acts_as_audited_rails3 1.1.1.4

data/doc/index.html

@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html 
+     PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
+
+<!--
+
+    acts_as_audited
+
+  -->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <title>acts_as_audited</title>
+  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+</head>
+<frameset rows="20%, 80%">
+    <frameset cols="25%,35%,45%">
+        <frame src="fr_file_index.html"   title="Files" name="Files" />
+        <frame src="fr_class_index.html"  name="Classes" />
+        <frame src="fr_method_index.html" name="Methods" />
+    </frameset>
+    <frame src="files/README.html" name="docwin" />
+</frameset>
+</html>

data/doc/rdoc-style.css

@@ -0,0 +1,208 @@
+
+body {
+    font-family: Verdana,Arial,Helvetica,sans-serif;
+    font-size:   90%;
+    margin: 0;
+    margin-left: 40px;
+    padding: 0;
+    background: white;
+}
+
+h1,h2,h3,h4 { margin: 0; color: #efefef; background: transparent; }
+h1 { font-size: 150%; }
+h2,h3,h4 { margin-top: 1em; }
+
+a { background: #eef; color: #039; text-decoration: none; }
+a:hover { background: #039; color: #eef; }
+
+/* Override the base stylesheet's Anchor inside a table cell */
+td > a {
+  background: transparent;
+  color: #039;
+  text-decoration: none;
+}
+
+/* and inside a section title */
+.section-title > a {
+  background: transparent;
+  color: #eee;
+  text-decoration: none;
+}
+
+/* === Structural elements =================================== */
+
+div#index {
+    margin: 0;
+    margin-left: -40px;
+    padding: 0;
+    font-size: 90%;
+}
+
+
+div#index a {
+    margin-left: 0.7em;
+}
+
+div#index .section-bar {
+   margin-left: 0px;
+   padding-left: 0.7em;
+   background: #ccc;
+   font-size: small;
+}
+
+
+div#classHeader, div#fileHeader {
+    width: auto;
+    color: white;
+    padding: 0.5em 1.5em 0.5em 1.5em;
+    margin: 0;
+    margin-left: -40px;
+    border-bottom: 3px solid #006;
+}
+
+div#classHeader a, div#fileHeader a {
+    background: inherit;
+    color: white;
+}
+
+div#classHeader td, div#fileHeader td {
+    background: inherit;
+    color: white;
+}
+
+
+div#fileHeader {
+    background: #057;
+}
+
+div#classHeader {
+    background: #048;
+}
+
+
+.class-name-in-header {
+  font-size:  180%;
+  font-weight: bold;
+}
+
+
+div#bodyContent {
+    padding: 0 1.5em 0 1.5em;
+}
+
+div#description {
+    padding: 0.5em 1.5em;
+    background: #efefef;
+    border: 1px dotted #999;
+}
+
+div#description h1,h2,h3,h4,h5,h6 {
+    color: #125;;
+    background: transparent;
+}
+
+div#validator-badges {
+    text-align: center;
+}
+div#validator-badges img { border: 0; }
+
+div#copyright {
+    color: #333;
+    background: #efefef;
+    font: 0.75em sans-serif;
+    margin-top: 5em;
+    margin-bottom: 0;
+    padding: 0.5em 2em;
+}
+
+
+/* === Classes =================================== */
+
+table.header-table {
+    color: white;
+    font-size: small;
+}
+
+.type-note {
+    font-size: small;
+    color: #DEDEDE;
+}
+
+.xxsection-bar {
+    background: #eee;
+    color: #333;
+    padding: 3px;
+}
+
+.section-bar {
+   color: #333;
+   border-bottom: 1px solid #999;
+    margin-left: -20px;
+}
+
+
+.section-title {
+    background: #79a;
+    color: #eee;
+    padding: 3px;
+    margin-top: 2em;
+    margin-left: -30px;
+    border: 1px solid #999;
+}
+
+.top-aligned-row {  vertical-align: top }
+.bottom-aligned-row { vertical-align: bottom }
+
+/* --- Context section classes ----------------------- */
+
+.context-row { }
+.context-item-name { font-family: monospace; font-weight: bold; color: black; }
+.context-item-value { font-size: small; color: #448; }
+.context-item-desc { color: #333; padding-left: 2em; }
+
+/* --- Method classes -------------------------- */
+.method-detail {
+    background: #efefef;
+    padding: 0;
+    margin-top: 0.5em;
+    margin-bottom: 1em;
+    border: 1px dotted #ccc;
+}
+.method-heading {
+  color: black;
+  background: #ccc;
+  border-bottom: 1px solid #666;
+  padding: 0.2em 0.5em 0 0.5em;
+}
+.method-signature { color: black; background: inherit; }
+.method-name { font-weight: bold; }
+.method-args { font-style: italic; }
+.method-description { padding: 0 0.5em 0 0.5em; }
+
+/* --- Source code sections -------------------- */
+
+a.source-toggle { font-size: 90%; }
+div.method-source-code {
+    background: #262626;
+    color: #ffdead;
+    margin: 1em;
+    padding: 0.5em;
+    border: 1px dashed #999;
+    overflow: hidden;
+}
+
+div.method-source-code pre { color: #ffdead; overflow: hidden; }
+
+/* --- Ruby keyword styles --------------------- */
+
+.standalone-code { background: #221111; color: #ffdead; overflow: hidden; }
+
+.ruby-constant  { color: #7fffd4; background: transparent; }
+.ruby-keyword { color: #00ffff; background: transparent; }
+.ruby-ivar    { color: #eedd82; background: transparent; }
+.ruby-operator  { color: #00ffee; background: transparent; }
+.ruby-identifier { color: #ffdead; background: transparent; }
+.ruby-node    { color: #ffa07a; background: transparent; }
+.ruby-comment { color: #b22222; font-weight: bold; background: transparent; }
+.ruby-regexp  { color: #ffa07a; background: transparent; }
+.ruby-value   { color: #7fffd4; background: transparent; }

data/lib/acts_as_audited/audit.rb

@@ -0,0 +1,119 @@
+require 'set'
+
+# Audit saves the changes to ActiveRecord models.  It has the following attributes:
+#
+# * <tt>auditable</tt>: the ActiveRecord model that was changed
+# * <tt>user</tt>: the user that performed the change; a string or an ActiveRecord model
+# * <tt>action</tt>: one of create, update, or delete
+# * <tt>audit_changes</tt>: a serialized hash of all the changes
+# * <tt>created_at</tt>: Time that the change was performed
+#
+class Audit < ActiveRecord::Base
+  belongs_to :auditable, :polymorphic => true
+  belongs_to :user, :polymorphic => true
+
+  before_create :set_version_number, :set_audit_user
+
+  serialize :audit_changes
+
+  cattr_accessor :audited_class_names
+  self.audited_class_names = Set.new
+
+  def self.audited_classes
+    self.audited_class_names.map(&:constantize)
+  end
+
+  # All audits made during the block called will be recorded as made
+  # by +user+. This method is hopefully threadsafe, making it ideal
+  # for background operations that require audit information.
+  def self.as_user(user, &block)
+    Thread.current[:acts_as_audited_user] = user
+
+    yield
+
+    Thread.current[:acts_as_audited_user] = nil
+  end
+
+  # Allows user to be set to either a string or an ActiveRecord object
+  def user_as_string=(user) #:nodoc:
+    # reset both either way
+    self.user_as_model = self.username = nil
+    user.is_a?(ActiveRecord::Base) ?
+      self.user_as_model = user :
+      self.username = user
+  end
+  alias_method :user_as_model=, :user=
+  alias_method :user=, :user_as_string=
+
+  def user_as_string #:nodoc:
+    self.user_as_model || self.username
+  end
+  alias_method :user_as_model, :user
+  alias_method :user, :user_as_string
+
+  def revision
+    clazz = auditable_type.constantize
+    returning clazz.find_by_id(auditable_id) || clazz.new do |m|
+      Audit.assign_revision_attributes(m, self.class.reconstruct_attributes(ancestors).merge({:version => version}))
+    end
+  end
+
+  def ancestors
+    self.class.find(:all, :order => 'version',
+      :conditions => ['auditable_id = ? and auditable_type = ? and version <= ?',
+      auditable_id, auditable_type, version])
+  end
+
+  # Returns a hash of the changed attributes with the new values
+  def new_attributes
+    (audit_changes || {}).inject({}.with_indifferent_access) do |attrs,(attr,values)|
+      attrs[attr] = values.is_a?(Array) ? values.last : values
+      attrs
+    end
+  end
+
+  # Returns a hash of the changed attributes with the old values
+  def old_attributes
+    (audit_changes || {}).inject({}.with_indifferent_access) do |attrs,(attr,values)|
+      attrs[attr] = Array(values).first
+      attrs
+    end
+  end
+
+  def self.reconstruct_attributes(audits)
+    attributes = {}
+    result = audits.collect do |audit|
+      attributes.merge!(audit.new_attributes).merge!(:version => audit.version)
+      yield attributes if block_given?
+    end
+    block_given? ? result : attributes
+  end
+  
+  def self.assign_revision_attributes(record, attributes)
+    attributes.each do |attr, val|
+      if record.respond_to?("#{attr}=")
+        record.attributes.has_key?(attr.to_s) ?
+          record[attr] = val :
+          record.send("#{attr}=", val)
+      end
+    end
+    record
+  end
+
+private
+
+  def set_version_number
+    max = self.class.maximum(:version,
+      :conditions => {
+        :auditable_id => auditable_id,
+        :auditable_type => auditable_type
+      }) || 0
+    self.version = max + 1
+  end
+
+  def set_audit_user
+    self.user = Thread.current[:acts_as_audited_user] if Thread.current[:acts_as_audited_user]
+    nil # prevent stopping callback chains
+  end
+
+end

data/lib/acts_as_audited/audit_sweeper.rb

@@ -0,0 +1,37 @@
+module CollectiveIdea #:nodoc:
+  module ActionController #:nodoc:
+    module Audited #:nodoc:
+      def audit(*models)
+        ActiveSupport::Deprecation.warn("#audit is deprecated. Declare #acts_as_audited in your models.", caller)
+        
+        options = models.extract_options!
+
+        # Parse the options hash looking for classes
+        options.each_key do |key|
+          models << [key, options.delete(key)] if key.is_a?(Class)
+        end
+
+        models.each do |(model, model_options)|
+          model.send :acts_as_audited, model_options || {}
+        end
+      end
+    end
+  end
+end
+
+class AuditSweeper < ActionController::Caching::Sweeper #:nodoc:
+  observe Audit
+  def before_create(audit)
+    audit.user ||= current_user
+  end
+
+  def current_user
+    controller.send :current_user if controller.respond_to?(:current_user, true)
+  end
+end
+
+ActionController::Base.class_eval do
+  extend CollectiveIdea::ActionController::Audited
+  cache_sweeper :audit_sweeper
+end
+Audit.add_observer(AuditSweeper.instance)

data/lib/acts_as_audited/base.rb

@@ -0,0 +1,316 @@
+# Copyright (c) 2006 Brandon Keepers
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module CollectiveIdea #:nodoc:
+  module Acts #:nodoc:
+    # Specify this act if you want changes to your model to be saved in an
+    # audit table.  This assumes there is an audits table ready.
+    #
+    #   class User < ActiveRecord::Base
+    #     acts_as_audited
+    #   end
+    #
+    # To store an audit comment set model.audit_comment to your comment before
+    # a create, update or destroy operation.
+    #
+    # See <tt>CollectiveIdea::Acts::Audited::ClassMethods#acts_as_audited</tt>
+    # for configuration options
+    module Audited #:nodoc:
+      CALLBACKS = [:audit_create, :audit_update, :audit_destroy]
+
+      def self.included(base) # :nodoc:
+        base.extend ClassMethods
+      end
+
+      module ClassMethods
+        # == Configuration options
+        #
+        #
+        # * +only+ - Only audit the given attributes
+        # * +except+ - Excludes fields from being saved in the audit log.
+        #   By default, acts_as_audited will audit all but these fields:
+        #
+        #     [self.primary_key, inheritance_column, 'lock_version', 'created_at', 'updated_at']
+        #   You can add to those by passing one or an array of fields to skip.
+        #
+        #     class User < ActiveRecord::Base
+        #       acts_as_audited :except => :password
+        #     end
+        # * +protect+ - set to false to raise an error if your model uses +attr_protected+, by default it is true
+        #
+        # * +require_comment+ - Ensures that audit_comment is supplied before
+        #   any create, update or destroy operation.
+        #
+        #     class User < ActiveRecord::Base
+        #       acts_as_audited :protect => false
+        #       attr_accessible :name
+        #     end
+        # * +full_model_enabled+ - in YAML, save the current state of the record to the audits table
+        # * +full_model_enabled+ - in YAML, save the current state of the record to the audits table
+        #
+        def acts_as_audited(options = {})
+          # don't allow multiple calls
+          return if self.included_modules.include?(CollectiveIdea::Acts::Audited::InstanceMethods)
+
+          class_inheritable_reader :auditing_full_model_enabled
+          write_inheritable_attribute :auditing_full_model_enabled, (false || options[:full_model_enabled])
+
+          options = {:protect => true}.merge(options)
+
+          class_inheritable_reader :non_audited_columns
+          class_inheritable_reader :auditing_enabled
+          
+          if options[:only]
+            except = self.column_names - options[:only].flatten.map(&:to_s)
+          else
+            except = [self.primary_key, inheritance_column, 'lock_version',
+              'created_at', 'updated_at', 'created_on', 'updated_on', 'created_by', 'updated_by']
+            except |= Array(options[:except]).collect(&:to_s) if options[:except]
+          end
+          write_inheritable_attribute :non_audited_columns, ['audits'] + (except || [])
+
+          if options[:comment_required]
+            validates_presence_of :audit_comment
+            before_destroy :require_comment
+          end
+
+          attr_accessor :audit_comment
+          unless accessible_attributes.nil? || options[:protect]
+            attr_accessible :audit_comment
+          end
+
+          has_many :audits, :as => :auditable, :order => "#{Audit.quoted_table_name}.version"
+          attr_protected :audit_ids if options[:protect]
+          Audit.audited_class_names << self.to_s
+
+          after_create  :audit_create if !options[:on] || (options[:on] && options[:on].include?(:create))
+          before_update :audit_update if !options[:on] || (options[:on] && options[:on].include?(:update))
+          after_destroy :audit_destroy if !options[:on] || (options[:on] && options[:on].include?(:destroy))
+
+          attr_accessor :version
+
+          extend CollectiveIdea::Acts::Audited::SingletonMethods
+          include CollectiveIdea::Acts::Audited::InstanceMethods
+
+          write_inheritable_attribute :auditing_enabled, true
+        end
+      end
+
+      module InstanceMethods
+
+        # Temporarily turns off auditing while saving.
+        def save_without_auditing
+          without_auditing { save }
+        end
+
+        # Executes the block with the auditing callbacks disabled.
+        #
+        #   @foo.without_auditing do
+        #     @foo.save
+        #   end
+        #
+        def without_auditing(&block)
+          self.class.without_auditing(&block)
+        end
+
+        # Gets an array of the revisions available
+        #
+        #   user.revisions.each do |revision|
+        #     user.name
+        #     user.version
+        #   end
+        #
+        def revisions(from_version = 1)
+          audits = self.audits.find(:all, :conditions => ['version >= ?', from_version])
+          return [] if audits.empty?
+          revision = self.audits.find_by_version(from_version).revision
+          Audit.reconstruct_attributes(audits) {|attrs| revision.revision_with(attrs) }
+        end
+
+        # Get a specific revision specified by the version number, or +:previous+
+        def revision(version)
+          revision_with Audit.reconstruct_attributes(audits_to(version))
+        end
+
+        def revision_at(date_or_time)
+          audits = self.audits.find(:all, :conditions => ["created_at <= ?", date_or_time])
+          revision_with Audit.reconstruct_attributes(audits) unless audits.empty?
+        end
+
+        def audited_attributes
+          attributes.except(*non_audited_columns)
+        end
+
+        protected
+
+        def revision_with(attributes)
+          returning self.dup do |revision|
+            revision.send :instance_variable_set, '@attributes', self.attributes_before_type_cast
+            Audit.assign_revision_attributes(revision, attributes)
+
+            # Remove any association proxies so that they will be recreated
+            # and reference the correct object for this revision. The only way
+            # to determine if an instance variable is a proxy object is to
+            # see if it responds to certain methods, as it forwards almost
+            # everything to its target.
+            for ivar in revision.instance_variables
+              proxy = revision.instance_variable_get ivar
+              if !proxy.nil? and proxy.respond_to? :proxy_respond_to?
+                revision.instance_variable_set ivar, nil
+              end
+            end
+          end
+        end
+
+        private
+
+        def audited_changes
+          changed_attributes.except(*non_audited_columns).inject({}) do |changes,(attr, old_value)|
+            changes[attr] = [old_value, self[attr]]
+            changes
+          end
+        end
+
+        def audits_to(version = nil)
+          if version == :previous
+            version = if self.version
+              self.version - 1
+            else
+              previous = audits.find(:first, :offset => 1,
+                :order => "#{Audit.quoted_table_name}.version DESC")
+              previous ? previous.version : 1
+            end
+          end
+          audits.find(:all, :conditions => ['version <= ?', version])
+        end
+
+        def audit_create
+          write_audit(:action => 'create', :audit_changes => audited_attributes, 
+            :comment => audit_comment)
+        end
+
+        def audit_update
+          unless (changes = audited_changes).empty?
+            write_audit(:action => 'update', :audit_changes => changes, 
+              :comment => audit_comment)
+          end
+        end
+
+        def audit_destroy
+          write_audit(:action => 'destroy', :audit_changes => audited_attributes,
+            :comment => audit_comment)
+        end
+
+        # Note- with to_yaml it's easy to get into some sort of recursion issues.  If you see something like:
+        #    yaml TypeError: wrong argument type nil (expected Data)
+        # check to see what other model objects are being pulled in; you may want to limit them.  For example, the RequestProgram was pulling in 
+        # request as an attribute.  This caused issues.  I solved this by adding not pulling in request_programs into YAML via the to_yaml_properties_with_specific method.
+        # In general, you want to stay away from linking objects like RequestProgram and instead use one that list programs.
+        def write_audit(attrs)
+          self.audit_comment = nil
+
+          if auditing_full_model_enabled
+            # Grab all the object attributes and dump them into a Map, then turn the map into YAML and store in the Audit table
+            self.class.reflect_on_all_associations.each {|assn| self.send assn.name.to_sym} # Load up all associations to store in the full_model serialization
+            ignore_properties = if non_audited_columns
+              non_audited_columns.map {|prop| "@#{prop.to_s}"}
+            else
+              []
+            end
+            props = (self.to_yaml_properties.map{|y| y.strip} - ignore_properties)
+            attributes_map = props.inject({}) do |acc, name| 
+              name = name.gsub /@/, ''
+              
+              begin
+                if self.respond_to? name.to_sym
+                  val = self.send name.to_sym
+                  unless val.blank? || (val.is_a?(Array) && val.empty?)
+                    acc[name.to_sym] = val 
+                  end
+                end
+              rescue Exception => exception 
+                error_msg = "Error serializing property #{name}; got exception #{exception.to_s} with backtrace #{exception.backtrace.inspect}"
+                p error_msg
+                logger.error error_msg
+              end
+              acc
+            end
+            attributes_map[:attributes] = self.attributes.except(*non_audited_columns)
+            
+            attrs[:full_model] = attributes_map.to_yaml
+          end
+          
+          self.audits.create attrs if auditing_enabled
+        end
+  
+        def require_comment
+          if audit_comment.blank?
+            errors.add(:audit_comment, "Comment required before destruction")
+            return false
+          end
+        end
+
+        CALLBACKS.each do |attr_name|
+          alias_method "#{attr_name}_callback".to_sym, attr_name
+        end
+
+        def empty_callback #:nodoc:
+        end
+
+      end # InstanceMethods
+
+      module SingletonMethods
+        # Returns an array of columns that are audited.  See non_audited_columns
+        def audited_columns
+          self.columns.select { |c| !non_audited_columns.include?(c.name) }
+        end
+
+        # Executes the block with auditing disabled.
+        #
+        #   Foo.without_auditing do
+        #     @foo.save
+        #   end
+        #
+        def without_auditing(&block)
+          auditing_was_enabled = auditing_enabled
+          disable_auditing
+          returning(block.call) { enable_auditing if auditing_was_enabled }
+        end
+
+        def disable_auditing
+          write_inheritable_attribute :auditing_enabled, false
+        end
+
+        def enable_auditing
+          write_inheritable_attribute :auditing_enabled, true
+        end
+
+        # All audit operations during the block are recorded as being
+        # made by +user+. This is not model specific, the method is a
+        # convenience wrapper around #Audit.as_user.
+        def audit_as( user, &block )
+          Audit.as_user( user, &block )
+        end
+
+      end
+    end
+  end
+end