From 268520a0f23eee01b78699df73d520a511f50ebe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E6=88=90?= <light.zhang@ysinc.com>
Date: Tue, 24 Mar 2026 16:07:07 +0800
Subject: [PATCH] 1

---
 api/controller_admin/biz_payment.js      | 15 ++++++++
 api/controller_admin/biz_subscription.js | 44 ++++++++++++++++++------
 api/controller_admin/biz_token.js        | 18 +++++++++-
 3 files changed, 66 insertions(+), 11 deletions(-)

diff --git a/api/controller_admin/biz_payment.js b/api/controller_admin/biz_payment.js
index 1e2629c..731a88f 100644
--- a/api/controller_admin/biz_payment.js
+++ b/api/controller_admin/biz_payment.js
@@ -1,4 +1,5 @@
 const logic = require("../service/biz_subscription_logic");
+const audit = require("../service/biz_audit_service");
 
 function getRequestBody(ctx) {
   if (ctx.request && ctx.request.body && Object.keys(ctx.request.body).length > 0) {
@@ -14,11 +15,25 @@ module.exports = {
   "POST /biz_payment/confirm-offline": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.confirmOfflinePayment(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      action: "biz_payment.confirm_offline",
+      resource_type: "biz_subscription",
+      resource_id: body.subscription_id,
+      detail: { payment_ref: body.payment_ref },
+    });
     ctx.success(row);
   },
   "POST /biz_payment/confirm-link": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.confirmLinkPayment(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      action: "biz_payment.confirm_link",
+      resource_type: "biz_subscription",
+      resource_id: body.subscription_id,
+      detail: { payment_ref: body.payment_ref },
+    });
     ctx.success(row);
   },
 };
diff --git a/api/controller_admin/biz_subscription.js b/api/controller_admin/biz_subscription.js
index 81bd29d..fcce818 100644
--- a/api/controller_admin/biz_subscription.js
+++ b/api/controller_admin/biz_subscription.js
@@ -1,16 +1,8 @@
 const crud = require("../service/biz_admin_crud");
+const { getRequestBody } = crud;
 const baseModel = require("../../middleware/baseModel");
 const logic = require("../service/biz_subscription_logic");
-
-function getRequestBody(ctx) {
-  if (ctx.request && ctx.request.body && Object.keys(ctx.request.body).length > 0) {
-    return ctx.request.body;
-  }
-  if (typeof ctx.getBody === "function") {
-    return ctx.getBody() || {};
-  }
-  return {};
-}
+const audit = require("../service/biz_audit_service");
 
 module.exports = {
   "POST /biz_subscription/page": async (ctx) => {
@@ -36,21 +28,53 @@ module.exports = {
   "POST /biz_subscription/open": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.openSubscription(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      biz_user_id: body.user_id,
+      action: "biz_subscription.open",
+      resource_type: "biz_subscription",
+      resource_id: row.id,
+      detail: { plan_id: body.plan_id, status: row.status },
+    });
     ctx.success(row);
   },
   "POST /biz_subscription/upgrade": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.upgradeSubscription(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      action: "biz_subscription.upgrade",
+      resource_type: "biz_subscription",
+      resource_id: body.subscription_id,
+      detail: { new_plan_id: body.new_plan_id },
+    });
     ctx.success(row);
   },
   "POST /biz_subscription/renew": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.renewSubscription(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      action: "biz_subscription.renew",
+      resource_type: "biz_subscription",
+      resource_id: body.subscription_id,
+    });
     ctx.success(row);
   },
   "POST /biz_subscription/cancel": async (ctx) => {
     const body = getRequestBody(ctx);
     const row = await logic.cancelSubscription(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      action: "biz_subscription.cancel",
+      resource_type: "biz_subscription",
+      resource_id: body.subscription_id,
+    });
     ctx.success(row);
   },
+  "POST /biz_subscription/export": async (ctx) => {
+    const body = getRequestBody(ctx);
+    const res = await crud.exportCsv("biz_subscription", body);
+    ctx.success(res);
+  },
 };
diff --git a/api/controller_admin/biz_token.js b/api/controller_admin/biz_token.js
index c81f638..897c21d 100644
--- a/api/controller_admin/biz_token.js
+++ b/api/controller_admin/biz_token.js
@@ -31,4 +31,20 @@ module.exports = {
     });
   },
   "POST /biz_token/revoke": async (ctx) => {
-    const body = getRequestBody(ct
\ No newline at end of file
+    const body = getRequestBody(ctx);
+    const row = await tokenLogic.revokeToken(body);
+    await audit.logAudit({
+      admin_user_id: audit.pickAdminId(ctx),
+      biz_user_id: row.user_id,
+      action: "biz_token.revoke",
+      resource_type: "biz_api_token",
+      resource_id: row.id,
+    });
+    ctx.success({ id: row.id, status: row.status });
+  },
+  "POST /biz_token/export": async (ctx) => {
+    const body = getRequestBody(ctx);
+    const res = await crud.exportCsv("biz_api_token", body);
+    ctx.success(res);
+  },
+};