fix: 审计监听器在非 HTTP 上下文的初始化操作（如 PermissionService）中直接跳过，避免产生大量 system 用户日志

2026-05-19 10:58:22 +08:00
parent e331236a6e
commit 2a6e3979e8
1 changed files with 13 additions and 1 deletions
--- a/inventory-backend/app/core/audit_listener.py
+++ b/inventory-backend/app/core/audit_listener.py
@ -41,7 +41,8 @@ def _is_audit_model(mapper):
        'StockBuy', 'StockSemi', 'StockProduct', 'StockService',
        'RepairRecord', 'TransOutbound', 'TransBorrow', 'TransReturn',
        'BomTable', 'StockTake', 'StockAdjust',
-        'TransScrap', 'SysUser'
+        'TransScrap',
+        'SysUser', 'SysMenu', 'SysElement', 'SysRolePermission',  # ★ 新增：系统管理三表纳入审计
    }
    return mapper.class_.__name__ in AUDIT_WHITELIST

@ -129,6 +130,13 @@ def _create_audit_log(session, mapper, target, action, details):
 def before_update_listener(mapper, connection, target):
    """UPDATE 事件：抓取字段变更明细"""
    if not _is_audit_model(mapper): return
+
+    # ★★★ 关键修复：系统初始化（PermissionService.init_all_menus 等）时，
+    #         username='system' 且 has_request_context()=False，
+    #         这类非用户发起的变更不应产生审计日志，直接跳过。
+    if not has_request_context():
+        return
+
    try:
        state = inspect(target)
        changes = {}
@ -150,6 +158,8 @@ def before_update_listener(mapper, connection, target):
 def before_delete_listener(mapper, connection, target):
    """DELETE 事件：抓取被删除对象的完整快照"""
    if not _is_audit_model(mapper): return
+    # ★★★ 关键修复：非 HTTP 请求上下文下的初始化操作（如 PermissionService）
+    if not has_request_context(): return
    try:
        state = inspect(target)
        snap = {}
@ -164,6 +174,8 @@ def before_delete_listener(mapper, connection, target):
 def after_insert_listener(mapper, connection, target):
    """INSERT 事件：抓取新增对象的完整快照"""
    if not _is_audit_model(mapper): return
+    # ★★★ 关键修复：非 HTTP 请求上下文下的初始化操作（如 PermissionService）
+    if not has_request_context(): return
    try:
        state = inspect(target)
        snap = {}