DEV: Implement staff logs for user columns edits (#21774)

* DEV: Implement staff logs for user columns edits

* deleted extra space in staff logger detail string, deleted string when no changes are made, added basic test coverage for EditDirectoryColumnsController

* fixed change made to #self.staff_actions un UserHistory

* implemented a method that builds the details, previous_values and new_values in a dynamic way

* removed details of changes

* refactored small merge

app/controllers/edit_directory_columns_controller.rb

@@ -2,10 +2,9 @@
 
 class EditDirectoryColumnsController < ApplicationController
   requires_login
+  before_action :ensure_staff
 
   def index
-    raise Discourse::NotFound unless guardian.is_staff?
-
     ensure_user_fields_have_columns
 
     columns = DirectoryColumn.includes(:user_field).all
@@ -13,7 +12,6 @@ class EditDirectoryColumnsController < ApplicationController
   end
 
   def update
-    raise Discourse::NotFound unless guardian.is_staff?
     params.require(:directory_columns)
     directory_column_params = params.permit(directory_columns: {})
     directory_columns = DirectoryColumn.all
@@ -26,16 +24,35 @@ class EditDirectoryColumnsController < ApplicationController
       raise Discourse::InvalidParameters, "Must have at least one column enabled"
     end
 
+    new_values = ""
+    previous_values = ""
+    staff_action_logger = StaffActionLogger.new(current_user)
+
     directory_column_params[:directory_columns].values.each do |column_data|
       existing_column = directory_columns.detect { |c| c.id == column_data[:id].to_i }
       if (
-           existing_column.enabled != column_data[:enabled] ||
+           existing_column.enabled != ActiveModel::Type::Boolean.new.cast(column_data[:enabled]) ||
              existing_column.position != column_data[:position].to_i
          )
-        existing_column.update(enabled: column_data[:enabled], position: column_data[:position])
+        new_value, previous_value =
+          staff_action_logger.edit_directory_columns_details(column_data, existing_column)
+
+        new_values += new_value
+        previous_values += previous_value
+
+        existing_column.update(
+          enabled: column_data[:enabled],
+          position: column_data[:position].to_i,
+        )
       end
     end
 
+    details = {}
+
+    staff_action_logger.log_custom(
+      "update_directory_columns",
+      { previous_value: previous_values, new_value: new_values },
+    )
     render json: success_json
   end
 

app/models/user_history.rb

@@ -223,6 +223,12 @@ class UserHistory < ActiveRecord::Base
       update_public_sidebar_section
       destroy_public_sidebar_section
       reset_bounce_score
+      update_directory_columns
+      deleted_unused_tags
+      renamed_tag
+      deleted_tag
+      chat_channel_status_change
+      chat_auto_remove_membership
     ]
   end
 

app/services/staff_action_logger.rb

@@ -46,6 +46,23 @@ class StaffActionLogger
     UserHistory.create!(attrs)
   end
 
+  def edit_directory_columns_details(column_data, directory_column)
+    directory_column = directory_column.attributes.transform_values(&:to_s)
+    previous_value = directory_column
+    new_value = directory_column.clone
+
+    directory_column.each do |key, value|
+      if column_data[key] != value && column_data[key].present?
+        new_value[key] = column_data[key]
+      elsif key != "name"
+        previous_value.delete key
+        new_value.delete key
+      end
+    end
+
+    [previous_value.to_json, new_value.to_json]
+  end
+
   def log_post_deletion(deleted_post, opts = {})
     unless deleted_post && deleted_post.is_a?(Post)
       raise Discourse::InvalidParameters.new(:deleted_post)

config/locales/client.en.yml

@@ -5465,6 +5465,7 @@ en:
             revoke_moderation: "revoke moderation"
             backup_create: "create backup"
             deleted_tag: "deleted tag"
+            update_directory_columns: "update directory columns"
             deleted_unused_tags: "deleted unused tags"
             renamed_tag: "renamed tag"
             revoke_email: "revoke email"

spec/requests/edit_directory_columns_controller_spec.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require "rspec"
+
+RSpec.describe EditDirectoryColumnsController do
+  fab!(:admin) { Fabricate(:admin) }
+  fab!(:normal_user) { Fabricate(:user) }
+  let!(:payload) do
+    {
+      directory_columns: {
+        "0": {
+          id: "1",
+          enabled: "true",
+          position: "2",
+        },
+        "1": {
+          id: "2",
+          enabled: "true",
+          position: "1",
+        },
+      },
+      format: "json",
+    }
+  end
+
+  describe "#update" do
+    describe "when user is an admin or moderator" do
+      before { sign_in(admin) }
+      describe "user saves a new configuration" do
+        it "logs the new information using StaffActionLogger" do
+          put edit_directory_columns_path(params: payload)
+          staff_log = UserHistory.last
+
+          expect(staff_log.custom_type).to eq("update_directory_columns")
+        end
+      end
+    end
+
+    describe "when user is not an admin or moderator" do
+      before { sign_in(normal_user) }
+      describe "user saves a new configuration" do
+        it "does not allow saving" do
+          put edit_directory_columns_path(params: payload)
+
+          expect(response.status).to eq(403)
+        end
+      end
+    end
+  end
+
+  describe "#index" do
+    describe "when user is not an admin or moderator" do
+      before { sign_in(normal_user) }
+      describe "user checks current configuration" do
+        it "does not allow the configuration to load" do
+          get edit_directory_columns_path << ".json"
+
+          expect(response.status).to eq(403)
+        end
+      end
+    end
+  end
+end