Question

我正在尝试创建一个基本的审计跟踪/日志。这是下面的代码，可以更好地理解我要完成的任务。

const removePasswords = (key, value) =>
  key === "password" ? undefined : value;

const getContentType = (path) => {
  if (path.includes("service-request")) {
    return "Service Request";
  }
  if (path.includes("register")) {
    return "Account Registration";
  }
  if (path.includes("local")) {
    return "Account Login";
  }
  if (path.includes("service")) {
    return "Service";
  }
  if (path.includes("content-types") || path.includes("content-manager")) {
    return "Admin";
  }
  return "Others"
};

const getActionType = (method, path) => {
  if (method.toLowerCase() === "post" && path.includes("service-request")) {
    return "Created Service Request";
  }
  if (method.toLowerCase() === "get" && path.includes("content-manager")) {
    return "Admin content View";
  }
  if (method.toLowerCase() === "post" && path.includes("content-manager")) {
    return "Admin content create";
  }
  if (method.toLowerCase() === "put" && path.includes("content-manager")) {
    return "Admin content update";
  }
  if (method.toLowerCase() === "post" && path.includes("register")) {
    return "User Register";
  }
  if (method.toLowerCase() === "post" && path.includes("local")) {
    return "User log in";
  }

  return "Other Activities"
};
module.exports = (strapi) => {
  return {
    initialize() {
      strapi.app.use(async (ctx, next) => {
        await next();
        console.log("I am running");
        if (ctx.state && ctx.state.user) {
          const entry = {
            contentType: getContentType(ctx._matchedRoute),
            action: getActionType(ctx.request.method, ctx._matchedRoute),
            statusCode: ctx.response.status,
            author: {
              id: ctx.state.user.id,
              email: ctx.state.user.email,
              ip: ctx.request.ip,
            },
            method: ctx.request.method,
            route: ctx._matchedRoute,
            params: ctx.params,
            request: ctx.request.body,
            content: ctx.response.body,
          };
          if (
            (ctx.params.model && ctx.params.model.includes("trail")) ||
            (ctx.params.uid && ctx.params.uid.includes("trail"))
          ) {
            //Do nothing
          } else {
            strapi.services.trails.create(
              JSON.stringify(entry, removePasswords)
            );
          }
        }
        const entry = {
          contentType: getContentType(ctx._matchedRoute),
          action: getActionType(ctx.request.method, ctx._matchedRoute),
          statusCode: ctx.response.status,
          author: {
            id:
              ctx.response.body && ctx.response.body.user
                ? ctx.response.body.user.id
                : "Not found",
            email:
              ctx.response.body && ctx.response.body.user
                ? ctx.response.body.user.email
                : "Not found",
            ip: ctx.request.ip,
          },
          method: ctx.request.method,
          route: ctx._matchedRoute,
          params: ctx.params,
          request: ctx.request.body,
          content: ctx.response.body,
        };
        if (
          (ctx.params.model && ctx.params.model.includes("trail")) ||
          (ctx.params.uid && ctx.params.uid.includes("trail"))
        ) {
          //Do nothing
        } else {
            // strapi.log.info(entry)
          strapi.services.trails.create(
            JSON.stringify(entry, removePasswords)
          );
        }
      });
    },
  };
};

要使上述工作正常运行，您需要进入 localhost://1337 中的 Strapi.io 仪表板并创建一个名为 Trails 的“Collection Type”，并将 9 个条目添加到该集合类型中，如下所示：

contentType：文本
动作：文本
内容：JSON
作者：JSON
请求：JSON
方法：文本
路线：文字
参数：JSON
状态代码：数字

Answer 1

为了让这个工作，我需要改变这个

module.exports = (strapi) => {

为此

module.exports = strapi => {

然后为了正确保存内容，我必须将调用 service.content_type.create 改为显式而不是 Json.stringify()....

这是我的代码

strapi audit middleware index.js

在 Strapi.io 中实施审计跟踪/日志

1 个答案: