No commit activity in last 3 years
No release in over 3 years
Change filter, change log, and change request system. No callbacks.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 0
>= 0

Runtime

~> 1.0.0
 Project Readme

protected_record Gem VersionBuild StatusCode ClimateCoverage Status

Setup for rails applications

I've created a gem called protected_record_manager to provide the necessary migrations as well as a (very) basic interface for triaging ProtectedRecord::ChangeRequest::Record objects. You are free to use this gem without the engine, but you'll need to grab these.

Your models

Prepare your models. There's two types of models at play here:

  • User (for now I expect a User class)
# app/models/user.rb
include ProtectedRecord::ResponsibleUser
# includes ProtectedRecord::ChangeRequest::Changer
#        & ProtectedRecord::ChangeLog::Changer
  • Your records .. these are the models you want to track
# app/models/some_record.rb
include ProtectedRecord::Record
# includes ProtectedRecord::ChangeRequest::Changeling
#        & ProtectedRecord::ChangeLog::Changeling

Protected Keys

You have three options,

  1. Inject the :protected_keys option when you execute the update (this will always take precedence over option 2).
  2. Include in your record class ProtectedRecord::DirtyModel and define protected_keys there
# How to define :protected_keys in your models.
class SomeRecord < ActiveRecord::Base
  include ProtectedRecord::DirtyModel
  protected_keys :do_not_resuscitate, :organ_donor
end
  1. Your third option is to omit :protected_keys entirely. If they are not specified using either method, ProtectedRecord will use an empty array.

Usage & Function

  1. protected_record will prevent changes to attributes you specify as protected.
  2. Any attempted but prevented change will be logged as a ProtectedRecord::ChangeRequest::Record.
  3. If any changes are allowed through the filter, protected_record will create a ProtectedRecord::ChangeLog::Record to log who changed what, and for which record.
  4. Important! ProtectedRecord is opt-in only. It does not change the behavior of any AR methods, nor does it place any callbacks in your models. In order to update with protection, use the following:

In the following example, the user will be allowed to change anything except :do_not_resuscitate. Rejected changes will create ProtectedRecord::ChangeRequest::Record objects. Permitted changes will create ProtectedRecord::ChangeLog::Record objects.

ready = ProtectedRecord::Update.new({
  user:             current_user,
  params:           record_params,
  protected_record: @record,
  protected_keys:   %w{ do_not_resuscitate }
})

result = ready.execute!

result.successful? #=> true

and

# What changed
@user.change_log_records
@some_record.change_log_records

# What changes were attempted
@user.change_request_records
@some_record.change_request_records

Recent Changes

Okay, so not so recent. Rails 4 removed attr_accessible, which this gem was using. The only change to the end user should be the need to whitelist any params using strong_parameters. Since this is technically a breaking change, it's time to bump protected_record to v1.0.0.

Contributing

Please do. There's plenty that could be done to round out both the interface and the the feature set.

Issues and pull requests would be most appreciated.