From 2a6e3979e8a07cbc17041981a5c45e5f7261c537 Mon Sep 17 00:00:00 2001
From: DXC <duxingchen@iris-rs.cn>
Date: Tue, 19 May 2026 10:58:22 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E5=AE=A1=E8=AE=A1=E7=9B=91=E5=90=AC?=
 =?UTF-8?q?=E5=99=A8=E5=9C=A8=E9=9D=9E=20HTTP=20=E4=B8=8A=E4=B8=8B?=
 =?UTF-8?q?=E6=96=87=E7=9A=84=E5=88=9D=E5=A7=8B=E5=8C=96=E6=93=8D=E4=BD=9C?=
 =?UTF-8?q?=EF=BC=88=E5=A6=82=20PermissionService=EF=BC=89=E4=B8=AD?=
 =?UTF-8?q?=E7=9B=B4=E6=8E=A5=E8=B7=B3=E8=BF=87=EF=BC=8C=E9=81=BF=E5=85=8D?=
 =?UTF-8?q?=E4=BA=A7=E7=94=9F=E5=A4=A7=E9=87=8F=20system=20=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E6=97=A5=E5=BF=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 inventory-backend/app/core/audit_listener.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/inventory-backend/app/core/audit_listener.py b/inventory-backend/app/core/audit_listener.py
index 2f28f91..0de0961 100644
--- a/inventory-backend/app/core/audit_listener.py
+++ b/inventory-backend/app/core/audit_listener.py
@@ -41,7 +41,8 @@ def _is_audit_model(mapper):
         'StockBuy', 'StockSemi', 'StockProduct', 'StockService',
         'RepairRecord', 'TransOutbound', 'TransBorrow', 'TransReturn',
         'BomTable', 'StockTake', 'StockAdjust',
-        'TransScrap', 'SysUser'
+        'TransScrap',
+        'SysUser', 'SysMenu', 'SysElement', 'SysRolePermission',  # ★ 新增：系统管理三表纳入审计
     }
     return mapper.class_.__name__ in AUDIT_WHITELIST
 
@@ -129,6 +130,13 @@ def _create_audit_log(session, mapper, target, action, details):
 def before_update_listener(mapper, connection, target):
     """UPDATE 事件：抓取字段变更明细"""
     if not _is_audit_model(mapper): return
+
+    # ★★★ 关键修复：系统初始化（PermissionService.init_all_menus 等）时，
+    #         username='system' 且 has_request_context()=False，
+    #         这类非用户发起的变更不应产生审计日志，直接跳过。
+    if not has_request_context():
+        return
+
     try:
         state = inspect(target)
         changes = {}
@@ -150,6 +158,8 @@ def before_update_listener(mapper, connection, target):
 def before_delete_listener(mapper, connection, target):
     """DELETE 事件：抓取被删除对象的完整快照"""
     if not _is_audit_model(mapper): return
+    # ★★★ 关键修复：非 HTTP 请求上下文下的初始化操作（如 PermissionService）
+    if not has_request_context(): return
     try:
         state = inspect(target)
         snap = {}
@@ -164,6 +174,8 @@ def before_delete_listener(mapper, connection, target):
 def after_insert_listener(mapper, connection, target):
     """INSERT 事件：抓取新增对象的完整快照"""
     if not _is_audit_model(mapper): return
+    # ★★★ 关键修复：非 HTTP 请求上下文下的初始化操作（如 PermissionService）
+    if not has_request_context(): return
     try:
         state = inspect(target)
         snap = {}