This repository was archived by the owner on Dec 18, 2025. It is now read-only.
This repository was archived by the owner on Dec 18, 2025. It is now read-only.
LOG: Encryptable read access #564
Description
The idea of this feature is to log all encryptable's read accesses, to make it more transparent what and when users are accessing which entries.
This feature is based on: Access- and changelog conception.
Always run the E2E-tests if you change something in the frontend, run the backend-tests if you change something in the backend and test always manually
ToDo
- Add paper trail gem papertrail
- Add db migration according to https://github.com/paper-trail-gem/paper_trail#1b-installation
- Add has_papertrail to encryptable model and restrict it to show only https://github.com/paper-trail-gem/paper_trail#2a-choosing-lifecycle-events-to-monitor
- Add before_action :set_paper_trail_whodunnit to Api::EncryptablesController, point 4 in https://github.com/paper-trail-gem/paper_trail#1b-installation
- Only add required attributes, ignore unused https://github.com/paper-trail-gem/paper_trail#2c-choosing-attributes-to-monitor
- Make sure, reading user is persisted for every log entry
- Add spec to test logging of encryptable read / show
- Add new controller Encryptables::LogsController with index action
- Add new route /api/encryptables/:id/logs
- Render all log entries for given encryptable id
- Order by date, newest on top
- Deny API user access
- Add controller specs
- Add Encryptables::LogPolicy
- Show is permitted if show access to encryptable
- Find a solution for only showing some of the present log entries if there's a lot
- pagination
- or infinite scroll
- or only display last 20 entries (sql limit 20)
- Add new tabs to encryptable: Credentials, Logs
- Add component for logs table (see mockup) -> See also hover effect: https://github.com/puzzle-bbt/kon-cryptopus-access-log-history/blob/main/README.md#log-page-minimal-example
- Add tests to ensure edge cases (E.g. user can't access logs if not in team)
- Refresh logs whenever an update on an encryptable occurs.
- Add show action to logs/display whenever someone has viewed an encryptable.
- Ensure that logs are deleted if encryptable is deleted.
- End to end test 😁