mirror of
https://github.com/certd/certd.git
synced 2026-07-12 08:17:32 +08:00
Compare commits
7 Commits
v2
..
v2_audit_log
| Author | SHA1 | Date | |
|---|---|---|---|
| f2855d6dac | |||
| 4250d0e266 | |||
| edda1b57f3 | |||
| 5a7766992d | |||
| 02dabe11db | |||
| 58024128d8 | |||
| e44bf9d773 |
@@ -1,412 +0,0 @@
|
|||||||
# 插件依赖按需加载方案
|
|
||||||
|
|
||||||
## 背景与目标
|
|
||||||
|
|
||||||
### 当前问题
|
|
||||||
- `packages/ui/certd-server/node_modules` 包含 50+ 个插件的所有依赖,体积庞大
|
|
||||||
- 大量云厂商 SDK(AWS、阿里云、腾讯云、华为云等)只在特定插件中使用
|
|
||||||
- 用户通常只使用少数几个插件,但必须安装所有依赖
|
|
||||||
|
|
||||||
### 目标
|
|
||||||
实现依赖的按需下载和加载:
|
|
||||||
1. 插件依赖独立管理,不占用主 `node_modules` 空间
|
|
||||||
2. 只有当用户首次使用某插件时,才动态下载该插件需要的依赖
|
|
||||||
3. 依赖安装完成后,通过 `await import()` 从独立路径加载
|
|
||||||
4. 保持现有插件代码的最小改动
|
|
||||||
|
|
||||||
## 当前架构分析
|
|
||||||
|
|
||||||
### 插件加载机制
|
|
||||||
- 插件位于 `packages/ui/certd-server/src/plugins/` 下(50+ 个插件目录)
|
|
||||||
- `AutoLoadPlugins` 类在启动时扫描 `dist/plugins` 目录并动态导入
|
|
||||||
- 插件注册到不同的 registry:`accessRegistry`, `pluginRegistry`, `dnsProviderRegistry` 等
|
|
||||||
- 插件代码已经使用 `await import()` 进行懒加载(如 `await import("@aws-sdk/client-acm")`)
|
|
||||||
|
|
||||||
### 重型依赖分布
|
|
||||||
从 `packages/ui/certd-server/package.json` 分析,以下依赖体积大且仅特定插件使用:
|
|
||||||
|
|
||||||
**云厂商 SDK(按插件分组):**
|
|
||||||
- **AWS 插件**:`@aws-sdk/client-acm`, `@aws-sdk/client-cloudfront`, `@aws-sdk/client-iam`, `@aws-sdk/client-route-53`, `@aws-sdk/client-s3`, `@aws-sdk/client-sts`
|
|
||||||
- **阿里云插件**:`@alicloud/openapi-client`, `@alicloud/pop-core`, `@alicloud/tea-typescript`, `@alicloud/fc20230330` 等
|
|
||||||
- **腾讯云插件**:`tencentcloud-sdk-nodejs`, `cos-nodejs-sdk-v5`
|
|
||||||
- **华为云插件**:`@huaweicloud/huaweicloud-sdk-cdn`, `@huaweicloud/huaweicloud-sdk-core` 等
|
|
||||||
- **Azure 插件**:`@azure/arm-dns`, `@azure/identity`
|
|
||||||
- **Google Cloud 插件**:`@google-cloud/dns`, `@google-cloud/publicca`
|
|
||||||
- **火山引擎插件**:`@volcengine/openapi`, `@volcengine/tos-sdk`
|
|
||||||
|
|
||||||
**网络/工具库:**
|
|
||||||
- `ssh2`, `socks`, `socks-proxy-agent`(SSH 相关插件)
|
|
||||||
- `ali-oss`, `qiniu`, `basic-ftp`(存储/传输插件)
|
|
||||||
- `nodemailer`(邮件通知插件)
|
|
||||||
|
|
||||||
**通用依赖(保留在主 package.json):**
|
|
||||||
- `@midwayjs/*` 系列(框架核心)
|
|
||||||
- `@certd/*` 系列(项目内部包)
|
|
||||||
- `axios`, `lodash-es`, `dayjs`, `js-yaml` 等基础工具
|
|
||||||
|
|
||||||
## 设计方案
|
|
||||||
|
|
||||||
### 架构概览
|
|
||||||
|
|
||||||
```
|
|
||||||
packages/ui/certd-server/
|
|
||||||
├── package.json # 主依赖(框架、通用工具)
|
|
||||||
├── node_modules/ # 主依赖安装目录
|
|
||||||
├── optional-deps/ # 新增:可选依赖管理目录
|
|
||||||
│ ├── package.json # 可选依赖总配置(用于 pnpm install)
|
|
||||||
│ ├── pnpm-lock.yaml # 可选依赖锁文件
|
|
||||||
│ └── node_modules/ # 可选依赖安装目录
|
|
||||||
├── src/
|
|
||||||
│ └── modules/
|
|
||||||
│ └── dependency/ # 新增:依赖管理模块
|
|
||||||
│ ├── dependency-manager.ts # 核心:依赖管理器
|
|
||||||
│ ├── dependency-registry.ts # 依赖注册表(插件 -> 依赖映射)
|
|
||||||
│ └── types.ts # 类型定义
|
|
||||||
```
|
|
||||||
|
|
||||||
### 核心组件
|
|
||||||
|
|
||||||
#### 1. 依赖管理器(DependencyManager)
|
|
||||||
|
|
||||||
**职责:**
|
|
||||||
- 检查依赖是否已安装
|
|
||||||
- 动态执行 `pnpm install` 安装缺失依赖
|
|
||||||
- 提供从 `optional-deps/node_modules` 加载依赖的方法
|
|
||||||
- 并发控制:避免多个插件同时触发安装
|
|
||||||
|
|
||||||
**关键方法:**
|
|
||||||
```typescript
|
|
||||||
class DependencyManager {
|
|
||||||
// 确保依赖已安装,返回依赖模块
|
|
||||||
async ensureAndImport<T>(packageName: string): Promise<T>
|
|
||||||
|
|
||||||
// 检查依赖是否已安装
|
|
||||||
async isInstalled(packageName: string): Promise<boolean>
|
|
||||||
|
|
||||||
// 安装依赖(带锁,避免并发)
|
|
||||||
async installDependencies(packages: string[]): Promise<void>
|
|
||||||
|
|
||||||
// 从 optional-deps/node_modules 加载依赖
|
|
||||||
async loadModule<T>(packageName: string): Promise<T>
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**实现要点:**
|
|
||||||
- 使用文件锁(如 `proper-lockfile`)防止并发安装
|
|
||||||
- 安装前检查 `optional-deps/node_modules/{packageName}` 是否存在
|
|
||||||
- 安装命令:`pnpm install --dir optional-deps --ignore-workspace`
|
|
||||||
- 加载时使用绝对路径:`import('file:///absolute/path/to/optional-deps/node_modules/package')`
|
|
||||||
|
|
||||||
#### 2. 依赖注册表(DependencyRegistry)
|
|
||||||
|
|
||||||
**职责:**
|
|
||||||
- 维护插件名称到依赖列表的映射
|
|
||||||
- 提供依赖查询接口
|
|
||||||
|
|
||||||
**数据结构:**
|
|
||||||
```typescript
|
|
||||||
interface PluginDependencyConfig {
|
|
||||||
pluginName: string;
|
|
||||||
dependencies: {
|
|
||||||
packageName: string;
|
|
||||||
version: string;
|
|
||||||
optional?: boolean; // 是否可选(安装失败不阻塞)
|
|
||||||
}[];
|
|
||||||
}
|
|
||||||
|
|
||||||
// 示例注册
|
|
||||||
dependencyRegistry.register('plugin-aws', [
|
|
||||||
{ packageName: '@aws-sdk/client-acm', version: '^3.964.0' },
|
|
||||||
{ packageName: '@aws-sdk/client-cloudfront', version: '^3.964.0' },
|
|
||||||
{ packageName: '@aws-sdk/client-route-53', version: '^3.964.0' },
|
|
||||||
]);
|
|
||||||
```
|
|
||||||
|
|
||||||
#### 3. 插件集成
|
|
||||||
|
|
||||||
**改造现有插件代码:**
|
|
||||||
|
|
||||||
改造前(`plugin-aws/libs/aws-client.ts`):
|
|
||||||
```typescript
|
|
||||||
const { ACMClient, ImportCertificateCommand } = await import("@aws-sdk/client-acm");
|
|
||||||
```
|
|
||||||
|
|
||||||
改造后:
|
|
||||||
```typescript
|
|
||||||
import { DependencyManager } from "../../../modules/dependency/dependency-manager.js";
|
|
||||||
|
|
||||||
const depManager = new DependencyManager();
|
|
||||||
const { ACMClient, ImportCertificateCommand } = await depManager.ensureAndImport("@aws-sdk/client-acm");
|
|
||||||
```
|
|
||||||
|
|
||||||
**简化方案(推荐):**
|
|
||||||
|
|
||||||
创建辅助函数,减少改动量:
|
|
||||||
```typescript
|
|
||||||
// src/modules/dependency/import-helper.ts
|
|
||||||
export async function importOptionalDep<T>(packageName: string): Promise<T> {
|
|
||||||
const depManager = new DependencyManager();
|
|
||||||
return await depManager.ensureAndImport<T>(packageName);
|
|
||||||
}
|
|
||||||
|
|
||||||
// 插件中使用
|
|
||||||
import { importOptionalDep } from "../../../modules/dependency/import-helper.js";
|
|
||||||
const { ACMClient } = await importOptionalDep("@aws-sdk/client-acm");
|
|
||||||
```
|
|
||||||
|
|
||||||
### 实施步骤
|
|
||||||
|
|
||||||
#### 阶段一:基础设施搭建
|
|
||||||
1. 创建 `optional-deps/` 目录结构
|
|
||||||
2. 生成 `optional-deps/package.json`(包含所有可选依赖)
|
|
||||||
3. 实现 `DependencyManager` 核心逻辑
|
|
||||||
4. 实现依赖安装锁机制
|
|
||||||
5. 编写单元测试
|
|
||||||
|
|
||||||
#### 阶段二:依赖迁移
|
|
||||||
6. 从主 `package.json` 移除可选依赖
|
|
||||||
7. 将依赖添加到 `optional-deps/package.json`
|
|
||||||
8. 创建依赖注册表,映射插件到依赖
|
|
||||||
|
|
||||||
#### 阶段三:插件改造
|
|
||||||
9. 创建 `import-helper.ts` 辅助函数
|
|
||||||
10. 逐步改造插件代码,使用 `importOptionalDep` 加载依赖
|
|
||||||
11. 优先改造重型依赖(AWS、阿里云、腾讯云等)
|
|
||||||
|
|
||||||
#### 阶段四:测试与优化
|
|
||||||
12. 端到端测试:验证依赖按需安装和加载
|
|
||||||
13. 性能优化:缓存已加载的模块
|
|
||||||
14. 错误处理:安装失败时的降级策略
|
|
||||||
15. 文档:编写使用说明和迁移指南
|
|
||||||
|
|
||||||
## 关键技术决策
|
|
||||||
|
|
||||||
### 1. 依赖分组策略
|
|
||||||
**选择:按插件分组**
|
|
||||||
- 每个插件声明自己需要的依赖
|
|
||||||
- 优点:职责清晰,易于维护
|
|
||||||
- 缺点:可能有重复依赖(但 pnpm 会去重)
|
|
||||||
|
|
||||||
**备选:按功能分组**
|
|
||||||
- 将依赖按功能分组(如 "aws-deps", "aliyun-deps")
|
|
||||||
- 优点:更细粒度控制
|
|
||||||
- 缺点:增加复杂度
|
|
||||||
|
|
||||||
### 2. 安装触发时机
|
|
||||||
**选择:首次使用时触发**
|
|
||||||
- 在插件的 `execute()` 或 `getClient()` 方法中触发安装
|
|
||||||
- 优点:真正的按需加载
|
|
||||||
- 缺点:首次使用有延迟
|
|
||||||
|
|
||||||
**备选:启动时预检查**
|
|
||||||
- 启动时扫描启用的插件,预安装依赖
|
|
||||||
- 优点:避免运行时延迟
|
|
||||||
- 缺点:可能安装不需要的依赖
|
|
||||||
|
|
||||||
### 3. 依赖路径解析
|
|
||||||
**选择:使用绝对路径 + `file://` 协议**
|
|
||||||
```typescript
|
|
||||||
const modulePath = path.resolve(__dirname, '../../optional-deps/node_modules', packageName);
|
|
||||||
return await import(`file://${modulePath}/index.js`);
|
|
||||||
```
|
|
||||||
|
|
||||||
**原因:**
|
|
||||||
- Node.js ESM 要求明确的 URL 格式
|
|
||||||
- 避免模块解析冲突
|
|
||||||
|
|
||||||
### 4. 并发控制
|
|
||||||
**选择:文件锁 + 内存锁双重保护**
|
|
||||||
- 使用 `proper-lockfile` 锁定 `optional-deps/` 目录
|
|
||||||
- 内存中使用 `Map` 记录正在安装的依赖
|
|
||||||
- 避免多个插件同时触发安装
|
|
||||||
|
|
||||||
### 5. 错误处理
|
|
||||||
**策略:**
|
|
||||||
- 安装失败时记录日志,抛出明确的错误信息
|
|
||||||
- 提供手动安装命令提示:`请运行: cd optional-deps && pnpm install`
|
|
||||||
- 支持降级:某些非核心依赖安装失败时,插件可以部分功能可用
|
|
||||||
|
|
||||||
## 验证方案
|
|
||||||
|
|
||||||
### 单元测试
|
|
||||||
1. 测试 `DependencyManager.isInstalled()` 正确检测依赖状态
|
|
||||||
2. 测试 `DependencyManager.installDependencies()` 成功安装依赖
|
|
||||||
3. 测试并发安装时的锁机制
|
|
||||||
4. 测试从 `optional-deps/node_modules` 加载模块
|
|
||||||
|
|
||||||
### 集成测试
|
|
||||||
1. 清空 `optional-deps/node_modules`
|
|
||||||
2. 启动服务,验证不触发安装
|
|
||||||
3. 调用 AWS 插件,验证触发安装并成功加载
|
|
||||||
4. 再次调用,验证不重复安装
|
|
||||||
5. 验证主 `node_modules` 体积减少
|
|
||||||
|
|
||||||
### 性能测试
|
|
||||||
1. 测量首次安装依赖的耗时
|
|
||||||
2. 测量后续加载的耗时(应该与正常 import 相近)
|
|
||||||
3. 对比改造前后的 `node_modules` 大小
|
|
||||||
|
|
||||||
## 风险与挑战
|
|
||||||
|
|
||||||
### 1. 首次使用延迟
|
|
||||||
**风险:** 用户首次使用插件时需要等待依赖安装(可能几十秒)
|
|
||||||
**缓解:**
|
|
||||||
- 在 UI 上显示安装进度
|
|
||||||
- 提供预安装命令:`pnpm run install-optional-deps`
|
|
||||||
- 文档说明首次使用会有延迟
|
|
||||||
|
|
||||||
### 2. 离线环境
|
|
||||||
**风险:** 离线环境无法下载依赖
|
|
||||||
**缓解:**
|
|
||||||
- 提供完整安装包(包含所有可选依赖)
|
|
||||||
- 支持手动复制 `node_modules`
|
|
||||||
|
|
||||||
### 3. 版本冲突
|
|
||||||
**风险:** 可选依赖与主依赖版本冲突
|
|
||||||
**缓解:**
|
|
||||||
- 使用 `--ignore-workspace` 隔离安装
|
|
||||||
- 定期同步主依赖版本
|
|
||||||
|
|
||||||
### 4. TypeScript 类型
|
|
||||||
**风险:** 动态导入的类型推断
|
|
||||||
**缓解:**
|
|
||||||
- 保留 `@types/*` 在主 `devDependencies`
|
|
||||||
- 使用泛型和类型断言
|
|
||||||
|
|
||||||
## 预期收益
|
|
||||||
|
|
||||||
1. **空间节省:** 主 `node_modules` 体积减少 60-70%(估算)
|
|
||||||
2. **安装速度:** 初始 `pnpm install` 速度提升 3-5 倍
|
|
||||||
3. **用户体验:** 不使用的插件不占用空间,按需加载
|
|
||||||
4. **维护性:** 依赖分组清晰,易于管理
|
|
||||||
|
|
||||||
## 后续优化
|
|
||||||
|
|
||||||
1. **依赖预热:** 在后台预安装常用插件依赖
|
|
||||||
2. **依赖缓存:** 支持从 CDN 或本地缓存安装
|
|
||||||
3. **依赖更新:** 提供命令批量更新可选依赖
|
|
||||||
4. **插件市场:** 支持从远程下载插件及其依赖配置
|
|
||||||
|
|
||||||
## 附录:依赖分类清单
|
|
||||||
|
|
||||||
### 可选依赖(迁移到 optional-deps/package.json)
|
|
||||||
|
|
||||||
**AWS 相关(plugin-aws, plugin-aws-cn):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@aws-sdk/client-acm": "^3.964.0",
|
|
||||||
"@aws-sdk/client-cloudfront": "^3.964.0",
|
|
||||||
"@aws-sdk/client-iam": "^3.964.0",
|
|
||||||
"@aws-sdk/client-route-53": "^3.964.0",
|
|
||||||
"@aws-sdk/client-s3": "^3.964.0",
|
|
||||||
"@aws-sdk/client-sts": "^3.990.0"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**阿里云相关(plugin-aliyun, plugin-lib/aliyun):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@alicloud/fc20230330": "^4.1.7",
|
|
||||||
"@alicloud/openapi-client": "^0.4.12",
|
|
||||||
"@alicloud/openapi-util": "^0.3.2",
|
|
||||||
"@alicloud/pop-core": "^1.7.10",
|
|
||||||
"@alicloud/sts-sdk": "^1.0.2",
|
|
||||||
"@alicloud/tea-typescript": "^1.8.0",
|
|
||||||
"@alicloud/tea-util": "^1.4.10",
|
|
||||||
"ali-oss": "^6.21.0"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**腾讯云相关(plugin-tencent, plugin-lib/tencent):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"tencentcloud-sdk-nodejs": "^4.1.112",
|
|
||||||
"cos-nodejs-sdk-v5": "^2.14.6"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**华为云相关(plugin-huawei):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@huaweicloud/huaweicloud-sdk-cdn": "3.1.185",
|
|
||||||
"@huaweicloud/huaweicloud-sdk-core": "3.1.185",
|
|
||||||
"@huaweicloud/huaweicloud-sdk-elb": "3.1.185",
|
|
||||||
"@huaweicloud/huaweicloud-sdk-iam": "3.1.185",
|
|
||||||
"esdk-obs-nodejs": "^3.25.6"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**Azure 相关(plugin-azure):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@azure/arm-dns": "^5.1.0",
|
|
||||||
"@azure/identity": "^4.13.1"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**Google Cloud 相关(plugin-google, plugin-cert/google):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@google-cloud/dns": "^5.3.1",
|
|
||||||
"@google-cloud/publicca": "^1.3.0"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**火山引擎相关(plugin-volcengine):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"@volcengine/openapi": "^1.28.1",
|
|
||||||
"@volcengine/tos-sdk": "^2.9.1"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**SSH/网络相关(plugin-host, plugin-lib/ssh):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"ssh2": "^1.17.0",
|
|
||||||
"socks": "^2.8.3",
|
|
||||||
"socks-proxy-agent": "^8.0.4",
|
|
||||||
"basic-ftp": "^5.0.5"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**其他存储/传输(plugin-qiniu, plugin-lib/qiniu):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"qiniu": "^7.12.0"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
**邮件通知(plugin-notification/email):**
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"nodemailer": "^6.9.16"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
### 主依赖(保留在主 package.json)
|
|
||||||
|
|
||||||
**框架核心:**
|
|
||||||
- `@midwayjs/*` 系列
|
|
||||||
- `@koa/cors`
|
|
||||||
- `typeorm`, `better-sqlite3`, `mysql2`, `pg`
|
|
||||||
|
|
||||||
**项目内部包:**
|
|
||||||
- `@certd/*` 系列
|
|
||||||
|
|
||||||
**通用工具:**
|
|
||||||
- `axios`, `lodash-es`, `dayjs`, `js-yaml`
|
|
||||||
- `crypto-js`, `jsonwebtoken`, `bcryptjs`
|
|
||||||
- `reflect-metadata`, `uuid`, `nanoid`
|
|
||||||
- 等等
|
|
||||||
|
|
||||||
## 总结
|
|
||||||
|
|
||||||
本方案通过引入独立的可选依赖管理机制,实现了插件依赖的按需下载和加载。核心思路是:
|
|
||||||
|
|
||||||
1. **隔离管理:** 在 `optional-deps/` 目录下维护独立的 `package.json` 和 `node_modules`
|
|
||||||
2. **动态安装:** 通过 `DependencyManager` 在首次使用时触发 `pnpm install`
|
|
||||||
3. **路径加载:** 使用绝对路径从独立目录加载依赖模块
|
|
||||||
4. **最小改动:** 通过辅助函数 `importOptionalDep` 简化插件代码改造
|
|
||||||
|
|
||||||
该方案可以显著减少主 `node_modules` 体积,提升初始安装速度,同时保持现有架构的兼容性和可维护性。
|
|
||||||
@@ -281,12 +281,12 @@ export class DemoTest extends AbstractTaskPlugin {
|
|||||||
return {
|
return {
|
||||||
value: item.siteName,
|
value: item.siteName,
|
||||||
label: item.siteName,
|
label: item.siteName,
|
||||||
domain: item.siteName,
|
domain: item.siteName, //这里必须要包含domain 否则后面分组时候全部分配到未匹配中
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
//将站点域名名称根据证书域名进行匹配分组,分成匹配的和不匹配的两组选项,返回给前端,供用户选择
|
//将站点域名名称根据证书域名进行匹配分组,分成匹配的和不匹配的两组选项,返回给前端,供用户选择
|
||||||
return {
|
return {
|
||||||
list: optionsUtils.buildGroupOptions(options, this.certDomains),
|
list: optionsUtils.buildGroupOptions(options, this.certDomains), //分组后的列表
|
||||||
total: siteRes.length,
|
total: siteRes.length,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -215,3 +215,17 @@ Certd 是可私有化部署的 SSL/TLS 证书自动化管理平台,提供 Web
|
|||||||
### 旧版数据兼容
|
### 旧版数据兼容
|
||||||
|
|
||||||
- 新增插件参数时,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
- 新增插件参数时,必须要考虑旧版数据兼容,比如新增一个deployType参数,有两种值:`default`和`custom`,需要在使用时判空,走旧版逻辑。
|
||||||
|
|
||||||
|
## 前端路由与国际化
|
||||||
|
|
||||||
|
- 路由 `meta.title` 是 **i18n 国际化 key**,必须在 `src/locales/langs/zh-CN/` 和 `src/locales/langs/en-US/` 对应的模块文件中添加翻译。
|
||||||
|
- 示例:路由 `title: "certd.auditLog"` 需要在中英 locales 文件中有对应 key(`"certd.auditLog": "操作日志"` / `"certd.auditLog": "Audit Log"`)。
|
||||||
|
- 菜单通过路由自动生成,需设置 `meta.isMenu: true` 才会出现在左侧菜单。
|
||||||
|
- Plus 版功能菜单需设置 `meta.show: () => { const settingStore = useSettingStore(); return settingStore.isPlus; }`。
|
||||||
|
|
||||||
|
## 审计日志
|
||||||
|
|
||||||
|
- 审计日志是 Plus 版功能,非 Plus 版不会写入。
|
||||||
|
- Controller 继承 `BaseController`,通过 `this.auditLog({ content: "xxx" })` 记录日志。
|
||||||
|
- `getAuditType()` 返回类型常量,中间件自动从 ctx.path 判定 scope(`/api/sys/` → system,其他 → user)。
|
||||||
|
- 操作日志有系统级(scope=system)和用户级(scope=user)区分。
|
||||||
@@ -0,0 +1,35 @@
|
|||||||
|
/// <reference types="mocha" />
|
||||||
|
|
||||||
|
import assert from "node:assert/strict";
|
||||||
|
import { AuditLogContext } from "./audit.js";
|
||||||
|
|
||||||
|
// AuditLog decorator and getAuditLogOptions are removed since auditLog()
|
||||||
|
// now signals audit intent directly via ctx.auditLog.enabled
|
||||||
|
|
||||||
|
describe("AuditLogContext type", () => {
|
||||||
|
it("supports enabled flag", () => {
|
||||||
|
const ctx: AuditLogContext = {
|
||||||
|
type: "pipeline",
|
||||||
|
action: "删除流水线",
|
||||||
|
append: ["ID:5"],
|
||||||
|
content: "删除了流水线(ID:5)",
|
||||||
|
projectId: 3,
|
||||||
|
projectName: "默认项目",
|
||||||
|
enabled: true,
|
||||||
|
};
|
||||||
|
|
||||||
|
assert.equal(ctx.enabled, true);
|
||||||
|
assert.equal(ctx.type, "pipeline");
|
||||||
|
assert.equal(ctx.content, "删除了流水线(ID:5)");
|
||||||
|
assert.equal(ctx.projectId, 3);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("works with minimal fields", () => {
|
||||||
|
const ctx: AuditLogContext = {
|
||||||
|
enabled: true,
|
||||||
|
append: ["提交2条"],
|
||||||
|
};
|
||||||
|
|
||||||
|
assert.equal(ctx.enabled, true);
|
||||||
|
});
|
||||||
|
});
|
||||||
@@ -0,0 +1,21 @@
|
|||||||
|
export type AuditLogOptions = {
|
||||||
|
type?: string;
|
||||||
|
action?: string;
|
||||||
|
content?: string;
|
||||||
|
template?: string;
|
||||||
|
disabled?: boolean;
|
||||||
|
};
|
||||||
|
|
||||||
|
export type AuditLogContext = {
|
||||||
|
type?: string;
|
||||||
|
action?: string;
|
||||||
|
append?: string | string[];
|
||||||
|
content?: string;
|
||||||
|
projectId?: number;
|
||||||
|
projectName?: string;
|
||||||
|
enabled?: boolean;
|
||||||
|
allowAnonymous?: boolean;
|
||||||
|
scope?: string;
|
||||||
|
userId?: number;
|
||||||
|
username?: string;
|
||||||
|
};
|
||||||
@@ -3,6 +3,7 @@ import type { IMidwayContainer } from "@midwayjs/core";
|
|||||||
import * as koa from "@midwayjs/koa";
|
import * as koa from "@midwayjs/koa";
|
||||||
import { Constants } from "./constants.js";
|
import { Constants } from "./constants.js";
|
||||||
import { isEnterprise } from "./mode.js";
|
import { isEnterprise } from "./mode.js";
|
||||||
|
import type { AuditLogContext } from "./audit.js";
|
||||||
|
|
||||||
export abstract class BaseController {
|
export abstract class BaseController {
|
||||||
@Inject()
|
@Inject()
|
||||||
@@ -127,4 +128,43 @@ export abstract class BaseController {
|
|||||||
}
|
}
|
||||||
return { projectId, userId };
|
return { projectId, userId };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return "unknown";
|
||||||
|
}
|
||||||
|
|
||||||
|
auditLog(bean: { type?: string; action?: string; content?: string; append?: string | string[]; projectId?: number; userId?: number; username?: string } = {}) {
|
||||||
|
const auditLog = this.ensureAuditLogContext();
|
||||||
|
auditLog.enabled = true;
|
||||||
|
if (bean.userId != null) {
|
||||||
|
auditLog.userId = bean.userId;
|
||||||
|
}
|
||||||
|
if (bean.username != null) {
|
||||||
|
auditLog.username = bean.username;
|
||||||
|
}
|
||||||
|
if (bean.type != null) {
|
||||||
|
auditLog.type = bean.type;
|
||||||
|
}
|
||||||
|
if (bean.action != null) {
|
||||||
|
auditLog.action = bean.action;
|
||||||
|
}
|
||||||
|
if (bean.projectId != null) {
|
||||||
|
auditLog.projectId = bean.projectId;
|
||||||
|
}
|
||||||
|
if (bean.content) {
|
||||||
|
auditLog.content = bean.content;
|
||||||
|
}
|
||||||
|
if (bean.append) {
|
||||||
|
const items = Array.isArray(bean.append) ? bean.append : [bean.append];
|
||||||
|
const old = Array.isArray(auditLog.append) ? auditLog.append : auditLog.append ? [auditLog.append] : [];
|
||||||
|
auditLog.append = [...old, ...items].filter(item => item && String(item).trim());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private ensureAuditLogContext(): AuditLogContext {
|
||||||
|
if (!this.ctx.auditLog) {
|
||||||
|
this.ctx.auditLog = {};
|
||||||
|
}
|
||||||
|
return this.ctx.auditLog;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -279,7 +279,7 @@ export abstract class BaseService<T> {
|
|||||||
return item != null && item != "";
|
return item != null && item != "";
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number) {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
ids = this.filterIds(ids);
|
ids = this.filterIds(ids);
|
||||||
if (userId != null) {
|
if (userId != null) {
|
||||||
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
||||||
@@ -295,6 +295,7 @@ export abstract class BaseService<T> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await this.delete(ids);
|
await this.delete(ids);
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async findOne(options: FindOneOptions<T>) {
|
async findOne(options: FindOneOptions<T>) {
|
||||||
|
|||||||
@@ -1,21 +1,21 @@
|
|||||||
export const Constants = {
|
export const Constants = {
|
||||||
dataDir: './data',
|
dataDir: "./data",
|
||||||
role: {
|
role: {
|
||||||
defaultUser: 3,
|
defaultUser: 3,
|
||||||
},
|
},
|
||||||
per: {
|
per: {
|
||||||
//无需登录
|
//无需登录
|
||||||
guest: '_guest_',
|
guest: "_guest_",
|
||||||
//无需登录
|
//无需登录
|
||||||
anonymous: '_guest_',
|
anonymous: "_guest_",
|
||||||
//无需登录,有 token 时解析当前用户
|
//无需登录,有 token 时解析当前用户
|
||||||
guestOptionalAuth: '_guestOptionalAuth_',
|
guestOptionalAuth: "_guestOptionalAuth_",
|
||||||
//仅需要登录
|
//仅需要登录
|
||||||
authOnly: '_authOnly_',
|
authOnly: "_authOnly_",
|
||||||
//仅需要登录
|
//仅需要登录
|
||||||
loginOnly: '_authOnly_',
|
loginOnly: "_authOnly_",
|
||||||
|
|
||||||
open: '_open_',
|
open: "_open_",
|
||||||
},
|
},
|
||||||
res: {
|
res: {
|
||||||
serverError(message: string) {
|
serverError(message: string) {
|
||||||
@@ -26,102 +26,102 @@ export const Constants = {
|
|||||||
},
|
},
|
||||||
error: {
|
error: {
|
||||||
code: 1,
|
code: 1,
|
||||||
message: 'Internal server error',
|
message: "Internal server error",
|
||||||
},
|
},
|
||||||
success: {
|
success: {
|
||||||
code: 0,
|
code: 0,
|
||||||
message: 'success',
|
message: "success",
|
||||||
},
|
},
|
||||||
validation: {
|
validation: {
|
||||||
code: 10,
|
code: 10,
|
||||||
message: '参数错误',
|
message: "参数错误",
|
||||||
},
|
},
|
||||||
needvip: {
|
needvip: {
|
||||||
code: 88,
|
code: 88,
|
||||||
message: '需要VIP',
|
message: "需要VIP",
|
||||||
},
|
},
|
||||||
needsuite: {
|
needsuite: {
|
||||||
code: 89,
|
code: 89,
|
||||||
message: '需要购买或升级套餐',
|
message: "需要购买或升级套餐",
|
||||||
},
|
},
|
||||||
loginError: {
|
loginError: {
|
||||||
code: 2,
|
code: 2,
|
||||||
message: '登录失败',
|
message: "登录失败",
|
||||||
},
|
},
|
||||||
codeError: {
|
codeError: {
|
||||||
code: 3,
|
code: 3,
|
||||||
message: '验证码错误',
|
message: "验证码错误",
|
||||||
},
|
},
|
||||||
auth: {
|
auth: {
|
||||||
code: 401,
|
code: 401,
|
||||||
message: '您还未登录或token已过期',
|
message: "您还未登录或token已过期",
|
||||||
},
|
},
|
||||||
permission: {
|
permission: {
|
||||||
code: 402,
|
code: 402,
|
||||||
message: '您没有权限',
|
message: "您没有权限",
|
||||||
},
|
},
|
||||||
param: {
|
param: {
|
||||||
code: 400,
|
code: 400,
|
||||||
message: '参数错误',
|
message: "参数错误",
|
||||||
},
|
},
|
||||||
notFound: {
|
notFound: {
|
||||||
code: 404,
|
code: 404,
|
||||||
message: '页面/文件/资源不存在',
|
message: "页面/文件/资源不存在",
|
||||||
},
|
},
|
||||||
|
|
||||||
preview: {
|
preview: {
|
||||||
code: 10001,
|
code: 10001,
|
||||||
message: '对不起,预览环境不允许修改此数据',
|
message: "对不起,预览环境不允许修改此数据",
|
||||||
},
|
},
|
||||||
siteOff:{
|
siteOff: {
|
||||||
code: 10010,
|
code: 10010,
|
||||||
message: '站点已关闭',
|
message: "站点已关闭",
|
||||||
},
|
},
|
||||||
need2fa:{
|
need2fa: {
|
||||||
code: 10020,
|
code: 10020,
|
||||||
message: '需要2FA认证',
|
message: "需要2FA认证",
|
||||||
},
|
},
|
||||||
openKeyError: {
|
openKeyError: {
|
||||||
code: 20000,
|
code: 20000,
|
||||||
message: 'ApiToken错误',
|
message: "ApiToken错误",
|
||||||
},
|
},
|
||||||
openKeySignError: {
|
openKeySignError: {
|
||||||
code: 20001,
|
code: 20001,
|
||||||
message: 'ApiToken签名错误',
|
message: "ApiToken签名错误",
|
||||||
},
|
},
|
||||||
openKeyExpiresError: {
|
openKeyExpiresError: {
|
||||||
code: 20002,
|
code: 20002,
|
||||||
message: 'ApiToken时间戳错误',
|
message: "ApiToken时间戳错误",
|
||||||
},
|
},
|
||||||
openKeySignTypeError: {
|
openKeySignTypeError: {
|
||||||
code: 20003,
|
code: 20003,
|
||||||
message: 'ApiToken签名类型不支持',
|
message: "ApiToken签名类型不支持",
|
||||||
},
|
},
|
||||||
openParamError: {
|
openParamError: {
|
||||||
code: 20010,
|
code: 20010,
|
||||||
message: '请求参数错误',
|
message: "请求参数错误",
|
||||||
},
|
},
|
||||||
openCertNotFound: {
|
openCertNotFound: {
|
||||||
code: 20011,
|
code: 20011,
|
||||||
message: '证书不存在',
|
message: "证书不存在",
|
||||||
},
|
},
|
||||||
openCertNotReady: {
|
openCertNotReady: {
|
||||||
code: 20012,
|
code: 20012,
|
||||||
message: '证书还未生成',
|
message: "证书还未生成",
|
||||||
},
|
},
|
||||||
openCertApplying: {
|
openCertApplying: {
|
||||||
code: 20013,
|
code: 20013,
|
||||||
message: '证书正在申请中,请稍后重新获取',
|
message: "证书正在申请中,请稍后重新获取",
|
||||||
},
|
},
|
||||||
openDomainNoVerifier:{
|
openDomainNoVerifier: {
|
||||||
code: 20014,
|
code: 20014,
|
||||||
message: '域名校验方式未配置',
|
message: "域名校验方式未配置",
|
||||||
},
|
},
|
||||||
openEmailNotFound: {
|
openEmailNotFound: {
|
||||||
code: 20021,
|
code: 20021,
|
||||||
message: '用户邮箱还未配置',
|
message: "用户邮箱还未配置",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
systemUserId: 0, // 系统级别userid固定为0
|
systemUserId: 0, // 系统级别userid固定为0
|
||||||
enterpriseUserId: -1 // 企业模式用户id固定为-1
|
enterpriseUserId: -1, // 企业模式用户id固定为-1
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -1,11 +1,11 @@
|
|||||||
import { ALL, Body, Post, Query } from '@midwayjs/core';
|
import { ALL, Body, Post, Query } from "@midwayjs/core";
|
||||||
import { BaseController } from './base-controller.js';
|
import { BaseController } from "./base-controller.js";
|
||||||
|
|
||||||
export abstract class CrudController<T> extends BaseController {
|
export abstract class CrudController<T> extends BaseController {
|
||||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||||
abstract getService<T>();
|
abstract getService<T>();
|
||||||
|
|
||||||
@Post('/page')
|
@Post("/page")
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const pageRet = await this.getService().page({
|
const pageRet = await this.getService().page({
|
||||||
query: body.query ?? {},
|
query: body.query ?? {},
|
||||||
@@ -16,7 +16,7 @@ export abstract class CrudController<T> extends BaseController {
|
|||||||
return this.ok(pageRet);
|
return this.ok(pageRet);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/list')
|
@Post("/list")
|
||||||
async list(@Body(ALL) body: any) {
|
async list(@Body(ALL) body: any) {
|
||||||
const listRet = await this.getService().list({
|
const listRet = await this.getService().list({
|
||||||
query: body.query ?? {},
|
query: body.query ?? {},
|
||||||
@@ -25,33 +25,33 @@ export abstract class CrudController<T> extends BaseController {
|
|||||||
return this.ok(listRet);
|
return this.ok(listRet);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/add')
|
@Post("/add")
|
||||||
async add(@Body(ALL) bean: any) {
|
async add(@Body(ALL) bean: any) {
|
||||||
delete bean.id;
|
delete bean.id;
|
||||||
const id = await this.getService().add(bean);
|
const id = await this.getService().add(bean);
|
||||||
return this.ok(id);
|
return this.ok(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/info')
|
@Post("/info")
|
||||||
async info(@Query('id') id: number) {
|
async info(@Query("id") id: number) {
|
||||||
const bean = await this.getService().info(id);
|
const bean = await this.getService().info(id);
|
||||||
return this.ok(bean);
|
return this.ok(bean);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/update')
|
@Post("/update")
|
||||||
async update(@Body(ALL) bean: any) {
|
async update(@Body(ALL) bean: any) {
|
||||||
await this.getService().update(bean);
|
await this.getService().update(bean);
|
||||||
return this.ok(null);
|
return this.ok(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/delete')
|
@Post("/delete")
|
||||||
async delete(@Query('id') id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.getService().delete([id]);
|
await this.getService().delete([id]);
|
||||||
return this.ok(null);
|
return this.ok(null);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post('/deleteByIds')
|
@Post("/deleteByIds")
|
||||||
async deleteByIds(@Body('ids') ids: number[]) {
|
async deleteByIds(@Body("ids") ids: number[]) {
|
||||||
await this.getService().delete(ids);
|
await this.getService().delete(ids);
|
||||||
return this.ok(null);
|
return this.ok(null);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,12 +1,14 @@
|
|||||||
import { Constants } from '../constants.js';
|
import { Constants } from "../constants.js";
|
||||||
import { BaseException } from './base-exception.js';
|
import { BaseException } from "./base-exception.js";
|
||||||
/**
|
/**
|
||||||
* 通用异常
|
* 通用异常
|
||||||
*/
|
*/
|
||||||
export class LoginErrorException extends BaseException {
|
export class LoginErrorException extends BaseException {
|
||||||
leftCount: number;
|
leftCount: number;
|
||||||
constructor(message, leftCount: number) {
|
userId?: number;
|
||||||
super('LoginErrorException', Constants.res.loginError.code, message ? message : Constants.res.loginError.message);
|
constructor(message, leftCount: number, userId?: number) {
|
||||||
|
super("LoginErrorException", Constants.res.loginError.code, message ? message : Constants.res.loginError.message);
|
||||||
this.leftCount = leftCount;
|
this.leftCount = leftCount;
|
||||||
|
this.userId = userId;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,8 +1,9 @@
|
|||||||
export * from './base-controller.js';
|
export * from "./base-controller.js";
|
||||||
export * from './constants.js';
|
export * from "./constants.js";
|
||||||
export * from './crud-controller.js';
|
export * from "./crud-controller.js";
|
||||||
export * from './enum-item.js';
|
export * from "./enum-item.js";
|
||||||
export * from './exception/index.js';
|
export * from "./exception/index.js";
|
||||||
export * from './result.js';
|
export * from "./result.js";
|
||||||
export * from './base-service.js';
|
export * from "./base-service.js";
|
||||||
export * from "./mode.js"
|
export * from "./audit.js";
|
||||||
|
export * from "./mode.js";
|
||||||
|
|||||||
@@ -1,12 +1,12 @@
|
|||||||
let adminMode = "saas"
|
let adminMode = "saas";
|
||||||
|
|
||||||
export function setAdminMode(mode:string = "saas"){
|
export function setAdminMode(mode: string = "saas") {
|
||||||
adminMode = mode
|
adminMode = mode;
|
||||||
}
|
}
|
||||||
export function getAdminMode(){
|
export function getAdminMode() {
|
||||||
return adminMode
|
return adminMode;
|
||||||
}
|
}
|
||||||
|
|
||||||
export function isEnterprise(){
|
export function isEnterprise() {
|
||||||
return adminMode === "enterprise"
|
return adminMode === "enterprise";
|
||||||
}
|
}
|
||||||
@@ -18,6 +18,7 @@ export default {
|
|||||||
openKey: "Open API Key",
|
openKey: "Open API Key",
|
||||||
notification: "Notification Settings",
|
notification: "Notification Settings",
|
||||||
siteMonitorSetting: "Site Monitor Settings",
|
siteMonitorSetting: "Site Monitor Settings",
|
||||||
|
auditLog: "Audit Log",
|
||||||
userSecurity: "Security Settings",
|
userSecurity: "Security Settings",
|
||||||
userProfile: "Account Info",
|
userProfile: "Account Info",
|
||||||
userGrant: "Grant Delegation",
|
userGrant: "Grant Delegation",
|
||||||
@@ -67,6 +68,7 @@ export default {
|
|||||||
projectJoin: "Join Project",
|
projectJoin: "Join Project",
|
||||||
currentProject: "Current Project",
|
currentProject: "Current Project",
|
||||||
projectMemberManager: "Project Member",
|
projectMemberManager: "Project Member",
|
||||||
|
auditLog: "Audit Log",
|
||||||
domainMonitorSetting: "Domain Monitor Settings",
|
domainMonitorSetting: "Domain Monitor Settings",
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -18,6 +18,7 @@ export default {
|
|||||||
openKey: "开放接口密钥",
|
openKey: "开放接口密钥",
|
||||||
notification: "通知设置",
|
notification: "通知设置",
|
||||||
siteMonitorSetting: "站点监控设置",
|
siteMonitorSetting: "站点监控设置",
|
||||||
|
auditLog: "操作日志",
|
||||||
userSecurity: "认证安全设置",
|
userSecurity: "认证安全设置",
|
||||||
userProfile: "账号信息",
|
userProfile: "账号信息",
|
||||||
userGrant: "授权委托",
|
userGrant: "授权委托",
|
||||||
@@ -67,6 +68,7 @@ export default {
|
|||||||
projectJoin: "加入项目",
|
projectJoin: "加入项目",
|
||||||
currentProject: "当前项目",
|
currentProject: "当前项目",
|
||||||
projectMemberManager: "项目成员管理",
|
projectMemberManager: "项目成员管理",
|
||||||
|
auditLog: "审计日志",
|
||||||
domainMonitorSetting: "域名监控设置",
|
domainMonitorSetting: "域名监控设置",
|
||||||
jobHistory: "监控执行记录",
|
jobHistory: "监控执行记录",
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -287,6 +287,22 @@ export const certdResources = [
|
|||||||
isMenu: true,
|
isMenu: true,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
title: "certd.auditLog",
|
||||||
|
name: "AuditLog",
|
||||||
|
path: "/certd/audit",
|
||||||
|
component: "/certd/audit/index.vue",
|
||||||
|
meta: {
|
||||||
|
icon: "ion:document-text-outline",
|
||||||
|
auth: true,
|
||||||
|
keepAlive: true,
|
||||||
|
isMenu: true,
|
||||||
|
show: () => {
|
||||||
|
const settingStore = useSettingStore();
|
||||||
|
return settingStore.isPlus;
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
title: "certd.userSecurity",
|
title: "certd.userSecurity",
|
||||||
name: "UserSecurity",
|
name: "UserSecurity",
|
||||||
|
|||||||
@@ -410,6 +410,22 @@ export const sysResources = [
|
|||||||
},
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
title: "certd.sysResources.auditLog",
|
||||||
|
name: "SysAuditLog",
|
||||||
|
path: "/sys/audit",
|
||||||
|
component: "/sys/audit/index.vue",
|
||||||
|
meta: {
|
||||||
|
icon: "ion:document-text-outline",
|
||||||
|
keepAlive: true,
|
||||||
|
auth: true,
|
||||||
|
isMenu: true,
|
||||||
|
show: () => {
|
||||||
|
const settingStore = useSettingStore();
|
||||||
|
return settingStore.isPlus;
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
title: "certd.sysResources.netTest",
|
title: "certd.sysResources.netTest",
|
||||||
name: "NetTest",
|
name: "NetTest",
|
||||||
|
|||||||
@@ -0,0 +1,28 @@
|
|||||||
|
import { request } from "/src/api/service";
|
||||||
|
|
||||||
|
const apiPrefix = "/pi/audit";
|
||||||
|
|
||||||
|
export function createAuditApi() {
|
||||||
|
return {
|
||||||
|
async GetList(query: any) {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/page",
|
||||||
|
method: "post",
|
||||||
|
data: query,
|
||||||
|
});
|
||||||
|
},
|
||||||
|
async DelObj(id: number) {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/delete",
|
||||||
|
method: "post",
|
||||||
|
params: { id },
|
||||||
|
});
|
||||||
|
},
|
||||||
|
async GetDict() {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/dict",
|
||||||
|
method: "post",
|
||||||
|
});
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -0,0 +1,113 @@
|
|||||||
|
import { CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, UserPageQuery, UserPageRes, dict } from "@fast-crud/fast-crud";
|
||||||
|
import { useI18n } from "/src/locales";
|
||||||
|
import { useDicts } from "../dicts";
|
||||||
|
|
||||||
|
const typeDict = dict({
|
||||||
|
url: "/pi/audit/dict",
|
||||||
|
getData: async () => {
|
||||||
|
const { createAuditApi } = await import("./api");
|
||||||
|
const api = createAuditApi();
|
||||||
|
const res = await api.GetDict();
|
||||||
|
return res.types || [];
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const actionDict = dict({
|
||||||
|
url: "/pi/audit/dict",
|
||||||
|
getData: async () => {
|
||||||
|
const { createAuditApi } = await import("./api");
|
||||||
|
const api = createAuditApi();
|
||||||
|
const res = await api.GetDict();
|
||||||
|
return res.actions || [];
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
|
||||||
|
const { t } = useI18n();
|
||||||
|
const { myProjectDict } = useDicts();
|
||||||
|
const api = context.api;
|
||||||
|
|
||||||
|
const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
|
||||||
|
return await api.GetList(query);
|
||||||
|
};
|
||||||
|
const delRequest = async (req: DelReq) => {
|
||||||
|
return await api.DelObj(req.row.id);
|
||||||
|
};
|
||||||
|
|
||||||
|
return {
|
||||||
|
crudOptions: {
|
||||||
|
request: { pageRequest, delRequest },
|
||||||
|
actionbar: {
|
||||||
|
buttons: {
|
||||||
|
add: { show: false },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
rowHandle: {
|
||||||
|
width: 120,
|
||||||
|
fixed: "right",
|
||||||
|
buttons: {
|
||||||
|
view: { show: false },
|
||||||
|
edit: { show: false },
|
||||||
|
remove: { show: true },
|
||||||
|
copy: { show: false },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
columns: {
|
||||||
|
id: {
|
||||||
|
title: "ID",
|
||||||
|
type: "number",
|
||||||
|
column: { width: 80 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
createTime: {
|
||||||
|
title: "操作时间",
|
||||||
|
type: "datetime",
|
||||||
|
search: {
|
||||||
|
show: true,
|
||||||
|
component: {
|
||||||
|
name: "a-range-picker",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
column: { width: 170, sorter: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
type: {
|
||||||
|
title: "操作类型",
|
||||||
|
type: "dict-select",
|
||||||
|
dict: typeDict,
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 120 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
action: {
|
||||||
|
title: "操作动作",
|
||||||
|
type: "text",
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 200, tooltip: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
content: {
|
||||||
|
title: "备注",
|
||||||
|
type: "text",
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 700, tooltip: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
ipAddress: {
|
||||||
|
title: "IP地址",
|
||||||
|
type: "text",
|
||||||
|
column: { width: 140 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
projectId: {
|
||||||
|
title: t("certd.fields.projectName"),
|
||||||
|
type: "dict-select",
|
||||||
|
dict: myProjectDict,
|
||||||
|
form: {
|
||||||
|
show: false,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -0,0 +1,24 @@
|
|||||||
|
<template>
|
||||||
|
<fs-page>
|
||||||
|
<template #header>
|
||||||
|
<div class="title">
|
||||||
|
操作日志
|
||||||
|
<span class="sub">查看您的操作记录</span>
|
||||||
|
</div>
|
||||||
|
</template>
|
||||||
|
<fs-crud ref="crudRef" v-bind="crudBinding" />
|
||||||
|
</fs-page>
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<script lang="ts" setup>
|
||||||
|
import { useFs } from "@fast-crud/fast-crud";
|
||||||
|
import createCrudOptions from "./crud";
|
||||||
|
import { createAuditApi } from "./api";
|
||||||
|
import { useMounted } from "/@/use/use-mounted";
|
||||||
|
|
||||||
|
defineOptions({ name: "AuditLog" });
|
||||||
|
|
||||||
|
const api = createAuditApi();
|
||||||
|
const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
|
||||||
|
useMounted(() => crudExpose.doRefresh());
|
||||||
|
</script>
|
||||||
@@ -0,0 +1,35 @@
|
|||||||
|
import { request } from "/src/api/service";
|
||||||
|
|
||||||
|
const apiPrefix = "/sys/audit";
|
||||||
|
|
||||||
|
export function createSysAuditApi() {
|
||||||
|
return {
|
||||||
|
async GetList(query: any) {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/page",
|
||||||
|
method: "post",
|
||||||
|
data: query,
|
||||||
|
});
|
||||||
|
},
|
||||||
|
async DelObj(id: number) {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/delete",
|
||||||
|
method: "post",
|
||||||
|
params: { id },
|
||||||
|
});
|
||||||
|
},
|
||||||
|
async Clean(retentionDays: number) {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/clean",
|
||||||
|
method: "post",
|
||||||
|
data: { retentionDays },
|
||||||
|
});
|
||||||
|
},
|
||||||
|
async GetDict() {
|
||||||
|
return await request({
|
||||||
|
url: apiPrefix + "/dict",
|
||||||
|
method: "post",
|
||||||
|
});
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -0,0 +1,167 @@
|
|||||||
|
import { CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, UserPageQuery, UserPageRes, dict } from "@fast-crud/fast-crud";
|
||||||
|
import { Modal } from "ant-design-vue";
|
||||||
|
import { useI18n } from "/src/locales";
|
||||||
|
import { useDicts } from "/@/views/certd/dicts";
|
||||||
|
|
||||||
|
const typeDict = dict({
|
||||||
|
url: "/sys/audit/dict",
|
||||||
|
getData: async () => {
|
||||||
|
const { createSysAuditApi } = await import("./api");
|
||||||
|
const api = createSysAuditApi();
|
||||||
|
const res = await api.GetDict();
|
||||||
|
return res.types || [];
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
const actionDict = dict({
|
||||||
|
url: "/sys/audit/dict",
|
||||||
|
getData: async () => {
|
||||||
|
const { createSysAuditApi } = await import("./api");
|
||||||
|
const api = createSysAuditApi();
|
||||||
|
const res = await api.GetDict();
|
||||||
|
return res.actions || [];
|
||||||
|
},
|
||||||
|
});
|
||||||
|
|
||||||
|
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
|
||||||
|
const { t } = useI18n();
|
||||||
|
const { myProjectDict } = useDicts();
|
||||||
|
const api = context.api;
|
||||||
|
|
||||||
|
const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
|
||||||
|
return await api.GetList(query);
|
||||||
|
};
|
||||||
|
const delRequest = async (req: DelReq) => {
|
||||||
|
return await api.DelObj(req.row.id);
|
||||||
|
};
|
||||||
|
|
||||||
|
const cleanExpired = async () => {
|
||||||
|
Modal.confirm({
|
||||||
|
title: "确认清理",
|
||||||
|
content: "确定要清理90天前的审计日志吗?此操作不可撤销。",
|
||||||
|
okText: "确认清理",
|
||||||
|
okType: "danger",
|
||||||
|
cancelText: "取消",
|
||||||
|
async onOk() {
|
||||||
|
await api.Clean(90);
|
||||||
|
crudExpose.doRefresh();
|
||||||
|
},
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
return {
|
||||||
|
crudOptions: {
|
||||||
|
request: { pageRequest, delRequest },
|
||||||
|
tabs: {
|
||||||
|
name: "scope",
|
||||||
|
show: true,
|
||||||
|
dict: {
|
||||||
|
data: [
|
||||||
|
{ value: "system", label: "系统级", color: "red" },
|
||||||
|
{ value: "user", label: "用户级", color: "blue" },
|
||||||
|
],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
actionbar: {
|
||||||
|
buttons: {
|
||||||
|
add: { show: false },
|
||||||
|
clean: {
|
||||||
|
text: "清理过期日志(90天)",
|
||||||
|
type: "primary",
|
||||||
|
danger: true,
|
||||||
|
click: cleanExpired,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
rowHandle: {
|
||||||
|
width: 120,
|
||||||
|
fixed: "right",
|
||||||
|
buttons: {
|
||||||
|
view: { show: false },
|
||||||
|
edit: { show: false },
|
||||||
|
remove: { show: true },
|
||||||
|
copy: { show: false },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
search: {
|
||||||
|
initialForm: { scope: "system" },
|
||||||
|
},
|
||||||
|
columns: {
|
||||||
|
id: {
|
||||||
|
title: "ID",
|
||||||
|
type: "number",
|
||||||
|
column: { width: 80 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
createTime: {
|
||||||
|
title: "操作时间",
|
||||||
|
type: "datetime",
|
||||||
|
search: {
|
||||||
|
show: true,
|
||||||
|
component: {
|
||||||
|
name: "a-range-picker",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
column: { width: 170, sorter: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
username: {
|
||||||
|
title: "操作人",
|
||||||
|
type: "text",
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 120 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
type: {
|
||||||
|
title: "类型",
|
||||||
|
type: "dict-select",
|
||||||
|
dict: typeDict,
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 120 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
action: {
|
||||||
|
title: "操作",
|
||||||
|
type: "text",
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 200, tooltip: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
content: {
|
||||||
|
title: "备注",
|
||||||
|
type: "text",
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 500, tooltip: true },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
ipAddress: {
|
||||||
|
title: "IP地址",
|
||||||
|
type: "text",
|
||||||
|
column: { width: 140 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
projectId: {
|
||||||
|
title: t("certd.fields.projectName"),
|
||||||
|
type: "dict-select",
|
||||||
|
dict: myProjectDict,
|
||||||
|
form: {
|
||||||
|
show: false,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
scope: {
|
||||||
|
title: "范围",
|
||||||
|
type: "dict-select",
|
||||||
|
dict: dict({
|
||||||
|
data: [
|
||||||
|
{ value: "system", label: "系统级", color: "blue" },
|
||||||
|
{ value: "user", label: "用户级", color: "green" },
|
||||||
|
],
|
||||||
|
}),
|
||||||
|
search: { show: true },
|
||||||
|
column: { width: 100 },
|
||||||
|
form: { show: false },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -0,0 +1,24 @@
|
|||||||
|
<template>
|
||||||
|
<fs-page>
|
||||||
|
<template #header>
|
||||||
|
<div class="title">
|
||||||
|
操作日志
|
||||||
|
<span class="sub">查看所有用户的操作记录</span>
|
||||||
|
</div>
|
||||||
|
</template>
|
||||||
|
<fs-crud ref="crudRef" v-bind="crudBinding" />
|
||||||
|
</fs-page>
|
||||||
|
</template>
|
||||||
|
|
||||||
|
<script lang="ts" setup>
|
||||||
|
import { useFs } from "@fast-crud/fast-crud";
|
||||||
|
import createCrudOptions from "./crud";
|
||||||
|
import { createSysAuditApi } from "./api";
|
||||||
|
import { useMounted } from "/@/use/use-mounted";
|
||||||
|
|
||||||
|
defineOptions({ name: "SysAuditLog" });
|
||||||
|
|
||||||
|
const api = createSysAuditApi();
|
||||||
|
const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
|
||||||
|
useMounted(() => crudExpose.doRefresh());
|
||||||
|
</script>
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
ALTER TABLE `cd_audit_log` ADD COLUMN `scope` varchar(32) NOT NULL DEFAULT 'user';
|
||||||
|
CREATE INDEX `index_audit_log_scope` ON `cd_audit_log` (`scope`);
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
ALTER TABLE "cd_audit_log" ADD COLUMN "scope" varchar(32) NOT NULL DEFAULT ('user');
|
||||||
|
CREATE INDEX "index_audit_log_scope" ON "cd_audit_log" ("scope");
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
ALTER TABLE "cd_audit_log" ADD COLUMN "scope" varchar(32) NOT NULL DEFAULT ('user');
|
||||||
|
CREATE INDEX "index_audit_log_scope" ON "cd_audit_log" ("scope");
|
||||||
@@ -12,6 +12,7 @@ import cors from "@koa/cors";
|
|||||||
import { GlobalExceptionMiddleware } from "./middleware/global-exception.js";
|
import { GlobalExceptionMiddleware } from "./middleware/global-exception.js";
|
||||||
import { PreviewMiddleware } from "./middleware/preview.js";
|
import { PreviewMiddleware } from "./middleware/preview.js";
|
||||||
import { AuthorityMiddleware } from "./middleware/authority.js";
|
import { AuthorityMiddleware } from "./middleware/authority.js";
|
||||||
|
import { AuditLogMiddleware } from "./middleware/audit-log.js";
|
||||||
import { logger } from "@certd/basic";
|
import { logger } from "@certd/basic";
|
||||||
import { ResetPasswdMiddleware } from "./middleware/reset-passwd/middleware.js";
|
import { ResetPasswdMiddleware } from "./middleware/reset-passwd/middleware.js";
|
||||||
import DefaultConfig from "./config/config.default.js";
|
import DefaultConfig from "./config/config.default.js";
|
||||||
@@ -113,6 +114,7 @@ export class MainConfiguration {
|
|||||||
PreviewMiddleware,
|
PreviewMiddleware,
|
||||||
//授权处理
|
//授权处理
|
||||||
AuthorityMiddleware,
|
AuthorityMiddleware,
|
||||||
|
AuditLogMiddleware,
|
||||||
|
|
||||||
//resetPasswd,重置密码模式下不提供服务
|
//resetPasswd,重置密码模式下不提供服务
|
||||||
ResetPasswdMiddleware,
|
ResetPasswdMiddleware,
|
||||||
|
|||||||
@@ -1,8 +1,9 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||||
import { BaseController, CommonException, Constants, SysSettingsService } from "@certd/lib-server";
|
import { BaseController, CommonException, Constants, SysSettingsService } from "@certd/lib-server";
|
||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
|
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
|
||||||
import { LoginService } from "../../../modules/login/service/login-service.js";
|
import { LoginService } from "../../../modules/login/service/login-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -19,7 +20,11 @@ export class ForgotPasswordController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
sysSettingsService: SysSettingsService;
|
sysSettingsService: SysSettingsService;
|
||||||
|
|
||||||
@Post("/forgotPassword", { description: Constants.per.guest })
|
getAuditType(): string {
|
||||||
|
return AuditType.login;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/forgotPassword", { description: Constants.per.guest, summary: "找回密码" })
|
||||||
public async forgotPassword(
|
public async forgotPassword(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: any
|
body: any
|
||||||
@@ -28,15 +33,13 @@ export class ForgotPasswordController extends BaseController {
|
|||||||
if (!sysSettings.selfServicePasswordRetrievalEnabled) {
|
if (!sysSettings.selfServicePasswordRetrievalEnabled) {
|
||||||
throw new CommonException("暂未开启自助找回");
|
throw new CommonException("暂未开启自助找回");
|
||||||
}
|
}
|
||||||
// 找回密码的验证码允许错误次数
|
|
||||||
const maxErrorCount = 5;
|
|
||||||
|
|
||||||
if (body.type === "email") {
|
if (body.type === "email") {
|
||||||
this.codeService.checkEmailCode({
|
this.codeService.checkEmailCode({
|
||||||
verificationType: "forgotPassword",
|
verificationType: "forgotPassword",
|
||||||
email: body.input,
|
email: body.input,
|
||||||
validateCode: body.validateCode,
|
validateCode: body.validateCode,
|
||||||
maxErrorCount: maxErrorCount,
|
maxErrorCount: 5,
|
||||||
throwError: true,
|
throwError: true,
|
||||||
});
|
});
|
||||||
} else if (body.type === "mobile") {
|
} else if (body.type === "mobile") {
|
||||||
@@ -45,14 +48,15 @@ export class ForgotPasswordController extends BaseController {
|
|||||||
mobile: body.input,
|
mobile: body.input,
|
||||||
phoneCode: body.phoneCode,
|
phoneCode: body.phoneCode,
|
||||||
smsCode: body.validateCode,
|
smsCode: body.validateCode,
|
||||||
maxErrorCount: maxErrorCount,
|
maxErrorCount: 5,
|
||||||
throwError: true,
|
throwError: true,
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
throw new CommonException("暂不支持的找回类型,请联系管理员找回");
|
throw new CommonException("暂不支持的找回类型,请联系管理员找回");
|
||||||
}
|
}
|
||||||
const username = await this.userService.forgotPassword(body);
|
const {id,username} = await this.userService.forgotPassword(body);
|
||||||
username && this.loginService.clearCacheOnSuccess(username);
|
username && this.loginService.clearCacheOnSuccess(username);
|
||||||
|
this.auditLog({ userId: id, content: "用户请求找回密码" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,10 +1,11 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
|
||||||
import { LoginService } from "../../../modules/login/service/login-service.js";
|
import { LoginService } from "../../../modules/login/service/login-service.js";
|
||||||
import { AddonService, BaseController, Constants, SysPublicSettings, SysSettingsService } from "@certd/lib-server";
|
import { AddonService, BaseController, Constants, SysPublicSettings, SysSettingsService } from "@certd/lib-server";
|
||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { checkComm } from "@certd/plus-core";
|
import { checkComm } from "@certd/plus-core";
|
||||||
import { CaptchaService } from "../../../modules/basic/service/captcha-service.js";
|
import { CaptchaService } from "../../../modules/basic/service/captcha-service.js";
|
||||||
import { PasskeyService } from "../../../modules/login/service/passkey-service.js";
|
import { PasskeyService } from "../../../modules/login/service/passkey-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -27,7 +28,11 @@ export class LoginController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
passkeyService: PasskeyService;
|
passkeyService: PasskeyService;
|
||||||
|
|
||||||
@Post("/login", { description: Constants.per.guest })
|
getAuditType(): string {
|
||||||
|
return AuditType.login;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/login", { description: Constants.per.guest, summary: "用户名密码登录" })
|
||||||
public async login(
|
public async login(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: any,
|
body: any,
|
||||||
@@ -38,16 +43,22 @@ export class LoginController extends BaseController {
|
|||||||
if (settings.captchaEnabled === true) {
|
if (settings.captchaEnabled === true) {
|
||||||
await this.captchaService.doValidate({ form: body.captcha, must: false, captchaAddonId: settings.captchaAddonId, req: { remoteIp } });
|
await this.captchaService.doValidate({ form: body.captcha, must: false, captchaAddonId: settings.captchaAddonId, req: { remoteIp } });
|
||||||
}
|
}
|
||||||
const token = await this.loginService.loginByPassword(body);
|
try {
|
||||||
this.writeTokenCookie(token);
|
const token = await this.loginService.loginByPassword(body);
|
||||||
return this.ok(token);
|
this.writeTokenCookie(token);
|
||||||
|
this.auditLog({ userId: token.userId, username: body.username, content: `用户「${body.username}」登录成功` });
|
||||||
|
return this.ok(token);
|
||||||
|
} catch (err:any) {
|
||||||
|
this.auditLog({userId:err.userId, username: body.username, content: `用户「${body.username}」登录失败` });
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private writeTokenCookie(token: { expire: any; token: any }) {
|
private writeTokenCookie(token: { expire: any; token: any }) {
|
||||||
// this.loginService.writeTokenCookie(this.ctx,token);
|
// this.loginService.writeTokenCookie(this.ctx,token);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/loginBySms", { description: Constants.per.guest })
|
@Post("/loginBySms", { description: Constants.per.guest, summary: "短信验证码登录" })
|
||||||
public async loginBySms(
|
public async loginBySms(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: any
|
body: any
|
||||||
@@ -58,31 +69,42 @@ export class LoginController extends BaseController {
|
|||||||
}
|
}
|
||||||
checkComm();
|
checkComm();
|
||||||
|
|
||||||
const token = await this.loginService.loginBySmsCode({
|
try {
|
||||||
phoneCode: body.phoneCode,
|
const token = await this.loginService.loginBySmsCode({
|
||||||
mobile: body.mobile,
|
phoneCode: body.phoneCode,
|
||||||
smsCode: body.smsCode,
|
mobile: body.mobile,
|
||||||
randomStr: body.randomStr,
|
smsCode: body.smsCode,
|
||||||
inviteCode: body.inviteCode,
|
randomStr: body.randomStr,
|
||||||
});
|
inviteCode: body.inviteCode,
|
||||||
|
});
|
||||||
|
|
||||||
this.writeTokenCookie(token);
|
this.writeTokenCookie(token);
|
||||||
|
this.auditLog({ userId: token.userId, username: body.mobile, content: `用户「${body.mobile}」短信登录成功` });
|
||||||
return this.ok(token);
|
return this.ok(token);
|
||||||
|
} catch (err) {
|
||||||
|
this.auditLog({ userId: err.userId, username: body.mobile, content: `用户「${body.mobile}」短信登录失败` });
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/loginByTwoFactor", { description: Constants.per.guest })
|
@Post("/loginByTwoFactor", { description: Constants.per.guest, summary: "两步验证登录" })
|
||||||
public async loginByTwoFactor(
|
public async loginByTwoFactor(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: any
|
body: any
|
||||||
) {
|
) {
|
||||||
const token = await this.loginService.loginByTwoFactor({
|
try {
|
||||||
loginId: body.loginId,
|
const token = await this.loginService.loginByTwoFactor({
|
||||||
verifyCode: body.verifyCode,
|
loginId: body.loginId,
|
||||||
});
|
verifyCode: body.verifyCode,
|
||||||
|
});
|
||||||
|
|
||||||
this.writeTokenCookie(token);
|
this.writeTokenCookie(token);
|
||||||
return this.ok(token);
|
this.auditLog({ userId: token.userId, username: body.loginId, content: `用户「${body.loginId}」两步验证登录成功` });
|
||||||
|
return this.ok(token);
|
||||||
|
} catch (err) {
|
||||||
|
this.auditLog({ userId: err.userId, username: body.loginId, content: `用户「${body.loginId}」两步验证登录失败` });
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/passkey/generateAuthentication", { description: Constants.per.guest })
|
@Post("/passkey/generateAuthentication", { description: Constants.per.guest })
|
||||||
@@ -92,24 +114,30 @@ export class LoginController extends BaseController {
|
|||||||
return this.ok(options);
|
return this.ok(options);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/loginByPasskey", { description: Constants.per.guest })
|
@Post("/loginByPasskey", { description: Constants.per.guest, summary: "Passkey登录" })
|
||||||
public async loginByPasskey(
|
public async loginByPasskey(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: any
|
body: any
|
||||||
) {
|
) {
|
||||||
const credential = body.credential;
|
try {
|
||||||
const challenge = body.challenge;
|
const credential = body.credential;
|
||||||
|
const challenge = body.challenge;
|
||||||
|
|
||||||
const token = await this.loginService.loginByPasskey(
|
const token = await this.loginService.loginByPasskey(
|
||||||
{
|
{
|
||||||
credential,
|
credential,
|
||||||
challenge,
|
challenge,
|
||||||
},
|
},
|
||||||
this.ctx
|
this.ctx
|
||||||
);
|
);
|
||||||
|
|
||||||
// this.writeTokenCookie(token);
|
this.writeTokenCookie(token);
|
||||||
return this.ok(token);
|
this.auditLog({ userId: token.userId, content: "用户Passkey登录成功" });
|
||||||
|
return this.ok(token);
|
||||||
|
} catch (err) {
|
||||||
|
this.auditLog({ userId: err.userId, content: "用户Passkey登录失败" });
|
||||||
|
throw err;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/logout", { description: Constants.per.authOnly })
|
@Post("/logout", { description: Constants.per.authOnly })
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
import { logger, simpleNanoId, utils } from "@certd/basic";
|
import { logger, simpleNanoId, utils } from "@certd/basic";
|
||||||
import { addonRegistry, AddonService, BaseController, Constants, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
|
import { addonRegistry, AddonService, BaseController, Constants, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
|
||||||
import { checkPlus } from "@certd/plus-core";
|
import { checkPlus } from "@certd/plus-core";
|
||||||
import { ALL, Body, Controller, Get, Inject, Param, Post, Provide, Query } from "@midwayjs/core";
|
import { ALL, Body, Controller, Get, Inject, Param, Post, Provide, Query } from "@midwayjs/core";
|
||||||
@@ -8,6 +8,7 @@ import { LoginService } from "../../../modules/login/service/login-service.js";
|
|||||||
import { OauthBoundService } from "../../../modules/login/service/oauth-bound-service.js";
|
import { OauthBoundService } from "../../../modules/login/service/oauth-bound-service.js";
|
||||||
import { AddonGetterService } from "../../../modules/pipeline/service/addon-getter-service.js";
|
import { AddonGetterService } from "../../../modules/pipeline/service/addon-getter-service.js";
|
||||||
import { UserEntity } from "../../../modules/sys/authority/entity/user.js";
|
import { UserEntity } from "../../../modules/sys/authority/entity/user.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
import { IOauthProvider } from "../../../plugins/plugin-oauth/api.js";
|
import { IOauthProvider } from "../../../plugins/plugin-oauth/api.js";
|
||||||
|
|
||||||
type OauthProviderSetting = {
|
type OauthProviderSetting = {
|
||||||
@@ -48,6 +49,10 @@ export class ConnectController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
addonService: AddonService;
|
addonService: AddonService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.login;
|
||||||
|
}
|
||||||
|
|
||||||
private async getOauthProvider(type: string) {
|
private async getOauthProvider(type: string) {
|
||||||
const publicSettings = await this.sysSettingsService.getPublicSettings();
|
const publicSettings = await this.sysSettingsService.getPublicSettings();
|
||||||
if (!publicSettings?.oauthEnabled) {
|
if (!publicSettings?.oauthEnabled) {
|
||||||
@@ -68,12 +73,11 @@ export class ConnectController extends BaseController {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/login", { description: Constants.per.guest })
|
@Post("/login", { description: Constants.per.guest, summary: "第三方登录" })
|
||||||
public async login(@Body(ALL) body: { type: string; subtype?: string; forType?: string; from?: string }) {
|
public async login(@Body(ALL) body: { type: string; subtype?: string; forType?: string; from?: string }) {
|
||||||
const oauthProvider = await this.getOauthProvider(body.type);
|
const oauthProvider = await this.getOauthProvider(body.type);
|
||||||
const installInfo = await this.sysSettingsService.getSetting<SysInstallInfo>(SysInstallInfo);
|
const installInfo = await this.sysSettingsService.getSetting<SysInstallInfo>(SysInstallInfo);
|
||||||
const bindUrl = installInfo?.bindUrl || "";
|
const bindUrl = installInfo?.bindUrl || "";
|
||||||
//构造登录url
|
|
||||||
const redirectUrl = `${bindUrl}api/oauth/callback/${body.type}`;
|
const redirectUrl = `${bindUrl}api/oauth/callback/${body.type}`;
|
||||||
|
|
||||||
const stateObj = {
|
const stateObj = {
|
||||||
@@ -95,8 +99,6 @@ export class ConnectController extends BaseController {
|
|||||||
});
|
});
|
||||||
this.ctx.cookies.set("oauth_ticket", ticket, {
|
this.ctx.cookies.set("oauth_ticket", ticket, {
|
||||||
httpOnly: true,
|
httpOnly: true,
|
||||||
// secure: true,
|
|
||||||
// sameSite: "strict",
|
|
||||||
});
|
});
|
||||||
return this.ok({ loginUrl, ticket });
|
return this.ok({ loginUrl, ticket });
|
||||||
}
|
}
|
||||||
@@ -153,7 +155,7 @@ export class ConnectController extends BaseController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getLogoutUrl", { description: Constants.per.guest })
|
@Post("/getLogoutUrl", { description: Constants.per.guest, summary: "第三方登出" })
|
||||||
public async logout(@Body(ALL) body: any) {
|
public async logout(@Body(ALL) body: any) {
|
||||||
checkPlus();
|
checkPlus();
|
||||||
const oauthProvider = await this.getOauthProvider(body.type);
|
const oauthProvider = await this.getOauthProvider(body.type);
|
||||||
@@ -195,7 +197,7 @@ export class ConnectController extends BaseController {
|
|||||||
// this.loginService.writeTokenCookie(this.ctx,token);
|
// this.loginService.writeTokenCookie(this.ctx,token);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/autoRegister", { description: Constants.per.guest })
|
@Post("/autoRegister", { description: Constants.per.guest, summary: "第三方自动注册" })
|
||||||
public async autoRegister(@Body(ALL) body: { validationCode: string; type: string; inviteCode?: string }) {
|
public async autoRegister(@Body(ALL) body: { validationCode: string; type: string; inviteCode?: string }) {
|
||||||
const validationValue = this.codeService.getValidationValue(body.validationCode);
|
const validationValue = this.codeService.getValidationValue(body.validationCode);
|
||||||
if (!validationValue) {
|
if (!validationValue) {
|
||||||
@@ -219,12 +221,12 @@ export class ConnectController extends BaseController {
|
|||||||
|
|
||||||
const loginRes = await this.loginService.generateToken(newUser);
|
const loginRes = await this.loginService.generateToken(newUser);
|
||||||
this.writeTokenCookie(loginRes);
|
this.writeTokenCookie(loginRes);
|
||||||
|
this.auditLog({ userId: newUser.id, content: `第三方账号自动注册,类型: ${body.type}` });
|
||||||
return this.ok(loginRes);
|
return this.ok(loginRes);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/bind", { description: Constants.per.loginOnly })
|
@Post("/bind", { description: Constants.per.loginOnly, summary: "绑定第三方账号" })
|
||||||
public async bind(@Body(ALL) body: any) {
|
public async bind(@Body(ALL) body: any) {
|
||||||
//需要已登录
|
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
const validationValue = this.codeService.getValidationValue(body.validationCode);
|
const validationValue = this.codeService.getValidationValue(body.validationCode);
|
||||||
if (!validationValue) {
|
if (!validationValue) {
|
||||||
@@ -238,17 +240,18 @@ export class ConnectController extends BaseController {
|
|||||||
type,
|
type,
|
||||||
openId,
|
openId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ userId, content: `第三方账号绑定,类型: ${body.type}` });
|
||||||
return this.ok(1);
|
return this.ok(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/unbind", { description: Constants.per.loginOnly })
|
@Post("/unbind", { description: Constants.per.loginOnly, summary: "解绑第三方账号" })
|
||||||
public async unbind(@Body(ALL) body: any) {
|
public async unbind(@Body(ALL) body: any) {
|
||||||
//需要已登录
|
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
await this.oauthBoundService.unbind({
|
await this.oauthBoundService.unbind({
|
||||||
userId,
|
userId,
|
||||||
type: body.type,
|
type: body.type,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ userId, content: `第三方账号解绑,类型: ${body.type}` });
|
||||||
return this.ok(1);
|
return this.ok(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
|
||||||
import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
|
import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
|
||||||
import { RegisterType } from "../../../modules/sys/authority/service/user-service.js";
|
import { RegisterType } from "../../../modules/sys/authority/service/user-service.js";
|
||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { checkComm, checkPlus } from "@certd/plus-core";
|
import { checkComm, checkPlus } from "@certd/plus-core";
|
||||||
import { LoginService } from "../../../modules/login/service/login-service.js";
|
import { LoginService } from "../../../modules/login/service/login-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
export type RegisterReq = {
|
export type RegisterReq = {
|
||||||
type: RegisterType;
|
type: RegisterType;
|
||||||
@@ -31,7 +32,11 @@ export class RegisterController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
sysSettingsService: SysSettingsService;
|
sysSettingsService: SysSettingsService;
|
||||||
|
|
||||||
@Post("/register", { description: Constants.per.guest })
|
getAuditType(): string {
|
||||||
|
return AuditType.login;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/register", { description: Constants.per.guest, summary: "用户注册" })
|
||||||
public async register(
|
public async register(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body: RegisterReq,
|
body: RegisterReq,
|
||||||
@@ -60,6 +65,7 @@ export class RegisterController extends BaseController {
|
|||||||
password: body.password,
|
password: body.password,
|
||||||
} as any;
|
} as any;
|
||||||
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
||||||
|
this.auditLog({ userId: newUser.id, username: body.username, content: `用户「${body.username}」注册成功` });
|
||||||
return this.ok(newUser);
|
return this.ok(newUser);
|
||||||
} else if (body.type === "mobile") {
|
} else if (body.type === "mobile") {
|
||||||
if (sysPublicSettings.mobileRegisterEnabled === false) {
|
if (sysPublicSettings.mobileRegisterEnabled === false) {
|
||||||
@@ -80,6 +86,7 @@ export class RegisterController extends BaseController {
|
|||||||
password: body.password,
|
password: body.password,
|
||||||
} as any;
|
} as any;
|
||||||
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
||||||
|
this.auditLog({ userId: newUser.id, username: body.mobile, content: `用户「${body.mobile}」注册成功` });
|
||||||
return this.ok(newUser);
|
return this.ok(newUser);
|
||||||
} else if (body.type === "email") {
|
} else if (body.type === "email") {
|
||||||
if (sysPublicSettings.emailRegisterEnabled === false) {
|
if (sysPublicSettings.emailRegisterEnabled === false) {
|
||||||
@@ -97,6 +104,7 @@ export class RegisterController extends BaseController {
|
|||||||
password: body.password,
|
password: body.password,
|
||||||
} as any;
|
} as any;
|
||||||
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
const newUser = await this.loginService.register(body.type, registerUser, body.inviteCode);
|
||||||
|
this.auditLog({ userId: newUser.id, username: body.email, content: `用户「${body.email}」注册成功` });
|
||||||
return this.ok(newUser);
|
return this.ok(newUser);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||||
import { BaseController, PlusService, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
|
import { BaseController, PlusService, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
export type PreBindUserReq = {
|
export type PreBindUserReq = {
|
||||||
userId: number;
|
userId: number;
|
||||||
@@ -18,17 +19,21 @@ export class BasicController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
sysSettingsService: SysSettingsService;
|
sysSettingsService: SysSettingsService;
|
||||||
|
|
||||||
@Post("/preBindUser", { description: "sys:settings:edit" })
|
getAuditType(): string {
|
||||||
|
return AuditType.account;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/preBindUser", { description: "sys:settings:edit", summary: "预绑定用户" })
|
||||||
public async preBindUser(@Body(ALL) body: PreBindUserReq) {
|
public async preBindUser(@Body(ALL) body: PreBindUserReq) {
|
||||||
// 设置缓存内容
|
|
||||||
if (body.userId == null || body.userId <= 0) {
|
if (body.userId == null || body.userId <= 0) {
|
||||||
throw new Error("用户ID不能为空");
|
throw new Error("用户ID不能为空");
|
||||||
}
|
}
|
||||||
await this.plusService.userPreBind(body.userId);
|
await this.plusService.userPreBind(body.userId);
|
||||||
|
await this.auditLog({ content: `预绑定了用户(ID:${body.userId})` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/bindUser", { description: "sys:settings:edit" })
|
@Post("/bindUser", { description: "sys:settings:edit", summary: "绑定用户" })
|
||||||
public async bindUser(@Body(ALL) body: BindUserReq) {
|
public async bindUser(@Body(ALL) body: BindUserReq) {
|
||||||
if (body.userId == null || body.userId <= 0) {
|
if (body.userId == null || body.userId <= 0) {
|
||||||
throw new Error("用户ID不能为空");
|
throw new Error("用户ID不能为空");
|
||||||
@@ -36,20 +41,23 @@ export class BasicController extends BaseController {
|
|||||||
const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
|
const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
|
||||||
installInfo.bindUserId = body.userId;
|
installInfo.bindUserId = body.userId;
|
||||||
await this.sysSettingsService.saveSetting(installInfo);
|
await this.sysSettingsService.saveSetting(installInfo);
|
||||||
|
await this.auditLog({ content: `绑定了用户(ID:${body.userId})` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/unbindUser", { description: "sys:settings:edit" })
|
@Post("/unbindUser", { description: "sys:settings:edit", summary: "解绑用户" })
|
||||||
public async unbindUser() {
|
public async unbindUser() {
|
||||||
const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
|
const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
|
||||||
installInfo.bindUserId = null;
|
installInfo.bindUserId = null;
|
||||||
await this.sysSettingsService.saveSetting(installInfo);
|
await this.sysSettingsService.saveSetting(installInfo);
|
||||||
|
await this.auditLog({ content: "解绑了用户" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/updateLicense", { description: "sys:settings:edit" })
|
@Post("/updateLicense", { description: "sys:settings:edit", summary: "更新许可证" })
|
||||||
public async updateLicense(@Body(ALL) body: { license: string }) {
|
public async updateLicense(@Body(ALL) body: { license: string }) {
|
||||||
await this.plusService.updateLicense(body.license);
|
await this.plusService.updateLicense(body.license);
|
||||||
|
await this.auditLog({ content: "更新了许可证" });
|
||||||
return this.ok(true);
|
return this.ok(true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,42 @@
|
|||||||
|
import { BaseController, Constants } from "@certd/lib-server";
|
||||||
|
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
|
||||||
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditService } from "../../../modules/sys/enterprise/service/audit-service.js";
|
||||||
|
import { buildAuditTypeDict, buildAuditActionDict } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
|
@Provide()
|
||||||
|
@ApiTags(["audit"])
|
||||||
|
@Controller("/api/sys/audit")
|
||||||
|
export class SysAuditLogController extends BaseController {
|
||||||
|
@Inject()
|
||||||
|
auditService: AuditService;
|
||||||
|
|
||||||
|
@Post("/page", { description: Constants.per.authOnly, summary: "分页查询审计日志" })
|
||||||
|
async page(@Body(ALL) body: any) {
|
||||||
|
if (body.query?.scope) {
|
||||||
|
delete body.query.userId;
|
||||||
|
}
|
||||||
|
const pageRet = await this.auditService.page(body);
|
||||||
|
return this.ok(pageRet);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除审计日志" })
|
||||||
|
async delete(@Query("id") id: number) {
|
||||||
|
await this.auditService.delete([id]);
|
||||||
|
return this.ok({});
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/clean", { description: Constants.per.authOnly, summary: "清理过期审计日志" })
|
||||||
|
async clean(@Body("retentionDays") retentionDays: number) {
|
||||||
|
const count = await this.auditService.cleanExpired(retentionDays || 90);
|
||||||
|
return this.ok({ deletedCount: count });
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/dict", { description: Constants.per.authOnly, summary: "获取审计类型和动作字典" })
|
||||||
|
async getDict() {
|
||||||
|
return this.ok({
|
||||||
|
types: buildAuditTypeDict(),
|
||||||
|
actions: buildAuditActionDict(),
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -1,6 +1,7 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
|
||||||
import { CrudController } from "@certd/lib-server";
|
import { CrudController } from "@certd/lib-server";
|
||||||
import { PermissionService } from "../../../modules/sys/authority/service/permission-service.js";
|
import { PermissionService } from "../../../modules/sys/authority/service/permission-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 权限资源
|
* 权限资源
|
||||||
@@ -14,8 +15,11 @@ export class PermissionController extends CrudController<PermissionService> {
|
|||||||
getService() {
|
getService() {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.permission;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:auth:per:view" })
|
@Post("/page", { description: "sys:auth:per:view", summary: "查询权限分页列表" })
|
||||||
async page(
|
async page(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
body
|
body
|
||||||
@@ -23,30 +27,42 @@ export class PermissionController extends CrudController<PermissionService> {
|
|||||||
return await super.page(body);
|
return await super.page(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:auth:per:add" })
|
@Post("/add", { description: "sys:auth:per:add", summary: "添加权限" })
|
||||||
async add(
|
async add(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `新增了权限「${bean.name}」(ID:${res.data})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:auth:per:edit" })
|
@Post("/update", { description: "sys:auth:per:edit", summary: "更新权限" })
|
||||||
async update(
|
async update(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `修改了权限「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/delete", { description: "sys:auth:per:remove" })
|
@Post("/delete", { description: "sys:auth:per:remove", summary: "删除权限" })
|
||||||
async delete(
|
async delete(
|
||||||
@Query("id")
|
@Query("id")
|
||||||
id: number
|
id: number
|
||||||
) {
|
) {
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `删除了权限(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/tree", { description: "sys:auth:per:view" })
|
@Post("/tree", { description: "sys:auth:per:view", summary: "查询权限树" })
|
||||||
async tree() {
|
async tree() {
|
||||||
const tree = await this.service.tree({});
|
const tree = await this.service.tree({});
|
||||||
return this.ok(tree);
|
return this.ok(tree);
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
|
import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
|
||||||
import { CrudController } from "@certd/lib-server";
|
import { CrudController } from "@certd/lib-server";
|
||||||
import { RoleService } from "../../../modules/sys/authority/service/role-service.js";
|
import { RoleService } from "../../../modules/sys/authority/service/role-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 系统用户
|
* 系统用户
|
||||||
@@ -15,6 +16,10 @@ export class RoleController extends CrudController<RoleService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.role;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:auth:role:view" })
|
@Post("/page", { description: "sys:auth:role:view" })
|
||||||
async page(
|
async page(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
@@ -29,22 +34,30 @@ export class RoleController extends CrudController<RoleService> {
|
|||||||
return this.ok(ret);
|
return this.ok(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:auth:role:add" })
|
@Post("/add", { description: "sys:auth:role:add", summary: "新增角色" })
|
||||||
async add(
|
async add(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `新增了角色「${bean.name}」(ID:${res.data})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:auth:role:edit" })
|
@Post("/update", { description: "sys:auth:role:edit", summary: "修改角色" })
|
||||||
async update(
|
async update(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `修改了角色「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/delete", { description: "sys:auth:role:remove" })
|
@Post("/delete", { description: "sys:auth:role:remove", summary: "删除角色" })
|
||||||
async delete(
|
async delete(
|
||||||
@Query("id")
|
@Query("id")
|
||||||
id: number
|
id: number
|
||||||
@@ -52,7 +65,11 @@ export class RoleController extends CrudController<RoleService> {
|
|||||||
if (id === 1) {
|
if (id === 1) {
|
||||||
throw new Error("不能删除默认的管理员角色");
|
throw new Error("不能删除默认的管理员角色");
|
||||||
}
|
}
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `删除了角色(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getPermissionTree", { description: "sys:auth:role:view" })
|
@Post("/getPermissionTree", { description: "sys:auth:role:view" })
|
||||||
@@ -78,9 +95,10 @@ export class RoleController extends CrudController<RoleService> {
|
|||||||
* @param roleId
|
* @param roleId
|
||||||
* @param permissionIds
|
* @param permissionIds
|
||||||
*/
|
*/
|
||||||
@Post("/authz", { description: "sys:auth:role:edit" })
|
@Post("/authz", { description: "sys:auth:role:edit", summary: "角色授权" })
|
||||||
async authz(@Body("roleId") roleId, @Body("permissionIds") permissionIds) {
|
async authz(@Body("roleId") roleId, @Body("permissionIds") permissionIds) {
|
||||||
await this.service.authz(roleId, permissionIds);
|
await this.service.authz(roleId, permissionIds);
|
||||||
|
await this.auditLog({ content: `为角色(ID:${roleId})进行了授权` });
|
||||||
return this.ok(null);
|
return this.ok(null);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ import { PermissionService } from "../../../modules/sys/authority/service/permis
|
|||||||
import { Constants } from "@certd/lib-server";
|
import { Constants } from "@certd/lib-server";
|
||||||
import { In } from "typeorm";
|
import { In } from "typeorm";
|
||||||
import { LoginService } from "../../../modules/login/service/login-service.js";
|
import { LoginService } from "../../../modules/login/service/login-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 系统用户
|
* 系统用户
|
||||||
@@ -24,6 +25,10 @@ export class UserController extends CrudController<UserService> {
|
|||||||
@Inject()
|
@Inject()
|
||||||
loginService: LoginService;
|
loginService: LoginService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.user;
|
||||||
|
}
|
||||||
|
|
||||||
getService() {
|
getService() {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
@@ -92,23 +97,31 @@ export class UserController extends CrudController<UserService> {
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:auth:user:add" })
|
@Post("/add", { description: "sys:auth:user:add", summary: "新增用户" })
|
||||||
async add(
|
async add(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `新增了用户「${bean.username}」(ID:${res.data})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:auth:user:edit" })
|
@Post("/update", { description: "sys:auth:user:edit", summary: "修改用户" })
|
||||||
async update(
|
async update(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
bean
|
bean
|
||||||
) {
|
) {
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `修改了用户「${bean.username}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:auth:user:remove" })
|
@Post("/delete", { description: "sys:auth:user:remove", summary: "删除用户" })
|
||||||
async delete(
|
async delete(
|
||||||
@Query("id")
|
@Query("id")
|
||||||
id: number
|
id: number
|
||||||
@@ -119,19 +132,24 @@ export class UserController extends CrudController<UserService> {
|
|||||||
if (id === 3) {
|
if (id === 3) {
|
||||||
throw new Error("不能删除默认的普通用户角色");
|
throw new Error("不能删除默认的普通用户角色");
|
||||||
}
|
}
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `删除了用户(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 解除登录锁定
|
* 解除登录锁定
|
||||||
*/
|
*/
|
||||||
@Post("/unlockBlock", { description: "sys:auth:user:edit" })
|
@Post("/unlockBlock", { description: "sys:auth:user:edit", summary: "解锁登录锁定" })
|
||||||
public async unlockBlock(@Body("id") id: number) {
|
public async unlockBlock(@Body("id") id: number) {
|
||||||
const info = await this.service.info(id, ["password"]);
|
const info = await this.service.info(id, ["password"]);
|
||||||
this.loginService.clearCacheOnSuccess(info.username);
|
this.loginService.clearCacheOnSuccess(info.username);
|
||||||
if (info.mobile) {
|
if (info.mobile) {
|
||||||
this.loginService.clearCacheOnSuccess(info.mobile);
|
this.loginService.clearCacheOnSuccess(info.mobile);
|
||||||
}
|
}
|
||||||
|
await this.auditLog({ content: `解锁了用户登录锁定(ID:${id})` });
|
||||||
return this.ok(info);
|
return this.ok(info);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { CrudController } from "@certd/lib-server";
|
import { CrudController } from "@certd/lib-server";
|
||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
import { CnameProviderService } from "../../../modules/cname/service/cname-provider-service.js";
|
import { CnameProviderService } from "../../../modules/cname/service/cname-provider-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 授权
|
* 授权
|
||||||
@@ -16,6 +17,10 @@ export class CnameRecordController extends CrudController<CnameProviderService>
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.cname;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view" })
|
@Post("/page", { description: "sys:settings:view" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -27,7 +32,7 @@ export class CnameRecordController extends CrudController<CnameProviderService>
|
|||||||
return super.list(body);
|
return super.list(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:settings:edit" })
|
@Post("/add", { description: "sys:settings:edit", summary: "添加CNAME服务" })
|
||||||
async add(@Body(ALL) bean: any) {
|
async add(@Body(ALL) bean: any) {
|
||||||
const def: any = {
|
const def: any = {
|
||||||
isDefault: false,
|
isDefault: false,
|
||||||
@@ -35,13 +40,17 @@ export class CnameRecordController extends CrudController<CnameProviderService>
|
|||||||
};
|
};
|
||||||
merge(bean, def);
|
merge(bean, def);
|
||||||
bean.userId = this.getUserId();
|
bean.userId = this.getUserId();
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({ content: `添加了CNAME服务(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:settings:edit" })
|
@Post("/update", { description: "sys:settings:edit", summary: "更新CNAME服务" })
|
||||||
async update(@Body(ALL) bean: any) {
|
async update(@Body(ALL) bean: any) {
|
||||||
bean.userId = this.getUserId();
|
bean.userId = this.getUserId();
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({ content: `更新了CNAME服务(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: "sys:settings:view" })
|
@Post("/info", { description: "sys:settings:view" })
|
||||||
@@ -49,26 +58,31 @@ export class CnameRecordController extends CrudController<CnameProviderService>
|
|||||||
return super.info(id);
|
return super.info(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "删除CNAME服务" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({ content: `删除了CNAME服务(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: "sys:settings:edit" })
|
@Post("/deleteByIds", { description: "sys:settings:edit", summary: "批量删除CNAME服务" })
|
||||||
async deleteByIds(@Body("ids") ids: number[]) {
|
async deleteByIds(@Body("ids") ids: number[]) {
|
||||||
const res = await this.service.delete(ids);
|
const res = await this.service.delete(ids);
|
||||||
|
await this.auditLog({ content: `批量删除了${ids.length}条CNAME服务` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/setDefault", { description: "sys:settings:edit" })
|
@Post("/setDefault", { description: "sys:settings:edit", summary: "设置默认CNAME服务" })
|
||||||
async setDefault(@Body("id") id: number) {
|
async setDefault(@Body("id") id: number) {
|
||||||
await this.service.setDefault(id);
|
await this.service.setDefault(id);
|
||||||
|
await this.auditLog({ content: `设置了默认CNAME服务(ID:${id})` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/setDisabled", { description: "sys:settings:edit" })
|
@Post("/setDisabled", { description: "sys:settings:edit", summary: "禁用/启用CNAME服务" })
|
||||||
async setDisabled(@Body("id") id: number, @Body("disabled") disabled: boolean) {
|
async setDisabled(@Body("id") id: number, @Body("disabled") disabled: boolean) {
|
||||||
await this.service.setDisabled(id, disabled);
|
await this.service.setDisabled(id, disabled);
|
||||||
|
await this.auditLog({ content: `${disabled ? "禁用" : "启用"}了CNAME服务(ID:${id})` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
||||||
import { ProjectEntity } from "../../../modules/sys/enterprise/entity/project.js";
|
import { ProjectEntity } from "../../../modules/sys/enterprise/entity/project.js";
|
||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -15,22 +16,26 @@ export class SysProjectController extends CrudController<ProjectEntity> {
|
|||||||
@Inject()
|
@Inject()
|
||||||
sysSettingsService: SysSettingsService;
|
sysSettingsService: SysSettingsService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.project;
|
||||||
|
}
|
||||||
|
|
||||||
getService<T>() {
|
getService<T>() {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view" })
|
@Post("/page", { description: "sys:settings:view", summary: "查询项目分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
return await super.page(body);
|
return await super.page(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/list", { description: "sys:settings:view" })
|
@Post("/list", { description: "sys:settings:view", summary: "查询项目列表" })
|
||||||
async list(@Body(ALL) body: any) {
|
async list(@Body(ALL) body: any) {
|
||||||
return super.list(body);
|
return super.list(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:settings:edit" })
|
@Post("/add", { description: "sys:settings:edit", summary: "添加项目" })
|
||||||
async add(@Body(ALL) bean: any) {
|
async add(@Body(ALL) bean: any) {
|
||||||
const def: any = {
|
const def: any = {
|
||||||
isDefault: false,
|
isDefault: false,
|
||||||
@@ -38,37 +43,57 @@ export class SysProjectController extends CrudController<ProjectEntity> {
|
|||||||
};
|
};
|
||||||
merge(bean, def);
|
merge(bean, def);
|
||||||
bean.userId = this.getUserId();
|
bean.userId = this.getUserId();
|
||||||
return super.add({
|
const res = await super.add({
|
||||||
...bean,
|
...bean,
|
||||||
userId: -1, //企业用户id固定为-1
|
userId: -1, //企业用户id固定为-1
|
||||||
adminId: bean.userId,
|
adminId: bean.userId,
|
||||||
});
|
});
|
||||||
|
await this.auditLog({
|
||||||
|
content: `新增了项目「${bean.name}」(ID:${res.data})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:settings:edit" })
|
@Post("/update", { description: "sys:settings:edit", summary: "更新项目" })
|
||||||
async update(@Body(ALL) bean: any) {
|
async update(@Body(ALL) bean: any) {
|
||||||
bean.userId = this.getUserId();
|
bean.userId = this.getUserId();
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `修改了项目「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: "sys:settings:view" })
|
@Post("/info", { description: "sys:settings:view", summary: "查询项目详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
return super.info(id);
|
return super.info(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "删除项目" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `删除了项目(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: "sys:settings:edit" })
|
@Post("/deleteByIds", { description: "sys:settings:edit", summary: "批量删除项目" })
|
||||||
async deleteByIds(@Body("ids") ids: number[]) {
|
async deleteByIds(@Body("ids") ids: number[]) {
|
||||||
const res = await this.service.delete(ids);
|
const res = await this.service.delete(ids);
|
||||||
|
await this.auditLog({
|
||||||
|
content: `批量删除了${ids.length}个项目`,
|
||||||
|
});
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
@Post("/setDisabled", { description: "sys:settings:edit" })
|
@Post("/setDisabled", { description: "sys:settings:edit", summary: "禁用/启用项目" })
|
||||||
async setDisabled(@Body("id") id: number, @Body("disabled") disabled: boolean) {
|
async setDisabled(@Body("id") id: number, @Body("disabled") disabled: boolean) {
|
||||||
await this.service.setDisabled(id, disabled);
|
await this.service.setDisabled(id, disabled);
|
||||||
|
const project = await this.service.info(id);
|
||||||
|
const actionText = disabled ? "禁用了" : "启用了";
|
||||||
|
await this.auditLog({
|
||||||
|
content: `${actionText}项目「${project.name}」(ID:${id})`,
|
||||||
|
});
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+20
-10
@@ -4,6 +4,7 @@ import { ProjectMemberEntity } from "../../../modules/sys/enterprise/entity/proj
|
|||||||
import { ProjectMemberService } from "../../../modules/sys/enterprise/service/project-member-service.js";
|
import { ProjectMemberService } from "../../../modules/sys/enterprise/service/project-member-service.js";
|
||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -15,7 +16,6 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
|
|
||||||
@Inject()
|
@Inject()
|
||||||
sysSettingsService: SysSettingsService;
|
sysSettingsService: SysSettingsService;
|
||||||
|
|
||||||
@Inject()
|
@Inject()
|
||||||
projectService: ProjectService;
|
projectService: ProjectService;
|
||||||
|
|
||||||
@@ -23,18 +23,22 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view" })
|
getAuditType(): string {
|
||||||
|
return AuditType.enterprise;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/page", { description: "sys:settings:view", summary: "查询项目成员分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
return await super.page(body);
|
return await super.page(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/list", { description: "sys:settings:view" })
|
@Post("/list", { description: "sys:settings:view", summary: "查询项目成员列表" })
|
||||||
async list(@Body(ALL) body: any) {
|
async list(@Body(ALL) body: any) {
|
||||||
return super.list(body);
|
return super.list(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:settings:edit" })
|
@Post("/add", { description: "sys:settings:edit", summary: "添加项目成员" })
|
||||||
async add(@Body(ALL) bean: any) {
|
async add(@Body(ALL) bean: any) {
|
||||||
const def: any = {
|
const def: any = {
|
||||||
isDefault: false,
|
isDefault: false,
|
||||||
@@ -47,10 +51,12 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
projectId: bean.projectId,
|
projectId: bean.projectId,
|
||||||
});
|
});
|
||||||
|
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({ content: `添加了项目成员(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:settings:edit" })
|
@Post("/update", { description: "sys:settings:edit", summary: "更新项目成员" })
|
||||||
async update(@Body(ALL) bean: any) {
|
async update(@Body(ALL) bean: any) {
|
||||||
if (!bean.id) {
|
if (!bean.id) {
|
||||||
throw new Error("id is required");
|
throw new Error("id is required");
|
||||||
@@ -65,10 +71,11 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
permission: bean.permission,
|
permission: bean.permission,
|
||||||
status: bean.status,
|
status: bean.status,
|
||||||
});
|
});
|
||||||
|
await this.auditLog({ content: `更新了项目成员(ID:${bean.id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: "sys:settings:view" })
|
@Post("/info", { description: "sys:settings:view", summary: "查询项目成员详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
if (!id) {
|
if (!id) {
|
||||||
throw new Error("id is required");
|
throw new Error("id is required");
|
||||||
@@ -81,7 +88,7 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
return super.info(id);
|
return super.info(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "删除项目成员" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
if (!id) {
|
if (!id) {
|
||||||
throw new Error("id is required");
|
throw new Error("id is required");
|
||||||
@@ -91,10 +98,12 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
userId: this.getUserId(),
|
userId: this.getUserId(),
|
||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
});
|
});
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({ content: `删除了项目成员(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: "sys:settings:edit" })
|
@Post("/deleteByIds", { description: "sys:settings:edit", summary: "批量删除项目成员" })
|
||||||
async deleteByIds(@Body("ids") ids: number[]) {
|
async deleteByIds(@Body("ids") ids: number[]) {
|
||||||
for (const id of ids) {
|
for (const id of ids) {
|
||||||
if (!id) {
|
if (!id) {
|
||||||
@@ -108,6 +117,7 @@ export class SysProjectMemberController extends CrudController<ProjectMemberEnti
|
|||||||
await this.service.delete(id as any);
|
await this.service.delete(id as any);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
await this.auditLog({ content: `批量删除了${ids.length}个项目成员` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { CrudController } from "@certd/lib-server";
|
import { CrudController } from "@certd/lib-server";
|
||||||
import { SiteInfoService } from "../../../modules/monitor/service/site-info-service.js";
|
import { SiteInfoService } from "../../../modules/monitor/service/site-info-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/sys/monitor/site")
|
@Controller("/api/sys/monitor/site")
|
||||||
@@ -14,6 +15,10 @@ export class SysSiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.monitor;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view", summary: "管理员查询站点监控分页列表" })
|
@Post("/page", { description: "sys:settings:view", summary: "管理员查询站点监控分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -44,12 +49,16 @@ export class SysSiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit", summary: "管理员删除站点监控" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "管理员删除站点监控" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
return await super.delete(id);
|
await super.delete(id);
|
||||||
|
await this.auditLog({ content: `管理员删除了站点监控(ID:${id})` });
|
||||||
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchDelete", { description: "sys:settings:edit", summary: "管理员批量删除站点监控" })
|
@Post("/batchDelete", { description: "sys:settings:edit", summary: "管理员批量删除站点监控" })
|
||||||
async batchDelete(@Body("ids") ids: number[]) {
|
async batchDelete(@Body("ids") ids: number[]) {
|
||||||
|
const count = ids.length;
|
||||||
await this.service.delete(ids);
|
await this.service.delete(ids);
|
||||||
|
await this.auditLog({ content: `管理员批量删除了${count}条站点监控` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { CrudController } from "@certd/lib-server";
|
|||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { PipelineService } from "../../../modules/pipeline/service/pipeline-service.js";
|
import { PipelineService } from "../../../modules/pipeline/service/pipeline-service.js";
|
||||||
import { checkPlus } from "@certd/plus-core";
|
import { checkPlus } from "@certd/plus-core";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/sys/pipeline")
|
@Controller("/api/sys/pipeline")
|
||||||
@@ -15,6 +16,10 @@ export class SysPipelineController extends CrudController<PipelineService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.pipeline;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view", summary: "管理员查询用户流水线分页列表" })
|
@Post("/page", { description: "sys:settings:view", summary: "管理员查询用户流水线分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -41,13 +46,16 @@ export class SysPipelineController extends CrudController<PipelineService> {
|
|||||||
@Post("/delete", { description: "sys:settings:edit", summary: "管理员删除用户流水线" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "管理员删除用户流水线" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.service.delete(id);
|
await this.service.delete(id);
|
||||||
|
await this.auditLog({ content: `管理员删除了用户流水线(ID:${id})` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchDelete", { description: "sys:settings:edit", summary: "管理员批量删除用户流水线" })
|
@Post("/batchDelete", { description: "sys:settings:edit", summary: "管理员批量删除用户流水线" })
|
||||||
async batchDelete(@Body("ids") ids: number[]) {
|
async batchDelete(@Body("ids") ids: number[]) {
|
||||||
checkPlus();
|
checkPlus();
|
||||||
|
const count = ids.length;
|
||||||
await this.service.batchDelete(ids);
|
await this.service.batchDelete(ids);
|
||||||
|
await this.auditLog({ content: `管理员批量删除了${count}条用户流水线` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { merge } from "lodash-es";
|
|||||||
import { CrudController } from "@certd/lib-server";
|
import { CrudController } from "@certd/lib-server";
|
||||||
import { PluginImportReq, PluginService } from "../../../modules/plugin/service/plugin-service.js";
|
import { PluginImportReq, PluginService } from "../../../modules/plugin/service/plugin-service.js";
|
||||||
import { CommPluginConfig, PluginConfig, PluginConfigService } from "../../../modules/plugin/service/plugin-config-service.js";
|
import { CommPluginConfig, PluginConfig, PluginConfigService } from "../../../modules/plugin/service/plugin-config-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
/**
|
/**
|
||||||
* 插件
|
* 插件
|
||||||
*/
|
*/
|
||||||
@@ -19,6 +20,10 @@ export class PluginController extends CrudController<PluginService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.plugin;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view" })
|
@Post("/page", { description: "sys:settings:view" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -30,19 +35,22 @@ export class PluginController extends CrudController<PluginService> {
|
|||||||
return super.list(body);
|
return super.list(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:settings:edit" })
|
@Post("/add", { description: "sys:settings:edit", summary: "添加插件" })
|
||||||
async add(@Body(ALL) bean: any) {
|
async add(@Body(ALL) bean: any) {
|
||||||
const def: any = {
|
const def: any = {
|
||||||
isDefault: false,
|
isDefault: false,
|
||||||
disabled: false,
|
disabled: false,
|
||||||
};
|
};
|
||||||
merge(bean, def);
|
merge(bean, def);
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({ content: `新增了插件「${bean.name}」(ID:${res.data}, 类型:${bean.type})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:settings:edit" })
|
@Post("/update", { description: "sys:settings:edit", summary: "更新插件" })
|
||||||
async update(@Body(ALL) bean: any) {
|
async update(@Body(ALL) bean: any) {
|
||||||
const res = await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({ content: `修改了插件「${bean.name}」(ID:${bean.id})` });
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -51,21 +59,25 @@ export class PluginController extends CrudController<PluginService> {
|
|||||||
return super.info(id);
|
return super.info(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "删除插件" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
const res = await this.service.deleteByIds([id]);
|
const res = await this.service.deleteByIds([id]);
|
||||||
|
await this.auditLog({ content: `删除了插件(ID:${id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: "sys:settings:edit" })
|
@Post("/deleteByIds", { description: "sys:settings:edit", summary: "批量删除插件" })
|
||||||
async deleteByIds(@Body("ids") ids: number[]) {
|
async deleteByIds(@Body("ids") ids: number[]) {
|
||||||
const res = await this.service.deleteByIds(ids);
|
const res = await this.service.deleteByIds(ids);
|
||||||
|
await this.auditLog({ content: `批量删除了${ids.length}条插件` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/setDisabled", { description: "sys:settings:edit" })
|
@Post("/setDisabled", { description: "sys:settings:edit", summary: "禁用/启用插件" })
|
||||||
async setDisabled(@Body(ALL) body: { id: number; name: string; type: string; disabled: boolean }) {
|
async setDisabled(@Body(ALL) body: { id: number; name: string; type: string; disabled: boolean }) {
|
||||||
await this.service.setDisabled(body);
|
await this.service.setDisabled(body);
|
||||||
|
const { id, disabled } = body;
|
||||||
|
await this.auditLog({ content: `${disabled ? "禁用" : "启用"}了插件(ID:${id})` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/getCommPluginConfigs", { description: "sys:settings:view" })
|
@Post("/getCommPluginConfigs", { description: "sys:settings:view" })
|
||||||
@@ -74,9 +86,10 @@ export class PluginController extends CrudController<PluginService> {
|
|||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/saveCommPluginConfigs", { description: "sys:settings:edit" })
|
@Post("/saveCommPluginConfigs", { description: "sys:settings:edit", summary: "保存公共插件配置" })
|
||||||
async saveCommPluginConfigs(@Body(ALL) body: CommPluginConfig) {
|
async saveCommPluginConfigs(@Body(ALL) body: CommPluginConfig) {
|
||||||
const res = await this.pluginConfigService.saveCommPluginConfig(body);
|
const res = await this.pluginConfigService.saveCommPluginConfig(body);
|
||||||
|
await this.auditLog({ content: "保存了公共插件配置" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
@Post("/getPluginByName", { description: "sys:settings:view" })
|
@Post("/getPluginByName", { description: "sys:settings:view" })
|
||||||
@@ -88,19 +101,21 @@ export class PluginController extends CrudController<PluginService> {
|
|||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/saveSetting", { description: "sys:settings:edit" })
|
@Post("/saveSetting", { description: "sys:settings:edit", summary: "保存插件设置" })
|
||||||
async saveSetting(@Body(ALL) body: PluginConfig) {
|
async saveSetting(@Body(ALL) body: PluginConfig) {
|
||||||
const res = await this.pluginConfigService.savePluginConfig(body);
|
const res = await this.pluginConfigService.savePluginConfig(body);
|
||||||
|
await this.auditLog({ content: "保存了插件设置" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/import", { description: "sys:settings:edit" })
|
@Post("/import", { description: "sys:settings:edit", summary: "导入插件" })
|
||||||
async import(@Body(ALL) body: PluginImportReq) {
|
async import(@Body(ALL) body: PluginImportReq) {
|
||||||
const res = await this.service.importPlugin(body);
|
const res = await this.service.importPlugin(body);
|
||||||
|
await this.auditLog({ content: "导入了插件配置" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/export", { description: "sys:settings:edit" })
|
@Post("/export", { description: "sys:settings:edit", summary: "导出插件" })
|
||||||
async export(@Body("id") id: number) {
|
async export(@Body("id") id: number) {
|
||||||
const res = await this.service.exportPlugin(id);
|
const res = await this.service.exportPlugin(id);
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
|
|||||||
+10
-1
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
|||||||
import { BaseController, SysSafeSetting } from "@certd/lib-server";
|
import { BaseController, SysSafeSetting } from "@certd/lib-server";
|
||||||
import { cloneDeep } from "lodash-es";
|
import { cloneDeep } from "lodash-es";
|
||||||
import { SafeService } from "../../../modules/sys/settings/safe-service.js";
|
import { SafeService } from "../../../modules/sys/settings/safe-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -11,6 +12,10 @@ export class SysSettingsController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
safeService: SafeService;
|
safeService: SafeService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.settings;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/get", { description: "sys:settings:view" })
|
@Post("/get", { description: "sys:settings:view" })
|
||||||
async safeGet() {
|
async safeGet() {
|
||||||
const res = await this.safeService.getSafeSetting();
|
const res = await this.safeService.getSafeSetting();
|
||||||
@@ -22,15 +27,19 @@ export class SysSettingsController extends BaseController {
|
|||||||
@Post("/save", { description: "sys:settings:edit" })
|
@Post("/save", { description: "sys:settings:edit" })
|
||||||
async safeSave(@Body(ALL) body: any) {
|
async safeSave(@Body(ALL) body: any) {
|
||||||
await this.safeService.saveSafeSetting(body);
|
await this.safeService.saveSafeSetting(body);
|
||||||
|
await this.auditLog({
|
||||||
|
content: "修改了安全设置",
|
||||||
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 立即隐藏
|
* 立即隐藏
|
||||||
*/
|
*/
|
||||||
@Post("/hidden", { description: "sys:settings:edit" })
|
@Post("/hidden", { description: "sys:settings:edit", summary: "立刻隐藏系统" })
|
||||||
async hiddenImmediate() {
|
async hiddenImmediate() {
|
||||||
await this.safeService.hiddenImmediately();
|
await this.safeService.hiddenImmediately();
|
||||||
|
await this.auditLog({ content: "立刻隐藏了系统" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import { http, logger, utils } from "@certd/basic";
|
|||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { SmsServiceFactory } from "../../../modules/basic/sms/factory.js";
|
import { SmsServiceFactory } from "../../../modules/basic/sms/factory.js";
|
||||||
import { RuntimeDepsService } from "../../../modules/runtime-deps/runtime-deps-service.js";
|
import { RuntimeDepsService } from "../../../modules/runtime-deps/runtime-deps-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -31,58 +32,71 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/page", { description: "sys:settings:view" })
|
getAuditType(): string {
|
||||||
|
return AuditType.settings;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/page", { description: "sys:settings:view", summary: "查询系统设置分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
return super.page(body);
|
return super.page(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/list", { description: "sys:settings:view" })
|
@Post("/list", { description: "sys:settings:view", summary: "查询系统设置列表" })
|
||||||
async list(@Body(ALL) body) {
|
async list(@Body(ALL) body) {
|
||||||
return super.list(body);
|
return super.list(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/add", { description: "sys:settings:edit" })
|
@Post("/add", { description: "sys:settings:edit", summary: "添加系统设置" })
|
||||||
async add(@Body(ALL) bean) {
|
async add(@Body(ALL) bean) {
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
await this.auditLog({ content: "添加了系统设置" });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: "sys:settings:edit" })
|
@Post("/update", { description: "sys:settings:edit", summary: "更新系统设置" })
|
||||||
async update(@Body(ALL) bean) {
|
async update(@Body(ALL) bean) {
|
||||||
await this.service.checkUserId(bean.id, this.getUserId());
|
await this.service.checkUserId(bean.id, this.getUserId());
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
await this.auditLog({ content: "更新了系统设置" });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: "sys:settings:view" })
|
@Post("/info", { description: "sys:settings:view", summary: "查询系统设置详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
await this.service.checkUserId(id, this.getUserId());
|
await this.service.checkUserId(id, this.getUserId());
|
||||||
return super.info(id);
|
return super.info(id);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/delete", { description: "sys:settings:edit" })
|
@Post("/delete", { description: "sys:settings:edit", summary: "删除系统设置" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.service.checkUserId(id, this.getUserId());
|
await this.service.checkUserId(id, this.getUserId());
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
await this.auditLog({ content: "删除了系统设置" });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/save", { description: "sys:settings:edit" })
|
@Post("/save", { description: "sys:settings:edit", summary: "保存系统设置" })
|
||||||
async save(@Body(ALL) bean: SysSettingsEntity) {
|
async save(@Body(ALL) bean: SysSettingsEntity) {
|
||||||
await this.service.save(bean);
|
await this.service.save(bean);
|
||||||
|
await this.auditLog({
|
||||||
|
content: "修改了系统设置",
|
||||||
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/get", { description: "sys:settings:view" })
|
@Post("/get", { description: "sys:settings:view", summary: "查询系统设置" })
|
||||||
async get(@Query("key") key: string) {
|
async get(@Query("key") key: string) {
|
||||||
const entity = await this.service.getByKey(key);
|
const entity = await this.service.getByKey(key);
|
||||||
return this.ok(entity);
|
return this.ok(entity);
|
||||||
}
|
}
|
||||||
|
|
||||||
// savePublicSettings
|
// savePublicSettings
|
||||||
@Post("/getEmailSettings", { description: "sys:settings:view" })
|
@Post("/getEmailSettings", { description: "sys:settings:view", summary: "查询邮件服务器设置" })
|
||||||
async getEmailSettings(@Body(ALL) body) {
|
async getEmailSettings(@Body(ALL) body) {
|
||||||
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
||||||
return this.ok(conf);
|
return this.ok(conf);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getEmailTemplates", { description: "sys:settings:view" })
|
@Post("/getEmailTemplates", { description: "sys:settings:view", summary: "查询邮件模板列表" })
|
||||||
async getEmailTemplates(@Body(ALL) body) {
|
async getEmailTemplates(@Body(ALL) body) {
|
||||||
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
||||||
const templates = conf.templates || {};
|
const templates = conf.templates || {};
|
||||||
@@ -101,15 +115,16 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
return this.ok(proviers);
|
return this.ok(proviers);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/saveEmailSettings", { description: "sys:settings:edit" })
|
@Post("/saveEmailSettings", { description: "sys:settings:edit", summary: "保存邮件服务器设置" })
|
||||||
async saveEmailSettings(@Body(ALL) body) {
|
async saveEmailSettings(@Body(ALL) body) {
|
||||||
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
const conf = await getEmailSettings(this.service, this.userSettingsService);
|
||||||
merge(conf, body);
|
merge(conf, body);
|
||||||
await this.service.saveSetting(conf);
|
await this.service.saveSetting(conf);
|
||||||
|
await this.auditLog({ content: "保存了邮件服务器设置" });
|
||||||
return this.ok(conf);
|
return this.ok(conf);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getSysSettings", { description: "sys:settings:view" })
|
@Post("/getSysSettings", { description: "sys:settings:view", summary: "查询系统配置" })
|
||||||
async getSysSettings() {
|
async getSysSettings() {
|
||||||
const publicSettings = await this.service.getPublicSettings();
|
const publicSettings = await this.service.getPublicSettings();
|
||||||
let privateSettings = await this.service.getPrivateSettings();
|
let privateSettings = await this.service.getPrivateSettings();
|
||||||
@@ -118,7 +133,7 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// savePublicSettings
|
// savePublicSettings
|
||||||
@Post("/saveSysSettings", { description: "sys:settings:edit" })
|
@Post("/saveSysSettings", { description: "sys:settings:edit", summary: "保存系统设置" })
|
||||||
async saveSysSettings(@Body(ALL) body: { public: SysPublicSettings; private: SysPrivateSettings }) {
|
async saveSysSettings(@Body(ALL) body: { public: SysPublicSettings; private: SysPrivateSettings }) {
|
||||||
const publicSettings = await this.service.getPublicSettings();
|
const publicSettings = await this.service.getPublicSettings();
|
||||||
const privateSettings = await this.service.getPrivateSettings();
|
const privateSettings = await this.service.getPrivateSettings();
|
||||||
@@ -126,16 +141,18 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
merge(privateSettings, body.private);
|
merge(privateSettings, body.private);
|
||||||
await this.service.savePublicSettings(publicSettings);
|
await this.service.savePublicSettings(publicSettings);
|
||||||
await this.service.savePrivateSettings(privateSettings);
|
await this.service.savePrivateSettings(privateSettings);
|
||||||
|
await this.auditLog({ content: "保存了系统设置" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/stopOtherUserTimer", { description: "sys:settings:edit" })
|
@Post("/stopOtherUserTimer", { description: "sys:settings:edit", summary: "停止其他用户定时任务" })
|
||||||
async stopOtherUserTimer(@Body(ALL) body) {
|
async stopOtherUserTimer(@Body(ALL) body) {
|
||||||
await this.pipelineService.stopOtherUserPipeline(1);
|
await this.pipelineService.stopOtherUserPipeline(1);
|
||||||
|
await this.auditLog({ content: "停止了其他用户定时任务" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/testProxy", { description: "sys:settings:edit" })
|
@Post("/testProxy", { description: "sys:settings:edit", summary: "测试代理" })
|
||||||
async testProxy(@Body(ALL) body) {
|
async testProxy(@Body(ALL) body) {
|
||||||
const google = "https://www.google.com/";
|
const google = "https://www.google.com/";
|
||||||
const baidu = "https://www.baidu.com/";
|
const baidu = "https://www.baidu.com/";
|
||||||
@@ -173,19 +190,19 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/testSms", { description: "sys:settings:edit" })
|
@Post("/testSms", { description: "sys:settings:edit", summary: "测试短信" })
|
||||||
async testSms(@Body(ALL) body) {
|
async testSms(@Body(ALL) body) {
|
||||||
await this.codeService.sendSmsCode(body.phoneCode, body.mobile);
|
await this.codeService.sendSmsCode(body.phoneCode, body.mobile);
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getSmsTypeDefine", { description: "sys:settings:view" })
|
@Post("/getSmsTypeDefine", { description: "sys:settings:view", summary: "查询短信类型定义" })
|
||||||
async getSmsTypeDefine(@Body("type") type: string) {
|
async getSmsTypeDefine(@Body("type") type: string) {
|
||||||
const define = await SmsServiceFactory.getDefine(type);
|
const define = await SmsServiceFactory.getDefine(type);
|
||||||
return this.ok(define);
|
return this.ok(define);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/safe/get", { description: "sys:settings:view" })
|
@Post("/safe/get", { description: "sys:settings:view", summary: "查询安全设置" })
|
||||||
async safeGet() {
|
async safeGet() {
|
||||||
const res = await this.service.getSetting<SysSafeSetting>(SysSafeSetting);
|
const res = await this.service.getSetting<SysSafeSetting>(SysSafeSetting);
|
||||||
const clone: SysSafeSetting = cloneDeep(res);
|
const clone: SysSafeSetting = cloneDeep(res);
|
||||||
@@ -193,7 +210,7 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
return this.ok(clone);
|
return this.ok(clone);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/safe/save", { description: "sys:settings:edit" })
|
@Post("/safe/save", { description: "sys:settings:edit", summary: "保存安全设置" })
|
||||||
async safeSave(@Body(ALL) body: any) {
|
async safeSave(@Body(ALL) body: any) {
|
||||||
if (body.hidden.openPassword) {
|
if (body.hidden.openPassword) {
|
||||||
body.hidden.openPassword = utils.hash.md5(body.hidden.openPassword);
|
body.hidden.openPassword = utils.hash.md5(body.hidden.openPassword);
|
||||||
@@ -205,24 +222,26 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
|
|||||||
throw new Error("首次设置需要填写解锁密码");
|
throw new Error("首次设置需要填写解锁密码");
|
||||||
}
|
}
|
||||||
await this.service.saveSetting(blankSetting);
|
await this.service.saveSetting(blankSetting);
|
||||||
|
await this.auditLog({ content: "保存了安全设置" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/captchaTest", { description: "sys:settings:edit" })
|
@Post("/captchaTest", { description: "sys:settings:edit", summary: "测试验证码" })
|
||||||
async captchaTest(@Body(ALL) body: any, @RequestIP() remoteIp: string) {
|
async captchaTest(@Body(ALL) body: any, @RequestIP() remoteIp: string) {
|
||||||
await this.codeService.checkCaptcha(body, { remoteIp });
|
await this.codeService.checkCaptcha(body, { remoteIp });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/oauth/providers", { description: "sys:settings:view" })
|
@Post("/oauth/providers", { description: "sys:settings:view", summary: "查询OAuth提供商列表" })
|
||||||
async oauthProviders() {
|
async oauthProviders() {
|
||||||
const list = await addonRegistry.getDefineList("oauth");
|
const list = await addonRegistry.getDefineList("oauth");
|
||||||
return this.ok(list);
|
return this.ok(list);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/clearRuntimeDeps", { description: "sys:settings:edit" })
|
@Post("/clearRuntimeDeps", { description: "sys:settings:edit", summary: "清除运行时依赖" })
|
||||||
async clearRuntimeDeps() {
|
async clearRuntimeDeps() {
|
||||||
await this.runtimeDepsService.clearRuntimeDeps();
|
await this.runtimeDepsService.clearRuntimeDeps();
|
||||||
|
await this.auditLog({ content: "清除了运行时依赖" });
|
||||||
return this.ok(true);
|
return this.ok(true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -5,6 +5,7 @@ import { checkPlus } from "@certd/plus-core";
|
|||||||
import { http, logger, utils } from "@certd/basic";
|
import { http, logger, utils } from "@certd/basic";
|
||||||
import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Addon
|
* Addon
|
||||||
@@ -24,6 +25,10 @@ export class AddonController extends CrudController<AddonService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.addon;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询Addon分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询Addon分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -68,7 +73,9 @@ export class AddonController extends CrudController<AddonService> {
|
|||||||
if (define.needPlus) {
|
if (define.needPlus) {
|
||||||
checkPlus();
|
checkPlus();
|
||||||
}
|
}
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了Addon「${bean.name}」(ID:${res.data}, 类型:${bean.type})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新Addon" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新Addon" })
|
||||||
@@ -91,7 +98,9 @@ export class AddonController extends CrudController<AddonService> {
|
|||||||
}
|
}
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了Addon「${bean.name}」(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询Addon详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询Addon详情" })
|
||||||
@@ -103,7 +112,9 @@ export class AddonController extends CrudController<AddonService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除Addon" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除Addon" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了Addon(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/define", { description: Constants.per.authOnly, summary: "查询Addon插件定义" })
|
@Post("/define", { description: Constants.per.authOnly, summary: "查询Addon插件定义" })
|
||||||
@@ -158,6 +169,7 @@ export class AddonController extends CrudController<AddonService> {
|
|||||||
async setDefault(@Query("addonType") addonType: string, @Query("id") id: number) {
|
async setDefault(@Query("addonType") addonType: string, @Query("id") id: number) {
|
||||||
const { projectId, userId } = await this.checkOwner(this.getService(), id, "write", true);
|
const { projectId, userId } = await this.checkOwner(this.getService(), id, "write", true);
|
||||||
const res = await this.service.setDefault(id, userId, addonType, projectId);
|
const res = await this.service.setDefault(id, userId, addonType, projectId);
|
||||||
|
this.auditLog({ content: `设置了默认Addon(ID:${id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,41 @@
|
|||||||
|
import { BaseController, Constants } from "@certd/lib-server";
|
||||||
|
import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||||
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditService } from "../../../modules/sys/enterprise/service/audit-service.js";
|
||||||
|
import { buildAuditTypeDict, buildAuditActionDict } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
|
@Provide()
|
||||||
|
@ApiTags(["audit"])
|
||||||
|
@Controller("/api/pi/audit")
|
||||||
|
export class AuditLogController extends BaseController {
|
||||||
|
@Inject()
|
||||||
|
auditService: AuditService;
|
||||||
|
|
||||||
|
@Post("/page", { description: Constants.per.authOnly, summary: "分页查询当前用户操作日志" })
|
||||||
|
async page(@Body(ALL) body: any) {
|
||||||
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
|
const query: any = { }
|
||||||
|
if (projectId) {
|
||||||
|
//如果是项目级别,排除userId参数,因为日志这里userId不是-1 ,而是实际的用户
|
||||||
|
query.projectId = projectId;
|
||||||
|
}else{
|
||||||
|
query.userId = userId;
|
||||||
|
}
|
||||||
|
body.query = {
|
||||||
|
...body.query || {},
|
||||||
|
...query,
|
||||||
|
scope: "user"
|
||||||
|
}
|
||||||
|
|
||||||
|
const pageRet = await this.auditService.page(body);
|
||||||
|
return this.ok(pageRet);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Post("/dict", { description: Constants.per.authOnly, summary: "获取审计类型和动作字典" })
|
||||||
|
async getDict() {
|
||||||
|
return this.ok({
|
||||||
|
types: buildAuditTypeDict(),
|
||||||
|
actions: buildAuditActionDict(),
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -3,6 +3,7 @@ import { Constants, CrudController } from "@certd/lib-server";
|
|||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { GroupService } from "../../../modules/basic/service/group-service.js";
|
import { GroupService } from "../../../modules/basic/service/group-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通知
|
* 通知
|
||||||
@@ -20,6 +21,10 @@ export class GroupController extends CrudController<GroupService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.pipelineGroup;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询分组分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询分组分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -52,7 +57,9 @@ export class GroupController extends CrudController<GroupService> {
|
|||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了分组「${bean.name}」(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新分组" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新分组" })
|
||||||
@@ -60,7 +67,9 @@ export class GroupController extends CrudController<GroupService> {
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了分组「${bean.name}」(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询分组详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询分组详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -71,7 +80,9 @@ export class GroupController extends CrudController<GroupService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除分组" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除分组" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了分组(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有分组" })
|
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有分组" })
|
||||||
|
|||||||
+17
-4
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { Constants, CrudController } from "@certd/lib-server";
|
import { Constants, CrudController } from "@certd/lib-server";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { CertApplyTemplateService } from "../../../modules/cert/service/cert-apply-template-service.js";
|
import { CertApplyTemplateService } from "../../../modules/cert/service/cert-apply-template-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/cert/apply-template")
|
@Controller("/api/cert/apply-template")
|
||||||
@@ -14,6 +15,10 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.certTemplate;
|
||||||
|
}
|
||||||
|
|
||||||
private removeContent(data: any) {
|
private removeContent(data: any) {
|
||||||
const records = Array.isArray(data) ? data : data?.records;
|
const records = Array.isArray(data) ? data : data?.records;
|
||||||
if (!records) {
|
if (!records) {
|
||||||
@@ -53,7 +58,9 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
|
|||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了证书参数模版(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新证书申请参数模版" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新证书申请参数模版" })
|
||||||
@@ -61,7 +68,9 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了证书参数模版(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询证书申请参数模版详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询证书申请参数模版详情" })
|
||||||
@@ -73,13 +82,17 @@ export class CertApplyTemplateController extends CrudController<CertApplyTemplat
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除证书申请参数模版" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除证书申请参数模版" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了证书参数模版(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/setDefault", { description: Constants.per.authOnly, summary: "设置默认证书申请参数模版" })
|
@Post("/setDefault", { description: Constants.per.authOnly, summary: "设置默认证书申请参数模版" })
|
||||||
async setDefault(@Body("id") id: number) {
|
async setDefault(@Body("id") id: number) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
return this.ok(await this.service.setDefault(id, userId, projectId));
|
const defaultId = await this.service.setDefault(id, userId, projectId);
|
||||||
|
this.auditLog({ content: `设置了默认证书参数模版(ID:${id})` });
|
||||||
|
return this.ok(defaultId);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/default", { description: Constants.per.authOnly, summary: "查询默认证书申请参数模版" })
|
@Post("/default", { description: Constants.per.authOnly, summary: "查询默认证书申请参数模版" })
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { Constants, CrudController } from "@certd/lib-server";
|
import { Constants, CrudController } from "@certd/lib-server";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { DnsPersistRecordService } from "../../../modules/cert/service/dns-persist-record-service.js";
|
import { DnsPersistRecordService } from "../../../modules/cert/service/dns-persist-record-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/cert/dns-persist")
|
@Controller("/api/cert/dns-persist")
|
||||||
@@ -14,6 +15,10 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.dnsPersist;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询DNS持久验证记录分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询DNS持久验证记录分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -28,7 +33,9 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
|
|||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
return super.add(bean);
|
const res = await this.getService().add(bean);
|
||||||
|
this.auditLog({ content: `新增了DNS持久验证记录(ID:${res.id})` });
|
||||||
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新DNS持久验证记录" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新DNS持久验证记录" })
|
||||||
@@ -36,7 +43,9 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了DNS持久验证记录(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询DNS持久验证记录详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询DNS持久验证记录详情" })
|
||||||
@@ -49,6 +58,7 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
|
|||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
await this.service.delete(id as any);
|
await this.service.delete(id as any);
|
||||||
|
this.auditLog({ content: `删除了DNS持久验证记录(ID:${id})` });
|
||||||
return this.ok({
|
return this.ok({
|
||||||
message: this.service.lastDeleteMessage,
|
message: this.service.lastDeleteMessage,
|
||||||
});
|
});
|
||||||
@@ -80,12 +90,16 @@ export class DnsPersistRecordController extends CrudController<DnsPersistRecordS
|
|||||||
@Post("/triggerVerify", { description: Constants.per.authOnly, summary: "后台验证DNS持久验证记录" })
|
@Post("/triggerVerify", { description: Constants.per.authOnly, summary: "后台验证DNS持久验证记录" })
|
||||||
async triggerVerify(@Body(ALL) body: { id: number }) {
|
async triggerVerify(@Body(ALL) body: { id: number }) {
|
||||||
await this.checkOwner(this.getService(), body.id, "write");
|
await this.checkOwner(this.getService(), body.id, "write");
|
||||||
return this.ok(await this.service.triggerVerify(body.id));
|
const res = await this.service.triggerVerify(body.id);
|
||||||
|
this.auditLog({ content: `触发了DNS持久验证(ID:${body.id})` });
|
||||||
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/createTxt", { description: Constants.per.authOnly, summary: "一键创建DNS持久验证TXT记录" })
|
@Post("/createTxt", { description: Constants.per.authOnly, summary: "一键创建DNS持久验证TXT记录" })
|
||||||
async createTxt(@Body(ALL) body: { id: number; dnsProviderType?: string; dnsProviderAccess?: number }) {
|
async createTxt(@Body(ALL) body: { id: number; dnsProviderType?: string; dnsProviderAccess?: number }) {
|
||||||
await this.checkOwner(this.getService(), body.id, "write");
|
await this.checkOwner(this.getService(), body.id, "write");
|
||||||
return this.ok(await this.service.createDnsTxt(body));
|
const res = await this.service.createDnsTxt(body);
|
||||||
|
this.auditLog({ content: `一键创建了DNS持久验证TXT记录(ID:${body.id})` });
|
||||||
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { DomainService } from "../../../modules/cert/service/domain-service.js";
|
|||||||
import { checkPlus } from "@certd/plus-core";
|
import { checkPlus } from "@certd/plus-core";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { parseDomainByPsl } from "@certd/plugin-lib";
|
import { parseDomainByPsl } from "@certd/plugin-lib";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 授权
|
* 授权
|
||||||
@@ -19,6 +20,10 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.domain;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询域名分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询域名分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -58,7 +63,9 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了域名「${bean.domain}」` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新域名" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新域名" })
|
||||||
@@ -66,7 +73,9 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了域名「${bean.domain}」` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询域名详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询域名详情" })
|
||||||
@@ -78,13 +87,16 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除域名" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除域名" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了域名(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除域名" })
|
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除域名" })
|
||||||
async deleteByIds(@Body(ALL) body: any) {
|
async deleteByIds(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
await this.service.batchDelete(body.ids, userId, projectId);
|
await this.service.batchDelete(body.ids, userId, projectId);
|
||||||
|
this.auditLog({ content: `批量删除了${body.ids.length}条域名` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -99,6 +111,7 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
};
|
};
|
||||||
await this.service.startDomainImportTask(req);
|
await this.service.startDomainImportTask(req);
|
||||||
|
this.auditLog({ content: "开始了域名导入任务" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -123,6 +136,7 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
key,
|
key,
|
||||||
};
|
};
|
||||||
await this.service.deleteDomainImportTask(req);
|
await this.service.deleteDomainImportTask(req);
|
||||||
|
this.auditLog({ content: "删除了域名导入任务" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -139,6 +153,7 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
key,
|
key,
|
||||||
};
|
};
|
||||||
const item = await this.service.saveDomainImportTask(req);
|
const item = await this.service.saveDomainImportTask(req);
|
||||||
|
this.auditLog({ content: "保存了域名导入任务" });
|
||||||
return this.ok(item);
|
return this.ok(item);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -149,6 +164,7 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
userId: userId,
|
userId: userId,
|
||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "开始了同步域名过期时间任务" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/sync/expiration/status", { description: Constants.per.authOnly, summary: "查询同步域名过期时间任务状态" })
|
@Post("/sync/expiration/status", { description: Constants.per.authOnly, summary: "查询同步域名过期时间任务状态" })
|
||||||
@@ -169,6 +185,7 @@ export class DomainController extends CrudController<DomainService> {
|
|||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
setting: { ...body },
|
setting: { ...body },
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "保存了域名监控设置" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { Constants, CrudController } from "@certd/lib-server";
|
import { Constants, CrudController } from "@certd/lib-server";
|
||||||
import { CnameRecordService } from "../../../modules/cname/service/cname-record-service.js";
|
import { CnameRecordService } from "../../../modules/cname/service/cname-record-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 授权
|
* 授权
|
||||||
@@ -17,6 +18,10 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.cname;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询CNAME记录分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询CNAME记录分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { userId, projectId } = await this.getProjectUserIdRead();
|
const { userId, projectId } = await this.getProjectUserIdRead();
|
||||||
@@ -56,7 +61,9 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
const { userId, projectId } = await this.getProjectUserIdWrite();
|
const { userId, projectId } = await this.getProjectUserIdWrite();
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了CNAME记录「${bean.domain}」` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新CNAME记录" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新CNAME记录" })
|
||||||
@@ -64,7 +71,9 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了CNAME记录(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询CNAME记录详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询CNAME记录详情" })
|
||||||
@@ -76,13 +85,16 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除CNAME记录" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除CNAME记录" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了CNAME记录(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除CNAME记录" })
|
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除CNAME记录" })
|
||||||
async deleteByIds(@Body(ALL) body: any) {
|
async deleteByIds(@Body(ALL) body: any) {
|
||||||
const { userId, projectId } = await this.getProjectUserIdWrite();
|
const { userId, projectId } = await this.getProjectUserIdWrite();
|
||||||
await this.service.batchDelete(body.ids, userId, projectId);
|
await this.service.batchDelete(body.ids, userId, projectId);
|
||||||
|
this.auditLog({ content: `批量删除了${body.ids.length}条CNAME记录` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/getByDomain", { description: Constants.per.authOnly, summary: "根据域名获取CNAME记录" })
|
@Post("/getByDomain", { description: Constants.per.authOnly, summary: "根据域名获取CNAME记录" })
|
||||||
@@ -103,6 +115,7 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
async resetStatus(@Body(ALL) body: { id: number }) {
|
async resetStatus(@Body(ALL) body: { id: number }) {
|
||||||
await this.checkOwner(this.getService(), body.id, "read");
|
await this.checkOwner(this.getService(), body.id, "read");
|
||||||
const res = await this.service.resetStatus(body.id);
|
const res = await this.service.resetStatus(body.id);
|
||||||
|
this.auditLog({ content: `重置了CNAME记录状态(ID:${body.id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
@Post("/import", { description: Constants.per.authOnly, summary: "导入CNAME记录" })
|
@Post("/import", { description: Constants.per.authOnly, summary: "导入CNAME记录" })
|
||||||
@@ -114,6 +127,7 @@ export class CnameRecordController extends CrudController<CnameRecordService> {
|
|||||||
domainList: body.domainList,
|
domainList: body.domainList,
|
||||||
cnameProviderId: body.cnameProviderId,
|
cnameProviderId: body.cnameProviderId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ append: `提交${res.count}条` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { AuthService } from "../../../modules/sys/authority/service/auth-service
|
|||||||
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
||||||
import { ProjectMemberService } from "../../../modules/sys/enterprise/service/project-member-service.js";
|
import { ProjectMemberService } from "../../../modules/sys/enterprise/service/project-member-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -24,6 +25,10 @@ export class UserProjectController extends BaseController {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.enterprise;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param body
|
* @param body
|
||||||
* @returns
|
* @returns
|
||||||
@@ -63,6 +68,7 @@ export class UserProjectController extends BaseController {
|
|||||||
async applyJoin(@Body(ALL) body: any) {
|
async applyJoin(@Body(ALL) body: any) {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
const res = await this.service.applyJoin({ userId, projectId: body.projectId });
|
const res = await this.service.applyJoin({ userId, projectId: body.projectId });
|
||||||
|
this.auditLog({ content: "申请了加入项目" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -84,6 +90,7 @@ export class UserProjectController extends BaseController {
|
|||||||
status,
|
status,
|
||||||
permission,
|
permission,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "更新了项目成员" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -92,6 +99,7 @@ export class UserProjectController extends BaseController {
|
|||||||
const { projectId } = await this.getProjectUserIdAdmin();
|
const { projectId } = await this.getProjectUserIdAdmin();
|
||||||
const { status, permission, userId } = body;
|
const { status, permission, userId } = body;
|
||||||
const res = await this.service.approveJoin({ userId, projectId: projectId, status, permission });
|
const res = await this.service.approveJoin({ userId, projectId: projectId, status, permission });
|
||||||
|
this.auditLog({ content: "审批了加入项目申请" });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -100,8 +108,9 @@ export class UserProjectController extends BaseController {
|
|||||||
const { projectId } = await this.getProjectUserIdAdmin();
|
const { projectId } = await this.getProjectUserIdAdmin();
|
||||||
await this.projectMemberService.deleteWhere({
|
await this.projectMemberService.deleteWhere({
|
||||||
projectId,
|
projectId,
|
||||||
userId: this.getUserId(),
|
userId: body.userId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "删除了项目成员" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -113,6 +122,7 @@ export class UserProjectController extends BaseController {
|
|||||||
projectId,
|
projectId,
|
||||||
userId,
|
userId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "离开了项目" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+13
-3
@@ -5,6 +5,7 @@ import { ProjectMemberService } from "../../../modules/sys/enterprise/service/pr
|
|||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
import { ProjectService } from "../../../modules/sys/enterprise/service/project-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@Provide()
|
@Provide()
|
||||||
@@ -24,6 +25,10 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.enterprise;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询项目成员分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询项目成员分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId } = await this.getProjectUserIdRead();
|
const { projectId } = await this.getProjectUserIdRead();
|
||||||
@@ -53,7 +58,9 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
|
|||||||
projectId: bean.projectId,
|
projectId: bean.projectId,
|
||||||
});
|
});
|
||||||
|
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了项目成员(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新项目成员" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新项目成员" })
|
||||||
@@ -71,7 +78,7 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
|
|||||||
permission: bean.permission,
|
permission: bean.permission,
|
||||||
status: bean.status,
|
status: bean.status,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: `修改了项目成员(ID:${bean.id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -98,7 +105,9 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
|
|||||||
userId: this.getUserId(),
|
userId: this.getUserId(),
|
||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
});
|
});
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了项目成员(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除项目成员" })
|
@Post("/deleteByIds", { description: Constants.per.authOnly, summary: "批量删除项目成员" })
|
||||||
@@ -115,6 +124,7 @@ export class ProjectMemberController extends CrudController<ProjectMemberEntity>
|
|||||||
await this.service.delete(id as any);
|
await this.service.delete(id as any);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
this.auditLog({ content: `批量删除了${ids.length}条项目成员` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ import { BaseController, Constants } from "@certd/lib-server";
|
|||||||
import { Controller, Inject, Post, Provide } from "@midwayjs/core";
|
import { Controller, Inject, Post, Provide } from "@midwayjs/core";
|
||||||
import { TransferService } from "../../../modules/sys/enterprise/service/transfer-service.js";
|
import { TransferService } from "../../../modules/sys/enterprise/service/transfer-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -16,6 +17,10 @@ export class TransferController extends BaseController {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.enterprise;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 我自己的资源
|
* 我自己的资源
|
||||||
* @param body
|
* @param body
|
||||||
@@ -38,6 +43,7 @@ export class TransferController extends BaseController {
|
|||||||
const { projectId } = await this.getProjectUserIdRead();
|
const { projectId } = await this.getProjectUserIdRead();
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
await this.service.transferAll(userId, projectId);
|
await this.service.transferAll(userId, projectId);
|
||||||
|
this.auditLog({ content: "迁移了项目资源" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { BaseController } from "@certd/lib-server";
|
|||||||
import { Constants } from "@certd/lib-server";
|
import { Constants } from "@certd/lib-server";
|
||||||
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -13,10 +14,15 @@ export class EmailController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
emailService: EmailService;
|
emailService: EmailService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.mine;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/test", { description: Constants.per.authOnly, summary: "测试邮件发送" })
|
@Post("/test", { description: Constants.per.authOnly, summary: "测试邮件发送" })
|
||||||
public async test(@Body("receiver") receiver) {
|
public async test(@Body("receiver") receiver) {
|
||||||
const userId = super.getUserId();
|
const userId = super.getUserId();
|
||||||
await this.emailService.test(userId, receiver);
|
await this.emailService.test(userId, receiver);
|
||||||
|
this.auditLog({ content: "测试了邮件发送" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -31,6 +37,7 @@ export class EmailController extends BaseController {
|
|||||||
public async add(@Body("email") email) {
|
public async add(@Body("email") email) {
|
||||||
const userId = super.getUserId();
|
const userId = super.getUserId();
|
||||||
await this.emailService.add(userId, email);
|
await this.emailService.add(userId, email);
|
||||||
|
this.auditLog({ content: "添加了邮件" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -38,6 +45,7 @@ export class EmailController extends BaseController {
|
|||||||
public async delete(@Body("email") email) {
|
public async delete(@Body("email") email) {
|
||||||
const userId = super.getUserId();
|
const userId = super.getUserId();
|
||||||
await this.emailService.delete(userId, email);
|
await this.emailService.delete(userId, email);
|
||||||
|
this.auditLog({ content: "删除了邮件" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ import { http, logger, utils } from "@certd/basic";
|
|||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
import { CodeService } from "../../../modules/basic/service/code-service.js";
|
||||||
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
import { EmailService } from "../../../modules/basic/service/email-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -40,6 +41,10 @@ export class MineController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
emailService: EmailService;
|
emailService: EmailService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.mine;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询用户信息" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询用户信息" })
|
||||||
public async info() {
|
public async info() {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
@@ -73,6 +78,7 @@ export class MineController extends BaseController {
|
|||||||
public async changePassword(@Body(ALL) body: any) {
|
public async changePassword(@Body(ALL) body: any) {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
await this.userService.changePassword(userId, body);
|
await this.userService.changePassword(userId, body);
|
||||||
|
this.auditLog({ content: "修改了密码" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -80,6 +86,7 @@ export class MineController extends BaseController {
|
|||||||
public async initPassword(@Body(ALL) body: any) {
|
public async initPassword(@Body(ALL) body: any) {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
await this.userService.initPassword(userId, body);
|
await this.userService.initPassword(userId, body);
|
||||||
|
this.auditLog({ content: "初始化了密码" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -91,6 +98,7 @@ export class MineController extends BaseController {
|
|||||||
avatar: body.avatar,
|
avatar: body.avatar,
|
||||||
nickName: body.nickName,
|
nickName: body.nickName,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "更新了个人资料" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -129,6 +137,7 @@ export class MineController extends BaseController {
|
|||||||
phoneCode: body.phoneCode,
|
phoneCode: body.phoneCode,
|
||||||
mobile: body.mobile,
|
mobile: body.mobile,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "修改了手机号" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -145,12 +154,13 @@ export class MineController extends BaseController {
|
|||||||
await this.userService.updateEmail(userId, {
|
await this.userService.updateEmail(userId, {
|
||||||
email: body.email,
|
email: body.email,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "修改了邮箱" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/accountInit", { description: Constants.per.authOnly, summary: "初始化Let's Encrypt ACME账号和邮件通知" })
|
@Post("/accountInit", { description: Constants.per.authOnly, summary: "初始化Let's Encrypt ACME账号和邮件通知" })
|
||||||
public async accountInit(@Body("email") email?: string) {
|
public async accountInit(@Body("email") email?: string) {
|
||||||
let userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
let userEmail = email;
|
let userEmail = email;
|
||||||
let user: any = null;
|
let user: any = null;
|
||||||
if (!userEmail) {
|
if (!userEmail) {
|
||||||
@@ -190,7 +200,7 @@ export class MineController extends BaseController {
|
|||||||
type: "acmeAccount",
|
type: "acmeAccount",
|
||||||
name: "Let's Encrypt",
|
name: "Let's Encrypt",
|
||||||
userId,
|
userId,
|
||||||
projectId:undefined,
|
projectId: undefined,
|
||||||
setting: JSON.stringify({
|
setting: JSON.stringify({
|
||||||
caType: "letsencrypt",
|
caType: "letsencrypt",
|
||||||
email: userEmail,
|
email: userEmail,
|
||||||
@@ -198,6 +208,7 @@ export class MineController extends BaseController {
|
|||||||
}),
|
}),
|
||||||
});
|
});
|
||||||
|
|
||||||
|
this.auditLog({ content: "初始化了Let's Encrypt ACME账号和邮件通知" });
|
||||||
return this.ok({ success: true });
|
return this.ok({ success: true });
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { PasskeyService } from "../../../modules/login/service/passkey-service.j
|
|||||||
import { BaseController, Constants } from "@certd/lib-server";
|
import { BaseController, Constants } from "@certd/lib-server";
|
||||||
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
|
import { UserService } from "../../../modules/sys/authority/service/user-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@Controller("/api/mine/passkey")
|
@Controller("/api/mine/passkey")
|
||||||
@@ -14,6 +15,10 @@ export class MinePasskeyController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
userService: UserService;
|
userService: UserService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.mine;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/generateRegistration", { description: Constants.per.authOnly, summary: "生成Passkey注册选项" })
|
@Post("/generateRegistration", { description: Constants.per.authOnly, summary: "生成Passkey注册选项" })
|
||||||
public async generateRegistration(
|
public async generateRegistration(
|
||||||
@Body(ALL)
|
@Body(ALL)
|
||||||
@@ -46,7 +51,7 @@ export class MinePasskeyController extends BaseController {
|
|||||||
const deviceName = body.deviceName;
|
const deviceName = body.deviceName;
|
||||||
|
|
||||||
const result = await this.passkeyService.registerPasskey(userId, response, challenge, deviceName, this.ctx);
|
const result = await this.passkeyService.registerPasskey(userId, response, challenge, deviceName, this.ctx);
|
||||||
|
this.auditLog({ content: "验证注册了Passkey" });
|
||||||
return this.ok(result);
|
return this.ok(result);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -62,6 +67,7 @@ export class MinePasskeyController extends BaseController {
|
|||||||
|
|
||||||
const result = await this.passkeyService.registerPasskey(userId, response, challenge, deviceName, this.ctx);
|
const result = await this.passkeyService.registerPasskey(userId, response, challenge, deviceName, this.ctx);
|
||||||
|
|
||||||
|
this.auditLog({ content: "注册了Passkey" });
|
||||||
return this.ok(result);
|
return this.ok(result);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -90,6 +96,7 @@ export class MinePasskeyController extends BaseController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await this.passkeyService.delete([passkey.id]);
|
await this.passkeyService.delete([passkey.id]);
|
||||||
|
this.auditLog({ content: "解绑了Passkey" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ import { merge } from "lodash-es";
|
|||||||
import { TwoFactorService } from "../../../modules/mine/service/two-factor-service.js";
|
import { TwoFactorService } from "../../../modules/mine/service/two-factor-service.js";
|
||||||
import { isPlus } from "@certd/plus-core";
|
import { isPlus } from "@certd/plus-core";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -19,6 +20,10 @@ export class UserTwoFactorSettingController extends BaseController {
|
|||||||
@Inject()
|
@Inject()
|
||||||
twoFactorService: TwoFactorService;
|
twoFactorService: TwoFactorService;
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.mine;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/get", { description: Constants.per.authOnly, summary: "获取双因子认证设置" })
|
@Post("/get", { description: Constants.per.authOnly, summary: "获取双因子认证设置" })
|
||||||
async get() {
|
async get() {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
@@ -42,6 +47,7 @@ export class UserTwoFactorSettingController extends BaseController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await this.service.saveSetting(userId, null, setting);
|
await this.service.saveSetting(userId, null, setting);
|
||||||
|
this.auditLog({ content: "保存了双因子认证设置" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -62,6 +68,7 @@ export class UserTwoFactorSettingController extends BaseController {
|
|||||||
userId,
|
userId,
|
||||||
verifyCode: bean.verifyCode,
|
verifyCode: bean.verifyCode,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "保存了验证器设置" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -69,6 +76,7 @@ export class UserTwoFactorSettingController extends BaseController {
|
|||||||
async authenticatorOff() {
|
async authenticatorOff() {
|
||||||
const userId = this.getUserId();
|
const userId = this.getUserId();
|
||||||
await this.twoFactorService.offAuthenticator(userId);
|
await this.twoFactorService.offAuthenticator(userId);
|
||||||
|
this.auditLog({ content: "关闭了验证器" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ import { UserGrantSetting } from "../../../modules/mine/service/models.js";
|
|||||||
import { isPlus } from "@certd/plus-core";
|
import { isPlus } from "@certd/plus-core";
|
||||||
import { merge } from "lodash-es";
|
import { merge } from "lodash-es";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -20,6 +21,10 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.mine;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询用户设置分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询用户设置分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -62,6 +67,7 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
|||||||
async save(@Body(ALL) bean: UserSettingsEntity) {
|
async save(@Body(ALL) bean: UserSettingsEntity) {
|
||||||
bean.userId = this.getUserId();
|
bean.userId = this.getUserId();
|
||||||
await this.service.save(bean);
|
await this.service.save(bean);
|
||||||
|
this.auditLog({ content: "保存了用户设置" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -88,6 +94,7 @@ export class UserSettingsController extends CrudController<UserSettingsService>
|
|||||||
merge(setting, bean);
|
merge(setting, bean);
|
||||||
|
|
||||||
await this.service.saveSetting(userId, null, setting);
|
await this.service.saveSetting(userId, null, setting);
|
||||||
|
this.auditLog({ content: "保存了授权设置" });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -8,6 +8,7 @@ import { logger } from "@certd/basic";
|
|||||||
import dayjs from "dayjs";
|
import dayjs from "dayjs";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
import { CertReader } from "@certd/plugin-lib";
|
import { CertReader } from "@certd/plugin-lib";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -29,6 +30,10 @@ export class CertInfoController extends CrudController<CertInfoService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.monitor;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询证书分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询证书分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -117,7 +122,9 @@ export class CertInfoController extends CrudController<CertInfoService> {
|
|||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了证书(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新证书" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新证书" })
|
||||||
@@ -125,7 +132,9 @@ export class CertInfoController extends CrudController<CertInfoService> {
|
|||||||
await this.checkOwner(this.service, bean.id, "write");
|
await this.checkOwner(this.service, bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了证书(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询证书详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询证书详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -136,7 +145,9 @@ export class CertInfoController extends CrudController<CertInfoService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除证书" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除证书" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.service, id, "write");
|
await this.checkOwner(this.service, id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了证书(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有证书" })
|
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有证书" })
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { ApiTags } from "@midwayjs/swagger";
|
|||||||
import { SiteInfoService } from "../../../modules/monitor/index.js";
|
import { SiteInfoService } from "../../../modules/monitor/index.js";
|
||||||
import { JobHistoryService } from "../../../modules/monitor/service/job-history-service.js";
|
import { JobHistoryService } from "../../../modules/monitor/service/job-history-service.js";
|
||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -22,6 +23,10 @@ export class JobHistoryController extends CrudController<JobHistoryService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.jobHistory;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询监控运行历史分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询监控运行历史分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -54,12 +59,15 @@ export class JobHistoryController extends CrudController<JobHistoryService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除监控运行历史" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除监控运行历史" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.service, id, "write");
|
await this.checkOwner(this.service, id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了监控运行历史(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除监控运行历史" })
|
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除监控运行历史" })
|
||||||
async batchDelete(@Body("ids") ids: number[]) {
|
async batchDelete(@Body("ids") ids: number[]) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
await this.service.batchDelete(ids, userId, projectId);
|
await this.service.batchDelete(ids, userId, projectId);
|
||||||
|
this.auditLog({ content: `批量删除了${ids.length}条监控运行历史` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -7,6 +7,7 @@ import { merge } from "lodash-es";
|
|||||||
import { SiteIpService } from "../../../modules/monitor/service/site-ip-service.js";
|
import { SiteIpService } from "../../../modules/monitor/service/site-ip-service.js";
|
||||||
import { utils } from "@certd/basic";
|
import { utils } from "@certd/basic";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -20,11 +21,14 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
authService: AuthService;
|
authService: AuthService;
|
||||||
@Inject()
|
@Inject()
|
||||||
siteIpService: SiteIpService;
|
siteIpService: SiteIpService;
|
||||||
|
|
||||||
getService(): SiteInfoService {
|
getService(): SiteInfoService {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.monitor;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点监控分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点监控分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -75,6 +79,9 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
if (entity.disabled) {
|
if (entity.disabled) {
|
||||||
this.service.check(entity.id, true, 0);
|
this.service.check(entity.id, true, 0);
|
||||||
}
|
}
|
||||||
|
this.auditLog({
|
||||||
|
content: `新增了站点监控「${bean.name}」(ID:${res.id}, 域名:${bean.domain})`,
|
||||||
|
});
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -88,6 +95,9 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
if (entity.disabled) {
|
if (entity.disabled) {
|
||||||
this.service.check(entity.id, true, 0);
|
this.service.check(entity.id, true, 0);
|
||||||
}
|
}
|
||||||
|
this.auditLog({
|
||||||
|
content: `修改了站点监控「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询站点监控详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询站点监控详情" })
|
||||||
@@ -99,13 +109,20 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除站点监控" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除站点监控" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.service, id, "write");
|
await this.checkOwner(this.service, id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `删除了站点监控(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除站点监控" })
|
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除站点监控" })
|
||||||
async batchDelete(@Body(ALL) body: any) {
|
async batchDelete(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
await this.service.batchDelete(body.ids, userId, projectId);
|
const count = await this.service.batchDelete(body.ids, userId, projectId);
|
||||||
|
this.auditLog({
|
||||||
|
content: `批量删除了${count}条站点监控`,
|
||||||
|
});
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -133,6 +150,7 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
userId,
|
userId,
|
||||||
projectId,
|
projectId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "导入了站点监控" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -170,6 +188,7 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
key,
|
key,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "删除了站点监控导入任务" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -182,6 +201,7 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
|
|||||||
userId: userId,
|
userId: userId,
|
||||||
projectId: projectId,
|
projectId: projectId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "开始了站点监控导入任务" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { AuthService } from "../../../modules/sys/authority/service/auth-service
|
|||||||
import { SiteIpService } from "../../../modules/monitor/service/site-ip-service.js";
|
import { SiteIpService } from "../../../modules/monitor/service/site-ip-service.js";
|
||||||
import { SiteInfoService } from "../../../modules/monitor/index.js";
|
import { SiteInfoService } from "../../../modules/monitor/index.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -22,6 +23,10 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.siteIp;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点IP分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询站点IP分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -57,6 +62,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
|||||||
const { domain, httpsPort } = siteEntity;
|
const { domain, httpsPort } = siteEntity;
|
||||||
this.service.check(res.id, domain, httpsPort);
|
this.service.check(res.id, domain, httpsPort);
|
||||||
}
|
}
|
||||||
|
this.auditLog({ content: `新增了站点IP(ID:${res.id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -71,6 +77,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
|||||||
const { domain, httpsPort } = siteEntity;
|
const { domain, httpsPort } = siteEntity;
|
||||||
this.service.check(siteEntity.id, domain, httpsPort);
|
this.service.check(siteEntity.id, domain, httpsPort);
|
||||||
}
|
}
|
||||||
|
this.auditLog({ content: `修改了站点IP(ID:${bean.id})` });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询站点IP详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询站点IP详情" })
|
||||||
@@ -85,6 +92,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
|||||||
const entity = await this.service.info(id);
|
const entity = await this.service.info(id);
|
||||||
const res = await super.delete(id);
|
const res = await super.delete(id);
|
||||||
await this.service.updateIpCount(entity.siteId);
|
await this.service.updateIpCount(entity.siteId);
|
||||||
|
this.auditLog({ content: `删除了站点IP(ID:${id})` });
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -124,6 +132,7 @@ export class SiteInfoController extends CrudController<SiteIpService> {
|
|||||||
siteId: body.siteId,
|
siteId: body.siteId,
|
||||||
projectId,
|
projectId,
|
||||||
});
|
});
|
||||||
|
this.auditLog({ content: "导入了站点IP" });
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { Constants, CrudController } from "@certd/lib-server";
|
|||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { OpenKeyService } from "../../../modules/open/service/open-key-service.js";
|
import { OpenKeyService } from "../../../modules/open/service/open-key-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*/
|
*/
|
||||||
@@ -14,11 +15,14 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
|||||||
service: OpenKeyService;
|
service: OpenKeyService;
|
||||||
@Inject()
|
@Inject()
|
||||||
authService: AuthService;
|
authService: AuthService;
|
||||||
|
|
||||||
getService(): OpenKeyService {
|
getService(): OpenKeyService {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.openKey;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询开放API密钥分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询开放API密钥分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -57,6 +61,9 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
|||||||
body.projectId = projectId;
|
body.projectId = projectId;
|
||||||
body.userId = userId;
|
body.userId = userId;
|
||||||
const res = await this.service.add(body);
|
const res = await this.service.add(body);
|
||||||
|
this.auditLog({
|
||||||
|
content: `新增了API密钥(ID:${res.id}, scope:${body.scope})`,
|
||||||
|
});
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -66,6 +73,9 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
|||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
await this.service.update(bean);
|
await this.service.update(bean);
|
||||||
|
this.auditLog({
|
||||||
|
content: `修改了API密钥(ID:${bean.id})`,
|
||||||
|
});
|
||||||
return this.ok();
|
return this.ok();
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询开放API密钥详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询开放API密钥详情" })
|
||||||
@@ -90,7 +100,11 @@ export class OpenKeyController extends CrudController<OpenKeyService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除开放API密钥" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除开放API密钥" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `删除了API密钥(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/getApiToken", { description: Constants.per.authOnly, summary: "获取API测试令牌" })
|
@Post("/getApiToken", { description: Constants.per.authOnly, summary: "获取API测试令牌" })
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { AccessService } from "@certd/lib-server";
|
|||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { AccessDefine } from "@certd/pipeline";
|
import { AccessDefine } from "@certd/pipeline";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 授权
|
* 授权
|
||||||
@@ -16,11 +17,14 @@ export class AccessController extends CrudController<AccessService> {
|
|||||||
service: AccessService;
|
service: AccessService;
|
||||||
@Inject()
|
@Inject()
|
||||||
authService: AuthService;
|
authService: AuthService;
|
||||||
|
|
||||||
getService(): AccessService {
|
getService(): AccessService {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.access;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询授权配置分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询授权配置分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -58,7 +62,11 @@ export class AccessController extends CrudController<AccessService> {
|
|||||||
const { projectId, userId } = await this.getProjectUserIdWrite();
|
const { projectId, userId } = await this.getProjectUserIdWrite();
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({
|
||||||
|
content: `新增了授权「${bean.name}」(ID:${res.data}, 类型:${bean.type})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新授权配置" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新授权配置" })
|
||||||
@@ -66,7 +74,11 @@ export class AccessController extends CrudController<AccessService> {
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({
|
||||||
|
content: `修改了授权「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询授权配置详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询授权配置详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -77,7 +89,11 @@ export class AccessController extends CrudController<AccessService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除授权配置" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除授权配置" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `删除了授权(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/define", { description: Constants.per.authOnly, summary: "查询授权插件定义" })
|
@Post("/define", { description: Constants.per.authOnly, summary: "查询授权插件定义" })
|
||||||
|
|||||||
@@ -5,6 +5,7 @@ import { AuthService } from "../../../modules/sys/authority/service/auth-service
|
|||||||
import { NotificationDefine } from "@certd/pipeline";
|
import { NotificationDefine } from "@certd/pipeline";
|
||||||
import { checkPlus } from "@certd/plus-core";
|
import { checkPlus } from "@certd/plus-core";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通知
|
* 通知
|
||||||
@@ -17,11 +18,14 @@ export class NotificationController extends CrudController<NotificationService>
|
|||||||
service: NotificationService;
|
service: NotificationService;
|
||||||
@Inject()
|
@Inject()
|
||||||
authService: AuthService;
|
authService: AuthService;
|
||||||
|
|
||||||
getService(): NotificationService {
|
getService(): NotificationService {
|
||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.notification;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询通知配置分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询通知配置分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -62,7 +66,11 @@ export class NotificationController extends CrudController<NotificationService>
|
|||||||
if (define.needPlus) {
|
if (define.needPlus) {
|
||||||
checkPlus();
|
checkPlus();
|
||||||
}
|
}
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({
|
||||||
|
content: `新增了通知配置「${bean.name}」(ID:${res.data}, 类型:${bean.type})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新通知配置" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新通知配置" })
|
||||||
@@ -84,7 +92,11 @@ export class NotificationController extends CrudController<NotificationService>
|
|||||||
}
|
}
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({
|
||||||
|
content: `修改了通知配置「${bean.name}」(ID:${bean.id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询通知配置详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询通知配置详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -95,7 +107,11 @@ export class NotificationController extends CrudController<NotificationService>
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除通知配置" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除通知配置" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `删除了通知配置(ID:${id})`,
|
||||||
|
});
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/define", { description: Constants.per.authOnly, summary: "查询通知插件定义" })
|
@Post("/define", { description: Constants.per.authOnly, summary: "查询通知插件定义" })
|
||||||
@@ -154,6 +170,7 @@ export class NotificationController extends CrudController<NotificationService>
|
|||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
const res = await this.service.setDefault(id, userId, projectId);
|
const res = await this.service.setDefault(id, userId, projectId);
|
||||||
|
this.auditLog({ content: `设置了默认通知配置(ID:${id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -7,6 +7,7 @@ import { HistoryService } from "../../../modules/pipeline/service/history-servic
|
|||||||
import { PipelineService } from "../../../modules/pipeline/service/pipeline-service.js";
|
import { PipelineService } from "../../../modules/pipeline/service/pipeline-service.js";
|
||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { PipelineEntity } from "../../../modules/pipeline/entity/pipeline.js";
|
import { PipelineEntity } from "../../../modules/pipeline/entity/pipeline.js";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
const pipelineExample = `
|
const pipelineExample = `
|
||||||
// 流水线配置示例,实际传送时要去掉注释
|
// 流水线配置示例,实际传送时要去掉注释
|
||||||
@@ -127,6 +128,10 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.pipeline;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
const isAdmin = await this.authService.isAdmin(this.ctx);
|
const isAdmin = await this.authService.isAdmin(this.ctx);
|
||||||
@@ -196,7 +201,8 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
@Post("/save", { description: Constants.per.authOnly, summary: "新增/更新流水线" })
|
@Post("/save", { description: Constants.per.authOnly, summary: "新增/更新流水线" })
|
||||||
async save(@Body() bean: PipelineSaveDTO) {
|
async save(@Body() bean: PipelineSaveDTO) {
|
||||||
const { userId, projectId } = await this.getProjectUserIdWrite();
|
const { userId, projectId } = await this.getProjectUserIdWrite();
|
||||||
if (bean.id > 0) {
|
const isNew = bean.id <= 0;
|
||||||
|
if (!isNew) {
|
||||||
const { userId, projectId } = await this.checkOwner(this.getService(), bean.id, "write", true);
|
const { userId, projectId } = await this.checkOwner(this.getService(), bean.id, "write", true);
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
@@ -206,16 +212,20 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!this.isAdmin()) {
|
if (!this.isAdmin()) {
|
||||||
// 非管理员用户 不允许设置流水线有效期
|
|
||||||
delete bean.validTime;
|
delete bean.validTime;
|
||||||
}
|
}
|
||||||
|
|
||||||
const { version } = await this.service.save(bean as any);
|
const { version } = await this.service.save(bean as any);
|
||||||
//是否增加证书监控
|
|
||||||
|
const title = bean.title;
|
||||||
|
this.auditLog({
|
||||||
|
content: isNew ? `创建了流水线「${title}」(ID:${bean.id})` : `修改了流水线「${title}」(ID:${bean.id})`,
|
||||||
|
projectId,
|
||||||
|
});
|
||||||
|
|
||||||
if (bean.addToMonitorEnabled && bean.addToMonitorDomains) {
|
if (bean.addToMonitorEnabled && bean.addToMonitorDomains) {
|
||||||
const sysPublicSettings = await this.sysSettingsService.getPublicSettings();
|
const sysPublicSettings = await this.sysSettingsService.getPublicSettings();
|
||||||
if (isPlus() && sysPublicSettings.certDomainAddToMonitorEnabled) {
|
if (isPlus() && sysPublicSettings.certDomainAddToMonitorEnabled) {
|
||||||
//增加证书监控
|
|
||||||
await this.siteInfoService.doImport({
|
await this.siteInfoService.doImport({
|
||||||
text: bean.addToMonitorDomains,
|
text: bean.addToMonitorDomains,
|
||||||
userId: userId,
|
userId: userId,
|
||||||
@@ -230,6 +240,9 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write", true);
|
await this.checkOwner(this.getService(), id, "write", true);
|
||||||
await this.service.delete(id);
|
await this.service.delete(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `删除了流水线(ID:${id})`,
|
||||||
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -239,6 +252,7 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
await this.service.disabled(bean.id, bean.disabled);
|
await this.service.disabled(bean.id, bean.disabled);
|
||||||
|
this.auditLog({ content: `${bean.disabled ? "禁用" : "启用"}了流水线(ID:${bean.id})` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -253,6 +267,9 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
async trigger(@Query("id") id: number, @Query("stepId") stepId?: string) {
|
async trigger(@Query("id") id: number, @Query("stepId") stepId?: string) {
|
||||||
await this.checkOwner(this.getService(), id, "write", true);
|
await this.checkOwner(this.getService(), id, "write", true);
|
||||||
await this.service.trigger(id, stepId, true);
|
await this.service.trigger(id, stepId, true);
|
||||||
|
this.auditLog({
|
||||||
|
content: `手动执行了流水线(ID:${id})`,
|
||||||
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -260,6 +277,9 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
async cancel(@Query("historyId") historyId: number) {
|
async cancel(@Query("historyId") historyId: number) {
|
||||||
await this.checkOwner(this.historyService, historyId, "write", true);
|
await this.checkOwner(this.historyService, historyId, "write", true);
|
||||||
await this.service.cancel(historyId);
|
await this.service.cancel(historyId);
|
||||||
|
this.auditLog({
|
||||||
|
content: `取消了流水线执行(historyId:${historyId})`,
|
||||||
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -283,86 +303,77 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
|
|
||||||
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除流水线" })
|
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除流水线" })
|
||||||
async batchDelete(@Body("ids") ids: number[]) {
|
async batchDelete(@Body("ids") ids: number[]) {
|
||||||
// let { projectId ,userId} = await this.getProjectUserIdWrite()
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
// if(projectId){
|
return await this.service.batchDelete(ids, userId, projectId);
|
||||||
// await this.service.batchDelete(ids, null,projectId);
|
});
|
||||||
// return this.ok({});
|
this.auditLog({
|
||||||
// }
|
content: `批量删除了${count}条流水线`,
|
||||||
// const isAdmin = await this.authService.isAdmin(this.ctx);
|
|
||||||
// userId = isAdmin ? undefined : userId;
|
|
||||||
// await this.service.batchDelete(ids, userId);
|
|
||||||
// return this.ok({});
|
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
|
||||||
await this.service.batchDelete(ids, userId, projectId);
|
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchUpdateGroup", { description: Constants.per.authOnly, summary: "批量更新流水线分组" })
|
@Post("/batchUpdateGroup", { description: Constants.per.authOnly, summary: "批量更新流水线分组" })
|
||||||
async batchUpdateGroup(@Body("ids") ids: number[], @Body("groupId") groupId: number) {
|
async batchUpdateGroup(@Body("ids") ids: number[], @Body("groupId") groupId: number) {
|
||||||
// let { projectId ,userId} = await this.getProjectUserIdWrite()
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
// if(projectId){
|
return await this.service.batchUpdateGroup(ids, groupId, userId, projectId);
|
||||||
// await this.service.batchUpdateGroup(ids, groupId, null,projectId);
|
});
|
||||||
// return this.ok({});
|
this.auditLog({
|
||||||
// }
|
content: `批量修改了${count}条流水线分组`,
|
||||||
|
|
||||||
// const isAdmin = await this.authService.isAdmin(this.ctx);
|
|
||||||
// userId = isAdmin ? undefined : this.getUserId();
|
|
||||||
// await this.service.batchUpdateGroup(ids, groupId, userId);
|
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
|
||||||
await this.service.batchUpdateGroup(ids, groupId, userId, projectId);
|
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchUpdateTrigger", { description: Constants.per.authOnly, summary: "批量更新流水线触发器" })
|
@Post("/batchUpdateTrigger", { description: Constants.per.authOnly, summary: "批量更新流水线触发器" })
|
||||||
async batchUpdateTrigger(@Body("ids") ids: number[], @Body("trigger") trigger: any) {
|
async batchUpdateTrigger(@Body("ids") ids: number[], @Body("trigger") trigger: any) {
|
||||||
// let { projectId ,userId} = await this.getProjectUserIdWrite()
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
// if(projectId){
|
return await this.service.batchUpdateTrigger(ids, trigger, userId, projectId);
|
||||||
// await this.service.batchUpdateTrigger(ids, trigger, null,projectId);
|
});
|
||||||
// return this.ok({});
|
this.auditLog({
|
||||||
// }
|
content: `批量修改了${count}条流水线触发器`,
|
||||||
|
|
||||||
// const isAdmin = await this.authService.isAdmin(this.ctx);
|
|
||||||
// userId = isAdmin ? undefined : this.getUserId();
|
|
||||||
// await this.service.batchUpdateTrigger(ids, trigger, userId);
|
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
|
||||||
await this.service.batchUpdateTrigger(ids, trigger, userId, projectId);
|
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchUpdateNotification", { description: Constants.per.authOnly, summary: "批量更新流水线通知" })
|
@Post("/batchUpdateNotification", { description: Constants.per.authOnly, summary: "批量更新流水线通知" })
|
||||||
async batchUpdateNotification(@Body("ids") ids: number[], @Body("notification") notification: any) {
|
async batchUpdateNotification(@Body("ids") ids: number[], @Body("notification") notification: any) {
|
||||||
// const isAdmin = await this.authService.isAdmin(this.ctx);
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
// const userId = isAdmin ? undefined : this.getUserId();
|
return await this.service.batchUpdateNotifications(ids, notification, userId, projectId);
|
||||||
// await this.service.batchUpdateNotifications(ids, notification, userId);
|
});
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
this.auditLog({
|
||||||
await this.service.batchUpdateNotifications(ids, notification, userId, projectId);
|
content: `批量修改了${count}条流水线通知`,
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchUpdateCertApplyOptions", { description: Constants.per.authOnly, summary: "批量更新证书申请任务配置" })
|
@Post("/batchUpdateCertApplyOptions", { description: Constants.per.authOnly, summary: "批量更新证书申请任务配置" })
|
||||||
async batchUpdateCertApplyOptions(@Body("ids") ids: number[], @Body("options") options: any) {
|
async batchUpdateCertApplyOptions(@Body("ids") ids: number[], @Body("options") options: any) {
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
await this.service.batchUpdateCertApplyOptions(ids, options, userId, projectId);
|
return await this.service.batchUpdateCertApplyOptions(ids, options, userId, projectId);
|
||||||
|
});
|
||||||
|
this.auditLog({
|
||||||
|
content: `批量修改了${count}条流水线证书申请配置`,
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchRerun", { description: Constants.per.authOnly, summary: "批量重新运行流水线" })
|
@Post("/batchRerun", { description: Constants.per.authOnly, summary: "批量重新运行流水线" })
|
||||||
async batchRerun(@Body("ids") ids: number[], @Body("force") force: boolean) {
|
async batchRerun(@Body("ids") ids: number[], @Body("force") force: boolean) {
|
||||||
await this.checkPermissionCall(async ({ userId, projectId }) => {
|
const count = await this.checkPermissionCall(async ({ userId, projectId }) => {
|
||||||
await this.service.batchRerun(ids, force, userId, projectId);
|
return await this.service.batchRerun(ids, force, userId, projectId);
|
||||||
|
});
|
||||||
|
this.auditLog({
|
||||||
|
content: `批量重新执行了${count}条流水线`,
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchTransfer", { description: Constants.per.authOnly, summary: "批量迁移流水线" })
|
@Post("/batchTransfer", { description: Constants.per.authOnly, summary: "批量迁移流水线" })
|
||||||
async batchTransfer(@Body("ids") ids: number[], @Body("toProjectId") toProjectId: number) {
|
async batchTransfer(@Body("ids") ids: number[], @Body("toProjectId") toProjectId: number) {
|
||||||
await this.checkPermissionCall(async ({}) => {
|
const count = await this.checkPermissionCall(async ({}) => {
|
||||||
await this.service.batchTransfer(ids, toProjectId);
|
return await this.service.batchTransfer(ids, toProjectId);
|
||||||
|
});
|
||||||
|
this.auditLog({
|
||||||
|
content: `批量迁移了${count}条流水线`,
|
||||||
});
|
});
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
@@ -371,6 +382,9 @@ export class PipelineController extends CrudController<PipelineService> {
|
|||||||
async refreshWebhookKey(@Body("id") id: number) {
|
async refreshWebhookKey(@Body("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write", true);
|
await this.checkOwner(this.getService(), id, "write", true);
|
||||||
const res = await this.service.refreshWebhookKey(id);
|
const res = await this.service.refreshWebhookKey(id);
|
||||||
|
this.auditLog({
|
||||||
|
content: `刷新了流水线(ID:${id})的Webhook密钥`,
|
||||||
|
});
|
||||||
return this.ok({
|
return this.ok({
|
||||||
webhookKey: res,
|
webhookKey: res,
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { Constants, CrudController } from "@certd/lib-server";
|
|||||||
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
|
||||||
import { PipelineGroupService } from "../../../modules/pipeline/service/pipeline-group-service.js";
|
import { PipelineGroupService } from "../../../modules/pipeline/service/pipeline-group-service.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 通知
|
* 通知
|
||||||
@@ -20,6 +21,10 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.pipelineGroup;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分组分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线分组分页列表" })
|
||||||
async page(@Body(ALL) body: any) {
|
async page(@Body(ALL) body: any) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -52,7 +57,9 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
|||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
return await super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了流水线分组「${bean.name}」(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新流水线分组" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新流水线分组" })
|
||||||
@@ -60,7 +67,9 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return await super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了流水线分组「${bean.name}」(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询流水线分组详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询流水线分组详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -71,7 +80,9 @@ export class PipelineGroupController extends CrudController<PipelineGroupService
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除流水线分组" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除流水线分组" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return await super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了流水线分组(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有流水线分组" })
|
@Post("/all", { description: Constants.per.authOnly, summary: "查询所有流水线分组" })
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/c
|
|||||||
import { SubDomainService } from "../../../modules/pipeline/service/sub-domain-service.js";
|
import { SubDomainService } from "../../../modules/pipeline/service/sub-domain-service.js";
|
||||||
import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
import { TaskServiceBuilder } from "../../../modules/pipeline/service/getter/task-service-getter.js";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 子域名托管
|
* 子域名托管
|
||||||
@@ -22,6 +23,10 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.subDomain;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/parseDomain", { description: Constants.per.authOnly, summary: "解析域名" })
|
@Post("/parseDomain", { description: Constants.per.authOnly, summary: "解析域名" })
|
||||||
async parseDomain(@Body("fullDomain") fullDomain: string) {
|
async parseDomain(@Body("fullDomain") fullDomain: string) {
|
||||||
const { projectId, userId } = await this.getProjectUserIdRead();
|
const { projectId, userId } = await this.getProjectUserIdRead();
|
||||||
@@ -64,7 +69,9 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
|||||||
const { userId, projectId } = await this.getProjectUserIdRead();
|
const { userId, projectId } = await this.getProjectUserIdRead();
|
||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了子域名(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新子域名" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新子域名" })
|
||||||
@@ -72,7 +79,9 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
|||||||
await this.checkOwner(this.getService(), bean.id, "write");
|
await this.checkOwner(this.getService(), bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了子域名(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询子域名详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询子域名详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -83,7 +92,9 @@ export class SubDomainController extends CrudController<SubDomainService> {
|
|||||||
@Post("/delete", { description: Constants.per.authOnly, summary: "删除子域名" })
|
@Post("/delete", { description: Constants.per.authOnly, summary: "删除子域名" })
|
||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
await this.checkOwner(this.getService(), id, "write");
|
await this.checkOwner(this.getService(), id, "write");
|
||||||
return super.delete(id);
|
const res = await super.delete(id);
|
||||||
|
this.auditLog({ content: `删除了子域名(ID:${id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除子域名" })
|
@Post("/batchDelete", { description: Constants.per.authOnly, summary: "批量删除子域名" })
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ import { Constants, CrudController } from "@certd/lib-server";
|
|||||||
import { TemplateService } from "../../../modules/pipeline/service/template-service.js";
|
import { TemplateService } from "../../../modules/pipeline/service/template-service.js";
|
||||||
import { checkPlus } from "@certd/plus-core";
|
import { checkPlus } from "@certd/plus-core";
|
||||||
import { ApiTags } from "@midwayjs/swagger";
|
import { ApiTags } from "@midwayjs/swagger";
|
||||||
|
import { AuditType } from "../../../modules/sys/enterprise/service/audit-constants.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 流水线模版
|
* 流水线模版
|
||||||
@@ -18,6 +19,10 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
return this.service;
|
return this.service;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return AuditType.template;
|
||||||
|
}
|
||||||
|
|
||||||
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线模版分页列表" })
|
@Post("/page", { description: Constants.per.authOnly, summary: "查询流水线模版分页列表" })
|
||||||
async page(@Body(ALL) body) {
|
async page(@Body(ALL) body) {
|
||||||
body.query = body.query ?? {};
|
body.query = body.query ?? {};
|
||||||
@@ -52,7 +57,9 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
bean.userId = userId;
|
bean.userId = userId;
|
||||||
bean.projectId = projectId;
|
bean.projectId = projectId;
|
||||||
checkPlus();
|
checkPlus();
|
||||||
return super.add(bean);
|
const res = await super.add(bean);
|
||||||
|
this.auditLog({ content: `新增了流水线模版「${bean.name}」(ID:${res.data})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post("/update", { description: Constants.per.authOnly, summary: "更新流水线模版" })
|
@Post("/update", { description: Constants.per.authOnly, summary: "更新流水线模版" })
|
||||||
@@ -60,7 +67,9 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
await this.checkOwner(this.service, bean.id, "write");
|
await this.checkOwner(this.service, bean.id, "write");
|
||||||
delete bean.userId;
|
delete bean.userId;
|
||||||
delete bean.projectId;
|
delete bean.projectId;
|
||||||
return super.update(bean);
|
const res = await super.update(bean);
|
||||||
|
this.auditLog({ content: `修改了流水线模版「${bean.name}」(ID:${bean.id})` });
|
||||||
|
return res;
|
||||||
}
|
}
|
||||||
@Post("/info", { description: Constants.per.authOnly, summary: "查询流水线模版详情" })
|
@Post("/info", { description: Constants.per.authOnly, summary: "查询流水线模版详情" })
|
||||||
async info(@Query("id") id: number) {
|
async info(@Query("id") id: number) {
|
||||||
@@ -72,6 +81,7 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
async delete(@Query("id") id: number) {
|
async delete(@Query("id") id: number) {
|
||||||
const { userId, projectId } = await this.getProjectUserIdWrite();
|
const { userId, projectId } = await this.getProjectUserIdWrite();
|
||||||
await this.service.batchDelete([id], userId, projectId);
|
await this.service.batchDelete([id], userId, projectId);
|
||||||
|
this.auditLog({ content: `删除了流水线模版(ID:${id})` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -79,6 +89,7 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
async batchDelete(@Body("ids") ids: number[]) {
|
async batchDelete(@Body("ids") ids: number[]) {
|
||||||
const { userId, projectId } = await this.getProjectUserIdWrite();
|
const { userId, projectId } = await this.getProjectUserIdWrite();
|
||||||
await this.service.batchDelete(ids, userId, projectId);
|
await this.service.batchDelete(ids, userId, projectId);
|
||||||
|
this.auditLog({ content: `批量删除了${ids.length}条流水线模版` });
|
||||||
return this.ok({});
|
return this.ok({});
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -95,6 +106,7 @@ export class TemplateController extends CrudController<TemplateService> {
|
|||||||
body.projectId = projectId;
|
body.projectId = projectId;
|
||||||
checkPlus();
|
checkPlus();
|
||||||
const res = await this.service.createPipelineByTemplate(body);
|
const res = await this.service.createPipelineByTemplate(body);
|
||||||
|
this.auditLog({ content: `根据模版创建了流水线(ID:${res.id})` });
|
||||||
return this.ok(res);
|
return this.ok(res);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,116 @@
|
|||||||
|
/// <reference types="mocha" />
|
||||||
|
|
||||||
|
import assert from "node:assert/strict";
|
||||||
|
import { Constants } from "@certd/lib-server";
|
||||||
|
import { AuditLogMiddleware } from "./audit-log.js";
|
||||||
|
|
||||||
|
class TestController {
|
||||||
|
import() {}
|
||||||
|
|
||||||
|
noAudit() {}
|
||||||
|
|
||||||
|
getAuditType(): string {
|
||||||
|
return "pipeline";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function createMiddleware() {
|
||||||
|
const middleware = new AuditLogMiddleware();
|
||||||
|
const records: any[] = [];
|
||||||
|
middleware.auditService = {
|
||||||
|
async log(record: any) {
|
||||||
|
records.push(record);
|
||||||
|
},
|
||||||
|
} as any;
|
||||||
|
(middleware as any).isPlusFn = async () => true;
|
||||||
|
return { middleware, records };
|
||||||
|
}
|
||||||
|
|
||||||
|
function createCtx(method = "import") {
|
||||||
|
return {
|
||||||
|
path: "/api/pi/cname/record/import",
|
||||||
|
status: 200,
|
||||||
|
body: Constants.res.success,
|
||||||
|
ip: "127.0.0.1",
|
||||||
|
user: { id: 1, username: "admin" },
|
||||||
|
projectId: 3,
|
||||||
|
request: {
|
||||||
|
query: { id: "5" },
|
||||||
|
body: { name: "test" },
|
||||||
|
},
|
||||||
|
requestContext: {
|
||||||
|
async getAsync() {
|
||||||
|
return new TestController();
|
||||||
|
},
|
||||||
|
},
|
||||||
|
auditRouteInfo: {
|
||||||
|
controllerClz: TestController,
|
||||||
|
method,
|
||||||
|
summary: "导入CNAME记录",
|
||||||
|
},
|
||||||
|
auditLog: {
|
||||||
|
enabled: true,
|
||||||
|
append: ["提交2条"],
|
||||||
|
},
|
||||||
|
} as any;
|
||||||
|
}
|
||||||
|
|
||||||
|
describe("AuditLogMiddleware", () => {
|
||||||
|
it("writes audit log after successful response", async () => {
|
||||||
|
const { middleware, records } = createMiddleware();
|
||||||
|
|
||||||
|
await middleware.resolve()(createCtx(), async () => {});
|
||||||
|
|
||||||
|
assert.equal(records.length, 1);
|
||||||
|
assert.equal(records[0].userId, 1);
|
||||||
|
assert.equal(records[0].type, "pipeline");
|
||||||
|
assert.equal(records[0].action, "导入CNAME记录");
|
||||||
|
assert.equal(records[0].content, "提交2条");
|
||||||
|
assert.equal(records[0].username, "admin");
|
||||||
|
assert.equal(records[0].projectId, 3);
|
||||||
|
assert.equal(records[0].ipAddress, "127.0.0.1");
|
||||||
|
assert.equal(records[0].scope, "user");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("uses bean type and action overrides", async () => {
|
||||||
|
const { middleware, records } = createMiddleware();
|
||||||
|
const ctx = createCtx();
|
||||||
|
ctx.auditLog = { enabled: true, type: "settings", action: "修改设置", append: ["修改了安全设置"] };
|
||||||
|
|
||||||
|
await middleware.resolve()(ctx, async () => {});
|
||||||
|
|
||||||
|
assert.equal(records[0].type, "settings");
|
||||||
|
assert.equal(records[0].action, "修改设置");
|
||||||
|
assert.equal(records[0].content, "修改了安全设置");
|
||||||
|
});
|
||||||
|
|
||||||
|
it("skips when auditLog not enabled", async () => {
|
||||||
|
const { middleware, records } = createMiddleware();
|
||||||
|
const ctx = createCtx("noAudit");
|
||||||
|
ctx.auditLog = {};
|
||||||
|
|
||||||
|
await middleware.resolve()(ctx, async () => {});
|
||||||
|
|
||||||
|
assert.equal(records.length, 0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("skips failed response", async () => {
|
||||||
|
const { middleware, records } = createMiddleware();
|
||||||
|
const ctx = createCtx();
|
||||||
|
ctx.body = Constants.res.error;
|
||||||
|
|
||||||
|
await middleware.resolve()(ctx, async () => {});
|
||||||
|
|
||||||
|
assert.equal(records.length, 0);
|
||||||
|
});
|
||||||
|
|
||||||
|
it("skips anonymous request", async () => {
|
||||||
|
const { middleware, records } = createMiddleware();
|
||||||
|
const ctx = createCtx();
|
||||||
|
ctx.user = undefined;
|
||||||
|
|
||||||
|
await middleware.resolve()(ctx, async () => {});
|
||||||
|
|
||||||
|
assert.equal(records.length, 0);
|
||||||
|
});
|
||||||
|
});
|
||||||
@@ -0,0 +1,100 @@
|
|||||||
|
import { Inject, Provide } from "@midwayjs/core";
|
||||||
|
import { IMidwayKoaContext, IWebMiddleware, NextFunction } from "@midwayjs/koa";
|
||||||
|
import { Constants } from "@certd/lib-server";
|
||||||
|
import { AuditService } from "../modules/sys/enterprise/service/audit-service.js";
|
||||||
|
|
||||||
|
@Provide()
|
||||||
|
export class AuditLogMiddleware implements IWebMiddleware {
|
||||||
|
@Inject()
|
||||||
|
auditService: AuditService;
|
||||||
|
|
||||||
|
private isPlusFn: (() => Promise<boolean>) | null = null;
|
||||||
|
|
||||||
|
private async getIsPlus(): Promise<boolean> {
|
||||||
|
if (!this.isPlusFn) {
|
||||||
|
try {
|
||||||
|
const mod = await import("@certd/plus-core");
|
||||||
|
this.isPlusFn = async () => mod.isPlus();
|
||||||
|
} catch {
|
||||||
|
this.isPlusFn = async () => false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return this.isPlusFn();
|
||||||
|
}
|
||||||
|
|
||||||
|
resolve() {
|
||||||
|
return async (ctx: IMidwayKoaContext, next: NextFunction) => {
|
||||||
|
await next();
|
||||||
|
await this.writeAuditLog(ctx);
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
private async writeAuditLog(ctx: IMidwayKoaContext) {
|
||||||
|
const routeInfo = ctx.auditRouteInfo;
|
||||||
|
if (!routeInfo) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (!ctx.auditLog?.enabled) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const isPlus = await this.getIsPlus();
|
||||||
|
if (!isPlus) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (!this.isSuccessResponse(ctx)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const auditLog = ctx.auditLog;
|
||||||
|
if (!auditLog.enabled) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const type = auditLog.type || (await this.resolveControllerType(routeInfo.controllerClz, ctx as any));
|
||||||
|
const action = auditLog.action || routeInfo.summary || "";
|
||||||
|
const append = auditLog.append;
|
||||||
|
const appendList = Array.isArray(append) ? append : append ? [append] : [];
|
||||||
|
const content = auditLog.content || appendList.filter(item => item && String(item).trim()).join(" ");
|
||||||
|
|
||||||
|
if (!content) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const projectId = auditLog.projectId ?? ctx.projectId ?? 0;
|
||||||
|
const scope = auditLog.scope || (ctx.path.startsWith("/api/sys/") ? "system" : "user");
|
||||||
|
const ipAddress = ctx.ip || "";
|
||||||
|
|
||||||
|
await this.auditService.log({
|
||||||
|
userId: auditLog.userId ?? ctx.user?.id ?? 0,
|
||||||
|
type: type || "unknown",
|
||||||
|
action,
|
||||||
|
content,
|
||||||
|
username: auditLog.username || ctx.user?.username,
|
||||||
|
projectId,
|
||||||
|
ipAddress,
|
||||||
|
scope,
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
private async resolveControllerType(controllerClz: any, ctx: any): Promise<string | undefined> {
|
||||||
|
if (!controllerClz || !ctx.requestContext) {
|
||||||
|
return undefined;
|
||||||
|
}
|
||||||
|
try {
|
||||||
|
const controller = await ctx.requestContext.getAsync(controllerClz);
|
||||||
|
return controller?.getAuditType?.();
|
||||||
|
} catch {
|
||||||
|
return undefined;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private isSuccessResponse(ctx: IMidwayKoaContext) {
|
||||||
|
if (ctx.status >= 400) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
const body = ctx.body as any;
|
||||||
|
if (body?.code == null) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return body.code === Constants.res.success.code;
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -11,7 +11,7 @@ function createMiddleware(permission: string) {
|
|||||||
middleware.secret = "test-secret";
|
middleware.secret = "test-secret";
|
||||||
middleware.webRouterService = {
|
middleware.webRouterService = {
|
||||||
async getMatchedRouterInfo() {
|
async getMatchedRouterInfo() {
|
||||||
return { description: permission };
|
return { description: permission, summary: "测试路由" };
|
||||||
},
|
},
|
||||||
} as any;
|
} as any;
|
||||||
return middleware;
|
return middleware;
|
||||||
@@ -41,6 +41,7 @@ describe("AuthorityMiddleware guestOptionalAuth", () => {
|
|||||||
|
|
||||||
assert.equal(called, true);
|
assert.equal(called, true);
|
||||||
assert.equal(ctx.user, undefined);
|
assert.equal(ctx.user, undefined);
|
||||||
|
assert.equal(ctx.auditRouteInfo.summary, "测试路由");
|
||||||
});
|
});
|
||||||
|
|
||||||
it("sets user when token is provided", async () => {
|
it("sets user when token is provided", async () => {
|
||||||
|
|||||||
@@ -40,6 +40,8 @@ export class AuthorityMiddleware implements IWebMiddleware {
|
|||||||
await next();
|
await next();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
ctx.auditRouteInfo = routeInfo;
|
||||||
|
this.extractProjectId(ctx);
|
||||||
let permission = routeInfo.description || "";
|
let permission = routeInfo.description || "";
|
||||||
permission = permission.trim().split(" ")[0];
|
permission = permission.trim().split(" ")[0];
|
||||||
if (permission == null || permission === "") {
|
if (permission == null || permission === "") {
|
||||||
@@ -109,6 +111,16 @@ export class AuthorityMiddleware implements IWebMiddleware {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private extractProjectId(ctx: IMidwayKoaContext) {
|
||||||
|
const headerVal = ctx.headers["project-id"] as string;
|
||||||
|
const queryVal = (ctx.request as any)?.query?.projectId;
|
||||||
|
const bodyVal = (ctx.request as any)?.body?.projectId;
|
||||||
|
const raw = headerVal || queryVal || bodyVal;
|
||||||
|
if (raw != null && raw !== "") {
|
||||||
|
ctx.projectId = parseInt(String(raw), 10) || 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private getTokenFromRequest(ctx: IMidwayKoaContext) {
|
private getTokenFromRequest(ctx: IMidwayKoaContext) {
|
||||||
let token = ctx.get("Authorization") || "";
|
let token = ctx.get("Authorization") || "";
|
||||||
token = token.replace("Bearer ", "").trim();
|
token = token.replace("Bearer ", "").trim();
|
||||||
|
|||||||
@@ -12,6 +12,7 @@ import { SiteInfoService } from "../monitor/index.js";
|
|||||||
import { NotificationService } from "../pipeline/service/notification-service.js";
|
import { NotificationService } from "../pipeline/service/notification-service.js";
|
||||||
import { PipelineService } from "../pipeline/service/pipeline-service.js";
|
import { PipelineService } from "../pipeline/service/pipeline-service.js";
|
||||||
import { UserService } from "../sys/authority/service/user-service.js";
|
import { UserService } from "../sys/authority/service/user-service.js";
|
||||||
|
import { AuditService } from "../sys/enterprise/service/audit-service.js";
|
||||||
import { ProjectService } from "../sys/enterprise/service/project-service.js";
|
import { ProjectService } from "../sys/enterprise/service/project-service.js";
|
||||||
|
|
||||||
@Provide()
|
@Provide()
|
||||||
@@ -50,16 +51,14 @@ export class AutoCron {
|
|||||||
domainService: DomainService;
|
domainService: DomainService;
|
||||||
@Inject()
|
@Inject()
|
||||||
projectService: ProjectService;
|
projectService: ProjectService;
|
||||||
|
@Inject()
|
||||||
|
auditService: AuditService;
|
||||||
|
|
||||||
async init() {
|
async init() {
|
||||||
logger.info("加载定时trigger开始");
|
logger.info("加载定时trigger开始");
|
||||||
await this.pipelineService.onStartup(this.immediateTriggerOnce, this.onlyAdminUser);
|
await this.pipelineService.onStartup(this.immediateTriggerOnce, this.onlyAdminUser);
|
||||||
logger.info("加载定时trigger完成");
|
logger.info("加载定时trigger完成");
|
||||||
//
|
|
||||||
// const meta = getClassMetadata(CLASS_KEY, this.echoPlugin);
|
|
||||||
// console.log('meta', meta);
|
|
||||||
// const metas = listPropertyDataFromClass(CLASS_KEY, this.echoPlugin);
|
|
||||||
// console.log('metas', metas);
|
|
||||||
await this.registerSiteMonitorCron();
|
await this.registerSiteMonitorCron();
|
||||||
|
|
||||||
await this.registerPlusExpireCheckCron();
|
await this.registerPlusExpireCheckCron();
|
||||||
@@ -67,6 +66,8 @@ export class AutoCron {
|
|||||||
await this.registerUserExpireCheckCron();
|
await this.registerUserExpireCheckCron();
|
||||||
|
|
||||||
await this.registerDomainExpireCheckCron();
|
await this.registerDomainExpireCheckCron();
|
||||||
|
|
||||||
|
// await this.registerAuditCleanCron();
|
||||||
}
|
}
|
||||||
|
|
||||||
async registerSiteMonitorCron() {
|
async registerSiteMonitorCron() {
|
||||||
@@ -238,4 +239,10 @@ export class AutoCron {
|
|||||||
},
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async registerAuditCleanCron() {
|
||||||
|
logger.info("注册审计日志清理定时任务");
|
||||||
|
this.auditService.registerCleanCron();
|
||||||
|
logger.info("注册审计日志清理定时任务完成");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -503,6 +503,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
|
|||||||
},
|
},
|
||||||
})
|
})
|
||||||
);
|
);
|
||||||
|
return { count: domains.length };
|
||||||
}
|
}
|
||||||
|
|
||||||
async _import(req: { userId: number; projectId: number; domains: string[]; cnameProviderId: any }, task: BackTask) {
|
async _import(req: { userId: number; projectId: number; domains: string[]; cnameProviderId: any }, task: BackTask) {
|
||||||
|
|||||||
@@ -64,7 +64,7 @@ export class LoginService {
|
|||||||
cache.delete(`login_block_duration:${username}`);
|
cache.delete(`login_block_duration:${username}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
addErrorTimes(username: string, errorMessage: string) {
|
addErrorTimes(username: string, errorMessage: string, userId?: number) {
|
||||||
const errorTimesKey = `login_error_times:${username}`;
|
const errorTimesKey = `login_error_times:${username}`;
|
||||||
const blockTimesKey = `login_block_times:${username}`;
|
const blockTimesKey = `login_block_times:${username}`;
|
||||||
const blockDurationKey = `login_block_duration:${username}`;
|
const blockDurationKey = `login_block_duration:${username}`;
|
||||||
@@ -100,13 +100,13 @@ export class LoginService {
|
|||||||
});
|
});
|
||||||
// 清除error次数
|
// 清除error次数
|
||||||
cache.delete(errorTimesKey);
|
cache.delete(errorTimesKey);
|
||||||
throw new LoginErrorException(`登录失败次数过多,请${leftMin}分钟后重试`, 0);
|
throw new LoginErrorException(`登录失败次数过多,请${leftMin}分钟后重试`, 0, userId);
|
||||||
}
|
}
|
||||||
const leftTimes = maxRetryTimes - errorTimes;
|
const leftTimes = maxRetryTimes - errorTimes;
|
||||||
if (leftTimes < 3) {
|
if (leftTimes < 3) {
|
||||||
throw new LoginErrorException(`登录失败(${errorMessage}),剩余尝试次数:${leftTimes}`, leftTimes);
|
throw new LoginErrorException(`登录失败(${errorMessage}),剩余尝试次数:${leftTimes}`, leftTimes, userId);
|
||||||
}
|
}
|
||||||
throw new LoginErrorException(errorMessage, leftTimes);
|
throw new LoginErrorException(errorMessage, leftTimes, userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
async register(type: string, user: UserEntity, inviteCode?: string, withTx?: (tx: EntityManager) => Promise<void>) {
|
async register(type: string, user: UserEntity, inviteCode?: string, withTx?: (tx: EntityManager) => Promise<void>) {
|
||||||
@@ -166,7 +166,7 @@ export class LoginService {
|
|||||||
}
|
}
|
||||||
const right = await this.userService.checkPassword(password, info.password, info.passwordVersion);
|
const right = await this.userService.checkPassword(password, info.password, info.passwordVersion);
|
||||||
if (!right) {
|
if (!right) {
|
||||||
this.addErrorTimes(username, "用户名或密码错误");
|
this.addErrorTimes(username, "用户名或密码错误", info.id);
|
||||||
}
|
}
|
||||||
this.clearCacheOnSuccess(username);
|
this.clearCacheOnSuccess(username);
|
||||||
return this.onLoginSuccess(info);
|
return this.onLoginSuccess(info);
|
||||||
@@ -251,6 +251,7 @@ export class LoginService {
|
|||||||
return {
|
return {
|
||||||
token,
|
token,
|
||||||
expire,
|
expire,
|
||||||
|
userId: user.id,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -805,11 +805,12 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<void> {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
const userProjectQuery = this.buildUserProjectQuery(userId, projectId);
|
||||||
await this.repository.delete({
|
const result = await this.repository.delete({
|
||||||
id: In(ids),
|
id: In(ids),
|
||||||
...userProjectQuery,
|
...userProjectQuery,
|
||||||
});
|
});
|
||||||
|
return result.affected || 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -962,7 +962,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId?: number, projectId?: number) {
|
async batchDelete(ids: number[], userId?: number, projectId?: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -975,9 +975,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
}
|
}
|
||||||
await this.delete(id);
|
await this.delete(id);
|
||||||
}
|
}
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchUpdateGroup(ids: number[], groupId: number, userId: any, projectId?: number) {
|
async batchUpdateGroup(ids: number[], groupId: number, userId: any, projectId?: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -988,19 +989,20 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
if (projectId) {
|
if (projectId) {
|
||||||
query.projectId = projectId;
|
query.projectId = projectId;
|
||||||
}
|
}
|
||||||
await this.repository.update(
|
const result = await this.repository.update(
|
||||||
{
|
{
|
||||||
id: In(ids),
|
id: In(ids),
|
||||||
...query,
|
...query,
|
||||||
},
|
},
|
||||||
{ groupId }
|
{ groupId }
|
||||||
);
|
);
|
||||||
|
return result.affected || 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 批量转移到其他项目
|
* 批量转移到其他项目
|
||||||
*/
|
*/
|
||||||
async batchTransfer(ids: number[], projectId: number) {
|
async batchTransfer(ids: number[], projectId: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -1082,9 +1084,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
await this.repository.save(entity);
|
await this.repository.save(entity);
|
||||||
await this.save(entity);
|
await this.save(entity);
|
||||||
}
|
}
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchUpdateTrigger(ids: number[], trigger: any, userId: any, projectId?: number) {
|
async batchUpdateTrigger(ids: number[], trigger: any, userId: any, projectId?: number): Promise<any> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -1137,9 +1140,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
}
|
}
|
||||||
await this.doUpdatePipelineJson(item, pipeline);
|
await this.doUpdatePipelineJson(item, pipeline);
|
||||||
}
|
}
|
||||||
|
return list.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchUpdateNotifications(ids: number[], notification: Notification, userId: any, projectId?: number) {
|
async batchUpdateNotifications(ids: number[], notification: Notification, userId: any, projectId?: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -1178,9 +1182,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
];
|
];
|
||||||
await this.doUpdatePipelineJson(item, pipeline);
|
await this.doUpdatePipelineJson(item, pipeline);
|
||||||
}
|
}
|
||||||
|
return list.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchUpdateCertApplyOptions(ids: number[], options: CertApplyStepInputPatch, userId: any, projectId?: number) {
|
async batchUpdateCertApplyOptions(ids: number[], options: CertApplyStepInputPatch, userId: any, projectId?: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -1209,9 +1214,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
}
|
}
|
||||||
await this.doUpdatePipelineJson(item, pipeline);
|
await this.doUpdatePipelineJson(item, pipeline);
|
||||||
}
|
}
|
||||||
|
return list.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchRerun(ids: number[], force: boolean, userId: any, projectId?: number) {
|
async batchRerun(ids: number[], force: boolean, userId: any, projectId?: number): Promise<number> {
|
||||||
if (!isPlus()) {
|
if (!isPlus()) {
|
||||||
throw new NeedVIPException("此功能需要升级Certd专业版");
|
throw new NeedVIPException("此功能需要升级Certd专业版");
|
||||||
}
|
}
|
||||||
@@ -1237,6 +1243,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
|
|||||||
|
|
||||||
//异步执行
|
//异步执行
|
||||||
this.startBatchRerun(userId, ids, force);
|
this.startBatchRerun(userId, ids, force);
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
startBatchRerun(userId: number, ids: number[], force: boolean) {
|
startBatchRerun(userId: number, ids: number[], force: boolean) {
|
||||||
|
|||||||
@@ -87,7 +87,7 @@ export class TemplateService extends BaseService<TemplateEntity> {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
async batchDelete(ids: number[], userId: number, projectId?: number) {
|
async batchDelete(ids: number[], userId: number, projectId?: number): Promise<number> {
|
||||||
const where: any = {
|
const where: any = {
|
||||||
id: In(ids),
|
id: In(ids),
|
||||||
};
|
};
|
||||||
@@ -102,6 +102,7 @@ export class TemplateService extends BaseService<TemplateEntity> {
|
|||||||
const pipelineIds = list.map(item => item.pipelineId);
|
const pipelineIds = list.map(item => item.pipelineId);
|
||||||
await this.delete(ids);
|
await this.delete(ids);
|
||||||
await this.pipelineService.batchDelete(pipelineIds, userId, projectId);
|
await this.pipelineService.batchDelete(pipelineIds, userId, projectId);
|
||||||
|
return ids.length;
|
||||||
}
|
}
|
||||||
|
|
||||||
async createPipelineByTemplate(body: PipelineEntity) {
|
async createPipelineByTemplate(body: PipelineEntity) {
|
||||||
|
|||||||
@@ -272,7 +272,7 @@ export class UserService extends BaseService<UserEntity> {
|
|||||||
// return;
|
// return;
|
||||||
}
|
}
|
||||||
await this.resetPassword(user.id, data.password);
|
await this.resetPassword(user.id, data.password);
|
||||||
return user.username;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
async getByUsername(username: any) {
|
async getByUsername(username: any) {
|
||||||
|
|||||||
@@ -10,8 +10,11 @@ export class AuditLogEntity {
|
|||||||
@Column({ name: "user_id", comment: "UserId" })
|
@Column({ name: "user_id", comment: "UserId" })
|
||||||
userId: number;
|
userId: number;
|
||||||
|
|
||||||
@Column({ name: "user_name", comment: "用户名" })
|
@Column({ name: "scope", comment: "system/user" })
|
||||||
userName: string;
|
scope: string;
|
||||||
|
|
||||||
|
@Column({ name: "username", comment: "用户名" })
|
||||||
|
username: string;
|
||||||
|
|
||||||
@Column({ name: "project_id", comment: "ProjectId" })
|
@Column({ name: "project_id", comment: "ProjectId" })
|
||||||
projectId: number;
|
projectId: number;
|
||||||
|
|||||||
@@ -0,0 +1,165 @@
|
|||||||
|
export const AuditType = {
|
||||||
|
pipeline: "pipeline",
|
||||||
|
access: "access",
|
||||||
|
monitor: "monitor",
|
||||||
|
notification: "notification",
|
||||||
|
openKey: "openKey",
|
||||||
|
cname: "cname",
|
||||||
|
user: "user",
|
||||||
|
role: "role",
|
||||||
|
permission: "permission",
|
||||||
|
project: "project",
|
||||||
|
settings: "settings",
|
||||||
|
domain: "domain",
|
||||||
|
dnsPersist: "dnsPersist",
|
||||||
|
certTemplate: "certTemplate",
|
||||||
|
pipelineGroup: "pipelineGroup",
|
||||||
|
subDomain: "subDomain",
|
||||||
|
template: "template",
|
||||||
|
mine: "mine",
|
||||||
|
login: "login",
|
||||||
|
addon: "addon",
|
||||||
|
enterprise: "enterprise",
|
||||||
|
plugin: "plugin",
|
||||||
|
siteIp: "siteIp",
|
||||||
|
jobHistory: "jobHistory",
|
||||||
|
account: "account",
|
||||||
|
plus: "plus",
|
||||||
|
} as const;
|
||||||
|
|
||||||
|
export const AuditTypeMap = {
|
||||||
|
pipeline: "流水线",
|
||||||
|
access: "授权管理",
|
||||||
|
monitor: "站点监控",
|
||||||
|
notification: "通知设置",
|
||||||
|
openKey: "API密钥",
|
||||||
|
cname: "CNAME记录",
|
||||||
|
user: "用户管理",
|
||||||
|
role: "角色管理",
|
||||||
|
permission: "权限管理",
|
||||||
|
project: "项目管理",
|
||||||
|
settings: "系统设置",
|
||||||
|
domain: "域名管理",
|
||||||
|
dnsPersist: "持久验证记录",
|
||||||
|
certTemplate: "证书参数模版",
|
||||||
|
pipelineGroup: "流水线分组",
|
||||||
|
subDomain: "子域名托管",
|
||||||
|
template: "流水线模版",
|
||||||
|
mine: "个人设置",
|
||||||
|
login: "登录日志",
|
||||||
|
addon: "扩展插件",
|
||||||
|
enterprise: "企业管理",
|
||||||
|
plugin: "插件管理",
|
||||||
|
siteIp: "站点IP",
|
||||||
|
jobHistory: "监控历史",
|
||||||
|
account: "账号管理",
|
||||||
|
plus: "Plus许可",
|
||||||
|
} as const;
|
||||||
|
|
||||||
|
export const AuditAction = {
|
||||||
|
add: "add",
|
||||||
|
update: "update",
|
||||||
|
delete: "delete",
|
||||||
|
execute: "execute",
|
||||||
|
cancel: "cancel",
|
||||||
|
batchDelete: "batchDelete",
|
||||||
|
batchUpdate: "batchUpdate",
|
||||||
|
disable: "disable",
|
||||||
|
import: "import",
|
||||||
|
bind: "bind",
|
||||||
|
unbind: "unbind",
|
||||||
|
register: "register",
|
||||||
|
login: "login",
|
||||||
|
resetStatus: "resetStatus",
|
||||||
|
setDefault: "setDefault",
|
||||||
|
save: "save",
|
||||||
|
trigger: "trigger",
|
||||||
|
active: "active",
|
||||||
|
} as const;
|
||||||
|
|
||||||
|
export const AuditActionMap = {
|
||||||
|
add: "新增",
|
||||||
|
update: "修改",
|
||||||
|
delete: "删除",
|
||||||
|
execute: "执行",
|
||||||
|
cancel: "取消",
|
||||||
|
batchDelete: "批量删除",
|
||||||
|
batchUpdate: "批量修改",
|
||||||
|
disable: "禁用",
|
||||||
|
import: "导入",
|
||||||
|
bind: "绑定",
|
||||||
|
unbind: "解绑",
|
||||||
|
register: "注册",
|
||||||
|
login: "登录",
|
||||||
|
resetStatus: "重置状态",
|
||||||
|
setDefault: "设置默认",
|
||||||
|
save: "保存",
|
||||||
|
trigger: "触发",
|
||||||
|
active: "激活",
|
||||||
|
} as const;
|
||||||
|
|
||||||
|
export const AuditTypeColorMap: Record<string, string> = {
|
||||||
|
pipeline: "blue",
|
||||||
|
access: "orange",
|
||||||
|
monitor: "green",
|
||||||
|
notification: "purple",
|
||||||
|
openKey: "red",
|
||||||
|
cname: "cyan",
|
||||||
|
user: "cyan",
|
||||||
|
role: "geekblue",
|
||||||
|
permission: "lime",
|
||||||
|
project: "gold",
|
||||||
|
settings: "magenta",
|
||||||
|
domain: "blue",
|
||||||
|
dnsPersist: "purple",
|
||||||
|
certTemplate: "orange",
|
||||||
|
pipelineGroup: "cyan",
|
||||||
|
subDomain: "geekblue",
|
||||||
|
template: "blue",
|
||||||
|
mine: "default",
|
||||||
|
login: "red",
|
||||||
|
addon: "orange",
|
||||||
|
enterprise: "gold",
|
||||||
|
plugin: "magenta",
|
||||||
|
siteIp: "green",
|
||||||
|
jobHistory: "default",
|
||||||
|
account: "geekblue",
|
||||||
|
plus: "volcano",
|
||||||
|
};
|
||||||
|
|
||||||
|
export const AuditActionColorMap: Record<string, string> = {
|
||||||
|
add: "green",
|
||||||
|
update: "blue",
|
||||||
|
delete: "red",
|
||||||
|
execute: "orange",
|
||||||
|
cancel: "default",
|
||||||
|
batchDelete: "volcano",
|
||||||
|
batchUpdate: "purple",
|
||||||
|
disable: "default",
|
||||||
|
import: "cyan",
|
||||||
|
bind: "green",
|
||||||
|
unbind: "red",
|
||||||
|
register: "green",
|
||||||
|
login: "blue",
|
||||||
|
resetStatus: "orange",
|
||||||
|
setDefault: "cyan",
|
||||||
|
save: "purple",
|
||||||
|
trigger: "orange",
|
||||||
|
active: "green",
|
||||||
|
};
|
||||||
|
|
||||||
|
export function buildAuditTypeDict() {
|
||||||
|
return Object.entries(AuditTypeMap).map(([value, label]) => ({
|
||||||
|
value,
|
||||||
|
label,
|
||||||
|
color: AuditTypeColorMap[value],
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
|
export function buildAuditActionDict() {
|
||||||
|
return Object.entries(AuditActionMap).map(([value, label]) => ({
|
||||||
|
value,
|
||||||
|
label,
|
||||||
|
color: AuditActionColorMap[value],
|
||||||
|
}));
|
||||||
|
}
|
||||||
@@ -0,0 +1,82 @@
|
|||||||
|
import { BaseService } from "@certd/lib-server";
|
||||||
|
import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
|
||||||
|
import { InjectEntityModel } from "@midwayjs/typeorm";
|
||||||
|
import { LessThan, Repository } from "typeorm";
|
||||||
|
import { AuditLogEntity } from "../entity/audit-log.js";
|
||||||
|
import { logger } from "@certd/basic";
|
||||||
|
import { Cron } from "../../../cron/cron.js";
|
||||||
|
|
||||||
|
@Provide()
|
||||||
|
@Scope(ScopeEnum.Request, { allowDowngrade: true })
|
||||||
|
export class AuditService extends BaseService<AuditLogEntity> {
|
||||||
|
@InjectEntityModel(AuditLogEntity)
|
||||||
|
repository: Repository<AuditLogEntity>;
|
||||||
|
|
||||||
|
@Inject()
|
||||||
|
cron: Cron;
|
||||||
|
|
||||||
|
getRepository() {
|
||||||
|
return this.repository;
|
||||||
|
}
|
||||||
|
|
||||||
|
async page(pageReq: any) {
|
||||||
|
if (pageReq.query?.createTime) {
|
||||||
|
const start = pageReq.query.createTime[0];
|
||||||
|
const end = pageReq.query.createTime[1];
|
||||||
|
delete pageReq.query.createTime;
|
||||||
|
pageReq.buildQuery = (qb: any) => {
|
||||||
|
qb.andWhere("main.createTime BETWEEN :start AND :end", { start, end });
|
||||||
|
};
|
||||||
|
}
|
||||||
|
return await super.page(pageReq);
|
||||||
|
}
|
||||||
|
|
||||||
|
async log(params: { userId: number; type: string; action: string; content: string; username?: string; projectId?: number; ipAddress?: string; scope?: string }): Promise<void> {
|
||||||
|
try {
|
||||||
|
let { username } = params;
|
||||||
|
if (!username && params.userId != null) {
|
||||||
|
const userRepo = this.repository.manager.connection.getRepository("sys_user" as any);
|
||||||
|
const user = await userRepo.findOne({ where: { id: params.userId } });
|
||||||
|
username = user?.username || "";
|
||||||
|
}
|
||||||
|
|
||||||
|
const entity = new AuditLogEntity();
|
||||||
|
entity.userId = params.userId;
|
||||||
|
entity.username = username || "";
|
||||||
|
entity.type = params.type;
|
||||||
|
entity.action = params.action;
|
||||||
|
entity.content = params.content;
|
||||||
|
entity.projectId = params.projectId || 0;
|
||||||
|
entity.projectName = "";
|
||||||
|
entity.ipAddress = params.ipAddress || "";
|
||||||
|
entity.scope = params.scope || "user";
|
||||||
|
await this.repository.save(entity);
|
||||||
|
} catch (e) {
|
||||||
|
logger.error("写入审计日志失败:", e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
async cleanExpired(retentionDays: number): Promise<number> {
|
||||||
|
const cutoff = new Date();
|
||||||
|
cutoff.setDate(cutoff.getDate() - retentionDays);
|
||||||
|
|
||||||
|
const result = await this.repository.delete({
|
||||||
|
createTime: LessThan(cutoff),
|
||||||
|
} as any);
|
||||||
|
const deletedCount = result.affected || 0;
|
||||||
|
if (deletedCount > 0) {
|
||||||
|
logger.info(`审计日志清理完成,删除 ${deletedCount} 条超过 ${retentionDays} 天的记录`);
|
||||||
|
}
|
||||||
|
return deletedCount;
|
||||||
|
}
|
||||||
|
|
||||||
|
registerCleanCron() {
|
||||||
|
this.cron.register({
|
||||||
|
name: "audit.cleanExpired",
|
||||||
|
cron: "0 3 * * *",
|
||||||
|
job: async () => {
|
||||||
|
await this.cleanExpired(90);
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -114,7 +114,7 @@ export class AsiaIspClient {
|
|||||||
|
|
||||||
if (response.code !== "0") {
|
if (response.code !== "0") {
|
||||||
this.logger.error(`接口请求失败: code=${response.code}, msg=${response.msg}`);
|
this.logger.error(`接口请求失败: code=${response.code}, msg=${response.msg}`);
|
||||||
const e= new Error(response.msg || "接口请求失败");
|
const e = new Error(response.msg || "接口请求失败");
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
e.errorCode = response.code;
|
e.errorCode = response.code;
|
||||||
throw e;
|
throw e;
|
||||||
@@ -122,9 +122,9 @@ export class AsiaIspClient {
|
|||||||
|
|
||||||
return response;
|
return response;
|
||||||
} catch (error: any) {
|
} catch (error: any) {
|
||||||
const response = error.response
|
const response = error.response;
|
||||||
if (response && response.data) {
|
if (response && response.data) {
|
||||||
const e = new Error(response.data.msg || error.message || "接口请求失败");
|
const e = new Error(response.data.msg || error.message || "接口请求失败");
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
e.errorCode = response.data.code;
|
e.errorCode = response.data.code;
|
||||||
throw e;
|
throw e;
|
||||||
@@ -245,7 +245,7 @@ export class AsiaIspClient {
|
|||||||
this.logger.info(`域名 ${req.domain} 已绑定该证书 ${req.certId},无需重复绑定`);
|
this.logger.info(`域名 ${req.domain} 已绑定该证书 ${req.certId},无需重复绑定`);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
throw e
|
throw e;
|
||||||
}
|
}
|
||||||
this.logger.info(`部署证书到域名成功: ${req.domain}, certId=${req.certId}`);
|
this.logger.info(`部署证书到域名成功: ${req.domain}, certId=${req.certId}`);
|
||||||
}
|
}
|
||||||
|
|||||||
+41
-48
@@ -78,6 +78,7 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
options: [
|
options: [
|
||||||
{ value: "play", label: "点播加速域名" },
|
{ value: "play", label: "点播加速域名" },
|
||||||
{ value: "image", label: "封面加速域名" },
|
{ value: "image", label: "封面加速域名" },
|
||||||
|
{ value: "third", label: "自定义源站" },
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
value: "play",
|
value: "play",
|
||||||
@@ -85,29 +86,12 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
})
|
})
|
||||||
domainType!: string;
|
domainType!: string;
|
||||||
|
|
||||||
@TaskInput({
|
|
||||||
title: "源站类型",
|
|
||||||
helper: "选择源站类型",
|
|
||||||
value: 1,
|
|
||||||
component: {
|
|
||||||
name: "a-select",
|
|
||||||
vModel: "value",
|
|
||||||
options: [
|
|
||||||
{ value: 1, label: "点播源站" },
|
|
||||||
{ value: 2, label: "自定义源站" },
|
|
||||||
],
|
|
||||||
helper: "注意:封面加速域名不支持自定义源站",
|
|
||||||
},
|
|
||||||
required: false,
|
|
||||||
})
|
|
||||||
sourceStationType!: number | undefined;
|
|
||||||
|
|
||||||
@TaskInput(
|
@TaskInput(
|
||||||
createRemoteSelectInputDefine({
|
createRemoteSelectInputDefine({
|
||||||
title: "域名",
|
title: "域名",
|
||||||
helper: "选择要部署证书的域名\n需要先在域名管理页面进行证书中心访问授权(即点击去配置SSL证书)",
|
helper: "选择要部署证书的域名\n需要先在域名管理页面进行证书中心访问授权(即点击去配置SSL证书)",
|
||||||
action: VolcengineDeployToVOD.prototype.onGetDomainList.name,
|
action: VolcengineDeployToVOD.prototype.onGetDomainList.name,
|
||||||
watches: ["certDomains", "accessId", "spaceName", "domainType", "sourceStationType"],
|
watches: ["certDomains", "accessId", "spaceName", "domainType"],
|
||||||
required: true,
|
required: true,
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
@@ -124,19 +108,25 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
|
|
||||||
const access = await this.getAccess<VolcengineAccess>(this.accessId);
|
const access = await this.getAccess<VolcengineAccess>(this.accessId);
|
||||||
const certId = await this.uploadOrGetCertId(access);
|
const certId = await this.uploadOrGetCertId(access);
|
||||||
|
await this.ctx.utils.sleep(3000);
|
||||||
|
const domainTypeMapping: Record<string, string> = {
|
||||||
|
play: "vod_play",
|
||||||
|
image: "vod_image",
|
||||||
|
};
|
||||||
|
const apiDomainType = domainTypeMapping[this.domainType] || this.domainType;
|
||||||
|
|
||||||
const service = await this.getVodService({ version: "2023-07-01", region: this.regionId });
|
const service = await this.getVodService({ version: "2026-01-01", region: this.regionId });
|
||||||
const domains = Array.isArray(this.domainList) ? this.domainList : [this.domainList];
|
const domains = Array.isArray(this.domainList) ? this.domainList : [this.domainList];
|
||||||
for (const domain of domains) {
|
for (const domain of domains) {
|
||||||
this.logger.info(`开始部署域名${domain}证书`);
|
this.logger.info(`开始部署域名${domain}证书`);
|
||||||
await service.request({
|
await service.request({
|
||||||
action: "UpdateDomainConfig",
|
action: "UpdateVodDomainConfig",
|
||||||
method: "POST",
|
method: "POST",
|
||||||
body: {
|
body: {
|
||||||
SpaceName: this.spaceName,
|
SpaceName: this.spaceName,
|
||||||
DomainType: this.domainType,
|
DomainType: apiDomainType,
|
||||||
Domain: domain,
|
UpdateCdnConfigParam: {
|
||||||
Config: {
|
Domain: domain,
|
||||||
HTTPS: {
|
HTTPS: {
|
||||||
Switch: true,
|
Switch: true,
|
||||||
CertInfo: {
|
CertInfo: {
|
||||||
@@ -221,38 +211,41 @@ export class VolcengineDeployToVOD extends AbstractTaskPlugin {
|
|||||||
if (!this.spaceName) {
|
if (!this.spaceName) {
|
||||||
throw new Error("请先选择空间名称");
|
throw new Error("请先选择空间名称");
|
||||||
}
|
}
|
||||||
const service = await this.getVodService({ version: "2023-01-01", region: this.regionId });
|
const service = await this.getVodService({ version: "2026-01-01", region: this.regionId });
|
||||||
|
|
||||||
const query: Record<string, any> = {
|
const domainTypeMapping: Record<string, string> = {
|
||||||
SpaceName: this.spaceName,
|
play: "vod_play",
|
||||||
DomainType: this.domainType,
|
image: "vod_image",
|
||||||
};
|
};
|
||||||
if (this.sourceStationType !== undefined) {
|
const apiDomainType = domainTypeMapping[this.domainType] || this.domainType;
|
||||||
query.SourceStationType = this.sourceStationType;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
const body: Record<string, any> = {
|
||||||
|
SpaceName: this.spaceName,
|
||||||
|
ListCdnDomainsParam: {
|
||||||
|
PageNum: 1,
|
||||||
|
PageSize: 100,
|
||||||
|
},
|
||||||
|
};
|
||||||
|
if (apiDomainType) {
|
||||||
|
body.DomainType = apiDomainType;
|
||||||
|
}
|
||||||
const res = await service.request({
|
const res = await service.request({
|
||||||
action: "ListDomain",
|
action: "ListVodDomains",
|
||||||
query,
|
method: "POST",
|
||||||
|
body,
|
||||||
});
|
});
|
||||||
|
|
||||||
const instances = res.Result?.PlayInstanceInfo?.ByteInstances;
|
const domains = res.Result?.VodInfo?.Domains;
|
||||||
if (!instances || instances.length === 0) {
|
if (!domains || domains.length === 0) {
|
||||||
throw new Error("找不到域名,您也可以手动输入域名");
|
return [];
|
||||||
}
|
|
||||||
const list = [];
|
|
||||||
for (const item of instances) {
|
|
||||||
if (item.Domains && item.Domains.length > 0) {
|
|
||||||
for (const domain of item.Domains) {
|
|
||||||
if (domain.Domain) {
|
|
||||||
list.push({
|
|
||||||
value: domain.Domain,
|
|
||||||
label: domain.Domain,
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
const list = domains.map((item: any) => {
|
||||||
|
return {
|
||||||
|
value: item.Domain,
|
||||||
|
label: item.Domain,
|
||||||
|
domain: item.Domain,
|
||||||
|
};
|
||||||
|
});
|
||||||
return this.ctx.utils.options.buildGroupOptions(list, this.certDomains);
|
return this.ctx.utils.options.buildGroupOptions(list, this.certDomains);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+9
@@ -0,0 +1,9 @@
|
|||||||
|
import { AuditLogContext } from "@certd/lib-server";
|
||||||
|
|
||||||
|
declare module "koa" {
|
||||||
|
interface Context {
|
||||||
|
auditLog?: AuditLogContext;
|
||||||
|
auditRouteInfo?: { controllerClz?: any; method?: any; summary?: string; description?: string };
|
||||||
|
projectId?: number;
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user