@sourceloop/audit-log
Advanced tools
-@2x.png){kind=icon}
A loopback-next extension for implementing audit logs in loopback applications for all DB transactions.This extension provides a generic model to store audit data, which can be backed by any datasource you want.
npm install @sourceloop/audit-log
In order to use this component into your LoopBack application, please follow below steps.
import {Entity, model, property} from '@loopback/repository';
import {Action} from '@sourceloop/audit-log';
@model({
name: 'audit_logs',
settings: {
strict: false,
},
})
export class AuditLog extends Entity {
@property({
type: 'string',
id: true,
generated: false,
})
id?: string;
@property({
type: 'string',
required: true,
})
action: Action;
@property({
name: 'acted_at',
type: 'date',
required: true,
})
actedAt: Date;
@property({
name: 'acted_on',
type: 'string',
})
actedOn?: string;
@property({
name: 'action_key',
type: 'string',
required: true,
})
actionKey: string;
@property({
name: 'entity_id',
type: 'string',
required: true,
})
entityId: string;
@property({
type: 'string',
required: true,
})
actor: string;
@property({
type: 'object',
})
before?: object;
@property({
type: 'object',
})
after?: object;
// Define well-known properties here
// Indexer property to allow additional data
// eslint-disable-next-line @typescript-eslint/no-explicit-any
[prop: string]: any;
constructor(data?: Partial<AuditLog>) {
super(data);
}
}
lb4 datasource command create your own datasource using your preferred connector. Here is an example of datasource using postgres connector. Notice the statement static dataSourceName = AuditDbSourceName;. Make sure you change the data source name as per this in order to ensure connection work from extension.import {inject, lifeCycleObserver, LifeCycleObserver} from '@loopback/core';
import {juggler} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
const config = {
name: 'audit',
connector: 'postgresql',
url: '',
host: '',
port: 0,
user: '',
password: '',
database: '',
};
@lifeCycleObserver('datasource')
export class AuditDataSource
extends juggler.DataSource
implements LifeCycleObserver
{
static dataSourceName = AuditDbSourceName;
static readonly defaultConfig = config;
constructor(
@inject('datasources.config.audit', {optional: true})
dsConfig: object = config,
) {
super(dsConfig);
}
}
lb4 repository command, create a repository file. After that, change the inject paramater as below so as to refer to correct data source name.
@inject(datasources.${AuditDbSourceName}) dataSource: AuditDataSource,One example below.
import {inject} from '@loopback/core';
import {DefaultCrudRepository} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
import {AuditDataSource} from '../datasources';
import {AuditLog} from '../models';
export class AuditLogRepository extends DefaultCrudRepository<
AuditLog,
typeof AuditLog.prototype.id
> {
constructor(
@inject(`datasources.${AuditDbSourceName}`) dataSource: AuditDataSource,
) {
super(AuditLog, dataSource);
}
}
AuditRepositoryMixin, for all those repositories where you need audit data. See an example below. For a model Group, here we are extending the GroupRepository with AuditRepositoryMixin.import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {AuditRepositoryMixin} from '@sourceloop/audit-log';
import {AuditLogRepository} from './audit-log.repository';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends AuditRepositoryMixin<
Group,
typeof Group.prototype.id,
GroupRelations,
string,
Constructor<
DefaultCrudRepository<Group, typeof Group.prototype.id, GroupRelations>
>
>(DefaultCrudRepository, groupAuditOpts) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter('AuditLogRepository')
public getAuditLogRepository: Getter<AuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}
You can pass any extra attributes to save into audit table using the IAuditMixinOptions parameter of mixin function.
Make sure you provide getCurrentUser and getAuditLogRepository Getter functions in constructor.
This will create all insert, update, delete audits for this model.
noAudit:true flag with optionscreate(data, {noAudit: true});
ConditionalAuditRepositoryMixin, for all those repositories where you need audit data based on condition whether ADD_AUDIT_LOG_MIXIN is set true. See an example below. For a model Group, here we are extending the GroupRepository with AuditRepositoryMixin.import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {ConditionalAuditRepositoryMixin} from '@sourceloop/audit-log';
import {AuditLogRepository} from './audit-log.repository';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends ConditionalAuditRepositoryMixin(
DefaultUserModifyCrudRepository<
Group,
typeof Group.prototype.id,
GroupRelations
>,
groupAuditOpts,
) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter('AuditLogRepository')
public getAuditLogRepository: Getter<AuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}
If you've noticed a bug or have a question or have a feature request, search the issue tracker to see if someone else in the community has already created a ticket. If not, go ahead and make one! All feature requests are welcome. Implementation time may vary. Feel free to contribute the same, if you can. If you think this extension is useful, please star it. Appreciation really helps in keeping this project alive.
Please read CONTRIBUTING.md for details on the process for submitting pull requests to us.
Code of conduct guidelines here.
Release v4.0.1 April 25, 2023
Welcome to the April 25, 2023 release of loopback4-audit-log. There are many updates in this version that we hope you will like, the key highlights include:
Loopback version update :- chore(deps): update @loopback/repository version was commited on April 25, 2023 by Shubham P
to use the latest one
GH-55
Clink on the above links to understand the changes in detail.
FAQs
Audit Log extension.
The npm package @sourceloop/audit-log receives a total of 532 weekly downloads. As such, @sourceloop/audit-log popularity was classified as not popular.
We found that @sourceloop/audit-log demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.