全局审计日志

2026-03-10 17:27:54 +08:00
parent bc866e7670
commit de0a5c8db2
4 changed files with 54 additions and 2 deletions
--- a/inventory-backend/app/api/v1/transactions.py
+++ b/inventory-backend/app/api/v1/transactions.py
@ -1,6 +1,6 @@
 from flask import Blueprint, jsonify, request  # .material -> .base refactor checked
 from flask_jwt_extended import jwt_required, get_jwt_identity, get_jwt
-from app.utils.decorators import permission_required
+from app.utils.decorators import permission_required, audit_log
 from app.services.auth_service import AuthService
 from app.services.trans_service import TransService
 import traceback
@ -59,6 +59,11 @@ def filter_item_by_permissions(item_dict, user_permissions, prefix='op_records')
@trans_bp.route('/borrow', methods=['POST'])
@jwt_required()
@permission_required('op_borrow:operation')
+@audit_log(
+    module='借库管理',
+    action='新增',
+    get_target_name_fn=lambda: request.get_json().get('borrow_no') if request.get_json() else None
+)
 def create_borrow():
    data = request.get_json()
    # 数据清洗：移除用户没有权限的字段
@ -108,6 +113,11 @@ def scan_borrowed_item():
@trans_bp.route('/return', methods=['POST'])
@jwt_required()
@permission_required('op_return:operation')
+@audit_log(
+    module='借库管理',
+    action='归还',
+    get_target_name_fn=lambda: request.get_json().get('borrow_no') if request.get_json() else None
+)
 def submit_return():
    data = request.get_json()
    # 数据清洗：移除用户没有权限的字段