全局审计日志

2026-03-10 17:27:54 +08:00
parent bc866e7670
commit de0a5c8db2
4 changed files with 54 additions and 2 deletions
--- a/inventory-backend/app/api/v1/auth.py
+++ b/inventory-backend/app/api/v1/auth.py
@ -2,7 +2,7 @@
 from flask import Blueprint, request, jsonify, current_app
 from flask_jwt_extended import jwt_required, get_jwt
 from app.services.auth_service import AuthService
-from app.utils.decorators import permission_required
+from app.utils.decorators import permission_required, audit_log

 auth_bp = Blueprint('auth', __name__)

@ -107,6 +107,11 @@ def refresh():
@auth_bp.route('/user/create', methods=['POST'])
@jwt_required()
@permission_required('system_user:operation')
+@audit_log(
+    module='用户管理',
+    action='新增',
+    get_target_name_fn=lambda: request.get_json().get('username') if request.get_json() else None
+)
 def create_user():
    try:
        data = request.get_json()
@ -151,6 +156,11 @@ def create_user():
@auth_bp.route('/user/<int:user_id>', methods=['PUT'])
@jwt_required()
@permission_required('system_user:operation')
+@audit_log(
+    module='用户管理',
+    action='修改',
+    get_target_id_fn=lambda: request.view_args.get('user_id')
+)
 def update_user(user_id):
    try:
        data = request.get_json()
@ -207,6 +217,11 @@ def get_users():
@auth_bp.route('/user/<int:user_id>', methods=['DELETE'])
@jwt_required()
@permission_required('system_user:operation')
+@audit_log(
+    module='用户管理',
+    action='删除',
+    get_target_id_fn=lambda: request.view_args.get('user_id')
+)
 def delete_user(user_id):
    try:
        claims = get_jwt()