liumangmang
262 lines
10 KiB
Java
262 lines
10 KiB
Java
package com.sshmanager.service;
|
|
|
|
import com.sshmanager.dto.ConnectionCreateRequest;
|
|
import com.sshmanager.dto.ConnectionDto;
|
|
import com.sshmanager.entity.Connection;
|
|
import com.sshmanager.exception.AccessDeniedException;
|
|
import com.sshmanager.exception.InvalidOperationException;
|
|
import com.sshmanager.exception.NotFoundException;
|
|
import com.sshmanager.repository.ConnectionRepository;
|
|
import org.springframework.stereotype.Service;
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
import java.time.Instant;
|
|
import java.util.List;
|
|
import java.util.stream.Collectors;
|
|
|
|
@Service
|
|
@SuppressWarnings("null")
|
|
public class ConnectionService {
|
|
|
|
private final ConnectionRepository connectionRepository;
|
|
private final EncryptionService encryptionService;
|
|
private final SshService sshService;
|
|
private final SshBootstrapService sshBootstrapService;
|
|
|
|
public ConnectionService(ConnectionRepository connectionRepository,
|
|
EncryptionService encryptionService,
|
|
SshService sshService,
|
|
SshBootstrapService sshBootstrapService) {
|
|
this.connectionRepository = connectionRepository;
|
|
this.encryptionService = encryptionService;
|
|
this.sshService = sshService;
|
|
this.sshBootstrapService = sshBootstrapService;
|
|
}
|
|
|
|
public List<ConnectionDto> listByUserId(Long userId) {
|
|
return connectionRepository.findByUserIdOrderByUpdatedAtDesc(userId).stream()
|
|
.map(ConnectionDto::fromEntity)
|
|
.collect(Collectors.toList());
|
|
}
|
|
|
|
public ConnectionDto getById(Long id, Long userId) {
|
|
Connection conn = connectionRepository.findById(id).orElseThrow(
|
|
() -> new NotFoundException("Connection not found: " + id));
|
|
if (!conn.getUserId().equals(userId)) {
|
|
throw new AccessDeniedException("Access denied");
|
|
}
|
|
return ConnectionDto.fromEntity(conn);
|
|
}
|
|
|
|
@Transactional
|
|
public ConnectionDto create(ConnectionCreateRequest request, Long userId) {
|
|
validateCreateRequest(request);
|
|
|
|
Connection conn = new Connection();
|
|
conn.setUserId(userId);
|
|
conn.setName(trimToNull(request.getName()));
|
|
conn.setHost(trimToNull(request.getHost()));
|
|
conn.setPort(request.getPort() != null ? request.getPort() : 22);
|
|
conn.setUsername(trimToNull(request.getUsername()));
|
|
|
|
if (getSetupMode(request) == ConnectionCreateRequest.SetupMode.PASSWORD_BOOTSTRAP) {
|
|
SshBootstrapService.BootstrapResult bootstrapResult = sshBootstrapService.bootstrapWithPassword(request, userId);
|
|
conn.setAuthType(Connection.AuthType.PRIVATE_KEY);
|
|
conn.setEncryptedPassword(null);
|
|
conn.setEncryptedPrivateKey(encryptionService.encrypt(bootstrapResult.getPrivateKey()));
|
|
conn.setPassphrase(null);
|
|
} else {
|
|
conn.setAuthType(resolveAuthType(request));
|
|
applyCredentialUpdate(conn, request);
|
|
}
|
|
|
|
conn = connectionRepository.save(conn);
|
|
return ConnectionDto.fromEntity(conn);
|
|
}
|
|
|
|
@Transactional
|
|
public ConnectionDto update(Long id, ConnectionCreateRequest request, Long userId) {
|
|
Connection conn = connectionRepository.findById(id).orElseThrow(
|
|
() -> new NotFoundException("Connection not found: " + id));
|
|
if (!conn.getUserId().equals(userId)) {
|
|
throw new AccessDeniedException("Access denied");
|
|
}
|
|
if (getSetupMode(request) == ConnectionCreateRequest.SetupMode.PASSWORD_BOOTSTRAP) {
|
|
throw new InvalidOperationException("编辑连接时不支持一键免密配置");
|
|
}
|
|
|
|
if (request.getName() != null) conn.setName(trimToNull(request.getName()));
|
|
if (request.getHost() != null) conn.setHost(trimToNull(request.getHost()));
|
|
if (request.getPort() != null) {
|
|
validatePort(request.getPort());
|
|
conn.setPort(request.getPort());
|
|
}
|
|
if (request.getUsername() != null) conn.setUsername(trimToNull(request.getUsername()));
|
|
if (request.getAuthType() != null) conn.setAuthType(request.getAuthType());
|
|
|
|
validatePersistedFields(conn);
|
|
applyCredentialUpdate(conn, request);
|
|
validateStoredCredentials(conn);
|
|
|
|
conn.setUpdatedAt(Instant.now());
|
|
conn = connectionRepository.save(conn);
|
|
return ConnectionDto.fromEntity(conn);
|
|
}
|
|
|
|
@Transactional
|
|
public void delete(Long id, Long userId) {
|
|
Connection conn = connectionRepository.findById(id).orElse(null);
|
|
if (conn == null) {
|
|
return;
|
|
}
|
|
if (!conn.getUserId().equals(userId)) {
|
|
throw new AccessDeniedException("Access denied");
|
|
}
|
|
connectionRepository.delete(conn);
|
|
}
|
|
|
|
public Connection getConnectionForSsh(Long id, Long userId) {
|
|
Connection conn = connectionRepository.findById(id).orElseThrow(
|
|
() -> new NotFoundException("Connection not found: " + id));
|
|
if (!conn.getUserId().equals(userId)) {
|
|
throw new AccessDeniedException("Access denied");
|
|
}
|
|
return conn;
|
|
}
|
|
|
|
public String getDecryptedPassword(Connection conn) {
|
|
return conn.getEncryptedPassword() != null ?
|
|
encryptionService.decrypt(conn.getEncryptedPassword()) : null;
|
|
}
|
|
|
|
public String getDecryptedPrivateKey(Connection conn) {
|
|
return conn.getEncryptedPrivateKey() != null ?
|
|
encryptionService.decrypt(conn.getEncryptedPrivateKey()) : null;
|
|
}
|
|
|
|
public String getDecryptedPassphrase(Connection conn) {
|
|
return conn.getPassphrase() != null ?
|
|
encryptionService.decrypt(conn.getPassphrase()) : null;
|
|
}
|
|
|
|
public Connection testConnection(Connection conn, String password, String privateKey, String passphrase) {
|
|
SshService.SshSession session = null;
|
|
try {
|
|
session = sshService.createShellSession(conn, password, privateKey, passphrase);
|
|
return conn;
|
|
} catch (Exception e) {
|
|
throw new RuntimeException("Connection test failed: " + e.getMessage(), e);
|
|
} finally {
|
|
if (session != null) {
|
|
session.disconnect();
|
|
}
|
|
}
|
|
}
|
|
|
|
private void validateCreateRequest(ConnectionCreateRequest request) {
|
|
if (request == null) {
|
|
throw new InvalidOperationException("连接信息不能为空");
|
|
}
|
|
validatePersistedFields(request);
|
|
if (getSetupMode(request) == ConnectionCreateRequest.SetupMode.PASSWORD_BOOTSTRAP) {
|
|
requireText(request.getBootstrapPassword(), "启用一键免密配置时必须填写初始登录密码");
|
|
return;
|
|
}
|
|
|
|
Connection.AuthType authType = resolveAuthType(request);
|
|
if (authType == Connection.AuthType.PASSWORD) {
|
|
if (!hasText(request.getPassword())) {
|
|
throw new InvalidOperationException("请填写密码");
|
|
}
|
|
return;
|
|
}
|
|
|
|
if (!hasText(request.getPrivateKey())) {
|
|
throw new InvalidOperationException("请填写私钥");
|
|
}
|
|
}
|
|
|
|
private void validatePersistedFields(ConnectionCreateRequest request) {
|
|
requireText(request.getName(), "请填写名称");
|
|
requireText(request.getHost(), "请填写主机");
|
|
requireText(request.getUsername(), "请填写用户名");
|
|
validatePort(request.getPort() != null ? request.getPort() : 22);
|
|
}
|
|
|
|
private void validatePersistedFields(Connection conn) {
|
|
requireText(conn.getName(), "请填写名称");
|
|
requireText(conn.getHost(), "请填写主机");
|
|
requireText(conn.getUsername(), "请填写用户名");
|
|
validatePort(conn.getPort() != null ? conn.getPort() : 22);
|
|
}
|
|
|
|
private void applyCredentialUpdate(Connection conn, ConnectionCreateRequest request) {
|
|
if (conn.getAuthType() == Connection.AuthType.PASSWORD) {
|
|
String password = trimToNull(request.getPassword());
|
|
if (password != null) {
|
|
conn.setEncryptedPassword(encryptionService.encrypt(password));
|
|
}
|
|
conn.setEncryptedPrivateKey(null);
|
|
conn.setPassphrase(null);
|
|
return;
|
|
}
|
|
|
|
String privateKey = trimToNull(request.getPrivateKey());
|
|
if (privateKey != null) {
|
|
conn.setEncryptedPrivateKey(encryptionService.encrypt(privateKey));
|
|
}
|
|
if (request.getPassphrase() != null) {
|
|
conn.setPassphrase(encryptionService.encrypt(trimToNull(request.getPassphrase())));
|
|
}
|
|
conn.setEncryptedPassword(null);
|
|
}
|
|
|
|
private void validateStoredCredentials(Connection conn) {
|
|
if (conn.getAuthType() == Connection.AuthType.PASSWORD) {
|
|
if (!hasText(conn.getEncryptedPassword())) {
|
|
throw new InvalidOperationException("请填写密码");
|
|
}
|
|
return;
|
|
}
|
|
|
|
if (!hasText(conn.getEncryptedPrivateKey())) {
|
|
throw new InvalidOperationException("请填写私钥");
|
|
}
|
|
}
|
|
|
|
private Connection.AuthType resolveAuthType(ConnectionCreateRequest request) {
|
|
return request.getAuthType() != null ? request.getAuthType() : Connection.AuthType.PASSWORD;
|
|
}
|
|
|
|
private ConnectionCreateRequest.SetupMode getSetupMode(ConnectionCreateRequest request) {
|
|
if (request == null || request.getSetupMode() == null) {
|
|
return ConnectionCreateRequest.SetupMode.NONE;
|
|
}
|
|
return request.getSetupMode();
|
|
}
|
|
|
|
private void requireText(String value, String message) {
|
|
if (!hasText(value)) {
|
|
throw new InvalidOperationException(message);
|
|
}
|
|
}
|
|
|
|
private void validatePort(Integer port) {
|
|
if (port == null || port < 1 || port > 65535) {
|
|
throw new InvalidOperationException("端口号必须在1-65535之间");
|
|
}
|
|
}
|
|
|
|
private boolean hasText(String value) {
|
|
return value != null && !value.trim().isEmpty();
|
|
}
|
|
|
|
private String trimToNull(String value) {
|
|
if (value == null) {
|
|
return null;
|
|
}
|
|
String trimmed = value.trim();
|
|
return trimmed.isEmpty() ? null : trimmed;
|
|
}
|
|
}
|