Add code to make enteries to audit when env vars change

ShahzaibAwan · ShahzaibAwan · commit 7ea9a03d8e3c · 2022-11-16T16:48:50.000+05:00
diff --git a/lib/travis/api/app/endpoint/setting_endpoint.rb b/lib/travis/api/app/endpoint/setting_endpoint.rb
@@ -2,6 +2,11 @@
 
 class Travis::Api::App
   class SettingsEndpoint < Endpoint
+    include ActiveSupport::Callbacks
+
+    define_callbacks :after_save
+
+    set_callback :after_save, :after, :save_audit
     set(:prefix) { "/settings/" << name[/[^:]+$/].underscore }
 
     class << self
@@ -38,6 +43,7 @@ def define_routes!
     # Rails style methods for easy overriding
     def index
       respond_with(collection, type: name, version: :v2)
+
     end
 
     def show
@@ -48,9 +54,13 @@ def update
       disallow_migrating!(repo)
 
       record.update(JSON.parse(request.body.read)[singular_name])
-
       if record.valid?
+        @changes = { :"env_vars" => { created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} " } }
+
         repo_settings.save
+        run_callbacks :after_save
+        @changes = {}
+
         respond_with(record, type: singular_name, version: :v2)
       else
         status 422
@@ -62,9 +72,13 @@ def create
       disallow_migrating!(repo)
 
       record = collection.create(JSON.parse(request.body.read)[singular_name])
-
       if record.valid?
+        @changes = { :"env_vars" => { created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} " } }
+
         repo_settings.save
+        run_callbacks :after_save
+        @changes = {}
+
         respond_with(record, type: singular_name, version: :v2)
       else
         status 422
@@ -76,7 +90,12 @@ def destroy
       disallow_migrating!(repo)
 
       record = collection.destroy(params[:id]) || record_not_found
+      @changes = { :"env_vars" => { destroyed: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} " } }
+
       repo_settings.save
+      run_callbacks :after_save
+      @changes = {}
+
       respond_with(record, type: singular_name, version: :v2)
     end
 
@@ -89,7 +108,7 @@ def collection
     end
 
     def repo
-      Repository.find(params[:repository_id])
+      @repo = Repository.find(params[:repository_id])
     end
 
     # This method can't be called "settings" because it clashes with
@@ -107,5 +126,16 @@ def record
     def record_not_found
       halt(404, { error: "Could not find a requested setting" })
     end
+
+    def changes
+      @changes
+    end
+
+    private
+
+    def save_audit
+      change_source = access_token.app_id == 2 ? 'admin-v2' : 'travis-api'
+      Travis::API::V3::Models::Audit.create!(owner: current_user, change_source: change_source, source: @repo, source_changes: { settings: self.changes })
+    end
   end
 end
