audited 4.3.0 → 4.6.0

data/gemfiles/rails50.gemfile

@@ -3,6 +3,5 @@
 source "https://rubygems.org"
 
 gem "rails", "~> 5.0.0"
-gem "rails-observers", :github => "rails/rails-observers", :branch => "master"
 
-gemspec :name => "audited", :path => "../"
+gemspec name: "audited", path: "../"

data/gemfiles/rails51.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 5.1.4"
+
+gemspec name: "audited", path: "../"

data/gemfiles/rails52.gemfile

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", ">= 5.2.0.beta2", "< 5.3"
+gem "mysql2", "~> 0.4.4"
+
+gemspec name: "audited", path: "../"

data/lib/audited.rb

@@ -1,19 +1,21 @@
-require 'rails/observers/active_model/active_model'
 require 'active_record'
 
 module Audited
   class << self
     attr_accessor :ignored_attributes, :current_user_method
+    attr_writer :audit_class
 
-    # Deprecate audit_class accessors in preperation of their removal
     def audit_class
-      Audited::Audit
+      @audit_class ||= Audit
     end
-    deprecate audit_class: "Audited.audit_class is now always Audited::Audit. This method will be removed."
 
     def store
       Thread.current[:audited_store] ||= {}
     end
+
+    def config
+      yield(self)
+    end
   end
 
   @ignored_attributes = %w(lock_version created_at updated_at created_on updated_on)

data/lib/audited/audit.rb

@@ -6,25 +6,44 @@ module Audited
   # * <tt>auditable</tt>: the ActiveRecord model that was changed
   # * <tt>user</tt>: the user that performed the change; a string or an ActiveRecord model
   # * <tt>action</tt>: one of create, update, or delete
-  # * <tt>audited_changes</tt>: a serialized hash of all the changes
+  # * <tt>audited_changes</tt>: a hash of all the changes
   # * <tt>comment</tt>: a comment set with the audit
   # * <tt>version</tt>: the version of the model
   # * <tt>request_uuid</tt>: a uuid based that allows audits from the same controller request
   # * <tt>created_at</tt>: Time that the change was performed
   #
-  class Audit < ::ActiveRecord::Base
-    include ActiveModel::Observing
 
+  class YAMLIfTextColumnType
+    class << self
+      def load(obj)
+        if Audited.audit_class.columns_hash["audited_changes"].type.to_s == "text"
+          ActiveRecord::Coders::YAMLColumn.new(Object).load(obj)
+        else
+          obj
+        end
+      end
+
+      def dump(obj)
+        if Audited.audit_class.columns_hash["audited_changes"].type.to_s == "text"
+          ActiveRecord::Coders::YAMLColumn.new(Object).dump(obj)
+        else
+          obj
+        end
+      end
+    end
+  end
+
+  class Audit < ::ActiveRecord::Base
     belongs_to :auditable,  polymorphic: true
     belongs_to :user,       polymorphic: true
     belongs_to :associated, polymorphic: true
 
-    before_create :set_version_number, :set_audit_user, :set_request_uuid
+    before_create :set_version_number, :set_audit_user, :set_request_uuid, :set_remote_address
 
     cattr_accessor :audited_class_names
     self.audited_class_names = Set.new
 
-    serialize :audited_changes
+    serialize :audited_changes, YAMLIfTextColumnType
 
     scope :ascending,     ->{ reorder(version: :asc) }
     scope :descending,    ->{ reorder(version: :desc)}
@@ -67,6 +86,25 @@ module Audited
       end
     end
 
+    # Allows user to undo changes
+    def undo
+      model = self.auditable_type.constantize
+      if action == 'create'
+        # destroys a newly created record
+        model.find(auditable_id).destroy!
+      elsif action == 'destroy'
+        # creates a new record with the destroyed record attributes
+        model.create(audited_changes)
+      else
+        # changes back attributes
+        audited_object = model.find(auditable_id)
+        self.audited_changes.each do |k, v|
+          audited_object[k] = v[0]
+        end
+        audited_object.save
+      end
+    end
+
     # Allows user to be set to either a string or an ActiveRecord object
     # @private
     def user_as_string=(user)
@@ -95,10 +133,10 @@ module Audited
     # by +user+. This method is hopefully threadsafe, making it ideal
     # for background operations that require audit information.
     def self.as_user(user, &block)
-      Thread.current[:audited_user] = user
+      ::Audited.store[:audited_user] = user
       yield
     ensure
-      Thread.current[:audited_user] = nil
+      ::Audited.store[:audited_user] = nil
     end
 
     # @private
@@ -125,6 +163,11 @@ module Audited
       record
     end
 
+    # use created_at as timestamp cache key
+    def self.collection_cache_key(collection = all, timestamp_column = :created_at)
+      super(collection, :created_at)
+    end
+
     private
 
     def set_version_number
@@ -133,12 +176,18 @@ module Audited
     end
 
     def set_audit_user
-      self.user = Thread.current[:audited_user] if Thread.current[:audited_user]
+      self.user ||= ::Audited.store[:audited_user] # from .as_user
+      self.user ||= ::Audited.store[:current_user].try!(:call) # from Sweeper
       nil # prevent stopping callback chains
     end
 
     def set_request_uuid
+      self.request_uuid ||= ::Audited.store[:current_request_uuid]
       self.request_uuid ||= SecureRandom.uuid
     end
+
+    def set_remote_address
+      self.remote_address ||= ::Audited.store[:current_remote_address]
+    end
   end
 end

data/lib/audited/auditor.rb

@@ -38,26 +38,29 @@ module Audited
         # don't allow multiple calls
         return if included_modules.include?(Audited::Auditor::AuditedInstanceMethods)
 
+        extend Audited::Auditor::AuditedClassMethods
+        include Audited::Auditor::AuditedInstanceMethods
+
         class_attribute :audit_associated_with,   instance_writer: false
         class_attribute :audited_options,       instance_writer: false
+        attr_accessor :version, :audit_comment
 
         self.audited_options = options
-        self.audit_associated_with = options[:associated_with]
+        normalize_audited_options
 
-        if options[:comment_required]
+        self.audit_associated_with = audited_options[:associated_with]
+
+        if audited_options[:comment_required]
           validates_presence_of :audit_comment, if: :auditing_enabled
           before_destroy :require_comment
         end
 
-        attr_accessor :audit_comment
-
-        has_many :audits, -> { order(version: :asc) }, as: :auditable, class_name: Audit.name
-        Audit.audited_class_names << to_s
+        has_many :audits, -> { order(version: :asc) }, as: :auditable, class_name: Audited.audit_class.name
+        Audited.audit_class.audited_class_names << to_s
 
-        on = Array(options[:on])
-        after_create :audit_create    if on.empty? || on.include?(:create)
-        before_update :audit_update   if on.empty? || on.include?(:update)
-        before_destroy :audit_destroy if on.empty? || on.include?(:destroy)
+        after_create :audit_create    if audited_options[:on].include?(:create)
+        before_update :audit_update   if audited_options[:on].include?(:update)
+        before_destroy :audit_destroy if audited_options[:on].include?(:destroy)
 
         # Define and set after_audit and around_audit callbacks. This might be useful if you want
         # to notify a party after the audit has been created or if you want to access the newly-created
@@ -66,20 +69,11 @@ module Audited
         set_callback :audit, :after, :after_audit, if: lambda { respond_to?(:after_audit, true) }
         set_callback :audit, :around, :around_audit, if: lambda { respond_to?(:around_audit, true) }
 
-        attr_accessor :version
-
-        extend Audited::Auditor::AuditedClassMethods
-        include Audited::Auditor::AuditedInstanceMethods
-
-        self.auditing_enabled = true
+        enable_auditing
       end
 
       def has_associated_audits
-        has_many :associated_audits, as: :associated, class_name: Audit.name
-      end
-
-      def default_ignored_attributes
-        [primary_key, inheritance_column]
+        has_many :associated_audits, as: :associated, class_name: Audited.audit_class.name
       end
     end
 
@@ -109,22 +103,21 @@ module Audited
       def revisions(from_version = 1)
         audits = self.audits.from_version(from_version)
         return [] if audits.empty?
-        revisions = []
-        audits.each do |audit|
-          revisions << audit.revision
-        end
-        revisions
+        audits.map(&:revision)
       end
 
       # Get a specific revision specified by the version number, or +:previous+
+      # Returns nil for versions greater than revisions count
       def revision(version)
-        revision_with Audit.reconstruct_attributes(audits_to(version))
+        if version == :previous || self.audits.last.version >= version
+          revision_with Audited.audit_class.reconstruct_attributes(audits_to(version))
+        end
       end
 
       # Find the oldest revision recorded prior to the date/time provided.
       def revision_at(date_or_time)
         audits = self.audits.up_until(date_or_time)
-        revision_with Audit.reconstruct_attributes(audits) unless audits.empty?
+        revision_with Audited.audit_class.reconstruct_attributes(audits) unless audits.empty?
       end
 
       # List of attributes that are audited.
@@ -132,16 +125,16 @@ module Audited
         attributes.except(*non_audited_columns)
       end
 
-      def non_audited_columns
-        self.class.non_audited_columns
-      end
-
       protected
 
       def non_audited_columns
         self.class.non_audited_columns
       end
 
+      def audited_columns
+        self.class.audited_columns
+      end
+
       def revision_with(attributes)
         dup.tap do |revision|
           revision.id = id
@@ -152,7 +145,7 @@ module Audited
           revision.send :instance_variable_set, '@destroyed', false
           revision.send :instance_variable_set, '@_destroyed', false
           revision.send :instance_variable_set, '@marked_for_destruction', false
-          Audit.assign_revision_attributes(revision, attributes)
+          Audited.audit_class.assign_revision_attributes(revision, attributes)
 
           # Remove any association proxies so that they will be recreated
           # and reference the correct object for this revision. The only way
@@ -175,17 +168,11 @@ module Audited
       private
 
       def audited_changes
-        collection =
-          if audited_options[:only]
-            audited_columns = self.class.audited_columns.map(&:name)
-            changed_attributes.slice(*audited_columns)
-          else
-            changed_attributes.except(*non_audited_columns)
-          end
-
-        collection.inject({}) do |changes, (attr, old_value)|
-          changes[attr] = [old_value, self[attr]]
-          changes
+        all_changes = respond_to?(:changes_to_save) ? changes_to_save : changes
+        if audited_options[:only].present?
+          all_changes.slice(*audited_columns)
+        else
+          all_changes.except(*non_audited_columns)
         end
       end
 
@@ -236,9 +223,6 @@ module Audited
         alias_method "#{attr_name}_callback".to_sym, attr_name
       end
 
-      def empty_callback #:nodoc:
-      end
-
       def auditing_enabled
         self.class.auditing_enabled
       end
@@ -251,20 +235,19 @@ module Audited
     module AuditedClassMethods
       # Returns an array of columns that are audited. See non_audited_columns
       def audited_columns
-        columns.select {|c| !non_audited_columns.include?(c.name) }
+        @audited_columns ||= column_names - non_audited_columns
       end
 
+      # We have to calculate this here since column_names may not be available when `audited` is called
       def non_audited_columns
-        @non_audited_columns ||= begin
-          options = audited_options
-          if options[:only]
-            except = column_names - Array.wrap(options[:only]).flatten.map(&:to_s)
-          else
-            except = default_ignored_attributes + Audited.ignored_attributes
-            except |= Array(options[:except]).collect(&:to_s) if options[:except]
-          end
-          except
-        end
+        @non_audited_columns ||= audited_options[:only].present? ?
+                                 column_names - audited_options[:only] :
+                                 default_ignored_attributes | audited_options[:except]
+      end
+
+      def non_audited_columns=(columns)
+        @audited_columns = nil # reset cached audited columns on assignment
+        @non_audited_columns = columns.map(&:to_s)
       end
 
       # Executes the block with auditing disabled.
@@ -294,7 +277,7 @@ module Audited
       # convenience wrapper around
       # @see Audit#as_user.
       def audit_as(user, &block)
-        Audit.as_user(user, &block)
+        Audited.audit_class.as_user(user, &block)
       end
 
       def auditing_enabled
@@ -304,6 +287,18 @@ module Audited
       def auditing_enabled=(val)
         Audited.store["#{table_name}_auditing_enabled"] = val
       end
+
+      protected
+      def default_ignored_attributes
+        [primary_key, inheritance_column] + Audited.ignored_attributes
+      end
+
+      def normalize_audited_options
+        audited_options[:on] = Array.wrap(audited_options[:on])
+        audited_options[:on] = [:create, :update, :destroy] if audited_options[:on].empty?
+        audited_options[:only] = Array.wrap(audited_options[:only]).map(&:to_s)
+        audited_options[:except] = Array.wrap(audited_options[:except]).map(&:to_s)
+      end
     end
   end
 end

data/lib/audited/rspec_matchers.rb

@@ -117,7 +117,7 @@ module Audited
             except |= @options[:except].collect(&:to_s) if @options[:except]
           end
 
-          expects "non audited columns (#{model_class.non_audited_columns.inspect}) to match (#{expect})"
+          expects "non audited columns (#{model_class.non_audited_columns.inspect}) to match (#{except})"
           model_class.non_audited_columns =~ except
         else
           true
@@ -170,7 +170,7 @@ module Audited
       def association_exists?
         !reflection.nil? &&
           reflection.macro == :has_many &&
-          reflection.options[:class_name] == Audit.name
+          reflection.options[:class_name] == Audited.audit_class.name
       end
     end
   end

data/lib/audited/sweeper.rb

@@ -1,60 +1,49 @@
-require "rails/observers/activerecord/active_record"
-require "rails/observers/action_controller/caching"
-
 module Audited
-  class Sweeper < ActionController::Caching::Sweeper
-    observe Audited::Audit
+  class Sweeper
+    STORED_DATA = {
+      current_remote_address: :remote_ip,
+      current_request_uuid: :request_uuid,
+      current_user: :current_user
+    }
+
+    delegate :store, to: ::Audited
 
     def around(controller)
       self.controller = controller
+      STORED_DATA.each { |k,m| store[k] = send(m) }
       yield
     ensure
       self.controller = nil
+      STORED_DATA.keys.each { |k| store.delete(k) }
     end
 
-    def before_create(audit)
-      audit.user ||= current_user
-      audit.remote_address = controller.try(:request).try(:remote_ip)
-      audit.request_uuid = request_uuid if request_uuid
+    def current_user
+      lambda { controller.send(Audited.current_user_method) if controller.respond_to?(Audited.current_user_method, true) }
     end
 
-    def current_user
-      controller.send(Audited.current_user_method) if controller.respond_to?(Audited.current_user_method, true)
+    def remote_ip
+      controller.try(:request).try(:remote_ip)
     end
 
     def request_uuid
       controller.try(:request).try(:uuid)
     end
 
-    def add_observer!(klass)
-      super
-      define_callback(klass)
-    end
-
-    def define_callback(klass)
-      observer = self
-      callback_meth = :_notify_audited_sweeper
-      klass.send(:define_method, callback_meth) do
-        observer.update(:before_create, self)
-      end
-      klass.send(:before_create, callback_meth)
-    end
-
     def controller
-      ::Audited.store[:current_controller]
+      store[:current_controller]
     end
 
     def controller=(value)
-      ::Audited.store[:current_controller] = value
+      store[:current_controller] = value
     end
   end
 end
 
 ActiveSupport.on_load(:action_controller) do
   if defined?(ActionController::Base)
-    ActionController::Base.around_action Audited::Sweeper.instance
+    ActionController::Base.around_action Audited::Sweeper.new
   end
   if defined?(ActionController::API)
-    ActionController::API.around_action Audited::Sweeper.instance
+    ActionController::API.around_action Audited::Sweeper.new
   end
 end