chore: 继续完善审计日志

This commit is contained in:
xiaojunnuo
2026-07-13 00:53:19 +08:00
parent bfb3ee4c43
commit 947fe729cb
59 changed files with 420 additions and 581 deletions
+9
View File
@@ -212,6 +212,15 @@ Certd 是可私有化部署的 SSL/TLS 证书自动化管理平台,提供 Web
## 注意事项
### 换行符(LF / CRLF
- 本项目源码使用 **LF** 换行符。Windows 上通过 Python 写文件时,open(path, "w", encoding="utf-8") 默认使用 **CRLF**,会破坏文件格式。
- **修复方案**:写文件时用 open(path, "w", encoding="utf-8", newline="\n") 明确指定 LF。
- 如果已经写入 CRLF,用以下 PowerShell 修复:
`powershell
git add --renormalize . && git commit -m "fix line endings"
`
### 旧版数据兼容
- 新增插件参数时,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default``custom`,需要在使用时判空,走旧版逻辑。
@@ -14,7 +14,6 @@ describe("AuditLogContext type", () => {
append: ["ID:5"],
content: "删除了流水线(ID:5)",
projectId: 3,
projectName: "默认项目",
enabled: true,
};
+24 -2
View File
@@ -12,11 +12,33 @@ export type AuditLogContext = {
append?: string | string[];
content?: string;
projectId?: number;
projectName?: string;
enabled?: boolean;
allowAnonymous?: boolean;
scope?: string;
userId?: number;
username?: string;
success?: boolean;
};
/** 审计日志方法的参数类型 */
export type AuditLogParam = {
type?: string;
action?: string;
content?: string;
append?: string | string[];
projectId?: number;
userId?: number;
username?: string;
};
/** AuditService.log() 参数类型 */
export type AuditLogWriteParam = {
userId: number;
type: string;
action: string;
content: string;
username?: string;
projectId?: number;
ipAddress?: string;
scope?: string;
success?: boolean;
};
@@ -3,7 +3,7 @@ import type { IMidwayContainer } from "@midwayjs/core";
import * as koa from "@midwayjs/koa";
import { Constants } from "./constants.js";
import { isEnterprise } from "./mode.js";
import type { AuditLogContext } from "./audit.js";
import type { AuditLogContext, AuditLogParam } from "./audit.js";
export abstract class BaseController {
@Inject()
@@ -133,7 +133,7 @@ export abstract class BaseController {
return "unknown";
}
auditLog(bean: { type?: string; action?: string; content?: string; append?: string | string[]; projectId?: number; userId?: number; username?: string } = {}) {
auditLog(bean: AuditLogParam = {}) {
const auditLog = this.ensureAuditLogContext();
auditLog.enabled = true;
if (bean.userId != null) {
@@ -1,12 +1,19 @@
import { createRequestParamDecorator } from "@midwayjs/core";
export const AuditLog = (opts: { enabled?: boolean }) => {
export const AuditLog = (opts: { type?: string; action?: string; content?: string; enabled?: boolean } = {}) => {
return createRequestParamDecorator(ctx => {
if (!ctx.auditLog) {
ctx.auditLog = {};
}
if (opts.enabled !== undefined) {
ctx.auditLog.enabled = opts.enabled || true;
ctx.auditLog.enabled = opts.enabled !== false;
if (opts.type != null) {
ctx.auditLog.type = opts.type;
}
if (opts.action != null) {
ctx.auditLog.action = opts.action;
}
if (opts.content != null) {
ctx.auditLog.content = opts.content;
}
return ctx.auditLog;
});
@@ -413,8 +413,8 @@ export const sysResources = [
{
title: "certd.sysResources.auditLog",
name: "SysAuditLog",
path: "/sys/audit",
component: "/sys/audit/index.vue",
path: "/sys/enterprise/audit",
component: "/sys/enterprise/audit/index.vue",
meta: {
icon: "ion:document-text-outline",
keepAlive: true,
@@ -1,4 +1,4 @@
import { CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, UserPageQuery, UserPageRes, dict } from "@fast-crud/fast-crud";
import { ColumnProps, DataFormatterContext, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, UserPageQuery, UserPageRes, dict } from "@fast-crud/fast-crud";
import { useI18n } from "/src/locales";
import { useDicts } from "../dicts";
@@ -12,16 +12,6 @@ const typeDict = dict({
},
});
const actionDict = dict({
url: "/pi/audit/dict",
getData: async () => {
const { createAuditApi } = await import("./api");
const api = createAuditApi();
const res = await api.GetDict();
return res.actions || [];
},
});
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
const { t } = useI18n();
const { myProjectDict } = useDicts();
@@ -37,6 +27,22 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
return {
crudOptions: {
request: { pageRequest, delRequest },
toolbar: {
buttons: {
export: { show: true },
},
export: {
dataFrom: "search",
columnFilter: (col: ColumnProps) => col.show === true,
dataFormatter: (opts: DataFormatterContext) => {
const { row, originalRow, col } = opts;
const key = col.key;
if (key === "createTime" && originalRow[key]) {
row[key] = new Date(originalRow[key]).toLocaleString();
}
},
},
},
actionbar: {
buttons: {
add: { show: false },
@@ -86,6 +92,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
column: { width: 200, tooltip: true },
form: { show: false },
},
success: {
title: "结果",
type: "dict-switch",
dict: dict({
data: [
{ value: true, label: "成功", color: "success" },
{ value: false, label: "失败", color: "error" },
],
}),
column: { width: 100, align: "center" },
form: { show: false },
search: { show: true },
},
content: {
title: "备注",
type: "text",
@@ -127,6 +127,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
column: { width: 200, tooltip: true },
form: { show: false },
},
success: {
title: "结果",
type: "dict-switch",
dict: dict({
data: [
{ value: true, label: "成功", color: "success" },
{ value: false, label: "失败", color: "error" },
],
}),
column: { width: 100, align: "center" },
form: { show: false },
search: { show: true },
},
content: {
title: "备注",
type: "text",
@@ -1,75 +1,35 @@
import { request } from "/src/api/service";
const apiPrefix = "/sys/project/provider";
const apiPrefix = "/sys/audit";
export async function GetList(query: any) {
return await request({
url: apiPrefix + "/page",
method: "post",
data: query,
});
}
export async function AddObj(obj: any) {
return await request({
url: apiPrefix + "/add",
method: "post",
data: obj,
});
}
export async function UpdateObj(obj: any) {
return await request({
url: apiPrefix + "/update",
method: "post",
data: obj,
});
}
export async function DelObj(id: any) {
return await request({
url: apiPrefix + "/delete",
method: "post",
params: { id },
});
}
export async function GetObj(id: any) {
return await request({
url: apiPrefix + "/info",
method: "post",
params: { id },
});
}
export async function GetDetail(id: any) {
return await request({
url: apiPrefix + "/detail",
method: "post",
params: { id },
});
}
export async function DeleteBatch(ids: any[]) {
return await request({
url: apiPrefix + "/deleteByIds",
method: "post",
data: { ids },
});
}
export async function SetDefault(id: any) {
return await request({
url: apiPrefix + "/setDefault",
method: "post",
data: { id },
});
}
export async function SetDisabled(id: any, disabled: boolean) {
return await request({
url: apiPrefix + "/setDisabled",
method: "post",
data: { id, disabled },
});
export function createSysAuditApi() {
return {
async GetList(query: any) {
return await request({
url: apiPrefix + "/page",
method: "post",
data: query,
});
},
async DelObj(id: number) {
return await request({
url: apiPrefix + "/delete",
method: "post",
params: { id },
});
},
async Clean(retentionDays: number) {
return await request({
url: apiPrefix + "/clean",
method: "post",
data: { retentionDays },
});
},
async GetDict() {
return await request({
url: apiPrefix + "/dict",
method: "post",
});
},
};
}
@@ -1,252 +1,194 @@
import * as api from "./api";
import { useI18n } from "/src/locales";
import { computed, Ref, ref } from "vue";
import { useRouter } from "vue-router";
import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
import { useUserStore } from "/@/store/user";
import { useSettingStore } from "/@/store/settings";
import { ColumnProps, DataFormatterContext, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, UserPageQuery, UserPageRes, dict } from "@fast-crud/fast-crud";
import { Modal } from "ant-design-vue";
import { useI18n } from "/src/locales";
import { useDicts } from "/@/views/certd/dicts";
const typeDict = dict({
url: "/sys/audit/dict",
getData: async () => {
const { createSysAuditApi } = await import("./api");
const api = createSysAuditApi();
const res = await api.GetDict();
return res.types || [];
},
});
const actionDict = dict({
url: "/sys/audit/dict",
getData: async () => {
const { createSysAuditApi } = await import("./api");
const api = createSysAuditApi();
const res = await api.GetDict();
return res.actions || [];
},
});
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
const router = useRouter();
const { t } = useI18n();
const { myProjectDict } = useDicts();
const api = context.api;
const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
return await api.GetList(query);
};
const editRequest = async ({ form, row }: EditReq) => {
form.id = row.id;
const res = await api.UpdateObj(form);
return res;
};
const delRequest = async ({ row }: DelReq) => {
return await api.DelObj(row.id);
const delRequest = async (req: DelReq) => {
return await api.DelObj(req.row.id);
};
const addRequest = async ({ form }: AddReq) => {
const res = await api.AddObj(form);
return res;
const cleanExpired = async () => {
Modal.confirm({
title: "确认清理",
content: "确定要清理90天前的审计日志吗?此操作不可撤销。",
okText: "确认清理",
okType: "danger",
cancelText: "取消",
async onOk() {
await api.Clean(90);
crudExpose.doRefresh();
},
});
};
const userStore = useUserStore();
const settingStore = useSettingStore();
const selectedRowKeys: Ref<any[]> = ref([]);
context.selectedRowKeys = selectedRowKeys;
return {
crudOptions: {
settings: {
plugins: {
//这里使用行选择插件,生成行选择crudOptions配置,最终会与crudOptions合并
rowSelection: {
enabled: true,
order: -2,
before: true,
// handle: (pluginProps,useCrudProps)=>CrudOptions,
props: {
multiple: true,
crossPage: true,
selectedRowKeys,
},
request: { pageRequest, delRequest },
tabs: {
name: "scope",
show: true,
dict: {
data: [
{ value: "system", label: "系统级", color: "red" },
{ value: "user", label: "用户级", color: "blue" },
],
},
},
toolbar: {
buttons: {
export: { show: true },
},
export: {
dataFrom: "search",
columnFilter: (col: ColumnProps) => col.show === true,
dataFormatter: (opts: DataFormatterContext) => {
const { row, originalRow, col } = opts;
const key = col.key;
if (key === "createTime" && originalRow[key]) {
row[key] = new Date(originalRow[key]).toLocaleString();
}
},
},
},
request: {
pageRequest,
addRequest,
editRequest,
delRequest,
actionbar: {
buttons: {
add: { show: false },
clean: {
text: "清理过期日志(90天)",
type: "primary",
danger: true,
click: cleanExpired,
},
},
},
rowHandle: {
minWidth: 200,
width: 120,
fixed: "right",
buttons: {
view: { show: false },
edit: { show: false },
remove: { show: true },
copy: { show: false },
},
},
search: {
initialForm: { scope: "system" },
},
columns: {
id: {
title: "ID",
key: "id",
type: "number",
column: {
width: 100,
},
form: {
show: false,
},
},
domain: {
title: t("certd.cnameDomain"),
type: "text",
editForm: {
component: {
disabled: true,
},
},
search: {
show: true,
},
form: {
component: {
placeholder: t("certd.cnameDomainPlaceholder"),
},
helper: t("certd.cnameDomainHelper"),
rules: [
{ required: true, message: t("certd.requiredField") },
{ pattern: /^[^*]+$/, message: t("certd.cnameDomainPattern") },
],
},
column: {
width: 200,
},
},
dnsProviderType: {
title: t("certd.dnsProvider"),
type: "dict-select",
search: {
show: true,
},
dict: dict({
url: "pi/dnsProvider/list",
value: "key",
label: "title",
}),
form: {
rules: [{ required: true, message: t("certd.requiredField") }],
},
column: {
width: 150,
component: {
color: "auto",
},
},
},
accessId: {
title: t("certd.dnsProviderAuthorization"),
type: "dict-select",
dict: dict({
url: "/pi/access/list",
value: "id",
label: "name",
}),
form: {
component: {
name: "access-selector",
vModel: "modelValue",
type: compute(({ form }) => {
return form.dnsProviderType;
}),
},
rules: [{ required: true, message: t("certd.requiredField") }],
},
column: {
width: 150,
component: {
color: "auto",
},
},
},
isDefault: {
title: t("certd.isDefault"),
type: "dict-switch",
dict: dict({
data: [
{ label: t("certd.yes"), value: true, color: "success" },
{ label: t("certd.no"), value: false, color: "default" },
],
}),
form: {
value: false,
rules: [{ required: true, message: t("certd.selectIsDefault") }],
},
column: {
align: "center",
width: 100,
},
},
setDefault: {
title: t("certd.setDefault"),
type: "text",
form: {
show: false,
},
column: {
width: 100,
align: "center",
conditionalRenderDisabled: true,
cellRender: ({ row }) => {
if (row.isDefault) {
return;
}
const onClick = async () => {
Modal.confirm({
title: t("certd.prompt"),
content: t("certd.confirmSetDefault"),
onOk: async () => {
await api.SetDefault(row.id);
await crudExpose.doRefresh();
},
});
};
return (
<a-button type={"link"} size={"small"} onClick={onClick}>
{t("certd.setAsDefault")}
</a-button>
);
},
},
},
disabled: {
title: t("certd.disabled"),
type: "dict-switch",
dict: dict({
data: [
{ label: t("certd.enabled"), value: false, color: "success" },
{ label: t("certd.disabledLabel"), value: true, color: "error" },
],
}),
form: {
value: false,
},
column: {
width: 100,
component: {
title: t("certd.clickToToggle"),
on: {
async click({ value, row }) {
Modal.confirm({
title: t("certd.prompt"),
content: t("certd.confirmToggleStatus", { action: !value ? t("certd.disable") : t("certd.enable") }),
onOk: async () => {
await api.SetDisabled(row.id, !value);
await crudExpose.doRefresh();
},
});
},
},
},
},
column: { width: 80 },
form: { show: false },
},
createTime: {
title: t("certd.createTime"),
title: "操作时间",
type: "datetime",
search: {
show: true,
component: {
name: "a-range-picker",
},
},
column: { width: 170, sorter: true },
form: { show: false },
},
username: {
title: "操作人",
type: "text",
search: { show: true },
column: { width: 120 },
form: { show: false },
},
type: {
title: "类型",
type: "dict-select",
dict: typeDict,
search: { show: true },
column: { width: 120 },
form: { show: false },
},
action: {
title: "操作",
type: "text",
search: { show: true },
column: { width: 200, tooltip: true },
form: { show: false },
},
success: {
title: "结果",
type: "dict-switch",
dict: dict({
data: [
{ value: true, label: "成功", color: "success" },
{ value: false, label: "失败", color: "error" },
],
}),
column: { width: 100, align: "center" },
form: { show: false },
search: { show: true },
},
content: {
title: "备注",
type: "text",
search: { show: true },
column: { width: 500, tooltip: true },
form: { show: false },
},
ipAddress: {
title: "IP地址",
type: "text",
column: { width: 140 },
form: { show: false },
},
projectId: {
title: t("certd.fields.projectName"),
type: "dict-select",
dict: myProjectDict,
form: {
show: false,
},
column: {
sorter: true,
width: 160,
align: "center",
},
},
updateTime: {
title: t("certd.updateTime"),
type: "datetime",
form: {
show: false,
},
column: {
show: true,
width: 160,
},
scope: {
title: "范围",
type: "dict-select",
dict: dict({
data: [
{ value: "system", label: "系统级", color: "blue" },
{ value: "user", label: "用户级", color: "green" },
],
}),
search: { show: true },
column: { width: 100 },
form: { show: false },
},
},
},
@@ -1,63 +1,24 @@
<template>
<fs-page class="page-cert">
<fs-page>
<template #header>
<div class="title">
{{ t("certd.cnameTitle") }}
<span class="sub">
{{ t("certd.cnameDescription") }}
<a href="https://certd.docmirror.cn/guide/feature/cname/" target="_blank">
{{ t("certd.cnameLinkText") }}
</a>
</span>
操作日志
<span class="sub">查看所有用户的操作记录</span>
</div>
</template>
<fs-crud ref="crudRef" v-bind="crudBinding">
<template #pagination-left>
<a-tooltip :title="t('certd.batchDelete')">
<fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
</a-tooltip>
</template>
</fs-crud>
<fs-crud ref="crudRef" v-bind="crudBinding" />
</fs-page>
</template>
<script lang="ts" setup>
import { useMounted } from "/@/use/use-mounted";
import { useFs } from "@fast-crud/fast-crud";
import createCrudOptions from "./crud";
import { message, Modal } from "ant-design-vue";
import { DeleteBatch } from "./api";
import { useI18n } from "/src/locales";
import { useCrudPermission } from "/@/plugin/permission";
import { createSysAuditApi } from "./api";
import { useMounted } from "/@/use/use-mounted";
const { t } = useI18n();
defineOptions({ name: "SysAuditLog" });
defineOptions({
name: "CnameProvider",
});
const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
const selectedRowKeys = context.selectedRowKeys;
const handleBatchDelete = () => {
if (selectedRowKeys.value?.length > 0) {
Modal.confirm({
title: t("certd.confirmTitle"),
content: t("certd.confirmDeleteBatch", { count: selectedRowKeys.value.length }),
async onOk() {
await DeleteBatch(selectedRowKeys.value);
message.info(t("certd.deleteSuccess"));
crudExpose.doRefresh();
selectedRowKeys.value = [];
},
});
} else {
message.error(t("certd.selectRecordsFirst"));
}
};
// 页面打开后获取列表数据
useMounted(async () => {
await crudExpose.doRefresh();
});
const api = createSysAuditApi();
const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
useMounted(() => crudExpose.doRefresh());
</script>
<style lang="less"></style>
@@ -2,3 +2,7 @@ ALTER TABLE `cd_audit_log` ADD COLUMN `scope` varchar(32) NOT NULL DEFAULT 'user
CREATE INDEX `index_audit_log_scope` ON `cd_audit_log` (`scope`);
ALTER TABLE `cd_audit_log` ADD COLUMN `success` tinyint(1) NOT NULL DEFAULT 1;
-- 审计日志表索引
CREATE INDEX `index_audit_log_type` ON `cd_audit_log` (`type`);
CREATE INDEX `index_audit_log_create_time` ON `cd_audit_log` (`create_time`);
@@ -2,3 +2,7 @@ ALTER TABLE "cd_audit_log" ADD COLUMN "scope" varchar(32) NOT NULL DEFAULT ('use
CREATE INDEX "index_audit_log_scope" ON "cd_audit_log" ("scope");
ALTER TABLE "cd_audit_log" ADD COLUMN "success" boolean NOT NULL DEFAULT true;
-- 审计日志表索引
CREATE INDEX "index_audit_log_type" ON "cd_audit_log" ("type");
CREATE INDEX "index_audit_log_create_time" ON "cd_audit_log" ("create_time");
@@ -1,4 +1,8 @@
ALTER TABLE "cd_audit_log" ADD COLUMN "scope" varchar(32) NOT NULL DEFAULT ('user');
CREATE INDEX "index_audit_log_scope" ON "cd_audit_log" ("scope");
ALTER TABLE "cd_audit_log" ADD COLUMN "success" boolean NOT NULL DEFAULT (1);
ALTER TABLE "cd_audit_log" ADD COLUMN "success" boolean NOT NULL DEFAULT (1);
-- 审计日志表索引
CREATE INDEX "index_audit_log_type" ON "cd_audit_log" ("type");
CREATE INDEX "index_audit_log_create_time" ON "cd_audit_log" ("create_time");
@@ -1,4 +1,4 @@
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
import { BaseController, CommonException, Constants, SysSettingsService } from "@certd/lib-server";
import { CodeService } from "../../../modules/basic/service/code-service.js";
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
@@ -21,7 +21,7 @@ export class ForgotPasswordController extends BaseController {
sysSettingsService: SysSettingsService;
getAuditType(): string {
return AuditType.login;
return AuditType.login.value;
}
@Post("/forgotPassword", { description: Constants.per.guest, summary: "找回密码" })
@@ -1,4 +1,4 @@
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
import { LoginService } from "../../../modules/login/service/login-service.js";
import { AddonService, BaseController, Constants, SysPublicSettings, SysSettingsService } from "@certd/lib-server";
import { CodeService } from "../../../modules/basic/service/code-service.js";
@@ -27,7 +27,7 @@ export class LoginController extends BaseController {
passkeyService: PasskeyService;
getAuditType(): string {
return AuditType.login;
return AuditType.login.value;
}
@Post("/login", { description: Constants.per.guest, summary: "用户名密码登录" })
@@ -47,7 +47,7 @@ export class LoginController extends BaseController {
this.auditLog({ userId: token.userId, username: token.username, content: `用户「${body.username}」登录成功` });
return this.ok(token);
} catch (err: any) {
this.auditLog({userId:err.userId, username: body.username, content: `用户「${body.username}」登录失败:${err.message}` });
this.auditLog({ userId: err.userId, username: body.username, content: `用户「${body.username}」登录失败:${err.message}` });
throw err;
}
}
@@ -80,7 +80,7 @@ export class LoginController extends BaseController {
this.auditLog({ userId: token.userId, username: token.username, content: `用户「${body.mobile}」短信登录成功` });
return this.ok(token);
} catch (err: any) {
this.auditLog({userId: err.userId, username: body.mobile, content: `用户「${body.mobile}」短信登录失败:${err.message}` });
this.auditLog({ userId: err.userId, username: body.mobile, content: `用户「${body.mobile}」短信登录失败:${err.message}` });
throw err;
}
}
@@ -100,7 +100,7 @@ export class LoginController extends BaseController {
this.auditLog({ userId: token.userId, username: token.username, content: `用户「${body.loginId}」两步验证登录成功` });
return this.ok(token);
} catch (err: any) {
this.auditLog({userId: err.userId, username: body.loginId, content: `用户「${body.loginId}」两步验证登录失败:${err.message}` });
this.auditLog({ userId: err.userId, username: body.loginId, content: `用户「${body.loginId}」两步验证登录失败:${err.message}` });
throw err;
}
}
@@ -133,7 +133,7 @@ export class LoginController extends BaseController {
this.auditLog({ userId: token.userId, username: token.username, content: "用户Passkey登录成功" });
return this.ok(token);
} catch (err: any) {
this.auditLog({userId: err.userId, username: body.credential, content: `用户Passkey登录失败:${err.message}` });
this.auditLog({ userId: err.userId, username: body.credential, content: `用户Passkey登录失败:${err.message}` });
throw err;
}
}
@@ -1,4 +1,4 @@
import { logger, simpleNanoId, utils } from "@certd/basic";
import { logger, simpleNanoId, utils } from "@certd/basic";
import { addonRegistry, AddonService, BaseController, Constants, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
import { checkPlus } from "@certd/plus-core";
import { ALL, Body, Controller, Get, Inject, Param, Post, Provide, Query } from "@midwayjs/core";
@@ -50,7 +50,7 @@ export class ConnectController extends BaseController {
addonService: AddonService;
getAuditType(): string {
return AuditType.login;
return AuditType.login.value;
}
private async getOauthProvider(type: string) {
@@ -1,4 +1,4 @@
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
import { RegisterType } from "../../../modules/sys/authority/service/user-service.js";
import { CodeService } from "../../../modules/basic/service/code-service.js";
@@ -33,7 +33,7 @@ export class RegisterController extends BaseController {
sysSettingsService: SysSettingsService;
getAuditType(): string {
return AuditType.login;
return AuditType.login.value;
}
@Post("/register", { description: Constants.per.guest, summary: "用户注册" })
@@ -20,7 +20,7 @@ export class BasicController extends BaseController {
sysSettingsService: SysSettingsService;
getAuditType(): string {
return AuditType.account;
return AuditType.account.value;
}
@Post("/preBindUser", { description: "sys:settings:edit", summary: "预绑定用户" })
@@ -16,7 +16,7 @@ export class PermissionController extends CrudController<PermissionService> {
return this.service;
}
getAuditType(): string {
return AuditType.permission;
return AuditType.permission.value;
}
@Post("/page", { description: "sys:auth:per:view", summary: "查询权限分页列表" })
@@ -17,7 +17,7 @@ export class RoleController extends CrudController<RoleService> {
}
getAuditType(): string {
return AuditType.role;
return AuditType.role.value;
}
@Post("/page", { description: "sys:auth:role:view" })
@@ -26,7 +26,7 @@ export class UserController extends CrudController<UserService> {
loginService: LoginService;
getAuditType(): string {
return AuditType.user;
return AuditType.user.value;
}
getService() {
@@ -18,7 +18,7 @@ export class CnameRecordController extends CrudController<CnameProviderService>
}
getAuditType(): string {
return AuditType.cname;
return AuditType.cname.value;
}
@Post("/page", { description: "sys:settings:view" })
@@ -17,7 +17,7 @@ export class SysProjectController extends CrudController<ProjectEntity> {
sysSettingsService: SysSettingsService;
getAuditType(): string {
return AuditType.project;
return AuditType.project.value;
}
getService<T>() {
@@ -24,7 +24,7 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
}
getAuditType(): string {
return AuditType.enterprise;
return AuditType.enterprise.value;
}
@Post("/page", { description: "sys:settings:view", summary: "查询项目成员分页列表" })
@@ -16,7 +16,7 @@ export class SysSiteInfoController extends CrudController<SiteInfoService> {
}
getAuditType(): string {
return AuditType.monitor;
return AuditType.monitor.value;
}
@Post("/page", { description: "sys:settings:view", summary: "管理员查询站点监控分页列表" })
@@ -17,7 +17,7 @@ export class SysPipelineController extends CrudController<PipelineService> {
}
getAuditType(): string {
return AuditType.pipeline;
return AuditType.pipeline.value;
}
@Post("/page", { description: "sys:settings:view", summary: "管理员查询用户流水线分页列表" })
@@ -21,7 +21,7 @@ export class PluginController extends CrudController<PluginService> {
}
getAuditType(): string {
return AuditType.plugin;
return AuditType.plugin.value;
}
@Post("/page", { description: "sys:settings:view" })
@@ -13,7 +13,7 @@ export class SysSettingsController extends BaseController {
safeService: SafeService;
getAuditType(): string {
return AuditType.settings;
return AuditType.settings.value;
}
@Post("/get", { description: "sys:settings:view" })
@@ -33,7 +33,7 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
}
getAuditType(): string {
return AuditType.settings;
return AuditType.settings.value;
}
@Post("/page", { description: "sys:settings:view", summary: "查询系统设置分页列表" })
@@ -26,7 +26,7 @@ export class AddonController extends CrudController<AddonService> {
}
getAuditType(): string {
return AuditType.addon;
return AuditType.addon.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询Addon分页列表" })
@@ -22,7 +22,7 @@ export class GroupController extends CrudController<GroupService> {
}
getAuditType(): string {
return AuditType.pipelineGroup;
return AuditType.pipelineGroup.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询分组分页列表" })
@@ -16,7 +16,7 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
}
getAuditType(): string {
return AuditType.certTemplate;
return AuditType.certTemplate.value;
}
private removeContent(data: any) {
@@ -59,7 +59,7 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
bean.projectId = projectId;
bean.userId = userId;
const res = await super.add(bean);
this.auditLog({ content: `新增了证书参数模版(ID:${res.data})` });
this.auditLog({ content: `新增了证书参数模版${bean.name}(ID:${res.data})` });
return res;
}
@@ -69,7 +69,7 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
delete bean.userId;
delete bean.projectId;
const res = await super.update(bean);
this.auditLog({ content: `修改了证书参数模版(ID:${bean.id})` });
this.auditLog({ content: `修改了证书参数模版${bean.name}(ID:${bean.id})` });
return res;
}
@@ -16,7 +16,7 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
}
getAuditType(): string {
return AuditType.dnsPersist;
return AuditType.dnsPersist.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询DNS持久验证记录分页列表" })
@@ -34,7 +34,7 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
bean.projectId = projectId;
bean.userId = userId;
const res = await this.getService().add(bean);
this.auditLog({ content: `新增了DNS持久验证记录(ID:${res.id})` });
this.auditLog({ content: `新增了DNS持久验证记录${bean.domain}(ID:${res.id})` });
return this.ok(res);
}
@@ -21,7 +21,7 @@ export class DomainController extends CrudController<DomainService> {
}
getAuditType(): string {
return AuditType.domain;
return AuditType.domain.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询域名分页列表" })
@@ -19,7 +19,7 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
}
getAuditType(): string {
return AuditType.cname;
return AuditType.cname.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询CNAME记录分页列表" })
@@ -26,7 +26,7 @@ export class UserProjectController extends BaseController {
}
getAuditType(): string {
return AuditType.enterprise;
return AuditType.enterprise.value;
}
/**
@@ -26,7 +26,7 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
}
getAuditType(): string {
return AuditType.enterprise;
return AuditType.enterprise.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询项目成员分页列表" })
@@ -18,7 +18,7 @@ export class TransferController extends BaseController {
}
getAuditType(): string {
return AuditType.enterprise;
return AuditType.enterprise.value;
}
/**
@@ -15,7 +15,7 @@ export class EmailController extends BaseController {
emailService: EmailService;
getAuditType(): string {
return AuditType.mine;
return AuditType.mine.value;
}
@Post("/test", { description: Constants.per.authOnly, summary: "测试邮件发送" })
@@ -43,7 +43,7 @@ export class MineController extends BaseController {
emailService: EmailService;
getAuditType(): string {
return AuditType.mine;
return AuditType.mine.value;
}
@Inject()
taskServiceBuilder: TaskServiceBuilder;
@@ -16,7 +16,7 @@ export class MinePasskeyController extends BaseController {
userService: UserService;
getAuditType(): string {
return AuditType.mine;
return AuditType.mine.value;
}
@Post("/generateRegistration", { description: Constants.per.authOnly, summary: "生成Passkey注册选项" })
@@ -21,7 +21,7 @@ export class UserTwoFactorSettingController extends BaseController {
twoFactorService: TwoFactorService;
getAuditType(): string {
return AuditType.mine;
return AuditType.mine.value;
}
@Post("/get", { description: Constants.per.authOnly, summary: "获取双因子认证设置" })
@@ -22,7 +22,7 @@ export class UserSettingsController extends CrudController<UserSettingsService>
}
getAuditType(): string {
return AuditType.mine;
return AuditType.mine.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询用户设置分页列表" })
@@ -31,7 +31,7 @@ export class CertInfoController extends CrudController<CertInfoService> {
}
getAuditType(): string {
return AuditType.monitor;
return AuditType.monitor.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询证书分页列表" })
@@ -123,7 +123,7 @@ export class CertInfoController extends CrudController<CertInfoService> {
bean.projectId = projectId;
bean.userId = userId;
const res = await super.add(bean);
this.auditLog({ content: `新增了证书(ID:${res.data})` });
this.auditLog({ content: `新增了证书${bean.domain}(ID:${res.data})` });
return res;
}
@@ -24,7 +24,7 @@ export class JobHistoryController extends CrudController<JobHistoryService> {
}
getAuditType(): string {
return AuditType.jobHistory;
return AuditType.jobHistory.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询监控运行历史分页列表" })
@@ -26,7 +26,7 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
}
getAuditType(): string {
return AuditType.monitor;
return AuditType.monitor.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点监控分页列表" })
@@ -24,7 +24,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
}
getAuditType(): string {
return AuditType.siteIp;
return AuditType.siteIp.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点IP分页列表" })
@@ -62,7 +62,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
const { domain, httpsPort } = siteEntity;
this.service.check(res.id, domain, httpsPort);
}
this.auditLog({ content: `新增了站点IP(ID:${res.id})` });
this.auditLog({ content: `新增了站点IP${bean.ipAddress}(ID:${res.id})` });
return this.ok(res);
}
@@ -92,7 +92,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
const entity = await this.service.info(id);
const res = await super.delete(id);
await this.service.updateIpCount(entity.siteId);
this.auditLog({ content: `删除了站点IP(ID:${id})` });
this.auditLog({ content: `删除了站点IP${entity.ipAddress}(ID:${id})` });
return res;
}
@@ -20,7 +20,7 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
}
getAuditType(): string {
return AuditType.openKey;
return AuditType.openKey.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询开放API密钥分页列表" })
@@ -22,7 +22,7 @@ export class AccessController extends CrudController<AccessService> {
}
getAuditType(): string {
return AuditType.access;
return AuditType.access.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询授权配置分页列表" })
@@ -23,7 +23,7 @@ export class NotificationController extends CrudController<NotificationService>
}
getAuditType(): string {
return AuditType.notification;
return AuditType.notification.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询通知配置分页列表" })
@@ -129,7 +129,7 @@ export class PipelineController extends CrudController<PipelineService> {
}
getAuditType(): string {
return AuditType.pipeline;
return AuditType.pipeline.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分页列表" })
@@ -22,7 +22,7 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
}
getAuditType(): string {
return AuditType.pipelineGroup;
return AuditType.pipelineGroup.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分组分页列表" })
@@ -24,7 +24,7 @@ export class SubDomainController extends CrudController<SubDomainService> {
}
getAuditType(): string {
return AuditType.subDomain;
return AuditType.subDomain.value;
}
@Post("/parseDomain", { description: Constants.per.authOnly, summary: "解析域名" })
@@ -70,7 +70,7 @@ export class SubDomainController extends CrudController<SubDomainService> {
bean.userId = userId;
bean.projectId = projectId;
const res = await super.add(bean);
this.auditLog({ content: `新增了子域名(ID:${res.data})` });
this.auditLog({ content: `新增了子域名${bean.domain}(ID:${res.data})` });
return res;
}
@@ -20,7 +20,7 @@ export class TemplateController extends CrudController<TemplateService> {
}
getAuditType(): string {
return AuditType.template;
return AuditType.template.value;
}
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线模版分页列表" })
@@ -58,7 +58,7 @@ export class TemplateController extends CrudController<TemplateService> {
bean.projectId = projectId;
checkPlus();
const res = await super.add(bean);
this.auditLog({ content: `新增了流水线模版「${bean.name}」(ID:${res.data})` });
this.auditLog({ content: `新增了流水线模版「${bean.title}」(ID:${res.data})` });
return res;
}
@@ -68,7 +68,7 @@ export class TemplateController extends CrudController<TemplateService> {
delete bean.userId;
delete bean.projectId;
const res = await super.update(bean);
this.auditLog({ content: `修改了流水线模版「${bean.name}」(ID:${bean.id})` });
this.auditLog({ content: `修改了流水线模版「${bean.title}」(ID:${bean.id})` });
return res;
}
@Post("/info", { description: Constants.per.authOnly, summary: "查询流水线模版详情" })
@@ -9,7 +9,6 @@ export class AuditLogMiddleware implements IWebMiddleware {
@Inject()
auditService: AuditService;
resolve() {
return async (ctx: IMidwayKoaContext, next: NextFunction) => {
try {
@@ -42,12 +41,12 @@ export class AuditLogMiddleware implements IWebMiddleware {
auditLog.userId = err.userId;
}
}
const type = auditLog.type || (await this.resolveControllerType(routeInfo.controllerClz, ctx as any));
const action = auditLog.action || routeInfo.summary || "";
const append = auditLog.append;
const appendList = Array.isArray(append) ? append : append ? [append] : [];
const content = auditLog.content || appendList.filter(item => item && String(item).trim()).join(" ");
const content = auditLog.content || appendList.filter(item => item && String(item).trim()).join(" ") || action;
if (!content) {
return;
@@ -55,7 +54,7 @@ export class AuditLogMiddleware implements IWebMiddleware {
const projectId = auditLog.projectId ?? ctx.projectId ?? 0;
const scope = auditLog.scope || (ctx.path.startsWith("/api/sys/") ? "system" : "user");
const ipAddress = ctx.ip || "";
const ipAddress = ctx.ip || "";
await this.auditService.log({
userId: auditLog.userId ?? ctx.user?.id ?? 0,
@@ -64,7 +63,6 @@ export class AuditLogMiddleware implements IWebMiddleware {
content,
username: auditLog.username || ctx.user?.username,
projectId,
projectName: auditLog.projectName,
ipAddress,
scope,
success: isSuccess,
@@ -19,9 +19,6 @@ export class AuditLogEntity {
@Column({ name: "project_id", comment: "ProjectId" })
projectId: number;
@Column({ name: "project_name", comment: "项目名称" })
projectName: string;
@Column({ name: "type", comment: "类型" })
type: string;
@@ -1,165 +1,65 @@
export const AuditType = {
pipeline: "pipeline",
access: "access",
monitor: "monitor",
notification: "notification",
openKey: "openKey",
cname: "cname",
user: "user",
role: "role",
permission: "permission",
project: "project",
settings: "settings",
domain: "domain",
dnsPersist: "dnsPersist",
certTemplate: "certTemplate",
pipelineGroup: "pipelineGroup",
subDomain: "subDomain",
template: "template",
mine: "mine",
login: "login",
addon: "addon",
enterprise: "enterprise",
plugin: "plugin",
siteIp: "siteIp",
jobHistory: "jobHistory",
account: "account",
plus: "plus",
} as const;
export const AuditTypeMap = {
pipeline: "流水线",
access: "授权管理",
monitor: "站点监控",
notification: "通知设置",
openKey: "API密钥",
cname: "CNAME记录",
user: "用户管理",
role: "角色管理",
permission: "权限管理",
project: "项目管理",
settings: "系统设置",
domain: "域名管理",
dnsPersist: "持久验证记录",
certTemplate: "证书参数模版",
pipelineGroup: "流水线分组",
subDomain: "子域名托管",
template: "流水线模版",
mine: "个人设置",
login: "登录日志",
addon: "扩展插件",
enterprise: "企业管理",
plugin: "插件管理",
siteIp: "站点IP",
jobHistory: "监控历史",
account: "账号管理",
plus: "Plus许可",
pipeline: { value: "pipeline", label: "流水线", color: "blue" },
access: { value: "access", label: "授权管理", color: "orange" },
monitor: { value: "monitor", label: "站点监控", color: "green" },
notification: { value: "notification", label: "通知设置", color: "purple" },
openKey: { value: "openKey", label: "API密钥", color: "red" },
cname: { value: "cname", label: "CNAME记录", color: "cyan" },
user: { value: "user", label: "用户管理", color: "cyan" },
role: { value: "role", label: "角色管理", color: "geekblue" },
permission: { value: "permission", label: "权限管理", color: "lime" },
project: { value: "project", label: "项目管理", color: "gold" },
settings: { value: "settings", label: "系统设置", color: "magenta" },
domain: { value: "domain", label: "域名管理", color: "blue" },
dnsPersist: { value: "dnsPersist", label: "持久验证记录", color: "purple" },
certTemplate: { value: "certTemplate", label: "证书参数模版", color: "orange" },
pipelineGroup: { value: "pipelineGroup", label: "流水线分组", color: "cyan" },
subDomain: { value: "subDomain", label: "子域名托管", color: "geekblue" },
template: { value: "template", label: "流水线模版", color: "blue" },
mine: { value: "mine", label: "个人设置", color: "default" },
login: { value: "login", label: "登录日志", color: "red" },
addon: { value: "addon", label: "扩展插件", color: "orange" },
enterprise: { value: "enterprise", label: "企业管理", color: "gold" },
plugin: { value: "plugin", label: "插件管理", color: "magenta" },
siteIp: { value: "siteIp", label: "站点IP", color: "green" },
jobHistory: { value: "jobHistory", label: "监控历史", color: "default" },
account: { value: "account", label: "账号管理", color: "geekblue" },
plus: { value: "plus", label: "Plus许可", color: "volcano" },
} as const;
export const AuditAction = {
add: "add",
update: "update",
delete: "delete",
execute: "execute",
cancel: "cancel",
batchDelete: "batchDelete",
batchUpdate: "batchUpdate",
disable: "disable",
import: "import",
bind: "bind",
unbind: "unbind",
register: "register",
login: "login",
resetStatus: "resetStatus",
setDefault: "setDefault",
save: "save",
trigger: "trigger",
active: "active",
add: { value: "add", label: "新增", color: "green" },
update: { value: "update", label: "修改", color: "blue" },
delete: { value: "delete", label: "删除", color: "red" },
execute: { value: "execute", label: "执行", color: "orange" },
cancel: { value: "cancel", label: "取消", color: "default" },
batchDelete: { value: "batchDelete", label: "批量删除", color: "volcano" },
batchUpdate: { value: "batchUpdate", label: "批量修改", color: "purple" },
disable: { value: "disable", label: "禁用", color: "default" },
import: { value: "import", label: "导入", color: "cyan" },
bind: { value: "bind", label: "绑定", color: "green" },
unbind: { value: "unbind", label: "解绑", color: "red" },
register: { value: "register", label: "注册", color: "green" },
login: { value: "login", label: "登录", color: "blue" },
resetStatus: { value: "resetStatus", label: "重置状态", color: "orange" },
setDefault: { value: "setDefault", label: "设置默认", color: "cyan" },
save: { value: "save", label: "保存", color: "purple" },
trigger: { value: "trigger", label: "触发", color: "orange" },
active: { value: "active", label: "激活", color: "green" },
} as const;
export const AuditActionMap = {
add: "新增",
update: "修改",
delete: "删除",
execute: "执行",
cancel: "取消",
batchDelete: "批量删除",
batchUpdate: "批量修改",
disable: "禁用",
import: "导入",
bind: "绑定",
unbind: "解绑",
register: "注册",
login: "登录",
resetStatus: "重置状态",
setDefault: "设置默认",
save: "保存",
trigger: "触发",
active: "激活",
} as const;
export const AuditTypeColorMap: Record<string, string> = {
pipeline: "blue",
access: "orange",
monitor: "green",
notification: "purple",
openKey: "red",
cname: "cyan",
user: "cyan",
role: "geekblue",
permission: "lime",
project: "gold",
settings: "magenta",
domain: "blue",
dnsPersist: "purple",
certTemplate: "orange",
pipelineGroup: "cyan",
subDomain: "geekblue",
template: "blue",
mine: "default",
login: "red",
addon: "orange",
enterprise: "gold",
plugin: "magenta",
siteIp: "green",
jobHistory: "default",
account: "geekblue",
plus: "volcano",
};
export const AuditActionColorMap: Record<string, string> = {
add: "green",
update: "blue",
delete: "red",
execute: "orange",
cancel: "default",
batchDelete: "volcano",
batchUpdate: "purple",
disable: "default",
import: "cyan",
bind: "green",
unbind: "red",
register: "green",
login: "blue",
resetStatus: "orange",
setDefault: "cyan",
save: "purple",
trigger: "orange",
active: "green",
};
export function buildAuditTypeDict() {
return Object.entries(AuditTypeMap).map(([value, label]) => ({
value,
label,
color: AuditTypeColorMap[value],
return Object.values(AuditType).map(item => ({
value: item.value,
label: item.label,
color: item.color,
}));
}
export function buildAuditActionDict() {
return Object.entries(AuditActionMap).map(([value, label]) => ({
value,
label,
color: AuditActionColorMap[value],
return Object.values(AuditAction).map(item => ({
value: item.value,
label: item.label,
color: item.color,
}));
}
@@ -1,4 +1,4 @@
import { BaseService } from "@certd/lib-server";
import { BaseService, AuditLogWriteParam } from "@certd/lib-server";
import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
import { InjectEntityModel } from "@midwayjs/typeorm";
import { LessThan, Repository } from "typeorm";
@@ -31,7 +31,7 @@ export class AuditService extends BaseService<AuditLogEntity> {
return await super.page(pageReq);
}
async log(params: { userId: number; type: string; action: string; content: string; username?: string; projectId?: number; projectName?: string; ipAddress?: string; scope?: string; success?: boolean }): Promise<void> {
async log(params: AuditLogWriteParam): Promise<void> {
try {
let { username } = params;
if (!username && params.userId != null) {
@@ -47,7 +47,7 @@ export class AuditService extends BaseService<AuditLogEntity> {
entity.action = params.action;
entity.content = params.content;
entity.projectId = params.projectId || 0;
entity.projectName = params.projectName || "";
entity.ipAddress = params.ipAddress || "";
entity.scope = params.scope || "user";
entity.success = params.success ?? true;