[BO-1410] Loosen created_at query #12
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mikalai-okun
approved these changes
Feb 17, 2021
iFurt
reviewed
Feb 18, 2021
iFurt
approved these changes
Feb 18, 2021
mikalai-okun
pushed a commit
that referenced
this pull request
Jul 30, 2021
* Add a Custom Auditor mention to the README I scratched my head a bit on this one. I could only find my answer here https://github.com/collectiveidea/audited/blob/cd7065ef6fb9640a3a4e204477dd38dc0d12e50c/lib/audited/adapters/active_record/audit.rb#L40 * Use proper title * Ruby syntax highlight * Do not connect to db until needed fix collectiveidea#239 * Add missing `ruby` mark on README.md * Remove Ruby 2.0 from Travis builds 2.0 is EOL so we aren't going to explicitly test it anymore. * Remove mention of Ruby 2.0 support from README * Upgrade appraisal gem (test dependency) * Ensure upgrade tests don't use transactions This was causing issues with MySQL in tests. * Tweak travis webhook The on_start values changed. * Alias RSpec matcher methods for RSpec 3 Similar to pull collectiveidea#185, this pull should eliminate the deprecation warnings RSpec emits when using the audited RSpec matchers. Aliasing the methods should leave it compatible with earlier versions of RSpec as well. * Fixed README to avoid conflicts in rails 5. * Test that demonstrates without_auditing is not thread safe * Make temporary disabling of auditing threadsafe For compatibility with, e.g., sidekiq * Centralize `Audited.store` as thread safe variable store * Test on Ruby 2.3.1 instead of 2.3.0 on Travis CI * Update rspec-rails to 3.5.0 * Update Rails 5 tests to 5.0.0 final. * Remove rails-observers dependency from test files It is defined in the gemspec. * Bump version and update README * Tweak readme to reference new version [ci skip] * Remove uses of Audited.audit_class accessor Deprecate Audited.audit_class since it was in the README for years, but remove the setter completely. This was needed when we had both ActiveRecord and MongoMapper versions, but is not longer needed. * Clean up syntax and tests * Fix some deprecation warnings in tests * Stop testing on jruby-head The build isn't passing and I'm not using jruby so won't be personally working to get it passing. If anyone needs it, I'd love to see a PR. * Correct auditing_enabled for STI models The store used for setting and checking auditing_enabled uses `name.tableize`, which causes STI models to check the incorrect key - if auditing is disabled on the parent, children should also not be audited. * Remove ambiguous argument warnings * Update README.md Updated all badges to be SVG and added a Hakiri security badge. * Do not eagerly connect to database * Normalise singular arguments for `on` option It's idiomatic to normalise scalar arguments and I noticed this is the case for the `except` option so I modified the handling of the `on` option to suit. This means we can: ```ruby class SomethingAudited < ActiveRecord::Base audit on: :create # would previously have required # audit on: [:create] end ``` A small change but it adds some consistency and is less 'surprising' perhaps. * Allow private / protected callback declarations Prior to this change, users would have to declare publicly scoped callback handlers. * Fix auditing instance attributes if "only" option specified * Allow to pass both singular value and array to `:only` option Allow to pass both singular value and array to `:only` option Would previously have required audit only: [:password] ```ruby class SomethingAudited < ActiveRecord::Base audit only: :password end ``` * Tiny readme tweaks * Use new hash syntax * Style tweaks * Set created_at as collection cache key * Corrected a typo: an for a * Add 4.2.1 and 4.2.2 to changelog * New format for changelog This format, described by keepachangelog.com, is more common in the ruby community. More importantly, it is hoped that this format, especially the classification of changes, will help users make upgrade decisions. [ci skip] * Document 4.3.0 in changelog [ci skip] * `json` and `jsonb` as possible `audited_changes` column type, fix collectiveidea#216 - update migration - set postgres travis version to 9.4 to allow `jsonb` * Docs: Add changelog entry for PR 295 [ci skip] * Remove rails-observers dependency The `Audited::Sweeper` class made limited use of the cache sweeping functionality provided by rails-observer, mostly using it as a way to implement `Audit#before_create` on the same class that was attached around controller actions. Since there is no released version of rails-observer that's compatible with Rails 5.0 (and not in the foreseeable future without considerable refactoring), the population of IPs, users and request UUIDs is replaced by thread-local storage and the existing `Audit#before_create` methods. This is a net code reduction and somewhat simplifies the "sweeper" by removing the assumptions about how rails-observer works. * Restore non_audited_columns= configuration setter Fixes collectiveidea#320 * Document JSON installation support in ce9bd0b [skip ci] * Test Ruby on Rails 5.1, Ruby 2.4 * Update generators to use versioned AR::Migration parent * Allow custom Audit classes Classes that inherit from `Audited::Audit` can be used instead of the default by assigning `Audited.audit_class` in an initializer. Resolves collectiveidea#314 * Add .md extension to CHANGELOG [ci skip] * Bump version and refresh changelog for 4.4.0 * Fix AR/Rails gemspec dependencies to permit 5.1 * audited_changes - used .type instead of .sql_type to serialize - support for oracle * Support UUID primary keys for User (collectiveidea#333) * Call controller's current_user method during audited model creation Restores behaviour prior to 87d402a where the sweeper would call the controller's current_user method from the audited model callback. Since 87d402a, the current_user method was called from an around action callback registered on the base controller which was being called prior to other callbacks that were authenticating the user. This caused problems in apps where the user hadn't yet been set (so audit users were nil), or CSRF issues because current_user was called prior to session changes. Fixes collectiveidea#336 * Allowing using symbol keys in non_audited_columns * Bump version and refresh changelog for 4.5.0 * Fix typo in Audited RSpec Matchers Currently, the audited RSpec matchers throw an error: undefined local variable or method 'expect' for <Audited::RspecMatchers::AuditMatcher:0x007f8627d6ae48> when you use `.only` or `.except`. The issue was a typo where it was referring to a non-existent variable `expect` instead of `except`. * Remove duplicated method * Use updated AR::Dirty API to find changed attributes * Add functionality to undo changes * columns order adjusted for polymorphic indexes * Use Rails 5.1.4 instead of Rails 5.1.0.rc1 The format of gemfiles was changed by `bundle exec appraisal install`. * Add tests for Rails 5.2 Rails 5.2 is imminent so we should add support for it. * Require bundler in spec_helper This allows running specs using rake. * Simplify audited_columns No need to get the entire columns, we only need their names. Also cache them instead of calculating again on every call. * Simplify audited_changes `changes` (or `changes_to_save` in Rails>5.1) already gives us all the changes in the format we need for saving the audit, no need to build the hash again by ourselves. * update to latest rubies * don't test rails-4.x with ruby-head * Update changelog with recent changes * Normalize options on initialization and minor cleanup Normalizing options passed on audited initialization simplifies code in further steps. Also cleaned up the code a bit. * Return nil on invalid revision number (collectiveidea#384) Previously, when a `record.revision(version)` was called with a version number that was greater than the total number of revisions, it would return the last revision in the list. This changes it to return nil. collectiveidea#321 * Update Changelog * Fix duplicate decleration warnings (collectiveidea#399) * Prepare for 4.6.0 release * Reduce db calls in #revisions method * CI against ruby 2.5.0 * Remove references to removed allow_mass_assigment As pointed out in issue collectiveidea#223, allow_mass_assigment has been removed and no longer has any effect. This updates the docs to no longer talk about it as it causes confusion to users of the gem. * Optimize reconstructing attributes in #revisions * Fix migrations in tests for rails 5.2 * Update Ruby versions in travis.yml * Add inverse_of to audit relation This allows access to the audited object's relations from inside audits without reloading it from the database. This is useful, for example, if you want to check has_many relations which are deleted from the database before the audit callback is executed. * Update Ruby versions in README * Respect 'on' and 'except' options when used with 'comment_required' option (collectiveidea#419) fixes collectiveidea#418 * Add conditional and exclusionary auditing feature * Adds conditional (:if) and exclusionary (:unless) auditing feature * Updates docs for `audited` to reflect new features Upstream collectiveidea#167 * Allow limiting number of audits stored (collectiveidea#405) Adds a setting to allow limiting the maximum number of audits per object. Fixes collectiveidea#274 * fix Appriasals to match updated gemspec * Fix RSpec matchers along with a few other things. (collectiveidea#420) This commit fixes issues with the RSpec matchers, notably: - For the `except` matcher code path, `model_class.default_ignored_attributes` was being called, but that method was made protected in a previous change as discussed [here](collectiveidea@8f8495d#commitcomment-28001384). This commit makes that method public again. - Both the `on` and `except` matcher options have undergone a pretty substantial refactor. As I was fixing the original issue with `on` and `except`, I started to notice other things and addressed them. I will try to make explanatory comments on the PR to give some insight. - The matchers as a whole have undergone pretty significant changes, and I found that many of them were not working as intended, or, for example, in the case of `on`, it was a no-op. I made the changes that I thought reflected what the matchers ought to do and I also included tests (which actually ended up being extremely useful in discovering some of the bugs!) to make sure that future changes don't break anything. - The `requires_comment` matcher's behavior has changed to look for callbacks instead. I also changed the way that comment-required state validity is checked in the `Auditor`, but I will discuss that below. My reasoning for the two changes are related though - given an audited model where audit comments are required, we only care about the existence of the comment when an object is being created, if it has been changed (and subsequently updated), or if it is about to be destroyed (and of course we can include & exclude any combination of these three states with the `on` option). Previously, the presence of the comment was related to the overall state of the object itself, and I found this confusing since the comment only matters when we are _doing_ something to the object. - I have decoupled the codepaths for each option so that they could be run independently of one another (and all together, of course). I was getting some interesting behavior before, but I believe I have nailed down the correct behavior. - I will discuss anything not discussed above for the matchers in PR comments. The `Auditor` itself: - Changed the way non-audited columns were calculated. Will discuss in-line. - Revised and (hopefully) simplified the way that audit comments are required & validated. Will discuss in-line. Other comments: - As I mentioned above, I noticed some behavioral issues that I tried to address. I will talk about them more in-line and if there are any questions about particular things I did please feel free to ask. - Another thing I would like to do is a complete rework of the test suite itself (or if anyone else wants to take this up, feel free :P) In writing the tests for the matchers, I noticed many things such as audited columns for the `User` model being inconsistent, the `Audited.ignored_attributes` changing, and more. This is directly caused by the behavior of some of the tests, and I think it would be beneficial to figure out a way to rework the behavior such that what happens in one test doesn't have an impact on all the others. I also have a slight fear that some tests may in fact be returning false-positives, but I haven't looked too far into that yet. - I was wondering if it would be better to not memoize `Auditor#audited_columns` and `Auditor#non_audited_columns` since the calculations are not really intensive enough to warrant memoization, but when I did that tests were breaking left and right and so I think this really ties into my point above about the test suite. Something to keep in mind / look into. I didn't do it in this PR because there is already quite a bit going on. * Prepare for 4.7.0 release * Backport 5.2 support to 4.7 stable * Add ability to globally disable auditing (collectiveidea#426) (cherry picked from commit c48893a) * Add version to auditable_index (cherry picked from commit dc72762) * Add `all_audits` method to auditable models (cherry picked from commit 8486dec) * Rename #all_audits -> #own_and_associated_audits (cherry picked from commit fd95166) * Simplify the undo logic (collectiveidea#436) (cherry picked from commit ed4e2ec) * Fix typo in readme (cherry picked from commit 3b76fca) * Allow nested as_user auditing (collectiveidea#450) (cherry picked from commit 46e560d) * allow private methods on audited condition (cherry picked from commit 02d2e24) * Update Changelog for collectiveidea#454 (cherry picked from commit ea58b01) * fix test failing and being noisy on ruby 2.5 (cherry picked from commit 9cff81b) * avoid exceptions in threads that print their backtrace on ruby 2.5 (cherry picked from commit 250cacc) * rename instance attribute version to audit_version (collectiveidea#443) * rename instance attribute version to audit_version seems dangerous to dynamically add an accessor method called version because version is such a common name and could lead to some unexpected behaviour in applications using audited. * Deprecate version attribute to prepare for removal * Update CHANGELOG * Implement deprecation only if version not in use in audited resource * Add version deprecation to uncovered * Update SingleCov uncovered count (cherry picked from commit 0296845) * Prepare 4.8.0 release * Add setting service name on before_create * Add namespacing as config attribute * [BO-1410] Loosen created_at query (#12) * Loosen created_at query * Add fundthrough unified changes Co-authored-by: Jim <powerjim@gmail.com> Co-authored-by: Alexandros Giouzenis <alexandrosg@gmail.com> Co-authored-by: Felipe Espinoza <fespinozacast@gmail.com> Co-authored-by: Daniel Morrison <daniel@collectiveidea.com> Co-authored-by: Tim Bugai <tim@collectiveidea.com> Co-authored-by: Patrick Johnmeyer <pjohnmeyer@intoxitrack.net> Co-authored-by: paneer_tikka <neerajapte@gmail.com> Co-authored-by: Bill Kirtley <bill@West.local> Co-authored-by: Bill Kirtley <bill@spiffy.com> Co-authored-by: Tomer Brisker <tbrisker@gmail.com> Co-authored-by: Steve Richert <steve.richert@gmail.com> Co-authored-by: Vasily Vasinov <des.elyon@gmail.com> Co-authored-by: Andrew Kane <acekane1@gmail.com> Co-authored-by: Ben Lovell <benjamin.lovell@gmail.com> Co-authored-by: freemanoid <freemanoid321@gmail.com> Co-authored-by: Brandon Medenwald <brandon@simplymadeapps.com> Co-authored-by: Dana Jones <djones@larkfarm.com> Co-authored-by: Jared Beck <jared@jaredbeck.com> Co-authored-by: Dominic Cleal <dominic@cleal.org> Co-authored-by: Nick Rivadeneira <nicholas.rivadeneira@gmail.com> Co-authored-by: NileshPanchal <neil08.panchal@gmail.com> Co-authored-by: Zane Shannon <zcs@smileslaughs.com> Co-authored-by: Andrea Schiavini <metalelf0@Valhalla.local> Co-authored-by: Anthony Hernandez <roguegdi27@gmail.com> Co-authored-by: printercu <printercu@gmail.com> Co-authored-by: John Berry <ulfmagnetics@gmail.com> Co-authored-by: Enrique Barragan <ebarragan1997@gmail.com> Co-authored-by: Oleg Yakovenko <olegykz@gmail.com> Co-authored-by: Patrik Bóna <patrik.bona@mrhead.sk> Co-authored-by: Joe Francis <joe@lostapathy.com> Co-authored-by: Tomer Brisker <tbrisker@users.noreply.github.com> Co-authored-by: Jonathan Thom <jonathan.thom1990@gmail.com> Co-authored-by: fatkodima <fatkodima123@gmail.com> Co-authored-by: Tekin Suleyman <tekin@freeagent.com> Co-authored-by: Lucas Mansur <lucas.mansur2@gmail.com> Co-authored-by: Jeffrey Dill <jeffdill2@users.noreply.github.com> Co-authored-by: Valentino <valentino@reenhanced.com> Co-authored-by: Kurtis Rainbolt-Greene <kurtis@rainbolt-greene.online> Co-authored-by: Kevin Coleman <kevin.coleman@sparkstart.io> Co-authored-by: rauan <rauann.assis@gmail.com> Co-authored-by: Michael Grosser <michael@grosser.it> Co-authored-by: Patryk Ptasinski <patryk@ipepe.pl>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://fundthrough.atlassian.net/browse/BO-1410