gitlab-org--gitlab-foss/app/models/audit_event.rb

# frozen_string_literal: true

class AuditEvent < ApplicationRecord
  include AfterCommitQueue
  include CreatedAtFilterable
  include BulkInsertSafe
  include EachBatch
  include PartitionedTable

  PARALLEL_PERSISTENCE_COLUMNS = [
    :author_name,
    :entity_path,
    :target_details,
    :target_type,
    :target_id
  ].freeze

  self.primary_key = :id

  partitioned_by :created_at, strategy: :monthly

  serialize :details, Hash # rubocop:disable Cop/ActiveRecordSerialize

  belongs_to :user, foreign_key: :author_id

  validates :author_id, presence: true
  validates :entity_id, presence: true
  validates :entity_type, presence: true
  validates :ip_address, ip_address: true

  scope :by_entity_type, -> (entity_type) { where(entity_type: entity_type) }
  scope :by_entity_id, -> (entity_id) { where(entity_id: entity_id) }
  scope :by_author_id, -> (author_id) { where(author_id: author_id) }
  scope :by_entity_username, -> (username) { where(entity_id: find_user_id(username)) }
  scope :by_author_username, -> (username) { where(author_id: find_user_id(username)) }

  after_initialize :initialize_details

  before_validation :sanitize_message

  # Note: The intention is to remove this once refactoring of AuditEvent
  # has proceeded further.
  #
  # See further details in the epic:
  # https://gitlab.com/groups/gitlab-org/-/epics/2765
  after_validation :parallel_persist

  def self.order_by(method)
    case method.to_s
    when 'created_asc'
      order(id: :asc)
    else
      order(id: :desc)
    end
  end

  def initialize_details
    return unless self.has_attribute?(:details)

    self.details = {} if details&.nil?
  end

  def author_name
    author&.name
  end

  def formatted_details
    details.merge(details.slice(:from, :to).transform_values(&:to_s))
  end

  def author
    lazy_author&.itself.presence || default_author_value
  end

  def lazy_author
    BatchLoader.for(author_id).batch do |author_ids, loader|
      User.select(:id, :name, :username).where(id: author_ids).find_each do |user|
        loader.call(user.id, user)
      end
    end
  end

  def as_json(options = {})
    super(options).tap do |json|
      json['ip_address'] = self.ip_address.to_s
    end
  end

  def target_type
    super || details[:target_type]
  end

  def target_id
    details[:target_id]
  end

  def target_details
    super || details[:target_details]
  end

  private

  def sanitize_message
    message = details[:custom_message]

    return unless message

    self.details = details.merge(custom_message: Sanitize.clean(message))
  end

  def default_author_value
    ::Gitlab::Audit::NullAuthor.for(author_id, self)
  end

  def parallel_persist
    PARALLEL_PERSISTENCE_COLUMNS.each do |name|
      original = self[name] || self.details[name]
      next unless original

      self[name] = self.details[name] = original
    end
  end

  def self.find_user_id(username)
    User.find_by_username(username)&.id
  end
end

AuditEvent.prepend_mod_with('AuditEvent')
Enable frozen string in app/models/*.rb Partially addresses #47424. 2018-07-25 05:30:33 -04:00			`# frozen_string_literal: true`

Inherit from ApplicationRecord instead of ActiveRecord::Base 2019-03-28 09:17:42 -04:00			`class AuditEvent < ApplicationRecord`
Add latest changes from gitlab-org/gitlab@master 2021-12-21 10:14:09 -05:00			`include AfterCommitQueue`
Add latest changes from gitlab-org/gitlab@master 2019-09-26 05:06:04 -04:00			`include CreatedAtFilterable`
Add latest changes from gitlab-org/gitlab@master 2020-07-09 14:10:09 -04:00			`include BulkInsertSafe`
Add latest changes from gitlab-org/gitlab@master 2020-10-19 11:08:58 -04:00			`include EachBatch`
Add latest changes from gitlab-org/gitlab@master 2020-12-21 07:10:22 -05:00			`include PartitionedTable`
Add latest changes from gitlab-org/gitlab@master 2020-06-11 08:08:54 -04:00
Add latest changes from gitlab-org/gitlab@master 2020-09-23 11:10:14 -04:00			`PARALLEL_PERSISTENCE_COLUMNS = [`
			`:author_name,`
			`:entity_path,`
			`:target_details,`
			`:target_type,`
			`:target_id`
			`].freeze`
Add latest changes from gitlab-org/gitlab@master 2020-07-16 14:09:35 -04:00
Add latest changes from gitlab-org/gitlab@master 2020-12-02 07:09:46 -05:00			`self.primary_key = :id`

Add latest changes from gitlab-org/gitlab@master 2020-12-21 07:10:22 -05:00			`partitioned_by :created_at, strategy: :monthly`

Rename ActiverecordSerialize cop This cop has been renamed to ActiveRecordSerialize to match the way "ActiveRecord" is usually written. 2017-07-03 10:01:41 -04:00			`serialize :details, Hash # rubocop:disable Cop/ActiveRecordSerialize`
Audit log for user authentication 2015-07-03 07:54:50 -04:00
			`belongs_to :user, foreign_key: :author_id`

			`validates :author_id, presence: true`
			`validates :entity_id, presence: true`
			`validates :entity_type, presence: true`
Add latest changes from gitlab-org/gitlab@master 2020-09-24 11:09:51 -04:00			`validates :ip_address, ip_address: true`
Audit log for user authentication 2015-07-03 07:54:50 -04:00
Add latest changes from gitlab-org/gitlab@master 2019-09-26 05:06:04 -04:00			`scope :by_entity_type, -> (entity_type) { where(entity_type: entity_type) }`
			`scope :by_entity_id, -> (entity_id) { where(entity_id: entity_id) }`
Add latest changes from gitlab-org/gitlab@master 2020-06-22 11:09:27 -04:00			`scope :by_author_id, -> (author_id) { where(author_id: author_id) }`
Add latest changes from gitlab-org/gitlab@master 2021-11-15 19:11:15 -05:00			`scope :by_entity_username, -> (username) { where(entity_id: find_user_id(username)) }`
			`scope :by_author_username, -> (username) { where(author_id: find_user_id(username)) }`
Add latest changes from gitlab-org/gitlab@master 2019-09-26 05:06:04 -04:00
Audit log for user authentication 2015-07-03 07:54:50 -04:00			`after_initialize :initialize_details`
Add latest changes from gitlab-org/gitlab@master 2021-07-01 17:08:38 -04:00
			`before_validation :sanitize_message`

Add latest changes from gitlab-org/gitlab@master 2020-07-15 08:09:26 -04:00			`# Note: The intention is to remove this once refactoring of AuditEvent`
			`# has proceeded further.`
			`#`
			`# See further details in the epic:`
			`# https://gitlab.com/groups/gitlab-org/-/epics/2765`
			`after_validation :parallel_persist`
Audit log for user authentication 2015-07-03 07:54:50 -04:00
Add latest changes from gitlab-org/gitlab@master 2020-03-18 14:09:35 -04:00			`def self.order_by(method)`
			`case method.to_s`
			`when 'created_asc'`
			`order(id: :asc)`
			`else`
			`order(id: :desc)`
			`end`
			`end`

Audit log for user authentication 2015-07-03 07:54:50 -04:00			`def initialize_details`
Add latest changes from gitlab-org/gitlab@master 2020-10-19 11:08:58 -04:00			`return unless self.has_attribute?(:details)`

			`self.details = {} if details&.nil?`
Audit log for user authentication 2015-07-03 07:54:50 -04:00			`end`

			`def author_name`
Add latest changes from gitlab-org/gitlab@master 2021-01-25 13:09:03 -05:00			`author&.name`
Audit log for user authentication 2015-07-03 07:54:50 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-26 05:06:04 -04:00
			`def formatted_details`
			`details.merge(details.slice(:from, :to).transform_values(&:to_s))`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-01-25 13:09:03 -05:00			`def author`
Add latest changes from gitlab-org/gitlab@master 2022-01-20 07:16:19 -05:00			`lazy_author&.itself.presence \|\| default_author_value`
Add latest changes from gitlab-org/gitlab@master 2021-01-25 13:09:03 -05:00			`end`

Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00			`def lazy_author`
Add latest changes from gitlab-org/gitlab@master 2021-09-29 08:11:22 -04:00			`BatchLoader.for(author_id).batch do \|author_ids, loader\|`
Add latest changes from gitlab-org/gitlab@master 2020-09-25 14:09:46 -04:00			`User.select(:id, :name, :username).where(id: author_ids).find_each do \|user\|`
Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00			`loader.call(user.id, user)`
			`end`
			`end`
			`end`

Add latest changes from gitlab-org/gitlab@master 2020-07-30 14:09:39 -04:00			`def as_json(options = {})`
			`super(options).tap do \|json\|`
			`json['ip_address'] = self.ip_address.to_s`
			`end`
			`end`

Add latest changes from gitlab-org/gitlab@master 2022-08-09 11:11:31 -04:00			`def target_type`
			`super \|\| details[:target_type]`
			`end`

			`def target_id`
			`details[:target_id]`
			`end`

			`def target_details`
			`super \|\| details[:target_details]`
			`end`

Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00			`private`

Add latest changes from gitlab-org/gitlab@master 2021-07-01 17:08:38 -04:00			`def sanitize_message`
			`message = details[:custom_message]`

			`return unless message`

			`self.details = details.merge(custom_message: Sanitize.clean(message))`
			`end`

Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00			`def default_author_value`
Add latest changes from gitlab-org/gitlab@master 2022-01-20 07:16:19 -05:00			`::Gitlab::Audit::NullAuthor.for(author_id, self)`
Add latest changes from gitlab-org/gitlab@master 2020-04-03 08:09:52 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2020-07-15 08:09:26 -04:00
			`def parallel_persist`
Add latest changes from gitlab-org/gitlab@master 2021-06-22 11:06:55 -04:00			`PARALLEL_PERSISTENCE_COLUMNS.each do \|name\|`
			`original = self[name] \|\| self.details[name]`
			`next unless original`

			`self[name] = self.details[name] = original`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-07-15 08:09:26 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2021-11-15 19:11:15 -05:00
			`def self.find_user_id(username)`
			`User.find_by_username(username)&.id`
			`end`
Audit log for user authentication 2015-07-03 07:54:50 -04:00			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00
Add latest changes from gitlab-org/gitlab@master 2021-05-11 17:10:21 -04:00			`AuditEvent.prepend_mod_with('AuditEvent')`