audited 3.0.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. data/.gitignore +11 -0
  2. data/.travis.yml +13 -0
  3. data/.yardopts +3 -0
  4. data/Appraisals +11 -0
  5. data/CHANGELOG +34 -0
  6. data/Gemfile +3 -0
  7. data/LICENSE +19 -0
  8. data/README.md +206 -0
  9. data/Rakefile +24 -0
  10. data/audited-activerecord.gemspec +19 -0
  11. data/audited-mongo_mapper.gemspec +19 -0
  12. data/audited.gemspec +25 -0
  13. data/gemfiles/rails30.gemfile +7 -0
  14. data/gemfiles/rails31.gemfile +7 -0
  15. data/gemfiles/rails32.gemfile +7 -0
  16. data/lib/audited.rb +11 -0
  17. data/lib/audited/audit.rb +105 -0
  18. data/lib/audited/auditor.rb +272 -0
  19. data/lib/audited/sweeper.rb +45 -0
  20. data/spec/audited_spec_helpers.rb +31 -0
  21. data/spec/rails_app/config/application.rb +5 -0
  22. data/spec/rails_app/config/database.yml +24 -0
  23. data/spec/rails_app/config/environment.rb +5 -0
  24. data/spec/rails_app/config/environments/development.rb +19 -0
  25. data/spec/rails_app/config/environments/production.rb +33 -0
  26. data/spec/rails_app/config/environments/test.rb +33 -0
  27. data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
  28. data/spec/rails_app/config/initializers/inflections.rb +2 -0
  29. data/spec/rails_app/config/initializers/secret_token.rb +2 -0
  30. data/spec/rails_app/config/routes.rb +6 -0
  31. data/spec/spec_helper.rb +23 -0
  32. data/spec/support/active_record/models.rb +84 -0
  33. data/spec/support/active_record/schema.rb +54 -0
  34. data/spec/support/mongo_mapper/connection.rb +4 -0
  35. data/spec/support/mongo_mapper/models.rb +174 -0
  36. data/test/db/version_1.rb +17 -0
  37. data/test/db/version_2.rb +18 -0
  38. data/test/db/version_3.rb +19 -0
  39. data/test/db/version_4.rb +20 -0
  40. data/test/db/version_5.rb +18 -0
  41. data/test/install_generator_test.rb +17 -0
  42. data/test/test_helper.rb +19 -0
  43. data/test/upgrade_generator_test.rb +65 -0
  44. metadata +220 -0
@@ -0,0 +1,272 @@
1
+ module Audited
2
+ # Specify this act if you want changes to your model to be saved in an
3
+ # audit table. This assumes there is an audits table ready.
4
+ #
5
+ # class User < ActiveRecord::Base
6
+ # audited
7
+ # end
8
+ #
9
+ # To store an audit comment set model.audit_comment to your comment before
10
+ # a create, update or destroy operation.
11
+ #
12
+ # See <tt>Audited::Adapters::ActiveRecord::Auditor::ClassMethods#audited</tt>
13
+ # for configuration options
14
+ module Auditor #:nodoc:
15
+ extend ActiveSupport::Concern
16
+
17
+ CALLBACKS = [:audit_create, :audit_update, :audit_destroy]
18
+
19
+ module ClassMethods
20
+ # == Configuration options
21
+ #
22
+ #
23
+ # * +only+ - Only audit the given attributes
24
+ # * +except+ - Excludes fields from being saved in the audit log.
25
+ # By default, Audited will audit all but these fields:
26
+ #
27
+ # [self.primary_key, inheritance_column, 'lock_version', 'created_at', 'updated_at']
28
+ # You can add to those by passing one or an array of fields to skip.
29
+ #
30
+ # class User < ActiveRecord::Base
31
+ # audited :except => :password
32
+ # end
33
+ # * +protect+ - If your model uses +attr_protected+, set this to false to prevent Rails from
34
+ # raising an error. If you declare +attr_accessible+ before calling +audited+, it
35
+ # will automatically default to false. You only need to explicitly set this if you are
36
+ # calling +attr_accessible+ after.
37
+ #
38
+ # * +require_comment+ - Ensures that audit_comment is supplied before
39
+ # any create, update or destroy operation.
40
+ #
41
+ # class User < ActiveRecord::Base
42
+ # audited :protect => false
43
+ # attr_accessible :name
44
+ # end
45
+ #
46
+ def audited(options = {})
47
+ # don't allow multiple calls
48
+ return if self.included_modules.include?(Audited::Auditor::AuditedInstanceMethods)
49
+
50
+ options = { :protect => accessible_attributes.blank? }.merge(options)
51
+
52
+ class_attribute :non_audited_columns, :instance_writer => false
53
+ class_attribute :auditing_enabled, :instance_writer => false
54
+ class_attribute :audit_associated_with, :instance_writer => false
55
+
56
+ if options[:only]
57
+ except = self.column_names - options[:only].flatten.map(&:to_s)
58
+ else
59
+ except = default_ignored_attributes + Audited.ignored_attributes
60
+ except |= Array(options[:except]).collect(&:to_s) if options[:except]
61
+ end
62
+ self.non_audited_columns = except
63
+ self.audit_associated_with = options[:associated_with]
64
+
65
+ if options[:comment_required]
66
+ validates_presence_of :audit_comment, :if => :auditing_enabled
67
+ before_destroy :require_comment
68
+ end
69
+
70
+ attr_accessor :audit_comment
71
+ unless accessible_attributes.blank? || options[:protect]
72
+ attr_accessible :audit_comment
73
+ end
74
+
75
+ has_many :audits, :as => :auditable, :class_name => Audited.audit_class.name
76
+ attr_protected :audit_ids if options[:protect]
77
+ Audited.audit_class.audited_class_names << self.to_s
78
+
79
+ after_create :audit_create if !options[:on] || (options[:on] && options[:on].include?(:create))
80
+ before_update :audit_update if !options[:on] || (options[:on] && options[:on].include?(:update))
81
+ before_destroy :audit_destroy if !options[:on] || (options[:on] && options[:on].include?(:destroy))
82
+
83
+ # Define and set an after_audit callback. This might be useful if you want
84
+ # to notify a party after the audit has been created.
85
+ define_callbacks :audit
86
+ set_callback :audit, :after, :after_audit, :if => lambda { self.respond_to?(:after_audit) }
87
+
88
+ attr_accessor :version
89
+
90
+ extend Audited::Auditor::AuditedClassMethods
91
+ include Audited::Auditor::AuditedInstanceMethods
92
+
93
+ self.auditing_enabled = true
94
+ end
95
+
96
+ def has_associated_audits
97
+ has_many :associated_audits, :as => :associated, :class_name => Audited.audit_class.name
98
+ end
99
+ end
100
+
101
+ module AuditedInstanceMethods
102
+ # Temporarily turns off auditing while saving.
103
+ def save_without_auditing
104
+ without_auditing { save }
105
+ end
106
+
107
+ # Executes the block with the auditing callbacks disabled.
108
+ #
109
+ # @foo.without_auditing do
110
+ # @foo.save
111
+ # end
112
+ #
113
+ def without_auditing(&block)
114
+ self.class.without_auditing(&block)
115
+ end
116
+
117
+ # Gets an array of the revisions available
118
+ #
119
+ # user.revisions.each do |revision|
120
+ # user.name
121
+ # user.version
122
+ # end
123
+ #
124
+ def revisions(from_version = 1)
125
+ audits = self.audits.from_version(from_version)
126
+ return [] if audits.empty?
127
+ revisions = []
128
+ audits.each do |audit|
129
+ revisions << audit.revision
130
+ end
131
+ revisions
132
+ end
133
+
134
+ # Get a specific revision specified by the version number, or +:previous+
135
+ def revision(version)
136
+ revision_with Audited.audit_class.reconstruct_attributes(audits_to(version))
137
+ end
138
+
139
+ # Find the oldest revision recorded prior to the date/time provided.
140
+ def revision_at(date_or_time)
141
+ audits = self.audits.up_until(date_or_time)
142
+ revision_with Audited.audit_class.reconstruct_attributes(audits) unless audits.empty?
143
+ end
144
+
145
+ # List of attributes that are audited.
146
+ def audited_attributes
147
+ attributes.except(*non_audited_columns)
148
+ end
149
+
150
+ protected
151
+
152
+ def revision_with(attributes)
153
+ self.dup.tap do |revision|
154
+ revision.id = id
155
+ revision.send :instance_variable_set, '@attributes', self.attributes
156
+ revision.send :instance_variable_set, '@new_record', self.destroyed?
157
+ revision.send :instance_variable_set, '@persisted', !self.destroyed?
158
+ revision.send :instance_variable_set, '@readonly', false
159
+ revision.send :instance_variable_set, '@destroyed', false
160
+ revision.send :instance_variable_set, '@marked_for_destruction', false
161
+ Audited.audit_class.assign_revision_attributes(revision, attributes)
162
+
163
+ # Remove any association proxies so that they will be recreated
164
+ # and reference the correct object for this revision. The only way
165
+ # to determine if an instance variable is a proxy object is to
166
+ # see if it responds to certain methods, as it forwards almost
167
+ # everything to its target.
168
+ for ivar in revision.instance_variables
169
+ proxy = revision.instance_variable_get ivar
170
+ if !proxy.nil? and proxy.respond_to? :proxy_respond_to?
171
+ revision.instance_variable_set ivar, nil
172
+ end
173
+ end
174
+ end
175
+ end
176
+
177
+ private
178
+
179
+ def audited_changes
180
+ changed_attributes.except(*non_audited_columns).inject({}) do |changes,(attr, old_value)|
181
+ changes[attr] = [old_value, self[attr]]
182
+ changes
183
+ end
184
+ end
185
+
186
+ def audits_to(version = nil)
187
+ if version == :previous
188
+ version = if self.version
189
+ self.version - 1
190
+ else
191
+ previous = audits.descending.offset(1).first
192
+ previous ? previous.version : 1
193
+ end
194
+ end
195
+ audits.to_version(version)
196
+ end
197
+
198
+ def audit_create
199
+ write_audit(:action => 'create', :audited_changes => audited_attributes,
200
+ :comment => audit_comment)
201
+ end
202
+
203
+ def audit_update
204
+ unless (changes = audited_changes).empty? && audit_comment.blank?
205
+ write_audit(:action => 'update', :audited_changes => changes,
206
+ :comment => audit_comment)
207
+ end
208
+ end
209
+
210
+ def audit_destroy
211
+ write_audit(:action => 'destroy', :audited_changes => audited_attributes,
212
+ :comment => audit_comment)
213
+ end
214
+
215
+ def write_audit(attrs)
216
+ attrs[:associated] = self.send(audit_associated_with) unless audit_associated_with.nil?
217
+ self.audit_comment = nil
218
+ run_callbacks(:audit) { self.audits.create(attrs) } if auditing_enabled
219
+ end
220
+
221
+ def require_comment
222
+ if auditing_enabled && audit_comment.blank?
223
+ errors.add(:audit_comment, "Comment required before destruction")
224
+ return false
225
+ end
226
+ end
227
+
228
+ CALLBACKS.each do |attr_name|
229
+ alias_method "#{attr_name}_callback".to_sym, attr_name
230
+ end
231
+
232
+ def empty_callback #:nodoc:
233
+ end
234
+
235
+ end # InstanceMethods
236
+
237
+ module AuditedClassMethods
238
+ # Returns an array of columns that are audited. See non_audited_columns
239
+ def audited_columns
240
+ self.columns.select { |c| !non_audited_columns.include?(c.name) }
241
+ end
242
+
243
+ # Executes the block with auditing disabled.
244
+ #
245
+ # Foo.without_auditing do
246
+ # @foo.save
247
+ # end
248
+ #
249
+ def without_auditing(&block)
250
+ auditing_was_enabled = auditing_enabled
251
+ disable_auditing
252
+ block.call.tap { enable_auditing if auditing_was_enabled }
253
+ end
254
+
255
+ def disable_auditing
256
+ self.auditing_enabled = false
257
+ end
258
+
259
+ def enable_auditing
260
+ self.auditing_enabled = true
261
+ end
262
+
263
+ # All audit operations during the block are recorded as being
264
+ # made by +user+. This is not model specific, the method is a
265
+ # convenience wrapper around
266
+ # @see Audit#as_user.
267
+ def audit_as( user, &block )
268
+ Audited.audit_class.as_user( user, &block )
269
+ end
270
+ end
271
+ end
272
+ end
@@ -0,0 +1,45 @@
1
+ module Audited
2
+ class Sweeper < ActiveModel::Observer
3
+ observe Audited.audit_class
4
+
5
+ attr_accessor :controller
6
+
7
+ def before(controller)
8
+ self.controller = controller
9
+ true
10
+ end
11
+
12
+ def after(controller)
13
+ self.controller = nil
14
+ end
15
+
16
+ def before_create(audit)
17
+ audit.user ||= current_user
18
+ audit.remote_address = controller.try(:request).try(:ip)
19
+ end
20
+
21
+ def current_user
22
+ controller.send(Audited.current_user_method) if controller.respond_to?(Audited.current_user_method, true)
23
+ end
24
+
25
+ def add_observer!(klass)
26
+ super
27
+ define_callback(klass)
28
+ end
29
+
30
+ def define_callback(klass)
31
+ observer = self
32
+ callback_meth = :"_notify_audited_sweeper"
33
+ klass.send(:define_method, callback_meth) do
34
+ observer.update(:before_create, self)
35
+ end
36
+ klass.send(:before_create, callback_meth)
37
+ end
38
+ end
39
+ end
40
+
41
+ if defined?(ActionController) and defined?(ActionController::Base)
42
+ ActionController::Base.class_eval do
43
+ around_filter Audited::Sweeper.instance
44
+ end
45
+ end
@@ -0,0 +1,31 @@
1
+ module AuditedSpecHelpers
2
+
3
+ def create_user(use_mongo = false, attrs = {})
4
+ klass = use_mongo ? Models::MongoMapper::User : Models::ActiveRecord::User
5
+ klass.create({:name => 'Brandon', :username => 'brandon', :password => 'password'}.merge(attrs))
6
+ end
7
+
8
+ def create_versions(n = 2, use_mongo = false)
9
+ klass = use_mongo ? Models::MongoMapper::User : Models::ActiveRecord::User
10
+
11
+ klass.create(:name => 'Foobar 1').tap do |u|
12
+ (n - 1).times do |i|
13
+ u.update_attribute :name, "Foobar #{i + 2}"
14
+ end
15
+ u.reload
16
+ end
17
+ end
18
+
19
+ def create_active_record_user(attrs = {})
20
+ create_user(false, attrs)
21
+ end
22
+
23
+ def create_mongo_user(attrs = {})
24
+ create_user(true, attrs)
25
+ end
26
+
27
+ def create_mongo_versions(n = 2)
28
+ create_versions(n, true)
29
+ end
30
+
31
+ end
@@ -0,0 +1,5 @@
1
+ module RailsApp
2
+ class Application < Rails::Application
3
+ config.root = File.expand_path('../../', __FILE__)
4
+ end
5
+ end
@@ -0,0 +1,24 @@
1
+ sqlite3mem: &SQLITE3MEM
2
+ adapter: sqlite3
3
+ database: ":memory:"
4
+
5
+ sqlite3: &SQLITE
6
+ adapter: sqlite3
7
+ database: audited_test.sqlite3.db
8
+
9
+ postgresql: &POSTGRES
10
+ adapter: postgresql
11
+ username: postgres
12
+ password: postgres
13
+ database: audited_test
14
+ min_messages: ERROR
15
+
16
+ mysql: &MYSQL
17
+ adapter: mysql
18
+ host: localhost
19
+ username: root
20
+ password:
21
+ database: audited_test
22
+
23
+ test:
24
+ <<: *<%= ENV['DB'] || 'SQLITE3MEM' %>
@@ -0,0 +1,5 @@
1
+ # Load the rails application
2
+ require File.expand_path('../application', __FILE__)
3
+
4
+ # Initialize the rails application
5
+ RailsApp::Application.initialize!
@@ -0,0 +1,19 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/environment.rb
3
+
4
+ # In the development environment your application's code is reloaded on
5
+ # every request. This slows down response time but is perfect for development
6
+ # since you don't have to restart the webserver when you make code changes.
7
+ config.cache_classes = false
8
+
9
+ # Log error messages when you accidentally call methods on nil.
10
+ config.whiny_nils = true
11
+
12
+ # Show full error reports and disable caching
13
+ config.consider_all_requests_local = true
14
+ config.action_view.debug_rjs = true
15
+ config.action_controller.perform_caching = false
16
+
17
+ # Don't care if the mailer can't send
18
+ config.action_mailer.raise_delivery_errors = false
19
+ end
@@ -0,0 +1,33 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/environment.rb
3
+
4
+ # The production environment is meant for finished, "live" apps.
5
+ # Code is not reloaded between requests
6
+ config.cache_classes = true
7
+
8
+ # Full error reports are disabled and caching is turned on
9
+ config.consider_all_requests_local = false
10
+ config.action_controller.perform_caching = true
11
+
12
+ # See everything in the log (default is :info)
13
+ # config.log_level = :debug
14
+
15
+ # Use a different logger for distributed setups
16
+ # config.logger = SyslogLogger.new
17
+
18
+ # Use a different cache store in production
19
+ # config.cache_store = :mem_cache_store
20
+
21
+ # Disable Rails's static asset server
22
+ # In production, Apache or nginx will already do this
23
+ config.serve_static_assets = false
24
+
25
+ # Enable serving of images, stylesheets, and javascripts from an asset server
26
+ # config.action_controller.asset_host = "http://assets.example.com"
27
+
28
+ # Disable delivery errors, bad email addresses will be ignored
29
+ # config.action_mailer.raise_delivery_errors = false
30
+
31
+ # Enable threaded mode
32
+ # config.threadsafe!
33
+ end
@@ -0,0 +1,33 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/environment.rb
3
+
4
+ # The test environment is used exclusively to run your application's
5
+ # test suite. You never need to work with it otherwise. Remember that
6
+ # your test database is "scratch space" for the test suite and is wiped
7
+ # and recreated between test runs. Don't rely on the data there!
8
+ config.cache_classes = true
9
+
10
+ # Log error messages when you accidentally call methods on nil.
11
+ config.whiny_nils = true
12
+
13
+ # Show full error reports and disable caching
14
+ config.consider_all_requests_local = true
15
+ config.action_controller.perform_caching = false
16
+
17
+ # Disable request forgery protection in test environment
18
+ config.action_controller.allow_forgery_protection = false
19
+
20
+ # Tell Action Mailer not to deliver emails to the real world.
21
+ # The :test delivery method accumulates sent emails in the
22
+ # ActionMailer::Base.deliveries array.
23
+ config.action_mailer.delivery_method = :test
24
+
25
+ # Use SQL instead of Active Record's schema dumper when creating the test database.
26
+ # This is necessary if your schema can't be completely dumped by the schema dumper,
27
+ # like if you have constraints or database-specific column types
28
+ # config.active_record.schema_format = :sql
29
+
30
+ config.action_dispatch.show_exceptions = false
31
+
32
+ config.active_support.deprecation = :stderr
33
+ end