rails_audit 1.0.0 → 1.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b00d680dc06b9a63f46de5eae06eaa3773cbb058ea9a0c89cbdc7e9f09c10d93
-  data.tar.gz: 6c8809e533386113ae62445b4f5fe2edad9f9f58ab2e621d669c200852fadaa5
+  metadata.gz: cef87b6bd4b0647da33ae95b4e8f1160d9cee3bc979033214293d9a0ccea2d39
+  data.tar.gz: bce954e37568dfe314096f18e998906e68905b862af8caeaf9715007569d381b
 SHA512:
-  metadata.gz: 22dcddf8435cd9c68cfb2cfcd38162793441631fcbf4e413649fbb553ef7c03b140f244881abb58fff4877780be6d114d52d007c8e2a78715cef8c450609c21f
-  data.tar.gz: 6db91495ac3d6c5eab814163030629f3e4767cb36126fefdd6610fe649e35135119e4eef9c4751a37c093d4b2b1f375009459c138162ecbff7af42902bc52db4
+  metadata.gz: 8159c54eda42df1a6d3974526f98c84839134bfa294510c3114c1d7810ab61bfdc284e64c65482e22487696b132f94e1df9e8044ab4eb2e5506ac20924af0795
+  data.tar.gz: 519850e7b7fc226401bc95c05a715e88b5c0d83f62f46aca8927163a1adabd5fcc64b25015b964f9722c49be4a61e15c5279939806c6e3fd8c7cb1b8c733b960

data/LICENSE

@@ -1,165 +1,20 @@
-                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
-  This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
-  0. Additional Definitions.
-
-  As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
-  "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
-  An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
-  A "Combined Work" is a work produced by combining or linking an
-Application with the Library.  The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
-  The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
-  The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
-  1. Exception to Section 3 of the GNU GPL.
-
-  You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
-  2. Conveying Modified Versions.
-
-  If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
-   a) under this License, provided that you make a good faith effort to
-   ensure that, in the event an Application does not supply the
-   function or data, the facility still operates, and performs
-   whatever part of its purpose remains meaningful, or
-
-   b) under the GNU GPL, with none of the additional permissions of
-   this License applicable to that copy.
-
-  3. Object Code Incorporating Material from Library Header Files.
-
-  The object code form of an Application may incorporate material from
-a header file that is part of the Library.  You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
-   a) Give prominent notice with each copy of the object code that the
-   Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the object code with a copy of the GNU GPL and this license
-   document.
-
-  4. Combined Works.
-
-  You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
-   a) Give prominent notice with each copy of the Combined Work that
-   the Library is used in it and that the Library and its use are
-   covered by this License.
-
-   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-   document.
-
-   c) For a Combined Work that displays copyright notices during
-   execution, include the copyright notice for the Library among
-   these notices, as well as a reference directing the user to the
-   copies of the GNU GPL and this license document.
-
-   d) Do one of the following:
-
-       0) Convey the Minimal Corresponding Source under the terms of this
-       License, and the Corresponding Application Code in a form
-       suitable for, and under terms that permit, the user to
-       recombine or relink the Application with a modified version of
-       the Linked Version to produce a modified Combined Work, in the
-       manner specified by section 6 of the GNU GPL for conveying
-       Corresponding Source.
-
-       1) Use a suitable shared library mechanism for linking with the
-       Library.  A suitable mechanism is one that (a) uses at run time
-       a copy of the Library already present on the user's computer
-       system, and (b) will operate properly with a modified version
-       of the Library that is interface-compatible with the Linked
-       Version.
-
-   e) Provide Installation Information, but only if you would otherwise
-   be required to provide such information under section 6 of the
-   GNU GPL, and only to the extent that such information is
-   necessary to install and execute a modified version of the
-   Combined Work produced by recombining or relinking the
-   Application with a modified version of the Linked Version. (If
-   you use option 4d0, the Installation Information must accompany
-   the Minimal Corresponding Source and Corresponding Application
-   Code. If you use option 4d1, you must provide the Installation
-   Information in the manner specified by section 6 of the GNU GPL
-   for conveying Corresponding Source.)
-
-  5. Combined Libraries.
-
-  You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
-   a) Accompany the combined library with a copy of the same work based
-   on the Library, uncombined with any other library facilities,
-   conveyed under the terms of this License.
-
-   b) Give prominent notice with the combined library that part of it
-   is a work based on the Library, and explaining where to find the
-   accompanying uncombined form of the same work.
-
-  6. Revised Versions of the GNU Lesser General Public License.
-
-  The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
-  Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
-  If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
+Copyright (c) 2015-Present Mingyuan Qin <mingyuan0715@foxmail.com>
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -1,5 +1,9 @@
 # RailsAudit
 
+[![测试](https://github.com/work-design/rails_audit/actions/workflows/test.yml/badge.svg)](https://github.com/work-design/rails_audit/actions/workflows/test.yml)
+[![Docker构建](https://github.com/work-design/rails_audit/actions/workflows/cd.yml/badge.svg)](https://github.com/work-design/rails_audit/actions/workflows/cd.yml)
+[![Gem](https://github.com/work-design/rails_audit/actions/workflows/gempush.yml/badge.svg)](https://github.com/work-design/rails_audit/actions/workflows/gempush.yml)
+
 Unlike [audited](https://github.com/collectiveidea/audited) and [paper_trail](https://github.com/airblade/paper_trail) etc. These model audit tools use model callbacks to record every changes.
 
 `rails_audit` record ActiveRecord Model changes in Controllers, it will record context with model changes:
@@ -21,11 +25,11 @@ Unlike [audited](https://github.com/collectiveidea/audited) and [paper_trail](ht
 ## Usage
 
 ### in Model
-1. include Auditable
+1. include Audited
 
 ```ruby
 class User < ActiveRecord::Base
-  include Auditable
+  include RailsAuditExt::Audited
   
 end
 
@@ -35,11 +39,19 @@ end
 
 ```ruby
 class UsersController < ApplicationController
-  
+  include RailsAudit::Application
   # use after action, will auto record changes by use saved_changes api
   after_action only: [:update, :create, :destroy] do
-    mark_audites(User, note: 'note something!', extra: { client_headers: request.headers })
+    mark_audits(instance: [:@user, :@role], local: [:current_user], note: 'note something!', extra: { client_headers: request.headers.as_json })
   end
   
 end
-```
+```
+
+### in View
+```ruby
+  link_to 'Audits', audits_path('User', user.id)
+```
+
+## 许可证
+许可证采用 [LGPL License](https://opensource.org/licenses/LGPL-3.0)

data/app/controllers/auditor/admin/approvals_controller.rb

@@ -0,0 +1,44 @@
+module Auditor
+  class Admin::ApprovalsController < Admin::BaseController
+    before_action :set_approval, only: [:show, :edit, :update, :destroy]
+
+    def index
+      q_params = {}
+      q_params.merge! params.permit(:approving_type, :approving_id)
+
+      @approvals = Approval.default_where(q_params).order(id: :desc).page(params[:page])
+    end
+
+    def show
+    end
+
+    def edit
+    end
+
+    def update
+      @approval.assign_attributes(approval_params)
+
+      unless @approval.save
+        render :edit, locals: { model: @approval }, status: :unprocessable_entity
+      end
+    end
+
+    def destroy
+      @approval.destroy
+    end
+
+    private
+    def set_approval
+      @approval = Approval.find(params[:id])
+    end
+
+    def approval_params
+      params.fetch(:approval, {}).permit(
+        :pending_changes,
+        :approved,
+        :state
+      )
+    end
+
+  end
+end

data/app/controllers/auditor/admin/audits_controller.rb

@@ -0,0 +1,11 @@
+module Auditor
+  class Admin::AuditsController < Admin::BaseController
+
+    def index
+      q_params = {}
+      q_params.merge! params.permit(:audited_type, :audited_id)
+      @audits = Audit.default_where(q_params).order(id: :desc).page(params[:page])
+    end
+
+  end
+end

data/app/controllers/auditor/admin/base_controller.rb

@@ -0,0 +1,4 @@
+module Auditor
+  class Admin::BaseController < AdminController
+  end
+end

data/app/controllers/auditor/admin/verifications_controller.rb

@@ -0,0 +1,61 @@
+module Auditor
+  class Admin::VerificationsController < Admin::BaseController
+    before_action :set_check, only: [:show, :edit, :update, :destroy]
+
+    def index
+      @verifications = Verification.page(params[:page])
+    end
+
+    def new
+      @verification = Verification.new(state: params[:state])
+    end
+
+    def create
+      @verification = Verification.new(check_params)
+
+      unless @verification.save
+        render :new, locals: { model: @verification }, status: :unprocessable_entity
+      end
+    end
+
+    def show
+    end
+
+    def edit
+    end
+
+    def update
+      @verification.assign_attributes(check_params)
+
+      unless @verification.save
+        render :edit, locals: { model: @verification }, status: :unprocessable_entity
+      end
+    end
+
+    def destroy
+      @verification.destroy
+    end
+
+    private
+    def set_verified
+      @verified = params[:verified_type].safe_constantize&.find_by(id: params[:verified_id])
+    end
+
+    def set_check
+      @verification = Verification.find(params[:id])
+    end
+
+    def check_params
+      q = params.fetch(:verification, {}).permit(
+        :comment,
+        :confirmed,
+        :state
+      )
+      q.merge! verified_type: params[:verified_type], verified_id: params[:verified_id]
+      q.merge! member_id: current_member&.id
+      q.merge! user_id: current_user.id
+      q
+    end
+
+  end
+end

data/app/controllers/auditor/admin/verifiers_controller.rb

@@ -0,0 +1,69 @@
+module Auditor
+  class Admin::VerifiersController < Admin::BaseController
+    before_action :set_verifier, only: [:show, :edit, :update, :destroy]
+    before_action :prepare_form, only: [:new, :edit]
+
+    def index
+      @verifiers = Verifier.page(params[:page])
+    end
+
+    def new
+      @verifier = Verifier.new
+    end
+
+    def members
+      @verifier = Verifier.new params.permit(:verifiable_type, :verifiable_id)
+      @verifier.assign_attributes verifier_params.slice(:job_title_id)
+
+      @members = Member.default_where('member_departments.job_title_id': verifier_params[:job_title_id])
+    end
+
+    def create
+      @verifier = Verifier.new(verifier_params)
+
+      unless @verifier.save
+        render :new, locals: { model: @verifier }, status: :unprocessable_entity
+      end
+    end
+
+    def show
+    end
+
+    def edit
+    end
+
+    def update
+      @verifier.assign_attributes(verifier_params)
+
+      unless @verifier.save
+        render :edit, locals: { model: @verifier }, status: :unprocessable_entity
+      end
+    end
+
+    def destroy
+      @verifier.destroy
+    end
+
+    private
+    def prepare_form
+      q_params = {}
+      q_params.merge! default_params
+
+      @job_titles = Org::JobTitle.default_where(q_params)
+    end
+
+    def set_verifier
+      @verifier = Verifier.find(params[:id])
+    end
+
+    def verifier_params
+      p = params.fetch(:verifier, {}).permit(
+        :name,
+        :job_title_id,
+        :member_id
+      )
+      p.merge! params.permit(:verifiable_type, :verifiable_id)
+    end
+
+  end
+end

data/app/controllers/auditor/controller/application.rb

@@ -0,0 +1,32 @@
+module Auditor
+  module Controller::Application
+
+    # after_action
+    def mark_audits(instance: [], local: [], **options)
+      instance_records = Array(instance).map!(&:to_sym) & valid_ivars
+      instance_records.each do |ivar|
+        record = instance_variable_get(ivar)
+        next unless record.is_a?(ActiveRecord::Base)
+        save_audits(record, **options)
+      end
+
+      local_records = Array(local).map!(&:to_sym) & local_variables
+      local_records.each do |ivar|
+        record = eval(ivar)
+        next unless record.is_a?(ActiveRecord::Base)
+        save_audits(record, **options)
+      end
+    end
+
+    def save_audits(record, **options)
+      record.save_audits(
+        operator: rails_audit_user,
+        controller_path: controller_path,
+        action_name: action_name,
+        remote_ip: request.remote_ip,
+        **options.slice(:only, :except, :include, :note, :extra)
+      )
+    end
+
+  end
+end

data/app/models/auditor/approval.rb

@@ -0,0 +1,5 @@
+module Auditor
+  class Approval < ApplicationRecord
+    include Model::Approval
+  end
+end

data/app/models/auditor/audit.rb

@@ -0,0 +1,5 @@
+module Auditor
+  class Audit < ApplicationRecord
+    include Model::Audit
+  end
+end

data/app/models/auditor/ext/audited.rb

@@ -0,0 +1,58 @@
+module Auditor
+  module Ext::Audited
+    extend ActiveSupport::Concern
+
+    included do
+      has_many :audits, class_name: 'Auditor::Audit', as: :audited
+    end
+
+    # user: {
+    #   id: 1,
+    #   changes: {
+    #     name: ['a', 'b']
+    #   }
+    # }
+    # params same as as_json
+    def save_audits(operator:, only: [], except: [], include: [], **extra_options)
+      audit = self.audits.build
+      if only.present?
+        audit.audited_changes = self.saved_changes.slice(*only)
+      else
+        except = RailsAudit.config.default_except + except
+        audit.audited_changes = self.saved_changes.except(*except)
+      end
+
+      result = {}
+      include.each do |key|
+        targets = self.public_send(key)
+        attr_key = "#{key}_attributes"
+        result[attr_key] = []
+
+        Array(targets).each do |target|
+          _saved_changes = target.saved_changes.except(*RailsAudit.config.default_except)
+
+          if _saved_changes.present?
+            result[attr_key] << { id: target.id }.merge!(_saved_changes)
+          end
+        end
+      end
+      audit.related_changes = result
+
+      return if audit.audited_changes.blank? && audit.related_changes.blank?
+
+      if self.destroyed?
+        audit.action = 'destroy'
+      end
+
+      audit.operator_type = operator.class.name
+      audit.operator_id = operator.id
+      audit.note = extra_options.delete(:note)
+      audit.controller_path = extra_options.delete(:controller_path)
+      audit.action_name = extra_options.delete(:action_name)
+      audit.remote_ip = extra_options.delete(:remote_ip)
+      audit.extra = extra_options
+      audit.save
+    end
+
+  end
+end

data/app/models/auditor/ext/verifiable.rb

@@ -0,0 +1,10 @@
+module Auditor
+  module Ext::Verifiable
+    extend ActiveSupport::Concern
+
+    included do
+      has_many :verifiers, -> { order(position: :asc) }, class_name: 'Auditor::Verifier', as: :verifiable, dependent: :delete_all
+    end
+
+  end
+end

data/app/models/auditor/ext/verified.rb

@@ -0,0 +1,25 @@
+module Auditor
+  module Ext::Verified
+    extend ActiveSupport::Concern
+
+    included do
+      include Com::Ext::StateMachine
+      has_many :verifications, -> { order(position: :asc) }, class_name: 'Auditor::Verification', as: :verified, dependent: :delete_all, inverse_of: :verified
+    end
+
+    def all_verifications
+      verifiers.map do |verifier|
+        verifications.find(&->(i){ i.verifier_id == verifier.id }) || verifications.build(verifier: verifier)
+      end
+    end
+
+    def next_verifiers
+      taxon.verifiers.where.not(id: verifications.pluck(:verifier_id))
+    end
+
+    def next_verifier
+      next_verifiers[0]
+    end
+
+  end
+end

data/app/models/auditor/model/approval.rb

@@ -0,0 +1,59 @@
+module Auditor
+  module Model::Approval
+    extend ActiveSupport::Concern
+
+    included do
+      attribute :approved, :boolean, default: false
+      attribute :pending_changes, :json, default: {}
+      attribute :related_changes, :json, default: {}
+      attribute :comment, :string
+      attribute :approved_at, :datetime
+      attribute :unapproved_approvals_count, :integer, default: 0
+
+      belongs_to :approving, polymorphic: true
+      belongs_to :operator, polymorphic: true, optional: true
+
+      enum state: {
+        init: 'init'
+      }, _default: 'init'
+
+      before_update :apply_changes, if: -> { approved_changed? }
+
+      def pending_changes_i18n
+        pending_changes.transform_keys { |key| approving.class.human_attribute_name(key) }
+      end
+
+      def apply_changes
+        if approved
+          self.approved_at = Time.current
+          approving.assign_attributes apply_attributes
+        else
+          self.approved_at = Time.current
+          approving.assign_attributes revert_attributes
+        end
+
+        approving.save
+      end
+
+      def apply_attributes
+        r1 = pending_changes.transform_values { |i| i[-1] }
+        r2 = related_changes.transform_values do |i|
+          i.map { |si| si.transform_values(&->(c){ Array(c)[-1] }) }
+        end
+
+        r1.merge! r2
+      end
+
+      def revert_attributes
+        r1 = pending_changes.transform_values { |i| i[0] }
+        r2 = related_changes.transform_values do |i|
+          i.map { |si| si.transform_values(&->(c){ Array(c)[0] }) }
+        end
+
+        r1.merge! r2
+      end
+
+    end
+
+  end
+end