audited 4.10.0 → 5.2.0

data/lib/audited/auditor.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Audited
   # Specify this act if you want changes to your model to be saved in an
   # audit table.  This assumes there is an audits table ready.
@@ -11,7 +13,7 @@ module Audited
   #
   # See <tt>Audited::Auditor::ClassMethods#audited</tt>
   # for configuration options
-  module Auditor #:nodoc:
+  module Auditor # :nodoc:
     extend ActiveSupport::Concern
 
     CALLBACKS = [:audit_create, :audit_update, :audit_destroy]
@@ -64,7 +66,7 @@ module Audited
         include Audited::Auditor::AuditedInstanceMethods
 
         class_attribute :audit_associated_with, instance_writer: false
-        class_attribute :audited_options,       instance_writer: false
+        class_attribute :audited_options, instance_writer: false
         attr_accessor :audit_version, :audit_comment
 
         self.audited_options = options
@@ -80,8 +82,8 @@ module Audited
         has_many :audits, -> { order(version: :asc) }, as: :auditable, class_name: Audited.audit_class.name, inverse_of: :auditable
         Audited.audit_class.audited_class_names << to_s
 
-        after_create :audit_create    if audited_options[:on].include?(:create)
-        before_update :audit_update   if audited_options[:on].include?(:update)
+        after_create :audit_create if audited_options[:on].include?(:create)
+        before_update :audit_update if audited_options[:on].include?(:update)
         before_destroy :audit_destroy if audited_options[:on].include?(:destroy)
 
         # Define and set after_audit and around_audit callbacks. This might be useful if you want
@@ -100,8 +102,8 @@ module Audited
     end
 
     module AuditedInstanceMethods
-      REDACTED = '[REDACTED]'
-      
+      REDACTED = "[REDACTED]"
+
       # Temporarily turns off auditing while saving.
       def save_without_auditing
         without_auditing { save }
@@ -142,7 +144,7 @@ module Audited
       def revisions(from_version = 1)
         return [] unless audits.from_version(from_version).exists?
 
-        all_audits = audits.select([:audited_changes, :version]).to_a
+        all_audits = audits.select([:audited_changes, :version, :action]).to_a
         targeted_audits = all_audits.select { |audit| audit.version >= from_version }
 
         previous_attributes = reconstruct_attributes(all_audits - targeted_audits)
@@ -156,7 +158,7 @@ module Audited
       # Get a specific revision specified by the version number, or +:previous+
       # Returns nil for versions greater than revisions count
       def revision(version)
-        if version == :previous || self.audits.last.version >= version
+        if version == :previous || audits.last.version >= version
           revision_with Audited.audit_class.reconstruct_attributes(audits_to(version))
         end
       end
@@ -170,15 +172,16 @@ module Audited
       # List of attributes that are audited.
       def audited_attributes
         audited_attributes = attributes.except(*self.class.non_audited_columns)
+        audited_attributes = redact_values(audited_attributes)
+        audited_attributes = filter_encrypted_attrs(audited_attributes)
         normalize_enum_changes(audited_attributes)
       end
 
       # Returns a list combined of record audits and associated audits.
       def own_and_associated_audits
-        Audited.audit_class.unscoped
-        .where('(auditable_type = :type AND auditable_id = :id) OR (associated_type = :type AND associated_id = :id)',
-          type: self.class.name, id: id)
-        .order(created_at: :desc)
+        Audited.audit_class.unscoped.where(auditable: self)
+          .or(Audited.audit_class.unscoped.where(associated: self))
+          .order(created_at: :desc)
       end
 
       # Combine multiple audits into one.
@@ -188,8 +191,13 @@ module Audited
         combine_target.comment = "#{combine_target.comment}\nThis audit is the result of multiple audits being combined."
 
         transaction do
-          combine_target.save!
-          audits_to_combine.unscope(:limit).where("version < ?", combine_target.version).delete_all
+          begin
+            combine_target.save!
+            audits_to_combine.unscope(:limit).where("version < ?", combine_target.version).delete_all
+          rescue ActiveRecord::Deadlocked
+            # Ignore Deadlocks, if the same record is getting its old audits combined more than once at the same time then
+            # both combining operations will be the same. Ignoring this error allows one of the combines to go through successfully.
+          end
         end
       end
 
@@ -198,12 +206,12 @@ module Audited
       def revision_with(attributes)
         dup.tap do |revision|
           revision.id = id
-          revision.send :instance_variable_set, '@new_record', destroyed?
-          revision.send :instance_variable_set, '@persisted', !destroyed?
-          revision.send :instance_variable_set, '@readonly', false
-          revision.send :instance_variable_set, '@destroyed', false
-          revision.send :instance_variable_set, '@_destroyed', false
-          revision.send :instance_variable_set, '@marked_for_destruction', false
+          revision.send :instance_variable_set, "@new_record", destroyed?
+          revision.send :instance_variable_set, "@persisted", !destroyed?
+          revision.send :instance_variable_set, "@readonly", false
+          revision.send :instance_variable_set, "@destroyed", false
+          revision.send :instance_variable_set, "@_destroyed", false
+          revision.send :instance_variable_set, "@marked_for_destruction", false
           Audited.audit_class.assign_revision_attributes(revision, attributes)
 
           # Remove any association proxies so that they will be recreated
@@ -232,17 +240,20 @@ module Audited
           end
 
         filtered_changes = redact_values(filtered_changes)
+        filtered_changes = filter_encrypted_attrs(filtered_changes)
         filtered_changes = normalize_enum_changes(filtered_changes)
         filtered_changes.to_hash
       end
 
       def normalize_enum_changes(changes)
+        return changes if Audited.store_synthesized_enums
+
         self.class.defined_enums.each do |name, values|
           if changes.has_key?(name)
             changes[name] = \
               if changes[name].is_a?(Array)
                 changes[name].map { |v| values[v] }
-              elsif rails_below?('5.0')
+              elsif rails_below?("5.0")
                 changes[name]
               else
                 values[changes[name]]
@@ -253,19 +264,36 @@ module Audited
       end
 
       def redact_values(filtered_changes)
-        [audited_options[:redacted]].flatten.compact.each do |option|
-          changes = filtered_changes[option.to_s]
-          new_value = audited_options[:redaction_value] || REDACTED
-          if changes.is_a? Array
-            values = changes.map { new_value }
-          else
-            values = new_value
-          end
-          hash = Hash[option.to_s, values]
-          filtered_changes.merge!(hash)
+        filter_attr_values(
+          audited_changes: filtered_changes,
+          attrs: Array(audited_options[:redacted]).map(&:to_s),
+          placeholder: audited_options[:redaction_value] || REDACTED
+        )
+      end
+
+      def filter_encrypted_attrs(filtered_changes)
+        filter_attr_values(
+          audited_changes: filtered_changes,
+          attrs: respond_to?(:encrypted_attributes) ? Array(encrypted_attributes).map(&:to_s) : []
+        )
+      end
+
+      # Replace values for given attrs to a placeholder and return modified hash
+      #
+      # @param audited_changes [Hash] Hash of changes to be saved to audited version record
+      # @param attrs [Array<String>] Array of attrs, values of which will be replaced to placeholder value
+      # @param placeholder [String] Placeholder to replace original attr values
+      def filter_attr_values(audited_changes: {}, attrs: [], placeholder: "[FILTERED]")
+        attrs.each do |attr|
+          next unless audited_changes.key?(attr)
+
+          changes = audited_changes[attr]
+          values = changes.is_a?(Array) ? changes.map { placeholder } : placeholder
+
+          audited_changes[attr] = values
         end
 
-        filtered_changes
+        audited_changes
       end
 
       def rails_below?(rails_version)
@@ -274,41 +302,44 @@ module Audited
 
       def audits_to(version = nil)
         if version == :previous
-          version = if self.audit_version
-                      self.audit_version - 1
-                    else
-                      previous = audits.descending.offset(1).first
-                      previous ? previous.version : 1
-                    end
+          version = if audit_version
+            audit_version - 1
+          else
+            previous = audits.descending.offset(1).first
+            previous ? previous.version : 1
+          end
         end
         audits.to_version(version)
       end
 
       def audit_create
-        write_audit(action: 'create', audited_changes: audited_attributes,
-                    comment: audit_comment)
+        write_audit(action: "create", audited_changes: audited_attributes,
+          comment: audit_comment)
       end
 
       def audit_update
         unless (changes = audited_changes).empty? && (audit_comment.blank? || audited_options[:update_with_comment_only] == false)
-          write_audit(action: 'update', audited_changes: changes,
-                      comment: audit_comment)
+          write_audit(action: "update", audited_changes: changes,
+            comment: audit_comment)
         end
       end
 
       def audit_destroy
-        write_audit(action: 'destroy', audited_changes: audited_attributes,
-                    comment: audit_comment) unless new_record?
+        unless new_record?
+          write_audit(action: "destroy", audited_changes: audited_attributes,
+            comment: audit_comment)
+        end
       end
 
       def write_audit(attrs)
-        attrs[:associated] = send(audit_associated_with) unless audit_associated_with.nil?
         self.audit_comment = nil
 
         if auditing_enabled
+          attrs[:associated] = send(audit_associated_with) unless audit_associated_with.nil?
+
           run_callbacks(:audit) {
             audit = audits.create(attrs)
-            combine_audits_if_needed if attrs[:action] != 'create'
+            combine_audits_if_needed if attrs[:action] != "create"
             audit
           }
         end
@@ -316,14 +347,15 @@ module Audited
 
       def presence_of_audit_comment
         if comment_required_state?
-          errors.add(:audit_comment, "Comment can't be blank!") unless audit_comment.present?
+          errors.add(:audit_comment, :blank) unless audit_comment.present?
         end
       end
 
       def comment_required_state?
         auditing_enabled &&
-          ((audited_options[:on].include?(:create) && self.new_record?) ||
-          (audited_options[:on].include?(:update) && self.persisted? && self.changed?))
+          audited_changes.present? &&
+          ((audited_options[:on].include?(:create) && new_record?) ||
+          (audited_options[:on].include?(:update) && persisted? && changed?))
       end
 
       def combine_audits_if_needed
@@ -336,8 +368,7 @@ module Audited
 
       def require_comment
         if auditing_enabled && audit_comment.blank?
-          errors.add(:audit_comment, "Comment can't be blank!")
-          return false if Rails.version.start_with?('4.')
+          errors.add(:audit_comment, :blank)
           throw(:abort)
         end
       end
@@ -347,7 +378,7 @@ module Audited
       end
 
       def auditing_enabled
-        return run_conditional_check(audited_options[:if]) &&
+        run_conditional_check(audited_options[:if]) &&
           run_conditional_check(audited_options[:unless], matching: false) &&
           self.class.auditing_enabled
       end
@@ -365,7 +396,7 @@ module Audited
         audits.each { |audit| attributes.merge!(audit.new_attributes) }
         attributes
       end
-    end # InstanceMethods
+    end
 
     module AuditedClassMethods
       # Returns an array of columns that are audited. See non_audited_columns
@@ -390,7 +421,7 @@ module Audited
       #   end
       #
       def without_auditing
-        auditing_was_enabled = auditing_enabled
+        auditing_was_enabled = class_auditing_enabled
         disable_auditing
         yield
       ensure
@@ -404,7 +435,7 @@ module Audited
       #   end
       #
       def with_auditing
-        auditing_was_enabled = auditing_enabled
+        auditing_was_enabled = class_auditing_enabled
         enable_auditing
         yield
       ensure
@@ -428,7 +459,7 @@ module Audited
       end
 
       def auditing_enabled
-        Audited.store.fetch("#{table_name}_auditing_enabled", true) && Audited.auditing_enabled
+        class_auditing_enabled && Audited.auditing_enabled
       end
 
       def auditing_enabled=(val)
@@ -459,6 +490,10 @@ module Audited
           default_ignored_attributes
         end
       end
+
+      def class_auditing_enabled
+        Audited.store.fetch("#{table_name}_auditing_enabled", true)
+      end
     end
   end
 end

data/lib/audited/railtie.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Audited
+  class Railtie < Rails::Railtie
+    initializer "audited.sweeper" do
+      ActiveSupport.on_load(:action_controller) do
+        if defined?(ActionController::Base)
+          ActionController::Base.around_action Audited::Sweeper.new
+        end
+        if defined?(ActionController::API)
+          ActionController::API.around_action Audited::Sweeper.new
+        end
+      end
+    end
+  end
+end

data/lib/audited/rspec_matchers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Audited
   module RspecMatchers
     # Ensure that the model is audited.
@@ -78,9 +80,9 @@ module Audited
       def description
         description = "audited"
         description += " associated with #{@options[:associated_with]}" if @options.key?(:associated_with)
-        description += " only => #{@options[:only].join ', '}"          if @options.key?(:only)
-        description += " except => #{@options[:except].join(', ')}"     if @options.key?(:except)
-        description += " requires audit_comment"                        if @options.key?(:comment_required)
+        description += " only => #{@options[:only].join ", "}" if @options.key?(:only)
+        description += " except => #{@options[:except].join(", ")}" if @options.key?(:except)
+        description += " requires audit_comment" if @options.key?(:comment_required)
 
         description
       end

data/lib/audited/sweeper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Audited
   class Sweeper
     STORED_DATA = {
@@ -10,7 +12,7 @@ module Audited
 
     def around(controller)
       self.controller = controller
-      STORED_DATA.each { |k,m| store[k] = send(m) }
+      STORED_DATA.each { |k, m| store[k] = send(m) }
       yield
     ensure
       self.controller = nil
@@ -38,12 +40,3 @@ module Audited
     end
   end
 end
-
-ActiveSupport.on_load(:action_controller) do
-  if defined?(ActionController::Base)
-    ActionController::Base.around_action Audited::Sweeper.new
-  end
-  if defined?(ActionController::API)
-    ActionController::API.around_action Audited::Sweeper.new
-  end
-end

data/lib/audited/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Audited
-  VERSION = "4.10.0"
+  VERSION = "5.2.0"
 end

data/lib/audited-rspec.rb

@@ -1,4 +1,6 @@
-require 'audited/rspec_matchers'
+# frozen_string_literal: true
+
+require "audited/rspec_matchers"
 module RSpec::Matchers
   include Audited::RspecMatchers
 end

data/lib/audited.rb

@@ -1,16 +1,36 @@
-require 'active_record'
+# frozen_string_literal: true
+
+require "active_record"
 
 module Audited
   class << self
-    attr_accessor :ignored_attributes, :current_user_method, :max_audits, :auditing_enabled
+    attr_accessor \
+      :auditing_enabled,
+      :current_user_method,
+      :ignored_attributes,
+      :max_audits,
+      :store_synthesized_enums
     attr_writer :audit_class
 
     def audit_class
-      @audit_class ||= Audit
+      # The audit_class is set as String in the initializer. It can not be constantized during initialization and must
+      # be constantized at runtime. See https://github.com/collectiveidea/audited/issues/608
+      @audit_class = @audit_class.safe_constantize if @audit_class.is_a?(String)
+      @audit_class ||= Audited::Audit
     end
 
+    # remove audit_model in next major version it was only shortly present in 5.1.0
+    alias_method :audit_model, :audit_class
+    deprecate audit_model: "use Audited.audit_class instead of Audited.audit_model. This method will be removed."
+
     def store
-      Thread.current[:audited_store] ||= {}
+      current_store_value = Thread.current.thread_variable_get(:audited_store)
+
+      if current_store_value.nil?
+        Thread.current.thread_variable_set(:audited_store, {})
+      else
+        current_store_value
+      end
     end
 
     def config
@@ -18,15 +38,19 @@ module Audited
     end
   end
 
-  @ignored_attributes = %w(lock_version created_at updated_at created_on updated_on)
+  @ignored_attributes = %w[lock_version created_at updated_at created_on updated_on]
 
   @current_user_method = :current_user
   @auditing_enabled = true
+  @store_synthesized_enums = false
 end
 
-require 'audited/auditor'
-require 'audited/audit'
+require "audited/auditor"
 
-::ActiveRecord::Base.send :include, Audited::Auditor
+ActiveSupport.on_load :active_record do
+  require "audited/audit"
+  include Audited::Auditor
+end
 
-require 'audited/sweeper'
+require "audited/sweeper"
+require "audited/railtie"

data/lib/generators/audited/install_generator.rb

@@ -1,9 +1,11 @@
-require 'rails/generators'
-require 'rails/generators/migration'
-require 'active_record'
-require 'rails/generators/active_record'
-require 'generators/audited/migration'
-require 'generators/audited/migration_helper'
+# frozen_string_literal: true
+
+require "rails/generators"
+require "rails/generators/migration"
+require "active_record"
+require "rails/generators/active_record"
+require "generators/audited/migration"
+require "generators/audited/migration_helper"
 
 module Audited
   module Generators
@@ -18,7 +20,7 @@ module Audited
       source_root File.expand_path("../templates", __FILE__)
 
       def copy_migration
-        migration_template 'install.rb', 'db/migrate/install_audited.rb'
+        migration_template "install.rb", "db/migrate/install_audited.rb"
       end
     end
   end

data/lib/generators/audited/migration.rb

@@ -1,15 +1,25 @@
+# frozen_string_literal: true
+
 module Audited
   module Generators
     module Migration
       # Implement the required interface for Rails::Generators::Migration.
-      def next_migration_number(dirname) #:nodoc:
+      def next_migration_number(dirname) # :nodoc:
         next_migration_number = current_migration_number(dirname) + 1
-        if ::ActiveRecord::Base.timestamped_migrations
+        if timestamped_migrations?
           [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
         else
           "%.3d" % next_migration_number
         end
       end
+
+      private
+
+      def timestamped_migrations?
+        (Rails.version >= "7.0") ?
+          ::ActiveRecord.timestamped_migrations :
+          ::ActiveRecord::Base.timestamped_migrations
+      end
     end
   end
 end

data/lib/generators/audited/migration_helper.rb

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
+
 module Audited
   module Generators
     module MigrationHelper
       def migration_parent
-        Rails::VERSION::MAJOR == 4 ? 'ActiveRecord::Migration' : "ActiveRecord::Migration[#{ActiveRecord::Migration.current_version}]"
+        "ActiveRecord::Migration[#{ActiveRecord::Migration.current_version}]"
       end
     end
   end

data/lib/generators/audited/templates/add_association_to_audits.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     add_column :audits, :association_id, :integer

data/lib/generators/audited/templates/add_comment_to_audits.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     add_column :audits, :comment, :string

data/lib/generators/audited/templates/add_remote_address_to_audits.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     add_column :audits, :remote_address, :string

data/lib/generators/audited/templates/add_request_uuid_to_audits.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     add_column :audits, :request_uuid, :string

data/lib/generators/audited/templates/add_version_to_auditable_index.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     if index_exists?(:audits, [:auditable_type, :auditable_id], name: index_name)

data/lib/generators/audited/templates/install.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     create_table :audits, :force => true do |t|

data/lib/generators/audited/templates/rename_association_to_associated.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     if index_exists? :audits, [:association_id, :association_type], :name => 'association_index'

data/lib/generators/audited/templates/rename_changes_to_audited_changes.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     rename_column :audits, :changes, :audited_changes

data/lib/generators/audited/templates/rename_parent_to_association.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     rename_column :audits, :auditable_parent_id, :association_id

data/lib/generators/audited/templates/revert_polymorphic_indexes_order.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class <%= migration_class_name %> < <%= migration_parent %>
   def self.up
     fix_index_order_for [:associated_id, :associated_type], 'associated_index'