ai-coding/deploy-ease-platform
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加ssh链接框架

Browse Source
This commit is contained in:
dengqichen 2025-12-07 15:29:59 +08:00
parent c9b8157754
commit b8412314a8
4 changed files with 54 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
backend/src/main/java/com/qqchen/deploy/backend/deploy/entity/SSHAuditLog.java
View File

@ -1,5 +1,6 @@
package com.qqchen.deploy.backend.deploy.entity; package com.qqchen.deploy.backend.deploy.entity;
import com.qqchen.deploy.backend.framework.annotation.LogicDelete;
import com.qqchen.deploy.backend.framework.domain.Entity; import com.qqchen.deploy.backend.framework.domain.Entity;
import jakarta.persistence.Column; import jakarta.persistence.Column;
import jakarta.persistence.Table; import jakarta.persistence.Table;
@ -10,11 +11,17 @@ import java.time.LocalDateTime;
/** /**
* SSH终端审计日志实体 * SSH终端审计日志实体
*
* 审计日志逻辑删除设计
* - 支持逻辑删除@LogicDelete而非物理删除
* - 确保审计记录的可追溯性和合规性
* - 删除的审计日志仍可通过后台管理查询
*/ */
@Data @Data
@EqualsAndHashCode(callSuper = true) @EqualsAndHashCode(callSuper = true)
@jakarta.persistence.Entity @jakarta.persistence.Entity
@Table(name = "deploy_ssh_audit_log") @Table(name = "deploy_ssh_audit_log")
@LogicDelete
public class SSHAuditLog extends Entity<Long> { public class SSHAuditLog extends Entity<Long> {
/** /**

11
backend/src/main/java/com/qqchen/deploy/backend/deploy/repository/ISSHAuditLogRepository.java
View File

@ -2,6 +2,9 @@ package com.qqchen.deploy.backend.deploy.repository;
import com.qqchen.deploy.backend.deploy.entity.SSHAuditLog; import com.qqchen.deploy.backend.deploy.entity.SSHAuditLog;
import com.qqchen.deploy.backend.framework.repository.IBaseRepository; import com.qqchen.deploy.backend.framework.repository.IBaseRepository;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
/** /**
@ -24,4 +27,12 @@ public interface ISSHAuditLogRepository extends IBaseRepository<SSHAuditLog, Lon
* 统计用户对指定服务器当前活跃的SSH会话数 * 统计用户对指定服务器当前活跃的SSH会话数
*/ */
long countByUserIdAndServerIdAndDisconnectTimeIsNull(Long userId, Long serverId); long countByUserIdAndServerIdAndDisconnectTimeIsNull(Long userId, Long serverId);
/**
* 逻辑删除指定服务器的所有审计日志
* 使用 @Modifying 注解执行批量更新
*/
@Modifying
@Query("UPDATE SSHAuditLog a SET a.deleted = true WHERE a.serverId = :serverId")
void deleteByServerId(@Param("serverId") Long serverId);
} }

31
backend/src/main/java/com/qqchen/deploy/backend/deploy/service/impl/ServerServiceImpl.java
View File

@ -8,6 +8,7 @@ import com.qqchen.deploy.backend.deploy.enums.ServerStatusEnum;
import com.qqchen.deploy.backend.framework.enums.AuthTypeEnum; import com.qqchen.deploy.backend.framework.enums.AuthTypeEnum;
import com.qqchen.deploy.backend.deploy.query.ServerQuery; import com.qqchen.deploy.backend.deploy.query.ServerQuery;
import com.qqchen.deploy.backend.deploy.repository.IServerRepository; import com.qqchen.deploy.backend.deploy.repository.IServerRepository;
import com.qqchen.deploy.backend.deploy.repository.ISSHAuditLogRepository;
import com.qqchen.deploy.backend.deploy.service.IServerService; import com.qqchen.deploy.backend.deploy.service.IServerService;
import com.qqchen.deploy.backend.framework.annotation.ServiceType; import com.qqchen.deploy.backend.framework.annotation.ServiceType;
import com.qqchen.deploy.backend.framework.enums.ResponseCode; import com.qqchen.deploy.backend.framework.enums.ResponseCode;
@ -39,6 +40,9 @@ public class ServerServiceImpl
@Resource @Resource
private SSHCommandServiceFactory sshCommandServiceFactory; private SSHCommandServiceFactory sshCommandServiceFactory;
@Resource
private ISSHAuditLogRepository sshAuditLogRepository;
public ServerServiceImpl(IServerRepository serverRepository) { public ServerServiceImpl(IServerRepository serverRepository) {
this.serverRepository = serverRepository; this.serverRepository = serverRepository;
} }
@ -206,5 +210,32 @@ public class ServerServiceImpl
return info; return info;
} }
/**
* 重写删除方法
*
* 删除策略
* 1. 服务器物理删除没有@LogicDelete注解
* 2. 审计日志逻辑删除@LogicDelete注解
* 3. 审计日志永久保留仅标记deleted=true确保审计可追溯
*/
@Override
@Transactional
public void delete(Long id) {
log.info("删除服务器: serverId={}", id);
// 1. 逻辑删除关联的SSH审计日志保留历史记录
try {
sshAuditLogRepository.deleteByServerId(id);
log.info("已逻辑删除服务器关联的SSH审计日志: serverId={}", id);
} catch (Exception e) {
log.warn("逻辑删除服务器关联的SSH审计日志失败: serverId={}, error={}", id, e.getMessage());
// 继续执行即使审计日志删除失败也要删除服务器
}
// 2. 物理删除服务器
super.delete(id);
log.info("服务器删除成功: serverId={}", id);
}
} }

8
backend/src/main/resources/db/changelog/changes/v1.0.0-schema.sql
View File

@ -1256,7 +1256,9 @@ CREATE TABLE deploy_ssh_audit_log
KEY idx_server_id (server_id), KEY idx_server_id (server_id),
KEY idx_connect_time (connect_time), KEY idx_connect_time (connect_time),
KEY idx_session_id (session_id), KEY idx_session_id (session_id),
KEY idx_status (status), KEY idx_status (status)
CONSTRAINT fk_ssh_audit_user FOREIGN KEY (user_id) REFERENCES sys_user (id), -- ⚠️ 审计日志表不添加外键约束,原因:
CONSTRAINT fk_ssh_audit_server FOREIGN KEY (server_id) REFERENCES deploy_server (id) -- 1. 审计日志需要永久保留(逻辑删除)
-- 2. 删除用户/服务器时,审计日志不应被物理删除
-- 3. user_id/server_id 仅作为历史记录字段,通过冗余字段可查询
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='SSH终端审计日志表'; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='SSH终端审计日志表';