feat: add response to Records page (#2830)

* feat: add response to Records page * feat: improve AddRecord * feat: remove log and return err * feat: improve record in signup and record deny * fix: filter will generate 403 record correctly
2025-07-02 19:40:19 +08:00 · 2024-03-22 14:53:38 +08:00
parent 97cc1f9e2b
commit 23dbb0b926
30 changed files with 117 additions and 59 deletions
--- a/routers/authz_filter.go
+++ b/routers/authz_filter.go
@ -20,6 +20,8 @@ import (
 	"net/http"
 	"strings"

+	"github.com/casdoor/casdoor/object"
+
 	"github.com/beego/beego/context"
 	"github.com/casdoor/casdoor/authz"
 	"github.com/casdoor/casdoor/util"
@ -211,5 +213,17 @@ func ApiFilter(ctx *context.Context) {

 	if !isAllowed {
 		denyRequest(ctx)
+		record, err := object.NewRecord(ctx)
+		if err != nil {
+			return
+		}
+
+		record.Organization = subOwner
+		record.User = subName // auth:Unauthorized operation
+		record.Response = fmt.Sprintf("{status:\"error\", msg:\"%s\"}", T(ctx, "auth:Unauthorized operation"))
+
+		util.SafeGoroutine(func() {
+			object.AddRecord(record)
+		})
 	}
 }
--- a/routers/record.go
+++ b/routers/record.go
@ -60,12 +60,30 @@ func RecordMessage(ctx *context.Context) {
 		return
 	}

-	record := object.NewRecord(ctx)
-
 	userId := getUser(ctx)
+
+	ctx.Input.SetParam("recordUserId", userId)
+}
+
+func AfterRecordMessage(ctx *context.Context) {
+	record, err := object.NewRecord(ctx)
+	if err != nil {
+		return
+	}
+
+	userId := ctx.Input.Params()["recordUserId"]
 	if userId != "" {
 		record.Organization, record.User = util.GetOwnerAndNameFromId(userId)
 	}

-	util.SafeGoroutine(func() { object.AddRecord(record) })
+	recordSignup := ctx.Input.Params()["recordSignup"]
+	if recordSignup == "true" {
+		record2 := *record
+		record2.Action = "signup"
+		util.SafeGoroutine(func() { object.AddRecord(&record2) })
+	}
+
+	util.SafeGoroutine(func() {
+		object.AddRecord(record)
+	})
 }