TencentBlueKing · lannoy0523 · Sep 4, 2023 · Sep 4, 2023 · Sep 4, 2023 · Sep 4, 2023
@@ -34,6 +34,7 @@ package com.tencent.bkrepo.auth.api
 import com.tencent.bkrepo.auth.constant.AUTH_SERVICE_ROLE_PREFIX
 import com.tencent.bkrepo.common.api.constant.AUTH_SERVICE_NAME
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import io.swagger.annotations.Api
 import io.swagger.annotations.ApiOperation
 import io.swagger.annotations.ApiParam
@@ -51,13 +52,15 @@ interface ServiceRoleClient {
 
     @ApiOperation("创建项目管理员")
     @PostMapping("/create/project/manage/{projectId}")
+    @LogOperate(type = "SERVICE_PROJECT_ADMIN_CREATE")
     fun createProjectManage(
         @ApiParam(value = "仓库名称")
         @PathVariable projectId: String
     ): Response<String?>
 
     @ApiOperation("创建仓库管理员")
     @PostMapping("/create/repo/manage/{projectId}/{repoName}")
+    @LogOperate(type = "SERVICE_REPO_ADMIN_CREATE")
     fun createRepoManage(
         @ApiParam(value = "仓库ID")
         @PathVariable projectId: String,

@@ -35,6 +35,7 @@ import com.tencent.bkrepo.auth.pojo.token.TemporaryTokenCreateRequest
 import com.tencent.bkrepo.auth.pojo.token.TemporaryTokenInfo
 import com.tencent.bkrepo.common.api.constant.AUTH_SERVICE_NAME
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import io.swagger.annotations.Api
 import io.swagger.annotations.ApiOperation
 import org.springframework.cloud.openfeign.FeignClient
@@ -54,6 +55,7 @@ interface ServiceTemporaryTokenClient {
 
     @ApiOperation("创建临时token")
     @PostMapping("/create")
+    @LogOperate(type = "SERVICE_TEMP_TOKEN_CREATE")
     fun createToken(
         @RequestBody request: TemporaryTokenCreateRequest
     ): Response<List<TemporaryTokenInfo>>
@@ -66,6 +68,7 @@ interface ServiceTemporaryTokenClient {
 
     @ApiOperation("删除临时token信息")
     @DeleteMapping("/delete/{token}")
+    @LogOperate(type = "SERVICE_TEMP_TOKEN_DELETE")
     fun deleteToken(
         @PathVariable token: String
     ): Response<Void>

@@ -37,6 +37,7 @@ import com.tencent.bkrepo.auth.pojo.user.User
 import com.tencent.bkrepo.auth.pojo.user.UserInfo
 import com.tencent.bkrepo.common.api.constant.AUTH_SERVICE_NAME
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import io.swagger.annotations.Api
 import io.swagger.annotations.ApiOperation
 import io.swagger.annotations.ApiParam
@@ -57,6 +58,7 @@ interface ServiceUserClient {
 
     @ApiOperation("创建用户")
     @PostMapping("/create")
+    @LogOperate(type = "SERVICE_USER_CREATE")
     fun createUser(
         @RequestBody request: CreateUserRequest
     ): Response<Boolean>
@@ -71,6 +73,7 @@ interface ServiceUserClient {
 
     @ApiOperation("新增用户所属角色")
     @PostMapping("/role/{uid}/{rid}")
+    @LogOperate(type = "SERVICE_USER_ROLE_CREATE")
     fun addUserRole(
         @ApiParam(value = "用户id")
         @PathVariable uid: String,

@@ -157,7 +157,7 @@ class AccountController @Autowired constructor(
 
     @ApiOperation("更新ak/sk对状态")
     @PutMapping("/credential/{appId}/{accesskey}/{status}")
-    @LogOperate(type = "KEYS_UPDATE")
+    @LogOperate(type = "KEYS_STATUS_UPDATE")
     fun updateCredential(
         @PathVariable appId: String,
         @PathVariable accesskey: String,

@@ -31,6 +31,7 @@ import com.tencent.bkrepo.auth.constant.AUTH_API_KEY_PREFIX
 import com.tencent.bkrepo.auth.pojo.Key
 import com.tencent.bkrepo.auth.service.KeyService
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import com.tencent.bkrepo.common.service.util.ResponseBuilder
 import io.swagger.annotations.ApiOperation
 import org.springframework.web.bind.annotation.RestController
@@ -45,6 +46,7 @@ class KeyController(private val keyService: KeyService) {
 
     @ApiOperation("新增密钥")
     @PostMapping("/create")
+    @LogOperate(type = "USER_KEY_CREATE")
     fun createKey(name: String, key: String): Response<Void> {
         keyService.createKey(name, key)
         return ResponseBuilder.success()
@@ -58,6 +60,7 @@ class KeyController(private val keyService: KeyService) {
 
     @ApiOperation("删除公钥")
     @DeleteMapping("/delete/{id}")
+    @LogOperate(type = "USER_KEY_DELETE")
     fun deleteKey(id: String): Response<Void> {
         keyService.deleteKey(id)
         return ResponseBuilder.success()

@@ -36,6 +36,7 @@ import com.tencent.bkrepo.auth.pojo.oauth.OidcConfiguration
 import com.tencent.bkrepo.auth.pojo.oauth.UserInfo
 import com.tencent.bkrepo.auth.service.OauthAuthorizationService
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import com.tencent.bkrepo.common.service.util.ResponseBuilder
 import io.swagger.annotations.ApiOperation
 import org.springframework.beans.factory.annotation.Autowired
@@ -73,6 +74,7 @@ class OauthAuthorizationController @Autowired constructor(
 
     @ApiOperation("创建或刷新oauth token")
     @PostMapping("/{projectId}/token")
+    @LogOperate(type = "USER_OAUTH_TOKEN_ADD_OR_REFRESH")
     fun generateToken(
         code: String?,
         @RequestParam("grant_type") grantType: String,
@@ -91,6 +93,7 @@ class OauthAuthorizationController @Autowired constructor(
 
     @ApiOperation("删除oauth token")
     @DeleteMapping("/token")
+    @LogOperate(type = "USER_OAUTH_TOKEN_DELETE")
     fun deleteToken(clientId: String, clientSecret: String, accessToken: String): Response<Void> {
         oauthAuthorizationService.deleteToken(clientId, clientSecret, accessToken)
         return ResponseBuilder.success()

@@ -44,6 +44,7 @@ import com.tencent.bkrepo.auth.pojo.permission.UpdatePermissionUserRequest
 import com.tencent.bkrepo.auth.controller.OpenResource
 import com.tencent.bkrepo.auth.service.PermissionService
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import com.tencent.bkrepo.common.service.util.ResponseBuilder
 import io.swagger.annotations.ApiOperation
 import org.springframework.beans.factory.annotation.Autowired
@@ -110,6 +111,7 @@ class PermissionController @Autowired constructor(
 
     @ApiOperation("删除权限")
     @DeleteMapping("/delete/{id}")
+    @LogOperate(type = "USER_PERMISSION_DELETE")
     fun deletePermission(@PathVariable id: String): Response<Boolean> {
         return ResponseBuilder.success(permissionService.deletePermission(id))
     }

@@ -42,6 +42,7 @@ import com.tencent.bkrepo.auth.service.RoleService
 import com.tencent.bkrepo.auth.util.RequestUtil.buildProjectAdminRequest
 import com.tencent.bkrepo.auth.util.RequestUtil.buildRepoAdminRequest
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import com.tencent.bkrepo.common.service.util.ResponseBuilder
 import io.swagger.annotations.ApiOperation
 import org.springframework.beans.factory.annotation.Autowired
@@ -66,6 +67,7 @@ class RoleController @Autowired constructor(
 
     @ApiOperation("创建角色")
     @PostMapping("/create")
+    @LogOperate(type = "USER_ROLE_CREATE")
     fun createRole(@RequestBody request: CreateRoleRequest): Response<String?> {
         // todo check request
         val id = roleService.createRole(request)
@@ -74,6 +76,7 @@ class RoleController @Autowired constructor(
 
     @ApiOperation("创建项目管理员")
     @PostMapping("/create/project/manage/{projectId}")
+    @LogOperate(type = "PROJECT_ADMIN_CREATE")
     fun createProjectManage(@PathVariable projectId: String): Response<String?> {
         val request = buildProjectAdminRequest(projectId)
         val id = roleService.createRole(request)
@@ -82,6 +85,7 @@ class RoleController @Autowired constructor(
 
     @ApiOperation("创建仓库管理员")
     @PostMapping("/create/repo/manage/{projectId}/{repoName}")
+    @LogOperate(type = "REPO_ADMIN_CREATE")
     fun createRepoManage(@PathVariable projectId: String, @PathVariable repoName: String): Response<String?> {
         val request = buildRepoAdminRequest(projectId, repoName)
         val id = roleService.createRole(request)
@@ -90,6 +94,7 @@ class RoleController @Autowired constructor(
 
     @ApiOperation("删除角色")
     @DeleteMapping("/delete/{id}")
+    @LogOperate(type = "USER_ROLE_DELETE")
     fun deleteRole(@PathVariable id: String): Response<Boolean> {
         roleService.deleteRoleByid(id)
         return ResponseBuilder.success(true)
@@ -127,6 +132,7 @@ class RoleController @Autowired constructor(
 
     @ApiOperation("编辑用户组信息")
     @PutMapping("/{id}")
+    @LogOperate(type = "USERS_INFO_UPDATE")
     @Transactional(rollbackFor = [Exception::class])
     fun updateRoleInfo(
         @PathVariable id: String,

@@ -53,6 +53,7 @@ import com.tencent.bkrepo.auth.util.RequestUtil.buildRepoAdminRequest
 import com.tencent.bkrepo.common.api.exception.ErrorCodeException
 import com.tencent.bkrepo.common.api.pojo.Page
 import com.tencent.bkrepo.common.api.pojo.Response
+import com.tencent.bkrepo.common.operate.api.annotation.LogOperate
 import com.tencent.bkrepo.common.security.exception.AuthenticationException
 import com.tencent.bkrepo.common.security.http.jwt.JwtAuthProperties
 import com.tencent.bkrepo.common.security.util.JwtUtils
@@ -91,6 +92,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("创建用户")
     @PostMapping("/create")
+    @LogOperate(type = "USER_CREATE")
     fun createUser(@RequestBody request: CreateUserRequest): Response<Boolean> {
         // 限制创建为admin用户
         request.admin = false
@@ -100,6 +102,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("创建项目用户")
     @PostMapping("/create/project")
+    @LogOperate(type = "PROJECT_USER_CREATE")
     fun createUserToProject(@RequestBody request: CreateUserToProjectRequest): Response<Boolean> {
         // 限制创建为admin用户
         request.admin = false
@@ -113,6 +116,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("创建仓库用户")
     @PostMapping("/create/repo")
+    @LogOperate(type = "REPO_USER_CREATE")
     fun createUserToRepo(@RequestBody request: CreateUserToRepoRequest): Response<Boolean> {
         // 限制创建为admin用户
         request.admin = false
@@ -135,6 +139,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("删除用户")
     @DeleteMapping("/delete/{uid}")
+    @LogOperate(type = "USER_DELETE")
     fun deleteById(@PathVariable uid: String): Response<Boolean> {
         preCheckUserOrAssetUser(uid, userService.getRelatedUserById(SecurityUtils.getUserId()))
         userService.deleteById(uid)
@@ -150,6 +155,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("更新用户信息")
     @PutMapping("/{uid}")
+    @LogOperate(type = "USER_INFO_UPDATE")
     @Deprecated("更换url", ReplaceWith("updateUserInfoById"))
     fun updateById(@PathVariable uid: String, @RequestBody request: UpdateUserRequest): Response<Boolean> {
         preCheckContextUser(uid)
@@ -162,6 +168,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("更新用户信息")
     @PutMapping("/update/info/{uid}")
+    @LogOperate(type = "USER_INFO_UPDATE")
     fun updateUserInfoById(@PathVariable uid: String, @RequestBody request: UpdateUserRequest): Response<Boolean> {
         preCheckContextUser(uid)
         if (request.admin != null && request.admin) {
@@ -173,34 +180,39 @@ class UserController @Autowired constructor(
 
     @ApiOperation("新增用户所属角色")
     @PostMapping("/role/{uid}/{rid}")
+    @LogOperate(type = "USER_ROLE_ADD")
     fun addUserRole(@PathVariable uid: String, @PathVariable rid: String): Response<User?> {
         val result = userService.addUserToRole(uid, rid)
         return ResponseBuilder.success(result)
     }
 
     @ApiOperation("删除用户所属角色")
     @DeleteMapping("/role/{uid}/{rid}")
+    @LogOperate(type = "USER_ROLE_REMOVE")
     fun removeUserRole(@PathVariable uid: String, @PathVariable rid: String): Response<User?> {
         val result = userService.removeUserFromRole(uid, rid)
         return ResponseBuilder.success(result)
     }
 
     @ApiOperation("批量新增用户所属角色")
     @PatchMapping("/role/add/{rid}")
+    @LogOperate(type = "BATCH_ROLE_ADD")
     fun addUserRoleBatch(@PathVariable rid: String, @RequestBody request: List<String>): Response<Boolean> {
         userService.addUserToRoleBatch(request, rid)
         return ResponseBuilder.success(true)
     }
 
     @ApiOperation("批量删除用户所属角色")
     @PatchMapping("/role/delete/{rid}")
+    @LogOperate(type = "BATCH_ROLE_REMOVE")
     fun deleteUserRoleBatch(@PathVariable rid: String, @RequestBody request: List<String>): Response<Boolean> {
         userService.removeUserFromRoleBatch(request, rid)
         return ResponseBuilder.success(true)
     }
 
     @ApiOperation("新加用户token")
     @PostMapping("/token/{uid}/{name}")
+    @LogOperate(type = "USER_TOKEN_ADD")
     fun addUserToken(
         @PathVariable("uid") uid: String,
         @PathVariable("name") name: String,
@@ -223,6 +235,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("删除用户token")
     @DeleteMapping("/token/{uid}/{name}")
+    @LogOperate(type = "USER_TOKEN_REMOVE")
     fun deleteToken(@PathVariable uid: String, @PathVariable name: String): Response<Boolean> {
         preCheckContextUser(uid)
         val result = userService.removeToken(uid, name)
@@ -326,6 +339,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("修改用户密码")
     @PutMapping("/update/password/{uid}")
+    @LogOperate(type = "USER_PASSWORD_UPDATE")
     fun updatePassword(
         @PathVariable uid: String,
         @RequestParam oldPwd: String,

@@ -65,6 +65,34 @@ enum class EventType(val msgKey: String) {
     // ADMIN
     ADMIN_ADD("artifact.event.admin-add"),
     ADMIN_DELETE("artifact.event.admin-delete"),
+    SERVICE_PROJECT_ADMIN_CREATE("project.event.service-admin-add"),
+    SERVICE_REPO_ADMIN_CREATE("repository.event.service-admin-add"),
+    SERVICE_TEMP_TOKEN_CREATE("user.event.service-token-add"),
+    SERVICE_TEMP_TOKEN_DELETE("user.event.service-token-delete"),
+    SERVICE_USER_CREATE("user.event.service-user-add"),
+    SERVICE_USER_ROLE_CREATE("user.event.service-role-add"),
+    USER_KEY_CREATE("user.event.key-add"),
+    USER_KEY_DELETE("user.event.key-delete"),
+    USER_OAUTH_TOKEN_ADD_OR_REFRESH("user.event.oauth-token-add-or-refresh"),
+    USER_OAUTH_TOKEN_DELETE("user.event.oauth-token-delete"),
+    USER_PERMISSION_DELETE("user.event.user-permission-delete"),
+    USER_ROLE_CREATE("user.event.user-role-create"),
+    PROJECT_ADMIN_CREATE("project.event.admin-add"),
+    REPO_ADMIN_CREATE("repository.event.admin-add"),
+    USER_ROLE_DELETE("user.event.user-role-delete"),
+    USERS_INFO_UPDATE("user.event.users-info-update"),
+    USER_CREATE("user.event.user-create"),
+    PROJECT_USER_CREATE("user.event.project-user-add"),
+    REPO_USER_CREATE("user.event.repo-user-add"),
+    USER_DELETE("user.event.user-delete"),
+    USER_INFO_UPDATE("user.event.user-info-update"),
+    USER_ROLE_ADD("user.event.user-role-add"),
+    USER_ROLE_REMOVE("user.event.user-role-remove"),
+    BATCH_ROLE_ADD("user.event.batch-role-add"),
+    BATCH_ROLE_REMOVE("user.event.batch-role-remove"),
+    USER_TOKEN_ADD("user.event.user-token-add"),
+    USER_TOKEN_REMOVE("user.event.user-token-remove"),
+    USER_PASSWORD_UPDATE("user.event.user-password-update"),
 
     // WebHook
     WEBHOOK_TEST("artifact.event.webhook-test"),
@@ -157,4 +185,5 @@ enum class EventType(val msgKey: String) {
 
     // 第三方同步
     REPLICATION_THIRD_PARTY("artifact.event.replication-third-party");
+
 }
@@ -85,6 +85,33 @@ artifact.event.version-staged=Upgrade Version
 
 artifact.event.admin-add=Add Administrator
 artifact.event.admin-delete=Remove Administrator
+project.event.service-admin-add=System adds project administrator
+repository.event.service-admin-add=System adds repository administrator
+user.event.service-token-add=System adds token
+user.event.service-token-delete=System deletes token
+user.event.service-user-add = System add user
+user.event.service-role-add=System add role
+user.event.key-add = Add public key
+user.event.key-delete = Delete public key
+user.event.oauth-token-add-or-refresh=Add or refresh authentication token
+user.event.oauth-token-delete = Delete authentication token
+user.event.user-permission-delete=Delete permission
+user.event.user-role-create=Create role
+project.event.admin-add = Project Admin Added
+repository.event.admin-add=Repository administrator added
+user.event.user-role-delete=Role delete
+user.event.users-info-update=User group information modification
+user.event.user-create=Create user
+user.event.project-user-add=Create project user
+user.event.repo-user-add=Create repository user
+user.event.user-info-update=User information update
+user.event.user-role-add=Add a new user role
+user.event.user-role-remove=Remove the role to which the user belongs
+user.event.batch-role-add=Batch add user roles
+user.event.batch-role-remove=Batch delete user roles
+user.event.user-token-add=Add user token
+user.event.user-token-remove=Remove user token
+user.event.user-password-update=Update user password
 
 artifact.event.webhook-test=Test Webhook
 artifact.event.webhook-list=List Webhook