56a28e8cf7
Some checks failed
Secrets CLI - Build & Release / 版本 & Release (push) Successful in 3s
Secrets CLI - Build & Release / 质量检查 (fmt / clippy / test) (push) Successful in 2m46s
Secrets CLI - Build & Release / Build (macOS aarch64 + x86_64) (push) Successful in 1m27s
Secrets CLI - Build & Release / Build (x86_64-unknown-linux-musl) (push) Successful in 2m0s
Secrets CLI - Build & Release / 发布草稿 Release (push) Has been cancelled
Secrets CLI - Build & Release / Build (x86_64-pc-windows-msvc) (push) Has been cancelled
- 提取 EntryRow/SecretFieldRow 到 models.rs - 提取 current_actor()、print_json() 公共函数 - ExportFormat::from_extension 复用 from_str - fetch_entries 默认 limit 100k(export/inject/run 不再截断) - history 独立为 history.rs 模块 - delete 改用 DeleteArgs 结构体 - config_dir 改为 Result,Argon2id 参数提取常量 - Cargo 依赖 ^ 前缀、tokio 精简 features - 更新 AGENTS.md 项目结构 Made-with: Cursor
38 lines
990 B
Rust
38 lines
990 B
Rust
use serde_json::Value;
|
|
use sqlx::{Postgres, Transaction};
|
|
|
|
/// Return the current OS user as the audit actor (falls back to empty string).
|
|
pub fn current_actor() -> String {
|
|
std::env::var("USER").unwrap_or_default()
|
|
}
|
|
|
|
/// Write an audit entry within an existing transaction.
|
|
pub async fn log_tx(
|
|
tx: &mut Transaction<'_, Postgres>,
|
|
action: &str,
|
|
namespace: &str,
|
|
kind: &str,
|
|
name: &str,
|
|
detail: Value,
|
|
) {
|
|
let actor = current_actor();
|
|
let result: Result<_, sqlx::Error> = sqlx::query(
|
|
"INSERT INTO audit_log (action, namespace, kind, name, detail, actor) \
|
|
VALUES ($1, $2, $3, $4, $5, $6)",
|
|
)
|
|
.bind(action)
|
|
.bind(namespace)
|
|
.bind(kind)
|
|
.bind(name)
|
|
.bind(&detail)
|
|
.bind(&actor)
|
|
.execute(&mut **tx)
|
|
.await;
|
|
|
|
if let Err(e) = result {
|
|
tracing::warn!(error = %e, "failed to write audit log");
|
|
} else {
|
|
tracing::debug!(action, namespace, kind, name, actor, "audit logged");
|
|
}
|
|
}
|