Module: InternalAffairs::AuditedPage

Extended by:
ActiveSupport::Concern
Defined in:
lib/internal_affairs/audited_page.rb

Constant Summary collapse

METHODS_WITH_BODY = 
['POST', 'PUT']
FORM_IGNORED_FIELDS = 
['utf8', 'authenticity_token', 'commit']

Instance Method Summary collapse

Instance Method Details

#audit_page_actionObject 



8
9
10
11
12
 
# File 'lib/internal_affairs/audited_page.rb', line 8

def audit_page_action
  yield
ensure
  create_audit_log_or_fail_silently if InternalAffairs.config.audit_logs_enabled?
end

#audited_dataObject 



30
31
32
33
34
35
36
 
# File 'lib/internal_affairs/audited_page.rb', line 30

def audited_data
  r = "#{request.method} #{response.status} #{request.path}"
  if METHODS_WITH_BODY.include?(request.method)
    r += " #{request.request_parameters.except(*FORM_IGNORED_FIELDS).to_json}"
  end
  r
end

#audited_ipObject 



26
27
28
 
# File 'lib/internal_affairs/audited_page.rb', line 26

def audited_ip
  request.env["HTTP_CF_CONNECTING_IP"] || request.ip
end

#audited_resourcesObject 



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'lib/internal_affairs/audited_page.rb', line 38

def audited_resources
  resources = [
    { kind: 'url', path: request.path },
    { kind: 'admin_page', admin_controller: params[:controller], admin_action: params[:action] }
  ]

  if !(resource_class <= ActiveAdmin::Page)
    association_chain.each do |parent|
      next unless parent.respond_to?(:to_global_id)

      resources << { kind: 'object', global_id: parent.to_global_id.to_s }
    end

    if params[:id].present? && resource.respond_to?(:to_global_id)
      resources << { kind: 'object', global_id: resource.to_global_id.to_s }
    end
  end

  resources
end

#create_audit_log_or_fail_silentlyObject 



14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/internal_affairs/audited_page.rb', line 14

def create_audit_log_or_fail_silently
  InternalAffairs::ApiUtils.create_log(
    user: current_admin_user.email,
    ip: audited_ip,
    kind: 'request',
    data: audited_data,
    resources: audited_resources
  )
rescue StandardError
  nil
end