rails_audit_log-graphql 0.3.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e8365cc8fe6ee9823f9cc1ec386fe119675e60fb70214e4fd91e3133c4b1c208
-  data.tar.gz: 89251a109b0d83c5150fd3b93253a8152421c9eb5bb2ef6ddc2be7304761e451
+  metadata.gz: f64cce54638f8999c6489e0881a1fedfcb447b0b5b8f52270a0d8247719c8f19
+  data.tar.gz: 4b1225952a5a6adce3a5a03b804360765b0c70b9ad9a9688db96ba34139430c5
 SHA512:
-  metadata.gz: dc978f7e8627a1f0449ee93e0abe737eb1e4a5b348d66295fb9630a5714553ea2b4d594a69e55fc682724fbc689493592ad656b217cb17f5150614746416224c
-  data.tar.gz: b93fdc0c1577144640b5475c7af57407827ffe015d3579aa2d4fd2c1d3b58ccd5b31c891b66790a9c75e745eb4b5c674172d79c0fdd9c3a2dc8a26caa3b00356
+  metadata.gz: 0b54b242a022b49d1917dd3c0370f96bde5ec210dad8959a34bc424132c7efd97aa0e1f781cebd0eaf21056b3b29c2c0c9632c08e94a4b0e2da851afe57044e5
+  data.tar.gz: fb448e67961e641eb6ce89081e832082cfa886856ccbd5f4d5de767d1bd21835d38034e6dd55a4d00b1f633f58da6a094e5d8e4e4886c24a6aece095386023f2

data/CHANGELOG.md

@@ -1,5 +1,22 @@
 ## [Unreleased]
 
+## [0.5.0] - 2026-06-04
+
+### Added
+
+- `forTenant:` argument on `auditLogEntry`, `auditLogEntries`, and `auditLogEntriesConnection` — explicitly scope results to a tenant ID; overrides auto-tenant
+- Auto-tenant scoping — when `RailsAuditLog.current_tenant` is configured, all queries automatically filter to the current tenant without requiring an explicit argument
+- `auditLogEntriesCount(event:, itemType:, since:)` — new aggregation query returning the count of matching entries; respects auto-tenant
+
+## [0.4.0] - 2026-06-04
+
+### Added
+
+- `AuditLogEntryCreated` subscription — `auditLogEntryCreated(itemType:, itemId:)` subscribes to new entries for a specific record; `auditLogEntryCreated(actorId:)` subscribes to all entries by a specific actor
+- `AuditLogSubscriptionsMixin` — include into host app's `SubscriptionType` to add the `auditLogEntryCreated` subscription field
+- `BaseSubscription` base class for all gem GraphQL subscription types
+- `Broadcaster` — call `Broadcaster.new(schema: MySchema).start` in an initializer to relay `rails_audit_log.entry_created` `ActiveSupport::Notifications` events into GraphQL subscription triggers; supports `stop` to unsubscribe
+
 ## [0.3.0] - 2026-06-03
 
 ### Added

data/README.md

@@ -20,7 +20,13 @@ A [graphql-ruby](https://graphql-ruby.org) API layer for the [`rails_audit_log`]
     - [auditLogEntry](#auditlogentryid-id-auditlogentry)
     - [auditLogEntries](#auditlogentries-auditlogentry)
     - [auditLogEntriesConnection](#auditlogentriesconnection-auditlogentryconnection)
+    - [auditLogEntriesCount](#auditlogentriescount-int)
+    - [Tenant scoping](#tenant-scoping)
   - [Authentication](#authentication)
+  - [Subscriptions](#subscriptions)
+    - [AuditLogSubscriptionsMixin](#auditlogsubscriptionsmixin)
+    - [auditLogEntryCreated](#auditlogentrycreated)
+    - [Broadcaster](#broadcaster)
 - [Development](#development)
 - [Contributing](#contributing)
 - [License](#license)
@@ -148,6 +154,7 @@ List entries with optional filters and offset pagination.
 | `until` | `ISO8601DateTime` | — | Return entries created at or before this time |
 | `touching` | `String` | — | Filter to entries that changed a specific attribute |
 | `orderBy` | `AuditLogEntrySortInput` | `CREATED_AT DESC` | Sort field and direction |
+| `forTenant` | `String` | — | Scope to a specific tenant ID; overrides auto-tenant |
 | `page` | `Int` | `1` | Page number (1-based) |
 | `perPage` | `Int` | `25` | Results per page |
 
@@ -163,6 +170,7 @@ Same filters as `auditLogEntries`, but returns a [Relay-style connection](https:
 | `itemType` | `String` | Filter by audited model class name |
 | `itemId` | `ID` | Filter by audited record ID |
 | `actorId` | `ID` | Filter by actor ID |
+| `forTenant` | `String` | Scope to a specific tenant ID; overrides auto-tenant |
 | `first` | `Int` | Return the first N edges after `after` |
 | `after` | `String` | Cursor to paginate forward from |
 | `last` | `Int` | Return the last N edges before `before` |
@@ -203,6 +211,40 @@ Results are ordered by `created_at DESC`.
 
 [↑ Back to top](#table-of-contents)
 
+#### `auditLogEntriesCount(...): Int!`
+
+Returns the count of matching audit log entries. Respects auto-tenant when `RailsAuditLog.current_tenant` is configured.
+
+| Argument | Type | Description |
+|---|---|---|
+| `event` | `String` | Filter by event type (`create`, `update`, `destroy`) |
+| `itemType` | `String` | Filter by audited model class name |
+| `since` | `ISO8601DateTime` | Count entries created at or after this time |
+
+```graphql
+{ auditLogEntriesCount(event: "update", itemType: "Post") }
+```
+
+[↑ Back to top](#table-of-contents)
+
+#### Tenant scoping
+
+When `RailsAuditLog.current_tenant` is configured, all queries automatically filter to the current tenant:
+
+```ruby
+RailsAuditLog.configure do |c|
+  c.current_tenant { Current.tenant_id }
+end
+```
+
+To override or explicitly specify a tenant per query, use the `forTenant:` argument (available on `auditLogEntry`, `auditLogEntries`, and `auditLogEntriesConnection`):
+
+```graphql
+{ auditLogEntries(forTenant: "acme") { id event } }
+```
+
+[↑ Back to top](#table-of-contents)
+
 ### Authentication
 
 If `RailsAuditLog.authenticate` is configured, the block is called with the GraphQL context before every query. Return a truthy value to allow access; return falsy to raise `GraphQL::ExecutionError` with `"Unauthorized"`.
@@ -217,6 +259,84 @@ If no authenticate block is set, all queries are permitted.
 
 [↑ Back to top](#table-of-contents)
 
+### Subscriptions
+
+Requires Action Cable in the host application.
+
+#### AuditLogSubscriptionsMixin
+
+Include `RailsAuditLog::Graphql::Subscriptions::AuditLogSubscriptionsMixin` into your app's `SubscriptionType` to add the `auditLogEntryCreated` field. Your schema must also use `GraphQL::Subscriptions::ActionCableSubscriptions`.
+
+```ruby
+# app/graphql/types/subscription_type.rb
+class Types::SubscriptionType < Types::BaseObject
+  include RailsAuditLog::Graphql::Subscriptions::AuditLogSubscriptionsMixin
+end
+
+# app/graphql/my_schema.rb
+class MySchema < GraphQL::Schema
+  query Types::QueryType
+  subscription Types::SubscriptionType
+  use GraphQL::Subscriptions::ActionCableSubscriptions
+end
+```
+
+#### `auditLogEntryCreated`
+
+Fires when a new `RailsAuditLog::AuditLogEntry` is created. Accepts one of two argument combinations:
+
+| Argument | Type | Description |
+|---|---|---|
+| `itemType` | `String` | Model class name to scope the subscription to |
+| `itemId` | `ID` | Record ID to scope the subscription to |
+| `actorId` | `ID` | Actor ID — subscribe to all entries by a specific actor |
+
+Subscribe to all changes on a specific record:
+
+```graphql
+subscription {
+  auditLogEntryCreated(itemType: "Post", itemId: "42") {
+    id
+    event
+    diff { attribute from to }
+  }
+}
+```
+
+Subscribe to all entries by a specific actor:
+
+```graphql
+subscription {
+  auditLogEntryCreated(actorId: "7") {
+    id
+    event
+    itemType
+    itemId
+  }
+}
+```
+
+#### Broadcaster
+
+`RailsAuditLog::Graphql::Subscriptions::Broadcaster` bridges `ActiveSupport::Notifications` (fired by `RailsAuditLog::Streaming::NotificationsAdapter` or `ActiveJobAdapter`) to GraphQL subscription triggers. Start it in an initializer:
+
+```ruby
+# config/initializers/rails_audit_log_graphql.rb
+RailsAuditLog.configure do |c|
+  c.streaming_adapter = RailsAuditLog::Streaming::NotificationsAdapter.new
+end
+
+Rails.application.config.after_initialize do
+  RailsAuditLog::Graphql::Subscriptions::Broadcaster.new(schema: MySchema).start
+end
+```
+
+For each entry, the broadcaster triggers:
+- `auditLogEntryCreated(itemType:, itemId:)` — notifies record-specific subscribers
+- `auditLogEntryCreated(actorId:)` — notifies actor-specific subscribers (when an actor is present)
+
+[↑ Back to top](#table-of-contents)
+
 ## Development
 
 ```bash

data/ROADMAP.md

@@ -4,24 +4,6 @@ This gem adds a GraphQL API layer on top of [`rails_audit_log`](https://github.c
 
 ---
 
-## 0.4.0 — Subscriptions
-
-Requires Action Cable in the host application.
-
-- **`auditLogEntryCreated(itemType:, itemId:)`** — subscribe to new entries for a specific record
-- **`auditLogEntryCreated(actorId:)`** — subscribe to all entries by a specific actor
-- Hooks into `RailsAuditLog::Streaming::NotificationsAdapter` to trigger broadcasts
-
----
-
-## 0.5.0 — Multi-tenancy & Advanced Filtering
-
-- **Tenant scoping** — automatically scope queries via `RailsAuditLog.current_tenant` when configured
-- **`forTenant:` argument** — explicit tenant filter on `auditLogEntries`
-- **Aggregations** — `auditLogEntriesCount(event:, itemType:, since:)` for dashboard metrics
-
----
-
 ## 0.6.0 — Performance & Safety
 
 - **Dataloader batch loading** — batch-resolve polymorphic `actor` and `item` associations using graphql-ruby's `dataloader` to eliminate N+1 queries on list responses

data/lib/rails_audit_log/graphql/queries/audit_log_entries_query_mixin.rb

@@ -14,6 +14,8 @@ module RailsAuditLog
           ) do
             argument :id, GraphQL::Types::ID, required: true,
               description: "ID of the audit log entry."
+            argument :for_tenant, String, required: false,
+              description: "Scope to a specific tenant ID. Overrides auto-tenant when RailsAuditLog.current_tenant is configured."
           end
 
           base.field(
@@ -31,6 +33,8 @@ module RailsAuditLog
             argument :until, GraphQL::Types::ISO8601DateTime, required: false, as: :until_time, description: "Return entries created at or before this time."
             argument :touching, String, required: false, description: "Filter to entries that changed a specific attribute (matches object_changes keys)."
             argument :order_by, RailsAuditLog::Graphql::InputObjects::AuditLogEntrySortInput, required: false, description: "Sort order. Defaults to CREATED_AT DESC."
+            argument :for_tenant, String, required: false,
+              description: "Scope to a specific tenant ID. Overrides auto-tenant when RailsAuditLog.current_tenant is configured."
             argument :page, GraphQL::Types::Int, required: false, default_value: 1, description: "Page number (1-based)."
             argument :per_page, GraphQL::Types::Int, required: false, default_value: 25, description: "Number of results per page."
           end
@@ -50,28 +54,55 @@ module RailsAuditLog
             argument :until, GraphQL::Types::ISO8601DateTime, required: false, as: :until_time, description: "Return entries created at or before this time."
             argument :touching, String, required: false, description: "Filter to entries that changed a specific attribute (matches object_changes keys)."
             argument :order_by, RailsAuditLog::Graphql::InputObjects::AuditLogEntrySortInput, required: false, description: "Sort order. Defaults to CREATED_AT DESC."
+            argument :for_tenant, String, required: false,
+              description: "Scope to a specific tenant ID. Overrides auto-tenant when RailsAuditLog.current_tenant is configured."
+          end
+
+          base.field(
+            :audit_log_entries_count,
+            GraphQL::Types::Int,
+            null: false,
+            description: "Count audit log entries with optional filters. Respects auto-tenant when RailsAuditLog.current_tenant is configured.",
+            resolver_method: :resolve_audit_log_entries_count
+          ) do
+            argument :event, String, required: false, description: "Filter by event type (create, update, destroy)."
+            argument :item_type, String, required: false, description: "Filter by audited model class name."
+            argument :since, GraphQL::Types::ISO8601DateTime, required: false, description: "Count entries created at or after this time."
           end
         end
 
-        def resolve_audit_log_entry(id:)
+        def resolve_audit_log_entry(id:, for_tenant: nil)
           check_authentication!
-          RailsAuditLog::AuditLogEntry.find_by(id: id)
+          tenant_id = for_tenant || RailsAuditLog.current_tenant&.call
+          base = tenant_id ? RailsAuditLog::AuditLogEntry.for_tenant(tenant_id) : RailsAuditLog::AuditLogEntry
+          base.find_by(id: id)
         end
 
-        def resolve_audit_log_entries(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil, page: 1, per_page: 25)
+        def resolve_audit_log_entries(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil, for_tenant: nil, page: 1, per_page: 25)
           check_authentication!
-          scope = build_scope(event: event, item_type: item_type, item_id: item_id, actor_id: actor_id, since: since, until_time: until_time, touching: touching, order_by: order_by)
+          scope = build_scope(event: event, item_type: item_type, item_id: item_id, actor_id: actor_id, since: since, until_time: until_time, touching: touching, order_by: order_by, for_tenant: for_tenant)
           scope.limit(per_page).offset((page - 1) * per_page)
         end
 
-        def resolve_audit_log_entries_connection(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil)
+        def resolve_audit_log_entries_connection(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil, for_tenant: nil)
           check_authentication!
-          build_scope(event: event, item_type: item_type, item_id: item_id, actor_id: actor_id, since: since, until_time: until_time, touching: touching, order_by: order_by)
+          build_scope(event: event, item_type: item_type, item_id: item_id, actor_id: actor_id, since: since, until_time: until_time, touching: touching, order_by: order_by, for_tenant: for_tenant)
+        end
+
+        def resolve_audit_log_entries_count(event: nil, item_type: nil, since: nil)
+          check_authentication!
+          scope = RailsAuditLog::AuditLogEntry.all
+          scope = scope.where(event: event) if event
+          scope = scope.where(item_type: item_type) if item_type
+          scope = scope.where("created_at >= ?", since) if since
+          tenant_id = RailsAuditLog.current_tenant&.call
+          scope = scope.for_tenant(tenant_id) if tenant_id
+          scope.count
         end
 
         private
 
-        def build_scope(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil)
+        def build_scope(event: nil, item_type: nil, item_id: nil, actor_id: nil, since: nil, until_time: nil, touching: nil, order_by: nil, for_tenant: nil)
           sort_field = order_by&.field || :created_at
           sort_direction = order_by&.direction || :desc
           scope = RailsAuditLog::AuditLogEntry.order(sort_field => sort_direction)
@@ -85,6 +116,8 @@ module RailsAuditLog
             safe = ActiveRecord::Base.sanitize_sql_like(touching)
             scope = scope.where("object_changes LIKE ?", "%\"#{safe}\":%")
           end
+          tenant_id = for_tenant || RailsAuditLog.current_tenant&.call
+          scope = scope.for_tenant(tenant_id) if tenant_id
           scope
         end
 

data/lib/rails_audit_log/graphql/subscriptions/audit_log_entry_created.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module RailsAuditLog
+  module Graphql
+    module Subscriptions
+      class AuditLogEntryCreated < Types::BaseSubscription
+        description "Fires when a new audit log entry is created."
+
+        argument :item_type, String, required: false,
+          description: "Filter to entries for a specific model class name."
+        argument :item_id, GraphQL::Types::ID, required: false,
+          description: "Filter to entries for a specific record ID."
+        argument :actor_id, GraphQL::Types::ID, required: false,
+          description: "Filter to entries by a specific actor ID."
+
+        type Types::AuditLogEntryType, null: false
+      end
+    end
+  end
+end

data/lib/rails_audit_log/graphql/subscriptions/audit_log_subscriptions_mixin.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module RailsAuditLog
+  module Graphql
+    module Subscriptions
+      module AuditLogSubscriptionsMixin
+        def self.included(base)
+          base.field(
+            :audit_log_entry_created,
+            subscription: AuditLogEntryCreated,
+            description: "Fires when a new audit log entry is created."
+          )
+        end
+      end
+    end
+  end
+end

data/lib/rails_audit_log/graphql/subscriptions/broadcaster.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module RailsAuditLog
+  module Graphql
+    module Subscriptions
+      class Broadcaster
+        EVENT = "rails_audit_log.entry_created"
+
+        def initialize(schema:)
+          @schema = schema
+          @subscriber = nil
+        end
+
+        def start
+          @subscriber = ActiveSupport::Notifications.subscribe(EVENT) do |*, payload|
+            broadcast(payload[:entry])
+          end
+        end
+
+        def stop
+          ActiveSupport::Notifications.unsubscribe(@subscriber) if @subscriber
+          @subscriber = nil
+        end
+
+        def broadcast(entry)
+          @schema.subscriptions.trigger(
+            "audit_log_entry_created",
+            {item_type: entry.item_type, item_id: entry.item_id.to_s},
+            entry
+          )
+
+          return unless entry.actor_id.present?
+
+          @schema.subscriptions.trigger(
+            "audit_log_entry_created",
+            {actor_id: entry.actor_id.to_s},
+            entry
+          )
+        end
+      end
+    end
+  end
+end

data/lib/rails_audit_log/graphql/types/base_subscription.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module RailsAuditLog
+  module Graphql
+    module Types
+      class BaseSubscription < GraphQL::Schema::Subscription
+      end
+    end
+  end
+end

data/lib/rails_audit_log/graphql/version.rb

@@ -2,6 +2,6 @@
 
 module RailsAuditLog
   module Graphql
-    VERSION = "0.3.0"
+    VERSION = "0.5.0"
   end
 end

data/lib/rails_audit_log/graphql.rb

@@ -3,6 +3,7 @@
 require "graphql"
 require_relative "graphql/version"
 require_relative "graphql/types/base_object"
+require_relative "graphql/types/base_subscription"
 require_relative "graphql/types/diff_type"
 require_relative "graphql/types/actor_type"
 require_relative "graphql/types/audited_resource_type"
@@ -11,6 +12,9 @@ require_relative "graphql/types/sort_direction_enum"
 require_relative "graphql/types/audit_log_entry_sort_field_enum"
 require_relative "graphql/input_objects/audit_log_entry_sort_input"
 require_relative "graphql/queries/audit_log_entries_query_mixin"
+require_relative "graphql/subscriptions/audit_log_entry_created"
+require_relative "graphql/subscriptions/audit_log_subscriptions_mixin"
+require_relative "graphql/subscriptions/broadcaster"
 
 module RailsAuditLog
   module Graphql

data/sig/rails_audit_log/graphql.rbs

@@ -6,6 +6,9 @@ module RailsAuditLog
       class BaseObject < GraphQL::Schema::Object
       end
 
+      class BaseSubscription < GraphQL::Schema::Subscription
+      end
+
       class DiffType < BaseObject
         def attribute: () -> String
         def from: () -> untyped
@@ -51,11 +54,29 @@ module RailsAuditLog
       end
     end
 
+    module Subscriptions
+      class AuditLogEntryCreated < Types::BaseSubscription
+        def subscribe: (?item_type: String?, ?item_id: String?, ?actor_id: String?) -> :no_response
+        def update: (?item_type: String?, ?item_id: String?, ?actor_id: String?) -> untyped
+      end
+
+      module AuditLogSubscriptionsMixin
+        def self.included: (untyped base) -> void
+      end
+
+      class Broadcaster
+        def initialize: (schema: untyped) -> void
+        def start: () -> void
+        def stop: () -> void
+        def broadcast: (untyped entry) -> void
+      end
+    end
+
     module Queries
       module AuditLogEntriesQueryMixin
         def self.included: (untyped base) -> void
 
-        def resolve_audit_log_entry: (id: String) -> untyped
+        def resolve_audit_log_entry: (id: String, ?for_tenant: String?) -> untyped
 
         def resolve_audit_log_entries: (
           ?event: String?,
@@ -66,6 +87,7 @@ module RailsAuditLog
           ?until_time: Time?,
           ?touching: String?,
           ?order_by: InputObjects::AuditLogEntrySortInput?,
+          ?for_tenant: String?,
           ?page: Integer,
           ?per_page: Integer
         ) -> untyped
@@ -78,9 +100,16 @@ module RailsAuditLog
           ?since: Time?,
           ?until_time: Time?,
           ?touching: String?,
-          ?order_by: InputObjects::AuditLogEntrySortInput?
+          ?order_by: InputObjects::AuditLogEntrySortInput?,
+          ?for_tenant: String?
         ) -> untyped
 
+        def resolve_audit_log_entries_count: (
+          ?event: String?,
+          ?item_type: String?,
+          ?since: Time?
+        ) -> Integer
+
         private
 
         def build_scope: (
@@ -91,7 +120,8 @@ module RailsAuditLog
           ?since: Time?,
           ?until_time: Time?,
           ?touching: String?,
-          ?order_by: InputObjects::AuditLogEntrySortInput?
+          ?order_by: InputObjects::AuditLogEntrySortInput?,
+          ?for_tenant: String?
         ) -> untyped
 
         def check_authentication!: () -> void

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_audit_log-graphql
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Chuck Smith
@@ -86,11 +86,15 @@ files:
 - lib/rails_audit_log/graphql/input_objects/audit_log_entry_sort_input.rb
 - lib/rails_audit_log/graphql/queries/audit_log_entries_query_mixin.rb
 - lib/rails_audit_log/graphql/release_tooling.rb
+- lib/rails_audit_log/graphql/subscriptions/audit_log_entry_created.rb
+- lib/rails_audit_log/graphql/subscriptions/audit_log_subscriptions_mixin.rb
+- lib/rails_audit_log/graphql/subscriptions/broadcaster.rb
 - lib/rails_audit_log/graphql/types/actor_type.rb
 - lib/rails_audit_log/graphql/types/audit_log_entry_sort_field_enum.rb
 - lib/rails_audit_log/graphql/types/audit_log_entry_type.rb
 - lib/rails_audit_log/graphql/types/audited_resource_type.rb
 - lib/rails_audit_log/graphql/types/base_object.rb
+- lib/rails_audit_log/graphql/types/base_subscription.rb
 - lib/rails_audit_log/graphql/types/diff_type.rb
 - lib/rails_audit_log/graphql/types/sort_direction_enum.rb
 - lib/rails_audit_log/graphql/version.rb