From 5fdd3bd28ab4a8181f12d439222358d180c5d7e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juan=20David=20Mart=C3=ADnez=20Cubillos?= Date: Wed, 7 Jun 2023 17:19:58 -0500 Subject: [PATCH] DEV: Implement staff logs for user columns edits (#21774) * DEV: Implement staff logs for user columns edits * deleted extra space in staff logger detail string, deleted string when no changes are made, added basic test coverage for EditDirectoryColumnsController * fixed change made to #self.staff_actions un UserHistory * implemented a method that builds the details, previous_values and new_values in a dynamic way * removed details of changes * refactored small merge --- .../edit_directory_columns_controller.rb | 27 ++++++-- app/models/user_history.rb | 6 ++ app/services/staff_action_logger.rb | 17 +++++ config/locales/client.en.yml | 1 + .../edit_directory_columns_controller_spec.rb | 63 +++++++++++++++++++ 5 files changed, 109 insertions(+), 5 deletions(-) create mode 100644 spec/requests/edit_directory_columns_controller_spec.rb diff --git a/app/controllers/edit_directory_columns_controller.rb b/app/controllers/edit_directory_columns_controller.rb index b345311ba5a..b373ef4cb9b 100644 --- a/app/controllers/edit_directory_columns_controller.rb +++ b/app/controllers/edit_directory_columns_controller.rb @@ -2,10 +2,9 @@ class EditDirectoryColumnsController < ApplicationController requires_login + before_action :ensure_staff def index - raise Discourse::NotFound unless guardian.is_staff? - ensure_user_fields_have_columns columns = DirectoryColumn.includes(:user_field).all @@ -13,7 +12,6 @@ class EditDirectoryColumnsController < ApplicationController end def update - raise Discourse::NotFound unless guardian.is_staff? params.require(:directory_columns) directory_column_params = params.permit(directory_columns: {}) directory_columns = DirectoryColumn.all @@ -26,16 +24,35 @@ class EditDirectoryColumnsController < ApplicationController raise Discourse::InvalidParameters, "Must have at least one column enabled" end + new_values = "" + previous_values = "" + staff_action_logger = StaffActionLogger.new(current_user) + directory_column_params[:directory_columns].values.each do |column_data| existing_column = directory_columns.detect { |c| c.id == column_data[:id].to_i } if ( - existing_column.enabled != column_data[:enabled] || + existing_column.enabled != ActiveModel::Type::Boolean.new.cast(column_data[:enabled]) || existing_column.position != column_data[:position].to_i ) - existing_column.update(enabled: column_data[:enabled], position: column_data[:position]) + new_value, previous_value = + staff_action_logger.edit_directory_columns_details(column_data, existing_column) + + new_values += new_value + previous_values += previous_value + + existing_column.update( + enabled: column_data[:enabled], + position: column_data[:position].to_i, + ) end end + details = {} + + staff_action_logger.log_custom( + "update_directory_columns", + { previous_value: previous_values, new_value: new_values }, + ) render json: success_json end diff --git a/app/models/user_history.rb b/app/models/user_history.rb index a8643422567..796dcd48bcb 100644 --- a/app/models/user_history.rb +++ b/app/models/user_history.rb @@ -223,6 +223,12 @@ class UserHistory < ActiveRecord::Base update_public_sidebar_section destroy_public_sidebar_section reset_bounce_score + update_directory_columns + deleted_unused_tags + renamed_tag + deleted_tag + chat_channel_status_change + chat_auto_remove_membership ] end diff --git a/app/services/staff_action_logger.rb b/app/services/staff_action_logger.rb index 6105a5cc876..c2416add4fb 100644 --- a/app/services/staff_action_logger.rb +++ b/app/services/staff_action_logger.rb @@ -46,6 +46,23 @@ class StaffActionLogger UserHistory.create!(attrs) end + def edit_directory_columns_details(column_data, directory_column) + directory_column = directory_column.attributes.transform_values(&:to_s) + previous_value = directory_column + new_value = directory_column.clone + + directory_column.each do |key, value| + if column_data[key] != value && column_data[key].present? + new_value[key] = column_data[key] + elsif key != "name" + previous_value.delete key + new_value.delete key + end + end + + [previous_value.to_json, new_value.to_json] + end + def log_post_deletion(deleted_post, opts = {}) unless deleted_post && deleted_post.is_a?(Post) raise Discourse::InvalidParameters.new(:deleted_post) diff --git a/config/locales/client.en.yml b/config/locales/client.en.yml index 4885006567a..890a67dc91d 100644 --- a/config/locales/client.en.yml +++ b/config/locales/client.en.yml @@ -5465,6 +5465,7 @@ en: revoke_moderation: "revoke moderation" backup_create: "create backup" deleted_tag: "deleted tag" + update_directory_columns: "update directory columns" deleted_unused_tags: "deleted unused tags" renamed_tag: "renamed tag" revoke_email: "revoke email" diff --git a/spec/requests/edit_directory_columns_controller_spec.rb b/spec/requests/edit_directory_columns_controller_spec.rb new file mode 100644 index 00000000000..094cc24cb42 --- /dev/null +++ b/spec/requests/edit_directory_columns_controller_spec.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +require "rspec" + +RSpec.describe EditDirectoryColumnsController do + fab!(:admin) { Fabricate(:admin) } + fab!(:normal_user) { Fabricate(:user) } + let!(:payload) do + { + directory_columns: { + "0": { + id: "1", + enabled: "true", + position: "2", + }, + "1": { + id: "2", + enabled: "true", + position: "1", + }, + }, + format: "json", + } + end + + describe "#update" do + describe "when user is an admin or moderator" do + before { sign_in(admin) } + describe "user saves a new configuration" do + it "logs the new information using StaffActionLogger" do + put edit_directory_columns_path(params: payload) + staff_log = UserHistory.last + + expect(staff_log.custom_type).to eq("update_directory_columns") + end + end + end + + describe "when user is not an admin or moderator" do + before { sign_in(normal_user) } + describe "user saves a new configuration" do + it "does not allow saving" do + put edit_directory_columns_path(params: payload) + + expect(response.status).to eq(403) + end + end + end + end + + describe "#index" do + describe "when user is not an admin or moderator" do + before { sign_in(normal_user) } + describe "user checks current configuration" do + it "does not allow the configuration to load" do + get edit_directory_columns_path << ".json" + + expect(response.status).to eq(403) + end + end + end + end +end