feat: 商业认证操作全部记入审计日志
Some checks failed
PR Preview / teardown-preview (pull_request) Has been skipped
Test / unit-test (push) Successful in 6s
Test / build-check (push) Successful in 3s
PR Preview / test (pull_request) Successful in 4s
PR Preview / deploy-preview (pull_request) Successful in 15s
Test / e2e-test (push) Failing after 56s
Some checks failed
PR Preview / teardown-preview (pull_request) Has been skipped
Test / unit-test (push) Successful in 6s
Test / build-check (push) Successful in 3s
PR Preview / test (pull_request) Successful in 4s
PR Preview / deploy-preview (pull_request) Successful in 15s
Test / e2e-test (push) Failing after 56s
- 申请认证、通过、拒绝、直接开通、撤销都记录audit_log - 操作日志增加商业认证筛选 - ACTION_MAP增加5种商业认证操作的中文映射 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -477,6 +477,8 @@ def business_apply(body: dict, user=Depends(get_current_user)):
|
||||
"INSERT INTO notifications (target_role, title, body) VALUES (?, ?, ?)",
|
||||
("admin", "🏢 商业认证申请", f"{who} 申请商业用户认证,商户名:{business_name}")
|
||||
)
|
||||
log_audit(conn, user["id"], "business_apply", "user", user["id"], who,
|
||||
json.dumps({"business_name": business_name}))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return {"ok": True}
|
||||
@@ -518,13 +520,15 @@ def approve_business(app_id: int, user=Depends(require_role("admin"))):
|
||||
raise HTTPException(404, "申请不存在")
|
||||
conn.execute("UPDATE business_applications SET status = 'approved', reviewed_at = datetime('now') WHERE id = ?", (app_id,))
|
||||
conn.execute("UPDATE users SET business_verified = 1 WHERE id = ?", (app["user_id"],))
|
||||
# Notify user
|
||||
target = conn.execute("SELECT role FROM users WHERE id = ?", (app["user_id"],)).fetchone()
|
||||
target = conn.execute("SELECT role, display_name, username FROM users WHERE id = ?", (app["user_id"],)).fetchone()
|
||||
target_name = (target["display_name"] or target["username"]) if target else "unknown"
|
||||
if target:
|
||||
conn.execute(
|
||||
"INSERT INTO notifications (target_role, title, body, target_user_id) VALUES (?, ?, ?, ?)",
|
||||
(target["role"], "🎉 商业认证通过", "恭喜!你的商业用户认证已通过,现在可以使用项目核算等商业功能。", app["user_id"])
|
||||
)
|
||||
log_audit(conn, user["id"], "approve_business", "user", app["user_id"], target_name,
|
||||
json.dumps({"business_name": app["business_name"]}))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return {"ok": True}
|
||||
@@ -539,7 +543,8 @@ def reject_business(app_id: int, body: dict = None, user=Depends(require_role("a
|
||||
raise HTTPException(404, "申请不存在")
|
||||
reason = (body or {}).get("reason", "").strip()
|
||||
conn.execute("UPDATE business_applications SET status = 'rejected', reviewed_at = datetime('now'), reject_reason = ? WHERE id = ?", (reason, app_id))
|
||||
target = conn.execute("SELECT role FROM users WHERE id = ?", (app["user_id"],)).fetchone()
|
||||
target = conn.execute("SELECT role, display_name, username FROM users WHERE id = ?", (app["user_id"],)).fetchone()
|
||||
target_name = (target["display_name"] or target["username"]) if target else "unknown"
|
||||
if target:
|
||||
msg = "你的商业用户认证申请未通过。"
|
||||
if reason:
|
||||
@@ -549,6 +554,8 @@ def reject_business(app_id: int, body: dict = None, user=Depends(require_role("a
|
||||
"INSERT INTO notifications (target_role, title, body, target_user_id) VALUES (?, ?, ?, ?)",
|
||||
(target["role"], "商业认证未通过", msg, app["user_id"])
|
||||
)
|
||||
log_audit(conn, user["id"], "reject_business", "user", app["user_id"], target_name,
|
||||
json.dumps({"reason": reason}))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return {"ok": True}
|
||||
@@ -619,11 +626,13 @@ def grant_business(user_id: int, user=Depends(require_role("admin"))):
|
||||
conn = get_db()
|
||||
conn.execute("UPDATE users SET business_verified = 1 WHERE id = ?", (user_id,))
|
||||
target = conn.execute("SELECT role, display_name, username FROM users WHERE id = ?", (user_id,)).fetchone()
|
||||
target_name = (target["display_name"] or target["username"]) if target else "unknown"
|
||||
if target:
|
||||
conn.execute(
|
||||
"INSERT INTO notifications (target_role, title, body, target_user_id) VALUES (?, ?, ?, ?)",
|
||||
(target["role"], "🎉 商业认证已开通", "管理员已为你开通商业用户认证,现在可以使用商业核算等功能。", user_id)
|
||||
)
|
||||
log_audit(conn, user["id"], "grant_business", "user", user_id, target_name, None)
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return {"ok": True}
|
||||
@@ -644,6 +653,9 @@ def revoke_business(user_id: int, body: dict = None, user=Depends(require_role("
|
||||
"INSERT INTO notifications (target_role, title, body, target_user_id) VALUES (?, ?, ?, ?)",
|
||||
(target["role"], "商业资格已取消", msg, user_id)
|
||||
)
|
||||
target_name = (target["display_name"] or target["username"]) if target else "unknown"
|
||||
log_audit(conn, user["id"], "revoke_business", "user", user_id, target_name,
|
||||
json.dumps({"reason": reason}) if reason else None)
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return {"ok": True}
|
||||
|
||||
Reference in New Issue
Block a user