Yeh

2025-11-15 10:51:58 +11:00
parent d9701e4af6
commit 90823a1389
10 changed files with 425 additions and 84 deletions
--- a/app/services/waf_policy_matcher.rb
+++ b/app/services/waf_policy_matcher.rb
@@ -30,17 +30,19 @@ class WafPolicyMatcher
      policy.matches_event?(event)
    end

-    # Sort by priority: country > asn > company > network_type, then by creation date
+    # Sort by priority: path_pattern > country > asn > company > network_type, then by creation date
    @matching_policies.sort_by do |policy|
      priority_score = case policy.policy_type
+                      when 'path_pattern'
+                        1  # Highest priority for path-specific rules
                      when 'country'
-                        1
-                      when 'asn'
                        2
-                      when 'company'
+                      when 'asn'
                        3
-                      when 'network_type'
+                      when 'company'
                        4
+                      when 'network_type'
+                        5
                      else
                        99
                      end
@@ -54,22 +56,21 @@ class WafPolicyMatcher
    return [] if matching_policies.empty?

    @generated_rules = matching_policies.map do |policy|
-      # Check if rule already exists for this network range and policy
-      existing_rule = Rule.find_by(
-        network_range: network_range,
-        waf_policy: policy,
-        enabled: true
-      )
+      # Use the policy's event-based rule creation method
+      rule = policy.create_rule_for_event(event)

-      if existing_rule
-        Rails.logger.debug "Rule already exists for network_range #{network_range.cidr} and policy #{policy.name}"
-        existing_rule
-      else
-        rule = policy.create_rule_for_network_range(network_range)
-        if rule
-          Rails.logger.info "Generated rule for network_range #{network_range.cidr} from policy #{policy.name}"
+      if rule
+        if rule.persisted?
+          Rails.logger.info "Generated rule for event #{event.id} from policy #{policy.name}"
+          rule
+        else
+          # Rule creation failed validation
+          Rails.logger.warn "Failed to create rule for event #{event.id}: #{rule.errors.full_messages.join(', ')}"
+          nil
        end
-        rule
+      else
+        # Policy didn't match or returned nil (e.g., supernet already exists)
+        nil
      end
    end.compact
  end