Sha256: 4784ee4eca2dcd03dbb92bd78e3c5281f09ed92f81befd623f7cf91b6774258e
Contents?: true
Size: 1.63 KB
Versions: 6
Compression:
Stored size: 1.63 KB
Contents
module InternalAffairs
module AuditedPage
extend ActiveSupport::Concern
METHODS_WITH_BODY = ['POST', 'PUT']
FORM_IGNORED_FIELDS = ['utf8', 'authenticity_token', 'commit']
def audit_page_action
yield
ensure
create_audit_log_or_fail_silently if InternalAffairs.config.audit_logs_enabled?
end
def create_audit_log_or_fail_silently
InternalAffairs::ApiUtils.create_log(
user: current_admin_user.email,
ip: audited_ip,
kind: 'request',
data: audited_data,
resources: audited_resources
)
rescue StandardError
nil
end
def audited_ip
request.env["HTTP_CF_CONNECTING_IP"] || request.ip
end
def audited_data
r = "#{request.method} #{response.status} #{request.path}"
if METHODS_WITH_BODY.include?(request.method)
r += " #{request.request_parameters.except(*FORM_IGNORED_FIELDS).to_json}"
end
r
end
def audited_resources
resources = [
{ kind: 'url', path: request.path },
{ kind: 'admin_page', admin_controller: params[:controller], admin_action: params[:action] }
]
if !(resource_class <= ActiveAdmin::Page)
association_chain.each do |parent|
next unless parent.respond_to?(:to_global_id)
resources << { kind: 'object', global_id: parent.to_global_id.to_s }
end
if params[:id].present? && resource.respond_to?(:to_global_id)
resources << { kind: 'object', global_id: resource.to_global_id.to_s }
end
end
resources
end
included do
around_action :audit_page_action
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems