docs/docs/cn/api/server/audit-manager.md
AuditManager 是 NocoBase 中的资源审计管理模块,用于注册需要参与审计的资源接口。
import { Plugin } from '@nocobase/server';
class PluginCustomAuditResourceServer extends Plugin {
async load() {
this.app.auditManager.registerAction('resource:action');
}
}
setLogger()设置审计日志的输出方法。
const auditManager = new AuditManager();
auditManager.setLogger({
log: async (auditLog: AuditLog) => console.log(auditLog);
})
setLogger(logger: AuditLogger)export interface AuditLog {
uuid: string;
dataSource: string;
resource: string;
action: string;
sourceCollection?: string;
sourceRecordUK?: string;
targetCollection?: string;
targetRecordUK?: string;
userId: string;
roleName: string;
ip: string;
ua: string;
status: number;
metadata?: Record<string, any>;
}
export interface AuditLogger {
log(auditLog: AuditLog): Promise<void>;
}
registerAction()注册参与审计的资源操作。
registerAction(action: Action)export interface UserInfo {
userId?: string;
roleName?: string;
}
export interface SourceAndTarget {
sourceCollection?: string;
sourceRecordUK?: string;
targetCollection?: string;
targetRecordUK?: string;
}
type Action =
| string
| {
name: string;
getMetaData?: (ctx: Context) => Promise<Record<string, any>>;
getUserInfo?: (ctx: Context) => Promise<UserInfo>;
getSourceAndTarget?: (ctx: Context) => Promise<SourceAndTarget>;
};
支持几种写法:
registerActions(['create']);
resource:*registerActions(['app:*']);
resouce:actionregisterAction(['pm:update']);
getMetaData, getUserInfo, getSourceAndTarget 方法registerActions([
'create',
{ name: 'auth:signIn', getMetaData, getUserInfo, getSourceAndTarget },
]);
当注册的接口有重叠时,颗粒度细的注册方方式优先级更高,例如:
registerActions('create')
registerAction({ name: 'user:*', getMetaData })
registerAction({ name: 'user:create', getMetaData })
对于 user:create 接口,生效的是 3.
registerActions()注册多个参与审计的资源操作。
registerAction(actions: Action[])