|
|
@@ -24,35 +24,64 @@ export function permissionWithAutoLog(requiredPermissions: string[]) {
|
|
|
// 获取相关ID
|
|
|
const relatedId = params.id || null;
|
|
|
|
|
|
- try {
|
|
|
- // 执行权限检查
|
|
|
- const hasPermission = await permissionChecker(user);
|
|
|
-
|
|
|
- if (!hasPermission) {
|
|
|
- // 记录权限拒绝
|
|
|
- await logService.create({
|
|
|
- id: generateLogId(),
|
|
|
- class: resourceClass,
|
|
|
- action: 'permission_denied',
|
|
|
- relatedId: relatedId ? String(relatedId) : undefined,
|
|
|
- reason: `权限被拒绝: 需要权限 ${requiredPermissions.join(', ')}`,
|
|
|
- logTime: new Date()
|
|
|
- }, user?.id);
|
|
|
-
|
|
|
- return c.json({ message: '没有权限访问该资源', code: 403 }, 403);
|
|
|
- }
|
|
|
+ // 记录操作开始时间
|
|
|
+ const startTime = Date.now();
|
|
|
+
|
|
|
+ // 执行权限检查
|
|
|
+ const hasPermission = await permissionChecker(user);
|
|
|
+
|
|
|
+ if (!hasPermission) {
|
|
|
+ // 记录权限拒绝
|
|
|
+ await logService.create({
|
|
|
+ id: generateLogId(),
|
|
|
+ class: resourceClass,
|
|
|
+ action: 'permission_denied',
|
|
|
+ relatedId: relatedId ? String(relatedId) : undefined,
|
|
|
+ reason: `[${method} ${path}] 权限被拒绝: 需要权限 ${requiredPermissions.join(', ')}`,
|
|
|
+ logTime: new Date()
|
|
|
+ }, user?.id);
|
|
|
|
|
|
+ return c.json({ message: '没有权限访问该资源', code: 403 }, 403);
|
|
|
+ }
|
|
|
+
|
|
|
+ // 记录操作开始
|
|
|
+ await logService.create({
|
|
|
+ id: generateLogId(),
|
|
|
+ class: resourceClass,
|
|
|
+ action: 'operation_started',
|
|
|
+ relatedId: relatedId ? String(relatedId) : undefined,
|
|
|
+ reason: `[${method} ${path}] 开始执行操作,权限: ${requiredPermissions.join(', ')}`,
|
|
|
+ logTime: new Date()
|
|
|
+ }, user?.id);
|
|
|
+
|
|
|
+ try {
|
|
|
// 继续执行后续处理
|
|
|
await next();
|
|
|
|
|
|
+ // 计算执行时间
|
|
|
+ const duration = Date.now() - startTime;
|
|
|
+
|
|
|
+ // 记录操作成功
|
|
|
+ await logService.create({
|
|
|
+ id: generateLogId(),
|
|
|
+ class: resourceClass,
|
|
|
+ action: 'operation_success',
|
|
|
+ relatedId: relatedId ? String(relatedId) : undefined,
|
|
|
+ reason: `[${method} ${path}] 操作成功完成,耗时: ${duration}ms`,
|
|
|
+ logTime: new Date()
|
|
|
+ }, user?.id);
|
|
|
+
|
|
|
} catch (error) {
|
|
|
- // 记录权限检查异常
|
|
|
+ // 计算执行时间
|
|
|
+ const duration = Date.now() - startTime;
|
|
|
+
|
|
|
+ // 记录操作失败
|
|
|
await logService.create({
|
|
|
id: generateLogId(),
|
|
|
class: resourceClass,
|
|
|
- action: 'permission_error',
|
|
|
+ action: 'operation_failed',
|
|
|
relatedId: relatedId ? String(relatedId) : undefined,
|
|
|
- reason: `权限检查异常: ${error instanceof Error ? error.message : '未知错误'}`,
|
|
|
+ reason: `[${method} ${path}] 操作执行失败: ${error instanceof Error ? error.message : '未知错误'}`,
|
|
|
logTime: new Date()
|
|
|
}, user?.id);
|
|
|
|
yourname