audited 5.4.1 → 5.4.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8064f489d5ebd438af237683541fb2436fc687d786a688f5d6ce936e24e6d89b
-  data.tar.gz: b6acaf26b868f64883dcd9af556cfc5233be1395c3fc03fdea13c3c7449de6b8
+  metadata.gz: 32e366c7864b72cc3729bd15673e391ff3f45fee1b6ab0f2789ed8499588002f
+  data.tar.gz: 6a3f24da58730f880eaa1e7e607f33ef5bf74a035b477249e7d34f827e36728c
 SHA512:
-  metadata.gz: 9466b4f7ab9a100e9ff0e9e5dbec591dc30e9027d8529c481f3e3faa72cb6d89c2cf5eb6c19e1cbbb6ceba5ea2f55a882e7c4fe2ef587a6eed676640d63372ff
-  data.tar.gz: 5f9050ffcff6dcadd3e4040aa941f2f48773ef575e69f2012d4088e9fed327ec35e3a386c7437bbe019cbfc2c32e0e4ac348f49977915ffac6c6e1b1d8580c6c
+  metadata.gz: fb1332090ad6d301af3d61a2948b8376f33dad8bea9c431ad480432f3c8d80837b9202f718e69be2dcdb0bb7bab8a329d77ae45e2fc50c533b6c79979e5d2b49
+  data.tar.gz: 632aae39c6307342b8430308f2f093e03a1b172f8ce0c08a3ed87f380f48b39e5fff63b2132fa93f9a5d0dec4a08b391671f52b5d2173a680c951aa27b4537f9

data/.github/workflows/publish_gem.yml

@@ -0,0 +1,28 @@
+name: Publish Gem
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  push:
+    if: github.repository == 'collectiveidea/audited'
+    runs-on: ubuntu-latest
+    environment: publishing
+
+    permissions:
+      contents: write
+      id-token: write
+
+    steps:
+      # Set up
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+          ruby-version: ruby
+
+      # Release
+      - uses: rubygems/release-gem@v1

data/CHANGELOG.md

@@ -1,6 +1,19 @@
 # Audited ChangeLog
 
-## 5.4.1 (2023-09-30)
+### 5.4.3 (2024-01-11)
+
+- Ignore readonly columns in audit - @sriddbs
+  [#692](https://github.com/collectiveidea/audited/pull/692)
+- Robustify Rails version checks - @blaet
+  [#689](https://github.com/collectiveidea/audited/pull/689)
+-  Ignore callbacks if not specifed on the model
+  [#679](https://github.com/collectiveidea/audited/pull/679)
+
+## 5.4.2 (2023-11-30)
+
+- Revert replacing RequetStore with ActiveSupport::CurrentAttributes until it is fully tested.
+
+## 5.4.1 (2023-11-30)
 
 - Replace RequestStore with ActiveSupport::CurrentAttributes - @the-spectator
   [#673](https://github.com/collectiveidea/audited/pull/673/)

data/README.md

@@ -133,18 +133,24 @@ end
 
 ### Specifying callbacks
 
-By default, a new audit is created for any Create, Update or Destroy action. You can, however, limit the actions audited.
+By default, a new audit is created for any Create, Update, Touch (Rails 6+) or Destroy action. You can, however, limit the actions audited.
 
 ```ruby
 class User < ActiveRecord::Base
   # All fields and actions
   # audited
 
-  # Single field, only audit Update and Destroy (not Create)
+  # Single field, only audit Update and Destroy (not Create or Touch)
   # audited only: :name, on: [:update, :destroy]
 end
 ```
 
+You can ignore the default callbacks globally unless the callback action is specified in your model using the `:on` option. To configure default callback exclusion, put the following in an initializer file (`config/initializers/audited.rb`):
+
+```ruby
+Audited.ignored_default_callbacks = [:create, :update] # ignore callbacks create and update
+```
+
 ### Comments
 
 You can attach comments to each audit using an `audit_comment` attribute on your model.

data/Rakefile

@@ -1,12 +1,10 @@
 #!/usr/bin/env rake
 
-require "bundler/gem_helper"
+require "bundler/gem_tasks"
 require "rspec/core/rake_task"
 require "rake/testtask"
 require "appraisal"
 
-Bundler::GemHelper.install_tasks(name: "audited")
-
 RSpec::Core::RakeTask.new(:spec)
 
 Rake::TestTask.new do |t|

data/lib/audited/audit.rb

@@ -49,7 +49,7 @@ module Audited
     cattr_accessor :audited_class_names
     self.audited_class_names = Set.new
 
-    if Rails.version >= "7.1"
+    if Rails.gem_version >= Gem::Version.new("7.1")
       serialize :audited_changes, coder: YAMLIfTextColumnType
     else
       serialize :audited_changes, YAMLIfTextColumnType

data/lib/audited/auditor.rb

@@ -231,7 +231,7 @@ module Audited
 
       private
 
-      def audited_changes(for_touch: false)
+      def audited_changes(for_touch: false, exclude_readonly_attrs: false)
         all_changes = if for_touch
           previous_changes
         elsif respond_to?(:changes_to_save)
@@ -240,6 +240,8 @@ module Audited
           changes
         end
 
+        all_changes = all_changes.except(*self.class.readonly_attributes.to_a) if exclude_readonly_attrs
+
         filtered_changes = \
           if audited_options[:only].present?
             all_changes.slice(*self.class.audited_columns)
@@ -333,14 +335,14 @@ module Audited
       end
 
       def audit_update
-        unless (changes = audited_changes).empty? && (audit_comment.blank? || audited_options[:update_with_comment_only] == false)
+        unless (changes = audited_changes(exclude_readonly_attrs: true)).empty? && (audit_comment.blank? || audited_options[:update_with_comment_only] == false)
           write_audit(action: "update", audited_changes: changes,
             comment: audit_comment)
         end
       end
 
       def audit_touch
-        unless (changes = audited_changes(for_touch: true)).empty?
+        unless (changes = audited_changes(for_touch: true, exclude_readonly_attrs: true)).empty?
           write_audit(action: "update", audited_changes: changes,
             comment: audit_comment)
         end
@@ -496,7 +498,7 @@ module Audited
 
       def normalize_audited_options
         audited_options[:on] = Array.wrap(audited_options[:on])
-        audited_options[:on] = [:create, :update, :touch, :destroy] if audited_options[:on].empty?
+        audited_options[:on] = ([:create, :update, :touch, :destroy] - Audited.ignored_default_callbacks) if audited_options[:on].empty?
         audited_options[:only] = Array.wrap(audited_options[:only]).map(&:to_s)
         audited_options[:except] = Array.wrap(audited_options[:except]).map(&:to_s)
         max_audits = audited_options[:max_audits] || Audited.max_audits

data/lib/audited/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Audited
-  VERSION = "5.4.1"
+  VERSION = "5.4.3"
 end

data/lib/audited.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "active_record"
+require "request_store"
 
 module Audited
   class << self
@@ -8,6 +9,7 @@ module Audited
       :auditing_enabled,
       :current_user_method,
       :ignored_attributes,
+      :ignored_default_callbacks,
       :max_audits,
       :store_synthesized_enums
     attr_writer :audit_class
@@ -25,7 +27,7 @@ module Audited
               deprecator: ActiveSupport::Deprecation.new('6.0.0', 'Audited')
 
     def store
-      Audited::RequestStore.audited_store ||= {}
+      RequestStore.store[:audited_store] ||= {}
     end
 
     def config
@@ -34,6 +36,7 @@ module Audited
   end
 
   @ignored_attributes = %w[lock_version created_at updated_at created_on updated_on]
+  @ignored_default_callbacks = []
 
   @current_user_method = :current_user
   @auditing_enabled = true
@@ -41,7 +44,6 @@ module Audited
 end
 
 require "audited/auditor"
-require "audited/request_store"
 
 ActiveSupport.on_load :active_record do
   require "audited/audit"

data/lib/generators/audited/migration.rb

@@ -16,7 +16,7 @@ module Audited
       private
 
       def timestamped_migrations?
-        (Rails.version >= "7.0") ?
+        (Rails.gem_version >= Gem::Version.new("7.0")) ?
           ::ActiveRecord.timestamped_migrations :
           ::ActiveRecord::Base.timestamped_migrations
       end

data/spec/audited/auditor_spec.rb

@@ -245,6 +245,27 @@ describe Audited::Auditor do
       expect(user.audits.last.audited_changes["password"]).to eq(["My", "Custom", "Value", 7])
     end
 
+    context "when ignored_default_callbacks is set" do
+      before { Audited.ignored_default_callbacks = [:create] }
+      after { Audited.ignored_default_callbacks = [] }
+
+      it "should remove create callback" do
+        class DefaultCallback < ::ActiveRecord::Base
+          audited
+        end
+
+        expect(DefaultCallback.audited_options[:on]).to eq([:update, :touch, :destroy])
+      end
+
+      it "should keep create callback if specified" do
+        class CallbacksSpecified < ::ActiveRecord::Base
+          audited on: [:create, :update, :destroy]
+        end
+
+        expect(CallbacksSpecified.audited_options[:on]).to eq([:create, :update, :destroy])
+      end
+    end
+
     if ::ActiveRecord::VERSION::MAJOR >= 7
       it "should filter encrypted attributes" do
         user = Models::ActiveRecord::UserWithEncryptedPassword.create(password: "password")
@@ -358,6 +379,12 @@ describe Audited::Auditor do
         Models::ActiveRecord::OnUpdateDestroy.create!(name: "Bart")
       }.to_not change(Audited::Audit, :count)
     end
+
+    it "should save readonly columns" do
+      expect {
+        Models::ActiveRecord::UserWithReadOnlyAttrs.create!(name: "Bart")
+      }.to change(Audited::Audit, :count)
+    end
   end
 
   describe "on update" do
@@ -409,6 +436,16 @@ describe Audited::Auditor do
       expect { @user.update_attribute :activated, "1" }.to_not change(Audited::Audit, :count)
     end
 
+    context "with readonly attributes" do
+      before do
+        @user = create_user_with_readonly_attrs(status: "active")
+      end
+
+      it "should not save readonly columns" do
+        expect { @user.update! status: "banned" }.to_not change(Audited::Audit, :count)
+      end
+    end
+
     describe "with no dirty changes" do
       it "does not create an audit if the record is not changed" do
         expect {

data/spec/audited_spec.rb

@@ -3,16 +3,12 @@ require "spec_helper"
 describe Audited do
   describe "#store" do
     describe "maintains state of store" do
-      let(:current_user) { Audited::RequestStore.audited_store }
+      let(:current_user) { RequestStore.store[:audited_store] }
       before { Audited.store[:current_user] = current_user }
 
       it "checks store is not nil" do
         expect(Audited.store[:current_user]).to eq(current_user)
       end
-
-      it "when executed with Fibers" do
-        Fiber.new { expect(Audited.store[:current_user]).to eq(current_user) }.resume
-      end
     end
   end
 end

data/spec/audited_spec_helpers.rb

@@ -3,6 +3,10 @@ module AuditedSpecHelpers
     Models::ActiveRecord::User.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
   end
 
+  def create_user_with_readonly_attrs(attrs = {})
+    Models::ActiveRecord::UserWithReadOnlyAttrs.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
+  end
+
   def build_user(attrs = {})
     Models::ActiveRecord::User.new({name: "darth", username: "darth", password: "noooooooo"}.merge(attrs))
   end

data/spec/rails_app/config/application.rb

@@ -30,7 +30,7 @@ module RailsApp
           ActiveSupport::TimeWithZone ActiveSupport::TimeZone ActiveSupport::HashWithIndifferentAccess]
     end
 
-    if Rails.version >= "7.1"
+    if Rails.gem_version >= Gem::Version.new("7.1")
       config.active_support.cache_format_version = 7.1
     end
   end

data/spec/support/active_record/models.rb

@@ -5,11 +5,11 @@ module Models
   module ActiveRecord
     class User < ::ActiveRecord::Base
       audited except: :password
-      attribute :non_column_attr if Rails.version >= "5.1"
+      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
       attr_protected :logins if respond_to?(:attr_protected)
       enum status: {active: 0, reliable: 1, banned: 2}
 
-      if Rails.version >= "7.1"
+      if Rails.gem_version >= Gem::Version.new("7.1")
         serialize :phone_numbers, type: Array
       else
         serialize :phone_numbers, Array
@@ -27,7 +27,7 @@ module Models
 
     class UserOnlyPassword < ::ActiveRecord::Base
       self.table_name = :users
-      attribute :non_column_attr if Rails.version >= "5.1"
+      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
       audited only: :password
     end
 
@@ -54,6 +54,12 @@ module Models
       end
     end
 
+    class UserWithReadOnlyAttrs < ::ActiveRecord::Base
+      self.table_name = :users
+      audited
+      attr_readonly :status
+    end
+
     class CommentRequiredUser < ::ActiveRecord::Base
       self.table_name = :users
       audited except: :password, comment_required: true

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: audited
 version: !ruby/object:Gem::Version
-  version: 5.4.1
+  version: 5.4.3
 platform: ruby
 authors:
 - Brandon Keepers
@@ -10,10 +10,10 @@ authors:
 - Brian Ryckbost
 - Steve Richert
 - Ryan Glover
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-11-06 00:00:00.000000000 Z
+date: 2024-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -24,7 +24,7 @@ dependencies:
         version: '5.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '7.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -34,27 +34,21 @@ dependencies:
         version: '5.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '7.2'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: request_store
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '1.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -78,7 +72,7 @@ dependencies:
         version: '5.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '7.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -88,7 +82,7 @@ dependencies:
         version: '5.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7.7'
+        version: '7.2'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
@@ -187,6 +181,7 @@ extra_rdoc_files: []
 files:
 - ".github/workflows/buildlight.yml"
 - ".github/workflows/ci.yml"
+- ".github/workflows/publish_gem.yml"
 - ".gitignore"
 - ".standard.yml"
 - ".yardopts"
@@ -208,7 +203,6 @@ files:
 - lib/audited/audit.rb
 - lib/audited/auditor.rb
 - lib/audited/railtie.rb
-- lib/audited/request_store.rb
 - lib/audited/rspec_matchers.rb
 - lib/audited/sweeper.rb
 - lib/audited/version.rb
@@ -259,7 +253,7 @@ homepage: https://github.com/collectiveidea/audited
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -274,8 +268,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.7
-signing_key:
+rubygems_version: 3.5.3
+signing_key: 
 specification_version: 4
 summary: Log all changes to your models
 test_files: []

data/lib/audited/request_store.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-require "active_support"
-
-module Audited
-  class RequestStore < ActiveSupport::CurrentAttributes
-    attribute :audited_store
-  end
-end