[英]Web API2 How to log user actions with friendly names with an Annotation
I'm working on a greenfield Web API and need to log users' actions in a friendly way. 我正在使用未开发的Web API,需要以友好的方式记录用户的操作。 I can see its easy to gather the logged in user, the controller, the action, and parameters like this post What I am looking for is away to give human readable friendly messages like:
我可以看到它很容易收集已登录的用户,控制器,操作和参数(如本文),我正在寻找的是提供易于阅读的友好消息,例如:
I could adapt the answer here and then use a lookup table on the controller and action to translate to my human readable string with some token replacements but I can see that being a maintenance overhead when new actions are added. 我可以在此处调整答案,然后在控制器和操作上使用查找表来转换为具有某些标记替换的人类可读字符串,但是当添加新操作时,这可以视为维护开销。 It also means a developer might forget to put the call in and we miss auditing.
这也意味着开发人员可能会忘记拨打电话,而我们会错过审核。
Is there a way I can use an annotation on the action to specify what my human readable log message will be? 有什么方法可以在操作上使用注释来指定人类可读的日志消息是什么? (possibly with tokens) Has anybody done this in a generic manner without the code becoming totally custom to that application?
(可能带有令牌)是否有人以通用方式完成了此操作,而代码却没有完全针对该应用程序定制?
I would look into an Aspect oriented programming framework to cross cut your application in a way that's maintainable. 我将研究一种面向方面的编程框架,以一种可维护的方式横切您的应用程序。 Having a strong typed annotation on every action specific to a logging mechanism will be readable and maintainable provided you are happy that to add a the logging capability, you will require a re-compilation.
如果您很高兴添加日志功能,则需要重新编译,那么在特定于日志机制的每个操作上都有强类型注释将是可读且可维护的。 You could switch these on or off using a config setting easily.
您可以使用配置设置轻松打开或关闭这些功能。
I have used and would recommend PostSharp here, its awesome and free (for basic aspects). 我曾经在这里推荐PostSharp,它很棒而且免费(针对基本方面)。
A good example is: 一个很好的例子是:
http://doc.postsharp.net/example-trace http://doc.postsharp.net/example-trace
I have implemented a modified version of this with log4net and it works really well in a production environment. 我已经使用log4net实现了此版本的修改版本,它在生产环境中确实运行良好。
Generally speaking i am not a fan of AOP as its surprise factor can be disconcerting, but in cases like this the maintenance overhead reduction is worth the trade off. 一般来说,我不是AOP的拥护者,因为其令人惊讶的因素可能令人不安,但是在这种情况下,减少维护开销是值得权衡的。
I think that trying to accomplish this at the UI layer is the wrong place. 我认为尝试在UI层完成此操作是错误的地方。 If I hit the url
foo.com/product/delete/1
does that mean that I deleted the product? 如果我输入
foo.com/product/delete/1
网址,是否表示我删除了产品? I would say no. 我会说不。
I think the correct place to do this kind of auditing is at the repo layer of your code. 我认为进行这种审核的正确位置是代码的repo层。 Have a method something like this:
有这样的方法:
public void DeleteProduct(int productID, string username) {
_db.Products.Delete(productID); //pseudo code
_auditService.AddAuditRecord($"Product ID {productID} was deleted by {username}");
}
This way, you only audit the data change if it was successful. 这样,您仅审核成功的数据更改。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.