synerma-audits1984 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: fc29ee5bd3404776bfd9fc32fd581fe6b1035e1130bf58ca9176a648a404b5c1
+  data.tar.gz: 279391b5b1d119def3dc2739002fae42da184b692dc764da71e31f6316e35e8d
+SHA512:
+  metadata.gz: b680aa9f0edfd963c359cd73b8750dc5cf27bd1963675bb32e37affa4f2b5abb9e72ab22017764bf2d058f9dc6697bd0323e37de6b626dfc5a3e65e8fcdadb87
+  data.tar.gz: 6ea64974350e13bf0b480fbcd9f5ceeb00fd4fc635b4f91eded48e9b6f9a35841d89dd7f2143de75f063aaf37739fa4f1d18faa69adecb7ec755f039f3863a4d

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2021 Jorge Manrubia
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,77 @@
+[![Build Status](https://github.com/basecamp/audits1984/actions/workflows/build.yml/badge.svg?branch=master)](https://github.com/basecamp/audits1984/actions?query=branch%3Amaster)
+
+# Audits1984
+
+A simple auditing tool for [`console1984`](https://github.com/basecamp/console1984).
+
+## Installation
+
+Add it to your `Gemfile`:
+
+```ruby
+gem 'audits1984'
+```
+
+Create tables to store audits in the database:
+
+```sh
+rails audits1984:install:migrations
+rails db:migrate
+```
+
+Mount the engine in your `routes.rb`:
+
+```ruby
+mount Audits1984::Engine => "/console"
+```
+
+### API-only apps or apps using `vite_rails` and other asset pipelines outside Rails
+
+If you want to use this gem with an [API-only Rails app](https://guides.rubyonrails.org/api_app.html) or an app that's using `vite_ruby`/`vite_rails`, or some other custom asset pipeline different from Sprockets and Propshaft, you need just one more thing: configure an asset pipeline so you can serve the JavaScript and CSS included in this gem. We recommend to use [`Propshaft`](https://github.com/rails/propshaft). You simply need to add this line to your application's Gemfile:
+
+```ruby
+gem "propshaft"
+```
+
+Then execute
+```bash
+$ bundle install
+```
+
+And you should be ready to go.
+
+### Authenticate auditors
+
+By default, the library controllers will inherit from the host application's `ApplicationController`. To authenticate auditors, you need to implement a method `#find_current_auditor` in your `ApplicationController`. This method must return a record representing the auditing user. It can be any model but it has to respond to `#name`.
+
+For example, Imagine all the staff in your company can audit console sessions:
+
+```ruby
+def find_current_auditor
+  Current.user if Current.user&.staff?
+end
+```
+
+## Usage
+
+The main screen lists the registered console sessions. It includes a form to filter sessions by date, and also to only show that contains sensitive accesses.
+
+![Main screen listing the registered console sessions with a filter form](docs/images/main-screen.png)
+
+You can click on a session to see its commands and choose whether it was an appropiate console usage or not.
+
+![Audit session screen](docs/images/audit-session-screen.png)
+
+After making a decision on the session, you will be redirected to the next pending session, based on the filter configured in the main screen.
+
+That is. I said it was simple.
+
+## Configuration
+
+These config options are namespaced in `config.audits1984`:
+
+| Name                  | Description                                                  |
+| --------------------- | ------------------------------------------------------------ |
+| auditor_class         | The name of the auditor class. By default it's `::User.`     |
+| auditor_name_attribute | The attribute on the auditor class that returns the auditor's name. By default it's `:name`. |
+| base_controller_class | The host application base class that will be the parent of `audit1984` controllers. By default it's `::ApplicationController`. |

data/Rakefile

@@ -0,0 +1,19 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"
+
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+  t.warning = false
+end
+
+task default: :test

data/app/assets/config/audits1984_manifest.js

@@ -0,0 +1,2 @@
+//= link_directory ../stylesheets/audits1984 .css
+//= link_directory ../javascripts/audits1984 .js

data/app/assets/stylesheets/audits1984/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */