全局审计日志
This commit is contained in:
@ -2,7 +2,7 @@
|
||||
from flask import Blueprint, request, jsonify, current_app
|
||||
from flask_jwt_extended import jwt_required, get_jwt
|
||||
from app.services.auth_service import AuthService
|
||||
from app.utils.decorators import permission_required
|
||||
from app.utils.decorators import permission_required, audit_log
|
||||
|
||||
auth_bp = Blueprint('auth', __name__)
|
||||
|
||||
@ -107,6 +107,11 @@ def refresh():
|
||||
@auth_bp.route('/user/create', methods=['POST'])
|
||||
@jwt_required()
|
||||
@permission_required('system_user:operation')
|
||||
@audit_log(
|
||||
module='用户管理',
|
||||
action='新增',
|
||||
get_target_name_fn=lambda: request.get_json().get('username') if request.get_json() else None
|
||||
)
|
||||
def create_user():
|
||||
try:
|
||||
data = request.get_json()
|
||||
@ -151,6 +156,11 @@ def create_user():
|
||||
@auth_bp.route('/user/<int:user_id>', methods=['PUT'])
|
||||
@jwt_required()
|
||||
@permission_required('system_user:operation')
|
||||
@audit_log(
|
||||
module='用户管理',
|
||||
action='修改',
|
||||
get_target_id_fn=lambda: request.view_args.get('user_id')
|
||||
)
|
||||
def update_user(user_id):
|
||||
try:
|
||||
data = request.get_json()
|
||||
@ -207,6 +217,11 @@ def get_users():
|
||||
@auth_bp.route('/user/<int:user_id>', methods=['DELETE'])
|
||||
@jwt_required()
|
||||
@permission_required('system_user:operation')
|
||||
@audit_log(
|
||||
module='用户管理',
|
||||
action='删除',
|
||||
get_target_id_fn=lambda: request.view_args.get('user_id')
|
||||
)
|
||||
def delete_user(user_id):
|
||||
try:
|
||||
claims = get_jwt()
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
from flask import Blueprint, request, jsonify, current_app
|
||||
from flask_jwt_extended import jwt_required
|
||||
from app.services.permission_service import PermissionService
|
||||
from app.utils.decorators import audit_log
|
||||
|
||||
permission_bp = Blueprint('permission', __name__)
|
||||
|
||||
@ -34,6 +35,11 @@ def get_role_perms(role_code):
|
||||
|
||||
@permission_bp.route('/assign', methods=['POST'])
|
||||
@jwt_required()
|
||||
@audit_log(
|
||||
module='权限管理',
|
||||
action='分配',
|
||||
get_target_name_fn=lambda: request.get_json().get('role_code') if request.get_json() else None
|
||||
)
|
||||
def assign_perms():
|
||||
"""保存权限分配"""
|
||||
try:
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
from flask import Blueprint, jsonify, request # .material -> .base refactor checked
|
||||
from flask_jwt_extended import jwt_required, get_jwt_identity, get_jwt
|
||||
from app.utils.decorators import permission_required
|
||||
from app.utils.decorators import permission_required, audit_log
|
||||
from app.services.auth_service import AuthService
|
||||
from app.services.trans_service import TransService
|
||||
import traceback
|
||||
@ -59,6 +59,11 @@ def filter_item_by_permissions(item_dict, user_permissions, prefix='op_records')
|
||||
@trans_bp.route('/borrow', methods=['POST'])
|
||||
@jwt_required()
|
||||
@permission_required('op_borrow:operation')
|
||||
@audit_log(
|
||||
module='借库管理',
|
||||
action='新增',
|
||||
get_target_name_fn=lambda: request.get_json().get('borrow_no') if request.get_json() else None
|
||||
)
|
||||
def create_borrow():
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
@ -108,6 +113,11 @@ def scan_borrowed_item():
|
||||
@trans_bp.route('/return', methods=['POST'])
|
||||
@jwt_required()
|
||||
@permission_required('op_return:operation')
|
||||
@audit_log(
|
||||
module='借库管理',
|
||||
action='归还',
|
||||
get_target_name_fn=lambda: request.get_json().get('borrow_no') if request.get_json() else None
|
||||
)
|
||||
def submit_return():
|
||||
data = request.get_json()
|
||||
# 数据清洗:移除用户没有权限的字段
|
||||
|
||||
@ -1,7 +1,9 @@
|
||||
# inventory-backend/app/api/v1/warehouse.py
|
||||
from flask import Blueprint, request, jsonify
|
||||
from flask_jwt_extended import jwt_required
|
||||
from app.extensions import db
|
||||
from app.models.system import SysWarehouseLocation
|
||||
from app.utils.decorators import audit_log
|
||||
|
||||
warehouse_bp = Blueprint('warehouse', __name__, url_prefix='/api/v1/warehouse')
|
||||
|
||||
@ -49,6 +51,12 @@ def get_tree():
|
||||
|
||||
|
||||
@warehouse_bp.route('', methods=['POST'])
|
||||
@jwt_required()
|
||||
@audit_log(
|
||||
module='库位管理',
|
||||
action='新增',
|
||||
get_target_name_fn=lambda: request.get_json().get('name') if request.get_json() else None
|
||||
)
|
||||
def create_location():
|
||||
"""
|
||||
创建库位
|
||||
@ -100,6 +108,13 @@ def create_location():
|
||||
|
||||
|
||||
@warehouse_bp.route('/<int:location_id>', methods=['PUT'])
|
||||
@jwt_required()
|
||||
@audit_log(
|
||||
module='库位管理',
|
||||
action='修改',
|
||||
get_target_id_fn=lambda: request.view_args.get('location_id'),
|
||||
get_target_name_fn=lambda: request.get_json().get('name') if request.get_json() else None
|
||||
)
|
||||
def update_location(location_id):
|
||||
"""
|
||||
更新库位
|
||||
@ -144,6 +159,12 @@ def update_location(location_id):
|
||||
|
||||
|
||||
@warehouse_bp.route('/<int:location_id>', methods=['DELETE'])
|
||||
@jwt_required()
|
||||
@audit_log(
|
||||
module='库位管理',
|
||||
action='删除',
|
||||
get_target_id_fn=lambda: request.view_args.get('location_id')
|
||||
)
|
||||
def delete_location(location_id):
|
||||
"""
|
||||
删除库位(级联删除子库位)
|
||||
|
||||
Reference in New Issue
Block a user