rollbacker 1.0.0

data/.gitignore

@@ -0,0 +1,8 @@
+coverage
+rdoc
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+tmp/*
+.DS_Store

data/Gemfile

@@ -0,0 +1,3 @@
+source "http://rubygems.org"
+
+gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Near Infinity Corporation
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,16 @@
+## Rollbacker ##
+
+Rollbacker is a manage tool for auditing changes to your ActiveRecord.
+The changes of objects are added to a queue where the auditor can approve and reject those changes.
+
+## Installation ##
+
+To use it with your Rails 3 project, add the following line to your Gemfile
+
+  gem 'rollbacker'
+
+Generate the migration and create the rollbacker_changes table
+
+  rails generate rollbacker:migration
+  rake db:migrate
+

data/Rakefile

@@ -0,0 +1,33 @@
+$:.unshift File.expand_path("../lib", __FILE__)
+
+require 'rake'
+require 'rdoc/task'
+require 'rspec/core/rake_task'
+require 'bundler'
+
+Bundler::GemHelper.install_tasks
+
+desc 'Default: run specs'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new do |t|
+  t.rspec_opts = %w(-fs --color)
+end
+
+desc "Run specs with RCov"
+RSpec::Core::RakeTask.new(:rcov) do |t|
+  t.rspec_opts = %w(-fs --color)
+  t.rcov = true
+  t.rcov_opts = %w(--exclude "spec/*,gems/*")
+end
+
+desc 'Generate documentation for the gem.'
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Rollbacker'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+

data/init.rb

@@ -0,0 +1 @@
+require 'rollbacker'

data/lib/generators/rollbacker/migration/migration_generator.rb

@@ -0,0 +1,26 @@
+require 'rails/generators'
+require 'rails/generators/migration'
+
+module Rollbacker
+  module Generators
+    class MigrationGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+
+      desc "Create migration for Rollbacker rollbacker_changes table"
+
+      source_root File.expand_path("../templates", __FILE__)
+
+      def self.next_migration_number(dirname)
+        if ActiveRecord::Base.timestamped_migrations
+          Time.now.utc.strftime("%Y%m%d%H%M%S")
+        else
+          "%.3d" % (current_migration_number(dirname) + 1)
+        end
+      end
+
+      def create_migration_file
+        migration_template 'migration.rb', 'db/migrate/create_rollbacker_changes_table.rb'
+      end
+    end
+  end
+end

data/lib/generators/rollbacker/migration/templates/migration.rb

@@ -0,0 +1,22 @@
+class CreateRollbackerChangesTable < ActiveRecord::Migration
+  def self.up
+    create_table :rollbacker_changes, :force => true do |t|
+      t.column :rollbackable_id, :integer
+      t.column :rollbackable_type, :string
+      t.column :user_id, :integer
+      t.column :user_type, :string
+      t.column :action, :string
+      t.column :rollbacked_changes, :text
+      t.column :created_at, :datetime
+      t.column :updated_at, :datetime
+    end
+
+    add_index :rollbacker_changes, [:rollbackable_id, :rollbackable_type], :name => 'rollbackable_index'
+    add_index :rollbacker_changes, [:user_id, :user_type], :name => 'user_index'
+    add_index :rollbacker_changes, :created_at
+  end
+
+  def self.down
+    drop_table :rollbacker_changes
+  end
+end

data/lib/generators/rollbacker.rb

@@ -0,0 +1,9 @@
+module Rollbacker
+  module Generators
+    class Base < Rails::Generators::NamedBase
+      def self.source_root
+        File.expand_path(File.join(File.dirname(__FILE__), 'rollbacker', generator_name, 'templates'))
+      end
+    end
+  end
+end

data/lib/rollbacker/base.rb

@@ -0,0 +1,49 @@
+require 'rollbacker/status'
+require 'rollbacker/config'
+require 'rollbacker/database_rollback'
+require 'rollbacker/recorder'
+
+module Rollbacker
+  module Base
+
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    module ClassMethods
+      def rollbacker(*args, &blk)
+        unless self.included_modules.include?(ActiveRecord::Transactions::ClassMethods)
+          include ActiveRecord::Transactions::ClassMethods
+        end
+        unless self.included_modules.include?(Rollbacker::Base::InstanceMethods)
+          include InstanceMethods
+          include Rollbacker::Status  unless self.included_modules.include?(Rollbacker::Status)
+          has_many :rollbacker_changes, :as => :rollbackable
+        end
+
+        config = Rollbacker::Config.new(*args)
+        config.actions.each do |action|
+          send "around_#{action}", Rollbacker::DatabaseRollback.new(config.options)
+          # send :after_rollback, Rollbacker::Recorder.new(action, config.options, &blk), :on => action
+        end
+        send :after_rollback, Rollbacker::Recorder.new(config.options, &blk)
+      end
+
+      def rollbacker!(*args, &blk)
+        if args.last.kind_of?(Hash)
+          args.last[:fail_on_error] = true
+        else
+          args << { :fail_on_error => true }
+        end
+
+        rollbacker(*args, &blk)
+      end
+    end
+
+    module InstanceMethods
+      attr_accessor :_rollbacker_action
+
+    end
+
+  end
+end

data/lib/rollbacker/change_validator.rb

@@ -0,0 +1,30 @@
+module Rollbacker
+  class ChangeValidator
+    attr_reader :action
+    attr_reader :options
+
+    def initialize(action, options, model)
+      @action   = action
+      @options  = options
+      @model    = model
+    end
+
+    def valid?
+      case @action
+      when :destroy
+        @model.persisted?
+      when :update, :create
+        self.changes.any?
+      end
+    end
+
+    def changes(other_changes={})
+      chg = @model.changes.dup
+      chg.reverse_merge!( (other_changes || {}).with_indifferent_access )
+      chg.reject!{|key, value| @options[:except].include?(key) } unless @options[:except].blank?
+      chg.reject!{|key, value| !@options[:only].include?(key)  } unless @options[:only].blank?
+      chg
+    end
+
+  end
+end

data/lib/rollbacker/config.rb

@@ -0,0 +1,34 @@
+module Rollbacker
+  class Config
+    attr_reader :actions
+    attr_reader :options
+
+    def self.valid_actions
+      @valid_actions ||= [:create, :update, :destroy]
+    end
+
+    def initialize(*args)
+      @options = (args.pop if args.last.kind_of?(Hash)) || {}
+      normalize_options(@options)
+
+      @actions = args.map(&:to_sym)
+      validate_actions(@actions)
+    end
+
+  private
+
+    def normalize_options(options)
+      options.each_pair { |k, v| options[k.to_sym] = options.delete(k) unless k.kind_of? Symbol }
+      options[:only] ||= []
+      options[:except] ||= []
+      options[:only] = Array(options[:only]).map(&:to_s)
+      options[:except] = Array(options[:except]).map(&:to_s)
+    end
+
+    def validate_actions(actions)
+      raise Rollbacker::Error.new "at least one action in #{Config.valid_actions.inspect} must be specified" if actions.empty?
+      raise Rollbacker::Error.new "#{Config.valid_actions.inspect} are the only valid actions" unless actions.all? { |a| Config.valid_actions.include?(a.to_sym) }
+    end
+
+  end
+end

data/lib/rollbacker/database_rollback.rb

@@ -0,0 +1,28 @@
+require 'rollbacker/status'
+require 'rollbacker/change_validator'
+
+module Rollbacker
+  class DatabaseRollback
+    include Status
+
+    def initialize(args)
+      @options = args
+    end
+
+    [:create, :update, :destroy].each do |action|
+      define_method("around_#{action}") do |model|
+        rollback_model_changes(model, action)
+      end
+    end
+
+  private
+
+    def rollback_model_changes(model, action)
+      model._rollbacker_action = action
+
+      if rollbacker_enabled? && ChangeValidator.new(action, @options, model).valid?
+        raise ActiveRecord::Rollback
+      end
+    end
+  end
+end

data/lib/rollbacker/recorder.rb

@@ -0,0 +1,57 @@
+require 'rollbacker/status'
+
+module Rollbacker
+  class Recorder
+    include Status
+
+    # def initialize(action, options, &blk)
+    #   @action  = action
+    #   @options = options
+    #   @blk     = blk
+    # end
+
+    def initialize(options, &blk)
+      @options = options
+      @blk     = blk
+    end
+
+    def after_rollback(model)
+      create_or_update_changes(model)
+    end
+
+  private
+    # Should just return @action if after_rollback(:on=>:destroy) should set the correct action.. Take a look at this issue:
+    # https://github.com/rails/rails/issues/7640
+    #
+    # **Also remove everything about _rollbacker_action instance method.**
+    #
+    # def action
+    #   @action
+    # end
+
+    def change_validator(model)
+      ChangeValidator.new(model._rollbacker_action, @options, model)
+    end
+
+    def create_or_update_changes(model)
+      return if rollbacker_disabled?
+      validator = change_validator(model)
+      return unless validator.valid?
+      user = Rollbacker::User.current_user
+
+      record = \
+        if model.new_record?
+          RollbackerChange.new(rollbackable_type: model.class.name, action: validator.action)
+        else
+          RollbackerChange.find_or_initialize_by_rollbackable_id_and_rollbackable_type_and_action(model.id, model.class.name, validator.action)
+        end
+      if model.changed?
+        record.rollbacked_changes = validator.changes(record.rollbacked_changes)
+      end
+
+      @blk.call(model, record, user, validator.action) if @blk
+
+      @options[:fail_on_error] ? record.save! : record.save
+    end
+  end
+end

data/lib/rollbacker/rollbacker_change.rb

@@ -0,0 +1,25 @@
+require 'active_record'
+require 'rollbacker/config'
+
+class RollbackerChange < ActiveRecord::Base
+  belongs_to :rollbackable, :polymorphic => true
+  belongs_to :user, :polymorphic => true
+
+  before_create :set_user
+
+  serialize :rollbacked_changes
+
+  def new_attributes
+    (rollbacked_changes || {}).inject({}.with_indifferent_access) do |attrs,(attr,values)|
+      attrs[attr] = values.is_a?(Array) ? values.last : values
+      attrs
+    end
+  end
+
+private
+
+  def set_user
+    self.user = Rollbacker::User.current_user if self.user_id.nil?
+  end
+
+end

data/lib/rollbacker/spec_helpers.rb

@@ -0,0 +1,20 @@
+module Rollbacker
+  module SpecHelpers
+    include Rollbacker::Status
+
+    def self.included(base)
+      base.class_eval do
+        before(:each) do
+          disable_rollbacker!
+        end
+
+        after(:each) do
+          enable_rollbacker!
+        end
+      end
+    end
+
+  end
+end
+
+

data/lib/rollbacker/status.rb

@@ -0,0 +1,62 @@
+require 'rollbacker/user'
+
+module Rollbacker
+  module Status
+
+    def rollbacker_disabled?
+      Thread.current[:rollbacker_disabled] == true
+    end
+
+    def rollbacker_enabled?
+      Thread.current[:rollbacker_disabled].nil? || Thread.current[:rollbacker_disabled] == false
+    end
+
+    def disable_rollbacker!
+      Thread.current[:rollbacker_disabled] = true
+    end
+
+    def enable_rollbacker!
+      Thread.current[:rollbacker_disabled] = false
+    end
+
+    def without_rollbacker
+      previously_disabled = rollbacker_disabled?
+
+      begin
+        disable_rollbacker!
+        result = yield if block_given?
+      ensure
+        enable_rollbacker! unless previously_disabled
+      end
+
+      result
+    end
+
+    def with_rollbacker
+      previously_disabled = rollbacker_disabled?
+
+      begin
+        enable_rollbacker!
+        result = yield if block_given?
+      ensure
+        disable_rollbacker! if previously_disabled
+      end
+
+      result
+    end
+
+    def rollbacker_as(user)
+      previous_user = Rollbacker::User.current_user
+
+      begin
+        Rollbacker::User.current_user = user
+        result = yield if block_given?
+      ensure
+        Rollbacker::User.current_user = previous_user
+      end
+
+      result
+    end
+
+  end
+end

data/lib/rollbacker/user.rb

@@ -0,0 +1,15 @@
+module Rollbacker
+  module User
+
+    def current_user
+      Thread.current[:rollbacker_user]
+    end
+
+    def current_user=(user)
+      Thread.current[:rollbacker_user] = user
+    end
+
+    module_function :current_user, :current_user=
+
+  end
+end

data/lib/rollbacker/version.rb

@@ -0,0 +1,3 @@
+module Rollbacker
+  VERSION = "1.0.0"
+end

data/lib/rollbacker.rb

@@ -0,0 +1,21 @@
+require 'rollbacker/rollbacker_change'
+require 'rollbacker/base'
+
+module Rollbacker
+  class Error < StandardError; end
+end
+
+ActiveRecord::Base.send :include, Rollbacker::Base
+
+if defined?(ActionController) and defined?(ActionController::Base)
+
+  require 'rollbacker/user'
+
+  ActionController::Base.class_eval do
+    before_filter do |c|
+      Rollbacker::User.current_user = c.send(:current_user) if c.respond_to?(:current_user)
+    end
+  end
+
+end
+

data/rollbacker.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/rollbacker/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Marcos G. Zimmermann"]
+  gem.email         = ["mgzmaster@gmail.com"]
+  gem.homepage      = "http://github.com/marcosgz/rollbacker"
+  gem.name          = "rollbacker"
+  gem.summary       = %q{Rollbacker is a manage tool for auditing changes to your ActiveRecord}
+  gem.description   = %q{Rollbacker allows you to declaratively specify what CRUD operations should be audited. The changes of objects are added to a queue where the auditor can approve and reject those changes.}
+  gem.version       = Rollbacker::VERSION
+
+  gem.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  gem.files         = `git ls-files`.split("\n")
+  gem.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  gem.require_paths = ["lib"]
+
+  gem.add_dependency('activerecord', '>= 3.0')
+
+  gem.add_development_dependency('rspec')
+  gem.add_development_dependency('sqlite3-ruby')
+end

data/spec/base_spec.rb

@@ -0,0 +1,127 @@
+require File.dirname(__FILE__) + '/spec_helper'
+require 'rollbacker/user'
+require 'rollbacker/status'
+
+describe Rollbacker::Base do
+  include Rollbacker::Status
+
+  before(:each) do
+    @user = User.create
+    @original_model = Model
+    Rollbacker::User.current_user = @user
+  end
+
+  after(:each) do
+    reset_model
+  end
+
+  it 'should be created a :create change record' do
+    redefine_model { rollbacker!(:create) }
+
+    m = Model.new(:name => 'new')
+    m.should be_valid
+    m.should be_changed
+    lambda {
+      lambda { m.save }.should change(RollbackerChange, :count).by(1)
+    }.should_not change(Model, :count)
+
+    verify_change(RollbackerChange.last, m, :create, { 'name' => [nil, 'new'], 'id' => [nil, m.id] })
+  end
+
+  it 'should be created a :update change record' do
+    redefine_model { rollbacker!(:update) }
+    m = Model.new(:name => 'new')
+    without_rollbacker { m.save }
+
+    lambda {
+      lambda { m.update_attributes(:name => 'newer') }.should change(RollbackerChange, :count).by(1)
+    }.should_not change(Model, :count)
+
+    verify_change(RollbackerChange.last, m, :update, { 'name' => ['new', 'newer'] })
+  end
+
+
+  it 'should be created a :destroy change record' do
+    redefine_model { rollbacker!(:destroy) }
+    m = without_rollbacker { Model.create(:name => 'new') }
+
+    lambda {
+      lambda { m.destroy }.should change(RollbackerChange, :count).by(1)
+    }.should_not change(Model, :count)
+
+    verify_change(RollbackerChange.last, m, :destroy)
+  end
+
+  it 'should allow multiple actions to be specified with one rollbacker statment' do
+    redefine_model { rollbacker!(:update, :destroy) }
+    m = Model.new(:name => 'new')
+    lambda {
+      m.save
+    }.should_not change(RollbackerChange, :count)
+    m.should be_persisted
+    lambda {
+      m.update_attributes({:name => 'newer'})
+    }.should change(RollbackerChange, :count).by(1)
+    m.should be_persisted
+    lambda {
+      m.destroy
+    }.should change(RollbackerChange, :count).by(1)
+
+    RollbackerChange.count.should == 2
+    edit1 = RollbackerChange.first
+    edit1.action.should == 'update'
+    edit2 = RollbackerChange.last
+    edit2.action.should == 'destroy'
+  end
+
+  it 'should be able to turn off rollbacker for a especific field' do
+    redefine_model { rollbacker!(:update, :except => :name) }
+
+    m = Model.new(:name => 'name')
+    lambda {
+      m.save
+    }.should_not change(RollbackerChange, :count)
+    lambda {
+      m.update_attributes({:name => 'new'})
+    }.should_not change(RollbackerChange, :count)
+    lambda {
+      m.update_attributes({:value => 'new'})
+    }.should change(RollbackerChange, :count).by(1)
+  end
+
+  it 'should be able to to track rollbacker changes for a especific field' do
+    redefine_model { rollbacker!(:update, :only => :value) }
+
+    m = Model.new(:name => 'name')
+    lambda {
+      m.save
+    }.should_not change(RollbackerChange, :count)
+    lambda {
+      m.update_attributes({:name => 'new'})
+    }.should_not change(RollbackerChange, :count)
+    lambda {
+      m.update_attributes({:value => 'new'})
+    }.should change(RollbackerChange, :count).by(1)
+  end
+
+  def verify_change(change_record, model, action, changes=nil)
+    change_record.should_not be_nil
+    change_record.rollbackable_id.should     == model.id
+    change_record.rollbackable_type.should   == model.class.to_s
+    change_record.action.should              == action.to_s
+    change_record.user.should                == @user
+    change_record.rollbacked_changes.should  == changes.reject{|k,v|v.map(&:nil?).all?} unless changes.nil?
+  end
+
+  def redefine_model(&blk)
+    clazz = Class.new(ActiveRecord::Base, &blk)
+    Object.send :remove_const, 'Model'
+    Object.send :const_set, 'Model', clazz
+  end
+
+  def reset_model
+    Object.send :remove_const, 'Model'
+    Object.send :const_set, 'Model', @original_model
+  end
+
+end