From 87f6f30e9777163f88e3bd5d2697590e9e18f7b7 Mon Sep 17 00:00:00 2001 From: James Rose Date: Fri, 2 Sep 2022 09:32:09 +0100 Subject: [PATCH] Record PaperTrail whodunnit for console users on production This will allow us to audit who has made changes in the console to audited records. --- config/environments/production.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/config/environments/production.rb b/config/environments/production.rb index e51b9f9aa..8e2a817ef 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -131,4 +131,20 @@ Rails.application.configure do # see https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017 config.active_record.yaml_column_permitted_classes = [Time] + + # From https://github.com/paper-trail-gem/paper_trail/wiki/Setting-whodunnit-in-the-rails-console + console do + PaperTrail.request.whodunnit = lambda { + @paper_trail_whodunnit ||= begin + email = nil + until email.present? + # rubocop:disable Rails/Output + puts "Enter your email address for PaperTrail" + # rubocop:enable Rails/Output + email = gets.chomp + end + email + end + } + end end