feat(admin): add transfer log tab and polish storage ui #9
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds a comprehensive transfer log feature with auditing capabilities for upload and download activities, along with polished storage UI improvements. The changes include both frontend components for managing transfer logs and backend services for tracking and retrieving audit data.
- Adds a new transfer logs tab with filtering, search, and pagination functionality
- Implements backend services for recording and retrieving upload/download audit logs
- Enhances storage management UI with improved visual design and better status indicators
- Adds configuration options for requiring login for uploads and downloads
Reviewed Changes
Copilot reviewed 24 out of 24 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| themes/2025/admin/js/transfer-logs.js | New JavaScript module for transfer logs management with API integration and pagination |
| themes/2025/admin/js/storage-simple.js | Enhanced storage UI with improved visual design and status indicators |
| themes/2025/admin/js/main.js | Added transfer logs tab initialization and improved JSON response handling |
| themes/2025/admin/js/config-simple.js | Added login requirement configuration options for uploads and downloads |
| themes/2025/admin/index.html | Added transfer logs tab and login requirement checkboxes in configuration |
| themes/2025/admin/css/storage.css | Complete visual refresh of storage management interface |
| themes/2025/admin/css/admin-modern.css | Added styling for transfer logs table and controls |
| internal/services/share/logging.go | New service for tracking upload/download operations with audit logging |
| internal/services/share/file.go | Integrated upload logging into file sharing workflow |
| internal/services/admin/config.go | Added support for login requirement configuration |
| internal/services/admin/audit.go | New service for retrieving transfer logs with filtering |
| internal/routes/admin.go | Added transfer logs API endpoint |
| internal/repository/transfer_log.go | New repository for transfer log data access and querying |
| internal/repository/manager.go | Added transfer log repository to manager |
| internal/models/web/admin.go | Added transfer log response models |
| internal/models/models.go | Added transfer log model aliases |
| internal/models/db/transfer_log.go | New database model for transfer logs |
| internal/handlers/storage.go | Improved storage path handling for local storage |
| internal/handlers/share.go | Added login requirements and download logging |
| internal/handlers/admin.go | Added transfer logs API handler |
| internal/database/database.go | Added transfer log table migration |
| internal/config/transfer_config.go | Added login requirement configuration fields |
| docs/config.new.yaml | Updated configuration template with login requirements |
| config.yaml | Updated default configuration with login requirements |
| } | ||
| } catch (error) { | ||
| console.error('加载传输日志失败:', error); | ||
| const message = (error && error.message) ? error.message.substring(0, 200) : '未知错误'; |
There was a problem hiding this comment.
The error message truncation logic is inconsistent with the pattern used in main.js for error handling. Consider extracting this into a shared utility function for consistent error message formatting across the application.
| window.initTransferLogsTab = function () { | ||
| ensureBindings(); | ||
| load(1); | ||
| }; | ||
|
|
||
| window.applyTransferLogFilters = applyFilters; | ||
| window.refreshTransferLogs = refresh; | ||
| window.changeTransferLogPage = changePage; |
There was a problem hiding this comment.
Multiple global function assignments should be grouped into a single namespace object to avoid polluting the global scope. Consider using a pattern like window.TransferLogs = { init: ..., applyFilters: ..., refresh: ..., changePage: ... }.
| window.initTransferLogsTab = function () { | |
| ensureBindings(); | |
| load(1); | |
| }; | |
| window.applyTransferLogFilters = applyFilters; | |
| window.refreshTransferLogs = refresh; | |
| window.changeTransferLogPage = changePage; | |
| window.TransferLogs = { | |
| init: function () { | |
| ensureBindings(); | |
| load(1); | |
| }, | |
| applyFilters: applyFilters, | |
| refresh: refresh, | |
| changePage: changePage | |
| }; |
| if (typeof initTransferLogsTab === 'function') { | ||
| initTransferLogsTab(); |
There was a problem hiding this comment.
The function name 'initTransferLogsTab' doesn't follow the established naming convention. Other cases use function names like 'loadMCPConfig' that start with action verbs. Consider renaming to 'loadTransferLogsTab' for consistency.
| if (typeof initTransferLogsTab === 'function') { | |
| initTransferLogsTab(); | |
| if (typeof loadTransferLogsTab === 'function') { | |
| loadTransferLogsTab(); |
| if s.repositoryManager.User != nil { | ||
| if user, err := s.repositoryManager.User.GetByID(*userID); err == nil { | ||
| logEntry.Username = user.Username | ||
| } else if err != nil { |
There was a problem hiding this comment.
The condition else if err != nil is redundant since the if condition already checks err == nil. The else clause will only execute when err != nil. Simplify to just else.
| } else if err != nil { | |
| } else { |
internal/handlers/admin.go
Outdated
| operation := strings.TrimSpace(c.DefaultQuery("operation", "")) | ||
| search := strings.TrimSpace(c.DefaultQuery("search", "")) |
There was a problem hiding this comment.
Calling strings.TrimSpace on empty default values is unnecessary since empty strings don't have leading/trailing whitespace. Consider checking for non-empty values before trimming or moving the trimming logic into the service layer.
| operation := strings.TrimSpace(c.DefaultQuery("operation", "")) | |
| search := strings.TrimSpace(c.DefaultQuery("search", "")) | |
| operation := c.DefaultQuery("operation", "") | |
| if operation != "" { | |
| operation = strings.TrimSpace(operation) | |
| } | |
| search := c.DefaultQuery("search", "") | |
| if search != "" { | |
| search = strings.TrimSpace(search) | |
| } |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
Codex Review: Here are some suggestions.
FileCodeBox/internal/handlers/share.go
Lines 235 to 249 in 8aae2b2
[P1] Enforce download login requirement
The new transfer.download.require_login config is validated and exposed, but DownloadFile never checks it before streaming the file. Even with the flag set to 1, anonymous users can download any share because the handler only records logs after download and does not gate access. Administrators who turn on the new option will believe downloads require authentication but the endpoint remains public, so the feature does not provide the intended protection.
Reply with @codex fix comments to fix any unresolved comments.
About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you open a pull request for review, mark a draft as ready, or comment "@codex review". If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex fix this CI failure" or "@codex address that feedback".
No description provided.