search

collectiveidea / audited

Audited (formerly acts_as_audited) is an ORM extension that logs all changes to your Rails models.
MIT License
3.34k stars 645 forks source link

Readonly attributes are registered as modified #684

Closed djpremier closed 5 months ago

djpremier commented 9 months ago

In models that use attr_readonly, the specified attributes aren't modifiable after resource create, but the audit is generated regardless of the configuration and order (it registers regardless of whether attr_readonly comes before or after audited)

Example:

class User < ApplicationRecord
  attr_readonly :email

  audited
end
# All rigth, this should register
user = User.create(email: "abc@example.com")
user.email # => "abc@example.com"
audit = user.audits.last
audit.action # => "create"
audit.audited_changes # => {"email"=>[nil, "abc@example.com"]}

# Bad, this shouldn't register
user.update(email: "new@example.com")
user.email # => "abc@example.com"
audit = user.audits.last
audit.action # => "update"
audit.audited_changes # => {"email"=>["abc@example.com", "new@example.com"]}
sriddbs commented 5 months ago

am happy to take this up and submit a PR