feat: 完善日志审计功能

- 实现文件系统日志(FilesystemLog)记录文件管理器操作 - 实现操作日志(OperationLog)记录用户操作行为 - 实现数据库SQL日志(DatabaseSQLLog)模型和API - 实现SSH会话命令记录(SessionCommand)含命令输出和风险等级 - 添加IP提取服务支持X-Real-IP和X-Forwarded-For - 添加日志自动清理功能 - 修复ProFormSwitch required验证问题 - 修复设置页面默认值问题 - 修复文件上传错误检测逻辑 - 修复资产树key前缀问题 - 添加VNC/RDP设置默认值 - 修复文件管理标题翻译
2026-04-19 06:57:42 +08:00
parent a2a1613384
commit 1f7c491048
42 changed files with 1214 additions and 130 deletions
@@ -43,6 +43,10 @@ func (t *Ticker) SetupTicker() {
 			deleteOutTimeSession()
 			deleteOutTimeLoginLog()
 			deleteOutTimeJobLog()
+			deleteOutTimeAccessLog()
+			deleteOutTimeFilesystemLog()
+			deleteOutTimeOperationLog()
+			deleteOutTimeDatabaseSQLLog()
 		}
 	}()

@@ -297,3 +301,115 @@ func deleteOutTimeJobLog() {
 		}
 	}
 }
+
+func deleteOutTimeAccessLog() {
+	property, err := repository.PropertyRepository.FindByName(context.TODO(), "access-log-saved-limit")
+	if err != nil {
+		return
+	}
+	if property.Value == "" || property.Value == "-" {
+		return
+	}
+	limit, err := strconv.Atoi(property.Value)
+	if err != nil {
+		return
+	}
+
+	accessLogs, err := repository.AccessLogRepository.FindOutTimeLog(context.TODO(), limit)
+	if err != nil {
+		return
+	}
+
+	if len(accessLogs) > 0 {
+		for i := range accessLogs {
+			err := repository.AccessLogRepository.DeleteById(context.TODO(), accessLogs[i].ID)
+			if err != nil {
+				log.Error("删除访问日志失败", log.NamedError("err", err))
+			}
+		}
+	}
+}
+
+func deleteOutTimeFilesystemLog() {
+	property, err := repository.PropertyRepository.FindByName(context.TODO(), "filesystem-log-saved-limit")
+	if err != nil {
+		return
+	}
+	if property.Value == "" || property.Value == "-" {
+		return
+	}
+	limit, err := strconv.Atoi(property.Value)
+	if err != nil {
+		return
+	}
+
+	logs, err := repository.FilesystemLogRepository.FindOutTimeLog(context.TODO(), limit)
+	if err != nil {
+		return
+	}
+
+	if len(logs) > 0 {
+		for i := range logs {
+			err := repository.FilesystemLogRepository.DeleteById(context.TODO(), logs[i].ID)
+			if err != nil {
+				log.Error("删除文件系统日志失败", log.NamedError("err", err))
+			}
+		}
+	}
+}
+
+func deleteOutTimeOperationLog() {
+	property, err := repository.PropertyRepository.FindByName(context.TODO(), "operation-log-saved-limit")
+	if err != nil {
+		return
+	}
+	if property.Value == "" || property.Value == "-" {
+		return
+	}
+	limit, err := strconv.Atoi(property.Value)
+	if err != nil {
+		return
+	}
+
+	logs, err := repository.OperationLogRepository.FindOutTimeLog(context.TODO(), limit)
+	if err != nil {
+		return
+	}
+
+	if len(logs) > 0 {
+		for i := range logs {
+			err := repository.OperationLogRepository.DeleteById(context.TODO(), logs[i].ID)
+			if err != nil {
+				log.Error("删除操作日志失败", log.NamedError("err", err))
+			}
+		}
+	}
+}
+
+func deleteOutTimeDatabaseSQLLog() {
+	property, err := repository.PropertyRepository.FindByName(context.TODO(), "database-sql-log-saved-limit")
+	if err != nil {
+		return
+	}
+	if property.Value == "" || property.Value == "-" {
+		return
+	}
+	limit, err := strconv.Atoi(property.Value)
+	if err != nil {
+		return
+	}
+
+	logs, err := repository.DatabaseSQLLogRepository.FindOutTimeLog(context.TODO(), limit)
+	if err != nil {
+		return
+	}
+
+	if len(logs) > 0 {
+		for i := range logs {
+			err := repository.DatabaseSQLLogRepository.DeleteById(context.TODO(), logs[i].ID)
+			if err != nil {
+				log.Error("删除数据库SQL日志失败", log.NamedError("err", err))
+			}
+		}
+	}
+}