ndexondeck/lauditor

管理审计和授权

维护者

详细信息

github.com/ndexondeck/lauditor

源代码

问题

安装: 177

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 2

分支: 0

公开问题: 0

v2.0.6 2020-06-26 13:32 UTC

Requires

MIT ff1048a85f719652adbe0915b0b88e3d97b14738

  • Ohadoma Nduka <ndexondeck.woop@gmail.com>

Auditauthorizetask generate

This package is not auto-updated.

Last update: 2024-09-28 09:36:25 UTC

README

Lauditor是一个基于Laravel的审计和授权包,它帮助您控制管理任务、权限和用户组。它设计用来通过利用Laravel的路由来管理所有应用任务和用户权限。

Total Downloads

目录

  1. 如何使用
    1. 发布供应商文件
    2. 审计
    3. 授权
    4. 用户模型
    5. 生成任务
    6. 刷新数据库
    7. 应用程序API的请求和响应

如何?

使用Composer安装

composer require ndexondeck/lauditor

发布供应商文件

Lauditor附带预定义的控制器和模型,以加快您的开发速度,但您可能已经有一些东西在位,您永远不会替换。那么,您可能不想发布所有文件,所以运行vendor:publish(最小化)将是一个更好的选择,这确保您只发布必要的文件。

要发布所有文件

php artisan vendor:publish --tag=ndexondeck-lauditor-all

有些人可能更喜欢

php artisan vendor:publish --tag=ndexondeck-lauditor-minimal

注意:如果您不会使用此包提供的默认控制器或模型。例如,登录模型将被发布,因为它默认是审计用户模型。在运行迁移之前,请查看用户模型

然后请取消注释以下文件中的命名空间

app/Ndexondeck/Lauditor/Util.php

//namespace App\Ndexondeck\Lauditor;

TO

namespace App\Ndexondeck\Lauditor;

类似地,为以下文件做同样的事情

  1. app/BaseModel.php (必需)
  2. app/Module.php (必需)
  3. app/Task.php (必需)
  4. app/Permission.php (必需)
  5. app/PermissionAuthorizer.php (必需)
  6. app/Group.php
  7. app/Login.php
  8. app/Staff.php

=> 注意,所有这些模型都将从库复制到您的app文件夹,您可以在必要时删除或修改它们

=> 此外,Util类中某些方法需要更新,请参阅App\Ndexondeck\Lauditor\Util以了解更多信息

审计

Use Ndexondeck\Lauditor\Model\Audit;

class YourAuditModel extends Audit {

}

授权

Use Ndexondeck\Lauditor\Model\Authorization;

class YourAuthorizedModel extends Authorization {

}

用户模型

这是审计和授权的默认用户模型配置,您可以根据需要更改它

'audit_user'=> [
        'column' => 'login_id',
        'model' => 'Login',
        'table' => 'logins',
    ],
'authorization_user'=> [
        'column' => 'staff_id',
        'model' => 'Staff',
        'table' => 'staff',
    ],

任何用于审计用户的模型都必须实现AuditUser接口

use Ndexondeck\Lauditor\Contracts\AuditUser;

class Login implements AuditUser{

}

所以,如果您的审计用户配置如下

'audit_user'=> [
        'column' => 'user_id',
        'model' => 'User',
        'table' => 'users',
    ],

那么用户模型必须像下面这样实现AuditUser

use Ndexondeck\Lauditor\Contracts\AuditUser;

class User implements AuditUser{

}

类似地,用于授权用户的模型必须实现AuthorizationUser接口

use Ndexondeck\Lauditor\Contracts\AuthorizationUser;

class Staff implements AuthorizationUser{

}

此外,如果相同的用户模型要作为授权用户使用,如下面的配置所示

'authorization_user'=> [
        'column' => 'user_id',
        'model' => 'User',
        'table' => 'users',
    ],

那么用户模型也必须像下面这样实现AuthorizationUser

use Ndexondeck\Lauditor\Contracts\AuditUser;
use Ndexondeck\Lauditor\Contracts\AuthorizationUser;

class User implements AuditUser,AuthorizationUser{

}

生成任务

此功能与您的路由一起工作,确保了唯一的路由命名

php artisan task:generate

刷新数据库

此功能可以帮助您刷新数据库,甚至可以同时刷新多个数据库。查看帮助以获取更多信息

php artisan db:flush

应用程序API的请求和响应

如果您想记录附加信息,如所有API的请求和响应,您可以在Http/Kernel.php文件中添加"\Ndexondeck\Lauditor\Middleware\LogAfterRequest::class",如下所示。

    //...

    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        \App\Http\Middleware\TrustProxies::class,
        \Ndexondeck\Lauditor\Middleware\LogAfterRequest::class
    ];
    
    //...

审计(如何工作)

  • 审计跟踪方法是一个后台进程,在模型级别发生,任何对模型的更改都可以被检测到,然后如果模型是Audit模型的子类,则进行审计。

考虑以下情况:我们想要保留以下Staff模型的审计跟踪。

staff_table

Class Staff extends Audit{

    function boot(){
        parent::boot();
    }
}

审计模型将创建、更新和删除事件监听器绑定到Staff模型,从而可以捕获审计跟踪。

audit_table

●	id - primary key
●	login_id - the Login id of the logged in user foreign key
●	trail_type - the base class name of the trailed model e.g App\Staff
●	traild_id - the id of the record in the trailed table
●	authorization_id - present when a trail was authorized before committing
●	user_action - a customizable name given to the user’s action that led to the trail
●	table_name - the name of the trailed table
●	action - the database action taken on the trail (create, update or delete)
●	ip - the IP address of the user who initiated this action
●	rid - the request identification hash aka the commit id
●	status - determines the type and state of an audit
    ○	0 - An audit in revoked state
    ○	1 - An audit in active state
    ○	2 - An audit log i.e logs of audit events
    ○	3 - An audit awaiting authorization (pending trail)
●	before - a json value that keeps the trail’s state before an action
●	after - a json value that keeps the trail’s state after an action
●	dependency - present when a set of pending audit trails depends on the execution results of its predecessor when authorized
    e,g suppose we have the following trails waiting authorization in the following order. Create Staff, Create Login
    the Login->staff_id property may depend on the of the Staff->id
    Login::setDependency([
        ‘staff_id’ => ‘staff.id’ 
    ]);
    The method above will Add a dependency for the Create Login trail, to indicate that Login->staff_id will be derived from Staff->id
●	created_at - this will indicate the time the audit record was created.
●	updated_at - this will indicate when there was a last status change to an audit.
  • 现在让我们看看可用的方法

...仍在加载

...在此期间,感谢Adekunle Adekoya (Crystoline)帮助进行测试