安全主题后台接口，配置文件放开接口

spring-cloud/configer/src/main/resources/config/dev/gateway-dev.yml

@@ -81,21 +81,24 @@ filter:
     /apiUrl/,/queryData/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
     /apiNoProcess/,/themeInfo/getThemeInfoById,/initModuleInfo/getInitModuleAndClassInfo,/moduleInfo/saveModuleInfo,\
-    /upload/themeImgUpload,/themeInfo/addThemeInfo,"
+    /upload/themeImgUpload,/themeInfo/addThemeInfo,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 不需要过参数过滤器的uri
   parameter:
     skip-uri: "/v2/api-docs,/doc.html,\
     /import/,/apiUrl/,/queryData/,/upload/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
     /apiNoProcess/,/themeInfo/getThemeInfoById,/initModuleInfo/getInitModuleAndClassInfo,/moduleInfo/saveModuleInfo,\
-    /upload/themeImgUpload,"
+    /upload/themeImgUpload,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 不需要过返回封装过滤器的uri
   response:
     skip-uri: "/v2/api-docs,/doc.html,\
     /apiUrl/,/queryData/,/upload/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
     /apiNoProcess/,/themeInfo/getThemeInfoById,/initModuleInfo/getInitModuleAndClassInfo,/moduleInfo/saveModuleInfo,\
-    /upload/themeImgUpload,/themeInfo/addThemeInfo,"
+    /upload/themeImgUpload,/themeInfo/addThemeInfo,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 登录接口
   login:
 #    skip-uri: "/user/userLogin,/flat/guide/login"

spring-cloud/configer/src/main/resources/config/prod/gateway-prod.yml

@@ -80,19 +80,22 @@ filter:
     skip-uri: "/v2/api-docs,/doc.html,\
     /apiUrl/,/queryData/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
-    /apiNoProcess/"
+    /apiNoProcess/,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 不需要过参数过滤器的uri
   parameter:
     skip-uri: "/v2/api-docs,/doc.html,\
     /import/,/apiUrl/,/queryData/,/upload/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
-    /apiNoProcess/"
+    /apiNoProcess/,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 不需要过返回封装过滤器的uri
   response:
     skip-uri: "/v2/api-docs,/doc.html,\
     /apiUrl/,/queryData/,/upload/,/uploadFiles/,/planArea/getDefaultPlanAreaList,/command/config/queryAll,\
     /api/scene/queryAll,/api/scene/theme/queryBySceneId,/api/scene/theme/queryByThemeId,\
-    /apiNoProcess/"
+    /apiNoProcess/,/AttackType/getTop6AttackType,/RiskType/getSysRiskType\
+    /RiskType/getWebRiskType,/RiskNews/getRiskNewsByInfo,/SystemRisk/analyzeSystemRisk"
   # 登录接口
   login:
     skip-uri: /user/userLogin

spring-cloud/server-basic/src/main/java/com/jd/configer/ResourceServerConfig.java

@@ -33,7 +33,9 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 					,"/uploadFiles/**","/planArea/getDefaultPlanAreaList"
 					,"/command/config/queryAll"
 					,"/api/**","/apiNoProcess/**","/themeInfo/**","/moduleInfo/**","/initModuleInfo/getInitModuleAndClassInfo"
-					,"/upload/themeImgUpload","/flat/guide/login","/themeInfo/addThemeInfo","/AttackType/getTop6AttackType"
+					,"/upload/themeImgUpload","/flat/guide/login","/themeInfo/addThemeInfo"
+					,"/AttackType/getTop6AttackType","/RiskType/getSysRiskType","/RiskType/getWebRiskType"
+					,"/RiskNews/getRiskNewsByInfo","/SystemRisk/analyzeSystemRisk"
 					).permitAll()			.anyRequest()
 			.authenticated()
 		.and()

spring-cloud/server-basic/src/main/java/com/jd/controller/RiskNewsController.java

@@ -47,7 +47,7 @@ public class RiskNewsController {
      * @return
      */
     @GetMapping("getRiskNewsByPage")
-    @ApiOperation(value = "分页查询攻击类型")
+    @ApiOperation(value = "分页查询漏洞情报")
     public Map<String, Object> getRiskNewsByPage(Integer page, Integer limit, String queryValue, String infoId) {
         if (Blank.isEmpty(page,limit)) {
             return SendUtil.send(false, ConstString.REQUEST_WRONGPARAMS);
@@ -61,6 +61,16 @@ public class RiskNewsController {
     }
 
     /**
+     * 查询漏洞情报方法
+     * @return
+     */
+    @GetMapping("getRiskNewsByInfo")
+    @ApiOperation(value = "查询漏洞情报")
+    Map<String, Object> getRiskNewsByInfo(){
+        return  riskNewsService.getRiskNewsByInfo();
+    }
+
+    /**
      * 插入攻击类型
      * @param request
      * @return

spring-cloud/server-basic/src/main/java/com/jd/controller/RiskTypeController.java

@@ -60,6 +60,18 @@ public class RiskTypeController {
         return riskTypeService.getRiskType(map);
     }
 
+    @GetMapping("getSysRiskType")
+    @ApiOperation(value = "查询系统漏洞类型")
+    public Map<String, Object> getSysRiskType(Integer count) {
+        return SendUtil.send(riskTypeService.getSysRiskType(count));
+    }
+
+    @GetMapping("getWebRiskType")
+    @ApiOperation(value = "分页Web查询漏洞类型")
+    public Map<String, Object> getWebRiskType(Integer count) {
+        return SendUtil.send(riskTypeService.getWebRiskType(count));
+    }
+
     /**
      * 插入漏洞类型
      * @param bugNum 漏洞个个数

spring-cloud/server-basic/src/main/java/com/jd/controller/SystemRiskController.java

@@ -58,6 +58,16 @@ public class SystemRiskController {
     }
 
     /**
+     *计算系统漏洞个数
+     * @return
+     */
+    @GetMapping("analyzeSystemRisk")
+    @ApiOperation(value = "计算系统漏洞个数")
+    Map<String, Object> analyzeSystemRisk(){
+        return systemRiskService.analyzeSystemRisk();
+    }
+
+    /**
      * 插入系统漏洞信息
      * @param sysName
      * @param highBug

spring-cloud/server-basic/src/main/java/com/jd/mapper/RiskNewsMapper.java

@@ -30,6 +30,12 @@ public interface RiskNewsMapper {
     List<Map<String, Object>> getRiskNews(Map<String, Object> param);
 
     /**
+     * 查询漏洞情报方法
+     * @return
+     */
+    List<Map<String, Object>> getRiskNewsByInfo(Integer infoId);
+
+    /**
      * 通过Type查询攻击类型数量
      * @return
      */

spring-cloud/server-basic/src/main/java/com/jd/mapper/RiskTypeMapper.java

@@ -25,6 +25,18 @@ public interface RiskTypeMapper {
     List<Map<String, Object>> getRiskType(Map<String, Object> param);
 
     /**
+     * 分页查询漏洞类型方法
+     * @return
+     */
+    List<Map<String, Object>> getSysRiskType(Integer count, Integer infoId);
+
+    /**
+     * 分页查询漏洞类型方法
+     * @return
+     */
+    List<Map<String, Object>> getWebRiskType(Integer count, Integer infoId);
+
+    /**
      * 根据漏洞类型判断录入个数
      * @param riskType
      * @return

spring-cloud/server-basic/src/main/java/com/jd/mapper/SystemRiskMapper.java

@@ -19,6 +19,12 @@ public interface SystemRiskMapper {
     Integer CountSystemRiskInfoBySys(SystemRiskInfo systemRiskInfo);
 
     Integer getCountSystemRiskInfo(Map<String, Object> param);
+
+    /**
+     * 根据安全月份查询系统漏洞情况
+     * @return
+     */
+    List<Map<String, Object>> getSystemRiskByInfoId(Integer infoId);
     /**
      * 分页查询系统漏洞信息方法
      * @return

spring-cloud/server-basic/src/main/java/com/jd/service/RiskNewsService.java

@@ -21,6 +21,12 @@ public interface RiskNewsService {
      */
     Map<String, Object> getRiskNews(Map<String, Object> param);
 
+    /**
+     * 查询漏洞情报方法
+     * @return
+     */
+    Map<String, Object> getRiskNewsByInfo();
+
 
     /**
      * 获取单条攻击类型

spring-cloud/server-basic/src/main/java/com/jd/service/RiskTypeService.java

@@ -26,6 +26,18 @@ public interface RiskTypeService {
     Map<String, Object> getRiskTypeById(Map<String, Object> param);
 
     /**
+     * 根据条数获取系统漏洞类型
+     * @return
+     */
+    Map<String, Object> getSysRiskType(Integer count);
+
+    /**
+     * 根据条数获取WEB漏洞类型
+     * @return
+     */
+    Map<String, Object> getWebRiskType(Integer count);
+
+    /**
      * 新增漏洞类型
      *  @return
      */

spring-cloud/server-basic/src/main/java/com/jd/service/SystemRiskService.java

@@ -20,6 +20,12 @@ public interface SystemRiskService {
     Map<String, Object> getSystemRiskInfo(Map<String, Object> param);
 
     /**
+     *
+     * @return
+     */
+    Map<String, Object> analyzeSystemRisk();
+
+    /**
      * 获取单条系统漏洞信息
      * @return
      */

spring-cloud/server-basic/src/main/java/com/jd/service/impl/AttackTypeServiceImpl.java

@@ -66,7 +66,6 @@ public class AttackTypeServiceImpl implements AttackTypeService {
 
     @Override
     public Map<String, Object> getTop6AttackType() {
-        // 准备参数
         //获取当前月份
         Date createTime = new Date();
         DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

spring-cloud/server-basic/src/main/java/com/jd/service/impl/RiskNewsServiceImpl.java

@@ -4,12 +4,16 @@ import com.jd.code.ConstString;
 import com.jd.entity.AttackType;
 import com.jd.entity.RiskNews;
 import com.jd.mapper.RiskNewsMapper;
+import com.jd.mapper.SafetyInfoMapper;
 import com.jd.service.RiskNewsService;
 import com.jd.util.Blank;
 import com.jd.util.SendUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Date;
 import java.util.List;
 import java.util.Map;
 
@@ -24,6 +28,9 @@ import java.util.Map;
 public class RiskNewsServiceImpl implements RiskNewsService {
 
     @Autowired
+    private SafetyInfoMapper safetyInfoMapper;
+
+    @Autowired
     private RiskNewsMapper riskNewsMapper;
 
     @Override
@@ -38,6 +45,25 @@ public class RiskNewsServiceImpl implements RiskNewsService {
         return SendUtil.layuiTable(count, list);
     }
 
+    @Override
+    public Map<String, Object> getRiskNewsByInfo() {
+        //获取当前月份
+        Date createTime = new Date();
+        DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+        String formatDate = dateFormat.format(createTime);
+        String Month = formatDate.substring(0, 7);
+        //获取当月对应的安全信息
+        Map<String, Object> safetyInfo = safetyInfoMapper.getSafetyInfoByMonth(Month);
+        Integer infoId = null;
+        try{
+            infoId = Integer.parseInt(safetyInfo.get("id").toString());
+        }catch (Exception e){
+            e.printStackTrace();
+            return SendUtil.send(false);
+        }
+        return SendUtil.send(riskNewsMapper.getRiskNewsByInfo(infoId));
+    }
+
 
     @Override
     public Map<String, Object> getRiskNewsById(Map<String, Object> param) {

spring-cloud/server-basic/src/main/java/com/jd/service/impl/RiskTypeServiceImpl.java

@@ -3,12 +3,16 @@ package com.jd.service.impl;
 import com.jd.code.ConstString;
 import com.jd.entity.RiskType;
 import com.jd.mapper.RiskTypeMapper;
+import com.jd.mapper.SafetyInfoMapper;
 import com.jd.service.RiskTypeService;
 import com.jd.util.Blank;
 import com.jd.util.SendUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Date;
 import java.util.List;
 import java.util.Map;
 
@@ -22,6 +26,9 @@ import java.util.Map;
 @Service("RiskTypeServiceImpl")
 public class RiskTypeServiceImpl implements RiskTypeService {
     @Autowired
+    private SafetyInfoMapper safetyInfoMapper;
+
+    @Autowired
     private RiskTypeMapper riskTypeMapper;
 
     @Override
@@ -42,6 +49,48 @@ public class RiskTypeServiceImpl implements RiskTypeService {
     }
 
     @Override
+    public Map<String, Object> getSysRiskType(Integer count) {
+        //获取当前月份
+        Date createTime = new Date();
+        DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+        String formatDate = dateFormat.format(createTime);
+        String Month = formatDate.substring(0, 7);
+        //获取当月对应的安全信息
+        Map<String, Object> safetyInfo = safetyInfoMapper.getSafetyInfoByMonth(Month);
+        Integer infoId = null;
+        try{
+            infoId = Integer.parseInt(safetyInfo.get("id").toString());
+        }catch (Exception e){
+            e.printStackTrace();
+            return SendUtil.send(false);
+        }
+        //根据安全信息查询前几条漏洞类型
+        List<Map<String, Object>> result = riskTypeMapper.getSysRiskType(count, infoId);
+        return  SendUtil.send(result);
+    }
+
+    @Override
+    public Map<String, Object> getWebRiskType(Integer count) {
+        //获取当前月份
+        Date createTime = new Date();
+        DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+        String formatDate = dateFormat.format(createTime);
+        String Month = formatDate.substring(0, 7);
+        //获取当月对应的安全信息
+        Map<String, Object> safetyInfo = safetyInfoMapper.getSafetyInfoByMonth(Month);
+        Integer infoId = null;
+        try{
+            infoId = Integer.parseInt(safetyInfo.get("id").toString());
+        }catch (Exception e){
+            e.printStackTrace();
+            return SendUtil.send(false);
+        }
+        //根据安全信息查询前几条漏洞类型
+        List<Map<String, Object>> result = riskTypeMapper.getWebRiskType(count, infoId);
+        return  SendUtil.send(result);
+    }
+
+    @Override
     public Map<String, Object> insertRiskType(RiskType riskType) {
         //判断当月之能输入一个相同的漏洞类型
         if(riskTypeMapper.countRiskTypeByType(riskType) > 0){

spring-cloud/server-basic/src/main/java/com/jd/service/impl/SystemRiskServiceImpl.java

@@ -2,6 +2,7 @@ package com.jd.service.impl;
 
 import com.jd.code.ConstString;
 import com.jd.entity.SystemRiskInfo;
+import com.jd.mapper.SafetyInfoMapper;
 import com.jd.mapper.SystemRiskMapper;
 import com.jd.service.SystemRiskService;
 import com.jd.util.Blank;
@@ -9,6 +10,10 @@ import com.jd.util.SendUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
@@ -22,6 +27,9 @@ import java.util.Map;
 @Service("SystemRiskServiceImpl")
 public class SystemRiskServiceImpl implements SystemRiskService {
     @Autowired
+    private SafetyInfoMapper safetyInfoMapper;
+
+    @Autowired
     private SystemRiskMapper systemRiskMapper;
 
     @Override
@@ -35,6 +43,64 @@ public class SystemRiskServiceImpl implements SystemRiskService {
     }
 
     @Override
+    public Map<String, Object> analyzeSystemRisk() {
+        //获取当前月份
+        Date createTime = new Date();
+        DateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
+        String formatDate = dateFormat.format(createTime);
+        String Month = formatDate.substring(0, 7);
+        //获取当月对应的安全信息
+        Map<String, Object> safetyInfo = safetyInfoMapper.getSafetyInfoByMonth(Month);
+        Integer infoId = null;
+        try{
+            infoId = Integer.parseInt(safetyInfo.get("id").toString());
+        }catch (Exception e){
+            e.printStackTrace();
+            return SendUtil.send(false);
+        }
+        //准备返回参数
+        //高危漏洞数
+        Integer countHighRisk = 0;
+        //中危漏洞数
+        Integer countMiddleRisk = 0;
+        //局机关高危漏洞数
+        Integer countOfficeHighRisk = 0;
+        //局机关中危漏洞数
+        Integer countOfficeMiddleRisk = 0;
+        //直属单位高危漏洞数
+        Integer countCompanyHighRisk = 0;
+        //直属单位中危漏洞数
+        Integer countCompanyMiddleRisk = 0;
+
+        //获取漏洞数据
+        List<Map<String, Object>> riskList = systemRiskMapper.getSystemRiskByInfoId(infoId);
+        for (Map<String, Object> map : riskList) {
+            Integer highRisk = Integer.parseInt(map.get("high_risk_number").toString());
+            Integer middleRisk = Integer.parseInt(map.get("middle_risk_number").toString());
+            Integer office = Integer.parseInt(map.get("office").toString());
+            if(office == 1){
+                countOfficeHighRisk += highRisk;
+                countOfficeMiddleRisk += middleRisk;
+            }else{
+                countCompanyHighRisk += highRisk;
+                countCompanyMiddleRisk += middleRisk;
+            }
+            countHighRisk += highRisk;
+            countMiddleRisk += middleRisk;
+        }
+        //封装返回参数
+        Map<String, Object> returnMap = new HashMap<>();
+        returnMap.put("countHighRisk", countHighRisk);
+        returnMap.put("countMiddleRisk", countMiddleRisk);
+        returnMap.put("countOfficeHighRisk", countOfficeHighRisk);
+        returnMap.put("countOfficeMiddleRisk", countOfficeMiddleRisk);
+        returnMap.put("countCompanyHighRisk", countCompanyHighRisk);
+        returnMap.put("countCompanyMiddleRisk", countCompanyMiddleRisk);
+
+        return SendUtil.send(returnMap);
+    }
+
+    @Override
     public Map<String, Object> getSystemRiskInfoById(Map<String, Object> param) {
         return systemRiskMapper.getSystemRiskInfoById(param);
     }

spring-cloud/server-basic/src/main/resources/mapper/RiskNewsMapper.xml

@@ -24,6 +24,20 @@
         LIMIT #{startRows}, #{limit}
     </select>
 
+    <!-- 分页查询攻击类型 -->
+    <select id="getRiskNewsByInfo" resultType="map" parameterType="map">
+        SELECT
+            id,
+            info_id,
+            risk_news_name,
+            risk_news_num,
+            create_time,
+            update_time
+        FROM
+            risk_news
+        WHERE info_id = #{infoId}
+    </select>
+
     <!-- 查询攻击类型 -->
     <select id="getRiskNewsById" resultType="map" parameterType="map">
         SELECT

spring-cloud/server-basic/src/main/resources/mapper/RiskTypeMapper.xml

@@ -36,6 +36,40 @@
         LIMIT #{startRows}, #{limit}
     </select>
 
+    <!-- 查询系统漏洞类型 -->
+    <select id="getSysRiskType" resultType="map" parameterType="map">
+        SELECT
+        id,
+        info_id,
+        risk_classify,
+        risk_type,
+        risk_number,
+        create_time,
+        update_time
+        FROM
+        risk_type
+        WHERE info_id = #{infoId}
+        ORDER BY risk_number DESC
+        LIMIT #{count}
+    </select>
+
+    <!-- 查询系统漏洞类型 -->
+    <select id="getWebRiskType" resultType="map" parameterType="map">
+        SELECT
+        id,
+        info_id,
+        risk_classify,
+        risk_type,
+        risk_number,
+        create_time,
+        update_time
+        FROM
+        risk_type
+        WHERE info_id = #{infoId}
+        ORDER BY risk_number DESC
+        LIMIT #{count}
+    </select>
+
     <select id="countRiskTypeByType" resultType="Integer" parameterType="map">
         SELECT count(*) FROM
         risk_type

spring-cloud/server-basic/src/main/resources/mapper/SystemRiskMapper.xml

@@ -16,6 +16,22 @@
         </where>
     </select>
 
+    <select id="getSystemRiskByInfoId" resultType="map" parameterType="map">
+        SELECT
+               id,
+               info_id,
+               office,
+               system_name,
+               high_risk_number,
+               middle_risk_number,
+               safety_status,
+               create_time,
+               update_time
+        FROM
+            system_risk
+        WHERE info_id = #{infoId}
+    </select>
+
     <select id="getCountSystemRiskInfo" resultType="Integer" parameterType="map">
         SELECT COUNT(*) FROM
             system_risk