add audit functionality

app/controllers/v1/audits_controller.rb

@@ -17,16 +17,8 @@ def show
 
     def create
       collection_policy.new(current_user).authorize! :new?
+      audit = RepositoryAuditJob.perform_now(user: current_user)
 
-      packages = Package.stored
-      audit = Audit.new(user: current_user, packages: packages.count)
-
-      resource_policy.new(current_user, audit).authorize! :save?
-      audit.save
-
-      packages.each do |package|
-        AuditFixityCheckJob.perform_later(package: package, user: current_user, audit: audit)
-      end
       head 201, location: v1_audit_path(audit)
     end
 

app/jobs/repository_audit_job.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class RepositoryAuditJob < ApplicationJob
+  def perform(user: User.system_user)
+    packages = Package.stored
+    audit = Audit.create(user: user, packages: packages.count)
+    packages.each do |package|
+      AuditFixityCheckJob.perform_later(package: package, user: user, audit: audit)
+    end
+    audit
+  end
+end

app/models/user.rb

@@ -12,6 +12,10 @@ class User < ApplicationRecord
   # Assign an API key
   after_initialize :add_key, on: :create
 
+  def self.system_user
+    new(username: "(system)", email: Chipmunk.config["admin_email"])
+  end
+
   def api_key
     @api_key ||= if [nil, "x"].include?(api_key_digest)
       Keycard::DigestKey.new

config/settings.yml

@@ -5,3 +5,6 @@ allow_impersonation: false
 
 # Session inactivity timeout; default to one hour
 session_timeout: 3600
+
+# Sys Admin email (used for system audit)
+admin_email: darkblue-notification@umich.edu

spec/controllers/v1/audits_controller_spec.rb

@@ -68,7 +68,6 @@
         # should not appear in audit since it has no storage to audit
         allow(AuditFixityCheckJob).to receive(:perform_later)
         collection_policy "AuditsPolicy", new?: true
-        resource_policy "AuditPolicy", save?: true
       end
 
       it "starts a AuditFixityCheckJob for each stored package" do