-
Notifications
You must be signed in to change notification settings - Fork 3.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #10570 from abpframework/maliming/AbpAuditHubFilter
Fix audit issues in Blazor Server.
- Loading branch information
Showing
9 changed files
with
249 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpHubContext.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| using System; | ||
| using System.Collections.Generic; | ||
| using System.Reflection; | ||
| using Microsoft.AspNetCore.SignalR; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR | ||
| { | ||
| public class AbpHubContext | ||
| { | ||
| public IServiceProvider ServiceProvider { get; } | ||
|
|
||
| public Hub Hub { get; } | ||
|
|
||
| public MethodInfo HubMethod { get; } | ||
|
|
||
| public IReadOnlyList<object> HubMethodArguments { get; } | ||
|
|
||
| public AbpHubContext(IServiceProvider serviceProvider, Hub hub, MethodInfo hubMethod, IReadOnlyList<object> hubMethodArguments) | ||
| { | ||
| ServiceProvider = serviceProvider; | ||
| Hub = hub; | ||
| HubMethod = hubMethod; | ||
| HubMethodArguments = hubMethodArguments; | ||
| } | ||
| } | ||
| } |
23 changes: 23 additions & 0 deletions
23
...Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpHubContextAccessorHubFilter.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| using System; | ||
| using System.Threading.Tasks; | ||
| using Microsoft.AspNetCore.SignalR; | ||
| using Microsoft.Extensions.DependencyInjection; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR | ||
| { | ||
| public class AbpHubContextAccessorHubFilter : IHubFilter | ||
| { | ||
| public virtual async ValueTask<object> InvokeMethodAsync(HubInvocationContext invocationContext, Func<HubInvocationContext, ValueTask<object>> next) | ||
| { | ||
| var hubContextAccessor = invocationContext.ServiceProvider.GetRequiredService<IAbpHubContextAccessor>(); | ||
| using (hubContextAccessor.Change(new AbpHubContext( | ||
| invocationContext.ServiceProvider, | ||
| invocationContext.Hub, | ||
| invocationContext.HubMethod, | ||
| invocationContext.HubMethodArguments))) | ||
| { | ||
| return await next(invocationContext); | ||
| } | ||
| } | ||
| } | ||
| } |
92 changes: 92 additions & 0 deletions
92
...src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/Auditing/AbpAuditHubFilter.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| using System; | ||
| using System.Collections.Generic; | ||
| using System.Diagnostics; | ||
| using System.Linq; | ||
| using System.Threading.Tasks; | ||
| using Microsoft.AspNetCore.SignalR; | ||
| using Microsoft.Extensions.DependencyInjection; | ||
| using Microsoft.Extensions.Options; | ||
| using Volo.Abp.Auditing; | ||
| using Volo.Abp.Uow; | ||
| using Volo.Abp.Users; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR.Auditing | ||
| { | ||
| public class AbpAuditHubFilter : IHubFilter | ||
| { | ||
| public virtual async ValueTask<object> InvokeMethodAsync(HubInvocationContext invocationContext, Func<HubInvocationContext, ValueTask<object>> next) | ||
| { | ||
| var options = invocationContext.ServiceProvider.GetRequiredService<IOptions<AbpAuditingOptions>>().Value; | ||
| if (!options.IsEnabled) | ||
| { | ||
| return await next(invocationContext); | ||
| } | ||
|
|
||
| var hasError = false; | ||
| var auditingManager = invocationContext.ServiceProvider.GetRequiredService<IAuditingManager>(); | ||
| using (var saveHandle = auditingManager.BeginScope()) | ||
| { | ||
| Debug.Assert(auditingManager.Current != null); | ||
| object result; | ||
| try | ||
| { | ||
| result = await next(invocationContext); | ||
|
|
||
| if (auditingManager.Current.Log.Exceptions.Any()) | ||
| { | ||
| hasError = true; | ||
| } | ||
| } | ||
| catch (Exception ex) | ||
| { | ||
| hasError = true; | ||
|
|
||
| if (!auditingManager.Current.Log.Exceptions.Contains(ex)) | ||
| { | ||
| auditingManager.Current.Log.Exceptions.Add(ex); | ||
| } | ||
|
|
||
| throw; | ||
| } | ||
| finally | ||
| { | ||
| if (ShouldWriteAuditLog(invocationContext.ServiceProvider, hasError)) | ||
| { | ||
| var unitOfWorkManager = invocationContext.ServiceProvider.GetRequiredService<IUnitOfWorkManager>(); | ||
| if (unitOfWorkManager.Current != null) | ||
| { | ||
| await unitOfWorkManager.Current.SaveChangesAsync(); | ||
| } | ||
|
|
||
| await saveHandle.SaveAsync(); | ||
| } | ||
| } | ||
|
|
||
| return result; | ||
| } | ||
| } | ||
|
|
||
| private bool ShouldWriteAuditLog(IServiceProvider serviceProvider, bool hasError) | ||
| { | ||
| var options = serviceProvider.GetRequiredService<IOptions<AbpAuditingOptions>>().Value; | ||
| if (options.AlwaysLogOnException && hasError) | ||
| { | ||
| return true; | ||
| } | ||
|
|
||
| if (!options.IsEnabledForAnonymousUsers && !serviceProvider.GetRequiredService<ICurrentUser>().IsAuthenticated) | ||
| { | ||
| return false; | ||
| } | ||
|
|
||
| var auditingManager = serviceProvider.GetRequiredService<IAuditingManager>(); | ||
| if (auditingManager.Current == null || | ||
| auditingManager.Current.Log.Actions.IsNullOrEmpty()) | ||
| { | ||
| return false; | ||
| } | ||
|
|
||
| return true; | ||
| } | ||
| } | ||
| } |
55 changes: 55 additions & 0 deletions
55
...Core.SignalR/Volo/Abp/AspNetCore/SignalR/Auditing/AspNetCoreSignalRAuditLogContributor.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| using System.Linq; | ||
| using Microsoft.Extensions.DependencyInjection; | ||
| using Microsoft.Extensions.Logging; | ||
| using Microsoft.Extensions.Logging.Abstractions; | ||
| using Volo.Abp.AspNetCore.WebClientInfo; | ||
| using Volo.Abp.Auditing; | ||
| using Volo.Abp.DependencyInjection; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR.Auditing | ||
| { | ||
| public class AspNetCoreSignalRAuditLogContributor : AuditLogContributor, ITransientDependency | ||
| { | ||
| public ILogger<AspNetCoreSignalRAuditLogContributor> Logger { get; set; } | ||
|
|
||
| public AspNetCoreSignalRAuditLogContributor() | ||
| { | ||
| Logger = NullLogger<AspNetCoreSignalRAuditLogContributor>.Instance; | ||
| } | ||
|
|
||
| public override void PreContribute(AuditLogContributionContext context) | ||
| { | ||
| var hubContext = context.ServiceProvider.GetRequiredService<IAbpHubContextAccessor>().Context; | ||
| if (hubContext == null) | ||
| { | ||
| return; | ||
| } | ||
|
|
||
| var clientInfoProvider = context.ServiceProvider.GetRequiredService<IWebClientInfoProvider>(); | ||
| if (context.AuditInfo.ClientIpAddress == null) | ||
| { | ||
| context.AuditInfo.ClientIpAddress = clientInfoProvider.ClientIpAddress; | ||
| } | ||
|
|
||
| if (context.AuditInfo.BrowserInfo == null) | ||
| { | ||
| context.AuditInfo.BrowserInfo = clientInfoProvider.BrowserInfo; | ||
| } | ||
|
|
||
| //TODO: context.AuditInfo.ClientName | ||
| } | ||
|
|
||
| public override void PostContribute(AuditLogContributionContext context) | ||
| { | ||
| var hubContext = context.ServiceProvider.GetRequiredService<IAbpHubContextAccessor>().Context; | ||
| if (hubContext == null) | ||
| { | ||
| return; | ||
| } | ||
|
|
||
| var firstAction = context.AuditInfo.Actions.FirstOrDefault(); | ||
| context.AuditInfo.Url = firstAction?.ServiceName + "." + firstAction?.MethodName; | ||
| context.AuditInfo.HttpStatusCode = null; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
23 changes: 23 additions & 0 deletions
23
...c/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/DefaultAbpHubContextAccessor.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| using System; | ||
| using System.Threading; | ||
| using Volo.Abp.DependencyInjection; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR | ||
| { | ||
| public class DefaultAbpHubContextAccessor : IAbpHubContextAccessor, ISingletonDependency | ||
| { | ||
| public AbpHubContext Context => _currentHubContext.Value; | ||
|
|
||
| private readonly AsyncLocal<AbpHubContext> _currentHubContext = new AsyncLocal<AbpHubContext>(); | ||
|
|
||
| public virtual IDisposable Change(AbpHubContext context) | ||
| { | ||
| var parent = Context; | ||
| _currentHubContext.Value = context; | ||
| return new DisposeAction(() => | ||
| { | ||
| _currentHubContext.Value = parent; | ||
| }); | ||
| } | ||
| } | ||
| } |
12 changes: 12 additions & 0 deletions
12
...ork/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/IAbpHubContextAccessor.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| using System; | ||
|
|
||
| namespace Volo.Abp.AspNetCore.SignalR | ||
| { | ||
| public interface IAbpHubContextAccessor | ||
| { | ||
| AbpHubContext Context { get; } | ||
|
|
||
| IDisposable Change(AbpHubContext context); | ||
| } | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters