2025-09-28 00:13:47 +08:00
|
|
|
// Package audit 提供了用户操作审计相关的功能
|
2025-11-05 19:57:30 +08:00
|
|
|
package service
|
2025-09-28 00:13:47 +08:00
|
|
|
|
|
|
|
|
import (
|
2025-11-05 19:57:30 +08:00
|
|
|
"context"
|
2025-09-28 00:13:47 +08:00
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"git.huangwc.com/pig/pig-farm-controller/internal/infra/logs"
|
|
|
|
|
"git.huangwc.com/pig/pig-farm-controller/internal/infra/models"
|
|
|
|
|
"git.huangwc.com/pig/pig-farm-controller/internal/infra/repository"
|
|
|
|
|
)
|
|
|
|
|
|
2025-09-28 01:02:29 +08:00
|
|
|
// RequestContext 封装了审计日志所需的请求上下文信息
|
|
|
|
|
type RequestContext struct {
|
|
|
|
|
ClientIP string
|
|
|
|
|
HTTPPath string
|
|
|
|
|
HTTPMethod string
|
|
|
|
|
}
|
2025-09-28 00:13:47 +08:00
|
|
|
|
2025-11-05 19:57:30 +08:00
|
|
|
// AuditService 定义了审计服务的接口
|
|
|
|
|
type AuditService interface {
|
|
|
|
|
LogAction(ctx context.Context, user *models.User, reqCtx RequestContext, actionType, description string, targetResource interface{}, status models.AuditStatus, resultDetails string)
|
2025-09-28 00:13:47 +08:00
|
|
|
}
|
|
|
|
|
|
2025-11-05 19:57:30 +08:00
|
|
|
// auditService 是 AuditService 接口的实现
|
|
|
|
|
type auditService struct {
|
|
|
|
|
ctx context.Context
|
2025-09-28 00:13:47 +08:00
|
|
|
userActionLogRepository repository.UserActionLogRepository
|
|
|
|
|
}
|
|
|
|
|
|
2025-11-05 19:57:30 +08:00
|
|
|
// NewAuditService 创建一个新的审计服务实例
|
|
|
|
|
func NewAuditService(ctx context.Context, repo repository.UserActionLogRepository) AuditService {
|
|
|
|
|
return &auditService{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
userActionLogRepository: repo,
|
|
|
|
|
}
|
2025-09-28 00:13:47 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// LogAction 记录一个用户操作。它在一个新的 goroutine 中异步执行,以避免阻塞主请求。
|
2025-11-05 19:57:30 +08:00
|
|
|
func (s *auditService) LogAction(ctx context.Context, user *models.User, reqCtx RequestContext, actionType, description string, targetResource interface{}, status models.AuditStatus, resultDetails string) {
|
|
|
|
|
serviceCtx, logger := logs.Trace(ctx, s.ctx, "LogAction")
|
|
|
|
|
|
2025-09-28 01:02:29 +08:00
|
|
|
// 不再从 context 中获取用户信息,直接使用传入的 user 对象
|
|
|
|
|
if user == nil {
|
2025-11-05 19:57:30 +08:00
|
|
|
logger.Warnw("无法记录审计日志:传入的用户对象为 nil")
|
2025-09-28 00:13:47 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-28 00:37:20 +08:00
|
|
|
log := &models.UserActionLog{
|
|
|
|
|
Time: time.Now(),
|
|
|
|
|
UserID: user.ID,
|
|
|
|
|
Username: user.Username, // 用户名快照
|
2025-09-28 01:02:29 +08:00
|
|
|
SourceIP: reqCtx.ClientIP,
|
2025-09-28 00:37:20 +08:00
|
|
|
ActionType: actionType,
|
|
|
|
|
Description: description,
|
|
|
|
|
Status: status,
|
2025-09-28 01:02:29 +08:00
|
|
|
HTTPPath: reqCtx.HTTPPath,
|
|
|
|
|
HTTPMethod: reqCtx.HTTPMethod,
|
2025-09-28 00:37:20 +08:00
|
|
|
ResultDetails: resultDetails,
|
2025-09-28 00:13:47 +08:00
|
|
|
}
|
|
|
|
|
|
2025-09-28 00:37:20 +08:00
|
|
|
// 使用模型提供的方法来设置 TargetResource
|
|
|
|
|
if err := log.SetTargetResource(targetResource); err != nil {
|
2025-11-05 19:57:30 +08:00
|
|
|
logger.Errorw("无法记录审计日志:序列化 targetResource 失败", "error", err)
|
2025-09-28 00:37:20 +08:00
|
|
|
// 即使序列化失败,我们可能仍然希望记录操作本身,所以不在此处 return
|
2025-09-28 00:13:47 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 异步写入数据库,不阻塞当前请求
|
|
|
|
|
go func() {
|
2025-11-05 19:57:30 +08:00
|
|
|
if err := s.userActionLogRepository.Create(serviceCtx, log); err != nil {
|
|
|
|
|
logger.Errorw("异步保存审计日志失败", "error", err)
|
2025-09-28 00:13:47 +08:00
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
