From 093cc7000bb6c86858fd32170b4168a12b55d369 Mon Sep 17 00:00:00 2001 From: baarkerlounger Date: Tue, 8 Feb 2022 17:57:30 +0000 Subject: [PATCH] Track model updates by AdminUsers --- app/concerns/admin/paper_trail.rb | 15 ++++++ config/initializers/active_admin.rb | 4 ++ .../admin/admin_users_controller_spec.rb | 26 ++++++++-- .../admin/case_logs_controller_spec.rb | 48 +++++++++++++++++- .../admin/dashboard_controller_spec.rb | 4 +- .../admin/organisations_controller_spec.rb | 50 ++++++++++++++++--- .../admin/users_controller_spec.rb | 24 +++++++-- spec/requests/case_logs_controller_spec.rb | 2 +- spec/support/controller_macros.rb | 8 --- 9 files changed, 153 insertions(+), 28 deletions(-) create mode 100644 app/concerns/admin/paper_trail.rb diff --git a/app/concerns/admin/paper_trail.rb b/app/concerns/admin/paper_trail.rb new file mode 100644 index 000000000..5558d465b --- /dev/null +++ b/app/concerns/admin/paper_trail.rb @@ -0,0 +1,15 @@ +module Admin + module PaperTrail + extend ActiveSupport::Concern + + included do + before_action :set_paper_trail_whodunnit + end + + protected + + def user_for_paper_trail + current_admin_user + end + end +end diff --git a/config/initializers/active_admin.rb b/config/initializers/active_admin.rb index 47561059e..e8014c7e2 100644 --- a/config/initializers/active_admin.rb +++ b/config/initializers/active_admin.rb @@ -340,3 +340,7 @@ end Rails.application.config.after_initialize do ActiveAdmin.application.stylesheets.delete("active_admin/print.css") end + +Rails.application.config.after_initialize do + ActiveAdmin::BaseController.include Admin::PaperTrail +end diff --git a/spec/controllers/admin/admin_users_controller_spec.rb b/spec/controllers/admin/admin_users_controller_spec.rb index e5977d830..871a198c3 100644 --- a/spec/controllers/admin/admin_users_controller_spec.rb +++ b/spec/controllers/admin/admin_users_controller_spec.rb @@ -6,8 +6,11 @@ describe Admin::AdminUsersController, type: :controller do let(:page) { Capybara::Node::Simple.new(response.body) } let(:resource_title) { "Admin Users" } let(:valid_session) { {} } + let(:signed_in_admin_user) { FactoryBot.create(:admin_user) } - login_admin_user + before do + sign_in signed_in_admin_user + end describe "Get admin users" do before do @@ -27,22 +30,30 @@ describe Admin::AdminUsersController, type: :controller do it "creates a new admin user" do expect { post :create, session: valid_session, params: params }.to change(AdminUser, :count).by(1) end + + it "tracks who created the record" do + post :create, session: valid_session, params: params + created_id = response.location.match(/[0-9]+/)[0] + whodunnit_actor = AdminUser.find_by(id: created_id).versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(signed_in_admin_user.id) + end end describe "Update admin users" do - context "when editing the form" do + context "when viewing the form" do before do get :edit, session: valid_session, params: { id: AdminUser.first.id } end - it "shows an edit form" do + it "shows the correct fields" do expect(page).to have_field("admin_user_email") expect(page).to have_field("admin_user_password") expect(page).to have_field("admin_user_password_confirmation") end end - context "when updating the form" do + context "when updating an admin user" do let(:admin_user) { FactoryBot.create(:admin_user) } let(:email) { "new_email@example.com" } let(:params) { { id: admin_user.id, admin_user: { email: email } } } @@ -55,6 +66,13 @@ describe Admin::AdminUsersController, type: :controller do admin_user.reload expect(admin_user.email).to eq(email) end + + it "tracks who updated the record" do + admin_user.reload + whodunnit_actor = admin_user.versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(signed_in_admin_user.id) + end end end end diff --git a/spec/controllers/admin/case_logs_controller_spec.rb b/spec/controllers/admin/case_logs_controller_spec.rb index 7a27443a1..1ff62e77b 100644 --- a/spec/controllers/admin/case_logs_controller_spec.rb +++ b/spec/controllers/admin/case_logs_controller_spec.rb @@ -5,14 +5,14 @@ require_relative "../../request_helper" describe Admin::CaseLogsController, type: :controller do before do RequestHelper.stub_http_requests + sign_in admin_user end render_views let(:page) { Capybara::Node::Simple.new(response.body) } let(:resource_title) { "Logs" } let(:valid_session) { {} } - - login_admin_user + let(:admin_user) { FactoryBot.create(:admin_user) } describe "Get case logs" do let!(:case_log) { FactoryBot.create(:case_log, :in_progress) } @@ -44,5 +44,49 @@ describe Admin::CaseLogsController, type: :controller do it "creates a new case log" do expect { post :create, session: valid_session, params: params }.to change(CaseLog, :count).by(1) end + + it "tracks who created the record" do + post :create, session: valid_session, params: params + created_id = response.location.match(/[0-9]+/)[0] + whodunnit_actor = CaseLog.find_by(id: created_id).versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end + end + + describe "Update case log" do + let!(:case_log) { FactoryBot.create(:case_log, :in_progress) } + + context "when viewing the edit form" do + before do + get :edit, session: valid_session, params: { id: case_log.id } + end + + it "has the correct fields" do + expect(page).to have_field("case_log_age1") + expect(page).to have_field("case_log_tenant_code") + end + end + + context "when updating the case_log" do + let(:tenant_code) { "New tenant code by Admin" } + let(:params) { { id: case_log.id, case_log: { tenant_code: tenant_code } } } + + before do + patch :update, session: valid_session, params: params + end + + it "updates the case log" do + case_log.reload + expect(case_log.tenant_code).to eq(tenant_code) + end + + it "tracks who updated the record" do + case_log.reload + whodunnit_actor = case_log.versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end + end end end diff --git a/spec/controllers/admin/dashboard_controller_spec.rb b/spec/controllers/admin/dashboard_controller_spec.rb index f23255201..aeba5aacf 100644 --- a/spec/controllers/admin/dashboard_controller_spec.rb +++ b/spec/controllers/admin/dashboard_controller_spec.rb @@ -5,14 +5,14 @@ require_relative "../../request_helper" describe Admin::DashboardController, type: :controller do before do RequestHelper.stub_http_requests + sign_in admin_user end render_views let(:page) { Capybara::Node::Simple.new(response.body) } let(:resource_title) { "Dashboard" } let(:valid_session) { {} } - - login_admin_user + let(:admin_user) { FactoryBot.create(:admin_user) } describe "Get case logs" do before do diff --git a/spec/controllers/admin/organisations_controller_spec.rb b/spec/controllers/admin/organisations_controller_spec.rb index 16dedcb69..014d13e8c 100644 --- a/spec/controllers/admin/organisations_controller_spec.rb +++ b/spec/controllers/admin/organisations_controller_spec.rb @@ -7,8 +7,11 @@ describe Admin::OrganisationsController, type: :controller do let(:resource_title) { "Organisations" } let(:valid_session) { {} } let!(:organisation) { FactoryBot.create(:organisation) } + let!(:admin_user) { FactoryBot.create(:admin_user) } - login_admin_user + before do + sign_in admin_user + end describe "Organisations" do before do @@ -22,23 +25,54 @@ describe Admin::OrganisationsController, type: :controller do end end - describe "Create admin users" do + describe "Create organisation" do let(:params) { { organisation: { name: "DLUHC" } } } it "creates a organisation" do expect { post :create, session: valid_session, params: params }.to change(Organisation, :count).by(1) end + + it "tracks who created the record" do + post :create, session: valid_session, params: params + created_id = response.location.match(/[0-9]+/)[0] + whodunnit_actor = Organisation.find_by(id: created_id).versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end end describe "Update organisation" do - before do - get :edit, session: valid_session, params: { id: organisation.id } + context "when viewing the edit form" do + before do + get :edit, session: valid_session, params: { id: organisation.id } + end + + it "has the correct fields" do + expect(page).to have_field("organisation_name") + expect(page).to have_field("organisation_provider_type") + expect(page).to have_field("organisation_phone") + end end - it "creates a new admin users" do - expect(page).to have_field("organisation_name") - expect(page).to have_field("organisation_provider_type") - expect(page).to have_field("organisation_phone") + context "when updating the organisation" do + let(:name) { "New Org Name by Admin" } + let(:params) { { id: organisation.id, organisation: { name: name } } } + + before do + patch :update, session: valid_session, params: params + end + + it "updates the organisation" do + organisation.reload + expect(organisation.name).to eq(name) + end + + it "tracks who updated the record" do + organisation.reload + whodunnit_actor = organisation.versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end end end end diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 78d97405b..9a7f7e264 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -8,8 +8,11 @@ describe Admin::UsersController, type: :controller do let(:page) { Capybara::Node::Simple.new(response.body) } let(:resource_title) { "Users" } let(:valid_session) { {} } + let!(:admin_user) { FactoryBot.create(:admin_user) } - login_admin_user + before do + sign_in admin_user + end describe "Get users" do before do @@ -39,15 +42,23 @@ describe Admin::UsersController, type: :controller do it "creates a new user" do expect { post :create, session: valid_session, params: params }.to change(User, :count).by(1) end + + it "tracks who created the record" do + post :create, session: valid_session, params: params + created_id = response.location.match(/[0-9]+/)[0] + whodunnit_actor = User.find_by(id: created_id).versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end end describe "Update users" do - context "when updating the form" do + context "when viewing the edit form" do before do get :edit, session: valid_session, params: { id: user.id } end - it "shows an edit form" do + it "has the correct fields" do expect(page).to have_field("user_email") expect(page).to have_field("user_name") expect(page).to have_field("user_organisation_id") @@ -69,6 +80,13 @@ describe Admin::UsersController, type: :controller do user.reload expect(user.name).to eq(name) end + + it "tracks who updated the record" do + user.reload + whodunnit_actor = user.versions.last.actor + expect(whodunnit_actor).to be_a(AdminUser) + expect(whodunnit_actor.id).to eq(admin_user.id) + end end end end diff --git a/spec/requests/case_logs_controller_spec.rb b/spec/requests/case_logs_controller_spec.rb index cf6cd64c9..8294af0b3 100644 --- a/spec/requests/case_logs_controller_spec.rb +++ b/spec/requests/case_logs_controller_spec.rb @@ -128,7 +128,7 @@ RSpec.describe CaseLogsController, type: :request do end it "tracks who created the record" do - created_id = response.location.match(/[1-9]+/)[0] + created_id = response.location.match(/[0-9]+/)[0] whodunnit_actor = CaseLog.find_by(id: created_id).versions.last.actor expect(whodunnit_actor).to be_a(User) expect(whodunnit_actor.id).to eq(user.id) diff --git a/spec/support/controller_macros.rb b/spec/support/controller_macros.rb index 2e21831dd..680663367 100644 --- a/spec/support/controller_macros.rb +++ b/spec/support/controller_macros.rb @@ -6,12 +6,4 @@ module ControllerMacros sign_in user end end - - def login_admin_user - before do - @request.env["devise.mapping"] = Devise.mappings[:admin_user] - admin_user = FactoryBot.create(:admin_user) - sign_in admin_user - end - end end