Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
By Trevor Norris - Jan 09, 2025
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@sourceloop/audit-log
Advanced tools
@sourceloop/audit-log
-@2x.png){kind=icon}
A loopback-next extension for implementing audit logs in loopback applications for all DB transactions.This extension provides a generic model to store audit data, which can be backed by any datasource you want.
Install
npm install @sourceloop/audit-log
Usage
In order to use this component into your LoopBack application, please follow below steps.
- Add audit model class as Entity.
import {Entity, model, property} from '@loopback/repository';
import {Action} from '@sourceloop/audit-log';
@model({
name: 'audit_logs',
settings: {
strict: false,
},
})
export class AuditLog extends Entity {
@property({
type: 'string',
id: true,
generated: false,
})
id?: string;
@property({
type: 'string',
required: true,
})
action: Action;
@property({
name: 'acted_at',
type: 'date',
required: true,
})
actedAt: Date;
@property({
name: 'acted_on',
type: 'string',
})
actedOn?: string;
@property({
name: 'action_key',
type: 'string',
required: true,
})
actionKey: string;
@property({
name: 'entity_id',
type: 'string',
required: true,
})
entityId: string;
@property({
type: 'string',
required: true,
})
actor: string;
@property({
type: 'object',
})
before?: object;
@property({
type: 'object',
})
after?: object;
// Define well-known properties here
// Indexer property to allow additional data
// eslint-disable-next-line @typescript-eslint/no-explicit-any
[prop: string]: any;
constructor(data?: Partial<AuditLog>) {
super(data);
}
}
- Using
lb4 datasourcecommand create your own datasource using your preferred connector. Here is an example of datasource using postgres connector. Notice the statementstatic dataSourceName = AuditDbSourceName;. Make sure you change the data source name as per this in order to ensure connection work from extension.
import {inject, lifeCycleObserver, LifeCycleObserver} from '@loopback/core';
import {juggler} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
const config = {
name: 'audit',
connector: 'postgresql',
url: '',
host: '',
port: 0,
user: '',
password: '',
database: '',
};
@lifeCycleObserver('datasource')
export class AuditDataSource
extends juggler.DataSource
implements LifeCycleObserver {
static dataSourceName = AuditDbSourceName;
static readonly defaultConfig = config;
constructor(
@inject('datasources.config.audit', {optional: true})
dsConfig: object = config,
) {
super(dsConfig);
}
}
- Using
lb4 repositorycommand, create a repository file. After that, change the inject paramater as below so as to refer to correct data source name.@inject(datasources.${AuditDbSourceName}) dataSource: AuditDataSource,
One example below.
import {inject} from '@loopback/core';
import {DefaultCrudRepository} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
import {AuditDataSource} from '../datasources';
import {AuditLog} from '../models';
export class AuditLogRepository extends DefaultCrudRepository<
AuditLog,
typeof AuditLog.prototype.id
> {
constructor(
@inject(`datasources.${AuditDbSourceName}`) dataSource: AuditDataSource,
) {
super(AuditLog, dataSource);
}
}
- The component exposes a mixin for your repository classes. Just extend your repository class with
AuditRepositoryMixin, for all those repositories where you need audit data. See an example below. For a modelGroup, here we are extending theGroupRepositorywithAuditRepositoryMixin.
import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {AuditRepositoryMixin} from '@sourceloop/audit-log';
import {AuditLogRepository} from './audit-log.repository';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends AuditRepositoryMixin<
Group,
typeof Group.prototype.id,
GroupRelations,
string,
Constructor<
DefaultCrudRepository<Group, typeof Group.prototype.id, GroupRelations>
>
>(DefaultCrudRepository, groupAuditOpts) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter('AuditLogRepository')
public getAuditLogRepository: Getter<AuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}
You can pass any extra attributes to save into audit table using the IAuditMixinOptions parameter of mixin function.
Make sure you provide getCurrentUser and getAuditLogRepository Getter functions in constructor.
This will create all insert, update, delete audits for this model.
- Option to disable audit logging on specific functions by just passing
noAudit:trueflag with options
create(data, {noAudit: true});
Feedback
If you've noticed a bug or have a question or have a feature request, search the issue tracker to see if someone else in the community has already created a ticket. If not, go ahead and make one! All feature requests are welcome. Implementation time may vary. Feel free to contribute the same, if you can. If you think this extension is useful, please star it. Appreciation really helps in keeping this project alive.
Contributing
Please read CONTRIBUTING.md for details on the process for submitting pull requests to us.
Code of conduct
Code of conduct guidelines here.
License
Release v3.2.0 January 10, 2023
Welcome to the January 10, 2023 release of loopback4-audit-log. There are many updates in this version that we hope you will like, the key highlights include:
-
:- chore(deps): loopback version update was commited on January 10, 2023 by Surbhi Sharma
-
updated version of the lb4 dependencies to the latest.
-
GH-43
-
-
:- feat(chore): custom change log was commited on January 9, 2023 by yeshamavani
-
- feat(chore): custom change log
-
The change log will now have issues as well as commit for the change
-
this is customizable in the
-
md file
-
GH-39
-
- feat(chore): now we will generate out custom changelog
-
using git-release-notes npm package for this
-
GH-39
-
Clink on the above links to understand the changes in detail.
Keywords
FAQs
Audit Log extension.
The npm package @sourceloop/audit-log receives a total of 553 weekly downloads. As such, @sourceloop/audit-log popularity was classified as not popular.
We found that @sourceloop/audit-log demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 10 Jan 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
By Kirill Boychenko - Jan 08, 2025
Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
By Sarah Gooding - Jan 07, 2025