nil),
controller.NewAMF.NbStateList, controller.NewAMF.NbStateList,
) )
amfGroup.GET("/log/audit",
middleware.PreAuthorize(nil),
controller.NewAMF.AuditLog,
)
} }
// 网元UPF // 网元UPF
@@ -257,6 +261,11 @@ func Setup(router *gin.Engine) {
collectlogs.OperateLog(collectlogs.OptionNew("log.operate.title.udmAuth", collectlogs.BUSINESS_TYPE_IMPORT)), collectlogs.OperateLog(collectlogs.OptionNew("log.operate.title.udmAuth", collectlogs.BUSINESS_TYPE_IMPORT)),
controller.NewUDMAuth.Import, controller.NewUDMAuth.Import,
) )
udmAuthGroup.GET("/export-dec",
middleware.PreAuthorize(map[string][]string{"hasPerms": {"neUser:auth:export-dec"}}),
collectlogs.OperateLog(collectlogs.OptionNew("log.operate.title.udmAuth", collectlogs.BUSINESS_TYPE_EXPORT)),
controller.NewUDMAuth.ExportDec,
)
} }
// 备份数据 // 备份数据