hera/oil-formula-calculator
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: 操作日志详细记录权限变更
All checks were successful
Test / unit-test (push) Successful in 7s
Details
Test / build-check (push) Successful in 6s
Details
Test / e2e-test (push) Successful in 50s
Details

Browse Source 
- 修改用户权限时记录旧角色→新角色(中文)和用户名
- 日志显示"查看者 → 高级编辑"格式
- 商业认证日志显示商户名

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Hera Zhao
2026-04-10 20:53:22 +00:00
parent 5a34b11720
commit 3a7e52360c
2 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
backend/main.py
View File

@@ -1094,6 +1094,9 @@ def delete_user(user_id: int, user=Depends(require_role("admin"))):
@app.put("/api/users/{user_id}") @app.put("/api/users/{user_id}")
def update_user(user_id: int, body: UserUpdate, user=Depends(require_role("admin"))): def update_user(user_id: int, body: UserUpdate, user=Depends(require_role("admin"))):
conn = get_db() conn = get_db()
target = conn.execute("SELECT role, display_name, username FROM users WHERE id = ?", (user_id,)).fetchone()
old_role = target["role"] if target else "unknown"
target_name = (target["display_name"] or target["username"]) if target else "unknown"
if body.role is not None: if body.role is not None:
if body.role == "admin": if body.role == "admin":
conn.close() conn.close()
@@ -1101,8 +1104,15 @@ def update_user(user_id: int, body: UserUpdate, user=Depends(require_role("admin
conn.execute("UPDATE users SET role = ?, role_changed_at = datetime('now') WHERE id = ?", (body.role, user_id)) conn.execute("UPDATE users SET role = ?, role_changed_at = datetime('now') WHERE id = ?", (body.role, user_id))
if body.display_name is not None: if body.display_name is not None:
conn.execute("UPDATE users SET display_name = ? WHERE id = ?", (body.display_name, user_id)) conn.execute("UPDATE users SET display_name = ? WHERE id = ?", (body.display_name, user_id))
log_audit(conn, user["id"], "update_user", "user", user_id, None, role_labels = {"admin": "管理员", "senior_editor": "高级编辑", "editor": "编辑", "viewer": "查看者"}
json.dumps({"role": body.role, "display_name": body.display_name})) detail = {}
if body.role is not None and body.role != old_role:
detail["from_role"] = role_labels.get(old_role, old_role)
detail["to_role"] = role_labels.get(body.role, body.role)
if body.display_name is not None:
detail["display_name"] = body.display_name
log_audit(conn, user["id"], "update_user", "user", user_id, target_name,
json.dumps(detail, ensure_ascii=False))
conn.commit() conn.commit()
conn.close() conn.close()
return {"ok": True} return {"ok": True}

3
frontend/src/views/AuditLog.vue
View File

@@ -153,9 +153,10 @@ function parsedDetail(log) {
try { try {
const d = JSON.parse(log.detail) const d = JSON.parse(log.detail)
const parts = [] const parts = []
if (d.from_role && d.to_role) parts.push(`${d.from_role}${d.to_role}`)
if (d.from_user) parts.push(`来自: ${d.from_user}`) if (d.from_user) parts.push(`来自: ${d.from_user}`)
if (d.reason) parts.push(`原因: ${d.reason}`) if (d.reason) parts.push(`原因: ${d.reason}`)
if (d.role) parts.push(`角色: ${d.role}`) if (d.business_name) parts.push(`商户: ${d.business_name}`)
if (d.display_name) parts.push(`显示名: ${d.display_name}`) if (d.display_name) parts.push(`显示名: ${d.display_name}`)
if (d.original_log_id) parts.push(`恢复自 #${d.original_log_id}`) if (d.original_log_id) parts.push(`恢复自 #${d.original_log_id}`)
if (parts.length) return parts.join(' · ') if (parts.length) return parts.join(' · ')