audited 4.9.0 → 5.4.3

data/spec/audited/sweeper_spec.rb

@@ -1,6 +1,6 @@
 require "spec_helper"
 
-SingleCov.covered! uncovered: 2 # 2 conditional on_load conditions
+SingleCov.covered!
 
 class AuditsController < ActionController::Base
   before_action :populate_user
@@ -13,7 +13,7 @@ class AuditsController < ActionController::Base
   end
 
   def update
-    current_user.update!(password: 'foo')
+    current_user.update!(password: "foo")
     head :ok
   end
 
@@ -22,7 +22,8 @@ class AuditsController < ActionController::Base
   attr_accessor :current_user
   attr_accessor :custom_user
 
-  def populate_user; end
+  def populate_user
+  end
 end
 
 describe AuditsController do
@@ -30,6 +31,7 @@ describe AuditsController do
   render_views
 
   before do
+    Audited::Railtie.initializers.each(&:run)
     Audited.current_user_method = :current_user
   end
 
@@ -40,7 +42,7 @@ describe AuditsController do
       controller.send(:current_user=, user)
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
@@ -50,7 +52,7 @@ describe AuditsController do
       Audited.current_user_method = :nope
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
       expect(controller.company.audits.last.user).to eq(nil)
     end
 
@@ -60,18 +62,18 @@ describe AuditsController do
 
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
 
     it "should record the remote address responsible for the change" do
-      request.env['REMOTE_ADDR'] = "1.2.3.4"
+      request.env["REMOTE_ADDR"] = "1.2.3.4"
       controller.send(:current_user=, user)
 
       post :create
 
-      expect(controller.company.audits.last.remote_address).to eq('1.2.3.4')
+      expect(controller.company.audits.last.remote_address).to eq("1.2.3.4")
     end
 
     it "should record a UUID for the web request responsible for the change" do
@@ -90,7 +92,7 @@ describe AuditsController do
 
       expect {
         post :create
-      }.to change( Audited::Audit, :count )
+      }.to change(Audited::Audit, :count)
 
       expect(controller.company.audits.last.user).to eq(user)
     end
@@ -101,32 +103,31 @@ describe AuditsController do
       controller.send(:current_user=, user)
 
       expect {
-        put :update, Rails::VERSION::MAJOR == 4 ? {id: 123} : {params: {id: 123}}
-      }.to_not change( Audited::Audit, :count )
+        put :update, params: {id: 123}
+      }.to_not change(Audited::Audit, :count)
     end
   end
 end
 
 describe Audited::Sweeper do
-
   it "should be thread-safe" do
     instance = Audited::Sweeper.new
 
     t1 = Thread.new do
       sleep 0.5
-      instance.controller = 'thread1 controller instance'
-      expect(instance.controller).to eq('thread1 controller instance')
+      instance.controller = "thread1 controller instance"
+      expect(instance.controller).to eq("thread1 controller instance")
     end
 
     t2 = Thread.new do
-      instance.controller = 'thread2 controller instance'
+      instance.controller = "thread2 controller instance"
       sleep 1
-      expect(instance.controller).to eq('thread2 controller instance')
+      expect(instance.controller).to eq("thread2 controller instance")
     end
 
-    t1.join; t2.join
+    t1.join
+    t2.join
 
     expect(instance.controller).to be_nil
   end
-
 end

data/spec/audited_spec.rb

@@ -0,0 +1,14 @@
+require "spec_helper"
+
+describe Audited do
+  describe "#store" do
+    describe "maintains state of store" do
+      let(:current_user) { RequestStore.store[:audited_store] }
+      before { Audited.store[:current_user] = current_user }
+
+      it "checks store is not nil" do
+        expect(Audited.store[:current_user]).to eq(current_user)
+      end
+    end
+  end
+end

data/spec/audited_spec_helpers.rb

@@ -1,15 +1,18 @@
 module AuditedSpecHelpers
-
   def create_user(attrs = {})
-    Models::ActiveRecord::User.create({name: 'Brandon', username: 'brandon', password: 'password', favourite_device: 'Android Phone'}.merge(attrs))
+    Models::ActiveRecord::User.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
+  end
+
+  def create_user_with_readonly_attrs(attrs = {})
+    Models::ActiveRecord::UserWithReadOnlyAttrs.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
   end
 
   def build_user(attrs = {})
-    Models::ActiveRecord::User.new({name: 'darth', username: 'darth', password: 'noooooooo'}.merge(attrs))
+    Models::ActiveRecord::User.new({name: "darth", username: "darth", password: "noooooooo"}.merge(attrs))
   end
 
   def create_versions(n = 2, attrs = {})
-    Models::ActiveRecord::User.create(name: 'Foobar 1', **attrs).tap do |u|
+    Models::ActiveRecord::User.create(name: "Foobar 1", **attrs).tap do |u|
       (n - 1).times do |i|
         u.update_attribute :name, "Foobar #{i + 2}"
       end
@@ -18,15 +21,16 @@ module AuditedSpecHelpers
   end
 
   def run_migrations(direction, migrations_paths, target_version = nil)
-    if rails_below?('5.2.0.rc1')
+    if rails_below?("5.2.0.rc1")
       ActiveRecord::Migrator.send(direction, migrations_paths, target_version)
-    else
+    elsif rails_below?("6.0.0.rc1")
       ActiveRecord::MigrationContext.new(migrations_paths).send(direction, target_version)
+    else
+      ActiveRecord::MigrationContext.new(migrations_paths, ActiveRecord::SchemaMigration).send(direction, target_version)
     end
   end
 
   def rails_below?(rails_version)
     Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
   end
-
 end

data/spec/rails_app/app/assets/config/manifest.js

@@ -0,0 +1,2 @@
+//= link application.js
+//= link application.css

data/spec/rails_app/config/application.rb

@@ -1,13 +1,42 @@
-require 'rails/all'
+require "active_record/railtie"
 
 module RailsApp
   class Application < Rails::Application
-    config.root = File.expand_path('../../', __FILE__)
+    config.root = File.expand_path("../../", __FILE__)
     config.i18n.enforce_available_locales = true
+
+    if Rails.version.start_with?("7.1") && config.active_record.respond_to?(:yaml_column_permitted_classes=)
+      config.active_record.yaml_column_permitted_classes = [
+        String,
+        Symbol,
+        Integer,
+        NilClass,
+        Float,
+        Time,
+        Date,
+        FalseClass,
+        Hash,
+        Array,
+        DateTime,
+        TrueClass,
+        BigDecimal,
+        ActiveSupport::TimeWithZone,
+        ActiveSupport::TimeZone,
+        ActiveSupport::HashWithIndifferentAccess
+      ]
+    elsif !Rails.version.start_with?("5.0") && !Rails.version.start_with?("5.1") && config.active_record.respond_to?(:yaml_column_permitted_classes=)
+      config.active_record.yaml_column_permitted_classes =
+        %w[String Symbol Integer NilClass Float Time Date FalseClass Hash Array DateTime TrueClass BigDecimal
+          ActiveSupport::TimeWithZone ActiveSupport::TimeZone ActiveSupport::HashWithIndifferentAccess]
+    end
+
+    if Rails.gem_version >= Gem::Version.new("7.1")
+      config.active_support.cache_format_version = 7.1
+    end
   end
 end
 
-require 'active_record/connection_adapters/sqlite3_adapter'
+require "active_record/connection_adapters/sqlite3_adapter"
 if ActiveRecord::ConnectionAdapters::SQLite3Adapter.respond_to?(:represent_boolean_as_integer)
   ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true
 end

data/spec/rails_app/config/database.yml

@@ -9,7 +9,8 @@ sqlite3: &SQLITE
 postgresql: &POSTGRES
   adapter: postgresql
   username: postgres
-  password:
+  password: postgres
+  host: localhost
   database: audited_test
   min_messages: ERROR
 
@@ -17,7 +18,7 @@ mysql: &MYSQL
   adapter: mysql2
   host: localhost
   username: root
-  password:
+  password: root
   database: audited_test
   charset: utf8
 

data/spec/rails_app/config/environment.rb

@@ -1,5 +1,5 @@
 # Load the rails application
-require File.expand_path('../application', __FILE__)
+require File.expand_path("../application", __FILE__)
 
 # Initialize the rails application
 RailsApp::Application.initialize!

data/spec/rails_app/config/environments/test.rb

@@ -15,14 +15,14 @@ RailsApp::Application.configure do
   # Configure static file server for tests with Cache-Control for performance.
   if config.respond_to?(:public_file_server)
     config.public_file_server.enabled = true
-    config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
+    config.public_file_server.headers = {"Cache-Control" => "public, max-age=3600"}
   else
-    config.static_cache_control = 'public, max-age=3600'
-    config.serve_static_files   = true
+    config.static_cache_control = "public, max-age=3600"
+    config.serve_static_files = true
   end
 
   # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
+  config.consider_all_requests_local = true
   # config.action_controller.perform_caching = false
 
   # Raise exceptions instead of rendering exception templates.
@@ -34,7 +34,7 @@ RailsApp::Application.configure do
   # Tell Action Mailer not to deliver emails to the real world.
   # The :test delivery method accumulates sent emails in the
   # ActionMailer::Base.deliveries array.
-  config.action_mailer.delivery_method = :test
+  # config.action_mailer.delivery_method = :test
 
   # Randomize the order test cases are executed.
   config.active_support.test_order = :random
@@ -44,4 +44,9 @@ RailsApp::Application.configure do
 
   # Raises error for missing translations
   # config.action_view.raise_on_missing_translations = true
+
+  if ::ActiveRecord::VERSION::MAJOR >= 7
+    config.active_record.encryption.key_derivation_salt = SecureRandom.hex
+    config.active_record.encryption.primary_key = SecureRandom.hex
+  end
 end

data/spec/rails_app/config/initializers/secret_token.rb

@@ -1,3 +1,3 @@
-Rails.application.config.secret_token = 'ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571'
+Rails.application.config.secret_token = "ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571"
 Rails.application.config.session_store :cookie_store, key: "_my_app"
-Rails.application.config.secret_key_base = 'secret value'
+Rails.application.config.secret_key_base = "secret value"

data/spec/spec_helper.rb

@@ -1,24 +1,24 @@
-ENV['RAILS_ENV'] = 'test'
-require 'bundler/setup'
-require 'single_cov'
+ENV["RAILS_ENV"] = "test"
+require "bundler/setup"
+require "single_cov"
 SingleCov.setup :rspec
 
-if Bundler.definition.dependencies.map(&:name).include?('protected_attributes')
-  require 'protected_attributes'
+if Bundler.definition.dependencies.map(&:name).include?("protected_attributes")
+  require "protected_attributes"
 end
-require 'rails_app/config/environment'
-require 'rspec/rails'
-require 'audited'
-require 'audited-rspec'
-require 'audited_spec_helpers'
-require 'support/active_record/models'
+require "rails_app/config/environment"
+require "rspec/rails"
+require "audited"
+require "audited-rspec"
+require "audited_spec_helpers"
+require "support/active_record/models"
 
-SPEC_ROOT = Pathname.new(File.expand_path('../', __FILE__))
+SPEC_ROOT = Pathname.new(File.expand_path("../", __FILE__))
 
-Dir[SPEC_ROOT.join('support/*.rb')].each{|f| require f }
+Dir[SPEC_ROOT.join("support/*.rb")].sort.each { |f| require f }
 
 RSpec.configure do |config|
   config.include AuditedSpecHelpers
-  config.use_transactional_fixtures = false if Rails.version.start_with?('4.')
+  config.use_transactional_fixtures = false if Rails.version.start_with?("4.")
   config.use_transactional_tests = false if config.respond_to?(:use_transactional_tests=)
 end

data/spec/support/active_record/models.rb

@@ -1,13 +1,19 @@
-require 'cgi'
-require File.expand_path('../schema', __FILE__)
+require "cgi"
+require File.expand_path("../schema", __FILE__)
 
 module Models
   module ActiveRecord
     class User < ::ActiveRecord::Base
       audited except: :password
-      attribute :non_column_attr if Rails.version >= '5.1'
+      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
       attr_protected :logins if respond_to?(:attr_protected)
-      enum status: { active: 0, reliable: 1, banned: 2 }
+      enum status: {active: 0, reliable: 1, banned: 2}
+
+      if Rails.gem_version >= Gem::Version.new("7.1")
+        serialize :phone_numbers, type: Array
+      else
+        serialize :phone_numbers, Array
+      end
 
       def name=(val)
         write_attribute(:name, CGI.escapeHTML(val))
@@ -21,13 +27,42 @@ module Models
 
     class UserOnlyPassword < ::ActiveRecord::Base
       self.table_name = :users
-      attribute :non_column_attr if Rails.version >= '5.1'
+      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
       audited only: :password
     end
 
+    class UserRedactedPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password
+    end
+
+    class UserMultipleRedactedAttributes < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: [:password, :ssn]
+    end
+
+    class UserRedactedPasswordCustomRedaction < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password, redaction_value: ["My", "Custom", "Value", 7]
+    end
+
+    if ::ActiveRecord::VERSION::MAJOR >= 7
+      class UserWithEncryptedPassword < ::ActiveRecord::Base
+        self.table_name = :users
+        audited
+        encrypts :password
+      end
+    end
+
+    class UserWithReadOnlyAttrs < ::ActiveRecord::Base
+      self.table_name = :users
+      audited
+      attr_readonly :status
+    end
+
     class CommentRequiredUser < ::ActiveRecord::Base
       self.table_name = :users
-      audited comment_required: true
+      audited except: :password, comment_required: true
     end
 
     class OnCreateCommentRequiredUser < ::ActiveRecord::Base
@@ -96,37 +131,51 @@ module Models
     end
 
     class Owner < ::ActiveRecord::Base
-      self.table_name = 'users'
+      self.table_name = "users"
       audited
       has_associated_audits
       has_many :companies, class_name: "OwnedCompany", dependent: :destroy
+      accepts_nested_attributes_for :companies
     end
 
     class OwnedCompany < ::ActiveRecord::Base
-      self.table_name = 'companies'
-      belongs_to :owner, class_name: "Owner"
+      self.table_name = "companies"
+      belongs_to :owner, class_name: "Owner", touch: true
       attr_accessible :name, :owner if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
       audited associated_with: :owner
     end
 
+    class OwnedCompany::STICompany < OwnedCompany
+    end
+
     class OnUpdateDestroy < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited on: [:update, :destroy]
     end
 
     class OnCreateDestroy < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
+      audited on: [:create, :destroy]
+    end
+
+    class OnCreateDestroyUser < ::ActiveRecord::Base
+      self.table_name = "users"
       audited on: [:create, :destroy]
     end
 
     class OnCreateDestroyExceptName < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited except: :name, on: [:create, :destroy]
     end
 
     class OnCreateUpdate < ::ActiveRecord::Base
-      self.table_name = 'companies'
+      self.table_name = "companies"
       audited on: [:create, :update]
     end
+
+    class OnTouchOnly < ::ActiveRecord::Base
+      self.table_name = "users"
+      audited on: [:touch]
+    end
   end
 end

data/spec/support/active_record/postgres/1_change_audited_changes_type_to_json.rb

@@ -1,5 +1,4 @@
-parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
-class ChangeAuditedChangesTypeToJson < parent
+class ChangeAuditedChangesTypeToJson < ActiveRecord::Migration[5.0]
   def self.up
     remove_column :audits, :audited_changes
     add_column :audits, :audited_changes, :json

data/spec/support/active_record/postgres/2_change_audited_changes_type_to_jsonb.rb

@@ -1,5 +1,4 @@
-parent = Rails::VERSION::MAJOR == 4 ? ActiveRecord::Migration : ActiveRecord::Migration[4.2]
-class ChangeAuditedChangesTypeToJsonb < parent
+class ChangeAuditedChangesTypeToJsonb < ActiveRecord::Migration[5.0]
   def self.up
     remove_column :audits, :audited_changes
     add_column :audits, :audited_changes, :jsonb

data/spec/support/active_record/schema.rb

@@ -1,28 +1,33 @@
-require 'active_record'
-require 'logger'
+require "active_record"
+require "logger"
 
 begin
-  db_config = ActiveRecord::Base.configurations[Rails.env].clone
-  db_type = db_config['adapter']
-  db_name = db_config.delete('database')
-  raise Exception.new('No database name specified.') if db_name.blank?
-  if db_type == 'sqlite3'
-    db_file = Pathname.new(__FILE__).dirname.join(db_name)
-    db_file.unlink if db_file.file?
+  if ActiveRecord.version >= Gem::Version.new("6.1.0")
+    db_config = ActiveRecord::Base.configurations.configs_for(env_name: Rails.env).first
+    ActiveRecord::Tasks::DatabaseTasks.create(db_config)
   else
-    if defined?(JRUBY_VERSION)
-      db_config.symbolize_keys!
-      db_config[:configure_connection] = false
+    db_config = ActiveRecord::Base.configurations[Rails.env].clone
+    db_type = db_config["adapter"]
+    db_name = db_config.delete("database")
+    raise StandardError.new("No database name specified.") if db_name.blank?
+    if db_type == "sqlite3"
+      db_file = Pathname.new(__FILE__).dirname.join(db_name)
+      db_file.unlink if db_file.file?
+    else
+      if defined?(JRUBY_VERSION)
+        db_config.symbolize_keys!
+        db_config[:configure_connection] = false
+      end
+      adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
+      adapter.recreate_database db_name, db_config.slice("charset").symbolize_keys
+      adapter.disconnect!
     end
-    adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
-    adapter.recreate_database db_name, db_config.slice('charset').symbolize_keys
-    adapter.disconnect!
   end
 rescue => e
   Kernel.warn e
 end
 
-logfile = Pathname.new(__FILE__).dirname.join('debug.log')
+logfile = Pathname.new(__FILE__).dirname.join("debug.log")
 logfile.unlink if logfile.file?
 ActiveRecord::Base.logger = Logger.new(logfile)
 
@@ -41,6 +46,8 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
     t.column :updated_at, :datetime
     t.column :favourite_device, :string
+    t.column :ssn, :integer
+    t.column :phone_numbers, :string
   end
 
   create_table :companies do |t|
@@ -75,9 +82,9 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:associated_id, :associated_type], name: 'associated_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:associated_id, :associated_type], name: "associated_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :request_uuid
   add_index :audits, :created_at
 end

data/test/db/version_1.rb

@@ -11,7 +11,7 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :created_at
 end

data/test/db/version_2.rb

@@ -12,7 +12,7 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :created_at
 end

data/test/db/version_3.rb

@@ -12,8 +12,7 @@ ActiveRecord::Schema.define do
     t.column :created_at, :datetime
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :created_at
 end
-

data/test/db/version_4.rb

@@ -13,8 +13,7 @@ ActiveRecord::Schema.define do
     t.column :remote_address, :string
   end
 
-  add_index :audits, [:auditable_id, :auditable_type], name: 'auditable_index'
-  add_index :audits, [:user_id, :user_type], name: 'user_index'
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
   add_index :audits, :created_at
 end
-

data/test/db/version_5.rb

@@ -15,4 +15,3 @@ ActiveRecord::Schema.define do
     t.column :association_type, :string
   end
 end
-

data/test/db/version_6.rb

@@ -15,5 +15,5 @@ ActiveRecord::Schema.define do
     t.column :associated_type, :string
   end
 
-  add_index :audits, [:auditable_type, :auditable_id], name: 'auditable_index'
+  add_index :audits, [:auditable_type, :auditable_id], name: "auditable_index"
 end