audited 4.7.1 → 5.0.1

data/spec/audited/sweeper_spec.rb

@@ -1,5 +1,7 @@
 require "spec_helper"
 
+SingleCov.covered!
+
 class AuditsController < ActionController::Base
   before_action :populate_user
 
@@ -11,7 +13,7 @@ class AuditsController < ActionController::Base
   end
 
   def update
-    current_user.update_attributes(password: 'foo')
+    current_user.update!(password: "foo")
     head :ok
   end
 
@@ -20,48 +22,58 @@ class AuditsController < ActionController::Base
   attr_accessor :current_user
   attr_accessor :custom_user
 
-  def populate_user; end
+  def populate_user
+  end
 end
 
 describe AuditsController do
   include RSpec::Rails::ControllerExampleGroup
   render_views
 
-  before(:each) do
+  before do
+    Audited::Railtie.initializers.each(&:run)
     Audited.current_user_method = :current_user
   end
 
   let(:user) { create_user }
 
   describe "POST audit" do
-
     it "should audit user" do
       controller.send(:current_user=, user)
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
 
+    it "does not audit when method is not found" do
+      controller.send(:current_user=, user)
+      Audited.current_user_method = :nope
+      expect {
+        post :create
+      }.to change(Audited::Audit, :count)
+      expect(controller.company.audits.last.user).to eq(nil)
+    end
+
     it "should support custom users for sweepers" do
       controller.send(:custom_user=, user)
       Audited.current_user_method = :custom_user
 
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
 
     it "should record the remote address responsible for the change" do
-      request.env['REMOTE_ADDR'] = "1.2.3.4"
+      request.env["REMOTE_ADDR"] = "1.2.3.4"
       controller.send(:current_user=, user)
 
       post :create
 
-      expect(controller.company.audits.last.remote_address).to eq('1.2.3.4')
+      expect(controller.company.audits.last.remote_address).to eq("1.2.3.4")
     end
 
     it "should record a UUID for the web request responsible for the change" do
@@ -80,11 +92,10 @@ describe AuditsController do
 
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
-
   end
 
   describe "PUT update" do
@@ -92,33 +103,31 @@ describe AuditsController do
       controller.send(:current_user=, user)
 
       expect {
-        put :update, Rails::VERSION::MAJOR == 4 ? {id: 123} : {params: {id: 123}}
-      }.to_not change( Audited::Audit, :count )
+        put :update, params: {id: 123}
+      }.to_not change(Audited::Audit, :count)
     end
   end
 end
 
-
 describe Audited::Sweeper do
-
   it "should be thread-safe" do
     instance = Audited::Sweeper.new
 
     t1 = Thread.new do
       sleep 0.5
-      instance.controller = 'thread1 controller instance'
-      expect(instance.controller).to eq('thread1 controller instance')
+      instance.controller = "thread1 controller instance"
+      expect(instance.controller).to eq("thread1 controller instance")
     end
 
     t2 = Thread.new do
-      instance.controller = 'thread2 controller instance'
+      instance.controller = "thread2 controller instance"
       sleep 1
-      expect(instance.controller).to eq('thread2 controller instance')
+      expect(instance.controller).to eq("thread2 controller instance")
     end
 
-    t1.join; t2.join
+    t1.join
+    t2.join
 
     expect(instance.controller).to be_nil
   end
-
 end

data/spec/audited_spec.rb

@@ -0,0 +1,18 @@
+require "spec_helper"
+
+describe Audited do
+  describe "#store" do
+    describe "maintains state of store" do
+      let(:current_user) { "current_user" }
+      before { Audited.store[:current_user] = current_user }
+
+      it "when executed without fibers" do
+        expect(Audited.store[:current_user]).to eq(current_user)
+      end
+
+      it "when executed with Fibers" do
+        Fiber.new { expect(Audited.store[:current_user]).to eq(current_user) }.resume
+      end
+    end
+  end
+end

data/spec/audited_spec_helpers.rb

@@ -1,15 +1,14 @@
 module AuditedSpecHelpers
-
   def create_user(attrs = {})
-    Models::ActiveRecord::User.create({name: 'Brandon', username: 'brandon', password: 'password', favourite_device: 'Android Phone'}.merge(attrs))
+    Models::ActiveRecord::User.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
   end
 
   def build_user(attrs = {})
-    Models::ActiveRecord::User.new({name: 'darth', username: 'darth', password: 'noooooooo'}.merge(attrs))
+    Models::ActiveRecord::User.new({name: "darth", username: "darth", password: "noooooooo"}.merge(attrs))
   end
 
   def create_versions(n = 2, attrs = {})
-    Models::ActiveRecord::User.create(name: 'Foobar 1', **attrs).tap do |u|
+    Models::ActiveRecord::User.create(name: "Foobar 1", **attrs).tap do |u|
       (n - 1).times do |i|
         u.update_attribute :name, "Foobar #{i + 2}"
       end
@@ -18,15 +17,16 @@ module AuditedSpecHelpers
   end
 
   def run_migrations(direction, migrations_paths, target_version = nil)
-    if rails_below?('5.2.0.rc1')
+    if rails_below?("5.2.0.rc1")
       ActiveRecord::Migrator.send(direction, migrations_paths, target_version)
-    else
+    elsif rails_below?("6.0.0.rc1")
       ActiveRecord::MigrationContext.new(migrations_paths).send(direction, target_version)
+    else
+      ActiveRecord::MigrationContext.new(migrations_paths, ActiveRecord::SchemaMigration).send(direction, target_version)
     end
   end
 
   def rails_below?(rails_version)
     Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
   end
-
 end

data/spec/rails_app/app/assets/config/manifest.js

@@ -0,0 +1,2 @@
+//= link application.js
+//= link application.css

data/spec/rails_app/config/application.rb

@@ -1,8 +1,13 @@
-require 'rails/all'
+require "active_record/railtie"
 
 module RailsApp
   class Application < Rails::Application
-    config.root = File.expand_path('../../', __FILE__)
+    config.root = File.expand_path("../../", __FILE__)
     config.i18n.enforce_available_locales = true
   end
 end
+
+require "active_record/connection_adapters/sqlite3_adapter"
+if ActiveRecord::ConnectionAdapters::SQLite3Adapter.respond_to?(:represent_boolean_as_integer)
+  ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true
+end

data/spec/rails_app/config/database.yml

@@ -19,6 +19,7 @@ mysql: &MYSQL
   username: root
   password:
   database: audited_test
+  charset: utf8
 
 test:
   <<: *<%= ENV['DB'] || 'SQLITE3MEM' %>

data/spec/rails_app/config/environment.rb

@@ -1,5 +1,5 @@
 # Load the rails application
-require File.expand_path('../application', __FILE__)
+require File.expand_path("../application", __FILE__)
 
 # Initialize the rails application
 RailsApp::Application.initialize!

data/spec/rails_app/config/environments/test.rb

@@ -15,14 +15,14 @@ RailsApp::Application.configure do
   # Configure static file server for tests with Cache-Control for performance.
   if config.respond_to?(:public_file_server)
     config.public_file_server.enabled = true
-    config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
+    config.public_file_server.headers = {"Cache-Control" => "public, max-age=3600"}
   else
-    config.static_cache_control = 'public, max-age=3600'
-    config.serve_static_files   = true
+    config.static_cache_control = "public, max-age=3600"
+    config.serve_static_files = true
   end
 
   # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
+  config.consider_all_requests_local = true
   # config.action_controller.perform_caching = false
 
   # Raise exceptions instead of rendering exception templates.
@@ -34,7 +34,7 @@ RailsApp::Application.configure do
   # Tell Action Mailer not to deliver emails to the real world.
   # The :test delivery method accumulates sent emails in the
   # ActionMailer::Base.deliveries array.
-  config.action_mailer.delivery_method = :test
+  # config.action_mailer.delivery_method = :test
 
   # Randomize the order test cases are executed.
   config.active_support.test_order = :random

data/spec/rails_app/config/initializers/secret_token.rb

@@ -1,3 +1,3 @@
-Rails.application.config.secret_token = 'ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571'
+Rails.application.config.secret_token = "ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571"
 Rails.application.config.session_store :cookie_store, key: "_my_app"
-Rails.application.config.secret_key_base = 'secret value'
+Rails.application.config.secret_key_base = "secret value"

data/spec/spec_helper.rb

@@ -1,22 +1,24 @@
-ENV['RAILS_ENV'] = 'test'
+ENV["RAILS_ENV"] = "test"
+require "bundler/setup"
+require "single_cov"
+SingleCov.setup :rspec
 
-require 'bundler'
-if Bundler.definition.dependencies.map(&:name).include?('protected_attributes')
-  require 'protected_attributes'
+if Bundler.definition.dependencies.map(&:name).include?("protected_attributes")
+  require "protected_attributes"
 end
-require 'rails_app/config/environment'
-require 'rspec/rails'
-require 'audited'
-require 'audited-rspec'
-require 'audited_spec_helpers'
-require 'support/active_record/models'
+require "rails_app/config/environment"
+require "rspec/rails"
+require "audited"
+require "audited-rspec"
+require "audited_spec_helpers"
+require "support/active_record/models"
 
-SPEC_ROOT = Pathname.new(File.expand_path('../', __FILE__))
+SPEC_ROOT = Pathname.new(File.expand_path("../", __FILE__))
 
-Dir[SPEC_ROOT.join('support/*.rb')].each{|f| require f }
+Dir[SPEC_ROOT.join("support/*.rb")].sort.each { |f| require f }
 
 RSpec.configure do |config|
   config.include AuditedSpecHelpers
-  config.use_transactional_fixtures = false if Rails.version.start_with?('4.')
+  config.use_transactional_fixtures = false if Rails.version.start_with?("4.")
   config.use_transactional_tests = false if config.respond_to?(:use_transactional_tests=)
 end

data/spec/support/active_record/models.rb

@@ -1,12 +1,14 @@
-require 'cgi'
-require File.expand_path('../schema', __FILE__)
+require "cgi"
+require File.expand_path("../schema", __FILE__)
 
 module Models
   module ActiveRecord
     class User < ::ActiveRecord::Base
       audited except: :password
-      attribute :non_column_attr if Rails.version >= '5.1'
+      attribute :non_column_attr if Rails.version >= "5.1"
       attr_protected :logins if respond_to?(:attr_protected)
+      enum status: {active: 0, reliable: 1, banned: 2}
+      serialize :phone_numbers, Array
 
       def name=(val)
         write_attribute(:name, CGI.escapeHTML(val))
@@ -20,13 +22,28 @@ module Models
 
     class UserOnlyPassword < ::ActiveRecord::Base
       self.table_name = :users
-      attribute :non_column_attr if Rails.version >= '5.1'
+      attribute :non_column_attr if Rails.version >= "5.1"
       audited only: :password
     end
 
+    class UserRedactedPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password
+    end
+
+    class UserMultipleRedactedAttributes < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: [:password, :ssn]
+    end
+
+    class UserRedactedPasswordCustomRedaction < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password, redaction_value: ["My", "Custom", "Value", 7]
+    end
+
     class CommentRequiredUser < ::ActiveRecord::Base
       self.table_name = :users
-      audited comment_required: true
+      audited except: :password, comment_required: true
     end
 
     class OnCreateCommentRequiredUser < ::ActiveRecord::Base
@@ -44,6 +61,11 @@ module Models
       audited comment_required: true, on: :destroy
     end
 
+    class NoUpdateWithCommentOnlyUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited update_with_comment_only: false
+    end
+
     class AccessibleAfterDeclarationUser < ::ActiveRecord::Base
       self.table_name = :users
       audited
@@ -90,35 +112,39 @@ module Models
     end
 
     class Owner < ::ActiveRecord::Base
-      self.table_name = 'users'
+      self.table_name = "users"
+      audited
       has_associated_audits
       has_many :companies, class_name: "OwnedCompany", dependent: :destroy
     end
 
     class OwnedCompany < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       belongs_to :owner, class_name: "Owner"
       attr_accessible :name, :owner if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
       audited associated_with: :owner
     end
 
+    class OwnedCompany::STICompany < OwnedCompany
+    end
+
     class OnUpdateDestroy < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited on: [:update, :destroy]
     end
 
     class OnCreateDestroy < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited on: [:create, :destroy]
     end
 
     class OnCreateDestroyExceptName < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited except: :name, on: [:create, :destroy]
     end
 
     class OnCreateUpdate < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited on: [:create, :update]
     end
   end

data/spec/support/active_record/postgres/1_change_audited_changes_type_to_json.rb

@@ -1,5 +1,4 @@
-parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
-class ChangeAuditedChangesTypeToJson < parent
+class ChangeAuditedChangesTypeToJson < ActiveRecord::Migration[5.0]
   def self.up
     remove_column :audits, :audited_changes
     add_column :audits, :audited_changes, :json

data/spec/support/active_record/postgres/2_change_audited_changes_type_to_jsonb.rb

@@ -1,5 +1,4 @@
-parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
-class ChangeAuditedChangesTypeToJsonb < parent
+class ChangeAuditedChangesTypeToJsonb < ActiveRecord::Migration[5.0]
   def self.up
     remove_column :audits, :audited_changes
     add_column :audits, :audited_changes, :jsonb

data/spec/support/active_record/schema.rb

@@ -1,28 +1,33 @@
-require 'active_record'
-require 'logger'
+require "active_record"
+require "logger"
 
 begin
-  db_config = ActiveRecord::Base.configurations[Rails.env].clone
-  db_type = db_config['adapter']
-  db_name = db_config.delete('database')
-  raise Exception.new('No database name specified.') if db_name.blank?
-  if db_type == 'sqlite3'
-    db_file = Pathname.new(__FILE__).dirname.join(db_name)
-    db_file.unlink if db_file.file?
+  if ActiveRecord.version >= Gem::Version.new("6.1.0")
+    db_config = ActiveRecord::Base.configurations.configs_for(env_name: Rails.env).first
+    ActiveRecord::Tasks::DatabaseTasks.create(db_config)
   else
-    if defined?(JRUBY_VERSION)
-      db_config.symbolize_keys!
-      db_config[:configure_connection] = false
+    db_config = ActiveRecord::Base.configurations[Rails.env].clone
+    db_type = db_config["adapter"]
+    db_name = db_config.delete("database")
+    raise StandardError.new("No database name specified.") if db_name.blank?
+    if db_type == "sqlite3"
+      db_file = Pathname.new(__FILE__).dirname.join(db_name)
+      db_file.unlink if db_file.file?
+    else
+      if defined?(JRUBY_VERSION)
+        db_config.symbolize_keys!
+        db_config[:configure_connection] = false
+      end
+      adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
+      adapter.recreate_database db_name, db_config.slice("charset").symbolize_keys
+      adapter.disconnect!
     end
-    adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
-    adapter.recreate_database db_name
-    adapter.disconnect!
   end
-rescue Exception => e
+rescue => e
   Kernel.warn e
 end
 
-logfile = Pathname.new(__FILE__).dirname.join('debug.log')
+logfile = Pathname.new(__FILE__).dirname.join("debug.log")
 logfile.unlink if logfile.file?
 ActiveRecord::Base.logger = Logger.new(logfile)
 
@@ -35,11 +40,14 @@ ActiveRecord::Schema.define do
     t.column :username, :string
     t.column :password, :string
     t.column :activated, :boolean
+    t.column :status, :integer, default: 0
     t.column :suspended_at, :datetime
     t.column :logins, :integer, default: 0
     t.column :created_at, :datetime
     t.column :updated_at, :datetime
     t.column :favourite_device, :string
+    t.column :ssn, :integer
+    t.column :phone_numbers, :string
   end
 
   create_table :companies do |t|
@@ -74,9 +82,9 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:associated_id, :associated_type], name: 'associated_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:associated_id, :associated_type], name: "associated_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :request_uuid
   add_index :audits, :created_at
 end