Add WAF mode to CreateWaf and EnableListenerWaf requests

- Extend CreateWafReq and EnableListenerWafReq structs with Mode field - Update CreateWaf method to use requested WAF mode - Modify EnableListenerWafs to retrieve and apply WAF mode from existing service - Ensure mode is consistently passed through WAF service operations

Add WAF mode to CreateWaf and EnableListenerWaf requests
- Extend CreateWafReq and EnableListenerWafReq structs with Mode field - Update CreateWaf method to use requested WAF mode - Modify EnableListenerWafs to retrieve and apply WAF mode from existing service - Ensure mode is consistently passed through WAF service operations
bb958705 · qiuqunfeng · a1ed13b0 · bb958705 · bb958705
Commit bb958705 authored Mar 04, 2025 by qiuqunfeng
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 1 deletion

internal/service/types.go internal/service/types.go +2 -0

internal/service/waf.go internal/service/waf.go +15 -1

No files found.
--- a/internal/service/types.go
+++ b/internal/service/types.go
@@ -188,6 +188,7 @@ type CreateWafReq struct {
 	GatewateInfo
 	Port uint32   `json:"port"`
 	Host []string `json:"host"`
+	Mode WafMode  `json:"mode"`
 }

 type DeleteWafReq struct {
@@ -221,6 +222,7 @@ type EnableListenerWafReq struct {
 	Enable bool     `json:"enable"`
 	Hosts  []string `json:"hosts"`
 	Port   int      `json:"port"`
+	Mode   WafMode  `json:"mode"`
 }

 type EnableGatewayWafReq struct {

--- a/internal/service/waf.go
+++ b/internal/service/waf.go
@@ -213,7 +213,7 @@ func (s *wafService) CreateWaf(ctx context.Context, req *CreateWafReq) (*WafServ
 				Enable: 1,
 				Level:  "info",
 			},
-			Mode: "block",
+			Mode: string(req.Mode),
 		},
 	}

@@ -436,6 +436,7 @@ func (s *wafService) EnableListenerWaf(ctx context.Context, req *EnableListenerW
 			},
 			Port: uint32(req.Port),
 			Host: req.Hosts,
+			Mode: req.Mode,
 		})
 		if err != nil {
 			return err
@@ -676,6 +677,18 @@ func (s *wafService) EnableListenerWafs(ctx context.Context, req *EnableListener

 	// enable WAF for ports that are in the desired port set but not in the current port set
 	addingPortSet := desiredPortSet.Difference(currentPortSet)
+
+	// Get mode from waf_services table
+	wafService := &model.WafService{}
+	err = s.db.Model(&model.WafService{}).Where("gateway_name = ?", req.GatewayName).First(wafService).Error
+	if err != nil {
+		if err == gorm.ErrRecordNotFound {
+			return fmt.Errorf("waf service not found for gateway %s", req.GatewayName)
+		}
+		return fmt.Errorf("failed to query waf service: %v", err)
+	}
+	mode := WafMode(wafService.Mode)
+
 	for _, port := range addingPortSet.List() {
 		err := s.EnableListenerWaf(ctx, &EnableListenerWafReq{
 			GatewateInfo: GatewateInfo{
@@ -686,6 +699,7 @@ func (s *wafService) EnableListenerWafs(ctx context.Context, req *EnableListener
 			Port:   port,
 			Hosts:  wafMap[port],
 			Enable: true,
+			Mode:   mode,
 		})
 		if err != nil {
 			return fmt.Errorf("failed to enable listener WAF: %v", err)