fix: add i18n and refactor code

apistructs/audits.go

@@ -366,27 +366,27 @@ const (
 
 // AuditsListRequest GET /api/audits/actions/list 审计事件查询请求结构
 type AuditsListRequest struct {
-	// +optional 是否是查看系统的事件
+	// +optional if sys event to get audit log
 	Sys bool `schema:"sys"`
-	// +optional 企业ID
+	// +optional List of organization IDS
 	OrgID []uint64 `schema:"orgId"`
-	// +required 事件开始时间
+	// +required Start time of the query event
 	StartAt string `schema:"startAt"`
-	// +required 事件结束事件
+	// +required End time of the query event
 	EndAt string `schema:"endAt"`
-	// +optional fdp项目id
+	// +optional List of FDP project IDs
 	FDPProjectID []string `schema:"fdpProjectId"`
-	// +optional 通过用户id过滤事件
+	// +optional List of user IDs
 	UserID []string `schema:"userId"`
-	// +optional 通过模版过滤事件
+	// +optional List of log template name
 	TemplateName []TemplateName `schema:"templateName"`
-	// +optional 通过客户端ip过滤
+	// +optional List of client IP address
 	ClientIP []string `schema:"clientIP"`
-	// +optional 应用ID查询
+	// +optional List of application IDs
 	AppID []uint64 `schema:"appId"`
-	// +optional 项目ID列表查询
+	// +optional List of project IDs
 	ProjectID []uint64 `schema:"projectId"`
-	// +optional 查看日志类型
+	// +optional Scope type for visibility
 	ScopeType []ScopeType `schema:"scopeType"`
 	//default 1
 	PageNo int `schema:"pageNo"`

cmd/erda-server/conf/i18n/i18n.yaml

@@ -21,6 +21,12 @@ zh:
   APPLICATION: 应用
   ErrAddMemberOwner: "添加所有者失败，数量超过上限"
 
+  # audit error
+  ErrInvalidOrg: "OrgID 非法，可能是不存在orgID或者多个orgID"
+  ErrInvalidProjectInOrg: "所选项目错误，用户所选择的项目不属于其组织"
+  ErrInvalidAppInOrg: "所选应用错误，用户所选择的应用不属于其组织"
+  ErrInvalidAppInProject: "所选应用错误，用户所选择的应用不属于其选择的项目"
+
 en:
   AvailableIsLessThanQuota: The actual available resource on this workspace in the cluster is less than the quota. Please ask the Ops to allocate project resources reasonably
   NoResourceForTheWorkspace: No allocatable resources on this workspace in the cluster, please check the workspace labels for the nodes
@@ -43,3 +49,9 @@ en:
   PROJECT: project
   APPLICATION: application
   ErrAddMemberOwner: "failed to add project owner, quantity exceeds limit"
+
+  # audit error
+  ErrInvalidOrgID: "Invalid OrgID,it may not exist or multiple OrgIDs"
+  ErrInvalidProjectInOrg: "Invalid selected project. The project does not belong to the user's organization"
+  ErrInvalidAppInOrg: "Invalid selected application. The application does not belong to user's organization."
+  ErrInvalidAppInProject: "Invalid selected application. The application does not belong to the selected project"

internal/core/legacy/dao/application.go

@@ -232,8 +232,8 @@ func (client *DBClient) GetApplicationsByNames(projectID uint64, names []string)
 	return applications, err
 }
 
-func (client *DBClient) GetApplicationsByOrgId(orgId uint64) ([]model.Application, error) {
+func (client *DBClient) GetApplicationsByOrgId(orgID uint64) ([]model.Application, error) {
 	var applications []model.Application
-	err := client.Where("org_id = ?", orgId).Find(&applications).Error
+	err := client.Where("org_id = ?", orgID).Find(&applications).Error
 	return applications, err
 }

internal/core/legacy/dao/audit.go

@@ -43,8 +43,8 @@ func (client *DBClient) GetAuditsByParam(param *model.ListAuditParam) (int, []mo
 	if len(param.ScopeType) > 0 {
 		db = db.Where("scope_type in ( ? )", param.ScopeType)
 	}
-	if len(param.OrgId) > 0 {
-		db = db.Where("org_id in ( ? )", param.OrgId)
+	if len(param.OrgID) > 0 {
+		db = db.Where("org_id in ( ? )", param.OrgID)
 	}
 
 	if len(param.ScopeID) > 0 {
@@ -62,8 +62,8 @@ func (client *DBClient) GetAuditsByParam(param *model.ListAuditParam) (int, []mo
 	if len(param.TemplateName) > 0 {
 		db = db.Where("template_name in ( ? )", param.TemplateName)
 	}
-	if len(param.ClientIp) > 0 {
-		for _, ip := range param.ClientIp {
+	if len(param.ClientIP) > 0 {
+		for _, ip := range param.ClientIP {
 			db = db.Or("client_ip LIKE ?", "%"+ip+"%")
 		}
 	}

internal/core/legacy/endpoints/audit.go

@@ -109,6 +109,8 @@ func (e *Endpoints) ListAudits(ctx context.Context, r *http.Request, vars map[st
 		return apierrors.ErrListAudit.InvalidParameter(err).ToResp(), nil
 	}
 
+	ctx = context.WithValue(ctx, "lang_codes", i18n.Language(r))
+
 	// 权限检查
 	identityInfo, err := user.GetIdentityInfo(r)
 	if err != nil {
@@ -125,7 +127,7 @@ func (e *Endpoints) ListAudits(ctx context.Context, r *http.Request, vars map[st
 		}
 	}
 
-	total, audits, err := e.audit.List(&listReq)
+	total, audits, err := e.audit.List(ctx, &listReq)
 	if err != nil {
 		return apierrors.ErrListAudit.InternalError(err).ToResp(), nil
 	}
@@ -195,7 +197,7 @@ func (e *Endpoints) ExportExcelAudit(ctx context.Context, w http.ResponseWriter,
 	listReq.PageNo = 1
 	listReq.PageSize = 99999
 
-	_, audits, err := e.audit.List(&listReq)
+	_, audits, err := e.audit.List(ctx, &listReq)
 	if err != nil {
 		return apierrors.ErrExportExcelAudit.InternalError(err)
 	}
@@ -306,6 +308,11 @@ func getPermissionBody(listReq *apistructs.AuditsListRequest, identityInfo apist
 	if listReq.Sys {
 		pcr.Scope = apistructs.SysScope
 	} else {
+		// if it has multiple orgID provided in org scope
+		// set pcr as nil,then use CheckPermission(pcr) will return error directly
+		if len(listReq.OrgID) > 1 {
+			return nil
+		}
 		pcr.Scope = apistructs.OrgScope
 		pcr.ScopeID = listReq.OrgID[0]
 	}

internal/core/legacy/model/audit.go

@@ -48,29 +48,30 @@ type AuditSettings struct {
 	Config OrgConfig
 }
 
+// ListAuditParam Filtering params for audit log queries.
 type ListAuditParam struct {
-	// +required 查询事件起始时间
+	// +required Start time of the query event
 	StartAt string
-	// +required 查询事件终止时间
+	// +required End time of the query event
 	EndAt string
-	// +optional 可见范围类型
+	// +optional Scope type for visibility
 	ScopeType []apistructs.ScopeType
-	// +optional 企业id列表
-	OrgId []uint64
-	// +optional UserID列表
+	// +optional List of organization IDS
+	OrgID []uint64
+	// +optional List of user IDs
 	UserID []string
-	// +optional FDP项目ID
+	// +optional List of FDP project IDs
 	FDPProjectID []string
-	// +optional ScopeID列表
+	// +optional List of scope IDs
 	ScopeID []uint64
-	// +optional 应用ID列表
+	// +optional List of application IDs
 	AppID []uint64
-	// +optional 项目ID列表
+	// +optional List of project IDs
 	ProjectID []uint64
-	// +optional 日志模版列表
+	// +optional List of log template name
 	TemplateName []apistructs.TemplateName
-	// +optional 客户端IP
-	ClientIp []string
+	// +optional List of client IP address
+	ClientIP []string
 	// default 1
 	PageNo int
 	// default 20

internal/core/legacy/services/audit/audit.go

@@ -37,6 +37,14 @@ import (
 	"github.com/erda-project/erda/pkg/excel"
 )
 
+// audit log err i18n key
+const (
+	ErrInvalidOrg          = "ErrInvalidOrg"
+	ErrInvalidProjectInOrg = "ErrInvalidProjectInOrg"
+	ErrInvalidAppInOrg     = "ErrInvalidAppInOrg"
+	ErrInvalidAppInProject = "ErrInvalidAppInProject"
+)
+
 // Audit 成员操作封装
 type Audit struct {
 	db    *dao.DBClient
@@ -113,70 +121,107 @@ func (a *Audit) BatchCreateAudit(reqs []apistructs.Audit) error {
 	return nil
 }
 
-// List 通过参数过滤事件
-func (a *Audit) List(param *apistructs.AuditsListRequest) (int, []model.Audit, error) {
-	reqParam := &model.ListAuditParam{
+// List Filter Audit Logs By param
+func (a *Audit) List(ctx context.Context, param *apistructs.AuditsListRequest) (int, []model.Audit, error) {
+	filterParam := &model.ListAuditParam{}
+
+	// if it is sys level，there is no need to perform parameter validation
+	if param.Sys {
+		filterParam = &model.ListAuditParam{
+			StartAt:      param.StartAt,
+			EndAt:        param.EndAt,
+			FDPProjectID: param.FDPProjectID,
+			UserID:       param.UserID,
+			TemplateName: param.TemplateName,
+			PageNo:       param.PageNo,
+			PageSize:     param.PageSize,
+			ClientIP:     param.ClientIP,
+			ScopeType:    param.ScopeType,
+			ProjectID:    param.ProjectID,
+			AppID:        param.AppID,
+			OrgID:        param.OrgID,
+		}
+		return a.db.GetAuditsByParam(filterParam)
+	}
+
+	// if it is not the sys level,valid the param and construct the filterParam
+	var err error
+	filterParam, err = a.constructFilterParamByReq(ctx, param)
+	if err != nil {
+		return 0, nil, err
+	}
+
+	return a.db.GetAuditsByParam(filterParam)
+}
+
+// constructFilterParamByReq valid the param and construct the filterParam to query db by `apistruct.AuditsListRequest`
+func (a *Audit) constructFilterParamByReq(ctx context.Context, param *apistructs.AuditsListRequest) (*model.ListAuditParam, error) {
+	langCodes, ok := ctx.Value("lang_codes").(i18n.LanguageCodes)
+	if !ok {
+		return nil, errors.New("Invalid Language")
+	}
+	if langCodes == nil {
+		langCodes = i18n.LanguageCodes{
+			&i18n.LanguageCode{
+				Code:    "zh-CN",
+				Quality: 1,
+			},
+		}
+	}
+
+	filterParam := &model.ListAuditParam{
 		StartAt:      param.StartAt,
 		EndAt:        param.EndAt,
 		FDPProjectID: param.FDPProjectID,
 		UserID:       param.UserID,
 		TemplateName: param.TemplateName,
 		PageNo:       param.PageNo,
 		PageSize:     param.PageSize,
-		ClientIp:     param.ClientIP,
+		ClientIP:     param.ClientIP,
 		ScopeType:    param.ScopeType,
 	}
-
-	if param.Sys {
-		// if scope_type is sys，there is no need to perform parameter validation
-		reqParam.ProjectID = param.ProjectID
-		reqParam.AppID = param.AppID
-		reqParam.OrgId = param.OrgID
-	} else {
-		// Valid OrgID,in org level,the len(param.OrgID) must equals 1
-		if param.OrgID == nil || len(param.OrgID) > 1 {
-			return 0, nil, errors.New("The orgId is invalid")
+	// Valid OrgID,in org level,the len(param.OrgID) must equals 1
+	if param.OrgID == nil || len(param.OrgID) > 1 {
+		return nil, errors.New(a.trans.Text(langCodes, ErrInvalidOrg))
+	}
+	filterParam.OrgID = []uint64{param.OrgID[0]}
+	if len(param.ProjectID) > 0 {
+		// check if the projectId is owned to the org
+		projectIds, err := a.GetAllProjectIdInOrg(param.OrgID[0])
+		if err != nil {
+			return nil, err
 		}
-		reqParam.OrgId = []uint64{param.OrgID[0]}
+		if _, flag := arrays.IsArrayContained(projectIds, param.ProjectID); !flag {
+			return nil, errors.New(a.trans.Text(langCodes, ErrInvalidProjectInOrg))
+		}
+		filterParam.ProjectID = param.ProjectID
+	}
+	if len(param.AppID) > 0 {
+		// check if the appId is owned to the project which owned to the org
+		var appIds []uint64
+		var err error
 		if len(param.ProjectID) > 0 {
-			// check if the projectId is owned to the org
-			projectIds, err := a.GetAllProjectIdInOrg(param.OrgID[0])
+			// if projectId is not nil,the app must own to the projectId
+			appIds, err = a.GetAllAppIdByProjectIds(param.ProjectID)
 			if err != nil {
-				return 0, nil, err
+				return nil, err
 			}
-			if _, flag := arrays.IsArrayContained(projectIds, param.ProjectID); !flag {
-				return 0, nil, errors.New("用户所选择的项目不属于其所属于的组织")
+			if _, flag := arrays.IsArrayContained(appIds, param.AppID); !flag {
+				return nil, errors.New(a.trans.Text(langCodes, ErrInvalidAppInProject))
 			}
-			reqParam.ProjectID = param.ProjectID
-		}
-		if len(param.AppID) > 0 {
-			// check if the appId is owned to the project which owned to the org
-			var appIds []uint64
-			var err error
-			if len(param.ProjectID) > 0 {
-				// if projectId is not nil,the app must owned to the projectId
-				appIds, err = a.GetAllAppIdByProjectIds(param.ProjectID)
-				if err != nil {
-					return 0, nil, err
-				}
-				if _, flag := arrays.IsArrayContained(appIds, param.AppID); !flag {
-					return 0, nil, errors.New("用户所选择的应用不属于所选的项目")
-				}
-			} else {
-				// projectId is nil,the app must owned to the orgId
-				appIds, err = a.GetAllAppIdByOrgId(param.OrgID[0])
-				if err != nil {
-					return 0, nil, err
-				}
-				if _, flag := arrays.IsArrayContained(appIds, param.AppID); !flag {
-					return 0, nil, errors.New("用户所选择的应用不属于其所属的组织")
-				}
+		} else {
+			// projectId is nil,the app must own to the orgId
+			appIds, err = a.GetAllAppIdByOrgId(param.OrgID[0])
+			if err != nil {
+				return nil, err
+			}
+			if _, flag := arrays.IsArrayContained(appIds, param.AppID); !flag {
+				return nil, errors.New(a.trans.Text(langCodes, ErrInvalidAppInOrg))
 			}
-			reqParam.AppID = param.AppID
 		}
+		filterParam.AppID = param.AppID
 	}
-
-	return a.db.GetAuditsByParam(reqParam)
+	return filterParam, nil
 }
 
 // GetAllProjectIdInOrg Get all the projectId List in org