记录用户操作 [英] Logging user actions

问题描述

客户希望我们记录用户在我们系统上执行的操作：主要是创建，删除和更新。
我已经有一个记录跟踪的方面，但是在记录每个方法调用的情况下工作的级别非常低。
因此，如果用户点击打开医疗文件按钮，日志将显示为：

The customer wants us to "log" the "actions" that a user performs on our system: creation, deletion and update, mostly. I already have an aspect that logs the trace, but that works at a pretty low level logging every method call. So if a user clicked on the button "open medical file" the log would read:

1. closePreviousFiles（患者零 ）


2. createMedicalFile（病人零） - >文件＃001


3. changeStatus（＃001） - >打开

，而期望的结果是：

1. 打开医疗患者零的文件＃001

我正在考虑使用日志语句检测Struts2操作，但我想知道......还有另一种方法吗？我可能会再次使用AspectJ（或过滤器）并将逻辑保留在一个地方，以便我可以轻松配置日志，但是我担心一切都会变得难以理解（即此操作的日志是错误的......我应该找麻烦吗？）。

I'm thinking of instrumenting the Struts2 actions with log statements, but I'm wondering... is there another way to do that? I might use AspectJ again (or a filter) and keep the logic in just one place, so that I might configure the log easily, but then I'm afraid everything will become harder to understand (i.e. "the log for this action is wrong... where the heck should I look for the trouble?").

推荐答案

听起来你的客户想要审计跟踪用户在系统中的操作。

Sounds like your client wants an audit trail of the user's actions in the system.

考虑在每个操作的入口点（来自Web请求）启动一个带有枚举/常量的审计条目。如果可能，使用用户提供的信息填充它。

Consider that at each action's entry point (from the web request) to start an audit entry with an enum/constant on the action. Populate it with information user has provided if possible.

退出/最后，在审核中指明成功或失败。
伪代码示例：

At exit/finally, indicate in the audit if it is successful or failed. An example in pseudocode:

enum Actions {
  OPEN_MEDICAL_FILE
  ...
}

void handleRequest(...) {
  String patient = ...;
  Audit audit = new Audit(OPEN_MEDICAL_FILE);
  audit.addParameter("patient", patient);
  try {
     ... more things ..
     audit.addParameter("file", "#001");
     ... more things ...
     audit.setSuccess();
  } finally {
    audit.save();
  }
}

这里重要的是保存所有用户操作，无论成败。此外，客户真的需要知道所有相关信息以及操作。

What is important here is that all user actions are saved, regardless of success or failure. Also, the client really really need to know all relevant information along with the action.

由于我们正在记录操作常量和数据，因此将审计呈现给客户端可以单独编码。您也获得了灵活性，因为更改表示字符串（例如，打开医疗档案＃001为患者零到患者零＃001医疗档案打开）在行动时尚未确定，但稍后确定。必须重新审核审核数据。

Since we are logging action constants and data, the presentation of the audit to the client can be seperately coded. You gain flexibility too, since a change of presentation string (eg. "opened medical file #001 for patient zero" to "patient zero #001 medical file opened) is not determined at the time of the action, but later. You don't have to remassage the audit data.

这篇关于记录用户操作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！