From 967805e0b88a4f3a0a419dc35536086cc4e68622 Mon Sep 17 00:00:00 2001
From: Blanco <blancoj@umich.edu>
Date: Fri, 12 Mar 2021 13:33:37 -0500
Subject: [PATCH] add audit functionality

---
 app/controllers/v1/audits_controller.rb       | 10 +---------
 app/jobs/repository_audit_job.rb              | 12 ++++++++++++
 app/models/user.rb                            |  4 ++++
 config/settings.yml                           |  3 +++
 spec/controllers/v1/audits_controller_spec.rb |  1 -
 5 files changed, 20 insertions(+), 10 deletions(-)
 create mode 100644 app/jobs/repository_audit_job.rb

diff --git a/app/controllers/v1/audits_controller.rb b/app/controllers/v1/audits_controller.rb
index b6eb13c9..fd5bb85d 100644
--- a/app/controllers/v1/audits_controller.rb
+++ b/app/controllers/v1/audits_controller.rb
@@ -17,16 +17,8 @@ def show
 
     def create
       collection_policy.new(current_user).authorize! :new?
+      audit = RepositoryAuditJob.perform_now(user: current_user)
 
-      packages = Package.stored
-      audit = Audit.new(user: current_user, packages: packages.count)
-
-      resource_policy.new(current_user, audit).authorize! :save?
-      audit.save
-
-      packages.each do |package|
-        AuditFixityCheckJob.perform_later(package: package, user: current_user, audit: audit)
-      end
       head 201, location: v1_audit_path(audit)
     end
 
diff --git a/app/jobs/repository_audit_job.rb b/app/jobs/repository_audit_job.rb
new file mode 100644
index 00000000..ee392eb3
--- /dev/null
+++ b/app/jobs/repository_audit_job.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class RepositoryAuditJob < ApplicationJob
+  def perform(user: User.system_user)
+    packages = Package.stored
+    audit = Audit.create(user: user, packages: packages.count)
+    packages.each do |package|
+      AuditFixityCheckJob.perform_later(package: package, user: user, audit: audit)
+    end
+    audit
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index a28ff873..16f993ac 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -12,6 +12,10 @@ class User < ApplicationRecord
   # Assign an API key
   after_initialize :add_key, on: :create
 
+  def self.system_user
+    new(username: "(system)", email: Chipmunk.config["admin_email"])
+  end
+
   def api_key
     @api_key ||= if [nil, "x"].include?(api_key_digest)
       Keycard::DigestKey.new
diff --git a/config/settings.yml b/config/settings.yml
index e2f7fdcd..4d4b1b2e 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -5,3 +5,6 @@ allow_impersonation: false
 
 # Session inactivity timeout; default to one hour
 session_timeout: 3600
+
+# Sys Admin email (used for system audit)
+admin_email: darkblue-notification@umich.edu
diff --git a/spec/controllers/v1/audits_controller_spec.rb b/spec/controllers/v1/audits_controller_spec.rb
index 63269ced..6bef785f 100644
--- a/spec/controllers/v1/audits_controller_spec.rb
+++ b/spec/controllers/v1/audits_controller_spec.rb
@@ -68,7 +68,6 @@
         # should not appear in audit since it has no storage to audit
         allow(AuditFixityCheckJob).to receive(:perform_later)
         collection_policy "AuditsPolicy", new?: true
-        resource_policy "AuditPolicy", save?: true
       end
 
       it "starts a AuditFixityCheckJob for each stored package" do