⚡ 优化审计

1 year ago · 7a5593c007
3 changed files with 104 additions and 4 deletions
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Actor.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Actor.java
@ -23,12 +23,15 @@ import java.io.Serializable;
 import org.springframework.data.elasticsearch.annotations.Field;
 import org.springframework.data.elasticsearch.annotations.FieldType;

+import cn.topiam.employee.support.security.userdetails.UserType;
+
 import lombok.Builder;
 import lombok.Data;
 import lombok.NonNull;

 /**
 * Actor
+ *
 * @author TopIAM
 * Created by support@topiam.cn on  2022/11/5 23:30
 */
@ -56,7 +59,7 @@ public class Actor implements Serializable {
     */
    @NonNull
    @Field(type = FieldType.Keyword, name = "type")
-    private cn.topiam.employee.support.security.userdetails.UserType type;
+    private UserType type;

    /**
     * 身份验证类型
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventListener.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventListener.java
@ -0,0 +1,92 @@
+/*
+ * eiam-audit - Employee Identity and Access Management Program
+ * Copyright © 2020-2023 TopIAM (support@topiam.cn)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package cn.topiam.employee.audit.event;
+
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationListener;
+import org.springframework.lang.NonNull;
+import org.springframework.scheduling.annotation.Async;
+import org.springframework.stereotype.Component;
+
+import com.alibaba.fastjson2.JSONObject;
+
+import cn.topiam.employee.audit.entity.*;
+import cn.topiam.employee.audit.repository.AuditRepository;
+
+/**
+ * 事件监听
+ *
+ * @author TopIAM
+ * Created by support@topiam.cn on  2021/9/12 22:49
+ */
+@Component
+@Async
+public class AuditEventListener implements ApplicationListener<AuditEvent> {
+
+    private final Logger logger = LoggerFactory.getLogger(AuditEventListener.class);
+
+    /**
+     * onApplicationEvent
+     *
+     * @param auditEvent {@link AuditEvent}
+     */
+    @Override
+    public void onApplicationEvent(@NonNull AuditEvent auditEvent) {
+        Event event = auditEvent.getEvent();
+        Actor actor = auditEvent.getActor();
+        List<Target> target = auditEvent.getTargets();
+        GeoLocation geoLocation = auditEvent.getGeoLocation();
+        UserAgent userAgent = auditEvent.getUserAgent();
+        //保存数据库
+        AuditEntity entity = new AuditEntity();
+        try {
+            entity.setRequestId(auditEvent.getRequestId());
+            entity.setSessionId(auditEvent.getSessionId());
+            //事件
+            entity.setEventType(event.getType());
+            entity.setEventContent(event.getContent());
+            entity.setEventParam(event.getParam());
+            entity.setEventStatus(event.getStatus());
+            entity.setEventResult(event.getResult());
+            entity.setEventTime(event.getTime());
+            //操作目标
+            entity.setTargets(target);
+            entity.setGeoLocation(geoLocation);
+            entity.setUserAgent(userAgent);
+            entity.setActorId(actor.getId());
+            entity.setActorType(actor.getType());
+            auditRepository.save(entity);
+        } catch (Exception e) {
+            logger.error("Audit record saving failed: {}", JSONObject.toJSONString(entity), e);
+        }
+
+    }
+
+    /**
+     * AuditRepository
+     */
+    private final AuditRepository auditRepository;
+
+    public AuditEventListener(AuditRepository auditRepository) {
+        this.auditRepository = auditRepository;
+    }
+
+}
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventPublish.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventPublish.java
@ -45,8 +45,6 @@ import cn.topiam.employee.support.trace.TraceUtils;
 import cn.topiam.employee.support.util.IpUtils;
 import cn.topiam.employee.support.web.useragent.UserAgentParser;

-import lombok.AllArgsConstructor;
-
 import jakarta.servlet.http.HttpServletRequest;
 import static cn.topiam.employee.support.util.StringUtils.replaceBlank;

@ -57,7 +55,6 @@ import static cn.topiam.employee.support.util.StringUtils.replaceBlank;
 * Created by support@topiam.cn on  2021/8/1 21:04
 */
@Component
-@AllArgsConstructor
 public class AuditEventPublish {

    /**
@ -245,6 +242,9 @@ public class AuditEventPublish {
        if (principal instanceof UserDetails) {
            return ((UserDetails) principal).getId();
        }
+        if (principal instanceof String) {
+            return (String) principal;
+        }
        return null;
        //@formatter:on
    }
@ -389,4 +389,9 @@ public class AuditEventPublish {
     */
    private final GeoLocationService        geoLocationService;

+    public AuditEventPublish(ApplicationEventPublisher applicationEventPublisher,
+                             GeoLocationService geoLocationService) {
+        this.applicationEventPublisher = applicationEventPublisher;
+        this.geoLocationService = geoLocationService;
+    }
 }