feature: audit logs

app/components/avo/sidebar_component.html.erb

@@ -54,6 +54,7 @@
           <% end %>
         <% end %>
 
+
         <%= render partial: "/avo/partials/sidebar_extra" %>
       </div>
     </div>

app/controllers/avo/actions_controller.rb

@@ -24,12 +24,24 @@ def show
     def handle
       resource_ids = action_params[:fields][:avo_resource_ids].split(",")
 
+      query = decrypted_query || (resource_ids.any? ? @resource.find_record(resource_ids, params: params) : [])
+      fields = action_params[:fields].except(:avo_resource_ids, :avo_selected_query)
+
+      audit(
+        activity_class: @action.class,
+        payload: {
+          fields: fields,
+          resource: resource,
+        },
+        action: __method__,
+        records: query
+      )
+
       performed_action = @action.handle_action(
-        fields: action_params[:fields].except(:avo_resource_ids, :avo_selected_query),
+        fields: fields,
         current_user: _current_user,
         resource: @resource,
-        query: decrypted_query ||
-          (resource_ids.any? ? @resource.find_record(resource_ids, params: params) : [])
+        query: query
       )
 
       @response = performed_action.response

app/controllers/avo/application_controller.rb

@@ -25,6 +25,7 @@ class ApplicationController < ::ActionController::Base
     before_action :set_view
     before_action :set_sidebar_open
     before_action :set_stylesheet_assets_path
+    before_action :set_paper_trail_whodunnit, if: -> { defined? PaperTrail }
 
     rescue_from Avo::NotAuthorizedError, with: :render_unauthorized
     rescue_from ActiveRecord::RecordInvalid, with: :exception_logger

app/controllers/avo/base_controller.rb

@@ -162,6 +162,7 @@ def create
       end
 
       # record gets instantiated and filled in the fill_record method
+      audit(activity_class: @resource.class, payload: params, action: __method__)
       saved = save_record
       @resource.hydrate(record: @record, view: :new, user: _current_user)
 
@@ -185,6 +186,8 @@ def edit
     end
 
     def update
+      audit(activity_class: @resource.class, payload: params, action: __method__, records: @record)
+
       # record gets instantiated and filled in the fill_record method
       saved = save_record
       @resource = @resource.hydrate(record: @record, view: :edit, user: _current_user)
@@ -200,6 +203,7 @@ def update
     end
 
     def destroy
+      audit(activity_class: @resource.class, payload: params, action: __method__, records: @record)
       if destroy_model
         destroy_success_action
       else

app/helpers/avo/application_helper.rb

@@ -133,6 +133,23 @@ def frame_id(resource)
       ["frame", resource.model_name.singular, resource.record.id].compact.join("-")
     end
 
+    def audit(activity_class:, payload:, action:, records: [])
+      return unless Avo.configuration.audit? && activity_class.has_avo_activity
+
+      Avo::Current.activity = Avo::Activity.create!(
+        activity_class: activity_class,
+        action: action,
+        author_id: _current_user.id,
+        author_type: _current_user.class,
+        payload: payload.to_json
+      )
+
+
+      Array(records).each do |record|
+        Avo::Current.activity.avo_activity_pivots.create!(record: record)
+      end
+    end
+
     def chart_color(index)
       Avo.configuration.branding.chart_colors[index % Avo.configuration.branding.chart_colors.length]
     end

lib/avo/configuration.rb

@@ -7,6 +7,7 @@ class Configuration
     attr_writer :root_path
     attr_writer :cache_store
     attr_writer :logger
+    attr_writer :audit
     attr_writer :turbo
     attr_accessor :timezone
     attr_accessor :per_page
@@ -101,6 +102,7 @@ def initialize
       @mount_avo_engines = true
       @cache_store = computed_cache_store
       @logger = default_logger
+      @audit = false
       @turbo = default_turbo
       @default_url_options = []
     end
@@ -160,7 +162,9 @@ def license=(value)
     def license
       gems = Gem::Specification.map {|gem| gem.name}
 
-      @license ||= if gems.include?("avo-advanced")
+      @license ||= if gems.include?("avo-audits")
+        "enterprise"
+      elsif gems.include?("avo-advanced")
         "advanced"
       elsif gems.include?("avo-pro")
         "pro"
@@ -219,6 +223,22 @@ def default_logger
       }
     end
 
+    def database_exists?
+      ActiveRecord::Base.connection
+    rescue ActiveRecord::NoDatabaseError
+      false
+    else
+      true
+    end
+
+
+    def audit?
+      Avo.plugin_manager.installed?("avo-audits") &&
+        @audit &&
+        database_exists? &&
+        ActiveRecord::Base.connection.table_exists?(:avo_activities)
+    end
+
     def turbo
       Avo::ExecutionContext.new(target: @turbo).handle
     end

lib/avo/current.rb

@@ -9,6 +9,7 @@ class Avo::Current < ActiveSupport::CurrentAttributes
   attribute :tool_manager
   attribute :plugin_manager
   attribute :locale
+  attribute :activity
 
   # The tenant attributes are here so the user can add them on their own will
   attribute :tenant_id

lib/generators/avo/templates/initializer/avo.tt

@@ -85,6 +85,9 @@ Avo.configure do |config|
   #   file_logger
   # }
 
+  ## == Audit ==
+  # config.audit = false
+
   ## == Customization ==
   # config.app_name = 'Avocadelicious'
   # config.timezone = 'UTC'

lib/tasks/avo_tasks.rake

@@ -79,7 +79,7 @@ task "avo:sym_link" do
     `touch #{packages_path}/.keep`
   end
 
-  ["avo-advanced", "avo-pro", "avo-dynamic_filters", "avo-dashboards", "avo-menu"].each do |gem|
+  ["avo-advanced", "avo-pro", "avo-dynamic_filters", "avo-dashboards", "avo-menu", "avo-audits"].each do |gem|
     path = `bundle show #{gem} 2> /dev/null`.chomp
 
     # If path is emty we check if package is defined outside of root (on release process it is)