audit via paper_trail

Gemfile

@@ -21,6 +21,7 @@ gem 'concerned_with', '~> 0.1.0'
 gem 'faker','~> 1.2.0'
 gem 'factory_girl_rails', '~> 4.3.0'
 gem 'validates_hostname', '~> 1.0.0', github: 'KimNorgaard/validates_hostname'
+gem 'paper_trail', '~> 3.0.0'
 
 # Interface
 gem 'mail_form', '~> 1.5.0'

Gemfile.lock

@@ -187,6 +187,9 @@ GEM
       oauth2 (~> 0.8.0)
       omniauth (~> 1.0)
     orm_adapter (0.5.0)
+    paper_trail (3.0.0)
+      activerecord (>= 3.0, < 5.0)
+      activesupport (>= 3.0, < 5.0)
     polyamorous (0.6.4)
       activerecord (>= 3.0)
     polyglot (0.3.3)
@@ -336,6 +339,7 @@ DEPENDENCIES
   oily_png (~> 1.1.0)
   omniauth (~> 1.1.4)
   omniauth-google-oauth2 (~> 0.2.2)
+  paper_trail (~> 3.0.0)
   quiet_assets (~> 1.0.1)
   rails (= 4.0.2)
   rails-settings-cached (~> 0.3.1)

app/controllers/application_controller.rb

@@ -64,4 +64,8 @@ class ApplicationController < ActionController::Base
     UserParameterSanitizer.new(User, :user, params)
   end
   
+  def user_for_paper_trail
+    current_user.to_paper_trail rescue 'Public'
+  end
+  
 end

app/models/a.rb

@@ -11,6 +11,8 @@
 # Obtained from http://www.zytrax.com/books/dns/ch8/a.html
 #
 class A < Record
+  has_paper_trail ignore: [:content, :updated_at]
+  
   validates :name, :hostname => {:allow_underscore => true, :allow_wildcard_hostname => true}
   validates :content, :presence => true, :ip => {:ip_type => :v4} # Only accept valid IPv4 addresses
 

app/models/aaaa.rb

@@ -6,6 +6,8 @@
 # @see http://www.ietf.org/rfc/rfc3596.txt
 # @see http://www.zytrax.com/books/dns/ch8/aaaa.html
 class AAAA < Record
+  has_paper_trail
+  
   validates :name, :hostname => {:allow_underscore => true, :allow_wildcard_hostname => true}
   validates :content, :presence => true, :ip => {:ip_type => :v6}
   

app/models/authentication.rb

@@ -1,3 +1,5 @@
 class Authentication < ActiveRecord::Base
+  has_paper_trail
+  
   belongs_to :user, :inverse_of => :authentications
 end

app/models/cname.rb

@@ -8,6 +8,8 @@
 # Obtained from http://www.zytrax.com/books/dns/ch8/cname.html
 #
 class CNAME < Record
+  has_paper_trail
+  
   validates :name, :hostname =>  {:allow_underscore => true, :allow_wildcard_hostname => true}
   validates :content, :presence => true, :length => { :maximum => 20000 }, :hostname2 => true
 

app/models/domain.rb

@@ -2,6 +2,7 @@ class Domain < ActiveRecord::Base
   self.inheritance_column = :sti_disabled
   nilify_blanks
   stampable
+  has_paper_trail
 
   # optional IP for create form, results in a type A record
   attr_accessor :ip

app/models/mx.rb

@@ -7,6 +7,8 @@
 # Obtained from http://www.zytrax.com/books/dns/ch8/mx.html
 #
 class MX < Record
+  has_paper_trail
+  
   validates :name, :hostname => {
     :allow_underscore => true,
     :allow_wildcard_hostname => true

app/models/ns.rb

@@ -20,6 +20,8 @@
 # Obtained from http://www.zytrax.com/books/dns/ch8/ns.html
 #
 class NS < Record
+  has_paper_trail
+  
   validates :name, :hostname => {:allow_underscore => true}
   validates :content, :presence => true, :hostname => true #, :inclusion => {:in => Settings.ns}
 

app/models/permission.rb

@@ -1,5 +1,6 @@
 class Permission < ActiveRecord::Base
   stampable
+  has_paper_trail
   
   belongs_to :domain, :inverse_of => :permissions
   belongs_to :user, :inverse_of => :permissions

app/models/soa.rb

@@ -7,6 +7,8 @@
 # Obtained from http://www.zytrax.com/books/dns/ch8/soa.html
 #
 class SOA < Record
+  has_paper_trail
+  
   validates :domain, :presence => true
   validates :domain_id, :uniqueness => true # one SOA per domain
   validates :name, :presence => true, :hostname => true

app/models/srv.rb

@@ -5,6 +5,8 @@
 # @see http://www.ietf.org/rfc/rfc2872.txt
 # @see http://www.zytrax.com/books/dns/ch8/srv.html
 class SRV < Record
+  has_paper_trail
+  
   validates :name, :hostname => {:allow_underscore => true, :allow_wildcard_hostname => true}
   validates :content, :format => /\A\d+ \d+ [A-Za-z0-9\-_.]+\z/
   # RFC 2872

app/models/txt.rb

@@ -9,6 +9,8 @@
 # 
 # Obtained from http://www.zytrax.com/books/dns/ch8/txt.html
 class TXT < Record
+  has_paper_trail
+  
   validates :name, :hostname => {:allow_underscore => true, :allow_wildcard_hostname => true}
   validates :content, :presence => true, :length => { :maximum => 255 }
   

app/models/user.rb

@@ -2,6 +2,9 @@ class User < ActiveRecord::Base
   include SentientModel
   model_stamper
   stampable
+  has_paper_trail ignore: [ :sign_in_count,
+    :last_sign_in_at, :current_sign_in_at,
+    :last_sign_in_ip, :current_sign_in_ip ]
   
   # Include default devise modules. Others available are:
   # :token_authenticatable, :encryptable, :timeoutable and :omniauthable
@@ -47,6 +50,10 @@ class User < ActiveRecord::Base
     !active? ? :deactivated : super
   end
   
+  def to_paper_trail
+    "#{id} #{email} name:#{full_name} ip:#{current_sign_in_ip} last_ip:#{last_sign_in_ip}"
+  end
+  
   delegate :can?, :cannot?, :to => :ability
   
   def ability(options = {:reload => false})

config/initializers/rails_admin.rb

@@ -35,7 +35,7 @@ RailsAdmin.config do |config|
 
   # Add models here if you want to go 'whitelist mode':
   config.included_models = [A, AAAA, Admin, CNAME, Domain, MX, NS, Permission, 
-    Record, SOA, SRV, TXT, User, BlacklistedDomain]
+    Record, SOA, SRV, TXT, User, BlacklistedDomain, PaperTrail::Version]
 
   # Application wide tried label methods for models' instances
   # config.label_methods << :description # Default is [:name, :title]

db/migrate/20140117135341_create_versions.rb

@@ -0,0 +1,18 @@
+class CreateVersions < ActiveRecord::Migration
+  def self.up
+    create_table :versions do |t|
+      t.string   :item_type, :null => false
+      t.integer  :item_id,   :null => false
+      t.string   :event,     :null => false
+      t.string   :whodunnit
+      t.text     :object
+      t.datetime :created_at
+    end
+    add_index :versions, [:item_type, :item_id]
+  end
+
+  def self.down
+    remove_index :versions, [:item_type, :item_id]
+    drop_table :versions
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20140102165905) do
+ActiveRecord::Schema.define(version: 20140117135341) do
 
   create_table "admins", force: true do |t|
     t.string   "email",                  default: "",    null: false
@@ -170,4 +170,15 @@ ActiveRecord::Schema.define(version: 20140102165905) do
   add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
   add_index "users", ["unlock_token"], name: "index_users_on_unlock_token", unique: true, using: :btree
 
+  create_table "versions", force: true do |t|
+    t.string   "item_type",  null: false
+    t.integer  "item_id",    null: false
+    t.string   "event",      null: false
+    t.string   "whodunnit"
+    t.text     "object"
+    t.datetime "created_at"
+  end
+
+  add_index "versions", ["item_type", "item_id"], name: "index_versions_on_item_type_and_item_id", using: :btree
+
 end

spec/models/domain_spec.rb

@@ -162,4 +162,10 @@ describe Domain do
     subsubdomain.reload.depth.should == 2
   end
   
+  it "audits creations" do
+    PaperTrail.enabled = true
+    expect { domain }.to change(PaperTrail::Version, :count)
+    PaperTrail.enabled = false
+  end
+  
 end

spec/models/record_spec.rb

@@ -54,4 +54,12 @@ describe Record do
     host_a_record2.should have(1).errors_on(:name)
   end
   
+  it "audits creations" do
+    PaperTrail.enabled = true
+    expect { a_record }.to change(PaperTrail::Version, :count)
+    expect { a_record.update!(name: "x.#{a_record.name}") }.to change(PaperTrail::Version, :count).by(1)
+    expect { a_record.update!(content: "127.0.0.2") }.to_not change(PaperTrail::Version, :count)
+    PaperTrail.enabled = false
+  end
+  
 end

spec/models/user_spec.rb

@@ -2,7 +2,14 @@ require 'spec_helper'
 
 describe User do
   include_context "data"
+  
   it "is valid" do
     user.should be_valid
   end
+  
+  it "audits creations" do
+    PaperTrail.enabled = true
+    expect { user }.to change(PaperTrail::Version, :count)
+    PaperTrail.enabled = false
+  end
 end