novalon/gym-manage
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(backend): optimize service layer and add transaction support

Browse Source 
- Add TransactionManagerConfig for reactive transaction management
- Add OperationLogWebFilter for operation logging
- Remove deprecated AuditLogAspect in favor of WebFilter approach
- Optimize service implementations (SysUserService, SysRoleService, etc.)
- Enhance audit log functionality with better error handling
- Update security configuration and tests
- Add operation_log table migration script
- Improve IP utility with better validation
This commit is contained in:
张翔
2026-04-23 16:35:14 +08:00
parent ae9be86527
commit f68d18fbfc
21 changed files with 812 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/audit/AuditLogAspect.java
-315
View File
@@ -1,315 +0,0 @@
package cn.novalon.gym.manage.sys.audit;
import cn.novalon.gym.manage.sys.audit.domain.AuditLog;
import cn.novalon.gym.manage.sys.audit.service.IAuditLogService;
import com.fasterxml.jackson.annotation.JsonIdentityInfo;
import com.fasterxml.jackson.annotation.ObjectIdGenerators;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.domain.Persistable;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.stereotype.Component;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.ArrayList;
import java.util.List;
/**
* 审计日志切面
*
* 文件定义:使用AOP自动拦截Repository操作,记录审计日志
* 涉及业务:自动记录所有数据变更操作,包括变更前后对比
* 算法:使用异步方式记录日志,不阻塞主流程
*
* @author 张翔
* @date 2026-04-01
*/
@Aspect
@Component
public class AuditLogAspect {
private static final Logger logger = LoggerFactory.getLogger(AuditLogAspect.class);
private final IAuditLogService auditLogService;
private final ObjectMapper objectMapper;
public AuditLogAspect(IAuditLogService auditLogService, ObjectMapper objectMapper) {
this.auditLogService = auditLogService;
this.objectMapper = new ObjectMapper()
.registerModule(new JavaTimeModule())
.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS)
.disable(SerializationFeature.FAIL_ON_SELF_REFERENCES);
}
@Around("(execution(* cn.novalon.gym.manage.db.repository.*Repository.save(..)) || " +
"execution(* cn.novalon.gym.manage.db.repository.*Repository.delete(..)) || " +
"execution(* cn.novalon.gym.manage.db.repository.*Repository.deleteById(..))) && " +
"!execution(* cn.novalon.gym.manage.db.repository.AuditLogRepository.*(..)) && " +
"!execution(* cn.novalon.gym.manage.db.dao.AuditLogDao.*(..))")
public Object logAuditEvent(ProceedingJoinPoint joinPoint) throws Throwable {
String methodName = joinPoint.getSignature().getName();
String className = joinPoint.getTarget().getClass().getSimpleName();
Object[] args = joinPoint.getArgs();
String operationType = determineOperationType(methodName);
String entityType = extractEntityType(className);
logger.debug("拦截审计操作: {}.{}, 操作类型: {}, 实体类型: {}",
className, methodName, operationType, entityType);
try {
if ("save".equals(methodName) && args.length > 0) {
return handleSaveOperation(joinPoint, args[0], entityType, operationType);
} else if ("delete".equals(methodName) || "deleteById".equals(methodName)) {
return handleDeleteOperation(joinPoint, args, entityType, operationType);
}
return joinPoint.proceed();
} catch (Throwable error) {
logger.error("审计日志记录失败: {}", error.getMessage(), error);
throw error;
}
}
private Object handleSaveOperation(ProceedingJoinPoint joinPoint, Object entity,
String entityType, String operationType) throws Throwable {
String entityClassName = entity.getClass().getSimpleName();
if (entityClassName.contains("AuditLog") || entityClassName.contains("AuditLogEntity")) {
logger.debug("跳过审计日志实体的审计记录: {}", entityClassName);
return joinPoint.proceed();
}
try {
final String[] beforeDataHolder = {null};
final Long[] entityIdHolder = {null};
final String[] operationTypeHolder = {operationType};
if (entity instanceof Persistable) {
Persistable<?> persistable = (Persistable<?>) entity;
entityIdHolder[0] = persistable.getId() != null ?
((Number) persistable.getId()).longValue() : null;
if (entityIdHolder[0] != null) {
beforeDataHolder[0] = fetchEntityBeforeData(entityType, entityIdHolder[0]);
operationTypeHolder[0] = "UPDATE";
} else {
operationTypeHolder[0] = "CREATE";
}
}
Object result = joinPoint.proceed();
if (result instanceof Mono) {
return ((Mono<?>) result).flatMap(savedEntity -> {
String afterData = serializeEntity(savedEntity);
Long finalEntityId = entityIdHolder[0] != null ? entityIdHolder[0] : extractEntityId(savedEntity);
String finalOperationType = operationTypeHolder[0];
String finalBeforeData = beforeDataHolder[0];
logger.debug("保存操作审计日志: entityType={}, entityIdHolder={}, extractedEntityId={}, finalEntityId={}",
entityType, entityIdHolder[0], extractEntityId(savedEntity), finalEntityId);
return createAndSaveAuditLog(
entityType, finalEntityId, finalOperationType,
finalBeforeData, afterData, savedEntity
).thenReturn(savedEntity);
});
}
return result;
} catch (Throwable error) {
logger.error("保存操作审计日志记录失败", error);
throw error;
}
}
private Object handleDeleteOperation(ProceedingJoinPoint joinPoint, Object[] args,
String entityType, String operationType) throws Throwable {
try {
Long entityId = null;
String beforeData = null;
if (args.length > 0) {
if (args[0] instanceof Number) {
entityId = ((Number) args[0]).longValue();
beforeData = fetchEntityBeforeData(entityType, entityId);
} else if (args[0] instanceof Persistable) {
Persistable<?> persistable = (Persistable<?>) args[0];
entityId = persistable.getId() != null ?
((Number) persistable.getId()).longValue() : null;
beforeData = serializeEntity(args[0]);
}
}
Object result = joinPoint.proceed();
if (result instanceof Mono) {
Long finalEntityId = entityId;
String finalBeforeData = beforeData;
return ((Mono<?>) result).flatMap(deleted ->
createAndSaveAuditLog(
entityType, finalEntityId, "DELETE",
finalBeforeData, null, null
).thenReturn(deleted)
);
} else if (result instanceof Flux) {
Long finalEntityId = entityId;
String finalBeforeData = beforeData;
return ((Flux<?>) result).flatMap(deleted ->
createAndSaveAuditLog(
entityType, finalEntityId, "DELETE",
finalBeforeData, null, null
).thenReturn(deleted)
);
}
return result;
} catch (Throwable error) {
logger.error("删除操作审计日志记录失败", error);
throw error;
}
}
private Mono<Void> createAndSaveAuditLog(String entityType, Long entityId,
String operationType, String beforeData,
String afterData, Object entity) {
logger.debug("创建审计日志: entityType={}, entityId={}, operationType={}", entityType, entityId, operationType);
return ReactiveSecurityContextHolder.getContext()
.map(ctx -> ctx.getAuthentication().getPrincipal())
.defaultIfEmpty("system")
.flatMap(principal -> {
AuditLog auditLog = new AuditLog();
auditLog.setEntityType(entityType);
auditLog.setEntityId(entityId != null ? entityId : 0L);
auditLog.setOperationType(operationType);
auditLog.setOperator(principal instanceof String ? (String) principal : "system");
auditLog.setBeforeData(beforeData);
auditLog.setAfterData(afterData);
logger.debug("审计日志对象: entityId={}, entityType={}, operationType={}",
auditLog.getEntityId(), auditLog.getEntityType(), auditLog.getOperationType());
if (beforeData != null && afterData != null) {
String[] changedFields = extractChangedFields(beforeData, afterData);
auditLog.setChangedFields(changedFields);
}
auditLog.setDescription(generateDescription(entityType, operationType, entityId));
return auditLogService.save(auditLog)
.doOnSuccess(saved -> logger.debug("审计日志保存成功: {} - {}",
entityType, operationType))
.doOnError(error -> logger.error("审计日志保存失败: {}",
error.getMessage()))
.then();
})
.onErrorResume(error -> {
logger.error("创建审计日志失败,但不影响主流程: {}", error.getMessage(), error);
return Mono.empty();
});
}
private String determineOperationType(String methodName) {
if (methodName.startsWith("save")) {
return "SAVE";
} else if (methodName.startsWith("delete")) {
return "DELETE";
}
return "UNKNOWN";
}
private String extractEntityType(String className) {
if (className.contains("User")) {
return "User";
} else if (className.contains("Role")) {
return "Role";
} else if (className.contains("Menu")) {
return "Menu";
} else if (className.contains("Permission")) {
return "Permission";
}
return className.replace("Repository", "").replace("Impl", "");
}
private String fetchEntityBeforeData(String entityType, Long entityId) {
return null;
}
private String serializeEntity(Object entity) {
try {
return objectMapper.writeValueAsString(entity);
} catch (Exception e) {
logger.error("序列化实体失败: {}", e.getMessage());
return null;
}
}
private Long extractEntityId(Object entity) {
logger.debug("提取实体ID: entity class={}", entity.getClass().getName());
if (entity instanceof Persistable) {
Persistable<?> persistable = (Persistable<?>) entity;
Object id = persistable.getId();
logger.debug("Persistable实体ID: id={}, isNew={}", id, persistable.isNew());
return id != null ? ((Number) id).longValue() : null;
}
logger.debug("实体不是Persistable类型");
return null;
}
private String[] extractChangedFields(String beforeData, String afterData) {
try {
JsonNode beforeNode = objectMapper.readTree(beforeData);
JsonNode afterNode = objectMapper.readTree(afterData);
List<String> changedFields = new ArrayList<>();
beforeNode.fieldNames().forEachRemaining(fieldName -> {
JsonNode beforeValue = beforeNode.get(fieldName);
JsonNode afterValue = afterNode.get(fieldName);
if (afterValue == null || !beforeValue.equals(afterValue)) {
changedFields.add(fieldName);
}
});
afterNode.fieldNames().forEachRemaining(fieldName -> {
if (!beforeNode.has(fieldName)) {
changedFields.add(fieldName);
}
});
return changedFields.toArray(new String[0]);
} catch (Exception e) {
logger.error("提取变更字段失败: {}", e.getMessage());
return new String[0];
}
}
private String generateDescription(String entityType, String operationType, Long entityId) {
String operation = "";
switch (operationType) {
case "CREATE":
operation = "创建";
break;
case "UPDATE":
operation = "更新";
break;
case "DELETE":
operation = "删除";
break;
default:
operation = "操作";
}
return String.format("%s%s (ID: %s)", operation, entityType,
entityId != null ? entityId : "未知");
}
}
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/audit/OperationLogWebFilter.java
+181
View File
@@ -0,0 +1,181 @@
package cn.novalon.gym.manage.sys.audit;
import cn.novalon.gym.manage.sys.core.domain.OperationLog;
import cn.novalon.gym.manage.sys.core.service.IOperationLogService;
import cn.novalon.gym.manage.sys.util.IpUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.annotation.PostConstruct;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.reactive.function.server.HandlerStrategies;
import org.springframework.web.reactive.function.server.RouterFunction;
import org.springframework.web.reactive.function.server.ServerResponse;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
import java.nio.charset.StandardCharsets;
import java.time.LocalDateTime;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
@Component
@Order(Ordered.LOWEST_PRECEDENCE)
public class OperationLogWebFilter implements WebFilter {
private static final Logger logger = LoggerFactory.getLogger(OperationLogWebFilter.class);
private final IOperationLogService operationLogService;
private final ObjectMapper objectMapper;
private static final Map<String, OperationInfo> OPERATION_MAPPING = new ConcurrentHashMap<>();
static {
OPERATION_MAPPING.put("POST:/api/roles", new OperationInfo("角色管理", "创建角色"));
OPERATION_MAPPING.put("PUT:/api/roles/", new OperationInfo("角色管理", "更新角色"));
OPERATION_MAPPING.put("DELETE:/api/roles/", new OperationInfo("角色管理", "删除角色"));
OPERATION_MAPPING.put("POST:/api/users", new OperationInfo("用户管理", "创建用户"));
OPERATION_MAPPING.put("PUT:/api/users/", new OperationInfo("用户管理", "更新用户"));
OPERATION_MAPPING.put("DELETE:/api/users/", new OperationInfo("用户管理", "删除用户"));
OPERATION_MAPPING.put("POST:/api/users/", new OperationInfo("用户管理", "用户操作"));
OPERATION_MAPPING.put("POST:/api/menus", new OperationInfo("菜单管理", "创建菜单"));
OPERATION_MAPPING.put("PUT:/api/menus/", new OperationInfo("菜单管理", "更新菜单"));
OPERATION_MAPPING.put("DELETE:/api/menus/", new OperationInfo("菜单管理", "删除菜单"));
}
public OperationLogWebFilter(IOperationLogService operationLogService, ObjectMapper objectMapper) {
logger.info("=== OperationLogWebFilter 构造函数被调用 ===");
this.operationLogService = operationLogService;
this.objectMapper = objectMapper;
}
@PostConstruct
public void init() {
logger.info("=== OperationLogWebFilter 初始化 ===");
logger.info("操作日志映射配置数量: {}", OPERATION_MAPPING.size());
OPERATION_MAPPING.forEach((key, value) -> {
logger.info(" {} -> {}:{}", key, value.module, value.operation);
});
}
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
String method = request.getMethod().name();
String path = request.getPath().value();
logger.info("WebFilter 拦截请求: {} {}", method, path);
OperationInfo operationInfo = findOperationInfo(method, path);
if (operationInfo == null) {
logger.info("未匹配到操作日志配置,跳过: {} {}", method, path);
return chain.filter(exchange);
}
logger.info("匹配到操作日志配置: {} {} -> {}:{}", method, path, operationInfo.module, operationInfo.operation);
long startTime = System.currentTimeMillis();
String ip = IpUtils.getClientIp(request);
return Mono.deferContextual(contextView -> {
return chain.filter(exchange)
.then(Mono.defer(() -> {
long duration = System.currentTimeMillis() - startTime;
logger.info("请求处理完成,准备保存操作日志: {} {}, 耗时: {}ms", method, path, duration);
return ReactiveSecurityContextHolder.getContext()
.flatMap(securityContext -> {
Object principal = securityContext.getAuthentication().getPrincipal();
String username = principal instanceof String ? (String) principal : "system";
logger.info("获取到用户名: {}", username);
return Mono.just(username);
})
.defaultIfEmpty("system")
.flatMap(username -> {
logger.info("开始保存操作日志: 用户={}, 操作={}", username,
operationInfo.module + " - " + operationInfo.operation);
OperationLog log = new OperationLog();
log.setUsername(username);
log.setOperation(operationInfo.module + " - " + operationInfo.operation);
log.setMethod(method + " " + path);
log.setParams(null);
log.setIp(ip);
log.setDuration(duration);
log.setStatus("0");
return operationLogService.save(log)
.doOnSuccess(saved -> logger.info("操作日志保存成功: {} - {}",
operationInfo.module, operationInfo.operation))
.doOnError(e -> logger.error("操作日志保存失败: {}", e.getMessage(), e))
.onErrorResume(e -> Mono.empty());
})
.then();
}))
.onErrorResume(error -> {
long duration = System.currentTimeMillis() - startTime;
logger.error("请求处理失败: {} {}, 错误: {}", method, path, error.getMessage());
return ReactiveSecurityContextHolder.getContext()
.flatMap(securityContext -> {
Object principal = securityContext.getAuthentication().getPrincipal();
String username = principal instanceof String ? (String) principal : "system";
return Mono.just(username);
})
.defaultIfEmpty("system")
.flatMap(username -> {
OperationLog log = new OperationLog();
log.setUsername(username);
log.setOperation(operationInfo.module + " - " + operationInfo.operation);
log.setMethod(method + " " + path);
log.setParams(null);
log.setIp(ip);
log.setDuration(duration);
log.setStatus("1");
log.setErrorMsg(error.getMessage());
return operationLogService.save(log)
.doOnError(e -> logger.error("错误日志保存失败: {}", e.getMessage()))
.onErrorResume(e -> Mono.empty());
})
.then(Mono.error(error));
});
});
}
private OperationInfo findOperationInfo(String method, String path) {
String key = method + ":" + path;
if (OPERATION_MAPPING.containsKey(key)) {
return OPERATION_MAPPING.get(key);
}
for (Map.Entry<String, OperationInfo> entry : OPERATION_MAPPING.entrySet()) {
String mappingKey = entry.getKey();
if (key.startsWith(mappingKey)) {
return entry.getValue();
}
}
return null;
}
private static class OperationInfo {
final String module;
final String operation;
OperationInfo(String module, String operation) {
this.module = module;
this.operation = operation;
}
}
}
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/audit/service/impl/AuditLogArchiveService.java
+3 -3
View File
@@ -39,7 +39,7 @@ public class AuditLogArchiveService implements IAuditLogArchiveService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Long> archiveOldLogs(int daysToKeep) {
LocalDateTime archiveBefore = LocalDateTime.now().minusDays(daysToKeep);
@@ -53,7 +53,7 @@ public class AuditLogArchiveService implements IAuditLogArchiveService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<AuditLogArchive> archiveLog(AuditLog auditLog) {
AuditLogArchive archive = convertToArchive(auditLog);
@@ -99,7 +99,7 @@ public class AuditLogArchiveService implements IAuditLogArchiveService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> deleteArchivedLogsOlderThan(LocalDateTime date) {
return auditLogArchiveRepository.findByOperationTimeBetween(LocalDateTime.MIN, date)
.flatMap(archive -> auditLogArchiveRepository.deleteById(archive.getId()))
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/audit/service/impl/AuditLogService.java
+5 -5
View File
@@ -160,13 +160,13 @@ public class AuditLogService implements IAuditLogService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> deleteById(Long id) {
return auditLogRepository.deleteById(id);
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> logicalDeleteById(Long id) {
return auditLogRepository.findById(id)
.flatMap(auditLog -> {
@@ -177,7 +177,7 @@ public class AuditLogService implements IAuditLogService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> logicalDeleteByIds(List<Long> ids) {
return Flux.fromIterable(ids)
.flatMap(this::logicalDeleteById)
@@ -185,7 +185,7 @@ public class AuditLogService implements IAuditLogService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> restoreById(Long id) {
return auditLogRepository.findById(id)
.flatMap(auditLog -> {
@@ -196,7 +196,7 @@ public class AuditLogService implements IAuditLogService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> restoreByIds(List<Long> ids) {
return Flux.fromIterable(ids)
.flatMap(this::restoreById)
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/config/SecurityConfig.java
+7 -7
View File
@@ -1,5 +1,6 @@
package cn.novalon.gym.manage.sys.config;
import cn.novalon.gym.manage.sys.audit.OperationLogWebFilter;
import cn.novalon.gym.manage.sys.security.JwtAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -11,22 +12,20 @@ import org.springframework.security.config.web.server.SecurityWebFiltersOrder;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
/**
* 安全配置类
*
* @author 张翔
* @date 2026-03-13
*/
@Configuration
@EnableWebFluxSecurity
public class SecurityConfig {
private static final Logger logger = LoggerFactory.getLogger(SecurityConfig.class);
private final JwtAuthenticationFilter jwtAuthenticationFilter;
private final OperationLogWebFilter operationLogWebFilter;
private final Environment environment;
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter, Environment environment) {
public SecurityConfig(JwtAuthenticationFilter jwtAuthenticationFilter,
OperationLogWebFilter operationLogWebFilter,
Environment environment) {
this.jwtAuthenticationFilter = jwtAuthenticationFilter;
this.operationLogWebFilter = operationLogWebFilter;
this.environment = environment;
}
@@ -46,6 +45,7 @@ public class SecurityConfig {
.httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
.formLogin(ServerHttpSecurity.FormLoginSpec::disable)
.addFilterBefore(jwtAuthenticationFilter, SecurityWebFiltersOrder.AUTHENTICATION)
.addFilterAfter(operationLogWebFilter, SecurityWebFiltersOrder.AUTHORIZATION)
.authorizeExchange(spec -> {
spec.pathMatchers("/api/auth/**").permitAll()
.pathMatchers("/api/public/**").permitAll()
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/core/service/impl/OperationLogService.java
-1
View File
@@ -29,7 +29,6 @@ public class OperationLogService implements IOperationLogService {
@Override
public Mono<OperationLog> save(OperationLog log) {
log.setCreatedAt(LocalDateTime.now());
return logRepository.save(log);
}
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/core/service/impl/SysPermissionService.java
+1 -1
View File
@@ -99,7 +99,7 @@ public class SysPermissionService implements ISysPermissionService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> assignPermissionsToRole(Long roleId, List<Long> permissionIds) {
return rolePermissionRepository.deleteByRoleId(roleId)
.then(Flux.fromIterable(permissionIds)
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/core/service/impl/SysRoleService.java
+1 -1
View File
@@ -120,7 +120,7 @@ public class SysRoleService implements ISysRoleService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> deleteRole(Long id) {
logger.debug("开始删除角色,ID: {}", id);
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/core/service/impl/SysUserService.java
+2 -2
View File
@@ -164,7 +164,7 @@ public class SysUserService implements ISysUserService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> deleteUser(Long id) {
logger.debug("开始删除用户,ID: {}", id);
@@ -244,7 +244,7 @@ public class SysUserService implements ISysUserService {
}
@Override
@Transactional
@Transactional(transactionManager = "connectionFactoryTransactionManager")
public Mono<Void> assignRolesToUser(Long userId, List<Long> roleIds) {
logger.debug("开始为用户分配角色,用户ID: {}, 角色IDs: {}", userId, roleIds);
gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/util/IpUtils.java
+76 -1
View File
@@ -1,12 +1,13 @@
package cn.novalon.gym.manage.sys.util;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.web.reactive.function.server.ServerRequest;
import java.net.InetSocketAddress;
import java.util.Optional;
/**
* IP地址工具类
* 用于从ServerRequest中获取客户端真实IP地址
* 用于从ServerRequest或ServerHttpRequest中获取客户端真实IP地址
* 支持代理服务器场景(X-Forwarded-For, X-Real-IP)
*
* @author 张翔
@@ -48,6 +49,36 @@ public class IpUtils {
return UNKNOWN;
}
/**
* 从ServerHttpRequest中获取客户端真实IP地址
* 支持代理服务器场景,优先级: X-Forwarded-For > X-Real-IP > RemoteAddress
*
* @param request ServerHttpRequest对象
* @return 客户端IP地址,获取失败返回"unknown"
*/
public static String getClientIp(ServerHttpRequest request) {
if (request == null) {
return UNKNOWN;
}
String ip = getXForwardedForIp(request);
if (isValidIp(ip)) {
return ip;
}
ip = getXRealIp(request);
if (isValidIp(ip)) {
return ip;
}
ip = getRemoteAddress(request);
if (isValidIp(ip)) {
return ip;
}
return UNKNOWN;
}
/**
* 从X-Forwarded-For头获取IP地址
* X-Forwarded-For格式: client, proxy1, proxy2
@@ -98,4 +129,48 @@ public class IpUtils {
private static boolean isValidIp(String ip) {
return ip != null && ip.length() > 0 && !UNKNOWN.equalsIgnoreCase(ip);
}
/**
* 从X-Forwarded-For头获取IP地址(ServerHttpRequest版本)
* X-Forwarded-For格式: client, proxy1, proxy2
* 取第一个非unknown的有效IP
*/
private static String getXForwardedForIp(ServerHttpRequest request) {
String ip = request.getHeaders().getFirst("X-Forwarded-For");
if (ip != null && ip.length() > 0 && !UNKNOWN.equalsIgnoreCase(ip)) {
int index = ip.indexOf(",");
if (index != -1) {
return ip.substring(0, index);
}
return ip;
}
return null;
}
/**
* 从X-Real-IP头获取IP地址(ServerHttpRequest版本)
*/
private static String getXRealIp(ServerHttpRequest request) {
String ip = request.getHeaders().getFirst("X-Real-IP");
if (ip != null && ip.length() > 0 && !UNKNOWN.equalsIgnoreCase(ip)) {
return ip;
}
return null;
}
/**
* 从RemoteAddress获取IP地址(ServerHttpRequest版本)
* 将IPv6本地地址转换为IPv4格式
*/
private static String getRemoteAddress(ServerHttpRequest request) {
InetSocketAddress remoteAddress = request.getRemoteAddress();
if (remoteAddress != null) {
String ip = remoteAddress.getAddress().getHostAddress();
if (LOCALHOST_IPV6.equals(ip)) {
ip = LOCALHOST_IP;
}
return ip;
}
return null;
}
}
gym-manage-api/manage-sys/src/test/java/cn/novalon/gym/manage/sys/config/SecurityConfigTest.java
+5 -1
View File
@@ -1,5 +1,6 @@
package cn.novalon.gym.manage.sys.config;
import cn.novalon.gym.manage.sys.audit.OperationLogWebFilter;
import cn.novalon.gym.manage.sys.security.JwtAuthenticationFilter;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -16,6 +17,9 @@ class SecurityConfigTest {
@Mock
private JwtAuthenticationFilter jwtAuthenticationFilter;
@Mock
private OperationLogWebFilter operationLogWebFilter;
@Mock
private Environment environment;
@@ -23,7 +27,7 @@ class SecurityConfigTest {
@BeforeEach
void setUp() {
securityConfig = new SecurityConfig(jwtAuthenticationFilter, environment);
securityConfig = new SecurityConfig(jwtAuthenticationFilter, operationLogWebFilter, environment);
}
@Test
gym-manage-api/manage-sys/src/test/java/cn/novalon/gym/manage/sys/util/IpUtilsTest.java
+1 -1
View File
@@ -22,7 +22,7 @@ class IpUtilsTest {
@Test
@DisplayName("当request为null时,应返回unknown")
void getClientIp_whenRequestIsNull_shouldReturnUnknown() {
String ip = IpUtils.getClientIp(null);
String ip = IpUtils.getClientIp((ServerRequest) null);
assertEquals("unknown", ip);
}