基于Spring Data的AuditorAware审计功能

Spring Data提供支持审计功能：即由谁在什么时候创建或修改实体。Spring Data提供了在实体类的属性上增加@CreatedBy，@LastModifiedBy，@CreatedDate，@LastModifiedDate注解，并配置相应的配置项，即可实现审计功能，有系统自动记录createdByCreatedDatelastModifiedBylastModifiedDate四个属性的值，下面为具体的配置项。

示例

创建一个实体类

package com.hfcsbc.infrastructureservice.domain;

import com.hfcsbc.repository.support.domain.AbstractAuditingEntity;
import lombok.Data;
import org.springframework.data.annotation.CreatedBy;
import org.springframework.data.annotation.CreatedDate;
import org.springframework.data.annotation.LastModifiedBy;
import org.springframework.data.annotation.LastModifiedDate;
import org.springframework.data.jpa.domain.support.AuditingEntityListener;

import javax.persistence.*;
import java.util.Date;

/**
 * Create by pengchao on 2018/3/7
 */
@Entity
@Data
@EntityListeners({AuditingEntityListener.class})
public class Person {
    @Id
    @GeneratedValue
    private Long id;

    private String name;

    private Integer age;
    @CreatedBy
    @Column(
            name = "created_by",
            nullable = false,
            length = 50,
            updatable = false
    )
    private String createdBy;
    @CreatedDate
    @Column(
            name = "created_date",
            nullable = false,
            updatable = false
    )
    private Date createdDate = new Date();
    @LastModifiedBy
    @Column(
            name = "last_modified_by",
            length = 50
    )
    private String lastModifiedBy;
    @LastModifiedDate
    @Column(
            name = "last_modified_date"
    )
    private Date lastModifiedDate = new Date();
}

创建相应的Repository

package com.hfcsbc.repository;

import com.hfcsbc.domain.Person;
import org.springframework.data.jpa.repository.JpaRepository;

/**
 * Create by pengchao on 2018/3/7
 */
public interface PersonRepository extends JpaRepository<Person, Long> {
}

配置获取用户信息的bean

package com.hfcsbc.infrastructureservice.config;

import org.springframework.data.domain.AuditorAware;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Optional;

/**
 * Create by pengchao on 2018/3/7
 */
@Component("auditorAware")
public class AuditorAwareImpl implements AuditorAware<String> {

    @Override
    public Optional<String> getCurrentAuditor() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return Optional.of(authentication.getPrincipal().toString());
    }
}

在Spring Boot入口类开启审计功能

package com.hfcsbc.infrastructureservice;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
import org.springframework.scheduling.annotation.EnableAsync;

@SpringBootApplication
@EnableJpaAuditing(auditorAwareRef = "auditorAware")
@EnableAsync
public class PersonApplication {

    
    public static void main(String[] args) {
        SpringApplication.run(PersonApplication.class, args);
    }
}

即完成配置，在使用repository保存对象时，createdByCreatedDatelastModifiedBylastModifiedDate有审计功能自动插入

注：在异步方法中如何获取用户信息

由于在异步方法中使用repository保存对象，获取不到用户用户信息，需增加如下配置项，即可在Authentication获取用户的信息

package com.hfcsbc.config;

import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.context.SecurityContextHolder;

/**
 * Create by pengchao on 2018/3/7
 */
@Configuration
public class AuditorAwareConfig {
    @Bean
    public MethodInvokingFactoryBean methodInvokingFactoryBean() {
        MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
        methodInvokingFactoryBean.setTargetClass(SecurityContextHolder.class);
        methodInvokingFactoryBean.setTargetMethod("setStrategyName");
        methodInvokingFactoryBean.setArguments(new String[]{SecurityContextHolder.MODE_INHERITABLETHREADLOCAL});
        return methodInvokingFactoryBean;
    }
}

SecurityContextHolder的主要功能是将当前执行的进程和SecurityContext关联起来。
SecurityContextHolder.MODE_INHERITABLETHREADLOCAL：用于线程有父子关系的情景中，子线程继承父线程的SecurityContextHolder；
SecurityContextHolder.MODE_INHERITABLETHREADLOCAL：全局共用SecurityContextHolder。

源码地址:http://www.wisely.top/2018/03/08/spring-data-auditoraware/