Touch Audit - Ensure previous auditing

[mcyoung]

If records are looking to audit for touch, but have yet to be audited, or are specifically auditing just touch events, ensure we're not failing due to a bad previous audit check.

[mcyoung]

@danielmorrison Who woulda known touch events were such touchy things...

[akostadinov]

Shouldn't this be

if for_touch && audits.present?
  ...
end

What is the point in iterating over the changes?

[akostadinov]

also it makes sense here to get audits.last.audited_changes once instead of twice per iteration.

[mcyoung]

Great point, updated in #668

[akostadinov]

I would actually suggest to enable touch callback only if requested. It would usually not make sense to have it. Also it adds database queries to the audit which will add even more latency to responses.

[JDrizzy]

Also it adds database queries to the audit which will add even more latency to responses

This scenario actually bit me when pushing the upgrade to production. Locally, the audits table only had a thousand records whereas production has millions 💥

If we could disable this callback in the config that would be awesome, as this would avoid the same scenario occurring if touch was forgotten from the options callback list. I can add this change if others agree it's needed? I was thinking of adding something that extends to all callbacks as well as it might be beneficial for others.

For example:

# audited.rb

Audited.config do |config|
  config.ignored_callbacks = [:create, :touch]
end

#####

# auditor.rb

after_create :audit_create if audit_callback?(:create)
...
after_touch :audit_touch if ::ActiveRecord::VERSION::MAJOR >= 6 && audit_callback?(:touch)

def audit_callback?(callback)
  return false if Audited.ignored_callbacks.include?(callback)

  audited_options[:on].include?(callback)
end