OrgTJWater/TJWaterServerBinary
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

初步实现数据加密、权限管理、日志审计等功能

Browse Source
This commit is contained in:
Jiang
2026-02-02 10:09:28 +08:00
parent b6b37a453b
commit 807e634318
27 changed files with 3787 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
resources/sql/002_create_audit_logs_table.sql Normal file
View File

@@ -0,0 +1,45 @@
-- ============================================
-- TJWater Server 审计日志表迁移脚本
-- ============================================
-- 创建审计日志表
CREATE TABLE IF NOT EXISTS audit_logs (
id SERIAL PRIMARY KEY,
user_id INTEGER REFERENCES users(id) ON DELETE SET NULL,
username VARCHAR(50),
action VARCHAR(50) NOT NULL,
resource_type VARCHAR(50),
resource_id VARCHAR(100),
ip_address VARCHAR(45),
user_agent TEXT,
request_method VARCHAR(10),
request_path TEXT,
request_data JSONB,
response_status INTEGER,
error_message TEXT,
timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL
);
-- 创建索引以提高查询性能
CREATE INDEX IF NOT EXISTS idx_audit_logs_user_id ON audit_logs(user_id);
CREATE INDEX IF NOT EXISTS idx_audit_logs_username ON audit_logs(username);
CREATE INDEX IF NOT EXISTS idx_audit_logs_timestamp ON audit_logs(timestamp DESC);
CREATE INDEX IF NOT EXISTS idx_audit_logs_action ON audit_logs(action);
CREATE INDEX IF NOT EXISTS idx_audit_logs_resource ON audit_logs(resource_type, resource_id);
-- 添加注释
COMMENT ON TABLE audit_logs IS '审计日志表 - 记录所有关键操作';
COMMENT ON COLUMN audit_logs.id IS '日志ID主键';
COMMENT ON COLUMN audit_logs.user_id IS '用户ID外键';
COMMENT ON COLUMN audit_logs.username IS '用户名(冗余字段,用于用户删除后仍可查询)';
COMMENT ON COLUMN audit_logs.action IS '操作类型LOGIN, LOGOUT, CREATE, UPDATE, DELETE';
COMMENT ON COLUMN audit_logs.resource_type IS '资源类型user, project, network';
COMMENT ON COLUMN audit_logs.resource_id IS '资源ID';
COMMENT ON COLUMN audit_logs.ip_address IS '客户端IP地址';
COMMENT ON COLUMN audit_logs.user_agent IS '客户端User-Agent';
COMMENT ON COLUMN audit_logs.request_method IS 'HTTP请求方法';
COMMENT ON COLUMN audit_logs.request_path IS '请求路径';
COMMENT ON COLUMN audit_logs.request_data IS '请求数据JSON格式敏感信息已脱敏';
COMMENT ON COLUMN audit_logs.response_status IS 'HTTP响应状态码';
COMMENT ON COLUMN audit_logs.error_message IS '错误消息(如果有)';
COMMENT ON COLUMN audit_logs.timestamp IS '操作时间';