使用ASP.NET MVC 4 ActionFilter审核日志记录 [英] Audit Logging using ASP.NET MVC 4 ActionFilter
问题描述
我建立使用ASP.NET MVC 4 Web应用程序,通过实体框架通过T-SQL数据库提供的数据存储。我整合审计日志,因为我去了,我想提供行动的一个很好的人类可读的总结,这样我可以present友好的日志中包含用户bob登录明确的声明来看, 用户爱丽丝更新文章'富',等等。
I'm building a web app using ASP.NET MVC 4, with data storage provided by T-SQL database via Entity Framework. I'm integrating audit logging as I go, and I'd like to provide a nice human-readable summary of the action, so that I can present a friendly logs view with clear statements like "User Bob logged in", "User Alice updated article 'Foo'", etc.
审计记录目前包括:
- GUID
- 时间戳
- 用户ID
- Action类(控制器名称)
- 动作(action方法名)
- ISERROR(布尔值;真方式,无论这是一个错误的记录,或者这个动作没有成功完成)
- 的序列化细节的blob
目前,我的记录使用它实现了一个自定义属性 IActionFIlter ;在 OnActionExecuting()方法记录尝试的操作(连载之类的URL,参数等,以细节BLOB)和 OnActionExecuted()方法返回并设置ISERROR为true,如果没有错误,并追加或者返回的结果或错误信息和堆栈跟踪等的细节例外。我想补充的描述字符串另一列,但我不能看到一个整洁的方式做到这一点。
At the moment, my logging uses a custom attribute which implements IActionFIlter; the OnActionExecuting() method logs the attempted action (serialising things like URL, parameters etc to the detail blob) and the OnActionExecuted() method goes back and sets IsError to true if there are no errors, and appends either the returned result or exception with error message and stack trace etc to the details. I want to add another column for description strings, but I can't see a tidy way to do it.
我最远的是一个字符串传递给属性,像登录用户$用户,然后有日志的方法扫描$字符的字符串,从参数词典,其关键的东西替换词值字(减去$字符)匹配。这是一个小有限;例如,如果文章是由ID号存储,那么你就可以管理最好的就是用户编辑18第37条。有没有真正的方式来获得的用户名或文章的标题;因为它在编译时烘烤你不能实例数据传递给属性,我真的不希望我的测井方法是制作各种数据库调用来获取这种类型的数据,不只是因为它,然后变得不可能(或至少一个真实疼痛)有一个单独的通用测井方法
The furthest I got was to pass a string to the attribute, something like "User $user logged in" and then have the log method scan the string for the $ character and replace that word with anything from the parameters dictionary whose key value matches that word (minus the $ character). This is a little limited; for example, if articles are stored by ID number, then the best you can manage is "User 18 edited article 37". There's no real way to get at the username or article title; you can't pass instance data to the attribute because it's baked in at compile time, and I don't really want my logging method to be making all sorts of database calls to get that sort of data, not least because it then becomes impossible (or at least a real pain) to have a single generic logging method.
这一切的选择是有一个静态的审计日志类并调用类似 AuditRecord.WriteLog(富); 所有的地方,也许某种描述符类,我可以使用(或继承)来描述不同类型的动作,储存所有的参数,并产生一个描述字符串作为必要的,但似乎不太优雅的给我;我真的很喜欢能够只是标记 [审计日志] 上的方法的顶部,并知道它会被记录下来。
The alternative to all this is to have a static audit logging class and call something like AuditRecord.WriteLog(foo); all over the place, perhaps with some kind of descriptor class I can use (or inherit from) to describe different types of action, storing all the parameters and generating a description string as needed, but seems less elegant to me; I really like being able to just tag [AuditLog] on top of a method and know that it'll be recorded.
我想避免的条件逻辑的巨额资金,如使用控制器和动作的名字在一些大的switch语句来选择正确的字符串的模板。如果我能得到的东西像测井方法的文章标题保持那么它会被罚款。是否有一个整洁,简单的方法来做到这一点?
I'd like to avoid huge amounts of conditional logic, like using the controller and action names in some big switch statement to select the correct string template. If I could just get hold of things like article titles in the logging method then it'd be fine. Is there a neat, simple way to do this?
推荐答案
我们最近有两个方面的审计记录的历史和在我们新的MVC项目采用更复杂的安全规则,在工作中类似的讨论。
We recently had a similar discussion at work regarding both logging audit history and applying more complex security rules across our new MVC project.
在年底,我们想出了最优雅的解决办法是让控制器操作中的方法调用(你的另一种方法)。
In the end the most "elegant" solution that we came up with was to have the method calls within the controller actions (Your alternative method).
例如:
[HttpPost]
public ActionResult CreateItem(Item item)
{
//Simplified
CheckSecurity(SecurityTypes.ItemCreation);
LogActivity("Created an item");
//Rest of action code
}
这给了我们灵活地解释所有可能的使用情况,并允许我们的逻辑包装成简单易用的方法来降低code重复。
This gave us the flexibility to account for all possible use cases, and allowed us to wrap up the logic into simple to use methods to reduce code repetition.
这篇关于使用ASP.NET MVC 4 ActionFilter审核日志记录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
