audited 5.5.0 → 5.5.1.pre

data/spec/audited/rspec_matchers_spec.rb

@@ -1,69 +0,0 @@
-require "spec_helper"
-
-describe Models::ActiveRecord::UserExceptPassword do
-  let(:non_audited_columns) { subject.class.non_audited_columns }
-
-  it { should_not be_audited.only(non_audited_columns) }
-  it { should be_audited.except(:password) }
-  it { should_not be_audited.requires_comment }
-  it { should be_audited.on(:create, :update, :destroy) }
-  # test chaining
-  it { should be_audited.except(:password).on(:create, :update, :destroy) }
-end
-
-describe Models::ActiveRecord::UserOnlyPassword do
-  let(:audited_columns) { subject.class.audited_columns }
-
-  it { should be_audited.only(:password) }
-  it { should_not be_audited.except(audited_columns) }
-  it { should_not be_audited.requires_comment }
-  it { should be_audited.on(:create, :update, :destroy) }
-  it { should be_audited.only(:password).on(:create, :update, :destroy) }
-end
-
-describe Models::ActiveRecord::CommentRequiredUser do
-  let(:audited_columns) { subject.class.audited_columns }
-  let(:non_audited_columns) { subject.class.non_audited_columns }
-
-  it { should_not be_audited.only(non_audited_columns) }
-  it { should_not be_audited.except(audited_columns) }
-  it { should be_audited.requires_comment }
-  it { should be_audited.on(:create, :update, :destroy) }
-  it { should be_audited.requires_comment.on(:create, :update, :destroy) }
-end
-
-describe Models::ActiveRecord::OnCreateCommentRequiredUser do
-  let(:audited_columns) { subject.class.audited_columns }
-  let(:non_audited_columns) { subject.class.non_audited_columns }
-
-  it { should_not be_audited.only(non_audited_columns) }
-  it { should_not be_audited.except(audited_columns) }
-  it { should be_audited.requires_comment }
-  it { should be_audited.on(:create) }
-  it { should_not be_audited.on(:update, :destroy) }
-  it { should be_audited.requires_comment.on(:create) }
-end
-
-describe Models::ActiveRecord::OnUpdateCommentRequiredUser do
-  let(:audited_columns) { subject.class.audited_columns }
-  let(:non_audited_columns) { subject.class.non_audited_columns }
-
-  it { should_not be_audited.only(non_audited_columns) }
-  it { should_not be_audited.except(audited_columns) }
-  it { should be_audited.requires_comment }
-  it { should be_audited.on(:update) }
-  it { should_not be_audited.on(:create, :destroy) }
-  it { should be_audited.requires_comment.on(:update) }
-end
-
-describe Models::ActiveRecord::OnDestroyCommentRequiredUser do
-  let(:audited_columns) { subject.class.audited_columns }
-  let(:non_audited_columns) { subject.class.non_audited_columns }
-
-  it { should_not be_audited.only(non_audited_columns) }
-  it { should_not be_audited.except(audited_columns) }
-  it { should be_audited.requires_comment }
-  it { should be_audited.on(:destroy) }
-  it { should_not be_audited.on(:create, :update) }
-  it { should be_audited.requires_comment.on(:destroy) }
-end

data/spec/audited/sweeper_spec.rb

@@ -1,133 +0,0 @@
-require "spec_helper"
-
-SingleCov.covered!
-
-class AuditsController < ActionController::Base
-  before_action :populate_user
-
-  attr_reader :company
-
-  def create
-    @company = Models::ActiveRecord::Company.create
-    head :ok
-  end
-
-  def update
-    current_user.update!(password: "foo")
-    head :ok
-  end
-
-  private
-
-  attr_accessor :current_user
-  attr_accessor :custom_user
-
-  def populate_user
-  end
-end
-
-describe AuditsController do
-  include RSpec::Rails::ControllerExampleGroup
-  render_views
-
-  before do
-    Audited::Railtie.initializers.each(&:run)
-    Audited.current_user_method = :current_user
-  end
-
-  let(:user) { create_user }
-
-  describe "POST audit" do
-    it "should audit user" do
-      controller.send(:current_user=, user)
-      expect {
-        post :create
-      }.to change(Audited::Audit, :count)
-
-      expect(controller.company.audits.last.user).to eq(user)
-    end
-
-    it "does not audit when method is not found" do
-      controller.send(:current_user=, user)
-      Audited.current_user_method = :nope
-      expect {
-        post :create
-      }.to change(Audited::Audit, :count)
-      expect(controller.company.audits.last.user).to eq(nil)
-    end
-
-    it "should support custom users for sweepers" do
-      controller.send(:custom_user=, user)
-      Audited.current_user_method = :custom_user
-
-      expect {
-        post :create
-      }.to change(Audited::Audit, :count)
-
-      expect(controller.company.audits.last.user).to eq(user)
-    end
-
-    it "should record the remote address responsible for the change" do
-      request.env["REMOTE_ADDR"] = "1.2.3.4"
-      controller.send(:current_user=, user)
-
-      post :create
-
-      expect(controller.company.audits.last.remote_address).to eq("1.2.3.4")
-    end
-
-    it "should record a UUID for the web request responsible for the change" do
-      allow_any_instance_of(ActionDispatch::Request).to receive(:uuid).and_return("abc123")
-      controller.send(:current_user=, user)
-
-      post :create
-
-      expect(controller.company.audits.last.request_uuid).to eq("abc123")
-    end
-
-    it "should call current_user after controller callbacks" do
-      expect(controller).to receive(:populate_user) do
-        controller.send(:current_user=, user)
-      end
-
-      expect {
-        post :create
-      }.to change(Audited::Audit, :count)
-
-      expect(controller.company.audits.last.user).to eq(user)
-    end
-  end
-
-  describe "PUT update" do
-    it "should not save blank audits" do
-      controller.send(:current_user=, user)
-
-      expect {
-        put :update, params: {id: 123}
-      }.to_not change(Audited::Audit, :count)
-    end
-  end
-end
-
-describe Audited::Sweeper do
-  it "should be thread-safe" do
-    instance = Audited::Sweeper.new
-
-    t1 = Thread.new do
-      sleep 0.5
-      instance.controller = "thread1 controller instance"
-      expect(instance.controller).to eq("thread1 controller instance")
-    end
-
-    t2 = Thread.new do
-      instance.controller = "thread2 controller instance"
-      sleep 1
-      expect(instance.controller).to eq("thread2 controller instance")
-    end
-
-    t1.join
-    t2.join
-
-    expect(instance.controller).to be_nil
-  end
-end

data/spec/audited_spec.rb

@@ -1,14 +0,0 @@
-require "spec_helper"
-
-describe Audited do
-  describe "#store" do
-    describe "maintains state of store" do
-      let(:current_user) { RequestStore.store[:audited_store] }
-      before { Audited.store[:current_user] = current_user }
-
-      it "checks store is not nil" do
-        expect(Audited.store[:current_user]).to eq(current_user)
-      end
-    end
-  end
-end

data/spec/audited_spec_helpers.rb

@@ -1,36 +0,0 @@
-module AuditedSpecHelpers
-  def create_user(attrs = {})
-    Models::ActiveRecord::User.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
-  end
-
-  def create_user_with_readonly_attrs(attrs = {})
-    Models::ActiveRecord::UserWithReadOnlyAttrs.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
-  end
-
-  def build_user(attrs = {})
-    Models::ActiveRecord::User.new({name: "darth", username: "darth", password: "noooooooo"}.merge(attrs))
-  end
-
-  def create_versions(n = 2, attrs = {})
-    Models::ActiveRecord::User.create(name: "Foobar 1", **attrs).tap do |u|
-      (n - 1).times do |i|
-        u.update_attribute :name, "Foobar #{i + 2}"
-      end
-      u.reload
-    end
-  end
-
-  def run_migrations(direction, migrations_paths, target_version = nil)
-    if rails_below?("5.2.0.rc1")
-      ActiveRecord::Migrator.send(direction, migrations_paths, target_version)
-    elsif rails_below?("6.0.0.rc1")
-      ActiveRecord::MigrationContext.new(migrations_paths).send(direction, target_version)
-    else
-      ActiveRecord::MigrationContext.new(migrations_paths, ActiveRecord::SchemaMigration).send(direction, target_version)
-    end
-  end
-
-  def rails_below?(rails_version)
-    Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
-  end
-end

data/spec/rails_app/app/assets/config/manifest.js

@@ -1,2 +0,0 @@
-//= link application.js
-//= link application.css

data/spec/rails_app/config/application.rb

@@ -1,42 +0,0 @@
-require "active_record/railtie"
-
-module RailsApp
-  class Application < Rails::Application
-    config.root = File.expand_path("../../", __FILE__)
-    config.i18n.enforce_available_locales = true
-
-    if Rails.version.start_with?("7.1") && config.active_record.respond_to?(:yaml_column_permitted_classes=)
-      config.active_record.yaml_column_permitted_classes = [
-        String,
-        Symbol,
-        Integer,
-        NilClass,
-        Float,
-        Time,
-        Date,
-        FalseClass,
-        Hash,
-        Array,
-        DateTime,
-        TrueClass,
-        BigDecimal,
-        ActiveSupport::TimeWithZone,
-        ActiveSupport::TimeZone,
-        ActiveSupport::HashWithIndifferentAccess
-      ]
-    elsif !Rails.version.start_with?("5.0") && !Rails.version.start_with?("5.1") && config.active_record.respond_to?(:yaml_column_permitted_classes=)
-      config.active_record.yaml_column_permitted_classes =
-        %w[String Symbol Integer NilClass Float Time Date FalseClass Hash Array DateTime TrueClass BigDecimal
-          ActiveSupport::TimeWithZone ActiveSupport::TimeZone ActiveSupport::HashWithIndifferentAccess]
-    end
-
-    if Rails.gem_version >= Gem::Version.new("7.1")
-      config.active_support.cache_format_version = 7.1
-    end
-  end
-end
-
-require "active_record/connection_adapters/sqlite3_adapter"
-if ActiveRecord::ConnectionAdapters::SQLite3Adapter.respond_to?(:represent_boolean_as_integer)
-  ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true
-end

data/spec/rails_app/config/database.yml

@@ -1,26 +0,0 @@
-sqlite3mem: &SQLITE3MEM
-  adapter: sqlite3
-  database: ":memory:"
-
-sqlite3: &SQLITE
-  adapter: sqlite3
-  database: audited_test.sqlite3.db
-
-postgresql: &POSTGRES
-  adapter: postgresql
-  username: postgres
-  password: postgres
-  host: localhost
-  database: audited_test
-  min_messages: ERROR
-
-mysql: &MYSQL
-  adapter: mysql2
-  host: localhost
-  username: root
-  password: root
-  database: audited_test
-  charset: utf8
-
-test:
-  <<: *<%= ENV['DB'] || 'SQLITE3MEM' %>

data/spec/rails_app/config/environment.rb

@@ -1,5 +0,0 @@
-# Load the rails application
-require File.expand_path("../application", __FILE__)
-
-# Initialize the rails application
-RailsApp::Application.initialize!

data/spec/rails_app/config/environments/test.rb

@@ -1,52 +0,0 @@
-RailsApp::Application.configure do
-  # Settings specified here will take precedence over those in config/application.rb.
-
-  # The test environment is used exclusively to run your application's
-  # test suite. You never need to work with it otherwise. Remember that
-  # your test database is "scratch space" for the test suite and is wiped
-  # and recreated between test runs. Don't rely on the data there!
-  config.cache_classes = true
-
-  # Do not eager load code on boot. This avoids loading your whole application
-  # just for the purpose of running a single test. If you are using a tool that
-  # preloads Rails for running tests, you may have to set it to true.
-  config.eager_load = false
-
-  # Configure static file server for tests with Cache-Control for performance.
-  if config.respond_to?(:public_file_server)
-    config.public_file_server.enabled = true
-    config.public_file_server.headers = {"Cache-Control" => "public, max-age=3600"}
-  else
-    config.static_cache_control = "public, max-age=3600"
-    config.serve_static_files = true
-  end
-
-  # Show full error reports and disable caching.
-  config.consider_all_requests_local = true
-  # config.action_controller.perform_caching = false
-
-  # Raise exceptions instead of rendering exception templates.
-  config.action_dispatch.show_exceptions = false
-
-  # Disable request forgery protection in test environment.
-  # config.action_controller.allow_forgery_protection = false
-
-  # Tell Action Mailer not to deliver emails to the real world.
-  # The :test delivery method accumulates sent emails in the
-  # ActionMailer::Base.deliveries array.
-  # config.action_mailer.delivery_method = :test
-
-  # Randomize the order test cases are executed.
-  config.active_support.test_order = :random
-
-  # Print deprecation notices to the stderr.
-  config.active_support.deprecation = :stderr
-
-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
-
-  if ::ActiveRecord::VERSION::MAJOR >= 7
-    config.active_record.encryption.key_derivation_salt = SecureRandom.hex
-    config.active_record.encryption.primary_key = SecureRandom.hex
-  end
-end

data/spec/rails_app/config/initializers/backtrace_silencers.rb

@@ -1,7 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
-# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
-
-# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
-Rails.backtrace_cleaner.remove_silencers!

data/spec/rails_app/config/initializers/inflections.rb

@@ -1,2 +0,0 @@
-ActiveSupport::Inflector.inflections do |inflect|
-end

data/spec/rails_app/config/initializers/secret_token.rb

@@ -1,3 +0,0 @@
-Rails.application.config.secret_token = "ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571"
-Rails.application.config.session_store :cookie_store, key: "_my_app"
-Rails.application.config.secret_key_base = "secret value"

data/spec/rails_app/config/routes.rb

@@ -1,3 +0,0 @@
-Rails.application.routes.draw do
-  resources :audits
-end

data/spec/spec_helper.rb

@@ -1,24 +0,0 @@
-ENV["RAILS_ENV"] = "test"
-require "bundler/setup"
-require "single_cov"
-SingleCov.setup :rspec
-
-if Bundler.definition.dependencies.map(&:name).include?("protected_attributes")
-  require "protected_attributes"
-end
-require "rails_app/config/environment"
-require "rspec/rails"
-require "audited"
-require "audited-rspec"
-require "audited_spec_helpers"
-require "support/active_record/models"
-
-SPEC_ROOT = Pathname.new(File.expand_path("../", __FILE__))
-
-Dir[SPEC_ROOT.join("support/*.rb")].sort.each { |f| require f }
-
-RSpec.configure do |config|
-  config.include AuditedSpecHelpers
-  config.use_transactional_fixtures = false if Rails.version.start_with?("4.")
-  config.use_transactional_tests = false if config.respond_to?(:use_transactional_tests=)
-end

data/spec/support/active_record/models.rb

@@ -1,182 +0,0 @@
-require "cgi"
-require File.expand_path("../schema", __FILE__)
-
-module Models
-  module ActiveRecord
-    class User < ::ActiveRecord::Base
-      audited except: :password
-      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
-      attr_protected :logins if respond_to?(:attr_protected)
-      enum status: {active: 0, reliable: 1, banned: 2}
-
-      if Rails.gem_version >= Gem::Version.new("7.1")
-        serialize :phone_numbers, type: Array
-      else
-        serialize :phone_numbers, Array
-      end
-
-      def name=(val)
-        write_attribute(:name, CGI.escapeHTML(val))
-      end
-    end
-
-    class UserExceptPassword < ::ActiveRecord::Base
-      self.table_name = :users
-      audited except: :password
-    end
-
-    class UserOnlyPassword < ::ActiveRecord::Base
-      self.table_name = :users
-      attribute :non_column_attr if Rails.gem_version >= Gem::Version.new("5.1")
-      audited only: :password
-    end
-
-    class UserRedactedPassword < ::ActiveRecord::Base
-      self.table_name = :users
-      audited redacted: :password
-    end
-
-    class UserMultipleRedactedAttributes < ::ActiveRecord::Base
-      self.table_name = :users
-      audited redacted: [:password, :ssn]
-    end
-
-    class UserRedactedPasswordCustomRedaction < ::ActiveRecord::Base
-      self.table_name = :users
-      audited redacted: :password, redaction_value: ["My", "Custom", "Value", 7]
-    end
-
-    if ::ActiveRecord::VERSION::MAJOR >= 7
-      class UserWithEncryptedPassword < ::ActiveRecord::Base
-        self.table_name = :users
-        audited
-        encrypts :password
-      end
-    end
-
-    class UserWithReadOnlyAttrs < ::ActiveRecord::Base
-      self.table_name = :users
-      audited
-      attr_readonly :status
-    end
-
-    class CommentRequiredUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited except: :password, comment_required: true
-    end
-
-    class OnCreateCommentRequiredUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited comment_required: true, on: :create
-    end
-
-    class OnUpdateCommentRequiredUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited comment_required: true, on: :update
-    end
-
-    class OnDestroyCommentRequiredUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited comment_required: true, on: :destroy
-    end
-
-    class NoUpdateWithCommentOnlyUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited update_with_comment_only: false
-    end
-
-    class AccessibleAfterDeclarationUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited
-      attr_accessible :name, :username, :password if respond_to?(:attr_accessible)
-    end
-
-    class AccessibleBeforeDeclarationUser < ::ActiveRecord::Base
-      self.table_name = :users
-      attr_accessible :name, :username, :password if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
-      audited
-    end
-
-    class NoAttributeProtectionUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited
-    end
-
-    class UserWithAfterAudit < ::ActiveRecord::Base
-      self.table_name = :users
-      audited
-      attr_accessor :bogus_attr, :around_attr
-
-      private
-
-      def after_audit
-        self.bogus_attr = "do something"
-      end
-
-      def around_audit
-        self.around_attr = yield
-      end
-    end
-
-    class MaxAuditsUser < ::ActiveRecord::Base
-      self.table_name = :users
-      audited max_audits: 5
-    end
-
-    class Company < ::ActiveRecord::Base
-      audited
-    end
-
-    class Company::STICompany < Company
-    end
-
-    class Owner < ::ActiveRecord::Base
-      self.table_name = "users"
-      audited
-      has_associated_audits
-      has_many :companies, class_name: "OwnedCompany", dependent: :destroy
-      accepts_nested_attributes_for :companies
-      enum status: {active: 0, reliable: 1, banned: 2}
-    end
-
-    class OwnedCompany < ::ActiveRecord::Base
-      self.table_name = "companies"
-      belongs_to :owner, class_name: "Owner", touch: true
-      attr_accessible :name, :owner if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
-      audited associated_with: :owner
-    end
-
-    class OwnedCompany::STICompany < OwnedCompany
-    end
-
-    class OnUpdateDestroy < ::ActiveRecord::Base
-      self.table_name = "companies"
-      audited on: [:update, :destroy]
-    end
-
-    class OnCreateDestroy < ::ActiveRecord::Base
-      self.table_name = "companies"
-      audited on: [:create, :destroy]
-    end
-
-    class OnCreateDestroyUser < ::ActiveRecord::Base
-      self.table_name = "users"
-      audited on: [:create, :destroy]
-    end
-
-    class OnCreateDestroyExceptName < ::ActiveRecord::Base
-      self.table_name = "companies"
-      audited except: :name, on: [:create, :destroy]
-    end
-
-    class OnCreateUpdate < ::ActiveRecord::Base
-      self.table_name = "companies"
-      audited on: [:create, :update]
-    end
-
-    class OnTouchOnly < ::ActiveRecord::Base
-      self.table_name = "users"
-      audited on: [:touch]
-    end
-  end
-end

data/spec/support/active_record/postgres/1_change_audited_changes_type_to_json.rb

@@ -1,11 +0,0 @@
-class ChangeAuditedChangesTypeToJson < ActiveRecord::Migration[5.0]
-  def self.up
-    remove_column :audits, :audited_changes
-    add_column :audits, :audited_changes, :json
-  end
-
-  def self.down
-    remove_column :audits, :audited_changes
-    add_column :audits, :audited_changes, :text
-  end
-end

data/spec/support/active_record/postgres/2_change_audited_changes_type_to_jsonb.rb

@@ -1,11 +0,0 @@
-class ChangeAuditedChangesTypeToJsonb < ActiveRecord::Migration[5.0]
-  def self.up
-    remove_column :audits, :audited_changes
-    add_column :audits, :audited_changes, :jsonb
-  end
-
-  def self.down
-    remove_column :audits, :audited_changes
-    add_column :audits, :audited_changes, :text
-  end
-end