audited 4.7.0 → 4.10.0

data/lib/audited/auditor.rb

@@ -34,6 +34,16 @@ module Audited
       # * +require_comment+ - Ensures that audit_comment is supplied before
       #   any create, update or destroy operation.
       # * +max_audits+ - Limits the number of stored audits.
+
+      # * +redacted+ - Changes to these fields will be logged, but the values
+      #   will not. This is useful, for example, if you wish to audit when a
+      #   password is changed, without saving the actual password in the log.
+      #   To store values as something other than '[REDACTED]', pass an argument
+      #   to the redaction_value option.
+      #
+      #     class User < ActiveRecord::Base
+      #       audited redacted: :password, redaction_value: SecureRandom.uuid
+      #     end
       #
       # * +if+ - Only audit the model when the given function returns true
       # * +unless+ - Only audit the model when the given function returns false
@@ -55,7 +65,7 @@ module Audited
 
         class_attribute :audit_associated_with, instance_writer: false
         class_attribute :audited_options,       instance_writer: false
-        attr_accessor :version, :audit_comment
+        attr_accessor :audit_version, :audit_comment
 
         self.audited_options = options
         normalize_audited_options
@@ -90,6 +100,8 @@ module Audited
     end
 
     module AuditedInstanceMethods
+      REDACTED = '[REDACTED]'
+      
       # Temporarily turns off auditing while saving.
       def save_without_auditing
         without_auditing { save }
@@ -105,6 +117,21 @@ module Audited
         self.class.without_auditing(&block)
       end
 
+      # Temporarily turns on auditing while saving.
+      def save_with_auditing
+        with_auditing { save }
+      end
+
+      # Executes the block with the auditing callbacks enabled.
+      #
+      #   @foo.with_auditing do
+      #     @foo.save
+      #   end
+      #
+      def with_auditing(&block)
+        self.class.with_auditing(&block)
+      end
+
       # Gets an array of the revisions available
       #
       #   user.revisions.each do |revision|
@@ -142,7 +169,16 @@ module Audited
 
       # List of attributes that are audited.
       def audited_attributes
-        attributes.except(*non_audited_columns)
+        audited_attributes = attributes.except(*self.class.non_audited_columns)
+        normalize_enum_changes(audited_attributes)
+      end
+
+      # Returns a list combined of record audits and associated audits.
+      def own_and_associated_audits
+        Audited.audit_class.unscoped
+        .where('(auditable_type = :type AND auditable_id = :id) OR (associated_type = :type AND associated_id = :id)',
+          type: self.class.name, id: id)
+        .order(created_at: :desc)
       end
 
       # Combine multiple audits into one.
@@ -159,18 +195,9 @@ module Audited
 
       protected
 
-      def non_audited_columns
-        self.class.non_audited_columns
-      end
-
-      def audited_columns
-        self.class.audited_columns
-      end
-
       def revision_with(attributes)
         dup.tap do |revision|
           revision.id = id
-          revision.send :instance_variable_set, '@attributes', self.attributes if rails_below?('4.2.0')
           revision.send :instance_variable_set, '@new_record', destroyed?
           revision.send :instance_variable_set, '@persisted', !destroyed?
           revision.send :instance_variable_set, '@readonly', false
@@ -193,25 +220,62 @@ module Audited
         end
       end
 
-      def rails_below?(rails_version)
-        Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
-      end
-
       private
 
       def audited_changes
         all_changes = respond_to?(:changes_to_save) ? changes_to_save : changes
-        if audited_options[:only].present?
-          all_changes.slice(*audited_columns)
-        else
-          all_changes.except(*non_audited_columns)
+        filtered_changes = \
+          if audited_options[:only].present?
+            all_changes.slice(*self.class.audited_columns)
+          else
+            all_changes.except(*self.class.non_audited_columns)
+          end
+
+        filtered_changes = redact_values(filtered_changes)
+        filtered_changes = normalize_enum_changes(filtered_changes)
+        filtered_changes.to_hash
+      end
+
+      def normalize_enum_changes(changes)
+        self.class.defined_enums.each do |name, values|
+          if changes.has_key?(name)
+            changes[name] = \
+              if changes[name].is_a?(Array)
+                changes[name].map { |v| values[v] }
+              elsif rails_below?('5.0')
+                changes[name]
+              else
+                values[changes[name]]
+              end
+          end
         end
+        changes
+      end
+
+      def redact_values(filtered_changes)
+        [audited_options[:redacted]].flatten.compact.each do |option|
+          changes = filtered_changes[option.to_s]
+          new_value = audited_options[:redaction_value] || REDACTED
+          if changes.is_a? Array
+            values = changes.map { new_value }
+          else
+            values = new_value
+          end
+          hash = Hash[option.to_s, values]
+          filtered_changes.merge!(hash)
+        end
+
+        filtered_changes
+      end
+
+      def rails_below?(rails_version)
+        Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
       end
 
       def audits_to(version = nil)
         if version == :previous
-          version = if self.version
-                      self.version - 1
+          version = if self.audit_version
+                      self.audit_version - 1
                     else
                       previous = audits.descending.offset(1).first
                       previous ? previous.version : 1
@@ -226,7 +290,7 @@ module Audited
       end
 
       def audit_update
-        unless (changes = audited_changes).empty? && audit_comment.blank?
+        unless (changes = audited_changes).empty? && (audit_comment.blank? || audited_options[:update_with_comment_only] == false)
           write_audit(action: 'update', audited_changes: changes,
                       comment: audit_comment)
         end
@@ -290,17 +354,12 @@ module Audited
 
       def run_conditional_check(condition, matching: true)
         return true if condition.blank?
-
         return condition.call(self) == matching if condition.respond_to?(:call)
-        return send(condition) == matching if respond_to?(condition.to_sym)
+        return send(condition) == matching if respond_to?(condition.to_sym, true)
 
         true
       end
 
-      def auditing_enabled=(val)
-        self.class.auditing_enabled = val
-      end
-
       def reconstruct_attributes(audits)
         attributes = {}
         audits.each { |audit| attributes.merge!(audit.new_attributes) }
@@ -338,6 +397,20 @@ module Audited
         enable_auditing if auditing_was_enabled
       end
 
+      # Executes the block with auditing enabled.
+      #
+      #   Foo.with_auditing do
+      #     @foo.save
+      #   end
+      #
+      def with_auditing
+        auditing_was_enabled = auditing_enabled
+        enable_auditing
+        yield
+      ensure
+        disable_auditing unless auditing_was_enabled
+      end
+
       def disable_auditing
         self.auditing_enabled = false
       end
@@ -355,7 +428,7 @@ module Audited
       end
 
       def auditing_enabled
-        Audited.store.fetch("#{table_name}_auditing_enabled", true)
+        Audited.store.fetch("#{table_name}_auditing_enabled", true) && Audited.auditing_enabled
       end
 
       def auditing_enabled=(val)

data/lib/audited/version.rb

@@ -1,3 +1,3 @@
 module Audited
-  VERSION = "4.7.0"
+  VERSION = "4.10.0"
 end

data/lib/audited.rb

@@ -2,7 +2,7 @@ require 'active_record'
 
 module Audited
   class << self
-    attr_accessor :ignored_attributes, :current_user_method, :max_audits
+    attr_accessor :ignored_attributes, :current_user_method, :max_audits, :auditing_enabled
     attr_writer :audit_class
 
     def audit_class
@@ -21,6 +21,7 @@ module Audited
   @ignored_attributes = %w(lock_version created_at updated_at created_on updated_on)
 
   @current_user_method = :current_user
+  @auditing_enabled = true
 end
 
 require 'audited/auditor'

data/lib/generators/audited/templates/add_version_to_auditable_index.rb

@@ -0,0 +1,21 @@
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    if index_exists?(:audits, [:auditable_type, :auditable_id], name: index_name)
+      remove_index :audits, name: index_name
+      add_index :audits, [:auditable_type, :auditable_id, :version], name: index_name
+    end
+  end
+
+  def self.down
+    if index_exists?(:audits, [:auditable_type, :auditable_id, :version], name: index_name)
+      remove_index :audits, name: index_name
+      add_index :audits, [:auditable_type, :auditable_id], name: index_name
+    end
+  end
+
+  private
+
+  def index_name
+    'auditable_index'
+  end
+end

data/lib/generators/audited/templates/install.rb

@@ -17,7 +17,7 @@ class <%= migration_class_name %> < <%= migration_parent %>
       t.column :created_at, :datetime
     end
 
-    add_index :audits, [:auditable_type, :auditable_id], :name => 'auditable_index'
+    add_index :audits, [:auditable_type, :auditable_id, :version], :name => 'auditable_index'
     add_index :audits, [:associated_type, :associated_id], :name => 'associated_index'
     add_index :audits, [:user_id, :user_type], :name => 'user_index'
     add_index :audits, :request_uuid

data/lib/generators/audited/upgrade_generator.rb

@@ -58,6 +58,10 @@ module Audited
         if indexes.any? { |i| i.columns == %w[associated_id associated_type] }
           yield :revert_polymorphic_indexes_order
         end
+
+        if indexes.any? { |i| i.columns == %w[auditable_type auditable_id] }
+          yield :add_version_to_auditable_index
+        end
       end
     end
   end

data/spec/audited/audit_spec.rb

@@ -1,5 +1,7 @@
 require "spec_helper"
 
+SingleCov.covered! uncovered: 1 # Rails version check
+
 describe Audited::Audit do
   let(:user) { Models::ActiveRecord::User.new name: "Testing" }
 
@@ -38,43 +40,64 @@ describe Audited::Audit do
       end
     end
 
-    it "should undo changes" do
-      user = Models::ActiveRecord::User.create(name: "John")
+    context "when a custom audit class is not configured" do
+      it "should default to #{described_class}" do
+        TempModel.audited
+
+        record = TempModel.create
+
+        audit = record.audits.first
+        expect(audit).to be_a Audited::Audit
+        expect(audit.respond_to?(:custom_method)).to be false
+      end
+    end
+  end
+
+  describe "#audited_changes" do
+    let(:audit) { Audited.audit_class.new }
+
+    it "can unserialize yaml from text columns" do
+      audit.audited_changes = {foo: "bar"}
+      expect(audit.audited_changes).to eq foo: "bar"
+    end
+
+    it "does not unserialize from binary columns" do
+      allow(Audited::YAMLIfTextColumnType).to receive(:text_column?).and_return(false)
+      audit.audited_changes = {foo: "bar"}
+      expect(audit.audited_changes).to eq "{:foo=>\"bar\"}"
+    end
+  end
+
+  describe "#undo" do
+    let(:user) { Models::ActiveRecord::User.create(name: "John") }
+
+    it "undos changes" do
       user.update_attribute(:name, 'Joe')
       user.audits.last.undo
       user.reload
-
       expect(user.name).to eq("John")
     end
 
-    it "should undo destroyed model" do
-      user = Models::ActiveRecord::User.create(name: "John")
+    it "undos destroy" do
       user.destroy
       user.audits.last.undo
       user = Models::ActiveRecord::User.find_by(name: "John")
       expect(user.name).to eq("John")
     end
 
-    it "should undo created model" do
-      user = Models::ActiveRecord::User.create(name: "John")
+    it "undos creation" do
+      user # trigger create
       expect {user.audits.last.undo}.to change(Models::ActiveRecord::User, :count).by(-1)
     end
 
-    context "when a custom audit class is not configured" do
-      it "should default to #{described_class}" do
-        TempModel.audited
-
-        record = TempModel.create
-
-        audit = record.audits.first
-        expect(audit).to be_a Audited::Audit
-        expect(audit.respond_to?(:custom_method)).to be false
-      end
+    it "fails when trying to undo unknown" do
+      audit = user.audits.last
+      audit.action = 'oops'
+      expect { audit.undo }.to raise_error("invalid action given oops")
     end
   end
 
   describe "user=" do
-
     it "should be able to set the user to a model object" do
       subject.user = user
       expect(subject.user).to eq(user)
@@ -110,11 +133,9 @@ describe Audited::Audit do
       subject.user = user
       expect(subject.username).to be_nil
     end
-
   end
 
   describe "revision" do
-
     it "should recreate attributes" do
       user = Models::ActiveRecord::User.create name: "1"
       5.times {|i| user.update_attribute :name, (i + 2).to_s }
@@ -148,6 +169,34 @@ describe Audited::Audit do
     end
   end
 
+  describe ".collection_cache_key" do
+    if ActiveRecord::VERSION::MAJOR >= 5
+      it "uses created at" do
+        Audited::Audit.delete_all
+        audit = Models::ActiveRecord::User.create(name: "John").audits.last
+        audit.update_columns(created_at: Time.zone.parse('2018-01-01'))
+        expect(Audited::Audit.collection_cache_key).to match(/-20180101\d+$/)
+      end
+    else
+      it "is not defined" do
+        expect { Audited::Audit.collection_cache_key }.to raise_error(NoMethodError)
+      end
+    end
+  end
+
+  describe ".assign_revision_attributes" do
+    it "dups when frozen" do
+      user.freeze
+      assigned = Audited::Audit.assign_revision_attributes(user, name: "Bar")
+      expect(assigned.name).to eq "Bar"
+    end
+
+    it "ignores unassignable attributes" do
+      assigned = Audited::Audit.assign_revision_attributes(user, oops: "Bar")
+      expect(assigned.name).to eq "Testing"
+    end
+  end
+
   it "should set the version number on create" do
     user = Models::ActiveRecord::User.create! name: "Set Version Number"
     expect(user.audits.first.version).to eq(1)
@@ -213,6 +262,25 @@ describe Audited::Audit do
       end
     end
 
+    it "should support nested as_user" do
+      Audited::Audit.as_user("sidekiq") do
+        company = Models::ActiveRecord::Company.create name: "The auditors"
+        company.name = "The Auditors, Inc"
+        company.save
+        expect(company.audits[-1].user).to eq("sidekiq")
+
+        Audited::Audit.as_user(user) do
+          company.name = "NEW Auditors, Inc"
+          company.save
+          expect(company.audits[-1].user).to eq(user)
+        end
+
+        company.name = "LAST Auditors, Inc"
+        company.save
+        expect(company.audits[-1].user).to eq("sidekiq")
+      end
+    end
+
     it "should record usernames" do
       Audited::Audit.as_user(user.name) do
         company = Models::ActiveRecord::Company.create name: "The auditors"
@@ -263,6 +331,5 @@ describe Audited::Audit do
       }.to raise_exception('expected')
       expect(Audited.store[:audited_user]).to be_nil
     end
-
   end
 end