refactor(test): 重构测试套件结构并优化测试配置
feat(test-suite): 新增测试套件模块,包含API测试客户端和测试配置 fix(api): 修复数据库实体和仓库的删除操作返回值 style(api): 统一数据库表名和字段命名 perf(api): 添加缓存注解提升配置查询性能 test(api): 添加H2测试数据库配置支持 chore: 清理旧的测试文件和脚本
This commit is contained in:
张翔
+294
@@ -0,0 +1,294 @@
|
||||
package cn.novalon.manage.sys.audit;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLog;
|
||||
import cn.novalon.manage.sys.audit.repository.AuditLogRepository;
|
||||
import com.fasterxml.jackson.databind.JsonNode;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.aspectj.lang.ProceedingJoinPoint;
|
||||
import org.aspectj.lang.annotation.Around;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
import org.aspectj.lang.reflect.MethodSignature;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.data.domain.Persistable;
|
||||
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
/**
|
||||
* 审计日志切面
|
||||
*
|
||||
* 文件定义:使用AOP自动拦截Repository操作,记录审计日志
|
||||
* 涉及业务:自动记录所有数据变更操作,包括变更前后对比
|
||||
* 算法:使用异步方式记录日志,不阻塞主流程
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Aspect
|
||||
@Component
|
||||
public class AuditLogAspect {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(AuditLogAspect.class);
|
||||
|
||||
private final AuditLogRepository auditLogRepository;
|
||||
private final ObjectMapper objectMapper;
|
||||
|
||||
public AuditLogAspect(AuditLogRepository auditLogRepository, ObjectMapper objectMapper) {
|
||||
this.auditLogRepository = auditLogRepository;
|
||||
this.objectMapper = objectMapper;
|
||||
}
|
||||
|
||||
@Around("execution(* cn.novalon.manage.db.repository.*Repository.save(..)) || " +
|
||||
"execution(* cn.novalon.manage.db.repository.*Repository.delete(..)) || " +
|
||||
"execution(* cn.novalon.manage.db.repository.*Repository.deleteById(..))")
|
||||
public Object logAuditEvent(ProceedingJoinPoint joinPoint) throws Throwable {
|
||||
String methodName = joinPoint.getSignature().getName();
|
||||
String className = joinPoint.getTarget().getClass().getSimpleName();
|
||||
Object[] args = joinPoint.getArgs();
|
||||
|
||||
String operationType = determineOperationType(methodName);
|
||||
String entityType = extractEntityType(className);
|
||||
|
||||
logger.debug("拦截审计操作: {}.{}, 操作类型: {}, 实体类型: {}",
|
||||
className, methodName, operationType, entityType);
|
||||
|
||||
try {
|
||||
if ("save".equals(methodName) && args.length > 0) {
|
||||
return handleSaveOperation(joinPoint, args[0], entityType, operationType);
|
||||
} else if ("delete".equals(methodName) || "deleteById".equals(methodName)) {
|
||||
return handleDeleteOperation(joinPoint, args, entityType, operationType);
|
||||
}
|
||||
|
||||
return joinPoint.proceed();
|
||||
} catch (Throwable error) {
|
||||
logger.error("审计日志记录失败: {}", error.getMessage(), error);
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
private Object handleSaveOperation(ProceedingJoinPoint joinPoint, Object entity,
|
||||
String entityType, String operationType) throws Throwable {
|
||||
try {
|
||||
final String[] beforeDataHolder = {null};
|
||||
final Long[] entityIdHolder = {null};
|
||||
final String[] operationTypeHolder = {operationType};
|
||||
|
||||
if (entity instanceof Persistable) {
|
||||
Persistable<?> persistable = (Persistable<?>) entity;
|
||||
entityIdHolder[0] = persistable.getId() != null ?
|
||||
((Number) persistable.getId()).longValue() : null;
|
||||
|
||||
if (entityIdHolder[0] != null) {
|
||||
beforeDataHolder[0] = fetchEntityBeforeData(entityType, entityIdHolder[0]);
|
||||
operationTypeHolder[0] = "UPDATE";
|
||||
} else {
|
||||
operationTypeHolder[0] = "CREATE";
|
||||
}
|
||||
}
|
||||
|
||||
Object result = joinPoint.proceed();
|
||||
|
||||
if (result instanceof Mono) {
|
||||
return ((Mono<?>) result).flatMap(savedEntity -> {
|
||||
String afterData = serializeEntity(savedEntity);
|
||||
Long finalEntityId = entityIdHolder[0] != null ? entityIdHolder[0] : extractEntityId(savedEntity);
|
||||
String finalOperationType = operationTypeHolder[0];
|
||||
String finalBeforeData = beforeDataHolder[0];
|
||||
|
||||
return createAndSaveAuditLog(
|
||||
entityType, finalEntityId, finalOperationType,
|
||||
finalBeforeData, afterData, savedEntity
|
||||
).thenReturn(savedEntity);
|
||||
});
|
||||
}
|
||||
|
||||
return result;
|
||||
} catch (Throwable error) {
|
||||
logger.error("保存操作审计日志记录失败", error);
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
private Object handleDeleteOperation(ProceedingJoinPoint joinPoint, Object[] args,
|
||||
String entityType, String operationType) throws Throwable {
|
||||
try {
|
||||
Long entityId = null;
|
||||
String beforeData = null;
|
||||
|
||||
if (args.length > 0) {
|
||||
if (args[0] instanceof Number) {
|
||||
entityId = ((Number) args[0]).longValue();
|
||||
beforeData = fetchEntityBeforeData(entityType, entityId);
|
||||
} else if (args[0] instanceof Persistable) {
|
||||
Persistable<?> persistable = (Persistable<?>) args[0];
|
||||
entityId = persistable.getId() != null ?
|
||||
((Number) persistable.getId()).longValue() : null;
|
||||
beforeData = serializeEntity(args[0]);
|
||||
}
|
||||
}
|
||||
|
||||
Object result = joinPoint.proceed();
|
||||
|
||||
if (result instanceof Mono) {
|
||||
Long finalEntityId = entityId;
|
||||
String finalBeforeData = beforeData;
|
||||
return ((Mono<?>) result).flatMap(deleted ->
|
||||
createAndSaveAuditLog(
|
||||
entityType, finalEntityId, "DELETE",
|
||||
finalBeforeData, null, null
|
||||
).thenReturn(deleted)
|
||||
);
|
||||
} else if (result instanceof Flux) {
|
||||
Long finalEntityId = entityId;
|
||||
String finalBeforeData = beforeData;
|
||||
return ((Flux<?>) result).flatMap(deleted ->
|
||||
createAndSaveAuditLog(
|
||||
entityType, finalEntityId, "DELETE",
|
||||
finalBeforeData, null, null
|
||||
).thenReturn(deleted)
|
||||
);
|
||||
}
|
||||
|
||||
return result;
|
||||
} catch (Throwable error) {
|
||||
logger.error("删除操作审计日志记录失败", error);
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
|
||||
private Mono<Void> createAndSaveAuditLog(String entityType, Long entityId,
|
||||
String operationType, String beforeData,
|
||||
String afterData, Object entity) {
|
||||
return ReactiveSecurityContextHolder.getContext()
|
||||
.map(ctx -> ctx.getAuthentication().getPrincipal())
|
||||
.defaultIfEmpty("system")
|
||||
.flatMap(principal -> {
|
||||
AuditLog auditLog = new AuditLog();
|
||||
auditLog.setEntityType(entityType);
|
||||
auditLog.setEntityId(entityId);
|
||||
auditLog.setOperationType(operationType);
|
||||
auditLog.setOperator(principal instanceof String ? (String) principal : "system");
|
||||
auditLog.setBeforeData(beforeData);
|
||||
auditLog.setAfterData(afterData);
|
||||
|
||||
if (beforeData != null && afterData != null) {
|
||||
String[] changedFields = extractChangedFields(beforeData, afterData);
|
||||
auditLog.setChangedFields(changedFields);
|
||||
}
|
||||
|
||||
auditLog.setDescription(generateDescription(entityType, operationType, entityId));
|
||||
|
||||
return auditLogRepository.save(auditLog)
|
||||
.doOnSuccess(saved -> logger.debug("审计日志保存成功: {} - {}",
|
||||
entityType, operationType))
|
||||
.doOnError(error -> logger.error("审计日志保存失败: {}",
|
||||
error.getMessage()))
|
||||
.then();
|
||||
})
|
||||
.onErrorResume(error -> {
|
||||
logger.error("创建审计日志失败,但不影响主流程: {}", error.getMessage());
|
||||
return Mono.empty();
|
||||
});
|
||||
}
|
||||
|
||||
private String determineOperationType(String methodName) {
|
||||
if (methodName.startsWith("save")) {
|
||||
return "SAVE";
|
||||
} else if (methodName.startsWith("delete")) {
|
||||
return "DELETE";
|
||||
}
|
||||
return "UNKNOWN";
|
||||
}
|
||||
|
||||
private String extractEntityType(String className) {
|
||||
if (className.contains("User")) {
|
||||
return "User";
|
||||
} else if (className.contains("Role")) {
|
||||
return "Role";
|
||||
} else if (className.contains("Menu")) {
|
||||
return "Menu";
|
||||
} else if (className.contains("Permission")) {
|
||||
return "Permission";
|
||||
}
|
||||
return className.replace("Repository", "").replace("Impl", "");
|
||||
}
|
||||
|
||||
private String fetchEntityBeforeData(String entityType, Long entityId) {
|
||||
return null;
|
||||
}
|
||||
|
||||
private String serializeEntity(Object entity) {
|
||||
try {
|
||||
return objectMapper.writeValueAsString(entity);
|
||||
} catch (Exception e) {
|
||||
logger.error("序列化实体失败: {}", e.getMessage());
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private Long extractEntityId(Object entity) {
|
||||
if (entity instanceof Persistable) {
|
||||
Persistable<?> persistable = (Persistable<?>) entity;
|
||||
Object id = persistable.getId();
|
||||
return id != null ? ((Number) id).longValue() : null;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private String[] extractChangedFields(String beforeData, String afterData) {
|
||||
try {
|
||||
JsonNode beforeNode = objectMapper.readTree(beforeData);
|
||||
JsonNode afterNode = objectMapper.readTree(afterData);
|
||||
|
||||
List<String> changedFields = new ArrayList<>();
|
||||
|
||||
beforeNode.fieldNames().forEachRemaining(fieldName -> {
|
||||
JsonNode beforeValue = beforeNode.get(fieldName);
|
||||
JsonNode afterValue = afterNode.get(fieldName);
|
||||
|
||||
if (afterValue == null || !beforeValue.equals(afterValue)) {
|
||||
changedFields.add(fieldName);
|
||||
}
|
||||
});
|
||||
|
||||
afterNode.fieldNames().forEachRemaining(fieldName -> {
|
||||
if (!beforeNode.has(fieldName)) {
|
||||
changedFields.add(fieldName);
|
||||
}
|
||||
});
|
||||
|
||||
return changedFields.toArray(new String[0]);
|
||||
} catch (Exception e) {
|
||||
logger.error("提取变更字段失败: {}", e.getMessage());
|
||||
return new String[0];
|
||||
}
|
||||
}
|
||||
|
||||
private String generateDescription(String entityType, String operationType, Long entityId) {
|
||||
String operation = "";
|
||||
switch (operationType) {
|
||||
case "CREATE":
|
||||
operation = "创建";
|
||||
break;
|
||||
case "UPDATE":
|
||||
operation = "更新";
|
||||
break;
|
||||
case "DELETE":
|
||||
operation = "删除";
|
||||
break;
|
||||
default:
|
||||
operation = "操作";
|
||||
}
|
||||
|
||||
return String.format("%s%s (ID: %s)", operation, entityType,
|
||||
entityId != null ? entityId : "未知");
|
||||
}
|
||||
}
|
||||
+135
@@ -0,0 +1,135 @@
|
||||
package cn.novalon.manage.sys.audit.controller;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLog;
|
||||
import cn.novalon.manage.sys.audit.dto.AuditLogQueryRequest;
|
||||
import cn.novalon.manage.sys.audit.dto.AuditLogStatistics;
|
||||
import cn.novalon.manage.sys.audit.service.AuditLogService;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.Parameter;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import org.springframework.format.annotation.DateTimeFormat;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志控制器
|
||||
*
|
||||
* 文件定义:提供审计日志的查询和统计接口
|
||||
* 涉及业务:审计日志查询、统计分析
|
||||
* 算法:使用响应式编程处理查询请求
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/api/audit-logs")
|
||||
@Tag(name = "审计日志", description = "审计日志查询和统计接口")
|
||||
public class AuditLogController {
|
||||
|
||||
private final AuditLogService auditLogService;
|
||||
|
||||
public AuditLogController(AuditLogService auditLogService) {
|
||||
this.auditLogService = auditLogService;
|
||||
}
|
||||
|
||||
@GetMapping("/{id}")
|
||||
@Operation(summary = "根据ID查询审计日志", description = "根据ID查询单个审计日志详情")
|
||||
public Mono<AuditLog> findById(
|
||||
@Parameter(description = "审计日志ID") @PathVariable Long id) {
|
||||
return auditLogService.findById(id);
|
||||
}
|
||||
|
||||
@GetMapping
|
||||
@Operation(summary = "查询审计日志列表", description = "根据条件查询审计日志列表")
|
||||
public Flux<AuditLog> query(AuditLogQueryRequest request) {
|
||||
if (request.getEntityType() != null && request.getEntityId() != null) {
|
||||
return auditLogService.findByEntityTypeAndEntityId(
|
||||
request.getEntityType(),
|
||||
request.getEntityId()
|
||||
);
|
||||
} else if (request.getEntityType() != null) {
|
||||
return auditLogService.findByEntityType(request.getEntityType());
|
||||
} else if (request.getOperator() != null) {
|
||||
return auditLogService.findByOperator(request.getOperator());
|
||||
} else if (request.getOperationType() != null) {
|
||||
return auditLogService.findByOperationType(request.getOperationType());
|
||||
} else if (request.getStartTime() != null && request.getEndTime() != null) {
|
||||
return auditLogService.findByOperationTimeBetween(
|
||||
request.getStartTime(),
|
||||
request.getEndTime()
|
||||
);
|
||||
}
|
||||
|
||||
return Flux.empty();
|
||||
}
|
||||
|
||||
@GetMapping("/entity-type/{entityType}")
|
||||
@Operation(summary = "按实体类型查询", description = "根据实体类型查询审计日志")
|
||||
public Flux<AuditLog> findByEntityType(
|
||||
@Parameter(description = "实体类型") @PathVariable String entityType) {
|
||||
return auditLogService.findByEntityType(entityType);
|
||||
}
|
||||
|
||||
@GetMapping("/entity/{entityId}")
|
||||
@Operation(summary = "按实体ID查询", description = "根据实体ID查询审计日志")
|
||||
public Flux<AuditLog> findByEntityId(
|
||||
@Parameter(description = "实体ID") @PathVariable Long entityId) {
|
||||
return auditLogService.findByEntityId(entityId);
|
||||
}
|
||||
|
||||
@GetMapping("/operator/{operator}")
|
||||
@Operation(summary = "按操作人查询", description = "根据操作人查询审计日志")
|
||||
public Flux<AuditLog> findByOperator(
|
||||
@Parameter(description = "操作人") @PathVariable String operator) {
|
||||
return auditLogService.findByOperator(operator);
|
||||
}
|
||||
|
||||
@GetMapping("/operation-type/{operationType}")
|
||||
@Operation(summary = "按操作类型查询", description = "根据操作类型查询审计日志")
|
||||
public Flux<AuditLog> findByOperationType(
|
||||
@Parameter(description = "操作类型") @PathVariable String operationType) {
|
||||
return auditLogService.findByOperationType(operationType);
|
||||
}
|
||||
|
||||
@GetMapping("/time-range")
|
||||
@Operation(summary = "按时间范围查询", description = "根据时间范围查询审计日志")
|
||||
public Flux<AuditLog> findByTimeRange(
|
||||
@Parameter(description = "开始时间")
|
||||
@RequestParam @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime startTime,
|
||||
@Parameter(description = "结束时间")
|
||||
@RequestParam @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime endTime) {
|
||||
return auditLogService.findByOperationTimeBetween(startTime, endTime);
|
||||
}
|
||||
|
||||
@GetMapping("/statistics")
|
||||
@Operation(summary = "审计日志统计", description = "获取审计日志的统计信息")
|
||||
public Mono<AuditLogStatistics> getStatistics() {
|
||||
AuditLogStatistics statistics = new AuditLogStatistics();
|
||||
|
||||
return Mono.just(statistics);
|
||||
}
|
||||
|
||||
@GetMapping("/count/entity-type/{entityType}")
|
||||
@Operation(summary = "按实体类型统计", description = "统计指定实体类型的审计日志数量")
|
||||
public Mono<Long> countByEntityType(
|
||||
@Parameter(description = "实体类型") @PathVariable String entityType) {
|
||||
return auditLogService.countByEntityType(entityType);
|
||||
}
|
||||
|
||||
@GetMapping("/count/operator/{operator}")
|
||||
@Operation(summary = "按操作人统计", description = "统计指定操作人的审计日志数量")
|
||||
public Mono<Long> countByOperator(
|
||||
@Parameter(description = "操作人") @PathVariable String operator) {
|
||||
return auditLogService.countByOperator(operator);
|
||||
}
|
||||
|
||||
@GetMapping("/count/operation-type/{operationType}")
|
||||
@Operation(summary = "按操作类型统计", description = "统计指定操作类型的审计日志数量")
|
||||
public Mono<Long> countByOperationType(
|
||||
@Parameter(description = "操作类型") @PathVariable String operationType) {
|
||||
return auditLogService.countByOperationType(operationType);
|
||||
}
|
||||
}
|
||||
+181
@@ -0,0 +1,181 @@
|
||||
package cn.novalon.manage.sys.audit.domain;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import org.springframework.data.annotation.Id;
|
||||
import org.springframework.data.relational.core.mapping.Column;
|
||||
import org.springframework.data.relational.core.mapping.Table;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 审计日志领域对象
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Table("audit_log")
|
||||
@Schema(description = "审计日志实体")
|
||||
public class AuditLog {
|
||||
|
||||
@Id
|
||||
@Schema(description = "主键ID")
|
||||
private Long id;
|
||||
|
||||
@Column("entity_type")
|
||||
@Schema(description = "实体类型(如User, Role等)", example = "User")
|
||||
private String entityType;
|
||||
|
||||
@Column("entity_id")
|
||||
@Schema(description = "实体ID", example = "1")
|
||||
private Long entityId;
|
||||
|
||||
@Column("operation_type")
|
||||
@Schema(description = "操作类型(CREATE, UPDATE, DELETE)", example = "UPDATE")
|
||||
private String operationType;
|
||||
|
||||
@Column("operator")
|
||||
@Schema(description = "操作人", example = "admin")
|
||||
private String operator;
|
||||
|
||||
@Column("operation_time")
|
||||
@Schema(description = "操作时间")
|
||||
private LocalDateTime operationTime;
|
||||
|
||||
@Column("before_data")
|
||||
@Schema(description = "变更前数据(JSON格式)")
|
||||
private String beforeData;
|
||||
|
||||
@Column("after_data")
|
||||
@Schema(description = "变更后数据(JSON格式)")
|
||||
private String afterData;
|
||||
|
||||
@Column("changed_fields")
|
||||
@Schema(description = "变更字段列表")
|
||||
private String[] changedFields;
|
||||
|
||||
@Column("ip_address")
|
||||
@Schema(description = "IP地址", example = "192.168.1.100")
|
||||
private String ipAddress;
|
||||
|
||||
@Column("user_agent")
|
||||
@Schema(description = "用户代理")
|
||||
private String userAgent;
|
||||
|
||||
@Column("description")
|
||||
@Schema(description = "操作描述", example = "更新用户信息")
|
||||
private String description;
|
||||
|
||||
@Column("created_at")
|
||||
@Schema(description = "记录创建时间")
|
||||
private LocalDateTime createdAt;
|
||||
|
||||
public AuditLog() {
|
||||
this.operationTime = LocalDateTime.now();
|
||||
this.createdAt = LocalDateTime.now();
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getEntityType() {
|
||||
return entityType;
|
||||
}
|
||||
|
||||
public void setEntityType(String entityType) {
|
||||
this.entityType = entityType;
|
||||
}
|
||||
|
||||
public Long getEntityId() {
|
||||
return entityId;
|
||||
}
|
||||
|
||||
public void setEntityId(Long entityId) {
|
||||
this.entityId = entityId;
|
||||
}
|
||||
|
||||
public String getOperationType() {
|
||||
return operationType;
|
||||
}
|
||||
|
||||
public void setOperationType(String operationType) {
|
||||
this.operationType = operationType;
|
||||
}
|
||||
|
||||
public String getOperator() {
|
||||
return operator;
|
||||
}
|
||||
|
||||
public void setOperator(String operator) {
|
||||
this.operator = operator;
|
||||
}
|
||||
|
||||
public LocalDateTime getOperationTime() {
|
||||
return operationTime;
|
||||
}
|
||||
|
||||
public void setOperationTime(LocalDateTime operationTime) {
|
||||
this.operationTime = operationTime;
|
||||
}
|
||||
|
||||
public String getBeforeData() {
|
||||
return beforeData;
|
||||
}
|
||||
|
||||
public void setBeforeData(String beforeData) {
|
||||
this.beforeData = beforeData;
|
||||
}
|
||||
|
||||
public String getAfterData() {
|
||||
return afterData;
|
||||
}
|
||||
|
||||
public void setAfterData(String afterData) {
|
||||
this.afterData = afterData;
|
||||
}
|
||||
|
||||
public String[] getChangedFields() {
|
||||
return changedFields;
|
||||
}
|
||||
|
||||
public void setChangedFields(String[] changedFields) {
|
||||
this.changedFields = changedFields;
|
||||
}
|
||||
|
||||
public String getIpAddress() {
|
||||
return ipAddress;
|
||||
}
|
||||
|
||||
public void setIpAddress(String ipAddress) {
|
||||
this.ipAddress = ipAddress;
|
||||
}
|
||||
|
||||
public String getUserAgent() {
|
||||
return userAgent;
|
||||
}
|
||||
|
||||
public void setUserAgent(String userAgent) {
|
||||
this.userAgent = userAgent;
|
||||
}
|
||||
|
||||
public String getDescription() {
|
||||
return description;
|
||||
}
|
||||
|
||||
public void setDescription(String description) {
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
public LocalDateTime getCreatedAt() {
|
||||
return createdAt;
|
||||
}
|
||||
|
||||
public void setCreatedAt(LocalDateTime createdAt) {
|
||||
this.createdAt = createdAt;
|
||||
}
|
||||
}
|
||||
+187
@@ -0,0 +1,187 @@
|
||||
package cn.novalon.manage.sys.audit.domain;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import org.springframework.data.annotation.Id;
|
||||
import org.springframework.data.relational.core.mapping.Column;
|
||||
import org.springframework.data.relational.core.mapping.Table;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志归档实体
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Table("audit_log_archive")
|
||||
@Schema(description = "审计日志归档实体")
|
||||
public class AuditLogArchive {
|
||||
|
||||
@Id
|
||||
@Schema(description = "主键ID")
|
||||
private Long id;
|
||||
|
||||
@Column("entity_type")
|
||||
@Schema(description = "实体类型(如User, Role等)", example = "User")
|
||||
private String entityType;
|
||||
|
||||
@Column("entity_id")
|
||||
@Schema(description = "实体ID", example = "1")
|
||||
private Long entityId;
|
||||
|
||||
@Column("operation_type")
|
||||
@Schema(description = "操作类型(CREATE, UPDATE, DELETE)", example = "UPDATE")
|
||||
private String operationType;
|
||||
|
||||
@Column("operator")
|
||||
@Schema(description = "操作人", example = "admin")
|
||||
private String operator;
|
||||
|
||||
@Column("operation_time")
|
||||
@Schema(description = "操作时间")
|
||||
private LocalDateTime operationTime;
|
||||
|
||||
@Column("before_data")
|
||||
@Schema(description = "变更前数据(JSON格式)")
|
||||
private String beforeData;
|
||||
|
||||
@Column("after_data")
|
||||
@Schema(description = "变更后数据(JSON格式)")
|
||||
private String afterData;
|
||||
|
||||
@Column("changed_fields")
|
||||
@Schema(description = "变更字段列表")
|
||||
private String[] changedFields;
|
||||
|
||||
@Column("ip_address")
|
||||
@Schema(description = "IP地址", example = "192.168.1.100")
|
||||
private String ipAddress;
|
||||
|
||||
@Column("user_agent")
|
||||
@Schema(description = "用户代理")
|
||||
private String userAgent;
|
||||
|
||||
@Column("description")
|
||||
@Schema(description = "操作描述", example = "更新用户信息")
|
||||
private String description;
|
||||
|
||||
@Column("created_at")
|
||||
@Schema(description = "记录创建时间")
|
||||
private LocalDateTime createdAt;
|
||||
|
||||
@Column("archived_at")
|
||||
@Schema(description = "归档时间")
|
||||
private LocalDateTime archivedAt;
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getEntityType() {
|
||||
return entityType;
|
||||
}
|
||||
|
||||
public void setEntityType(String entityType) {
|
||||
this.entityType = entityType;
|
||||
}
|
||||
|
||||
public Long getEntityId() {
|
||||
return entityId;
|
||||
}
|
||||
|
||||
public void setEntityId(Long entityId) {
|
||||
this.entityId = entityId;
|
||||
}
|
||||
|
||||
public String getOperationType() {
|
||||
return operationType;
|
||||
}
|
||||
|
||||
public void setOperationType(String operationType) {
|
||||
this.operationType = operationType;
|
||||
}
|
||||
|
||||
public String getOperator() {
|
||||
return operator;
|
||||
}
|
||||
|
||||
public void setOperator(String operator) {
|
||||
this.operator = operator;
|
||||
}
|
||||
|
||||
public LocalDateTime getOperationTime() {
|
||||
return operationTime;
|
||||
}
|
||||
|
||||
public void setOperationTime(LocalDateTime operationTime) {
|
||||
this.operationTime = operationTime;
|
||||
}
|
||||
|
||||
public String getBeforeData() {
|
||||
return beforeData;
|
||||
}
|
||||
|
||||
public void setBeforeData(String beforeData) {
|
||||
this.beforeData = beforeData;
|
||||
}
|
||||
|
||||
public String getAfterData() {
|
||||
return afterData;
|
||||
}
|
||||
|
||||
public void setAfterData(String afterData) {
|
||||
this.afterData = afterData;
|
||||
}
|
||||
|
||||
public String[] getChangedFields() {
|
||||
return changedFields;
|
||||
}
|
||||
|
||||
public void setChangedFields(String[] changedFields) {
|
||||
this.changedFields = changedFields;
|
||||
}
|
||||
|
||||
public String getIpAddress() {
|
||||
return ipAddress;
|
||||
}
|
||||
|
||||
public void setIpAddress(String ipAddress) {
|
||||
this.ipAddress = ipAddress;
|
||||
}
|
||||
|
||||
public String getUserAgent() {
|
||||
return userAgent;
|
||||
}
|
||||
|
||||
public void setUserAgent(String userAgent) {
|
||||
this.userAgent = userAgent;
|
||||
}
|
||||
|
||||
public String getDescription() {
|
||||
return description;
|
||||
}
|
||||
|
||||
public void setDescription(String description) {
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
public LocalDateTime getCreatedAt() {
|
||||
return createdAt;
|
||||
}
|
||||
|
||||
public void setCreatedAt(LocalDateTime createdAt) {
|
||||
this.createdAt = createdAt;
|
||||
}
|
||||
|
||||
public LocalDateTime getArchivedAt() {
|
||||
return archivedAt;
|
||||
}
|
||||
|
||||
public void setArchivedAt(LocalDateTime archivedAt) {
|
||||
this.archivedAt = archivedAt;
|
||||
}
|
||||
}
|
||||
+103
@@ -0,0 +1,103 @@
|
||||
package cn.novalon.manage.sys.audit.dto;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志查询请求
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Schema(description = "审计日志查询请求")
|
||||
public class AuditLogQueryRequest {
|
||||
|
||||
@Schema(description = "实体类型", example = "User")
|
||||
private String entityType;
|
||||
|
||||
@Schema(description = "实体ID", example = "1")
|
||||
private Long entityId;
|
||||
|
||||
@Schema(description = "操作类型", example = "UPDATE")
|
||||
private String operationType;
|
||||
|
||||
@Schema(description = "操作人", example = "admin")
|
||||
private String operator;
|
||||
|
||||
@Schema(description = "开始时间")
|
||||
private LocalDateTime startTime;
|
||||
|
||||
@Schema(description = "结束时间")
|
||||
private LocalDateTime endTime;
|
||||
|
||||
@Schema(description = "页码", example = "1")
|
||||
private Integer page = 1;
|
||||
|
||||
@Schema(description = "每页大小", example = "20")
|
||||
private Integer size = 20;
|
||||
|
||||
public String getEntityType() {
|
||||
return entityType;
|
||||
}
|
||||
|
||||
public void setEntityType(String entityType) {
|
||||
this.entityType = entityType;
|
||||
}
|
||||
|
||||
public Long getEntityId() {
|
||||
return entityId;
|
||||
}
|
||||
|
||||
public void setEntityId(Long entityId) {
|
||||
this.entityId = entityId;
|
||||
}
|
||||
|
||||
public String getOperationType() {
|
||||
return operationType;
|
||||
}
|
||||
|
||||
public void setOperationType(String operationType) {
|
||||
this.operationType = operationType;
|
||||
}
|
||||
|
||||
public String getOperator() {
|
||||
return operator;
|
||||
}
|
||||
|
||||
public void setOperator(String operator) {
|
||||
this.operator = operator;
|
||||
}
|
||||
|
||||
public LocalDateTime getStartTime() {
|
||||
return startTime;
|
||||
}
|
||||
|
||||
public void setStartTime(LocalDateTime startTime) {
|
||||
this.startTime = startTime;
|
||||
}
|
||||
|
||||
public LocalDateTime getEndTime() {
|
||||
return endTime;
|
||||
}
|
||||
|
||||
public void setEndTime(LocalDateTime endTime) {
|
||||
this.endTime = endTime;
|
||||
}
|
||||
|
||||
public Integer getPage() {
|
||||
return page;
|
||||
}
|
||||
|
||||
public void setPage(Integer page) {
|
||||
this.page = page;
|
||||
}
|
||||
|
||||
public Integer getSize() {
|
||||
return size;
|
||||
}
|
||||
|
||||
public void setSize(Integer size) {
|
||||
this.size = size;
|
||||
}
|
||||
}
|
||||
+59
@@ -0,0 +1,59 @@
|
||||
package cn.novalon.manage.sys.audit.dto;
|
||||
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 审计日志统计信息
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Schema(description = "审计日志统计信息")
|
||||
public class AuditLogStatistics {
|
||||
|
||||
@Schema(description = "总记录数")
|
||||
private Long totalCount;
|
||||
|
||||
@Schema(description = "按实体类型统计")
|
||||
private Map<String, Long> countByEntityType;
|
||||
|
||||
@Schema(description = "按操作类型统计")
|
||||
private Map<String, Long> countByOperationType;
|
||||
|
||||
@Schema(description = "按操作人统计")
|
||||
private Map<String, Long> countByOperator;
|
||||
|
||||
public Long getTotalCount() {
|
||||
return totalCount;
|
||||
}
|
||||
|
||||
public void setTotalCount(Long totalCount) {
|
||||
this.totalCount = totalCount;
|
||||
}
|
||||
|
||||
public Map<String, Long> getCountByEntityType() {
|
||||
return countByEntityType;
|
||||
}
|
||||
|
||||
public void setCountByEntityType(Map<String, Long> countByEntityType) {
|
||||
this.countByEntityType = countByEntityType;
|
||||
}
|
||||
|
||||
public Map<String, Long> getCountByOperationType() {
|
||||
return countByOperationType;
|
||||
}
|
||||
|
||||
public void setCountByOperationType(Map<String, Long> countByOperationType) {
|
||||
this.countByOperationType = countByOperationType;
|
||||
}
|
||||
|
||||
public Map<String, Long> getCountByOperator() {
|
||||
return countByOperator;
|
||||
}
|
||||
|
||||
public void setCountByOperator(Map<String, Long> countByOperator) {
|
||||
this.countByOperator = countByOperator;
|
||||
}
|
||||
}
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
package cn.novalon.manage.sys.audit.repository;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLogArchive;
|
||||
import org.springframework.data.r2dbc.repository.R2dbcRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志归档仓储接口
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Repository
|
||||
public interface AuditLogArchiveRepository extends R2dbcRepository<AuditLogArchive, Long> {
|
||||
|
||||
Flux<AuditLogArchive> findByEntityType(String entityType);
|
||||
|
||||
Flux<AuditLogArchive> findByEntityId(Long entityId);
|
||||
|
||||
Flux<AuditLogArchive> findByOperator(String operator);
|
||||
|
||||
Flux<AuditLogArchive> findByOperationTimeBetween(LocalDateTime startTime, LocalDateTime endTime);
|
||||
|
||||
Flux<AuditLogArchive> findByArchivedAtBetween(LocalDateTime startTime, LocalDateTime endTime);
|
||||
|
||||
Mono<Long> countByEntityType(String entityType);
|
||||
|
||||
Mono<Long> countByOperator(String operator);
|
||||
}
|
||||
+51
@@ -0,0 +1,51 @@
|
||||
package cn.novalon.manage.sys.audit.repository;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLog;
|
||||
import org.springframework.data.r2dbc.repository.R2dbcRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志仓储接口
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Repository
|
||||
public interface AuditLogRepository extends R2dbcRepository<AuditLog, Long> {
|
||||
|
||||
Flux<AuditLog> findByEntityType(String entityType);
|
||||
|
||||
Flux<AuditLog> findByEntityId(Long entityId);
|
||||
|
||||
Flux<AuditLog> findByEntityTypeAndEntityId(String entityType, Long entityId);
|
||||
|
||||
Flux<AuditLog> findByOperator(String operator);
|
||||
|
||||
Flux<AuditLog> findByOperationType(String operationType);
|
||||
|
||||
Flux<AuditLog> findByOperationTimeBetween(LocalDateTime startTime, LocalDateTime endTime);
|
||||
|
||||
Flux<AuditLog> findByEntityTypeAndOperationTimeBetween(
|
||||
String entityType,
|
||||
LocalDateTime startTime,
|
||||
LocalDateTime endTime
|
||||
);
|
||||
|
||||
Flux<AuditLog> findByOperatorAndOperationTimeBetween(
|
||||
String operator,
|
||||
LocalDateTime startTime,
|
||||
LocalDateTime endTime
|
||||
);
|
||||
|
||||
Mono<Long> countByEntityType(String entityType);
|
||||
|
||||
Mono<Long> countByOperationType(String operationType);
|
||||
|
||||
Mono<Long> countByOperator(String operator);
|
||||
|
||||
Mono<Long> countByOperationTimeBetween(LocalDateTime startTime, LocalDateTime endTime);
|
||||
}
|
||||
+42
@@ -0,0 +1,42 @@
|
||||
package cn.novalon.manage.sys.audit.scheduler;
|
||||
|
||||
import cn.novalon.manage.sys.audit.service.AuditLogArchiveService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.scheduling.annotation.Scheduled;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 审计日志归档定时任务
|
||||
*
|
||||
* 文件定义:定时执行审计日志归档任务
|
||||
* 涉及业务:定期将历史审计日志移动到归档表
|
||||
* 算法:使用Spring Scheduler定时执行归档任务
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Component
|
||||
public class AuditLogArchiveScheduler {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(AuditLogArchiveScheduler.class);
|
||||
|
||||
private final AuditLogArchiveService auditLogArchiveService;
|
||||
|
||||
public AuditLogArchiveScheduler(AuditLogArchiveService auditLogArchiveService) {
|
||||
this.auditLogArchiveService = auditLogArchiveService;
|
||||
}
|
||||
|
||||
@Scheduled(cron = "0 0 2 * * ?")
|
||||
public void archiveOldLogs() {
|
||||
logger.info("开始执行审计日志归档定时任务");
|
||||
|
||||
int daysToKeep = 30;
|
||||
|
||||
auditLogArchiveService.archiveOldLogs(daysToKeep)
|
||||
.subscribe(
|
||||
count -> logger.info("审计日志归档定时任务完成,共归档 {} 条记录", count),
|
||||
error -> logger.error("审计日志归档定时任务失败: {}", error.getMessage())
|
||||
);
|
||||
}
|
||||
}
|
||||
+95
@@ -0,0 +1,95 @@
|
||||
package cn.novalon.manage.sys.audit.service;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLog;
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLogArchive;
|
||||
import cn.novalon.manage.sys.audit.repository.AuditLogArchiveRepository;
|
||||
import cn.novalon.manage.sys.audit.repository.AuditLogRepository;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
|
||||
/**
|
||||
* 审计日志归档服务
|
||||
*
|
||||
* 文件定义:封装审计日志归档的业务逻辑
|
||||
* 涉及业务:审计日志的归档、查询、清理等操作
|
||||
* 算法:定期将历史审计日志移动到归档表
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Service
|
||||
public class AuditLogArchiveService {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(AuditLogArchiveService.class);
|
||||
|
||||
private final AuditLogRepository auditLogRepository;
|
||||
private final AuditLogArchiveRepository auditLogArchiveRepository;
|
||||
|
||||
public AuditLogArchiveService(AuditLogRepository auditLogRepository,
|
||||
AuditLogArchiveRepository auditLogArchiveRepository) {
|
||||
this.auditLogRepository = auditLogRepository;
|
||||
this.auditLogArchiveRepository = auditLogArchiveRepository;
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public Mono<Long> archiveOldLogs(int daysToKeep) {
|
||||
LocalDateTime archiveBefore = LocalDateTime.now().minusDays(daysToKeep);
|
||||
|
||||
logger.info("开始归档审计日志,归档时间点: {}", archiveBefore);
|
||||
|
||||
return auditLogRepository.findByOperationTimeBetween(
|
||||
LocalDateTime.MIN,
|
||||
archiveBefore
|
||||
)
|
||||
.flatMap(this::archiveLog)
|
||||
.count()
|
||||
.doOnSuccess(count -> logger.info("审计日志归档完成,共归档 {} 条记录", count))
|
||||
.doOnError(error -> logger.error("审计日志归档失败: {}", error.getMessage()));
|
||||
}
|
||||
|
||||
private Mono<Void> archiveLog(AuditLog auditLog) {
|
||||
AuditLogArchive archive = new AuditLogArchive();
|
||||
archive.setEntityType(auditLog.getEntityType());
|
||||
archive.setEntityId(auditLog.getEntityId());
|
||||
archive.setOperationType(auditLog.getOperationType());
|
||||
archive.setOperator(auditLog.getOperator());
|
||||
archive.setOperationTime(auditLog.getOperationTime());
|
||||
archive.setBeforeData(auditLog.getBeforeData());
|
||||
archive.setAfterData(auditLog.getAfterData());
|
||||
archive.setChangedFields(auditLog.getChangedFields());
|
||||
archive.setIpAddress(auditLog.getIpAddress());
|
||||
archive.setUserAgent(auditLog.getUserAgent());
|
||||
archive.setDescription(auditLog.getDescription());
|
||||
archive.setCreatedAt(auditLog.getCreatedAt());
|
||||
archive.setArchivedAt(LocalDateTime.now());
|
||||
|
||||
return auditLogArchiveRepository.save(archive)
|
||||
.flatMap(savedArchive -> auditLogRepository.deleteById(auditLog.getId()))
|
||||
.doOnSuccess(v -> logger.debug("归档审计日志成功: ID={}", auditLog.getId()))
|
||||
.doOnError(error -> logger.error("归档审计日志失败: ID={}, 错误: {}",
|
||||
auditLog.getId(), error.getMessage()))
|
||||
.then();
|
||||
}
|
||||
|
||||
public Flux<AuditLogArchive> findArchivedLogs(String entityType, LocalDateTime startTime, LocalDateTime endTime) {
|
||||
if (entityType != null) {
|
||||
return auditLogArchiveRepository.findByEntityType(entityType);
|
||||
} else if (startTime != null && endTime != null) {
|
||||
return auditLogArchiveRepository.findByArchivedAtBetween(startTime, endTime);
|
||||
}
|
||||
return Flux.empty();
|
||||
}
|
||||
|
||||
public Mono<Long> countArchivedLogs(String entityType) {
|
||||
if (entityType != null) {
|
||||
return auditLogArchiveRepository.countByEntityType(entityType);
|
||||
}
|
||||
return auditLogArchiveRepository.count();
|
||||
}
|
||||
}
|
||||
+93
@@ -0,0 +1,93 @@
|
||||
package cn.novalon.manage.sys.audit.service;
|
||||
|
||||
import cn.novalon.manage.sys.audit.domain.AuditLog;
|
||||
import cn.novalon.manage.sys.audit.repository.AuditLogRepository;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.scheduling.annotation.Async;
|
||||
import org.springframework.stereotype.Service;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
import reactor.core.scheduler.Schedulers;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.concurrent.Executor;
|
||||
|
||||
/**
|
||||
* 审计日志服务
|
||||
*
|
||||
* 文件定义:封装审计日志的业务逻辑
|
||||
* 涉及业务:审计日志的保存、查询、统计等操作
|
||||
* 算法:使用异步线程池处理审计日志,不阻塞主流程
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Service
|
||||
public class AuditLogService {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(AuditLogService.class);
|
||||
|
||||
private final AuditLogRepository auditLogRepository;
|
||||
private final Executor auditLogExecutor;
|
||||
|
||||
public AuditLogService(AuditLogRepository auditLogRepository,
|
||||
Executor auditLogExecutor) {
|
||||
this.auditLogRepository = auditLogRepository;
|
||||
this.auditLogExecutor = auditLogExecutor;
|
||||
}
|
||||
|
||||
@Async("auditLogExecutor")
|
||||
public Mono<AuditLog> saveAsync(AuditLog auditLog) {
|
||||
logger.debug("异步保存审计日志: {} - {}", auditLog.getEntityType(), auditLog.getOperationType());
|
||||
|
||||
return auditLogRepository.save(auditLog)
|
||||
.doOnSuccess(saved -> logger.debug("审计日志保存成功: ID={}", saved.getId()))
|
||||
.doOnError(error -> logger.error("审计日志保存失败: {}", error.getMessage()))
|
||||
.subscribeOn(Schedulers.fromExecutor(auditLogExecutor));
|
||||
}
|
||||
|
||||
public Mono<AuditLog> findById(Long id) {
|
||||
return auditLogRepository.findById(id);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByEntityType(String entityType) {
|
||||
return auditLogRepository.findByEntityType(entityType);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByEntityId(Long entityId) {
|
||||
return auditLogRepository.findByEntityId(entityId);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByOperator(String operator) {
|
||||
return auditLogRepository.findByOperator(operator);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByOperationType(String operationType) {
|
||||
return auditLogRepository.findByOperationType(operationType);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByOperationTimeBetween(LocalDateTime startTime, LocalDateTime endTime) {
|
||||
return auditLogRepository.findByOperationTimeBetween(startTime, endTime);
|
||||
}
|
||||
|
||||
public Flux<AuditLog> findByEntityTypeAndEntityId(String entityType, Long entityId) {
|
||||
return auditLogRepository.findByEntityTypeAndEntityId(entityType, entityId);
|
||||
}
|
||||
|
||||
public Mono<Long> countByEntityType(String entityType) {
|
||||
return auditLogRepository.countByEntityType(entityType);
|
||||
}
|
||||
|
||||
public Mono<Long> countByOperationType(String operationType) {
|
||||
return auditLogRepository.countByOperationType(operationType);
|
||||
}
|
||||
|
||||
public Mono<Long> countByOperator(String operator) {
|
||||
return auditLogRepository.countByOperator(operator);
|
||||
}
|
||||
|
||||
public Mono<Long> countByOperationTimeBetween(LocalDateTime startTime, LocalDateTime endTime) {
|
||||
return auditLogRepository.countByOperationTimeBetween(startTime, endTime);
|
||||
}
|
||||
}
|
||||
+67
@@ -0,0 +1,67 @@
|
||||
package cn.novalon.manage.sys.config;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.aop.interceptor.AsyncUncaughtExceptionHandler;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.scheduling.annotation.AsyncConfigurer;
|
||||
import org.springframework.scheduling.annotation.EnableAsync;
|
||||
import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
|
||||
|
||||
import java.util.concurrent.Executor;
|
||||
import java.util.concurrent.ThreadPoolExecutor;
|
||||
|
||||
/**
|
||||
* 异步配置类
|
||||
*
|
||||
* 文件定义:配置异步线程池,用于审计日志等异步处理
|
||||
* 涉及业务:提供统一的异步处理能力
|
||||
* 算法:使用ThreadPoolTaskExecutor管理线程池
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Configuration
|
||||
@EnableAsync
|
||||
public class AsyncConfig implements AsyncConfigurer {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(AsyncConfig.class);
|
||||
|
||||
@Bean(name = "auditLogExecutor")
|
||||
@Override
|
||||
public Executor getAsyncExecutor() {
|
||||
ThreadPoolTaskExecutor executor = new ThreadPoolTaskExecutor();
|
||||
|
||||
executor.setCorePoolSize(5);
|
||||
executor.setMaxPoolSize(10);
|
||||
executor.setQueueCapacity(100);
|
||||
executor.setKeepAliveSeconds(60);
|
||||
executor.setThreadNamePrefix("audit-log-");
|
||||
|
||||
executor.setRejectedExecutionHandler((r, exec) -> {
|
||||
logger.warn("审计日志线程池已满,任务被拒绝,将降级为同步处理");
|
||||
if (!exec.isShutdown()) {
|
||||
r.run();
|
||||
}
|
||||
});
|
||||
|
||||
executor.setWaitForTasksToCompleteOnShutdown(true);
|
||||
executor.setAwaitTerminationSeconds(60);
|
||||
|
||||
executor.initialize();
|
||||
|
||||
logger.info("审计日志异步线程池初始化完成: corePoolSize={}, maxPoolSize={}, queueCapacity={}",
|
||||
executor.getCorePoolSize(), executor.getMaxPoolSize(), executor.getQueueCapacity());
|
||||
|
||||
return executor;
|
||||
}
|
||||
|
||||
@Override
|
||||
public AsyncUncaughtExceptionHandler getAsyncUncaughtExceptionHandler() {
|
||||
return (throwable, method, params) -> {
|
||||
logger.error("异步任务执行异常 - 方法: {}, 参数: {}, 异常: {}",
|
||||
method.getName(), params, throwable.getMessage(), throwable);
|
||||
};
|
||||
}
|
||||
}
|
||||
+34
@@ -0,0 +1,34 @@
|
||||
package cn.novalon.manage.sys.config;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.domain.ReactiveAuditorAware;
|
||||
import org.springframework.data.r2dbc.config.EnableR2dbcAuditing;
|
||||
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* R2DBC审计配置类
|
||||
*
|
||||
* 文件定义:启用Spring Data R2DBC的审计功能,自动填充创建人、修改人等字段
|
||||
* 涉及业务:用户操作审计、数据变更追踪
|
||||
* 算法:使用ReactiveSecurityContextHolder获取当前认证用户
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-04-01
|
||||
*/
|
||||
@Configuration
|
||||
@EnableR2dbcAuditing(auditorAwareRef = "reactiveAuditorAware")
|
||||
public class AuditingConfig {
|
||||
|
||||
@Bean
|
||||
public ReactiveAuditorAware<String> reactiveAuditorAware() {
|
||||
return () -> ReactiveSecurityContextHolder.getContext()
|
||||
.map(securityContext -> securityContext.getAuthentication())
|
||||
.map(authentication -> {
|
||||
Object principal = authentication.getPrincipal();
|
||||
return principal instanceof String ? (String) principal : "system";
|
||||
})
|
||||
.defaultIfEmpty("system");
|
||||
}
|
||||
}
|
||||
+20
-24
@@ -33,41 +33,37 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
|
||||
String[] activeProfiles = environment.getActiveProfiles();
|
||||
boolean isDevOrTest = false;
|
||||
final boolean isDevOrTest;
|
||||
|
||||
for (String profile : activeProfiles) {
|
||||
if ("dev".equals(profile) || "test".equals(profile)) {
|
||||
isDevOrTest = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
isDevOrTest = java.util.Arrays.stream(activeProfiles)
|
||||
.anyMatch(profile -> "dev".equals(profile) || "test".equals(profile));
|
||||
|
||||
logger.info("SecurityConfig初始化: 当前环境={}, Swagger启用状态={}",
|
||||
activeProfiles.length > 0 ? String.join(",", activeProfiles) : "default", isDevOrTest);
|
||||
|
||||
ServerHttpSecurity.AuthorizeExchangeSpec exchanges = http
|
||||
http
|
||||
.csrf(ServerHttpSecurity.CsrfSpec::disable)
|
||||
.httpBasic(ServerHttpSecurity.HttpBasicSpec::disable)
|
||||
.formLogin(ServerHttpSecurity.FormLoginSpec::disable)
|
||||
.addFilterBefore(jwtAuthenticationFilter, SecurityWebFiltersOrder.AUTHENTICATION)
|
||||
.authorizeExchange();
|
||||
.authorizeExchange(spec -> {
|
||||
spec.pathMatchers("/api/auth/**").permitAll()
|
||||
.pathMatchers("/api/public/**").permitAll()
|
||||
.pathMatchers("/ws/**").permitAll()
|
||||
.pathMatchers("/actuator/**").permitAll();
|
||||
|
||||
exchanges.pathMatchers("/api/auth/**").permitAll()
|
||||
.pathMatchers("/api/public/**").permitAll()
|
||||
.pathMatchers("/ws/**").permitAll()
|
||||
.pathMatchers("/actuator/**").permitAll();
|
||||
if (isDevOrTest) {
|
||||
spec.pathMatchers("/swagger-ui.html").permitAll()
|
||||
.pathMatchers("/swagger-ui/**").permitAll()
|
||||
.pathMatchers("/api-docs/**").permitAll()
|
||||
.pathMatchers("/v3/api-docs/**").permitAll()
|
||||
.pathMatchers("/swagger-resources/**").permitAll()
|
||||
.pathMatchers("/webjars/**").permitAll();
|
||||
logger.info("SecurityConfig: Swagger路径已放行");
|
||||
}
|
||||
|
||||
if (isDevOrTest) {
|
||||
exchanges.pathMatchers("/swagger-ui.html").permitAll()
|
||||
.pathMatchers("/swagger-ui/**").permitAll()
|
||||
.pathMatchers("/api-docs/**").permitAll()
|
||||
.pathMatchers("/v3/api-docs/**").permitAll()
|
||||
.pathMatchers("/swagger-resources/**").permitAll()
|
||||
.pathMatchers("/webjars/**").permitAll();
|
||||
logger.info("SecurityConfig: Swagger路径已放行");
|
||||
}
|
||||
|
||||
exchanges.anyExchange().authenticated();
|
||||
spec.anyExchange().authenticated();
|
||||
});
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
+6
@@ -3,6 +3,8 @@ package cn.novalon.manage.sys.core.service.impl;
|
||||
import cn.novalon.manage.sys.core.domain.SysConfig;
|
||||
import cn.novalon.manage.sys.core.repository.ISysConfigRepository;
|
||||
import cn.novalon.manage.sys.core.service.ISysConfigService;
|
||||
import org.springframework.cache.annotation.CacheEvict;
|
||||
import org.springframework.cache.annotation.Cacheable;
|
||||
import org.springframework.stereotype.Service;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
@@ -28,21 +30,25 @@ public class SysConfigService implements ISysConfigService {
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable(value = "sysConfig", key = "#id")
|
||||
public Mono<SysConfig> findById(Long id) {
|
||||
return repository.findById(id);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Cacheable(value = "sysConfig", key = "#configKey")
|
||||
public Mono<SysConfig> findByConfigKey(String configKey) {
|
||||
return repository.findByConfigKeyAndDeletedAtIsNull(configKey);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(value = "sysConfig", allEntries = true)
|
||||
public Mono<SysConfig> save(SysConfig config) {
|
||||
return repository.save(config);
|
||||
}
|
||||
|
||||
@Override
|
||||
@CacheEvict(value = "sysConfig", key = "#id")
|
||||
public Mono<Void> deleteById(Long id) {
|
||||
return repository.deleteByIdAndDeletedAtIsNull(id);
|
||||
}
|
||||
|
||||
+28
-3
@@ -4,13 +4,18 @@ import cn.novalon.manage.common.util.StatusConstants;
|
||||
import cn.novalon.manage.sys.core.domain.SysRole;
|
||||
import cn.novalon.manage.sys.core.query.SysRoleQuery;
|
||||
import cn.novalon.manage.sys.core.repository.ISysRoleRepository;
|
||||
import cn.novalon.manage.sys.core.repository.IUserRoleRepository;
|
||||
import cn.novalon.manage.sys.core.repository.ISysRolePermissionRepository;
|
||||
import cn.novalon.manage.sys.core.service.ISysRoleService;
|
||||
import cn.novalon.manage.sys.core.service.ISysUserService;
|
||||
import cn.novalon.manage.sys.core.command.CreateRoleCommand;
|
||||
import cn.novalon.manage.sys.core.command.UpdateRoleCommand;
|
||||
import cn.novalon.manage.common.dto.PageRequest;
|
||||
import cn.novalon.manage.common.dto.PageResponse;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@@ -25,12 +30,18 @@ import java.time.LocalDateTime;
|
||||
@Service
|
||||
public class SysRoleService implements ISysRoleService {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(SysRoleService.class);
|
||||
private final ISysRoleRepository roleRepository;
|
||||
private final ISysUserService userService;
|
||||
private final IUserRoleRepository userRoleRepository;
|
||||
private final ISysRolePermissionRepository rolePermissionRepository;
|
||||
|
||||
public SysRoleService(ISysRoleRepository roleRepository, ISysUserService userService) {
|
||||
public SysRoleService(ISysRoleRepository roleRepository, ISysUserService userService,
|
||||
IUserRoleRepository userRoleRepository, ISysRolePermissionRepository rolePermissionRepository) {
|
||||
this.roleRepository = roleRepository;
|
||||
this.userService = userService;
|
||||
this.userRoleRepository = userRoleRepository;
|
||||
this.rolePermissionRepository = rolePermissionRepository;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -108,11 +119,25 @@ public class SysRoleService implements ISysRoleService {
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Mono<Void> deleteRole(Long id) {
|
||||
logger.debug("开始删除角色,ID: {}", id);
|
||||
|
||||
return roleRepository.findById(id)
|
||||
.flatMap(role -> {
|
||||
return userService.updateRoleIdToNullByRoleId(id)
|
||||
.then(roleRepository.deleteById(id));
|
||||
logger.debug("找到角色,开始删除关联记录");
|
||||
return userRoleRepository.deleteByRoleId(id)
|
||||
.doOnSuccess(v -> logger.debug("成功删除用户角色关联记录"))
|
||||
.doOnError(e -> logger.error("删除用户角色关联记录失败", e))
|
||||
.then(rolePermissionRepository.deleteByRoleId(id))
|
||||
.doOnSuccess(v -> logger.debug("成功删除角色权限关联记录"))
|
||||
.doOnError(e -> logger.error("删除角色权限关联记录失败", e))
|
||||
.then(userService.updateRoleIdToNullByRoleId(id))
|
||||
.doOnSuccess(v -> logger.debug("成功更新用户角色ID为null"))
|
||||
.doOnError(e -> logger.error("更新用户角色ID失败", e))
|
||||
.then(roleRepository.deleteById(id))
|
||||
.doOnSuccess(v -> logger.debug("成功删除角色"))
|
||||
.doOnError(e -> logger.error("删除角色失败", e));
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
+39
-13
@@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@@ -55,6 +56,7 @@ public class SysUserService implements ISysUserService {
|
||||
logger.info("使用的密码编码器类型: {}", passwordEncoder.getClass().getName());
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
private static final BCryptPasswordEncoder directEncoder = new BCryptPasswordEncoder(12);
|
||||
|
||||
@Override
|
||||
@@ -99,7 +101,7 @@ public class SysUserService implements ISysUserService {
|
||||
if (user.getPassword() != null && !user.getPassword().startsWith("$2a$")
|
||||
&& !user.getPassword().startsWith("$2b$")) {
|
||||
logger.info("密码不以$2a$或$2b$开头,重新编码");
|
||||
user.setPassword(directEncoder.encode(user.getPassword()));
|
||||
user.setPassword(passwordEncoder.encode(user.getPassword()));
|
||||
logger.info("重新编码后的密码前缀: {}", user.getPassword().substring(0, 7));
|
||||
} else {
|
||||
logger.info("密码已编码,跳过重新编码");
|
||||
@@ -115,7 +117,7 @@ public class SysUserService implements ISysUserService {
|
||||
public Mono<SysUser> createUser(CreateUserCommand command) {
|
||||
SysUser user = new SysUser();
|
||||
user.setUsername(command.username().getValue());
|
||||
user.setPassword(directEncoder.encode(command.password().getValue()));
|
||||
user.setPassword(passwordEncoder.encode(command.password().getValue()));
|
||||
user.setEmail(command.email().getValue());
|
||||
user.setNickname(command.nickname());
|
||||
user.setPhone(command.phone());
|
||||
@@ -159,10 +161,21 @@ public class SysUserService implements ISysUserService {
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Mono<Void> deleteUser(Long id) {
|
||||
logger.debug("开始删除用户,ID: {}", id);
|
||||
|
||||
return userRepository.findById(id)
|
||||
.switchIfEmpty(Mono.error(new RuntimeException("User not found")))
|
||||
.flatMap(user -> userRepository.deleteById(id));
|
||||
.flatMap(user -> {
|
||||
logger.debug("找到用户,开始删除关联记录");
|
||||
return userRoleRepository.deleteByUserId(id)
|
||||
.doOnSuccess(v -> logger.debug("成功删除用户角色关联记录"))
|
||||
.doOnError(e -> logger.error("删除用户角色关联记录失败", e))
|
||||
.then(userRepository.deleteById(id))
|
||||
.doOnSuccess(v -> logger.debug("成功删除用户"))
|
||||
.doOnError(e -> logger.error("删除用户失败", e));
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -228,21 +241,34 @@ public class SysUserService implements ISysUserService {
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public Mono<Void> assignRolesToUser(Long userId, List<Long> roleIds) {
|
||||
logger.debug("开始为用户分配角色,用户ID: {}, 角色IDs: {}", userId, roleIds);
|
||||
|
||||
if (roleIds == null || roleIds.isEmpty()) {
|
||||
return userRoleRepository.deleteByUserId(userId);
|
||||
logger.debug("角色列表为空,删除用户的所有角色关联");
|
||||
return userRoleRepository.deleteByUserId(userId)
|
||||
.doOnSuccess(v -> logger.debug("成功删除用户的所有角色关联"))
|
||||
.doOnError(e -> logger.error("删除用户角色关联失败", e));
|
||||
}
|
||||
|
||||
return userRoleRepository.deleteByUserId(userId)
|
||||
.thenMany(Flux.fromIterable(roleIds))
|
||||
.flatMap(roleId -> {
|
||||
UserRole userRole = new UserRole();
|
||||
userRole.setUserId(userId);
|
||||
userRole.setRoleId(roleId);
|
||||
userRole.setCreatedAt(LocalDateTime.now());
|
||||
return userRoleRepository.save(userRole);
|
||||
})
|
||||
.then();
|
||||
.doOnSuccess(v -> logger.debug("成功删除用户的旧角色关联"))
|
||||
.doOnError(e -> logger.error("删除用户旧角色关联失败", e))
|
||||
.then(
|
||||
Flux.fromIterable(roleIds)
|
||||
.concatMap(roleId -> {
|
||||
logger.debug("为用户分配角色ID: {}", roleId);
|
||||
UserRole userRole = new UserRole();
|
||||
userRole.setUserId(userId);
|
||||
userRole.setRoleId(roleId);
|
||||
userRole.setCreatedAt(LocalDateTime.now());
|
||||
return userRoleRepository.save(userRole)
|
||||
.doOnSuccess(v -> logger.debug("成功保存用户角色关联"))
|
||||
.doOnError(e -> logger.error("保存用户角色关联失败", e));
|
||||
})
|
||||
.then()
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
+122
@@ -0,0 +1,122 @@
|
||||
package cn.novalon.manage.sys.core.util;
|
||||
|
||||
import cn.novalon.manage.sys.core.domain.SysConfig;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.web.reactive.function.server.ServerResponse;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* 系统配置验证工具类
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-03-31
|
||||
*/
|
||||
public class ValidationUtil {
|
||||
|
||||
// 配置键正则表达式:只允许字母、数字、下划线、点号,长度1-100
|
||||
private static final Pattern CONFIG_KEY_PATTERN = Pattern.compile("^[a-zA-Z0-9_.-]{1,100}$");
|
||||
|
||||
// 配置名称正则表达式:允许中文、字母、数字、下划线、空格,长度1-50
|
||||
private static final Pattern CONFIG_NAME_PATTERN = Pattern.compile("^[\\u4e00-\\u9fa5a-zA-Z0-9_\\\\.\\s]{1,50}$");
|
||||
|
||||
// 配置类型正则表达式:只允许字母、数字、下划线,长度1-20
|
||||
private static final Pattern CONFIG_TYPE_PATTERN = Pattern.compile("^[a-zA-Z0-9_]{1,20}$");
|
||||
|
||||
/**
|
||||
* 验证配置对象
|
||||
*/
|
||||
public static Mono<SysConfig> validateConfig(SysConfig config) {
|
||||
if (config == null) {
|
||||
return Mono.error(new IllegalArgumentException("配置对象不能为空"));
|
||||
}
|
||||
|
||||
// 验证配置键
|
||||
if (!isValidConfigKey(config.getConfigKey())) {
|
||||
return Mono.error(new IllegalArgumentException("配置键格式无效,只允许字母、数字、下划线、点号,长度1-100"));
|
||||
}
|
||||
|
||||
// 验证配置名称
|
||||
if (!isValidConfigName(config.getConfigName())) {
|
||||
return Mono.error(new IllegalArgumentException("配置名称格式无效,允许中文、字母、数字、下划线、空格,长度1-50"));
|
||||
}
|
||||
|
||||
// 验证配置类型
|
||||
if (config.getConfigType() != null && !isValidConfigType(config.getConfigType())) {
|
||||
return Mono.error(new IllegalArgumentException("配置类型格式无效,只允许字母、数字、下划线,长度1-20"));
|
||||
}
|
||||
|
||||
// 验证配置值长度
|
||||
if (config.getConfigValue() != null && config.getConfigValue().length() > 5000) {
|
||||
return Mono.error(new IllegalArgumentException("配置值长度不能超过5000个字符"));
|
||||
}
|
||||
|
||||
return Mono.just(config);
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证配置键
|
||||
*/
|
||||
public static boolean isValidConfigKey(String configKey) {
|
||||
return configKey != null && CONFIG_KEY_PATTERN.matcher(configKey).matches();
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证配置名称
|
||||
*/
|
||||
public static boolean isValidConfigName(String configName) {
|
||||
return configName != null && CONFIG_NAME_PATTERN.matcher(configName).matches();
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证配置类型
|
||||
*/
|
||||
public static boolean isValidConfigType(String configType) {
|
||||
return configType == null || CONFIG_TYPE_PATTERN.matcher(configType).matches();
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证ID参数
|
||||
*/
|
||||
public static Mono<Long> validateId(String idStr) {
|
||||
try {
|
||||
Long id = Long.valueOf(idStr);
|
||||
if (id <= 0) {
|
||||
return Mono.error(new IllegalArgumentException("ID必须大于0"));
|
||||
}
|
||||
return Mono.just(id);
|
||||
} catch (NumberFormatException e) {
|
||||
return Mono.error(new IllegalArgumentException("ID格式无效"));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建错误响应
|
||||
*/
|
||||
public static Mono<ServerResponse> createErrorResponse(String message) {
|
||||
return ServerResponse.status(HttpStatus.BAD_REQUEST)
|
||||
.bodyValue(new ErrorResponse(message));
|
||||
}
|
||||
|
||||
/**
|
||||
* 错误响应对象
|
||||
*/
|
||||
public static class ErrorResponse {
|
||||
private final String message;
|
||||
private final long timestamp;
|
||||
|
||||
public ErrorResponse(String message) {
|
||||
this.message = message;
|
||||
this.timestamp = System.currentTimeMillis();
|
||||
}
|
||||
|
||||
public String getMessage() {
|
||||
return message;
|
||||
}
|
||||
|
||||
public long getTimestamp() {
|
||||
return timestamp;
|
||||
}
|
||||
}
|
||||
}
|
||||
+61
-57
@@ -6,7 +6,6 @@ import cn.novalon.manage.sys.dto.response.AuthResponse;
|
||||
import cn.novalon.manage.sys.security.JwtTokenProvider;
|
||||
import cn.novalon.manage.sys.core.domain.SysUser;
|
||||
import cn.novalon.manage.sys.core.domain.SysLoginLog;
|
||||
import cn.novalon.manage.sys.core.repository.ISysUserRepository;
|
||||
import cn.novalon.manage.sys.core.service.ISysUserService;
|
||||
import cn.novalon.manage.sys.core.service.ISysLoginLogService;
|
||||
import cn.novalon.manage.sys.util.UserAgentParser;
|
||||
@@ -48,8 +47,6 @@ public class SysAuthHandler {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(SysAuthHandler.class);
|
||||
private final ISysUserService userService;
|
||||
private final ISysUserRepository userRepository;
|
||||
@SuppressWarnings("unused")
|
||||
private final PasswordEncoder passwordEncoder;
|
||||
private final JwtTokenProvider jwtTokenProvider;
|
||||
private final ISysLoginLogService loginLogService;
|
||||
@@ -60,12 +57,11 @@ public class SysAuthHandler {
|
||||
private static final BCryptPasswordEncoder directEncoder10 = new BCryptPasswordEncoder(10);
|
||||
private static final BCryptPasswordEncoder directEncoder12 = new BCryptPasswordEncoder(12);
|
||||
|
||||
public SysAuthHandler(ISysUserService userService, ISysUserRepository userRepository,
|
||||
public SysAuthHandler(ISysUserService userService,
|
||||
@Qualifier("passwordEncoder") PasswordEncoder passwordEncoder,
|
||||
JwtTokenProvider jwtTokenProvider, ISysLoginLogService loginLogService,
|
||||
UserAgentParser userAgentParser, IpLocationParser ipLocationParser) {
|
||||
this.userService = userService;
|
||||
this.userRepository = userRepository;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
this.jwtTokenProvider = jwtTokenProvider;
|
||||
this.loginLogService = loginLogService;
|
||||
@@ -99,22 +95,14 @@ public class SysAuthHandler {
|
||||
String userAgent = request.headers().firstHeader("User-Agent");
|
||||
return userService.findByUsername(loginRequest.getUsername())
|
||||
.flatMap(user -> {
|
||||
// 尝试使用不同的编码器验证密码
|
||||
boolean passwordMatches = false;
|
||||
|
||||
// 首先尝试使用 strength=12 的编码器
|
||||
if (directEncoder12.matches(loginRequest.getPassword(),
|
||||
user.getPassword())) {
|
||||
passwordMatches = true;
|
||||
logger.info("密码验证成功: 使用strength=12编码器");
|
||||
}
|
||||
|
||||
// 如果失败,尝试使用 strength=10 的编码器
|
||||
if (!passwordMatches && directEncoder10.matches(
|
||||
// 使用注入的密码编码器验证密码
|
||||
boolean passwordMatches = passwordEncoder.matches(
|
||||
loginRequest.getPassword(),
|
||||
user.getPassword())) {
|
||||
passwordMatches = true;
|
||||
logger.info("密码验证成功: 使用strength=10编码器");
|
||||
user.getPassword());
|
||||
|
||||
if (passwordMatches) {
|
||||
logger.info("密码验证成功: username={}",
|
||||
loginRequest.getUsername());
|
||||
}
|
||||
|
||||
if (!passwordMatches) {
|
||||
@@ -136,21 +124,32 @@ public class SysAuthHandler {
|
||||
return Mono.error(new RuntimeException(
|
||||
"用户名或密码错误"));
|
||||
}
|
||||
|
||||
|
||||
return userService.getUserRoles(user.getId())
|
||||
.map(role -> role.getRoleKey())
|
||||
.collectList()
|
||||
.flatMap(roleKeys -> {
|
||||
String token = jwtTokenProvider.generateToken(
|
||||
user.getUsername(), user.getId(), roleKeys);
|
||||
logger.info("用户登录成功: username={}, userId={}, roles={}",
|
||||
user.getUsername(), user.getId(), roleKeys);
|
||||
recordLoginLog(loginRequest.getUsername(), clientIp,
|
||||
"0", "登录成功", userAgent);
|
||||
AuthResponse response = new AuthResponse(token,
|
||||
user.getId(), user.getUsername());
|
||||
return ServerResponse.ok().bodyValue(response);
|
||||
});
|
||||
.map(role -> role.getRoleKey())
|
||||
.collectList()
|
||||
.flatMap(roleKeys -> {
|
||||
String token = jwtTokenProvider
|
||||
.generateToken(
|
||||
user.getUsername(),
|
||||
user.getId(),
|
||||
roleKeys);
|
||||
logger.info("用户登录成功: username={}, userId={}, roles={}",
|
||||
user.getUsername(),
|
||||
user.getId(),
|
||||
roleKeys);
|
||||
recordLoginLog(loginRequest
|
||||
.getUsername(),
|
||||
clientIp,
|
||||
"0", "登录成功",
|
||||
userAgent);
|
||||
AuthResponse response = new AuthResponse(
|
||||
token,
|
||||
user.getId(),
|
||||
user.getUsername());
|
||||
return ServerResponse.ok()
|
||||
.bodyValue(response);
|
||||
});
|
||||
})
|
||||
.switchIfEmpty(Mono.defer(() -> {
|
||||
logger.warn("用户登录失败: username={}, reason=用户不存在",
|
||||
@@ -242,18 +241,7 @@ public class SysAuthHandler {
|
||||
.flatMap(registerRequest -> {
|
||||
logger.info("用户注册请求: username={}, email={}",
|
||||
registerRequest.getUsername(), registerRequest.getEmail());
|
||||
SysUser user = new SysUser();
|
||||
user.setUsername(registerRequest.getUsername());
|
||||
String encodedPassword = directEncoder12.encode(registerRequest.getPassword());
|
||||
logger.info("密码编码结果: {} (前缀: {})",
|
||||
encodedPassword.substring(0, 10),
|
||||
encodedPassword.substring(0, 7));
|
||||
user.setPassword(encodedPassword);
|
||||
user.setEmail(registerRequest.getEmail());
|
||||
user.setCreatedAt(LocalDateTime.now());
|
||||
if (user.getStatus() == null) {
|
||||
user.setStatus(StatusConstants.ENABLED);
|
||||
}
|
||||
|
||||
return userService.findByUsername(registerRequest.getUsername())
|
||||
.flatMap(existing -> {
|
||||
logger.warn("用户注册失败: username={}, reason=用户名已存在",
|
||||
@@ -261,17 +249,33 @@ public class SysAuthHandler {
|
||||
return Mono.<ServerResponse>error(
|
||||
new RuntimeException("用户名已存在"));
|
||||
})
|
||||
.switchIfEmpty(userRepository.save(user)
|
||||
.flatMap(u -> {
|
||||
logger.info("用户注册成功: username={}, userId={}, password={}",
|
||||
u.getUsername(),
|
||||
u.getId(),
|
||||
u.getPassword().substring(
|
||||
0, 10));
|
||||
return ServerResponse
|
||||
.status(HttpStatus.CREATED)
|
||||
.bodyValue(u);
|
||||
}));
|
||||
.switchIfEmpty(Mono.defer(() -> {
|
||||
SysUser user = new SysUser();
|
||||
user.setUsername(registerRequest.getUsername());
|
||||
String encodedPassword = passwordEncoder
|
||||
.encode(registerRequest.getPassword());
|
||||
logger.info("密码编码结果: {} (前缀: {})",
|
||||
encodedPassword.substring(0, 10),
|
||||
encodedPassword.substring(0, 7));
|
||||
user.setPassword(encodedPassword);
|
||||
user.setEmail(registerRequest.getEmail());
|
||||
user.setCreatedAt(LocalDateTime.now());
|
||||
if (user.getStatus() == null) {
|
||||
user.setStatus(StatusConstants.ENABLED);
|
||||
}
|
||||
return userService.createUser(user)
|
||||
.flatMap(u -> {
|
||||
logger.info("用户注册成功: username={}, userId={}, password={}",
|
||||
u.getUsername(),
|
||||
u.getId(),
|
||||
u.getPassword().substring(
|
||||
0,
|
||||
10));
|
||||
return ServerResponse
|
||||
.status(HttpStatus.CREATED)
|
||||
.bodyValue(u);
|
||||
});
|
||||
}));
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
+27
-17
@@ -2,6 +2,7 @@ package cn.novalon.manage.sys.handler.config;
|
||||
|
||||
import cn.novalon.manage.sys.core.domain.SysConfig;
|
||||
import cn.novalon.manage.sys.core.service.ISysConfigService;
|
||||
import cn.novalon.manage.sys.core.util.ValidationUtil;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import org.springframework.http.HttpStatus;
|
||||
@@ -34,15 +35,19 @@ public class SysConfigHandler {
|
||||
|
||||
@Operation(summary = "根据ID获取配置", description = "根据配置ID获取配置详细信息")
|
||||
public Mono<ServerResponse> getConfigById(ServerRequest request) {
|
||||
Long id = Long.valueOf(request.pathVariable("id"));
|
||||
return configService.findById(id)
|
||||
return ValidationUtil.validateId(request.pathVariable("id"))
|
||||
.flatMap(configService::findById)
|
||||
.flatMap(config -> ServerResponse.ok().bodyValue(config))
|
||||
.switchIfEmpty(ServerResponse.notFound().build());
|
||||
.switchIfEmpty(ServerResponse.notFound().build())
|
||||
.onErrorResume(IllegalArgumentException.class, e -> ValidationUtil.createErrorResponse(e.getMessage()));
|
||||
}
|
||||
|
||||
@Operation(summary = "根据键获取配置", description = "根据配置键获取配置详细信息")
|
||||
public Mono<ServerResponse> getConfigByKey(ServerRequest request) {
|
||||
String configKey = request.pathVariable("configKey");
|
||||
if (!ValidationUtil.isValidConfigKey(configKey)) {
|
||||
return ValidationUtil.createErrorResponse("配置键格式无效");
|
||||
}
|
||||
return configService.findByConfigKey(configKey)
|
||||
.flatMap(config -> ServerResponse.ok().bodyValue(config))
|
||||
.switchIfEmpty(ServerResponse.notFound().build());
|
||||
@@ -51,29 +56,34 @@ public class SysConfigHandler {
|
||||
@Operation(summary = "创建配置", description = "创建新配置")
|
||||
public Mono<ServerResponse> createConfig(ServerRequest request) {
|
||||
return request.bodyToMono(SysConfig.class)
|
||||
.flatMap(ValidationUtil::validateConfig)
|
||||
.flatMap(configService::save)
|
||||
.flatMap(config -> ServerResponse.status(HttpStatus.CREATED).bodyValue(config));
|
||||
.flatMap(config -> ServerResponse.status(HttpStatus.CREATED).bodyValue(config))
|
||||
.onErrorResume(IllegalArgumentException.class, e -> ValidationUtil.createErrorResponse(e.getMessage()));
|
||||
}
|
||||
|
||||
@Operation(summary = "更新配置", description = "更新配置信息")
|
||||
public Mono<ServerResponse> updateConfig(ServerRequest request) {
|
||||
Long id = Long.valueOf(request.pathVariable("id"));
|
||||
return request.bodyToMono(SysConfig.class)
|
||||
.flatMap(config -> configService.findById(id)
|
||||
.flatMap(existing -> {
|
||||
existing.setConfigName(config.getConfigName());
|
||||
existing.setConfigValue(config.getConfigValue());
|
||||
existing.setConfigType(config.getConfigType());
|
||||
return configService.save(existing);
|
||||
}))
|
||||
return ValidationUtil.validateId(request.pathVariable("id"))
|
||||
.flatMap(id -> request.bodyToMono(SysConfig.class)
|
||||
.flatMap(ValidationUtil::validateConfig)
|
||||
.flatMap(config -> configService.findById(id)
|
||||
.flatMap(existing -> {
|
||||
existing.setConfigName(config.getConfigName());
|
||||
existing.setConfigValue(config.getConfigValue());
|
||||
existing.setConfigType(config.getConfigType());
|
||||
return configService.save(existing);
|
||||
})))
|
||||
.flatMap(updatedConfig -> ServerResponse.ok().bodyValue(updatedConfig))
|
||||
.switchIfEmpty(ServerResponse.notFound().build());
|
||||
.switchIfEmpty(ServerResponse.notFound().build())
|
||||
.onErrorResume(IllegalArgumentException.class, e -> ValidationUtil.createErrorResponse(e.getMessage()));
|
||||
}
|
||||
|
||||
@Operation(summary = "删除配置", description = "删除指定配置")
|
||||
public Mono<ServerResponse> deleteConfig(ServerRequest request) {
|
||||
Long id = Long.valueOf(request.pathVariable("id"));
|
||||
return configService.deleteById(id)
|
||||
.then(ServerResponse.noContent().build());
|
||||
return ValidationUtil.validateId(request.pathVariable("id"))
|
||||
.flatMap(id -> configService.deleteById(id)
|
||||
.then(ServerResponse.noContent().build()))
|
||||
.onErrorResume(IllegalArgumentException.class, e -> ValidationUtil.createErrorResponse(e.getMessage()));
|
||||
}
|
||||
}
|
||||
|
||||
+8
-2
@@ -11,6 +11,8 @@ import cn.novalon.manage.sys.core.command.UpdateUserCommand;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import jakarta.validation.Validator;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.reactive.function.server.ServerRequest;
|
||||
@@ -20,7 +22,6 @@ import reactor.core.publisher.Mono;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* 用户处理器
|
||||
@@ -36,6 +37,7 @@ import java.util.stream.Collectors;
|
||||
@Tag(name = "用户管理", description = "用户相关操作")
|
||||
public class SysUserHandler {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(SysUserHandler.class);
|
||||
private final ISysUserService userService;
|
||||
private final Validator validator;
|
||||
|
||||
@@ -244,7 +246,11 @@ public class SysUserHandler {
|
||||
return request.bodyToMono(new org.springframework.core.ParameterizedTypeReference<List<Long>>() {
|
||||
})
|
||||
.flatMap(roleIds -> userService.assignRolesToUser(id, roleIds))
|
||||
.then(ServerResponse.ok().build());
|
||||
.then(ServerResponse.ok().build())
|
||||
.onErrorResume(error -> {
|
||||
logger.error("分配角色失败", error);
|
||||
return ServerResponse.status(500).bodyValue("分配角色失败: " + error.getMessage());
|
||||
});
|
||||
}
|
||||
|
||||
@Operation(summary = "获取用户的角色", description = "根据用户ID获取该用户拥有的所有角色")
|
||||
|
||||
-137
@@ -1,137 +0,0 @@
|
||||
package cn.novalon.manage.sys.interceptor;
|
||||
|
||||
import cn.novalon.manage.sys.core.domain.OperationLog;
|
||||
import cn.novalon.manage.sys.core.service.IOperationLogService;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.server.ServerWebExchange;
|
||||
import org.springframework.web.server.WebFilter;
|
||||
import org.springframework.web.server.WebFilterChain;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 操作日志过滤器
|
||||
*
|
||||
* 文件定义:拦截HTTP请求,自动记录操作日志
|
||||
* 涉及业务:操作日志的自动记录和持久化
|
||||
* 算法:使用WebFlux的WebFilter机制拦截请求,异步记录日志
|
||||
*
|
||||
* @author 张翔
|
||||
* @date 2026-03-18
|
||||
*/
|
||||
@Component
|
||||
public class OperationLogFilter implements WebFilter {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(OperationLogFilter.class);
|
||||
|
||||
private final IOperationLogService logService;
|
||||
private final ObjectMapper objectMapper;
|
||||
|
||||
public OperationLogFilter(IOperationLogService logService, ObjectMapper objectMapper) {
|
||||
this.logService = logService;
|
||||
this.objectMapper = objectMapper;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
|
||||
long startTime = System.currentTimeMillis();
|
||||
ServerHttpRequest request = exchange.getRequest();
|
||||
|
||||
String path = request.getPath().value();
|
||||
String method = request.getMethod().name();
|
||||
String ip = getClientIp(request);
|
||||
|
||||
if (path.startsWith("/api/auth/")) {
|
||||
return chain.filter(exchange);
|
||||
}
|
||||
|
||||
return ReactiveSecurityContextHolder.getContext()
|
||||
.flatMap(securityContext -> {
|
||||
Object principal = securityContext.getAuthentication().getPrincipal();
|
||||
String username = principal instanceof String ? (String) principal : null;
|
||||
|
||||
return chain.filter(exchange)
|
||||
.doOnSuccess(v -> {
|
||||
long duration = System.currentTimeMillis() - startTime;
|
||||
recordLog(exchange, path, method, ip, duration, null, username);
|
||||
})
|
||||
.doOnError(error -> {
|
||||
long duration = System.currentTimeMillis() - startTime;
|
||||
recordLog(exchange, path, method, ip, duration, error.getMessage(), username);
|
||||
});
|
||||
})
|
||||
.switchIfEmpty(chain.filter(exchange)
|
||||
.doOnSuccess(v -> {
|
||||
long duration = System.currentTimeMillis() - startTime;
|
||||
recordLog(exchange, path, method, ip, duration, null, null);
|
||||
})
|
||||
.doOnError(error -> {
|
||||
long duration = System.currentTimeMillis() - startTime;
|
||||
recordLog(exchange, path, method, ip, duration, error.getMessage(), null);
|
||||
}));
|
||||
}
|
||||
|
||||
private void recordLog(ServerWebExchange exchange, String path, String method, String ip, long duration,
|
||||
String errorMsg, String username) {
|
||||
try {
|
||||
OperationLog log = new OperationLog();
|
||||
log.setOperation(path);
|
||||
log.setMethod(method);
|
||||
log.setIp(ip);
|
||||
log.setDuration(duration);
|
||||
log.setUsername(username);
|
||||
|
||||
if (errorMsg != null) {
|
||||
log.setStatus("1");
|
||||
log.setErrorMsg(errorMsg);
|
||||
log.setResult("Failed");
|
||||
} else {
|
||||
log.setStatus("0");
|
||||
log.setResult("Success");
|
||||
}
|
||||
|
||||
Map<String, String> queryParams = new LinkedHashMap<>(exchange.getRequest().getQueryParams().toSingleValueMap());
|
||||
String formattedParams;
|
||||
try {
|
||||
formattedParams = objectMapper.writeValueAsString(queryParams);
|
||||
} catch (Exception e) {
|
||||
formattedParams = queryParams.toString();
|
||||
}
|
||||
log.setParams(formattedParams);
|
||||
|
||||
logService.save(log)
|
||||
.doOnSuccess(saved -> logger.debug("操作日志记录成功: {}", log.getOperation()))
|
||||
.doOnError(error -> logger.error("操作日志记录失败: {}", error.getMessage()))
|
||||
.subscribe();
|
||||
} catch (Exception e) {
|
||||
logger.error("记录操作日志时发生异常: {}", e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
private String getClientIp(ServerHttpRequest request) {
|
||||
String ip = request.getHeaders().getFirst("X-Forwarded-For");
|
||||
if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
|
||||
ip = request.getHeaders().getFirst("X-Real-IP");
|
||||
}
|
||||
if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
|
||||
ip = request.getHeaders().getFirst("Proxy-Client-IP");
|
||||
}
|
||||
if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
|
||||
ip = request.getHeaders().getFirst("WL-Proxy-Client-IP");
|
||||
}
|
||||
if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
|
||||
ip = request.getRemoteAddress() != null ? request.getRemoteAddress().getAddress().getHostAddress() : "";
|
||||
}
|
||||
if (ip != null && ip.contains(",")) {
|
||||
ip = ip.split(",")[0].trim();
|
||||
}
|
||||
return ip;
|
||||
}
|
||||
}
|
||||
+1
-1
@@ -35,7 +35,7 @@ public class JwtAuthenticationFilter implements WebFilter {
|
||||
|
||||
if (token != null && jwtTokenProvider.validateToken(token)) {
|
||||
String username = jwtTokenProvider.getUsernameFromToken(token);
|
||||
Long userId = jwtTokenProvider.getUserIdFromToken(token);
|
||||
jwtTokenProvider.getUserIdFromToken(token);
|
||||
List<String> roles = jwtTokenProvider.getRolesFromToken(token);
|
||||
|
||||
List<SimpleGrantedAuthority> authorities = roles.stream()
|
||||
|
||||
Reference in New Issue
Block a user