增加用户访问日志记录拦截器

pom.xml

@@ -21,6 +21,7 @@
 		<simpleimage.version>1.2.3</simpleimage.version>
 		<jai.version>1.1.2</jai.version>
 		<shiro.version>1.3.2</shiro.version>
+		<joda-time.version>2.4</joda-time.version>
 		<commons-lang3.version>3.4</commons-lang3.version>
 		<commons-codec.version>1.10</commons-codec.version>
 		<commons-io.version>2.4</commons-io.version>
@@ -162,6 +163,13 @@
 				<version>${shiro.version}</version>
 			</dependency>
 
+			<!-- joda -->
+			<dependency>
+				<groupId>joda-time</groupId>
+				<artifactId>joda-time</artifactId>
+				<version>${joda-time.version}</version>
+			</dependency>
+
 			<!-- apache commons -->
 			<dependency>
 				<groupId>org.apache.commons</groupId>

xproject-admin/src/main/java/com/certusnet/xproject/admin/web/controller/AdminController.java

@@ -1,5 +1,6 @@
 package com.certusnet.xproject.admin.web.controller;
 
+import static com.certusnet.xproject.common.consts.ContentType.APPLICATION_JSON;
 import static org.springframework.web.bind.annotation.RequestMethod.GET;
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
 
@@ -41,6 +42,7 @@
 import com.certusnet.xproject.admin.web.shiro.realm.AdminUserRealm;
 import com.certusnet.xproject.common.consts.GlobalConstants;
 import com.certusnet.xproject.common.support.AbstractXTreeBuilder;
+import com.certusnet.xproject.common.support.HttpAccessLogging;
 import com.certusnet.xproject.common.support.Result;
 import com.certusnet.xproject.common.support.TreeNodeConverter;
 import com.certusnet.xproject.common.util.DateTimeUtils;
@@ -79,8 +81,16 @@ public String login(HttpServletRequest request, HttpServletResponse response) {
 		return "login.html";
 	}
 
+	/**
+	 * 用户登录
+	 * @param request
+	 * @param response
+	 * @param loginUser
+	 * @return
+	 */
 	@ResponseBody
-	@RequestMapping(value="/login/submit", method=POST)
+	@RequestMapping(value="/login/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
+	@HttpAccessLogging(title="用户登录", isLogin=true, excludeParamNames={"password"})
 	public Object submitLogin(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminUser loginUser) {
 		logger.info(">>> 执行用户登录, loginUser = " + loginUser.getUserName());
 		Result<Object> result = new Result<Object>();
@@ -171,7 +181,7 @@ public String index(HttpServletRequest request, HttpServletResponse response) {
 	 * @return
 	 */
 	@ResponseBody
-	@RequestMapping(value="/login/user/current")
+	@RequestMapping(value="/login/user/current", method=GET, produces=APPLICATION_JSON)
 	public Object getLoginUserInfo(HttpServletRequest request, HttpServletResponse response) {
 		LoginToken<AdminUser> loginToken = (LoginToken<AdminUser>) ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		Map<String,Object> user = new HashMap<String,Object>();
@@ -192,7 +202,7 @@ public Object getLoginUserInfo(HttpServletRequest request, HttpServletResponse r
 	 * @return
 	 */
 	@ResponseBody
-	@RequestMapping(value="/login/user/menus")
+	@RequestMapping(value="/login/user/menus", method=GET, produces=APPLICATION_JSON)
 	public Object getLoginUserMenuList(HttpServletRequest request, HttpServletResponse response) {
 		List<Map<String,Object>> dataList = new ArrayList<Map<String,Object>>();
 		try {
@@ -223,7 +233,7 @@ public Object getLoginUserMenuList(HttpServletRequest request, HttpServletRespon
 	 * @param response
 	 * @return
 	 */
-	@RequestMapping(value="/logout")
+	@RequestMapping(value="/logout", method=GET)
 	public String logout(HttpServletRequest request, HttpServletResponse response) {
 		logger.info(">>> 用户退出系统");
 		if (SecurityUtils.getSubject().getSession() != null) {

xproject-admin/src/main/java/com/certusnet/xproject/admin/web/controller/AdminResourceMgtController.java

@@ -1,5 +1,7 @@
 package com.certusnet.xproject.admin.web.controller;
 
+import static com.certusnet.xproject.common.consts.ContentType.APPLICATION_JSON;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
 
 import java.util.List;
@@ -50,7 +52,7 @@ public class AdminResourceMgtController extends BaseController {
 	 * @param response
 	 * @return
 	 */
-	@RequestMapping(value="/admin/resource/available")
+	@RequestMapping(value="/admin/resource/available", method=GET, produces=APPLICATION_JSON)
 	public Object getAvailableResources(HttpServletRequest request, HttpServletResponse response) {
 		List<AdminResource> allResourceList = adminResourceService.getAllResourceList(null);
 		List<Map<String,Object>> dataList = resourceTreeBuilder.buildObjectTree(GlobalConstants.DEFAULT_ADMIN_ROOT_RESOURCE_ID, allResourceList, resourceTreeNodeConverter);
@@ -64,7 +66,7 @@ public Object getAvailableResources(HttpServletRequest request, HttpServletRespo
 	 * @param resourceAddForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/resource/add/submit", method=POST)
+	@RequestMapping(value="/admin/resource/add/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object addResource(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminResource resourceAddForm) {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		resourceAddForm.setCreateTime(DateTimeUtils.formatNow());
@@ -81,7 +83,7 @@ public Object addResource(HttpServletRequest request, HttpServletResponse respon
 	 * @param resourceEditForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/resource/edit/submit", method=POST)
+	@RequestMapping(value="/admin/resource/edit/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object editResource(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminResource resourceEditForm) {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		resourceEditForm.setUpdateTime(DateTimeUtils.formatNow());
@@ -97,7 +99,7 @@ public Object editResource(HttpServletRequest request, HttpServletResponse respo
 	 * @param id
 	 * @return
 	 */
-	@RequestMapping(value="/admin/resource/del")
+	@RequestMapping(value="/admin/resource/del", method=GET, produces=APPLICATION_JSON)
 	public Object delResource(HttpServletRequest request, HttpServletResponse response, Long id) {
 		adminResourceService.deleteResourceById(id, true);
 		return genSuccessResult("删除成功!", null);

xproject-admin/src/main/java/com/certusnet/xproject/admin/web/controller/AdminRoleMgtController.java

@@ -1,5 +1,7 @@
 package com.certusnet.xproject.admin.web.controller;
 
+import static com.certusnet.xproject.common.consts.ContentType.APPLICATION_JSON;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
 
 import java.util.ArrayList;
@@ -66,7 +68,7 @@ public class AdminRoleMgtController extends BaseController {
 	 * @param pager
 	 * @return
 	 */
-	@RequestMapping(value="/admin/role/list")
+	@RequestMapping(value="/admin/role/list", method=GET, produces=APPLICATION_JSON)
 	public Object listRole(HttpServletRequest request, HttpServletResponse response, AdminRole roleQueryForm, OrderBy orderBy, Pager pager) {
 		PagingList<AdminRole> roleList = adminRoleService.getRoleList(roleQueryForm, pager, orderBy);
 		return genSuccessPagingResult(roleList);
@@ -79,7 +81,7 @@ public Object listRole(HttpServletRequest request, HttpServletResponse response,
 	 * @param roleAddForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/role/add/submit", method=POST)
+	@RequestMapping(value="/admin/role/add/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object addRole(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminRole roleAddForm) {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		roleAddForm.setCreateTime(DateTimeUtils.formatNow());
@@ -96,7 +98,7 @@ public Object addRole(HttpServletRequest request, HttpServletResponse response,
 	 * @param roleEditForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/role/edit/submit", method=POST)
+	@RequestMapping(value="/admin/role/edit/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object editRole(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminRole roleEditForm) {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		roleEditForm.setUpdateTime(DateTimeUtils.formatNow());
@@ -112,7 +114,7 @@ public Object editRole(HttpServletRequest request, HttpServletResponse response,
 	 * @param id
 	 * @return
 	 */
-	@RequestMapping(value="/admin/role/del")
+	@RequestMapping(value="/admin/role/del", method=GET, produces=APPLICATION_JSON)
 	public Object delRole(HttpServletRequest request, HttpServletResponse response, Long id) {
 		adminRoleService.deleteRoleById(id);
 		return genSuccessResult("删除成功!", null);
@@ -126,7 +128,7 @@ public Object delRole(HttpServletRequest request, HttpServletResponse response,
 	 * @return
 	 * @throws Exception
 	 */
-	@RequestMapping(value="/admin/role/resources")
+	@RequestMapping(value="/admin/role/resources", method=GET, produces=APPLICATION_JSON)
 	public Object loadRoleResources(HttpServletRequest request, HttpServletResponse response, Long roleId) throws Exception {
 		List<AdminResource> allResourceList = adminResourceService.getAllResourceList(null);
 		List<AdminResource> roleResourceList = adminRoleService.getResourceListByRoleId(roleId);
@@ -150,7 +152,7 @@ public Object loadRoleResources(HttpServletRequest request, HttpServletResponse
 	 * @param parameter
 	 * @return
 	 */
-	@RequestMapping(value="/admin/role/config/submit", method=POST)
+	@RequestMapping(value="/admin/role/config/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object configRoleResources(HttpServletRequest request, HttpServletResponse response,  @RequestBody Map<String,Object> parameter) {
 		List<Long> resourceIdList = new ArrayList<Long>();
 		String resourceIds = MapUtils.getString(parameter, "resourceIds");

xproject-admin/src/main/java/com/certusnet/xproject/admin/web/controller/AdminUserMgtController.java

@@ -1,5 +1,7 @@
 package com.certusnet.xproject.admin.web.controller;
 
+import static com.certusnet.xproject.common.consts.ContentType.APPLICATION_JSON;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
 
 import java.util.ArrayList;
@@ -63,7 +65,7 @@ public class AdminUserMgtController extends BaseController {
 	 * @param pager
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/list")
+	@RequestMapping(value="/admin/user/list", method=GET, produces=APPLICATION_JSON)
 	public Object listRole(HttpServletRequest request, HttpServletResponse response, AdminUser userQueryForm, OrderBy orderBy, Pager pager) {
 		PagingList<AdminUser> dataList = adminUserService.getUserList(userQueryForm, pager, orderBy);
 		return genSuccessPagingResult(dataList);
@@ -76,7 +78,7 @@ public Object listRole(HttpServletRequest request, HttpServletResponse response,
 	 * @param userAddForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/add/submit", method=POST)
+	@RequestMapping(value="/admin/user/add/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object addUser(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminUser userAddForm) throws Exception {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		userAddForm.setCreateTime(DateTimeUtils.formatNow());
@@ -108,7 +110,7 @@ public Object addUser(HttpServletRequest request, HttpServletResponse response,
 	 * @param modelMap
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/edit/submit", method=POST)
+	@RequestMapping(value="/admin/user/edit/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object editUser(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminUser userEditForm) throws Exception {
 		LoginToken<AdminUser> loginToken = ShiroUtils.getSessionAttribute(LoginToken.LOGIN_TOKEN_SESSION_KEY);
 		userEditForm.setUpdateBy(loginToken.getLoginId());
@@ -137,7 +139,7 @@ public Object editUser(HttpServletRequest request, HttpServletResponse response,
 	 * @param id
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/del")
+	@RequestMapping(value="/admin/user/del", method=GET, produces=APPLICATION_JSON)
 	public Object delUser(HttpServletRequest request, HttpServletResponse response, Long id) {
 		AdminUser user = new AdminUser();
 		user.setUserId(id);
@@ -152,7 +154,7 @@ public Object delUser(HttpServletRequest request, HttpServletResponse response,
 	 * @param passwdEditForm
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/changepwd/submit", method=POST)
+	@RequestMapping(value="/admin/user/changepwd/submit", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object changeUserPasswd(HttpServletRequest request, HttpServletResponse response, @RequestBody AdminUser passwdEditForm, Boolean forceUpdate) {
 		if(forceUpdate == null){
 			forceUpdate = false;
@@ -168,7 +170,7 @@ public Object changeUserPasswd(HttpServletRequest request, HttpServletResponse r
 	 * @param userId
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/enable")
+	@RequestMapping(value="/admin/user/enable", method=GET, produces=APPLICATION_JSON)
 	public Object enableUser(HttpServletRequest request, HttpServletResponse response, Long userId) {
 		return updateUserStatus(request, response, userId, AdminUserStatusEnum.ADMIN_USER_STATUS_ENABLED);
 	}
@@ -180,7 +182,7 @@ public Object enableUser(HttpServletRequest request, HttpServletResponse respons
 	 * @param userId
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/disable")
+	@RequestMapping(value="/admin/user/disable", method=GET, produces=APPLICATION_JSON)
 	public Object disableUser(HttpServletRequest request, HttpServletResponse response, Long userId) {
 		return updateUserStatus(request, response, userId, AdminUserStatusEnum.ADMIN_USER_STATUS_DISABLED);
 	}
@@ -200,7 +202,7 @@ protected Result<Object> updateUserStatus(HttpServletRequest request, HttpServle
 	 * @param userId
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/roles")
+	@RequestMapping(value="/admin/user/roles", method=GET, produces=APPLICATION_JSON)
 	public Object loadUserRoles(HttpServletRequest request, HttpServletResponse response, Long userId, AdminRole filterParam) {
 		List<AdminRole> roleList = adminUserService.getUserRoleList(userId, filterParam);
 		return genSuccessResult(roleList);
@@ -214,7 +216,7 @@ public Object loadUserRoles(HttpServletRequest request, HttpServletResponse resp
 	 * @param roleIds
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/config/add", method=POST)
+	@RequestMapping(value="/admin/user/config/add", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object addUserRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody Map<String,Object> parameter) {
 		Long userId = MapUtils.getLong(parameter, "userId");
 		String roleIds = MapUtils.getString(parameter, "roleIds");
@@ -243,7 +245,7 @@ public Object addUserRoles(HttpServletRequest request, HttpServletResponse respo
 	 * @param roleIds
 	 * @return
 	 */
-	@RequestMapping(value="/admin/user/config/del", method=POST)
+	@RequestMapping(value="/admin/user/config/del", method=POST, consumes=APPLICATION_JSON, produces=APPLICATION_JSON)
 	public Object delUserRoles(HttpServletRequest request, HttpServletResponse response, @RequestBody Map<String,Object> parameter) {
 		Long userId = MapUtils.getLong(parameter, "userId");
 		String roleIds = MapUtils.getString(parameter, "roleIds");
@@ -271,7 +273,7 @@ public Object delUserRoles(HttpServletRequest request, HttpServletResponse respo
 	 * @param orderBy
 	 * @return
 	 */
-	@RequestMapping("/admin/user/search")
+	@RequestMapping(value="/admin/user/search", method=GET, produces=APPLICATION_JSON)
 	public Object searchUsers(HttpServletRequest request, HttpServletResponse response, AdminUser userSearchForm, Pager pager, OrderBy orderBy) {
 		userSearchForm.setStatus(AdminUserStatusEnum.ADMIN_USER_STATUS_ENABLED.getStatusCode());
 		PagingList<AdminUser> dataList = adminUserService.getUserList(userSearchForm, pager, orderBy);

xproject-admin/src/main/java/com/certusnet/xproject/admin/web/interceptor/DbStoreHttpAccessLogHandler.java

@@ -0,0 +1,57 @@
+package com.certusnet.xproject.admin.web.interceptor;
+
+import org.springframework.http.MediaType;
+
+import com.certusnet.xproject.admin.model.AdminUser;
+import com.certusnet.xproject.admin.model.AdminUserAccessLog;
+import com.certusnet.xproject.admin.service.AdminUserAccessLogService;
+import com.certusnet.xproject.common.support.HttpAccessLogging.LoggingType;
+import com.certusnet.xproject.common.util.CollectionUtils;
+import com.certusnet.xproject.common.util.DateTimeUtils;
+import com.certusnet.xproject.common.util.JsonUtils;
+import com.certusnet.xproject.common.util.SpringUtils;
+import com.certusnet.xproject.common.web.springmvc.interceptor.AbstractHttpAccessLogHandler;
+import com.certusnet.xproject.common.web.springmvc.interceptor.HttpAccessLog;
+
+public class DbStoreHttpAccessLogHandler extends AbstractHttpAccessLogHandler<AdminUser> {
+
+	private final AdminUserAccessLogService adminUserAccessLogService;
+
+	public DbStoreHttpAccessLogHandler(HttpAccessLog<AdminUser> httpAccessLog) {
+		super(httpAccessLog);
+		this.adminUserAccessLogService = SpringUtils.getBean(AdminUserAccessLogService.class);
+	}
+
+	public LoggingType getLoggingType() {
+		return LoggingType.DB;
+	}
+
+	public void handleLogger(HttpAccessLog<AdminUser> httpAccessLog) throws Exception {
+		AdminUserAccessLog accessLog = new AdminUserAccessLog();
+		accessLog.setTitle(httpAccessLog.getTitle());
+		accessLog.setUri(httpAccessLog.getUri());
+		accessLog.setMethod(httpAccessLog.getMethod());
+		accessLog.setRequestHeader(CollectionUtils.isEmpty(httpAccessLog.getRequestHeader()) ? null : JsonUtils.object2Json(httpAccessLog.getRequestHeader()));
+		accessLog.setRequestContentType(httpAccessLog.getRequestContentType() == null ? null : httpAccessLog.getRequestContentType().toString());
+		accessLog.setRequestParameter(JsonUtils.object2Json(httpAccessLog.getRequestParameter()));
+		accessLog.setAccessUserId(httpAccessLog.getAccessUser().getUserId());
+		accessLog.setAccessTime(httpAccessLog.getAccessTime());
+		accessLog.setClientIpAddr(httpAccessLog.getClientIpAddr());
+		accessLog.setServerIpAddr(httpAccessLog.getServerIpAddr());
+		accessLog.setProcessTime1(httpAccessLog.getProcessTime1());
+		accessLog.setProcessTime2(httpAccessLog.getProcessTime2());
+		accessLog.setLoggingCompleted(httpAccessLog.isLoggingCompleted());
+		accessLog.setAsynRequest(httpAccessLog.isAsynRequest());
+		accessLog.setResponseContentType(httpAccessLog.getResponseContentType() == null ? null : httpAccessLog.getResponseContentType().toString());
+		if(httpAccessLog.getResponseResult() != null){
+			if(httpAccessLog.getResponseResult() instanceof String){
+				accessLog.setResponseResult(httpAccessLog.getResponseResult().toString());
+			}else if(httpAccessLog.getResponseContentType() != null && MediaType.APPLICATION_JSON_UTF8.getType().equals(httpAccessLog.getResponseContentType().getType())){
+				accessLog.setResponseResult(JsonUtils.object2Json(httpAccessLog.getResponseResult()));
+			}
+		}
+		accessLog.setCreateTime(DateTimeUtils.formatNow());
+		adminUserAccessLogService.recordUserAccessLog(accessLog);
+	}
+
+}