我正在使用ABP版本3.8.2。我已启用ABP Audit Logging,并且工作正常。
为了隐藏敏感信息(例如密码,信用卡详细信息等),是否有办法用不同的值替换或屏蔽审核日志值?也许可以通过扩展ABP的Audited属性来实现。
请提出建议。
答案 0 :(得分:1)
是的,您可以替换或屏蔽审核的值以隐藏敏感信息。
实施MaskableAuditSerializer:
public class MaskableAuditSerializer : IAuditSerializer, ITransientDependency
{
private readonly IAuditingConfiguration _configuration;
public MaskableJsonNetAuditSerializer(IAuditingConfiguration configuration)
{
_configuration = configuration;
}
public string Serialize(object obj)
{
var options = new JsonSerializerSettings
{
ContractResolver = new MaskableAuditingContractResolver(_configuration.IgnoredTypes)
};
return JsonConvert.SerializeObject(obj, options);
}
}
通过继承MaskableAuditingContractResolver实现AuditingContractResolver:
public class MaskableAuditingContractResolver : AuditingContractResolver
{
public MaskableAuditingContractResolver(List<Type> ignoredTypes)
: base(ignoredTypes)
{
}
protected override JsonProperty CreateProperty(MemberInfo member, MemberSerialization memberSerialization)
{
var property = base.CreateProperty(member, memberSerialization);
if (member.IsDefined(typeof(MaskedAuditedAttribute)))
{
property.ValueProvider = new MaskedValueProvider();
}
return property;
}
}
实施MaskedValueProvider:
public class MaskedValueProvider : IValueProvider
{
public object GetValue(object target)
{
return "***";
}
public void SetValue(object target, object value)
{
throw new NotImplementedException();
}
}
通过继承MaskedAuditedAttribute实现AuditedAttribute:
public class MaskedAuditedAttribute : AuditedAttribute
{
}
public class LoginViewModel
{
[MaskedAudited]
public string Password { get; set; }
// ...
}