acts_as_audited is an ActiveRecord extension that logs all changes to your models in an audits table, with optional revision comments.
In environment.rb:
Rails::Initializer.run do |config| ... config.gem 'acts_as_audited' ... end
At your application root, run:
$ rake gems:install
Generate the migration:
-
If installing without a previous version of
acts_as_auditedor you do not mind overwriting your audits table:$ script/generate audited_migration add_audits_table
-
If upgrading from a version of
acts_as_auditedthat does not contain comment functionality:$ script/generate audited_migration_update update_audits_table
-
After running one of the generators:
$ rake db:migrate
Declare acts_as_audited on your models:
class User < ActiveRecord::Base acts_as_audited :except => [:password, :mistress] end
Within a web request, will automatically record the user that made the change if your controller has a current_user method. Comments can be added to an audit by setting model.audit_comments before create/update/destroy. If the :comment_required option is given to acts_as_audited, the save/update/destroy action will fail with add an error on model.audit_comment and triggering a transaction rollback if model.audit_comment is nil.
To record a user in the audits outside of a web request, you can use as_user:
Audit.as_user(user) do # Perform changes on audited models end
To include some extra data in the audit model itself (IP address, subdomains in multi-tenancy-apps, etc.), add the needed fields to the audits table and provide a controller instance method additional_audit_attributes which returns a Hash with all the extra attributes.
If your model declares attr_accessible after acts_as_audited, you need to set :protect to false. acts_as_audited uses attr_protected internally to prevent malicious users from unassociating your audits, and Rails does not allow both attr_protected and attr_accessible. It will default to false if attr_accessible is called before acts_as_audited, but needs to be explicitly set if it is called after.
class User < ActiveRecord::Base acts_as_audited :protect => false attr_accessible :name end
Another caveat is documented in issue 26, where an audit created on the first request to the server does not have a user. Please review the Github issue for more details on how to fix this. It does not appear to affect Rails 3.
acts_as_audited works with Rails 2.1 or later.
Join the mailing list for getting help or offering suggestions:
http://groups.google.com/group/acts_as_audited
Contributions are always welcome. Checkout the latest code on GitHub:
http://github.com/collectiveidea/acts_as_audited
Please include tests with your patches. There are a few gems required to run the tests:
$ gem install multi_rails $ gem install thoughtbot-shoulda jnunemaker-matchy --source http://gems.github.com
Make sure the tests pass against all versions of Rails since 2.1:
$ rake test:multi_rails:all
Please report bugs or feature suggestions on GitHub:
http://github.com/collectiveidea/acts_as_audited/issues