audited 4.2.1 → 4.4.0

data/spec/audited/sweeper_spec.rb

@@ -0,0 +1,108 @@
+require "spec_helper"
+
+class AuditsController < ActionController::Base
+  attr_reader :company
+
+  def create
+    @company = Models::ActiveRecord::Company.create
+    head :ok
+  end
+
+  def update
+    current_user.update_attributes(password: 'foo')
+    head :ok
+  end
+
+  private
+
+  attr_accessor :current_user
+  attr_accessor :custom_user
+end
+
+describe AuditsController do
+  include RSpec::Rails::ControllerExampleGroup
+  render_views
+
+  before(:each) do
+    Audited.current_user_method = :current_user
+  end
+
+  let(:user) { create_user }
+
+  describe "POST audit" do
+
+    it "should audit user" do
+      controller.send(:current_user=, user)
+      expect {
+        post :create
+      }.to change( Audited::Audit, :count )
+
+      expect(controller.company.audits.last.user).to eq(user)
+    end
+
+    it "should support custom users for sweepers" do
+      controller.send(:custom_user=, user)
+      Audited.current_user_method = :custom_user
+
+      expect {
+        post :create
+      }.to change( Audited::Audit, :count )
+
+      expect(controller.company.audits.last.user).to eq(user)
+    end
+
+    it "should record the remote address responsible for the change" do
+      request.env['REMOTE_ADDR'] = "1.2.3.4"
+      controller.send(:current_user=, user)
+
+      post :create
+
+      expect(controller.company.audits.last.remote_address).to eq('1.2.3.4')
+    end
+
+    it "should record a UUID for the web request responsible for the change" do
+      allow_any_instance_of(ActionDispatch::Request).to receive(:uuid).and_return("abc123")
+      controller.send(:current_user=, user)
+
+      post :create
+
+      expect(controller.company.audits.last.request_uuid).to eq("abc123")
+    end
+
+  end
+
+  describe "PUT update" do
+    it "should not save blank audits" do
+      controller.send(:current_user=, user)
+
+      expect {
+        put :update, Rails::VERSION::MAJOR == 4 ? {id: 123} : {params: {id: 123}}
+      }.to_not change( Audited::Audit, :count )
+    end
+  end
+end
+
+
+describe Audited::Sweeper do
+
+  it "should be thread-safe" do
+    instance = Audited::Sweeper.new
+
+    t1 = Thread.new do
+      sleep 0.5
+      instance.controller = 'thread1 controller instance'
+      expect(instance.controller).to eq('thread1 controller instance')
+    end
+
+    t2 = Thread.new do
+      instance.controller = 'thread2 controller instance'
+      sleep 1
+      expect(instance.controller).to eq('thread2 controller instance')
+    end
+
+    t1.join; t2.join
+
+    expect(instance.controller).to be_nil
+  end
+
+end

data/spec/audited_spec_helpers.rb

@@ -1,19 +1,15 @@
 module AuditedSpecHelpers
 
-  def create_user(use_mongo = false, attrs = {})
-    klass = use_mongo ? Models::MongoMapper::User : Models::ActiveRecord::User
-    klass.create({:name => 'Brandon', :username => 'brandon', :password => 'password'}.merge(attrs))
+  def create_user(attrs = {})
+    Models::ActiveRecord::User.create({name: 'Brandon', username: 'brandon', password: 'password'}.merge(attrs))
   end
 
-  def build_user(use_mongo = false, attrs = {})
-    klass = use_mongo ? Models::MongoMapper::User : Models::ActiveRecord::User
-    klass.new({:name => 'darth', :username => 'darth', :password => 'noooooooo'}.merge(attrs))
+  def build_user(attrs = {})
+    Models::ActiveRecord::User.new({name: 'darth', username: 'darth', password: 'noooooooo'}.merge(attrs))
   end
 
-  def create_versions(n = 2, use_mongo = false)
-    klass = use_mongo ? Models::MongoMapper::User : Models::ActiveRecord::User
-
-    klass.create(:name => 'Foobar 1').tap do |u|
+  def create_versions(n = 2)
+    Models::ActiveRecord::User.create(name: 'Foobar 1').tap do |u|
       (n - 1).times do |i|
         u.update_attribute :name, "Foobar #{i + 2}"
       end
@@ -21,16 +17,4 @@ module AuditedSpecHelpers
     end
   end
 
-  def create_active_record_user(attrs = {})
-    create_user(false, attrs)
-  end
-
-  def create_mongo_user(attrs = {})
-    create_user(true, attrs)
-  end
-
-  def create_mongo_versions(n = 2)
-    create_versions(n, true)
-  end
-
 end

data/spec/rails_app/config/environments/test.rb

@@ -12,11 +12,14 @@ RailsApp::Application.configure do
   # preloads Rails for running tests, you may have to set it to true.
   config.eager_load = false
 
-  # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_assets  = true
   # Configure static file server for tests with Cache-Control for performance.
-  config.serve_static_files   = true
-  config.static_cache_control = 'public, max-age=3600'
+  if config.respond_to?(:public_file_server)
+    config.public_file_server.enabled = true
+    config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
+  else
+    config.static_cache_control = 'public, max-age=3600'
+    config.serve_static_files   = true
+  end
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true

data/spec/rails_app/config/initializers/secret_token.rb

@@ -1,3 +1,3 @@
 Rails.application.config.secret_token = 'ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571'
-Rails.application.config.session_store :cookie_store, :key => "_my_app"
+Rails.application.config.session_store :cookie_store, key: "_my_app"
 Rails.application.config.secret_key_base = 'secret value'

data/spec/rails_app/config/routes.rb

@@ -1,6 +1,3 @@
 Rails.application.routes.draw do
-
-  # This is a legacy wild controller route that's not recommended for RESTful applications.
-  # Note: This route will make all actions in every controller accessible via GET requests.
-  match ':controller(/:action(/:id(.:format)))', via: [:get, :post, :put, :delete]
+  resources :audits
 end

data/spec/spec_helper.rb

@@ -1,10 +1,14 @@
 ENV['RAILS_ENV'] = 'test'
 
-require 'protected_attributes'
+if Bundler.definition.dependencies.map(&:name).include?('protected_attributes')
+  require 'protected_attributes'
+end
 require 'rails_app/config/environment'
 require 'rspec/rails'
 require 'audited'
 require 'audited_spec_helpers'
+require 'support/active_record/models'
+load "audited/sweeper.rb" # force to reload sweeper
 
 SPEC_ROOT = Pathname.new(File.expand_path('../', __FILE__))
 
@@ -12,12 +16,6 @@ Dir[SPEC_ROOT.join('support/*.rb')].each{|f| require f }
 
 RSpec.configure do |config|
   config.include AuditedSpecHelpers
-
-  config.before(:each, :adapter => :active_record) do
-    Audited.audit_class = Audited::Adapters::ActiveRecord::Audit
-  end
-
-  config.before(:each, :adapter => :mongo_mapper) do
-    Audited.audit_class = Audited::Adapters::MongoMapper::Audit
-  end
+  config.use_transactional_fixtures = false if Rails.version.start_with?('4.')
+  config.use_transactional_tests = false if config.respond_to?(:use_transactional_tests=)
 end

data/spec/support/active_record/models.rb

@@ -4,35 +4,41 @@ require File.expand_path('../schema', __FILE__)
 module Models
   module ActiveRecord
     class User < ::ActiveRecord::Base
-      audited :allow_mass_assignment => true, :except => :password
+      audited allow_mass_assignment: true, except: :password
 
-      attr_protected :logins
+      attr_protected :logins if respond_to?(:attr_protected)
 
       def name=(val)
         write_attribute(:name, CGI.escapeHTML(val))
       end
     end
 
+    class UserOnlyPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      attribute :non_column_attr if Rails.version >= '5.1'
+      audited allow_mass_assignment: true, only: :password
+    end
+
     class CommentRequiredUser < ::ActiveRecord::Base
       self.table_name = :users
-      audited :comment_required => true
+      audited comment_required: true
     end
 
     class AccessibleAfterDeclarationUser < ::ActiveRecord::Base
       self.table_name = :users
       audited
-      attr_accessible :name, :username, :password
+      attr_accessible :name, :username, :password if respond_to?(:attr_accessible)
     end
 
     class AccessibleBeforeDeclarationUser < ::ActiveRecord::Base
       self.table_name = :users
-      attr_accessible :name, :username, :password # declare attr_accessible before calling aaa
+      attr_accessible :name, :username, :password if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
       audited
     end
 
     class NoAttributeProtectionUser < ::ActiveRecord::Base
       self.table_name = :users
-      audited :allow_mass_assignment => true
+      audited allow_mass_assignment: true
     end
 
     class UserWithAfterAudit < ::ActiveRecord::Base
@@ -40,6 +46,8 @@ module Models
       audited
       attr_accessor :bogus_attr, :around_attr
 
+      private
+
       def after_audit
         self.bogus_attr = "do something"
       end
@@ -53,6 +61,9 @@ module Models
       audited
     end
 
+    class Company::STICompany < Company
+    end
+
     class Owner < ::ActiveRecord::Base
       self.table_name = 'users'
       has_associated_audits
@@ -61,29 +72,29 @@ module Models
 
     class OwnedCompany < ::ActiveRecord::Base
       self.table_name = 'companies'
-      belongs_to :owner, :class_name => "Owner"
-      attr_accessible :name, :owner # declare attr_accessible before calling aaa
-      audited :associated_with => :owner
+      belongs_to :owner, class_name: "Owner"
+      attr_accessible :name, :owner if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
+      audited associated_with: :owner
     end
 
     class OnUpdateDestroy < ::ActiveRecord::Base
       self.table_name = 'companies'
-      audited :on => [:update, :destroy]
+      audited on: [:update, :destroy]
     end
 
     class OnCreateDestroy < ::ActiveRecord::Base
       self.table_name = 'companies'
-      audited :on => [:create, :destroy]
+      audited on: [:create, :destroy]
     end
 
     class OnCreateDestroyExceptName < ::ActiveRecord::Base
       self.table_name = 'companies'
-      audited :except => :name, :on => [:create, :destroy]
+      audited except: :name, on: [:create, :destroy]
     end
 
     class OnCreateUpdate < ::ActiveRecord::Base
       self.table_name = 'companies'
-      audited :on => [:create, :update]
+      audited on: [:create, :update]
     end
   end
 end

data/spec/support/active_record/postgres/1_change_audited_changes_type_to_json.rb

@@ -0,0 +1,12 @@
+parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
+class ChangeAuditedChangesTypeToJson < parent
+  def self.up
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :json
+  end
+
+  def self.down
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :text
+  end
+end

data/spec/support/active_record/postgres/2_change_audited_changes_type_to_jsonb.rb

@@ -0,0 +1,12 @@
+parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
+class ChangeAuditedChangesTypeToJsonb < parent
+  def self.up
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :jsonb
+  end
+
+  def self.down
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :text
+  end
+end

data/spec/support/active_record/schema.rb

@@ -1,37 +1,62 @@
 require 'active_record'
 require 'logger'
 
-ActiveRecord::Base.establish_connection
-ActiveRecord::Base.logger = Logger.new(SPEC_ROOT.join('debug.log'))
+begin
+  db_config = ActiveRecord::Base.configurations[Rails.env].clone
+  db_type = db_config['adapter']
+  db_name = db_config.delete('database')
+  raise Exception.new('No database name specified.') if db_name.blank?
+  if db_type == 'sqlite3'
+    db_file = Pathname.new(__FILE__).dirname.join(db_name)
+    db_file.unlink if db_file.file?
+  else
+    if defined?(JRUBY_VERSION)
+      db_config.symbolize_keys!
+      db_config[:configure_connection] = false
+    end
+    adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
+    adapter.recreate_database db_name
+    adapter.disconnect!
+  end
+rescue Exception => e
+  Kernel.warn e
+end
+
+logfile = Pathname.new(__FILE__).dirname.join('debug.log')
+logfile.unlink if logfile.file?
+ActiveRecord::Base.logger = Logger.new(logfile)
+
 ActiveRecord::Migration.verbose = false
+ActiveRecord::Base.establish_connection
 
 ActiveRecord::Schema.define do
-  create_table :users, :force => true do |t|
+  create_table :users do |t|
     t.column :name, :string
     t.column :username, :string
     t.column :password, :string
     t.column :activated, :boolean
     t.column :suspended_at, :datetime
-    t.column :logins, :integer, :default => 0
+    t.column :logins, :integer, default: 0
     t.column :created_at, :datetime
     t.column :updated_at, :datetime
   end
 
-  create_table :companies, :force => true do |t|
+  create_table :companies do |t|
     t.column :name, :string
     t.column :owner_id, :integer
+    t.column :type, :string
   end
 
-  create_table :authors, :force => true do |t|
+  create_table :authors do |t|
     t.column :name, :string
   end
 
-  create_table :books, :force => true do |t|
+  create_table :books do |t|
     t.column :authord_id, :integer
     t.column :title, :string
   end
 
-  create_table :audits, :force => true do |t|
+  create_table :audits do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :associated_id, :integer
@@ -41,16 +66,16 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :audited_changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :remote_address, :string
     t.column :request_uuid, :string
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], :name => 'auditable_index'
-  add_index :audits, [:associated_id, :associated_type], :name => 'associated_index'
-  add_index :audits, [:user_id, :user_type], :name => 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
+  add_index :audits, [:associated_id, :associated_type], name: 'associated_index'
+  add_index :audits, [:user_id, :user_type], name: 'user_index'
   add_index :audits, :request_uuid
   add_index :audits, :created_at
 end

data/test/db/version_1.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,11 +7,11 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], :name => 'auditable_index'
-  add_index :audits, [:user_id, :user_type], :name => 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
+  add_index :audits, [:user_id, :user_type], name: 'user_index'
   add_index :audits, :created_at
 end

data/test/db/version_2.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,12 +7,12 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], :name => 'auditable_index'
-  add_index :audits, [:user_id, :user_type], :name => 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
+  add_index :audits, [:user_id, :user_type], name: 'user_index'
   add_index :audits, :created_at
 end

data/test/db/version_3.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,13 +7,13 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :audited_changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], :name => 'auditable_index'
-  add_index :audits, [:user_id, :user_type], :name => 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
+  add_index :audits, [:user_id, :user_type], name: 'user_index'
   add_index :audits, :created_at
 end
 

data/test/db/version_4.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,14 +7,14 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :audited_changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :created_at, :datetime
     t.column :remote_address, :string
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], :name => 'auditable_index'
-  add_index :audits, [:user_id, :user_type], :name => 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
+  add_index :audits, [:user_id, :user_type], name: 'user_index'
   add_index :audits, :created_at
 end
 

data/test/db/version_5.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,7 +7,7 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :audited_changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :created_at, :datetime
     t.column :remote_address, :string

data/test/db/version_6.rb

@@ -1,5 +1,5 @@
 ActiveRecord::Schema.define do
-  create_table :audits, :force => true do |t|
+  create_table :audits, force: true do |t|
     t.column :auditable_id, :integer
     t.column :auditable_type, :string
     t.column :user_id, :integer
@@ -7,7 +7,7 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :action, :string
     t.column :audited_changes, :text
-    t.column :version, :integer, :default => 0
+    t.column :version, :integer, default: 0
     t.column :comment, :string
     t.column :created_at, :datetime
     t.column :remote_address, :string

data/test/install_generator_test.rb

@@ -7,11 +7,39 @@ class InstallGeneratorTest < Rails::Generators::TestCase
   setup :prepare_destination
   tests Audited::Generators::InstallGenerator
 
-  test "should generate a migration" do
-    run_generator %w(install)
+  test "generate migration with 'text' type for audited_changes column" do
+    run_generator
 
     assert_migration "db/migrate/install_audited.rb" do |content|
-      assert_match /class InstallAudited/, content
+      assert_includes(content, 'class InstallAudited')
+      assert_includes(content, 't.column :audited_changes, :text')
+    end
+  end
+
+  test "generate migration with 'jsonb' type for audited_changes column" do
+    run_generator %w(--audited-changes-column-type jsonb)
+
+    assert_migration "db/migrate/install_audited.rb" do |content|
+      assert_includes(content, 'class InstallAudited')
+      assert_includes(content, 't.column :audited_changes, :jsonb')
+    end
+  end
+
+  test "generate migration with 'json' type for audited_changes column" do
+    run_generator %w(--audited-changes-column-type json)
+
+    assert_migration "db/migrate/install_audited.rb" do |content|
+      assert_includes(content, 'class InstallAudited')
+      assert_includes(content, 't.column :audited_changes, :json')
+    end
+  end
+
+  test "generate migration with correct AR migration parent" do
+    run_generator
+
+    assert_migration "db/migrate/install_audited.rb" do |content|
+      parent = Rails::VERSION::MAJOR == 4 ? 'ActiveRecord::Migration' : "ActiveRecord::Migration[#{ActiveRecord::Migration.current_version}]"
+      assert_includes(content, "class InstallAudited < #{parent}\n")
     end
   end
 end