[BSFY-181] Add env vars changes to changelog for admin

lib/travis/api/app/endpoint/setting_endpoint.rb

@@ -2,6 +2,12 @@
 
 class Travis::Api::App
   class SettingsEndpoint < Endpoint
+    include ActiveSupport::Callbacks
+    extend ActiveSupport::Concern
+
+    define_callbacks :after_save
+    set_callback :after_save, :after, :save_audit
+
     set(:prefix) { "/settings/" << name[/[^:]+$/].underscore }
 
     class << self
@@ -19,7 +25,7 @@ def subclass(name)
       end
 
       def create_settings_class(name)
-        klass = Class.new(self) do
+        Class.new(self) do
           define_method(:name) { name }
           before { authenticate_by_mode! }
           define_routes!
@@ -50,7 +56,15 @@ def update
       record.update(JSON.parse(request.body.read)[singular_name])
 
       if record.valid?
+        @changes = {
+          env_vars: {
+            created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} "
+          }
+        } if is_env_var?
+
         repo_settings.save
+        run_callbacks :after_save if is_env_var?
+
         respond_with(record, type: singular_name, version: :v2)
       else
         status 422
@@ -64,7 +78,15 @@ def create
       record = collection.create(JSON.parse(request.body.read)[singular_name])
 
       if record.valid?
+        @changes = {
+          env_vars: {
+            created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'}"
+          }
+        } if is_env_var?
+
         repo_settings.save
+        run_callbacks :after_save if is_env_var?
+
         respond_with(record, type: singular_name, version: :v2)
       else
         status 422
@@ -76,7 +98,15 @@ def destroy
       disallow_migrating!(repo)
 
       record = collection.destroy(params[:id]) || record_not_found
+      @changes = {
+        env_vars: {
+          destroyed: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} "
+        }
+      } if is_env_var?
+
       repo_settings.save
+      run_callbacks :after_save if is_env_var?
+
       respond_with(record, type: singular_name, version: :v2)
     end
 
@@ -89,15 +119,15 @@ def collection
     end
 
     def repo
-      Repository.find(params[:repository_id])
+      @repo = Repository.find(params[:repository_id])
     end
 
     # This method can't be called "settings" because it clashes with
     # Sinatra's method
     def repo_settings
       @settings ||= begin
-        service(:find_repo_settings, id: params['repository_id'].to_i).run
-      end || halt(404, error: "Couldn't find repository")
+                      service(:find_repo_settings, id: params['repository_id'].to_i).run
+                    end || halt(404, error: "Couldn't find repository")
     end
 
     def record
@@ -107,5 +137,28 @@ def record
     def record_not_found
       halt(404, { error: "Could not find a requested setting" })
     end
+
+    def changes
+      @changes
+    end
+
+    def is_env_var?
+      singular_name == 'env_var'
+    end
+
+    private
+
+    def save_audit
+      change_source = access_token.app_id == 2 ? 'admin-v2' : 'travis-api'
+      Travis::API::V3::Models::Audit.create!(
+        owner: current_user,
+        change_source: change_source,
+        source: @repo,
+        source_changes: {
+          settings: self.changes
+        }
+      )
+      @changes = {}
+    end
   end
 end

lib/travis/api/v3/models/env_vars.rb

@@ -3,15 +3,26 @@
 module Travis::API::V3
   class Models::EnvVars < Travis::Settings::Collection
     include Models::JsonSync
+    include ActiveSupport::Callbacks
+    extend ActiveSupport::Concern
+
     model Models::EnvVar
 
+    define_callbacks :after_save
+    set_callback :after_save, :after, :save_audit
+
+    attr_accessor :user, :change_source
+
     # See Models::JsonSync
     def to_h
       { 'env_vars' => map(&:to_h).map(&:stringify_keys) }
     end
 
     def create(attributes)
-      super(attributes).tap { sync! }
+      @changes = { env_vars: { created: "#{attributes.except("value")}" } }
+      env_var = super(attributes).tap { sync! }
+      run_callbacks :after_save
+      env_var
     end
 
     def add(env_var)
@@ -20,11 +31,35 @@ def add(env_var)
     end
 
     def destroy(id)
-      super(id).tap { sync! }
+      env_var = find(id)
+      @changes = { env_vars: { deleted: "#{env_var.attributes.delete("value")}" } }
+      deleted_env_var = super(id).tap { sync! }
+      run_callbacks :after_save
+      deleted_env_var
     end
 
     def repository
       @repository ||= Models::Repository.find(additional_attributes[:repository_id])
     end
+
+    def changes
+      @changes
+    end
+
+    private
+
+    def save_audit
+      if self.change_source
+        Travis::API::V3::Models::Audit.create!(
+          owner: self.user,
+          change_source: self.change_source,
+          source: self.repository,
+          source_changes: {
+            settings: self.changes
+          }
+        )
+        @changes = {}
+      end
+    end
   end
 end

lib/travis/api/v3/queries/env_var.rb

@@ -6,14 +6,21 @@ def find(repository)
       repository.env_vars.find(id)
     end
 
-    def update(env_var)
+    def update(env_var, from_admin = false)
+      env_vars = env_var.repository.env_vars
+      env_vars.user = env_var.repository.user_settings.user
+      env_vars.change_source = 'travis-api' unless from_admin
       env_var.update(env_var_params)
-      env_var.repository.env_vars.add(env_var)
+      env_vars.add(env_var)
+
       env_var
     end
 
-    def delete(repository)
-      repository.env_vars.destroy(id)
+    def delete(repository, from_admin = false)
+      env_vars = repository.env_vars
+      env_vars.user = repository.user_settings.user
+      env_vars.change_source = 'travis-api' unless from_admin
+      env_vars.destroy(id)
     end
   end
 end

lib/travis/api/v3/queries/env_vars.rb

@@ -6,14 +6,19 @@ def find(repository)
       repository.env_vars
     end
 
-    def create(repository)
-      env_var = repository.env_vars.create(env_var_params)
+    def create(repository, from_admin = false)
+      env_vars = repository.env_vars
+      env_vars.user = repository.user_settings.user
+      env_vars.change_source = 'travis-api' unless from_admin
+      env_var = env_vars.create(env_var_params)
 
       unless env_var.valid?
         repository.env_vars.destroy(env_var.id)
         handle_errors(env_var)
       end
+
       repository.save!
+
       env_var
     end
 

lib/travis/api/v3/queries/user_setting.rb

@@ -6,7 +6,7 @@ def find(repository)
       repository.user_settings.read(_name)
     end
 
-    def update(repository, user, from_admin)
+    def update(repository, user, from_admin = false)
       user_settings = repository.user_settings
       user_settings.user = user
       user_settings.change_source = 'travis-api' unless from_admin

lib/travis/api/v3/services/env_var/delete.rb

@@ -8,7 +8,9 @@ def run!
 
       env_var = find(:env_var, repository)
       access_control.permissions(env_var).write!
-      query.delete(repository) and deleted
+      app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id
+
+      query.delete(repository, app_id == 2) and deleted
     end
   end
 end

lib/travis/api/v3/services/env_var/update.rb

@@ -8,7 +8,9 @@ def run!
 
       env_var = find(:env_var, repository)
       access_control.permissions(env_var).write!
-      result query.update(env_var)
+      app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id
+
+      result query.update(env_var, app_id == 2)
     end
   end
 end

lib/travis/api/v3/services/env_vars/create.rb

@@ -7,8 +7,9 @@ def run!
       repository = check_login_and_find(:repository)
       access_control.permissions(repository).create_env_var!
       return repo_migrated if migrated?(repository)
+      app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id
 
-      env_var = query(:env_vars).create(repository)
+      env_var = query(:env_vars).create(repository, app_id == 2)
       result(env_var, status: 201)
     end
   end

spec/v3/services/env_var/delete_spec.rb

@@ -65,6 +65,10 @@
       example 'does not clobber other settings' do
         expect(repo.reload.settings['foo']).to eq 'bar'
       end
+      example 'audit is created' do
+        expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
+        expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
+      end
     end
   end
 

spec/v3/services/env_var/update_spec.rb

@@ -89,6 +89,10 @@
     example 'does not clobber other settings' do
       expect(repo.reload.settings['foo']).to eq 'bar'
     end
+    example 'audit is created' do
+      expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
+      expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
+    end
   end
 
   context do

spec/v3/services/env_vars/create_spec.rb

@@ -126,6 +126,11 @@
       example 'persists repository id' do
         expect(repo.reload.settings['env_vars'].first['repository_id']).to eq repo.id
       end
+      example 'audit is created' do
+        expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
+        expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
+        expect(Travis::API::V3::Models::Audit.last.source_changes).to eq({"settings"=>{"env_vars"=>{"created"=> "{\"name\"=>\"FOO\", \"public\"=>false}"}}}) 
+      end
     end
 
     describe 'public' do