tangledwires-audited 6.0.0

data/lib/audited/rspec_matchers.rb

@@ -0,0 +1,228 @@
+# frozen_string_literal: true
+
+module Audited
+  module RspecMatchers
+    # Ensure that the model is audited.
+    #
+    # Options:
+    # * <tt>associated_with</tt> - tests that the audit makes use of the associated_with option
+    # * <tt>only</tt> - tests that the audit makes use of the only option *Overrides <tt>except</tt> option*
+    # * <tt>except</tt> - tests that the audit makes use of the except option
+    # * <tt>requires_comment</tt> - if specified, then the audit must require comments through the <tt>audit_comment</tt> attribute
+    # * <tt>on</tt> - tests that the audit makes use of the on option with specified parameters
+    #
+    # Example:
+    #   it { should be_audited }
+    #   it { should be_audited.associated_with(:user) }
+    #   it { should be_audited.only(:field_name) }
+    #   it { should be_audited.except(:password) }
+    #   it { should be_audited.requires_comment }
+    #   it { should be_audited.on(:create).associated_with(:user).except(:password) }
+    #
+    def be_audited
+      AuditMatcher.new
+    end
+
+    # Ensure that the model has associated audits
+    #
+    # Example:
+    #   it { should have_associated_audits }
+    #
+    def have_associated_audits
+      AssociatedAuditMatcher.new
+    end
+
+    class AuditMatcher # :nodoc:
+      def initialize
+        @options = {}
+      end
+
+      def associated_with(model)
+        @options[:associated_with] = model
+        self
+      end
+
+      def only(*fields)
+        @options[:only] = fields.flatten.map(&:to_s)
+        self
+      end
+
+      def except(*fields)
+        @options[:except] = fields.flatten.map(&:to_s)
+        self
+      end
+
+      def requires_comment
+        @options[:comment_required] = true
+        self
+      end
+
+      def on(*actions)
+        @options[:on] = actions.flatten.map(&:to_sym)
+        self
+      end
+
+      def matches?(subject)
+        @subject = subject
+        auditing_enabled? && required_checks_for_options_satisfied?
+      end
+
+      def failure_message
+        "Expected #{@expectation}"
+      end
+
+      def negative_failure_message
+        "Did not expect #{@expectation}"
+      end
+
+      alias_method :failure_message_when_negated, :negative_failure_message
+
+      def description
+        description = "audited"
+        description += " associated with #{@options[:associated_with]}" if @options.key?(:associated_with)
+        description += " only => #{@options[:only].join ", "}" if @options.key?(:only)
+        description += " except => #{@options[:except].join(", ")}" if @options.key?(:except)
+        description += " requires audit_comment" if @options.key?(:comment_required)
+
+        description
+      end
+
+      protected
+
+      def expects(message)
+        @expectation = message
+      end
+
+      def auditing_enabled?
+        expects "#{model_class} to be audited"
+        model_class.respond_to?(:auditing_enabled) && model_class.auditing_enabled
+      end
+
+      def model_class
+        @subject.class
+      end
+
+      def associated_with_model?
+        expects "#{model_class} to record audits to associated model #{@options[:associated_with]}"
+        model_class.audit_associated_with == @options[:associated_with]
+      end
+
+      def records_changes_to_specified_fields?
+        ignored_fields = build_ignored_fields_from_options
+
+        expects "non audited columns (#{model_class.non_audited_columns.inspect}) to match (#{ignored_fields})"
+        model_class.non_audited_columns.to_set == ignored_fields.to_set
+      end
+
+      def comment_required_valid?
+        expects "to require audit_comment before #{model_class.audited_options[:on]} when comment required"
+        validate_callbacks_include_presence_of_comment? && destroy_callbacks_include_comment_required?
+      end
+
+      def only_audit_on_designated_callbacks?
+        {
+          create: [:after, :audit_create],
+          update: [:before, :audit_update],
+          destroy: [:before, :audit_destroy]
+        }.map do |(action, kind_callback)|
+          kind, callback = kind_callback
+          callbacks_for(action, kind: kind).include?(callback) if @options[:on].include?(action)
+        end.compact.all?
+      end
+
+      def validate_callbacks_include_presence_of_comment?
+        if @options[:comment_required] && audited_on_create_or_update?
+          callbacks_for(:validate).include?(:presence_of_audit_comment)
+        else
+          true
+        end
+      end
+
+      def audited_on_create_or_update?
+        model_class.audited_options[:on].include?(:create) || model_class.audited_options[:on].include?(:update)
+      end
+
+      def destroy_callbacks_include_comment_required?
+        if @options[:comment_required] && model_class.audited_options[:on].include?(:destroy)
+          callbacks_for(:destroy).include?(:require_comment)
+        else
+          true
+        end
+      end
+
+      def requires_comment_before_callbacks?
+        [:create, :update, :destroy].map do |action|
+          if @options[:comment_required] && model_class.audited_options[:on].include?(action)
+            callbacks_for(action).include?(:require_comment)
+          end
+        end.compact.all?
+      end
+
+      def callbacks_for(action, kind: :before)
+        model_class.send("_#{action}_callbacks").select { |cb| cb.kind == kind }.map(&:filter)
+      end
+
+      def build_ignored_fields_from_options
+        default_ignored_attributes = model_class.default_ignored_attributes
+
+        if @options[:only].present?
+          (default_ignored_attributes | model_class.column_names) - @options[:only]
+        elsif @options[:except].present?
+          default_ignored_attributes | @options[:except]
+        else
+          default_ignored_attributes
+        end
+      end
+
+      def required_checks_for_options_satisfied?
+        {
+          only: :records_changes_to_specified_fields?,
+          except: :records_changes_to_specified_fields?,
+          comment_required: :comment_required_valid?,
+          associated_with: :associated_with_model?,
+          on: :only_audit_on_designated_callbacks?
+        }.map do |(option, check)|
+          send(check) if @options[option].present?
+        end.compact.all?
+      end
+    end
+
+    class AssociatedAuditMatcher # :nodoc:
+      def matches?(subject)
+        @subject = subject
+
+        association_exists?
+      end
+
+      def failure_message
+        "Expected #{model_class} to have associated audits"
+      end
+
+      def negative_failure_message
+        "Expected #{model_class} to not have associated audits"
+      end
+
+      alias_method :failure_message_when_negated, :negative_failure_message
+
+      def description
+        "has associated audits"
+      end
+
+      protected
+
+      def model_class
+        @subject.class
+      end
+
+      def reflection
+        model_class.reflect_on_association(:associated_audits)
+      end
+
+      def association_exists?
+        !reflection.nil? &&
+          reflection.macro == :has_many &&
+          reflection.options[:class_name] == Audited.audit_class.name
+      end
+    end
+  end
+end

data/lib/audited/sweeper.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Audited
+  class Sweeper
+    STORED_DATA = {
+      current_remote_address: :remote_ip,
+      current_request_uuid: :request_uuid,
+      current_user: :current_user
+    }
+
+    delegate :store, to: ::Audited
+
+    def around(controller)
+      self.controller = controller
+      STORED_DATA.each { |k, m| store[k] = send(m) }
+      yield
+    ensure
+      self.controller = nil
+      STORED_DATA.keys.each { |k| store.delete(k) }
+    end
+
+    def current_user
+      lambda { controller.send(Audited.current_user_method) if controller.respond_to?(Audited.current_user_method, true) }
+    end
+
+    def remote_ip
+      controller.try(:request).try(:remote_ip)
+    end
+
+    def request_uuid
+      controller.try(:request).try(:uuid)
+    end
+
+    def controller
+      store[:current_controller]
+    end
+
+    def controller=(value)
+      store[:current_controller] = value
+    end
+  end
+end

data/lib/audited/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Audited
+  VERSION = "6.0.0"
+end

data/lib/audited-rspec.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+require "audited/rspec_matchers"
+module RSpec::Matchers
+  include Audited::RspecMatchers
+end

data/lib/audited.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require "active_record"
+
+module Audited
+  # Wrapper around ActiveSupport::CurrentAttributes
+  class RequestStore < ActiveSupport::CurrentAttributes
+    attribute :audited_store
+  end
+
+  class << self
+    attr_accessor \
+      :auditing_enabled,
+      :current_user_method,
+      :ignored_attributes,
+      :ignored_default_callbacks,
+      :max_audits,
+      :store_synthesized_enums
+    attr_writer :audit_class
+
+    def audit_class
+      # The audit_class is set as String in the initializer. It can not be constantized during initialization and must
+      # be constantized at runtime. See https://github.com/collectiveidea/audited/issues/608
+      @audit_class = @audit_class.safe_constantize if @audit_class.is_a?(String)
+      @audit_class ||= Audited::Audit
+    end
+
+    # remove audit_model in next major version it was only shortly present in 5.1.0
+    alias_method :audit_model, :audit_class
+    deprecate audit_model: "use Audited.audit_class instead of Audited.audit_model. This method will be removed.",
+              deprecator: ActiveSupport::Deprecation.new('6.0.0', 'Audited')
+
+    def store
+      RequestStore.audited_store ||= {}
+    end
+
+    def config
+      yield(self)
+    end
+  end
+
+  @ignored_attributes = %w[lock_version created_at updated_at created_on updated_on]
+  @ignored_default_callbacks = []
+
+  @current_user_method = :current_user
+  @auditing_enabled = true
+  @store_synthesized_enums = false
+end
+
+require 'audited/auditor'
+require 'audited/audit'
+require 'audited/audit_associate'
+
+ActiveSupport.on_load :active_record do
+  require "audited/audit"
+  include Audited::Auditor
+end
+
+require "audited/sweeper"
+require "audited/railtie" if Audited.const_defined?(:Rails)

data/lib/generators/audited/install_generator.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+require "rails/generators/migration"
+require "active_record"
+require "rails/generators/active_record"
+require "generators/audited/migration"
+require "generators/audited/migration_helper"
+
+module Audited
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+      include Audited::Generators::MigrationHelper
+      extend Audited::Generators::Migration
+
+      class_option :audited_changes_column_type, type: :string, default: "text", required: false
+      class_option :audited_user_id_column_type, type: :string, default: "integer", required: false
+
+      source_root File.expand_path("../templates", __FILE__)
+
+      def copy_migration
+        migration_template "install.rb", "db/migrate/install_audited.rb"
+      end
+    end
+  end
+end

data/lib/generators/audited/migration.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Audited
+  module Generators
+    module Migration
+      # Implement the required interface for Rails::Generators::Migration.
+      def next_migration_number(dirname) # :nodoc:
+        next_migration_number = current_migration_number(dirname) + 1
+        if timestamped_migrations?
+          [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
+        else
+          "%.3d" % next_migration_number
+        end
+      end
+
+      private
+
+      def timestamped_migrations?
+        (::ActiveRecord.version >= Gem::Version.new("7.0")) ?
+          ::ActiveRecord.timestamped_migrations :
+          ::ActiveRecord::Base.timestamped_migrations
+      end
+    end
+  end
+end

data/lib/generators/audited/migration_helper.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Audited
+  module Generators
+    module MigrationHelper
+      def migration_parent
+        "ActiveRecord::Migration[#{ActiveRecord::Migration.current_version}]"
+      end
+    end
+  end
+end

data/lib/generators/audited/templates/add_association_to_audits.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    add_column :audits, :association_id, :integer
+    add_column :audits, :association_type, :string
+  end
+
+  def self.down
+    remove_column :audits, :association_type
+    remove_column :audits, :association_id
+  end
+end

data/lib/generators/audited/templates/add_comment_to_audits.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    add_column :audits, :comment, :string
+  end
+
+  def self.down
+    remove_column :audits, :comment
+  end
+end

data/lib/generators/audited/templates/add_remote_address_to_audits.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    add_column :audits, :remote_address, :string
+  end
+
+  def self.down
+    remove_column :audits, :remote_address
+  end
+end
+

data/lib/generators/audited/templates/add_request_uuid_to_audits.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    add_column :audits, :request_uuid, :string
+    add_index :audits, :request_uuid
+  end
+
+  def self.down
+    remove_column :audits, :request_uuid
+  end
+end

data/lib/generators/audited/templates/add_version_to_auditable_index.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    if index_exists?(:audits, [:auditable_type, :auditable_id], name: index_name)
+      remove_index :audits, name: index_name
+      add_index :audits, [:auditable_type, :auditable_id, :version], name: index_name
+    end
+  end
+
+  def self.down
+    if index_exists?(:audits, [:auditable_type, :auditable_id, :version], name: index_name)
+      remove_index :audits, name: index_name
+      add_index :audits, [:auditable_type, :auditable_id], name: index_name
+    end
+  end
+
+  private
+
+  def index_name
+    'auditable_index'
+  end
+end

data/lib/generators/audited/templates/create_audit_associates.rb

@@ -0,0 +1,26 @@
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    create_table :audited_audit_associates, :force => true do |t|
+      t.column :audit_id, :integer
+      t.column :associated_id, :integer
+      t.column :associated_type, :string
+    end
+
+    execute <<-SQL
+      INSERT INTO audited_audit_associates (audit_id, associated_id, associated_type)
+        SELECT id, associated_id, associated_type
+        FROM audits
+    SQL
+
+    add_index :audited_audit_associates, :audit_id, :name => 'index_audited_audit_associates_on_audit_id'
+    add_index :audited_audit_associates, [:associated_type, :associated_id], :name => 'index_audited_audit_associates_on_associated'
+
+    remove_index :audits, name: 'associated_index'
+    remove_column :audits, :associated_id
+    remove_column :audits, :associated_type
+  end
+
+  def self.down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end

data/lib/generators/audited/templates/install.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    create_table :audits, :force => true do |t|
+      t.column :auditable_id, :integer
+      t.column :auditable_type, :string
+      t.column :user_id, :<%= options[:audited_user_id_column_type] %>
+      t.column :user_type, :string
+      t.column :username, :string
+      t.column :action, :string
+      t.column :audited_changes, :<%= options[:audited_changes_column_type] %>
+      t.column :version, :integer, :default => 0
+      t.column :comment, :string
+      t.column :remote_address, :string
+      t.column :request_uuid, :string
+      t.column :created_at, :datetime
+    end
+
+    add_index :audits, [:auditable_type, :auditable_id, :version], :name => 'auditable_index'
+    add_index :audits, [:user_id, :user_type], :name => 'user_index'
+    add_index :audits, :request_uuid
+    add_index :audits, :created_at
+
+    create_table :audited_audit_associates, :force => true do |t|
+      t.column :audit_id, :integer
+      t.column :associated_id, :integer
+      t.column :associated_type, :string
+    end
+
+    add_index :audited_audit_associates, :audit_id, :name => 'index_audited_audit_associates_on_audit_id'
+    add_index :audited_audit_associates, [:associated_type, :associated_id], :name => 'index_audited_audit_associates_on_associated'
+  end
+
+  def self.down
+    drop_table :audited_audit_associates
+    drop_table :audits
+  end
+end

data/lib/generators/audited/templates/rename_association_to_associated.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    if index_exists? :audits, [:association_id, :association_type], :name => 'association_index'
+      remove_index :audits, :name => 'association_index'
+    end
+
+    rename_column :audits, :association_id, :associated_id
+    rename_column :audits, :association_type, :associated_type
+
+    add_index :audits, [:associated_id, :associated_type], :name => 'associated_index'
+  end
+
+  def self.down
+    if index_exists? :audits, [:associated_id, :associated_type], :name => 'associated_index'
+      remove_index :audits, :name => 'associated_index'
+    end
+
+    rename_column :audits, :associated_type, :association_type
+    rename_column :audits, :associated_id, :association_id
+
+    add_index :audits, [:association_id, :association_type], :name => 'association_index'
+  end
+end

data/lib/generators/audited/templates/rename_changes_to_audited_changes.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    rename_column :audits, :changes, :audited_changes
+  end
+
+  def self.down
+    rename_column :audits, :audited_changes, :changes
+  end
+end

data/lib/generators/audited/templates/rename_parent_to_association.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    rename_column :audits, :auditable_parent_id, :association_id
+    rename_column :audits, :auditable_parent_type, :association_type
+  end
+
+  def self.down
+    rename_column :audits, :association_type, :auditable_parent_type
+    rename_column :audits, :association_id, :auditable_parent_id
+  end
+end

data/lib/generators/audited/templates/revert_polymorphic_indexes_order.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class <%= migration_class_name %> < <%= migration_parent %>
+  def self.up
+    fix_index_order_for [:associated_id, :associated_type], 'associated_index'
+    fix_index_order_for [:auditable_id, :auditable_type], 'auditable_index'
+  end
+
+  def self.down
+    fix_index_order_for [:associated_type, :associated_id], 'associated_index'
+    fix_index_order_for [:auditable_type, :auditable_id], 'auditable_index'
+  end
+
+  private
+
+  def fix_index_order_for(columns, index_name)
+    if index_exists? :audits, columns, name: index_name
+      remove_index :audits, name: index_name
+      add_index :audits, columns.reverse, name: index_name
+    end
+  end
+end