如何审核角色删除?
[英]How to audit role removals?
问题描述
When a role is removed from a user, I need to track who did it (ie. which AbpUser) and when they did it.
当从用户中删除角色时,我需要跟踪谁做了这件事(即哪个 AbpUser)以及他们何时做的。
The obvious solution is to redefine the UserRole entity so that it inherits from FullAuditedEntity instead of CreationAuditedEntity, but the UserRole entity is defined in a nuget package so I cannot simply change the definition.显而易见的解决方案是重新定义 UserRole 实体,使其继承自 FullAuditedEntity 而不是 CreationAuditedEntity,但 UserRole 实体是在 nuget package 中定义的,所以我不能简单地更改定义。
Is there a way to achieve this behavior that I am not seeing?有没有办法实现我没有看到的这种行为?
Here is what I have tried so far.这是我到目前为止所尝试的。
Approach 1: I tried handling this at the database level by setting up a delete trigger on the AbpUserRole table which would insert a record into a AbpUserRoleDeleted table, but I can't think of a way to find out which AbpUser made the deletion with this approach.方法 1:我尝试通过在 AbpUserRole 表上设置删除触发器来在数据库级别处理此问题,该触发器会将记录插入到 AbpUserRoleDeleted 表中,但我想不出一种方法来找出哪个 AbpUser 用这个删除了方法。 I can only track when the action happened.我只能跟踪动作发生的时间。
Approach 2: I tried listening for the EntityDeleted domain event on UserRole entities, but it does not seem to get triggered.方法 2:我尝试在 UserRole 实体上侦听 EntityDeleted 域事件,但它似乎没有被触发。 Interestingly, the EntityUpdated event is triggered when I remove a role from a user, but even assuming that this event would only ever be triggered when a UserRole is deleted, the event data still does not include who made the deletion.有趣的是,当我从用户中删除角色时会触发 EntityUpdated 事件,但即使假设该事件只会在删除 UserRole 时触发,事件数据仍然不包括删除的人。 If it did, I could manually save the audit information in a separate table just like a database delete trigger would, but this time I would have the AbpUser that was responsible for the deletion.如果是这样,我可以像数据库删除触发器一样手动将审计信息保存在单独的表中,但这次我将拥有负责删除的 AbpUser。
Approach 3: I tried extending the UserRole entity by following the steps here .方法 3:我尝试按照此处的步骤扩展 UserRole 实体。 I was able to implement the IDeletionAudited interface and generate a migration that creates the associated columns on the AbpUserRoles table, but removing a role from a user performs a hard delete instead of a soft delete so I can't tell if the columns even get populated.我能够实现 IDeletionAudited 接口并生成在 AbpUserRoles 表上创建关联列的迁移,但是从用户中删除角色会执行硬删除而不是软删除,因此我无法判断列是否被填充. I am assuming they do not.我假设他们没有。
Approach 4: I tried enabling Entity History for the UserRole entity, but it seems to only track when a UserRole entity is created.方法 4:我尝试为 UserRole 实体启用实体历史记录,但它似乎只跟踪创建 UserRole 实体的时间。
1 个解决方案
解决方案1
0 已采纳 2020-04-20 20:40:38
This seems to work fine.这似乎工作正常。
//src\aspnet-core\src\Company.App.EntityFrameworkCore\EntityFrameworkCore\AppDbContext.cs
namespace Company.App.EntityFrameworkCore
{
public class AppDbContext : AbpZeroDbContext<Tenant, Role, User, AppDbContext>, IAbpPersistedGrantDbContext
{
public AppDbContext(DbContextOptions<AppDbContext> options) : base(options)
{
ChangeTracker.StateChanged += OnEntityStateChanged;
}
private void OnEntityStateChanged(object sender, EntityStateChangedEventArgs e)
{
if (e.Entry.Entity is UserRole && e.NewState == EntityState.Deleted)
{
//update instead of delete
e.Entry.State = EntityState.Modified;
e.Entry.CurrentValues["IsDeleted"] = true;
e.Entry.CurrentValues["DeletionTime"] = DateTime.Now;
e.Entry.CurrentValues["DeleterUserId"] = AbpSession.UserId;
}
}
protected override void OnModelCreating(ModelBuilder modelBuilder)
{
//use query filter on the `IsDeleted` shadow property
modelBuilder.Entity<UserRole>().HasQueryFilter(p => !EF.Property<bool>(p, "IsDeleted"));
modelBuilder.Entity<UserRole>().Property<bool>("IsDeleted");
modelBuilder.Entity<UserRole>().Property<DateTime?>("DeletionTime").IsRequired(false);
modelBuilder.Entity<UserRole>().Property<long?>("DeleterUserId").IsRequired(false);
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.