velocity_audited 5.1.3

data/spec/audited/rspec_matchers_spec.rb

@@ -0,0 +1,69 @@
+require "spec_helper"
+
+describe Models::ActiveRecord::UserExceptPassword do
+  let(:non_audited_columns) { subject.class.non_audited_columns }
+
+  it { should_not be_audited.only(non_audited_columns) }
+  it { should be_audited.except(:password) }
+  it { should_not be_audited.requires_comment }
+  it { should be_audited.on(:create, :update, :destroy) }
+  # test chaining
+  it { should be_audited.except(:password).on(:create, :update, :destroy) }
+end
+
+describe Models::ActiveRecord::UserOnlyPassword do
+  let(:audited_columns) { subject.class.audited_columns }
+
+  it { should be_audited.only(:password) }
+  it { should_not be_audited.except(audited_columns) }
+  it { should_not be_audited.requires_comment }
+  it { should be_audited.on(:create, :update, :destroy) }
+  it { should be_audited.only(:password).on(:create, :update, :destroy) }
+end
+
+describe Models::ActiveRecord::CommentRequiredUser do
+  let(:audited_columns) { subject.class.audited_columns }
+  let(:non_audited_columns) { subject.class.non_audited_columns }
+
+  it { should_not be_audited.only(non_audited_columns) }
+  it { should_not be_audited.except(audited_columns) }
+  it { should be_audited.requires_comment }
+  it { should be_audited.on(:create, :update, :destroy) }
+  it { should be_audited.requires_comment.on(:create, :update, :destroy) }
+end
+
+describe Models::ActiveRecord::OnCreateCommentRequiredUser do
+  let(:audited_columns) { subject.class.audited_columns }
+  let(:non_audited_columns) { subject.class.non_audited_columns }
+
+  it { should_not be_audited.only(non_audited_columns) }
+  it { should_not be_audited.except(audited_columns) }
+  it { should be_audited.requires_comment }
+  it { should be_audited.on(:create) }
+  it { should_not be_audited.on(:update, :destroy) }
+  it { should be_audited.requires_comment.on(:create) }
+end
+
+describe Models::ActiveRecord::OnUpdateCommentRequiredUser do
+  let(:audited_columns) { subject.class.audited_columns }
+  let(:non_audited_columns) { subject.class.non_audited_columns }
+
+  it { should_not be_audited.only(non_audited_columns) }
+  it { should_not be_audited.except(audited_columns) }
+  it { should be_audited.requires_comment }
+  it { should be_audited.on(:update) }
+  it { should_not be_audited.on(:create, :destroy) }
+  it { should be_audited.requires_comment.on(:update) }
+end
+
+describe Models::ActiveRecord::OnDestroyCommentRequiredUser do
+  let(:audited_columns) { subject.class.audited_columns }
+  let(:non_audited_columns) { subject.class.non_audited_columns }
+
+  it { should_not be_audited.only(non_audited_columns) }
+  it { should_not be_audited.except(audited_columns) }
+  it { should be_audited.requires_comment }
+  it { should be_audited.on(:destroy) }
+  it { should_not be_audited.on(:create, :update) }
+  it { should be_audited.requires_comment.on(:destroy) }
+end

data/spec/audited/sweeper_spec.rb

@@ -0,0 +1,133 @@
+require "spec_helper"
+
+SingleCov.covered!
+
+class AuditsController < ActionController::Base
+  before_action :populate_user
+
+  attr_reader :company
+
+  def create
+    @company = Models::ActiveRecord::Company.create
+    head :ok
+  end
+
+  def update
+    current_user.update!(password: "foo")
+    head :ok
+  end
+
+  private
+
+  attr_accessor :current_user
+  attr_accessor :custom_user
+
+  def populate_user
+  end
+end
+
+describe AuditsController do
+  include RSpec::Rails::ControllerExampleGroup
+  render_views
+
+  before do
+    Audited::Railtie.initializers.each(&:run)
+    Audited.current_user_method = :current_user
+  end
+
+  let(:user) { create_user }
+
+  describe "POST audit" do
+    it "should audit user" do
+      controller.send(:current_user=, user)
+      expect {
+        post :create
+      }.to change(Audited::Audit, :count)
+
+      expect(controller.company.audits.last.user).to eq(user)
+    end
+
+    it "does not audit when method is not found" do
+      controller.send(:current_user=, user)
+      Audited.current_user_method = :nope
+      expect {
+        post :create
+      }.to change(Audited::Audit, :count)
+      expect(controller.company.audits.last.user).to eq(nil)
+    end
+
+    it "should support custom users for sweepers" do
+      controller.send(:custom_user=, user)
+      Audited.current_user_method = :custom_user
+
+      expect {
+        post :create
+      }.to change(Audited::Audit, :count)
+
+      expect(controller.company.audits.last.user).to eq(user)
+    end
+
+    it "should record the remote address responsible for the change" do
+      request.env["REMOTE_ADDR"] = "1.2.3.4"
+      controller.send(:current_user=, user)
+
+      post :create
+
+      expect(controller.company.audits.last.remote_address).to eq("1.2.3.4")
+    end
+
+    it "should record a UUID for the web request responsible for the change" do
+      allow_any_instance_of(ActionDispatch::Request).to receive(:uuid).and_return("abc123")
+      controller.send(:current_user=, user)
+
+      post :create
+
+      expect(controller.company.audits.last.request_uuid).to eq("abc123")
+    end
+
+    it "should call current_user after controller callbacks" do
+      expect(controller).to receive(:populate_user) do
+        controller.send(:current_user=, user)
+      end
+
+      expect {
+        post :create
+      }.to change(Audited::Audit, :count)
+
+      expect(controller.company.audits.last.user).to eq(user)
+    end
+  end
+
+  describe "PUT update" do
+    it "should not save blank audits" do
+      controller.send(:current_user=, user)
+
+      expect {
+        put :update, params: {id: 123}
+      }.to_not change(Audited::Audit, :count)
+    end
+  end
+end
+
+describe Audited::Sweeper do
+  it "should be thread-safe" do
+    instance = Audited::Sweeper.new
+
+    t1 = Thread.new do
+      sleep 0.5
+      instance.controller = "thread1 controller instance"
+      expect(instance.controller).to eq("thread1 controller instance")
+    end
+
+    t2 = Thread.new do
+      instance.controller = "thread2 controller instance"
+      sleep 1
+      expect(instance.controller).to eq("thread2 controller instance")
+    end
+
+    t1.join
+    t2.join
+
+    expect(instance.controller).to be_nil
+  end
+end

data/spec/audited_spec.rb

@@ -0,0 +1,18 @@
+require "spec_helper"
+
+describe Audited do
+  describe "#store" do
+    describe "maintains state of store" do
+      let(:current_user) { "current_user" }
+      before { Audited.store[:current_user] = current_user }
+
+      it "when executed without fibers" do
+        expect(Audited.store[:current_user]).to eq(current_user)
+      end
+
+      it "when executed with Fibers" do
+        Fiber.new { expect(Audited.store[:current_user]).to eq(current_user) }.resume
+      end
+    end
+  end
+end

data/spec/audited_spec_helpers.rb

@@ -0,0 +1,32 @@
+module AuditedSpecHelpers
+  def create_user(attrs = {})
+    Models::ActiveRecord::User.create({name: "Brandon", username: "brandon", password: "password", favourite_device: "Android Phone"}.merge(attrs))
+  end
+
+  def build_user(attrs = {})
+    Models::ActiveRecord::User.new({name: "darth", username: "darth", password: "noooooooo"}.merge(attrs))
+  end
+
+  def create_versions(n = 2, attrs = {})
+    Models::ActiveRecord::User.create(name: "Foobar 1", **attrs).tap do |u|
+      (n - 1).times do |i|
+        u.update_attribute :name, "Foobar #{i + 2}"
+      end
+      u.reload
+    end
+  end
+
+  def run_migrations(direction, migrations_paths, target_version = nil)
+    if rails_below?("5.2.0.rc1")
+      ActiveRecord::Migrator.send(direction, migrations_paths, target_version)
+    elsif rails_below?("6.0.0.rc1")
+      ActiveRecord::MigrationContext.new(migrations_paths).send(direction, target_version)
+    else
+      ActiveRecord::MigrationContext.new(migrations_paths, ActiveRecord::SchemaMigration).send(direction, target_version)
+    end
+  end
+
+  def rails_below?(rails_version)
+    Gem::Version.new(Rails::VERSION::STRING) < Gem::Version.new(rails_version)
+  end
+end

data/spec/rails_app/app/assets/config/manifest.js

@@ -0,0 +1,2 @@
+//= link application.js
+//= link application.css

data/spec/rails_app/config/application.rb

@@ -0,0 +1,13 @@
+require "active_record/railtie"
+
+module RailsApp
+  class Application < Rails::Application
+    config.root = File.expand_path("../../", __FILE__)
+    config.i18n.enforce_available_locales = true
+  end
+end
+
+require "active_record/connection_adapters/sqlite3_adapter"
+if ActiveRecord::ConnectionAdapters::SQLite3Adapter.respond_to?(:represent_boolean_as_integer)
+  ActiveRecord::ConnectionAdapters::SQLite3Adapter.represent_boolean_as_integer = true
+end

data/spec/rails_app/config/database.yml

@@ -0,0 +1,26 @@
+sqlite3mem: &SQLITE3MEM
+  adapter: sqlite3
+  database: ":memory:"
+
+sqlite3: &SQLITE
+  adapter: sqlite3
+  database: audited_test.sqlite3.db
+
+postgresql: &POSTGRES
+  adapter: postgresql
+  username: postgres
+  password: postgres
+  host: localhost
+  database: audited_test
+  min_messages: ERROR
+
+mysql: &MYSQL
+  adapter: mysql2
+  host: localhost
+  username: root
+  password: root
+  database: audited_test
+  charset: utf8
+
+test:
+  <<: *<%= ENV['DB'] || 'SQLITE3MEM' %>

data/spec/rails_app/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path("../application", __FILE__)
+
+# Initialize the rails application
+RailsApp::Application.initialize!

data/spec/rails_app/config/environments/test.rb

@@ -0,0 +1,47 @@
+RailsApp::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
+  # Configure static file server for tests with Cache-Control for performance.
+  if config.respond_to?(:public_file_server)
+    config.public_file_server.enabled = true
+    config.public_file_server.headers = {"Cache-Control" => "public, max-age=3600"}
+  else
+    config.static_cache_control = "public, max-age=3600"
+    config.serve_static_files = true
+  end
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local = true
+  # config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  # config.action_controller.allow_forgery_protection = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  # config.action_mailer.delivery_method = :test
+
+  # Randomize the order test cases are executed.
+  config.active_support.test_order = :random
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end

data/spec/rails_app/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+Rails.backtrace_cleaner.remove_silencers!

data/spec/rails_app/config/initializers/inflections.rb

@@ -0,0 +1,2 @@
+ActiveSupport::Inflector.inflections do |inflect|
+end

data/spec/rails_app/config/initializers/secret_token.rb

@@ -0,0 +1,3 @@
+Rails.application.config.secret_token = "ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571"
+Rails.application.config.session_store :cookie_store, key: "_my_app"
+Rails.application.config.secret_key_base = "secret value"

data/spec/rails_app/config/routes.rb

@@ -0,0 +1,3 @@
+Rails.application.routes.draw do
+  resources :audits
+end

data/spec/spec_helper.rb

@@ -0,0 +1,24 @@
+ENV["RAILS_ENV"] = "test"
+require "bundler/setup"
+require "single_cov"
+SingleCov.setup :rspec
+
+if Bundler.definition.dependencies.map(&:name).include?("protected_attributes")
+  require "protected_attributes"
+end
+require "rails_app/config/environment"
+require "rspec/rails"
+require "audited"
+require "audited-rspec"
+require "audited_spec_helpers"
+require "support/active_record/models"
+
+SPEC_ROOT = Pathname.new(File.expand_path("../", __FILE__))
+
+Dir[SPEC_ROOT.join("support/*.rb")].sort.each { |f| require f }
+
+RSpec.configure do |config|
+  config.include AuditedSpecHelpers
+  config.use_transactional_fixtures = false if Rails.version.start_with?("4.")
+  config.use_transactional_tests = false if config.respond_to?(:use_transactional_tests=)
+end

data/spec/support/active_record/models.rb

@@ -0,0 +1,151 @@
+require "cgi"
+require File.expand_path("../schema", __FILE__)
+
+module Models
+  module ActiveRecord
+    class User < ::ActiveRecord::Base
+      audited except: :password
+      attribute :non_column_attr if Rails.version >= "5.1"
+      attr_protected :logins if respond_to?(:attr_protected)
+      enum status: {active: 0, reliable: 1, banned: 2}
+      serialize :phone_numbers, Array
+
+      def name=(val)
+        write_attribute(:name, CGI.escapeHTML(val))
+      end
+    end
+
+    class UserExceptPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      audited except: :password
+    end
+
+    class UserOnlyPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      attribute :non_column_attr if Rails.version >= "5.1"
+      audited only: :password
+    end
+
+    class UserRedactedPassword < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password
+    end
+
+    class UserMultipleRedactedAttributes < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: [:password, :ssn]
+    end
+
+    class UserRedactedPasswordCustomRedaction < ::ActiveRecord::Base
+      self.table_name = :users
+      audited redacted: :password, redaction_value: ["My", "Custom", "Value", 7]
+    end
+
+    class CommentRequiredUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited except: :password, comment_required: true
+    end
+
+    class OnCreateCommentRequiredUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited comment_required: true, on: :create
+    end
+
+    class OnUpdateCommentRequiredUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited comment_required: true, on: :update
+    end
+
+    class OnDestroyCommentRequiredUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited comment_required: true, on: :destroy
+    end
+
+    class NoUpdateWithCommentOnlyUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited update_with_comment_only: false
+    end
+
+    class AccessibleAfterDeclarationUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited
+      attr_accessible :name, :username, :password if respond_to?(:attr_accessible)
+    end
+
+    class AccessibleBeforeDeclarationUser < ::ActiveRecord::Base
+      self.table_name = :users
+      attr_accessible :name, :username, :password if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
+      audited
+    end
+
+    class NoAttributeProtectionUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited
+    end
+
+    class UserWithAfterAudit < ::ActiveRecord::Base
+      self.table_name = :users
+      audited
+      attr_accessor :bogus_attr, :around_attr
+
+      private
+
+      def after_audit
+        self.bogus_attr = "do something"
+      end
+
+      def around_audit
+        self.around_attr = yield
+      end
+    end
+
+    class MaxAuditsUser < ::ActiveRecord::Base
+      self.table_name = :users
+      audited max_audits: 5
+    end
+
+    class Company < ::ActiveRecord::Base
+      audited
+    end
+
+    class Company::STICompany < Company
+    end
+
+    class Owner < ::ActiveRecord::Base
+      self.table_name = "users"
+      audited
+      has_associated_audits
+      has_many :companies, class_name: "OwnedCompany", dependent: :destroy
+    end
+
+    class OwnedCompany < ::ActiveRecord::Base
+      self.table_name = "companies"
+      belongs_to :owner, class_name: "Owner"
+      attr_accessible :name, :owner if respond_to?(:attr_accessible) # declare attr_accessible before calling aaa
+      audited associated_with: :owner
+    end
+
+    class OwnedCompany::STICompany < OwnedCompany
+    end
+
+    class OnUpdateDestroy < ::ActiveRecord::Base
+      self.table_name = "companies"
+      audited on: [:update, :destroy]
+    end
+
+    class OnCreateDestroy < ::ActiveRecord::Base
+      self.table_name = "companies"
+      audited on: [:create, :destroy]
+    end
+
+    class OnCreateDestroyExceptName < ::ActiveRecord::Base
+      self.table_name = "companies"
+      audited except: :name, on: [:create, :destroy]
+    end
+
+    class OnCreateUpdate < ::ActiveRecord::Base
+      self.table_name = "companies"
+      audited on: [:create, :update]
+    end
+  end
+end

data/spec/support/active_record/postgres/1_change_audited_changes_type_to_json.rb

@@ -0,0 +1,11 @@
+class ChangeAuditedChangesTypeToJson < ActiveRecord::Migration[5.0]
+  def self.up
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :json
+  end
+
+  def self.down
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :text
+  end
+end

data/spec/support/active_record/postgres/2_change_audited_changes_type_to_jsonb.rb

@@ -0,0 +1,11 @@
+class ChangeAuditedChangesTypeToJsonb < ActiveRecord::Migration[5.0]
+  def self.up
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :jsonb
+  end
+
+  def self.down
+    remove_column :audits, :audited_changes
+    add_column :audits, :audited_changes, :text
+  end
+end

data/spec/support/active_record/schema.rb

@@ -0,0 +1,90 @@
+require "active_record"
+require "logger"
+
+begin
+  if ActiveRecord.version >= Gem::Version.new("6.1.0")
+    db_config = ActiveRecord::Base.configurations.configs_for(env_name: Rails.env).first
+    ActiveRecord::Tasks::DatabaseTasks.create(db_config)
+  else
+    db_config = ActiveRecord::Base.configurations[Rails.env].clone
+    db_type = db_config["adapter"]
+    db_name = db_config.delete("database")
+    raise StandardError.new("No database name specified.") if db_name.blank?
+    if db_type == "sqlite3"
+      db_file = Pathname.new(__FILE__).dirname.join(db_name)
+      db_file.unlink if db_file.file?
+    else
+      if defined?(JRUBY_VERSION)
+        db_config.symbolize_keys!
+        db_config[:configure_connection] = false
+      end
+      adapter = ActiveRecord::Base.send("#{db_type}_connection", db_config)
+      adapter.recreate_database db_name, db_config.slice("charset").symbolize_keys
+      adapter.disconnect!
+    end
+  end
+rescue => e
+  Kernel.warn e
+end
+
+logfile = Pathname.new(__FILE__).dirname.join("debug.log")
+logfile.unlink if logfile.file?
+ActiveRecord::Base.logger = Logger.new(logfile)
+
+ActiveRecord::Migration.verbose = false
+ActiveRecord::Base.establish_connection
+
+ActiveRecord::Schema.define do
+  create_table :users do |t|
+    t.column :name, :string
+    t.column :username, :string
+    t.column :password, :string
+    t.column :activated, :boolean
+    t.column :status, :integer, default: 0
+    t.column :suspended_at, :datetime
+    t.column :logins, :integer, default: 0
+    t.column :created_at, :datetime
+    t.column :updated_at, :datetime
+    t.column :favourite_device, :string
+    t.column :ssn, :integer
+    t.column :phone_numbers, :string
+  end
+
+  create_table :companies do |t|
+    t.column :name, :string
+    t.column :owner_id, :integer
+    t.column :type, :string
+  end
+
+  create_table :authors do |t|
+    t.column :name, :string
+  end
+
+  create_table :books do |t|
+    t.column :authord_id, :integer
+    t.column :title, :string
+  end
+
+  create_table :audits do |t|
+    t.column :auditable_id, :integer
+    t.column :auditable_type, :string
+    t.column :associated_id, :integer
+    t.column :associated_type, :string
+    t.column :user_id, :integer
+    t.column :user_type, :string
+    t.column :username, :string
+    t.column :action, :string
+    t.column :audited_changes, :text
+    t.column :version, :integer, default: 0
+    t.column :comment, :string
+    t.column :remote_address, :string
+    t.column :request_uuid, :string
+    t.column :created_at, :datetime
+  end
+
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:associated_id, :associated_type], name: "associated_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
+  add_index :audits, :request_uuid
+  add_index :audits, :created_at
+end

data/test/db/version_1.rb

@@ -0,0 +1,17 @@
+ActiveRecord::Schema.define do
+  create_table :audits, force: true do |t|
+    t.column :auditable_id, :integer
+    t.column :auditable_type, :string
+    t.column :user_id, :integer
+    t.column :user_type, :string
+    t.column :username, :string
+    t.column :action, :string
+    t.column :changes, :text
+    t.column :version, :integer, default: 0
+    t.column :created_at, :datetime
+  end
+
+  add_index :audits, [:auditable_id, :auditable_type], name: "auditable_index"
+  add_index :audits, [:user_id, :user_type], name: "user_index"
+  add_index :audits, :created_at
+end