type => 'boolean',
optional => 1,
},
+ 'what-and' => {
+ description => "Flag to 'and' combine WHAT group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'what-invert' => {
+ description => "Flag to invert WHAT group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'when-and' => {
+ description => "Flag to 'and' combine WHEN group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'when-invert' => {
+ description => "Flag to invert WHEN group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'from-and' => {
+ description => "Flag to 'and' combine FROM group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'from-invert' => {
+ description => "Flag to invert FROM group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'to-and' => {
+ description => "Flag to 'and' combine TO group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
+ 'to-invert' => {
+ description => "Flag to invert TO group matches.",
+ type => 'boolean',
+ default => 0,
+ optional => 1,
+ },
};
sub get_rule_params {
my $rule = $rdb->load_rule($id);
- for my $key (qw(name active direction priority)) {
+ my $keys = ["name", "priority"];
+ push $keys->@*, keys get_rule_params()->%*;
+
+ for my $key ($keys->@*) {
$rule->{$key} = $param->{$key} if defined($param->{$key});
}
__EOD
+my $rule_attributes_cmd = <<__EOD;
+ CREATE TABLE Rule_Attributes (
+ Rule_ID INTEGER NOT NULL,
+ Name VARCHAR(20) NOT NULL,
+ Value BYTEA NULL,
+ PRIMARY KEY (Rule_ID, Name)
+ );
+
+ CREATE INDEX Rule_Attributes_Rule_ID_Index ON Rule_Attributes(Rule_ID);
+
+__EOD
+
my $object_group_attributes_cmd = <<__EOD;
CREATE TABLE Objectgroup_Attributes (
Objectgroup_ID INTEGER NOT NULL,
$virusinfo_stat_ctablecmd;
+ $rule_attributes_cmd;
+
$object_group_attributes_cmd;
EOD
);
'CStatistic', $cstatistic_ctablecmd,
'ClusterInfo', $clusterinfo_ctablecmd,
'VirusInfo', $virusinfo_stat_ctablecmd,
+ 'Rule_Attributes', $rule_attributes_cmd,
'Objectgroup_Attributes', $object_group_attributes_cmd,
};
$dbh->do(
"DELETE FROM Rule;"
." DELETE FROM RuleGroup;"
+ ." DELETE FROM Rule_Attributes;"
." DELETE FROM Objectgroup_Attributes;"
." DELETE FROM Attribut WHERE Object_ID NOT IN ($glids);"
." DELETE FROM Object WHERE ID NOT IN ($glids);"
return 1;
}
+sub update_rule_attributes {
+ my ($self, $rule) = @_;
+
+ my $types = [qw(what when from to)];
+ my $attributes = [qw(and invert)];
+
+ for my $type ($types->@*) {
+ for my $attribute ($attributes->@*) {
+ my $prop = "$type-$attribute";
+
+ # only save the values if they're set to 1
+ if ($rule->{$prop}) {
+ $self->{dbh}->do(
+ "INSERT INTO Rule_Attributes (Rule_ID, Name, Value) " .
+ "VALUES (?, ?, ?) ".
+ "ON CONFLICT (Rule_ID, Name) DO UPDATE SET Value = ?", undef,
+ $rule->{id}, $prop, $rule->{$prop}, $rule->{$prop},
+ );
+ } else {
+ $self->{dbh}->do(
+ "DELETE FROM Rule_Attributes " .
+ "WHERE Rule_ID = ? AND Name = ?", undef,
+ $rule->{id}, $prop,
+ );
+ }
+ }
+ }
+}
+
sub save_rule {
my ($self, $rule) = @_;
my $rulename = encode('UTF-8', $rule->{name});
if (defined($rule->{id})) {
+ $self->{dbh}->begin_work;
+
+ eval {
+ $self->{dbh}->do(
+ "UPDATE Rule " .
+ "SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
+ "WHERE ID = ?", undef,
+ $rulename, $rule->{priority}, $rule->{active},
+ $rule->{direction}, $rule->{id});
- $self->{dbh}->do(
- "UPDATE Rule " .
- "SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
- "WHERE ID = ?", undef,
- $rulename, $rule->{priority}, $rule->{active},
- $rule->{direction}, $rule->{id});
+ $self->update_rule_attributes($rule);
- return $rule->{id};
+ $self->{dbh}->commit;
+ };
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
} else {
- my $sth = $self->{dbh}->prepare(
- "INSERT INTO Rule (Name, Priority, Active, Direction) " .
- "VALUES (?, ?, ?, ?);");
+ $self->{dbh}->begin_work;
+
+ eval {
+ my $sth = $self->{dbh}->prepare(
+ "INSERT INTO Rule (Name, Priority, Active, Direction) " .
+ "VALUES (?, ?, ?, ?);");
+
+ $sth->execute($rulename, $rule->priority, $rule->active,
+ $rule->direction);
+
+
+ $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
- $sth->execute($rulename, $rule->priority, $rule->active,
- $rule->direction);
+ $self->update_rule_attributes($rule);
- return $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
+ $self->{dbh}->commit;
+ };
+
+ if (my $err = $@) {
+ $self->{dbh}->rollback;
+ syslog('err', $err);
+ return undef;
+ }
}
- return undef;
+ return $rule->{id};
}
sub delete_rule {
"WHERE ID = ?", undef, $ruleid);
$self->{dbh}->do("DELETE FROM RuleGroup " .
"WHERE Rule_ID = ?", undef, $ruleid);
+ $self->{dbh}->do("DELETE FROM Rule_Attributes " .
+ "WHERE Rule_ID = ?", undef, $ruleid);
$self->{dbh}->commit;
};
return 1;
}
+sub load_rule_attributes {
+ my ($self, $rule) = @_;
+
+ my $types = [qw(what when from to)];
+ my $attributes = [qw(and invert)];
+
+ my $attribute_sth = $self->{dbh}->prepare("SELECT * FROM Rule_Attributes WHERE Rule_ID = ?");
+ $attribute_sth->execute($rule->{id});
+
+ while (my $ref = $attribute_sth->fetchrow_hashref()) {
+ if ($ref->{name} =~ m/^((?:what|when|from|to)-(?:and|invert))$/) {
+ my $prop = $1;
+ $rule->{$prop} = $ref->{value};
+ }
+ }
+}
+
sub load_rule {
my ($self, $id) = @_;
defined($id) || die "undefined id: ERROR";
- my $sth = $self->{dbh}->prepare(
- "SELECT * FROM Rule where id = ? ORDER BY Priority DESC");
+ $self->{dbh}->begin_work;
- my $rules = ();
+ my $rule;
+
+ eval {
+ my $sth = $self->{dbh}->prepare(
+ "SELECT * FROM Rule where id = ? ORDER BY Priority DESC");
- $sth->execute($id);
+ $sth->execute($id);
- my $ref = $sth->fetchrow_hashref();
- die "rule '$id' does not exist\n" if !defined($ref);
+ my $ref = $sth->fetchrow_hashref();
+ die "rule '$id' does not exist\n" if !defined($ref);
+
+ $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
+ $ref->{active}, $ref->{direction});
+ $rule->{id} = $ref->{id};
+
+ $self->load_rule_attributes($rule);
+ };
+ my $err = $@;
+
+ $self->{dbh}->rollback; # finish transaction
- my $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
- $ref->{active}, $ref->{direction});
- $rule->{id} = $ref->{id};
+ die $err if $err;
return $rule;
}