Audit trail more configurable. #90
Comments
|
The way I see it, these are the problems with the current implementation
With that, here are some ideas to improve the audit trail:
const changeUserToAdmin = injection =>
usecase('Change User to Admin', {
auditTrail: {
step: (step, auditTrail) => delete auditTrail.password, // function to be executed on each step
usecase: (auditTrail) => delete auditTrail.return, // function to be executed on the end of the usecase
auditUseCaseReturn: false, // if the audit trail should return the usecase return
auditStepReturn: false, // if the audit trail should return the step return,
auditElapsedTime: false, // if the audit trail should return the elapsed time
},
'Retrieve the User': step(async ctx => {it could have multiple options, for each environment, for example: config.auditTrail = isProd ? {
auditStepReturn: false,
} : {
}
const changeUserToAdmin = injection =>
usecase('Change User to Admin', {
auditTrail: config.auditTrail,
'Retrieve the User': step(async ctx => {
uc.auditTrail.format()
// would output a readable audit trail
Audit Trail should, by default, not log sensitive data, like passwords, credit card numbers, etc. and have some convention to handle it. This could be turned off by the user, but by default, it should be on. |
|
Does it make sense to put some global configuration for herbs? I don't know if the audit trail configuration should stay as a usecase parameter for an exception as the first choice. What if I wanted all auditTrails to behave differently than the default? About your auditTrail suggestions I think many are valid, but perhaps they should be treated more generally for now. I believe that, for example, a functionality to handle sensitive data, could be discussed in another issue, because in my view this could be a configuration of the entity itself and the auditTrail just follows its configuration. |
It can be done, but as of now, we don't have a global configuration. There is a discussion about a global configuration file on the CLI, but it's not implemented yet. As a workaround, a configuration file exporting a object with the configuration can be used, as shown in the example 2 (
Like different format / structure? I thought about it, but I'm more inclined to use just one structure for all audit trails in name of interoperability. If we have different formats, future consumers of the audit trail will lose the ability to consume a standard structure. Since we have no consumers yet, we can change the structure now, but once it is defined, it will be the standard for all audit trails. Another approach for what was presented is to have different audit trails levels, like
Nice. I like the idea of having the sensitive metadata on the entity itself. After it is implemented, the audit trail must be aware of it. |
… type to ignore some fields You can also configure the output to ignore some fields of the audit trail by choosing those options (mode or output) herbsjs#90
# [2.1.0](v2.0.0...v2.1.0) (2023-03-06) ### Features * **audittrail:** now audit trail can be configured by mode or output type to ignore some fields ([41f5f8b](41f5f8b)), closes [#90](#90)
|
Fixed with #92 |
Is your feature request related to a problem? Please describe.
Today the herbs audit trail provided us with many inputs, but sometimes too much, especially when we are in a local environment (debug).
This has already generated some problems, such as writing bottlenecks, unnecessary information traffic, etc.
It would be nice to have the option of not displaying/generating a field in the audit trail.
The text was updated successfully, but these errors were encountered: