-
Notifications
You must be signed in to change notification settings - Fork 14
Conversation
params: format(params) | ||
) | ||
audit_record.save | ||
rescue => e |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid rescuing without specifying an error class.
@jshiell if we could disable the database via an environment variable, that would be useful for us at @ukparliament |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good so far, but like you and @mattrayner say, would be good to make the use of the table configurable via an environment variable - maybe make it write to the logs by default and have the DB logging as an opt in?
|
||
audit_record = db[:audit_records].first | ||
expect(audit_record).to_not be_nil | ||
expect(audit_record[:timestamp]).to be_between(start_time, end_time) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can use a gem called timecop
for time based testing in Ruby (https://github.com/travisjeffery/timecop). This would allow you to assert that it is the exact time and not just approximate.
…ORD_AUDIT_RECORDS=true
lib/bandiera/web_app_base.rb
Outdated
@@ -11,7 +11,12 @@ class InvalidParams < StandardError; end | |||
enable :logging | |||
enable :raise_errors if ENV['AIRBRAKE_API_KEY'] && ENV['AIRBRAKE_PROJECT_ID'] | |||
|
|||
audit_log = LoggingAuditLog.new(Bandiera.logger) | |||
audit_log = if ENV['RECORD_AUDIT_RECORDS'] && ENV['RECORD_AUDIT_RECORDS'].downcase == 'true' | |||
LoggingAuditLog.new(recording = record_audit_records) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use 2 (not -10) spaces for indentation.
Useless assignment to variable - recording.
lib/bandiera/web_app_base.rb
Outdated
@@ -11,7 +11,12 @@ class InvalidParams < StandardError; end | |||
enable :logging | |||
enable :raise_errors if ENV['AIRBRAKE_API_KEY'] && ENV['AIRBRAKE_PROJECT_ID'] | |||
|
|||
audit_log = LoggingAuditLog.new(Bandiera.logger) | |||
audit_log = if ENV['RECORD_AUDIT_RECORDS'] && ENV['RECORD_AUDIT_RECORDS'].downcase == 'true' | |||
LoggingAuditLog.new(recording = record_audit_records) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use 2 (not -10) spaces for indentation.
Useless assignment to variable - recording.
DB auditing should now only be active when env var |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
Cheers sir 😄 |
This changes the audit log to write to a database table.
There's an outstanding question as to whether we want an env var to allow this functionality to be disabled. As per the nature of audit logs, this table will grow (slowly, I hope) forever, which may not be desirable in some environments.
@ben-jones-springer-nature appreciate you're not a Rubyist, but I've added you as a reviewer as your team is the closest thing our internal Bandiera has to an owner, hence it's probably worth keeping you in the loop on upstream changes 😄