sourcefuse
@sourceloop/audit-log
Overview
The @sourceloop/audit-log package is a powerful LoopBack 4 extension designed to seamlessly implement audit logs in your LoopBack applications. With this extension, you can effortlessly track and record audit data for all database transactions within your application.
This package provides a generic model that enables the storage of audit logs, which can be backed by any datasource of your choice. Whether you're using MySQL, PostgreSQL, MongoDB, or any other database, the Audit Logs package ensures compatibility and flexibility.
By incorporating the Audit Logs package into your application, you gain valuable insights into the history of data changes, user actions, and system events. Maintain a comprehensive audit trail for compliance, troubleshooting, and analysis purposes.
Install
npm install @sourceloop/audit-logUsage
In order to use this component into your LoopBack application, please follow below steps.
- If you wish to modify the one provided by this extension create your own model class just the one shown below. You can use
lb4 modelcommand to create new model
import {Entity, model, property} from '@loopback/repository';
import {Action} from '@sourceloop/audit-log';
@model({
name: 'audit_logs',
settings: {
strict: false,
},
})
export class AuditLog extends Entity {
@property({
type: 'string',
id: true,
generated: false,
})
id?: string;
@property({
type: 'string',
required: true,
})
action: Action;
@property({
name: 'acted_at',
type: 'date',
required: true,
})
actedAt: Date;
@property({
name: 'acted_on',
type: 'string',
})
actedOn?: string;
@property({
name: 'action_key',
type: 'string',
required: true,
})
actionKey: string;
@property({
name: 'entity_id',
type: 'string',
required: true,
})
entityId: string;
@property({
type: 'string',
required: true,
})
actor: string;
@property({
type: 'object',
})
before?: object;
@property({
type: 'object',
})
after?: object;
// Define well-known properties here
// Indexer property to allow additional data
// eslint-disable-next-line @typescript-eslint/no-explicit-any
[prop: string]: any;
constructor(data?: Partial<AuditLog>) {
super(data);
}
}- Using
lb4 datasourcecommand create your own datasource using your preferred connector. Here is an example of datasource using postgres connector. Notice the statementstatic dataSourceName = AuditDbSourceName;. Make sure you change the data source name as per this in order to ensure connection work from extension.
import {inject, lifeCycleObserver, LifeCycleObserver} from '@loopback/core';
import {juggler} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
const config = {
name: 'audit',
connector: 'postgresql',
url: '',
host: '',
port: 0,
user: '',
password: '',
database: '',
};
@lifeCycleObserver('datasource')
export class AuditDataSource
extends juggler.DataSource
implements LifeCycleObserver
{
static dataSourceName = AuditDbSourceName;
static readonly defaultConfig = config;
constructor(
@inject('datasources.config.audit', {optional: true})
dsConfig: object = config,
) {
super(dsConfig);
}
}- If you have a custom model and you wish to use that in your repository class you can
Using
lb4 repositorycommand, create a repository file. After that, change the inject paramater as below so as to refer to correct data source name.@inject(datasources.${AuditDbSourceName}) dataSource: AuditDataSource,
One example below.
import {inject} from '@loopback/core';
import {DefaultCrudRepository} from '@loopback/repository';
import {AuditDbSourceName} from '@sourceloop/audit-log';
import {AuditDataSource} from '../datasources';
import {AuditLog} from '../models';
export class AuditLogRepository extends DefaultCrudRepository<
AuditLog,
typeof AuditLog.prototype.id
> {
constructor(
@inject(`datasources.${AuditDbSourceName}`) dataSource: AuditDataSource,
) {
super(AuditLog, dataSource);
}
}- The component exposes a mixin for your repository classes. Just extend your repository class with
AuditRepositoryMixin, for all those repositories where you need audit data. See an example below. For a modelGroup, here we are extending theGroupRepositorywithAuditRepositoryMixin.
import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {AuditRepositoryMixin, AuditLogRepository} from '@sourceloop/audit-log';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends AuditRepositoryMixin<
Group,
typeof Group.prototype.id,
GroupRelations,
string,
Constructor<
DefaultCrudRepository<Group, typeof Group.prototype.id, GroupRelations>
>
>(DefaultCrudRepository, groupAuditOpts) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter(AuditLogRepository)
public getAuditLogRepository: Getter<AuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}and also bind the component of this extension in your application.ts
import {AuditLogComponent} from '@sourceloop/audit-log';
this.component(AuditLogComponent);- The above code uses the default repository provided by this extension
- If you wish to use your custom repository and model class do the following
import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {AuditRepositoryMixin} from '@sourceloop/audit-log';
import {CustomAuditLogRepository} from './audit-log.repository';
import {CustomAuditLogModel} from '../models';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends AuditRepositoryMixin<
Group,
typeof Group.prototype.id,
GroupRelations,
string,
Constructor<
DefaultCrudRepository<Group, typeof Group.prototype.id, GroupRelations>
>,
// pass the below two parameters when you want your custom model to be used
// otheriwise the default model and repository will be used
CustomAuditLogModel,
CustomAuditLogRepository
>(DefaultCrudRepository, groupAuditOpts) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter(CustomAuditLogRepository)
public getAuditLogRepository: Getter<CustomAuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}You can pass any extra attributes to save into audit table using the IAuditMixinOptions parameter of mixin function. You can also pass some dynamic values to the extra columns of the audit-log table via the method options.
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
extra: 'static value',
};repo.create(data, {extra: 'random calculated value'});So the method options will have a priority over repository mixin options.
Make sure you provide getCurrentUser and getAuditLogRepository Getter functions in constructor.
This will create all insert, update, delete audits for this model.
- Option to disable audit logging on specific functions by just passing
noAudit:trueflag with options
create(data, {noAudit: true});- The Actor field is configurable and can save any string type value in the field. Though the default value will be userId a developer can save any string field from the current User that is being passed.
export interface User<ID = string, TID = string, UTID = string> {
id?: string;
username: string;
password?: string;
identifier?: ID;
permissions: string[];
authClientId: number;
email?: string;
role: string;
firstName: string;
lastName: string;
middleName?: string;
tenantId?: TID;
userTenantId?: UTID;
passwordExpiryTime?: Date;
allowedResources?: string[];
}Steps
- All you need to do is bind a User key to the ActorIdKey in application.ts
this.bind(AuthServiceBindings.ActorIdKey).to('username');- Pass the actorIdKey argument in the constructor
@inject(AuditBindings.ActorIdKey, {optional: true})
public actorIdKey?: ActorId,Making current user not mandatory
Incase you dont have current user binded in your application context and wish to log the activities within your application then in that case you can pass the actor id along with the options just like
await productRepo.create(product, {noAudit: false, actorId: 'userId'});- The package exposes a conditional mixin for your repository classes. Just extend your repository class with
ConditionalAuditRepositoryMixin, for all those repositories where you need audit data based on condition whetherADD_AUDIT_LOG_MIXINis set true. See an example below. For a modelGroup, here we are extending theGroupRepositorywithAuditRepositoryMixin.
import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {
ConditionalAuditRepositoryMixin,
AuditLogRepository,
} from '@sourceloop/audit-log';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends ConditionalAuditRepositoryMixin(
DefaultUserModifyCrudRepository<
Group,
typeof Group.prototype.id,
GroupRelations
>,
groupAuditOpts,
) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter('AuditLogRepository')
public getAuditLogRepository: Getter<AuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}Using with Sequelize ORM
This extension provides support to both juggler (the default loopback ORM) and sequelize.
If your loopback project is already using SequelizeCrudRepository from @loopback/sequelize or equivalent add on repositories from sourceloop packages like SequelizeUserModifyCrudRepository. You'll need to make just two changes:
- The import statements should have the suffix
/sequelize, like below:
import {repository} from '@loopback/repository';
import {Group, GroupRelations} from '../models';
import {PgdbDataSource} from '../datasources';
import {inject, Getter, Constructor} from '@loopback/core';
import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {AuditRepositoryMixin} from '@sourceloop/audit-log';
import {AuditLogRepository as SequelizeAuditLogRepository} from '@sourceloop/auidt-log/sequelize';
const groupAuditOpts: IAuditMixinOptions = {
actionKey: 'Group_Logs',
};
export class GroupRepository extends AuditRepositoryMixin<
Group,
typeof Group.prototype.id,
GroupRelations,
string,
Constructor<
DefaultCrudRepository<Group, typeof Group.prototype.id, GroupRelations>
>,
AuditLog,
SequelizeAuditLogRepository
>(DefaultCrudRepository, groupAuditOpts) {
constructor(
@inject('datasources.pgdb') dataSource: PgdbDataSource,
@inject.getter(AuthenticationBindings.CURRENT_USER)
public getCurrentUser: Getter<IAuthUser>,
@repository.getter(AuditLogRepository)
public getAuditLogRepository: Getter<SequelizeAuditLogRepository>,
) {
super(Group, dataSource, getCurrentUser);
}
}Also add the following to your application.ts file to bind the Sequelize repository
import {AuditLog} from '@sourceloop/auidt-log/';
import {AuditLogRepository} from '@sourceloop/audit-log/sequelize';
this.repositories = [AuditLogRepository<AuditLog>];Feedback
If you've noticed a bug or have a question or have a feature request, search the issue tracker to see if someone else in the community has already created a ticket. If not, go ahead and make one! All feature requests are welcome. Implementation time may vary. Feel free to contribute the same, if you can. If you think this extension is useful, please star it. Appreciation really helps in keeping this project alive.
Contributing
Please read CONTRIBUTING.md for details on the process for submitting pull requests to us.
Code of conduct
Code of conduct guidelines here.
License