diff --git a/server/app/serializers/audit_logs_serializer.rb b/server/app/serializers/audit_logs_serializer.rb new file mode 100644 index 00000000..83c0f785 --- /dev/null +++ b/server/app/serializers/audit_logs_serializer.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +# app/serializers/audit_logs_serializer.rb +class AuditLogsSerializer < ActiveModel::Serializer + attributes :id, :user_id, :action, :resource_type, :resource_id, :resource, :workspace_id, + :metadata +end diff --git a/server/db/data/20241022143042_add_audit_logs_permission_to_roles.rb b/server/db/data/20241022143042_add_audit_logs_permission_to_roles.rb new file mode 100644 index 00000000..c6a314d6 --- /dev/null +++ b/server/db/data/20241022143042_add_audit_logs_permission_to_roles.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +class AddAuditLogsPermissionToRoles < ActiveRecord::Migration[7.1] + def change # rubocop:disable Metrics/MethodLength + admin_role = Role.find_by(role_name: "Admin") + member_role = Role.find_by(role_name: "Member") + viewer_role = Role.find_by(role_name: "Viewer") + + admin_role&.update!( + policies: { + permissions: { + connector_definition: { create: true, read: true, update: true, delete: true }, + connector: { create: true, read: true, update: true, delete: true }, + model: { create: true, read: true, update: true, delete: true }, + report: { create: true, read: true, update: true, delete: true }, + sync_record: { create: true, read: true, update: true, delete: true }, + sync_run: { create: true, read: true, update: true, delete: true }, + sync: { create: true, read: true, update: true, delete: true }, + user: { create: true, read: true, update: true, delete: true }, + workspace: { create: true, read: true, update: true, delete: true }, + data_app: { create: true, read: true, update: true, delete: true }, + audit_logs: { create: true, read: true, update: true, delete: true } + } + } + ) + + member_role&.update!( + policies: { + permissions: { + connector_definition: { create: true, read: true, update: true, delete: true }, + connector: { create: true, read: true, update: true, delete: true }, + model: { create: true, read: true, update: true, delete: true }, + report: { create: true, read: true, update: true, delete: true }, + sync_record: { create: true, read: true, update: true, delete: true }, + sync_run: { create: true, read: true, update: true, delete: true }, + sync: { create: true, read: true, update: true, delete: true }, + user: { create: false, read: true, update: false, delete: false }, + workspace: { create: false, read: true, update: false, delete: false }, + data_app: { create: true, read: true, update: true, delete: true }, + audit_logs: { create: true, read: true, update: true, delete: true } + } + } + ) + + viewer_role&.update!( + policies: { + permissions: { + connector_definition: { create: false, read: true, update: false, delete: false }, + connector: { create: false, read: true, update: false, delete: false }, + model: { create: false, read: true, update: false, delete: false }, + report: { create: false, read: true, update: false, delete: false }, + sync_record: { create: false, read: true, update: false, delete: false }, + sync_run: { create: false, read: true, update: false, delete: false }, + sync: { create: false, read: true, update: false, delete: false }, + user: { create: false, read: true, update: false, delete: false }, + workspace: { create: false, read: true, update: false, delete: false }, + data_app: { create: false, read: true, update: false, delete: false }, + audit_logs: { create: false, read: false, update: false, delete: false } + } + } + ) + end +end diff --git a/server/db/data_schema.rb b/server/db/data_schema.rb index ba8761bd..5c703a1d 100644 --- a/server/db/data_schema.rb +++ b/server/db/data_schema.rb @@ -1,3 +1,3 @@ # frozen_string_literal: true -DataMigrate::Data.define(version: 20_240_903_055_705) +DataMigrate::Data.define(version: 20_241_022_143_042)