feat: 新增补丁管理和异常检测插件及相关功能

feat(protocol): 添加补丁管理和行为指标协议类型 feat(client): 实现补丁管理插件采集功能 feat(server): 添加补丁管理和异常检测API feat(database): 新增补丁状态和异常检测相关表 feat(web): 添加补丁管理和异常检测前端页面 fix(security): 增强输入验证和防注入保护 refactor(auth): 重构认证检查逻辑 perf(service): 优化Windows服务恢复策略 style: 统一健康评分显示样式 docs: 更新知识库文档
2026-04-11 15:59:53 +08:00
parent b5333d8c93
commit 60ee38a3c2
49 changed files with 3988 additions and 461 deletions
--- a/crates/protocol/src/lib.rs
+++ b/crates/protocol/src/lib.rs
@@ -29,4 +29,6 @@ pub use message::{
    PrintEventPayload,
    ClipboardRulesPayload, ClipboardRule, ClipboardViolationPayload,
    PopupBlockStatsPayload, PopupRuleStat,
+    PatchStatusPayload, PatchEntry, PatchScanConfigPayload,
+    BehaviorMetricsPayload,
 };
--- a/crates/protocol/src/message.rs
+++ b/crates/protocol/src/message.rs
@@ -71,6 +71,14 @@ pub enum MessageType {
    // Plugin: Clipboard Control (剪贴板管控)
    ClipboardRules = 0x94,
    ClipboardViolation = 0x95,
+
+    // Plugin: Patch Management (补丁管理)
+    PatchStatusReport = 0xA0,
+    PatchScanConfig = 0xA1,
+    PatchInstallCommand = 0xA2,
+
+    // Plugin: Behavior Metrics (行为指标)
+    BehaviorMetricsReport = 0xB0,
 }

 impl TryFrom<u8> for MessageType {
@@ -108,6 +116,10 @@ impl TryFrom<u8> for MessageType {
            0x91 => Ok(Self::PrintEvent),
            0x94 => Ok(Self::ClipboardRules),
            0x95 => Ok(Self::ClipboardViolation),
+            0xA0 => Ok(Self::PatchStatusReport),
+            0xA1 => Ok(Self::PatchScanConfig),
+            0xA2 => Ok(Self::PatchInstallCommand),
+            0xB0 => Ok(Self::BehaviorMetricsReport),
            _ => Err(format!("Unknown message type: 0x{:02X}", value)),
        }
    }
@@ -264,7 +276,7 @@ pub struct TaskExecutePayload {
 #[derive(Debug, Serialize, Deserialize)]
 pub enum ConfigUpdateType {
    UpdateIntervals { heartbeat: u64, status: u64, asset: u64 },
-    TlsCertRotate,
+    TlsCertRotate { new_cert_hash: String, valid_until: String },
    SelfDestruct,
 }

@@ -442,6 +454,44 @@ pub struct PopupRuleStat {
    pub hits: u32,
 }

+/// Plugin: Patch Status Report (Client → Server)
+#[derive(Debug, Serialize, Deserialize)]
+pub struct PatchStatusPayload {
+    pub device_uid: String,
+    pub patches: Vec<PatchEntry>,
+}
+
+/// Information about a single patch/hotfix.
+#[derive(Debug, Serialize, Deserialize)]
+pub struct PatchEntry {
+    pub kb_id: String,
+    pub title: String,
+    pub severity: Option<String>,  // "Critical" | "Important" | "Moderate" | "Low"
+    pub is_installed: bool,
+    pub installed_at: Option<String>,
+}
+
+/// Plugin: Patch Scan Config (Server → Client)
+#[derive(Debug, Serialize, Deserialize, Clone)]
+pub struct PatchScanConfigPayload {
+    pub enabled: bool,
+    pub scan_interval_secs: u64,
+}
+
+/// Plugin: Behavior Metrics Report (Client → Server)
+/// Enhanced periodic metrics for anomaly detection.
+#[derive(Debug, Serialize, Deserialize)]
+pub struct BehaviorMetricsPayload {
+    pub device_uid: String,
+    pub clipboard_ops_count: u32,
+    pub clipboard_ops_night: u32,
+    pub print_jobs_count: u32,
+    pub usb_file_ops_count: u32,
+    pub new_processes_count: u32,
+    pub period_secs: u64,
+    pub timestamp: String,
+}
+
 #[cfg(test)]
 mod tests {
    use super::*;