Updating Audit Schema generation. Updating tests. Updating README.

Author: leonardorb

README.md

@@ -64,15 +64,15 @@ SERVER_PORT=""
 
 ## Setup
 
-1. Create a local `app` database. `$ createdb app_local;` (audit is currently mapped to it **TODO**)
-2. Create a `.env.local` file on the root of the project based on `.env.example`
+1. Create a `.env.local` file on the root of the project based on `.env.example`
+2. Create a local `app` database. `$ createdb <DB_NAME>;`
 3. Execute `$ npm run setup:local`
 4. Start the development server running `$ npm run dev`
 
 ## Running Tests
 
-1. Create a test `app` database. `$ createdb app_test;` (audit is currently mapped to it **TODO**)
-2. Create a `.env.test` file on the root of the project based on `.env.example`
+1. Create a `.env.test` file on the root of the project based on `.env.example`
+2. Create a test `app` database. `$ createdb <DB_NAME>;`
 3. Execute `$ npm run setup:test`
 4. Run `$ npm test`
 

src/__tests__/packages/api/resources/users/controller.test.ts

@@ -3,8 +3,9 @@ import { server } from '~/__tests__/config/helpers'
 describe('Users Controller', () => {
   it('should list Users', async () => {
     const res = await server.get('/users')
+    const { status, body } = res
 
-    expect(res.status).toBe(200)
-    expect(res.body.length).not.toBe(0)
+    expect(status).toBe(200)
+    expect(body.length >= 0).toBeTruthy()
   })
 })

src/packages/database/helpers/installDatabaseAudit.ts

@@ -1,5 +1,7 @@
 // tslint:disable:max-line-length
 
+const auditSchema = process.env.DB_AUDIT_SCHEMA
+
 export const auditSQL = `
 -- An audit history is important on most tables. Provide an audit trigger that logs to
 -- a dedicated audit table for the major relations.
@@ -17,10 +19,10 @@ export const auditSQL = `
 
 CREATE EXTENSION IF NOT EXISTS hstore;
 
-CREATE SCHEMA app_audit;
-REVOKE ALL ON SCHEMA app_audit FROM public;
+CREATE SCHEMA ${auditSchema};
+REVOKE ALL ON SCHEMA ${auditSchema} FROM public;
 
-COMMENT ON SCHEMA app_audit IS 'Out-of-table audit/history logging tables and trigger functions';
+COMMENT ON SCHEMA ${auditSchema} IS 'Out-of-table audit/history logging tables and trigger functions';
 
 --
 -- Audited data. Lots of information is available, it's just a matter of how much
@@ -39,7 +41,7 @@ COMMENT ON SCHEMA app_audit IS 'Out-of-table audit/history logging tables and tr
 -- you're interested in, into a temporary table where you CREATE any useful
 -- indexes and do your analysis.
 --
-CREATE TABLE app_audit.logged_actions (
+CREATE TABLE ${auditSchema}.logged_actions (
     event_id bigserial primary key,
     schema_name text not null,
     table_name text not null,
@@ -59,46 +61,46 @@ CREATE TABLE app_audit.logged_actions (
     statement_only boolean not null
 );
 
-REVOKE ALL ON app_audit.logged_actions FROM public;
-
-COMMENT ON TABLE app_audit.logged_actions IS 'History of auditable actions on audited tables, from app_audit.if_modified_func()';
-COMMENT ON COLUMN app_audit.logged_actions.event_id IS 'Unique identifier for each auditable event';
-COMMENT ON COLUMN app_audit.logged_actions.schema_name IS 'Database schema audited table for this event is in';
-COMMENT ON COLUMN app_audit.logged_actions.table_name IS 'Non-schema-qualified table name of table event occurred in';
-COMMENT ON COLUMN app_audit.logged_actions.relid IS 'Table OID. Changes with drop/create. Get with ''tablename''::regclass';
-COMMENT ON COLUMN app_audit.logged_actions.session_user_name IS 'Login / session user whose statement caused the audited event';
-COMMENT ON COLUMN app_audit.logged_actions.action_tstamp_tx IS 'Transaction start timestamp for tx in which audited event occurred';
-COMMENT ON COLUMN app_audit.logged_actions.action_tstamp_stm IS 'Statement start timestamp for tx in which audited event occurred';
-COMMENT ON COLUMN app_audit.logged_actions.action_tstamp_clk IS 'Wall clock time at which audited event''s trigger call occurred';
-COMMENT ON COLUMN app_audit.logged_actions.transaction_id IS 'Identifier of transaction that made the change. May wrap, but unique paired with action_tstamp_tx.';
-COMMENT ON COLUMN app_audit.logged_actions.client_addr IS 'IP address of client that issued query. Null for unix domain socket.';
-COMMENT ON COLUMN app_audit.logged_actions.client_port IS 'Remote peer IP port address of client that issued query. Undefined for unix socket.';
-COMMENT ON COLUMN app_audit.logged_actions.client_query IS 'Top-level query that caused this auditable event. May be more than one statement.';
-COMMENT ON COLUMN app_audit.logged_actions.application_name IS 'Application name set when this audit event occurred. Can be changed in-session by client.';
-COMMENT ON COLUMN app_audit.logged_actions.action IS 'Action type; I = insert, D = delete, U = update, T = truncate';
-COMMENT ON COLUMN app_audit.logged_actions.row_data IS 'Record value. Null for statement-level trigger. For INSERT this is the new tuple. For DELETE and UPDATE it is the old tuple.';
-COMMENT ON COLUMN app_audit.logged_actions.changed_fields IS 'New values of fields changed by UPDATE. Null except for row-level UPDATE events.';
-COMMENT ON COLUMN app_audit.logged_actions.statement_only IS '''t'' if audit event is from an FOR EACH STATEMENT trigger, ''f'' for FOR EACH ROW';
-
-CREATE INDEX logged_actions_relid_idx ON app_audit.logged_actions(relid);
-CREATE INDEX logged_actions_action_tstamp_tx_stm_idx ON app_audit.logged_actions(action_tstamp_stm);
-CREATE INDEX logged_actions_action_idx ON app_audit.logged_actions(action);
-
-CREATE OR REPLACE FUNCTION app_audit.if_modified_func() RETURNS TRIGGER AS $body$
+REVOKE ALL ON ${auditSchema}.logged_actions FROM public;
+
+COMMENT ON TABLE ${auditSchema}.logged_actions IS 'History of auditable actions on audited tables, from ${auditSchema}.if_modified_func()';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.event_id IS 'Unique identifier for each auditable event';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.schema_name IS 'Database schema audited table for this event is in';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.table_name IS 'Non-schema-qualified table name of table event occurred in';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.relid IS 'Table OID. Changes with drop/create. Get with ''tablename''::regclass';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.session_user_name IS 'Login / session user whose statement caused the audited event';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.action_tstamp_tx IS 'Transaction start timestamp for tx in which audited event occurred';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.action_tstamp_stm IS 'Statement start timestamp for tx in which audited event occurred';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.action_tstamp_clk IS 'Wall clock time at which audited event''s trigger call occurred';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.transaction_id IS 'Identifier of transaction that made the change. May wrap, but unique paired with action_tstamp_tx.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.client_addr IS 'IP address of client that issued query. Null for unix domain socket.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.client_port IS 'Remote peer IP port address of client that issued query. Undefined for unix socket.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.client_query IS 'Top-level query that caused this auditable event. May be more than one statement.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.application_name IS 'Application name set when this audit event occurred. Can be changed in-session by client.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.action IS 'Action type; I = insert, D = delete, U = update, T = truncate';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.row_data IS 'Record value. Null for statement-level trigger. For INSERT this is the new tuple. For DELETE and UPDATE it is the old tuple.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.changed_fields IS 'New values of fields changed by UPDATE. Null except for row-level UPDATE events.';
+COMMENT ON COLUMN ${auditSchema}.logged_actions.statement_only IS '''t'' if audit event is from an FOR EACH STATEMENT trigger, ''f'' for FOR EACH ROW';
+
+CREATE INDEX logged_actions_relid_idx ON ${auditSchema}.logged_actions(relid);
+CREATE INDEX logged_actions_action_tstamp_tx_stm_idx ON ${auditSchema}.logged_actions(action_tstamp_stm);
+CREATE INDEX logged_actions_action_idx ON ${auditSchema}.logged_actions(action);
+
+CREATE OR REPLACE FUNCTION ${auditSchema}.if_modified_func() RETURNS TRIGGER AS $body$
 DECLARE
-    audit_row app_audit.logged_actions;
+    audit_row ${auditSchema}.logged_actions;
     include_values boolean;
     log_diffs boolean;
     h_old hstore;
     h_new hstore;
     excluded_cols text[] = ARRAY[]::text[];
 BEGIN
     IF TG_WHEN <> 'AFTER' THEN
-        RAISE EXCEPTION 'app_audit.if_modified_func() may only run as an AFTER trigger';
+        RAISE EXCEPTION '${auditSchema}.if_modified_func() may only run as an AFTER trigger';
     END IF;
 
     audit_row = ROW(
-        nextval('app_audit.logged_actions_event_id_seq'), -- event_id
+        nextval('${auditSchema}.logged_actions_event_id_seq'), -- event_id
         TG_TABLE_SCHEMA::text,                        -- schema_name
         TG_TABLE_NAME::text,                          -- table_name
         TG_RELID,                                     -- relation OID for much quicker searches
@@ -138,18 +140,18 @@ BEGIN
     ELSIF (TG_LEVEL = 'STATEMENT' AND TG_OP IN ('INSERT','UPDATE','DELETE','TRUNCATE')) THEN
         audit_row.statement_only = 't';
     ELSE
-        RAISE EXCEPTION '[app_audit.if_modified_func] - Trigger func added as trigger for unhandled case: %, %',TG_OP, TG_LEVEL;
+        RAISE EXCEPTION '[${auditSchema}.if_modified_func] - Trigger func added as trigger for unhandled case: %, %',TG_OP, TG_LEVEL;
         RETURN NULL;
     END IF;
-    INSERT INTO app_audit.logged_actions VALUES (audit_row.*);
+    INSERT INTO ${auditSchema}.logged_actions VALUES (audit_row.*);
     RETURN NULL;
 END;
 $body$
 LANGUAGE plpgsql
 SECURITY DEFINER
 SET search_path = pg_catalog, public, extensions;
 
-COMMENT ON FUNCTION app_audit.if_modified_func() IS $body$
+COMMENT ON FUNCTION ${auditSchema}.if_modified_func() IS $body$
 Track changes to a table at the statement and/or row level.
 
 Optional parameters to trigger in CREATE TRIGGER call:
@@ -180,7 +182,7 @@ cannot obtain the active role because it is reset by the SECURITY DEFINER invoca
 of the audit trigger its self.
 $body$;
 
-CREATE OR REPLACE FUNCTION app_audit.audit_table(target_table regclass, audit_rows boolean, audit_query_text boolean, ignored_cols text[]) RETURNS void AS $body$
+CREATE OR REPLACE FUNCTION ${auditSchema}.audit_table(target_table regclass, audit_rows boolean, audit_query_text boolean, ignored_cols text[]) RETURNS void AS $body$
 DECLARE
   stm_targets text = 'INSERT OR UPDATE OR DELETE OR TRUNCATE';
   _q_txt text;
@@ -195,7 +197,7 @@ BEGIN
         END IF;
         _q_txt = 'CREATE TRIGGER audit_trigger_row AFTER INSERT OR UPDATE OR DELETE ON ' ||
                  quote_ident(target_table::TEXT) ||
-                 ' FOR EACH ROW EXECUTE PROCEDURE app_audit.if_modified_func(' ||
+                 ' FOR EACH ROW EXECUTE PROCEDURE ${auditSchema}.if_modified_func(' ||
                  quote_literal(audit_query_text) || _ignored_cols_snip || ');';
         RAISE NOTICE '%',_q_txt;
         EXECUTE _q_txt;
@@ -205,7 +207,7 @@ BEGIN
 
     _q_txt = 'CREATE TRIGGER audit_trigger_stm AFTER ' || stm_targets || ' ON ' ||
              target_table ||
-             ' FOR EACH STATEMENT EXECUTE PROCEDURE app_audit.if_modified_func('||
+             ' FOR EACH STATEMENT EXECUTE PROCEDURE ${auditSchema}.if_modified_func('||
              quote_literal(audit_query_text) || ');';
     RAISE NOTICE '%',_q_txt;
     EXECUTE _q_txt;
@@ -214,7 +216,7 @@ END;
 $body$
 language 'plpgsql';
 
-COMMENT ON FUNCTION app_audit.audit_table(regclass, boolean, boolean, text[]) IS $body$
+COMMENT ON FUNCTION ${auditSchema}.audit_table(regclass, boolean, boolean, text[]) IS $body$
 Add auditing support to a table.
 
 Arguments:
@@ -225,18 +227,18 @@ Arguments:
 $body$;
 
 -- Pg doesn't allow variadic calls with 0 params, so provide a wrapper
-CREATE OR REPLACE FUNCTION app_audit.audit_table(target_table regclass, audit_rows boolean, audit_query_text boolean) RETURNS void AS $body$
-SELECT app_audit.audit_table($1, $2, $3, ARRAY[]::text[]);
+CREATE OR REPLACE FUNCTION ${auditSchema}.audit_table(target_table regclass, audit_rows boolean, audit_query_text boolean) RETURNS void AS $body$
+SELECT ${auditSchema}.audit_table($1, $2, $3, ARRAY[]::text[]);
 $body$ LANGUAGE SQL;
 
 -- And provide a convenience call wrapper for the simplest case
 -- of row-level logging with no excluded cols and query logging enabled.
 --
-CREATE OR REPLACE FUNCTION app_audit.audit_table(target_table regclass) RETURNS void AS $body$
-SELECT app_audit.audit_table($1, BOOLEAN 't', BOOLEAN 't');
+CREATE OR REPLACE FUNCTION ${auditSchema}.audit_table(target_table regclass) RETURNS void AS $body$
+SELECT ${auditSchema}.audit_table($1, BOOLEAN 't', BOOLEAN 't');
 $body$ LANGUAGE 'sql';
 
-COMMENT ON FUNCTION app_audit.audit_table(regclass) IS $body$
+COMMENT ON FUNCTION ${auditSchema}.audit_table(regclass) IS $body$
 Add auditing support to the given table. Row-level changes will be logged with full client query text. No cols are ignored.
 $body$;
 `