refactor(account): 统一账号管理API、完善权限检查和操作审计
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m17s
All checks were successful
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Successful in 6m17s
- 合并 customer_account 和 shop_account 路由到统一的 account 接口 - 新增统一认证接口 (auth handler) - 实现越权防护中间件和权限检查工具函数 - 新增操作审计日志模型和服务 - 更新数据库迁移 (版本 39: account_operation_log 表) - 补充集成测试覆盖权限检查和审计日志场景
This commit is contained in:
42
internal/service/account_audit/service.go
Normal file
42
internal/service/account_audit/service.go
Normal file
@@ -0,0 +1,42 @@
|
||||
// Package account_audit 提供账号操作审计日志服务
|
||||
// 负责记录所有账号管理操作,用于审计追踪和合规要求
|
||||
package account_audit
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/break/junhong_cmp_fiber/internal/model"
|
||||
"github.com/break/junhong_cmp_fiber/pkg/logger"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
// AccountOperationLogStore 账号操作日志存储接口
|
||||
type AccountOperationLogStore interface {
|
||||
Create(ctx context.Context, log *model.AccountOperationLog) error
|
||||
}
|
||||
|
||||
// Service 账号审计服务
|
||||
type Service struct {
|
||||
store AccountOperationLogStore
|
||||
}
|
||||
|
||||
// NewService 创建账号审计服务实例
|
||||
func NewService(store AccountOperationLogStore) *Service {
|
||||
return &Service{
|
||||
store: store,
|
||||
}
|
||||
}
|
||||
|
||||
// LogOperation 记录账号操作日志(异步写入,不阻塞主流程)
|
||||
func (s *Service) LogOperation(ctx context.Context, log *model.AccountOperationLog) {
|
||||
// 异步写入审计日志,不阻塞业务操作
|
||||
go func() {
|
||||
if err := s.store.Create(context.Background(), log); err != nil {
|
||||
// 写入失败只记录错误日志,不影响业务
|
||||
logger.GetAppLogger().Error("写入账号操作日志失败",
|
||||
zap.Uint("operator_id", log.OperatorID),
|
||||
zap.String("operation_type", log.OperationType),
|
||||
zap.Error(err))
|
||||
}
|
||||
}()
|
||||
}
|
||||
Reference in New Issue
Block a user