use axum::extract::{Extension, FromRef, Query, State}; use axum::response::Json; use axum::routing::get; use axum::Router; use sea_orm::{ColumnTrait, EntityTrait, PaginatorTrait, QueryFilter, QueryOrder}; use serde::{Deserialize, Serialize}; use erp_core::entity::audit_log; use erp_core::error::AppError; use erp_core::types::TenantContext; /// 审计日志查询参数。 #[derive(Debug, Deserialize)] pub struct AuditLogQuery { pub resource_type: Option, pub user_id: Option, pub page: Option, pub page_size: Option, } /// 审计日志分页响应。 #[derive(Debug, Serialize)] pub struct AuditLogResponse { pub items: Vec, pub total: u64, pub page: u64, pub page_size: u64, } /// GET /audit-logs /// /// 分页查询审计日志,支持按 resource_type 和 user_id 过滤。 /// 租户隔离通过 JWT 中间件注入的 TenantContext 实现。 pub async fn list_audit_logs( State(db): State, Extension(ctx): Extension, Query(params): Query, ) -> Result, AppError> where sea_orm::DatabaseConnection: FromRef, S: Clone + Send + Sync + 'static, { let page = params.page.unwrap_or(1).max(1); let page_size = params.page_size.unwrap_or(20).min(100); let tenant_id = ctx.tenant_id; let mut q = audit_log::Entity::find() .filter(audit_log::Column::TenantId.eq(tenant_id)); if let Some(rt) = ¶ms.resource_type { q = q.filter(audit_log::Column::ResourceType.eq(rt.clone())); } if let Some(uid) = ¶ms.user_id { q = q.filter(audit_log::Column::UserId.eq(*uid)); } let paginator = q .order_by_desc(audit_log::Column::CreatedAt) .paginate(&db, page_size); let total = paginator .num_items() .await .map_err(|e| AppError::Internal(format!("查询审计日志失败: {e}")))?; let items = paginator .fetch_page(page - 1) .await .map_err(|e| AppError::Internal(format!("查询审计日志失败: {e}")))?; Ok(Json(AuditLogResponse { items, total, page, page_size, })) } pub fn audit_log_router() -> Router where sea_orm::DatabaseConnection: FromRef, S: Clone + Send + Sync + 'static, { Router::new().route("/audit-logs", get(list_audit_logs)) }