Re: [PR] Refactor record audit log logic [dolphinscheduler]

Thu, 18 Apr 2024 23:16:40 -0700 


github-advanced-security[bot] commented on code in PR #15881:
URL: 
https://github.com/apache/dolphinscheduler/pull/15881#discussion_r1571871045


##########
dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/audit/OperatorLogAspect.java:
##########
@@ -44,30 +51,72 @@
     public void logPointCut() {
     }
 
-    @Around("logPointCut()")
-    public Object around(ProceedingJoinPoint point) throws Throwable {
+    @Before("logPointCut()")
+    public void before(JoinPoint point) {
         MethodSignature signature = (MethodSignature) point.getSignature();
         Method method = signature.getMethod();
-
         OperatorLog operatorLog = method.getAnnotation(OperatorLog.class);
-
         Operation operation = method.getAnnotation(Operation.class);
+
         if (operation == null) {
             log.warn("Operation is null of method: {}", method.getName());
-            return point.proceed();
+            return;
         }
-        long beginTime = System.currentTimeMillis();
 
         Map<String, Object> paramsMap = OperatorUtils.getParamsMap(point, 
signature);
-        Result<?> result = (Result<?>) point.proceed();
+        User user = OperatorUtils.getUser(paramsMap);
+        if (user == null) {
+            log.error("user is null");
+            return;
+        }
+
+        AuditType auditType = operatorLog.auditType();
+
         try {
             AuditOperator operator = 
SpringApplicationContext.getBean(operatorLog.auditType().getOperatorClass());
-            long latency = System.currentTimeMillis() - beginTime;
-            operator.recordAudit(paramsMap, result, latency, operation, 
operatorLog);
+            List<AuditLog> auditLogList = 
OperatorUtils.buildAuditLogList(operation.description(), auditType, user);
+            operator.setRequestParam(auditType, auditLogList, paramsMap);
+            AuditContext auditContext =
+                    new AuditContext(auditLogList, paramsMap, operatorLog, 
System.currentTimeMillis(), operator);
+            AuditLocalContent.getAuditThreadLocal().set(auditContext);
         } catch (Throwable throwable) {
             log.error("Record audit log error", throwable);
         }
+    }
+
+    @AfterReturning(value = "logPointCut()", returning = "returnValue")
+    public void afterReturn(JoinPoint jp, Object returnValue) {

Review Comment:
   ## Useless parameter
   
   The parameter 'jp' is never used.
   
   [Show more 
details](https://github.com/apache/dolphinscheduler/security/code-scanning/4114)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to