Its Audit Time

no no. not that kind of audit :p. I’ve been spending the last couple of days going over different versioning/audit gems to find the best for my project, and this post is to compare and comment on my findings. currently this goes over vestal_versions, paper_trail, and acts_as_audited. if you know of any others i should add please let me know.

lets get down to brass tax. here is a simple table of comparison, then i will go into detail for each gem. also if you see any features that should be added to the list, let me know, i will add them and compare each gem.

Vestal Versions Paper Trail Acts as Audited
Popularity
Watchers 359 156 253
Forks 19 4 24

Features
Storage Serialized Yaml Yaml
History Changes Full Full
Diff -/Fields/-* -/Old/All All/Fields/All
Log Action No Yes Yes
Log User No Yes Yes
Version Numbers Yes No Yes*
Include/Exclude Fields Yes Partial* yes
Reconstruct No Yes Yes*
Association Access Yes Yes Yes

Test Suite
Test Count 35 44 69
Assertions 154 65 46
Failures 0 5 0
Errors 0 11 0
Coverage 76.69% 72.35% ? 92.68%

Vestal Versions

as a side note, this might not belong here as it may be more aimed toward ‘versioning’ and not exactly as an auditing solution. but i put it here anyway.

im slightly put off by vestal. It has a lot of nifty features but a few of the big things really make it a non-solution (at least for me.) note for the rcov coverage i had to manually place an Rcov task in Rakefile, but it worked seemlessly.

Pros

  • easy to revert to older versions
  • able to revert by datetime or version number

Cons

  • never stores full object in history
  • no action/user tracking
  • destroys history on record removal

Now for me that last one is a definite deal breaker. even when using isparanoid with vestal the history is removed (yet you still have a primary record.) though i have talked to the author of vestalversions and this is something that will be fixed/optional in the 1.0 release so thats good. as for the action tracking you can technically check if the changes field is null or not (it will be null on the create version)

Paper Trail

paper trail as of right now, I feel is one of the best for this. though it is also missing a few minor things that would make it a lot better. and the testing suite needs and overhaul. one ‘minor’ thing about papertrail is that it only has an :ignore option for ignoring fields to be audited. this i personally don’t find too much of a problem though, and im sure the other could easily be implemented.

Pros

  • full history always
  • reify (revert) for record reconstruction is awesome!
  • reconstructed records keep id & timestamps
  • able to turn papertrail off temporarily

Cons

  • no time based reify (revert)
  • no version tracking
  • poor test coverage

for me version tracking isn’t to bad. a version # really isn’t that important as long as the history is actually there. and given my project people are going to worry about time more than a version number.

Acts as Audited

aaa has a few nice features though its a bit quirky around the edges. a few things i think are important to an auditing plugin just don’t exist or act really funny with aaa.

Pros

  • stores less in database than papertrail
  • cleaner interface for doing ‘asuser’ stuff than paper trail

Cons

  • reconstruct gives record a new ID and timestamps
  • whodunnit limited to ‘username’ attribute on currentuser

the new id & timestamps on record reconstruction im not a big fan of. as if you have associations that also need to be reconstructed this will put a hamper into the entire operation.

Installing Your Own Rails

so i spent the last hour or two trying to get my own rails installed so i could successfully run rails + devise on ruby 1.9.1. thanks to a ticket (and prolly more) i was un-so-happily prevented from being happy with rails 2.3.4 (they need to release 2.3.5 already.) So? i set out to install rails 2.3.4.1 (yes, not official.) I really don’t want to freeze rails to my app (bloat?) so this was the next best thing. I just have to worry about upgrading my app when 2.3.5 gets released.

The last place i looked for making this simple is really the first place i should have. below is how to happily install your own rails to tide you over until a new release is out. I’ve been called terse so here is my terseness in action. Im basing my local release off the 2-3-stable branch, but you could do this with any branch you want.

$ git clone git://github.com/rails/rails.git
$ cd rails
$ git co -b rel 2-3-stable

now we have our proper branch checked out to make our release. execute the following to make a happy release with proper dependency tracking and the such.

$ rake package PKG_BUILD=1

the 1 is what gives us 2.3.4.1 (if this was 2.3.3.1 id probably want to pick 2.) this takes my 2.33Ghz dualcore MBP with 4G of ram about 10 minutes to complete, so be patient it will finish. there is probably a more simple way of doing the following but i just wanted to get this installed already.

The gem’s are kind of spread out so i just gave the paths to install each of them:

$ find rails -type f -name \*.gem
rails/vendor/rails/actionmailer/pkg/actionmailer-2.3.4.1.gem
rails/vendor/rails/actionpack/pkg/actionpack-2.3.4.1.gem
rails/vendor/rails/activerecord/pkg/activerecord-2.3.4.1.gem
rails/vendor/rails/activeresource/pkg/activeresource-2.3.4.1.gem
rails/vendor/rails/activesupport/pkg/activesupport-2.3.4.1.gem
railties/pkg/rails-2.3.4.1.gem

you will find all the packages in there own directory. the following command will install the gems without annoying you with warnings/errors of any kind.

$ find rails railties -type f -name \*.gem | xargs gem install -f -l

Initial Jekyll Post

first jekyll post! i will eventually put more enjoyable stuff here. right now this is a placeholer.

ill get more of my projects up on github shortly and update links here accordingly, as well as write some short entries about them here.