diff --git a/lib/Tuba.pm b/lib/Tuba.pm index b43a6aa3..6d1cefbc 100644 --- a/lib/Tuba.pm +++ b/lib/Tuba.pm @@ -110,6 +110,9 @@ sub startup { my $c = shift; $c->res->headers->header('Access-Control-Allow-Origin' => '*'); $c->res->headers->header('X-API-Version' => $Tuba::VERSION ); + if (my $id = $c->session('id')) { + $c->res->headers->etag(qq["$id"]) if $c->req->method =~ /^(POST|PUT)$/; + } } ); $app->hook(before_dispatch => sub { # Remove path when behind a proxy (see Mojolicious::Guides::Cookbook). diff --git a/lib/Tuba/Activity.pm b/lib/Tuba/Activity.pm index 2afc99e5..7a042c15 100644 --- a/lib/Tuba/Activity.pm +++ b/lib/Tuba/Activity.pm @@ -46,7 +46,7 @@ sub normalize_form_parameter { } if ($obj) { my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; return $pub->id; } return $value; @@ -83,12 +83,12 @@ sub update_rel { if (my $new = $c->param('new_publication')) { my $obj = $c->str_to_obj($new); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; my $methodology = Methodology->new( activity_identifier => $activity->identifier, publication_id => $pub->id ); - $methodology->save(audit_user => $c->user) + $methodology->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($methodology->error); } for my $id ($c->param('delete_publication')) { diff --git a/lib/Tuba/Array.pm b/lib/Tuba/Array.pm index 6051b63a..0adbd5fd 100644 --- a/lib/Tuba/Array.pm +++ b/lib/Tuba/Array.pm @@ -57,7 +57,7 @@ sub update_rel { if (my $new = $c->param('new_table')) { my $img = $c->Tuba::Search::autocomplete_str_to_object($new); $object->add_tables($img); - $object->save(audit_user => $c->user) or do { + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or do { $c->flash(error => $object->error); return $c->update_rel_form(@_); }; diff --git a/lib/Tuba/Auth.pm b/lib/Tuba/Auth.pm index fafade03..aaf2fa2c 100644 --- a/lib/Tuba/Auth.pm +++ b/lib/Tuba/Auth.pm @@ -27,6 +27,7 @@ use JSON::XS; use Mojo::JSON; use Time::Duration qw/ago/; use Tuba::Log; +use Tuba::Util qw/new_uuid/; use Data::Dumper; my $key_expiration = 60 * 60 * 24 * 30; @@ -63,8 +64,10 @@ sub _validate_api_key { } my $verify = b(Mojo::JSON::encode_json([$user,$secret,$create_time]))->hmac_sha1_sum; if ($verify eq $hash) { - logger->debug("Valid api key for $user, created ".ago(time - $create_time)); + my $id = new_uuid(); + logger->debug("Valid api key for $user, created ".ago(time - $create_time)."session id : $id"); $c->session(user => $user); + $c->session(id => $id); return 1; } else { logger->warn("Invalid key for $user"); @@ -114,7 +117,7 @@ sub _google_secrets { state $google_secrets; return if $google_secrets && $google_secrets eq 'none'; return $google_secrets->{web} if $google_secrets; - my $secrets_file = $c->config->{auth}{google_secrets_file}; + my $secrets_file = $c->config->{auth}{google_secrets_file} or return; if ($secrets_file and !-e $secrets_file) { $c->app->log->warn("could not open google_secrets_file $secrets_file"); $google_secrets = 'none'; @@ -176,6 +179,9 @@ sub _login_ok { my $user = shift; $c->app->log->info("Log in ok for $user"); $c->session(user => $user); + my $id = new_uuid(); + $c->app->log->info("Session id: $id"); + $c->session(id => $id); my $dest = $c->param('destination') || $c->flash('destination') || 'index'; $dest =~ s/^http(s)?://; return $c->redirect_to($dest); diff --git a/lib/Tuba/Book.pm b/lib/Tuba/Book.pm index c40d98ed..1071a6d8 100644 --- a/lib/Tuba/Book.pm +++ b/lib/Tuba/Book.pm @@ -50,23 +50,23 @@ sub update { url => $book->url, publication_year => $book->year ); - $report->save(audit_user => $c->user) or do { + $report->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or do { return $c->update_error($report->error); }; my $pub = $book->get_publication; if ($pub) { my $report_pub = $report->get_publication(autocreate => 1); - $report_pub->save(audit_user => $c->user); + $report_pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note); my $refs = References->get_objects(query => [ child_publication_id => $pub->id ] ); for my $ref (@$refs) { $ref->child_publication_id($report_pub->id); my $attrs = $ref->attrs; # workaround : call inflate trigger explicitly - $ref->save(audit_user => $c->user) or return $c->update_error($ref->error); + $ref->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($ref->error); } my $subs = Subpubrefs->get_objects(query => [ publication_id => $report_pub->id ]); for my $sub (@$subs) { $sub->publication_id($report_pub->id); - $sub->save(audit_user => $c->user) or return $c->update_error($sub->error); + $sub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($sub->error); } } $book->delete; diff --git a/lib/Tuba/Controller.pm b/lib/Tuba/Controller.pm index 67459218..8de1065e 100644 --- a/lib/Tuba/Controller.pm +++ b/lib/Tuba/Controller.pm @@ -425,7 +425,7 @@ sub create { $obj{$col->name} = defined($got) && length($got) ? $got : undef; } } - my $audit_note = delete($obj{audit_note}); + my $audit_note = $c->audit_note(delete($obj{audit_note})); if (exists($obj{report_identifier}) && $c->stash('report_identifier')) { $obj{report_identifier} = $c->stash('report_identifier'); } @@ -644,7 +644,7 @@ sub update_prov { $c->stash(object => $object); $c->stash(meta => $object->meta); my $pub = $object->get_publication(autocreate => 1); - $pub->save(changes_only => 1, audit_user => $c->user); # might be new. + $pub->save(changes_only => 1, audit_user => $c->user, audit_note => $c->audit_note); # might be new. $c->stash(publication => $pub); $c->stash->{template} = 'update_prov_form'; @@ -653,7 +653,7 @@ sub update_prov { my $other_pub = Publication->new(id => $delete)->load(speculative => 1); my $map = PublicationMap->new(child => $pub->id, parent => $delete, relationship => $rel); $map->load(speculative => 1) or return $c->update_error("could not find relationship"); - $map->delete(audit_user => $c->user) or return $c->update_error($map->error); + $map->delete(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($map->error); $c->stash(info => "Deleted $rel ".($other_pub ? $other_pub->stringify : "")); return $c->render; } @@ -677,7 +677,7 @@ sub update_prov { if (my $parent_uri = $json->{parent_uri}) { my $parent = $c->uri_to_obj($parent_uri) or return $c->update_error("Couldn't find $parent_uri"); $parent_pub = $parent->get_publication(autocreate => 1) or return $c->update_error("$parent_uri is not a publication"); - $parent_pub->save(audit_user => $c->user) unless $parent_pub->id; + $parent_pub->save(audit_user => $c->user, audit_note => $c->audit_note) unless $parent_pub->id; $rel = $json->{parent_rel} or return $c->update_error("Missing parent_rel"); $note = $json->{note}; $activity_identifier = $json->{activity}; @@ -686,7 +686,7 @@ sub update_prov { my $parent_str = $c->param('parent') or return $c->render; my $parent = $c->_text_to_object($parent_str) or return $c->render(error => 'cannot parse publication'); $parent_pub = $parent->get_publication(autocreate => 1); - $parent_pub->save(changes_only => 1, audit_user => $c->user) or return $c->render(error => $pub->error); + $parent_pub->save(changes_only => 1, audit_user => $c->user, audit_note => $c->audit_note) or return $c->render(error => $pub->error); $rel = $c->param('parent_rel') or return $c->render(error => "Please select a relationship"); $note = $c->param('note'); $activity_identifier = $c->param('activity'); @@ -713,7 +713,7 @@ sub update_prov { activity_identifier => $activity_identifier, ); $map->load(speculative => 1); - $map->save(audit_user => $c->user) or return $c->update_error($map->error); + $map->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($map->error); $c->stash(info => "Saved $rel : ".$parent_pub->stringify); return $c->redirect_without_error('update_prov_form'); } @@ -785,7 +785,7 @@ sub update_files { my $pub = $object->get_publication(autocreate => 1) or return $c->update_error( "Sorry, file uploads have only been implemented for publications."); unless ($pub->id) { - $pub->save(audit_user => $c->user) + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($pub->error); } @@ -832,12 +832,12 @@ sub update_files { $new->port($remote_url->port) if $remote_url->port; $new_file->location($new->to_string); $new_file->file($remote_url->path); - $new_file->save(audit_user => $c->user); + $new_file->save(audit_user => $c->user, audit_note => $c->audit_user); logger->info("saving remote asset ".$remote_url); } if (my $landing_page = ($json->{landing_page} || $c->param('landing_page')) ) { $new_file->landing_page($landing_page); - $new_file->save(audit_user => $c->user); + $new_file->save(audit_user => $c->user, audit_note => $c->audit_note); } } @@ -874,7 +874,7 @@ sub update_files { } if ($existing_file) { my $entry = PublicationFileMap->new(publication => $pub->id, file => $existing_file->identifier); - $entry->save(audit_user => $c->user) or return $c->update_error($entry->error); + $entry->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($entry->error); $c->stash(message => 'Saved changes.'); return $c->redirect_without_error('update_files_form'); } @@ -911,7 +911,7 @@ sub update_contributors { my $obj = $c->_this_object or return $c->reply->not_found; $c->stash(tab => 'update_contributors_form'); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) unless $pub->id; my $json = $c->req->json || {}; @@ -933,7 +933,7 @@ sub update_contributors { $map->load(speculative => 1) or return $c->update_error("bad pub/contributor map ids"); next if $map->sort_key && $map->sort_key == $sort_key; $map->sort_key($sort_key); - $map->save(audit_user => $c->user) or return $c->update_error("could not save ".$map->error); + $map->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error("could not save ".$map->error); $c->flash(info => "Saved changes"); } } @@ -974,18 +974,18 @@ sub update_contributors { logger->debug("Found contributor person ".($person // 'undef').' org '.($organization) // 'undef'); logger->debug("json : ".Dumper($json)); } else { - $contributor->save(audit_user => $c->user) + $contributor->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($contributor->error); }; - $pub->save(audit_user => $c->user) or return $c->update_error($contributor->error); + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($contributor->error); my $map = Tuba::DB::Object::PublicationContributorMap->new( publication_id => $pub->id, contributor_id => $contributor->id ); $map->load(speculative => 1); $map->reference_identifier($reference_identifier); - $map->save(audit_user => $c->user) or return $c->update_error($map->error); + $map->save(audit_user => $c->user, audit_note => $c->audit_note) or return $c->update_error($map->error); $c->flash(info => "Saved changes."); return $c->redirect_without_error('update_contributors_form'); } @@ -1000,7 +1000,7 @@ sub _update_pub_many { my $pwhat = $dwhat.'s'; my $mwhat = "Tuba::DB::Object::Publication${what}Map"; - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) unless $pub->id; if (my $json = $c->req->json) { my $delete_extra = delete $json->{_delete_extra}; $json = [ $json ] if ref($json) eq 'HASH'; @@ -1014,7 +1014,7 @@ sub _update_pub_many { $pub->$method($kw); delete $to_delete{$kw->identifier}; } - $pub->save(audit_user => $c->user); + $pub->save(audit_user => $c->user, audit_note => $c->audit_note); if ($delete_extra) { for my $extra (keys %to_delete) { $mwhat->new( @@ -1060,7 +1060,7 @@ sub update_rel { my $next = $object->uri($c,{tab => 'update_rel_form'}); my $pub = $object->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) unless $pub->id; # Update generic many-many relationships for all publication types. for my $what (qw/GcmdKeyword Region/) { @@ -1072,7 +1072,7 @@ sub update_rel { my $kwd = $cwhat->new_from_autocomplete($new); my $add_method = "add_${dwhat}s"; $pub->$add_method($kwd); - $pub->save(audit_user => $c->user) or do { + $pub->save(audit_user => $c->user, audit_note => $c->audit_note) or do { $c->flash(error => $object->error); return $c->redirect_to($next); }; @@ -1200,6 +1200,7 @@ sub update { my $audit_note = $c->stash('audit_note'); $audit_note ||= (delete $json->{audit_note}) if $json; $audit_note ||= $c->param('audit_note'); + $audit_note = $c->audit_note($audit_note); for my $col ($object->meta->columns) { my $param = $json ? $json->{$col->name} : $c->req->param($col->name); $param = $computed->{$col->name} if exists($computed->{$col->name}); @@ -1440,5 +1441,15 @@ sub redirect_without_error { ); } +sub audit_note { + my $c = shift; + my $custom = shift; + my $id = $c->session('id') or die "no session id"; + return join ':', $c->session('id'), ($custom || ()); +} + +sub audit_user { + return shift->user; +} 1; diff --git a/lib/Tuba/DB/Object.pm b/lib/Tuba/DB/Object.pm index 4078c2ad..812eeaf2 100644 --- a/lib/Tuba/DB/Object.pm +++ b/lib/Tuba/DB/Object.pm @@ -103,9 +103,8 @@ sub update_primary_key { # %changes should just be source_column -> new_value. my $table = $object->meta->table; my $db = $object->db; + my $dbh = $db->dbh or die $db->error; $db->do_transaction( sub { - $db->dbh->do("set local audit.username = ?",{},$audit_user); - $db->dbh->do("set local audit.note = ?",{},$audit_note) if $audit_note; my %non_pk_changes = %changes; my %pk_changes; for (keys %pk) { @@ -114,9 +113,11 @@ sub update_primary_key { for (keys %non_pk_changes) { $object->$_($non_pk_changes{$_}); } + $dbh->do("set local audit.username = ?",{},$audit_user); + $dbh->do("set local audit.note = ?",{},$audit_note) if $audit_note; $object->save(audit_user => $audit_user, audit_note => $audit_note); - my $dbis = DBIx::Simple->new($db->dbh); + my $dbis = DBIx::Simple->new($dbh); $dbis->update(qq["$table"], \%pk_changes, \%pk) or die $dbis->error; } ) or do { $object->error($db->error) unless $object->error; @@ -143,6 +144,7 @@ sub _am_recursing { # am I recursing? sub save { my $self = shift; my %args = @_; + Carp::confess("weird args") if @_ % 2; my $status; # This function will be called several times during a nested save (e.g. $figure->add_image(..) ). # But %args are not propogated. So, store $audit_info in a package var which we use @@ -158,11 +160,20 @@ sub save { $_audit_user = $audit_user; $_audit_note = $audit_note; $self->meta->error_mode('fatal'); - $status = $self->db->do_transaction( sub { - $self->db->dbh->do("set local audit.username = ?",{},$audit_user); - $self->db->dbh->do("set local audit.note = ?",{},$audit_note) if $audit_note; - $self->SUPER::save(%args); - } ); + my $dbh = $self->db->dbh; + my $state = $dbh->ping; + return 0 if $state==4; # in failed transaction + if ($state==3) { # already in a transaction + $dbh->do("set local audit.username = ?",{},$audit_user); + $dbh->do("set local audit.note = ?",{},$audit_note) if $audit_note; + $status = $self->SUPER::save(%args); + } else { # not in a transaction + $status = $self->db->do_transaction( sub { + $dbh->do("set local audit.username = ?",{},$audit_user); + $dbh->do("set local audit.note = ?",{},$audit_note) if $audit_note; + $status = $self->SUPER::save(%args); + }); + } unless ($status) { logger->warn("save failed, obj error : ".($self->error || 'none')); logger->warn("save failed, db error : ".($self->db->error || 'none')); diff --git a/lib/Tuba/Dataset.pm b/lib/Tuba/Dataset.pm index fc20824e..c000aad2 100644 --- a/lib/Tuba/Dataset.pm +++ b/lib/Tuba/Dataset.pm @@ -46,7 +46,7 @@ sub update_rel { $add->{dataset_identifier} = $dataset->identifier; my $obj = InstrumentMeasurement->new( %$add ); $obj->load(speculative => 1); - $obj->save(audit_user => $c->user) or return $c->update_error($obj->error); + $obj->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($obj->error); } else { warn "no json"; } diff --git a/lib/Tuba/Exterm.pm b/lib/Tuba/Exterm.pm index 2813fae9..a2cbd4ec 100644 --- a/lib/Tuba/Exterm.pm +++ b/lib/Tuba/Exterm.pm @@ -33,7 +33,7 @@ sub create { # NB: forms are handled through lexicon/rel return $c->update_error("missing JSON to add exterm"); } - $term->save(audit_user => $c->user) or return $c->update_error($term->error); + $term->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($term->error); $c->stash(_this_object => $term); return $c->redirect_without_error('create_form'); } diff --git a/lib/Tuba/Figure.pm b/lib/Tuba/Figure.pm index 38b6f323..e580d066 100644 --- a/lib/Tuba/Figure.pm +++ b/lib/Tuba/Figure.pm @@ -118,13 +118,13 @@ sub update_rel { if (my $new = $c->param('new_image')) { my $img = $c->Tuba::Search::autocomplete_str_to_object($new); $object->add_images($img); - $object->save(audit_user => $c->user) or return $c->update_error($object->error); + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($object->error); } if (my $new = $json->{add_image_identifier}) { my $img = Image->new(identifier => $new)->load(speculative => 1) or return $c->update_error("Image $new not found"); $object->add_images($img); - $object->save(audit_user => $c->user) or return $c->update_error($object->error); + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($object->error); } my $report_identifier = $c->stash('report_identifier'); diff --git a/lib/Tuba/Image.pm b/lib/Tuba/Image.pm index b6531069..b189d41d 100644 --- a/lib/Tuba/Image.pm +++ b/lib/Tuba/Image.pm @@ -56,7 +56,7 @@ sub update_rel { if (my $new = $c->param('new_figure')) { my $img = $c->Tuba::Search::autocomplete_str_to_object($new); $object->add_figures($img); - $object->save(audit_user => $c->user) or do { + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or do { $c->flash(error => $object->error); return $c->update_rel_form(@_); }; diff --git a/lib/Tuba/Lexicon.pm b/lib/Tuba/Lexicon.pm index 704223ec..1b663934 100644 --- a/lib/Tuba/Lexicon.pm +++ b/lib/Tuba/Lexicon.pm @@ -47,7 +47,7 @@ sub update_rel { my $exterm = Exterm->new(%entry); $exterm->load(speculative => 1); $exterm->gcid($gcid); - $exterm->save(audit_user => $c->user) or return $c->update_error($exterm->error); + $exterm->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($exterm->error); } if (my @delete = @{ $c->every_param('delete_term') }) { for my $term (@delete) { diff --git a/lib/Tuba/Methodology.pm b/lib/Tuba/Methodology.pm index 54f56b9a..789cddc2 100644 --- a/lib/Tuba/Methodology.pm +++ b/lib/Tuba/Methodology.pm @@ -30,7 +30,7 @@ sub normalize_form_parameter { } if ($obj) { my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; return $pub->id; } return $value; @@ -68,12 +68,12 @@ sub update_rel { if (my $new = $c->param('new_publication')) { my $obj = $c->str_to_obj($new); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; my $methodology = Methodology->new( activity_identifier => $activity->identifier, publication_id => $pub->id ); - $methodology->save(audit_user => $c->user) + $methodology->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($methodology->error); } for my $id ($c->param('delete_publication')) { diff --git a/lib/Tuba/Organization.pm b/lib/Tuba/Organization.pm index 3b7e2546..18719fca 100644 --- a/lib/Tuba/Organization.pm +++ b/lib/Tuba/Organization.pm @@ -63,16 +63,16 @@ sub update_rel { my $obj = $c->param('publication') or return $c->update_error("Missing publication"); $obj = $c->str_to_obj($obj) or return $c->update_error("No match for $obj"); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; my $role_type = $c->param('role_type'); my $ctr = Contributor->new( role_type_identifier => $role_type, person_id => $person ? $person->id : undef, organization_identifier => $org->identifier ); - $ctr->load(speculative => 1) or $ctr->save(audit_user => $c->user) or return $c->update_error($ctr->error); + $ctr->load(speculative => 1) or $ctr->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($ctr->error); $ctr->add_publications($pub); - $ctr->save(audit_user => $c->user) or return $c->update_error($ctr->error); + $ctr->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($ctr->error); } if (my $related_org = $c->param('related_org')) { @@ -83,7 +83,7 @@ sub update_rel { other_organization_identifier => $related->identifier, organization_relationship_identifier => $relationship ); - $map->save(audit_user => $c->user) or return $c->update_error($map->error); + $map->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($map->error); $c->flash(info => "Saved changes."); } if (my $delete_rel = $c->param('delete_relationship_to')) { diff --git a/lib/Tuba/Person.pm b/lib/Tuba/Person.pm index 6cca36d0..f373ad34 100644 --- a/lib/Tuba/Person.pm +++ b/lib/Tuba/Person.pm @@ -135,16 +135,16 @@ sub update_rel { my $obj = $c->param('publication') or return $c->update_error("Missing publication"); $obj = $c->str_to_obj($obj) or return $c->update_error("No match for $obj"); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; my $role_type = $c->param('role_type'); my $ctr = Contributor->new( role_type_identifier => $role_type, person_id => $person->id, organization_identifier => $organization->identifier ); - $ctr->load(speculative => 1) or $ctr->save(audit_user => $c->user) or return $c->update_error($ctr->error); + $ctr->load(speculative => 1) or $ctr->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($ctr->error); $ctr->add_publications($pub); - $ctr->save(audit_user => $c->user) or return $c->update_error($ctr->error); + $ctr->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($ctr->error); } $c->redirect_to($next); diff --git a/lib/Tuba/Platform.pm b/lib/Tuba/Platform.pm index b98a6ff3..80719456 100644 --- a/lib/Tuba/Platform.pm +++ b/lib/Tuba/Platform.pm @@ -67,7 +67,7 @@ sub update_rel { $add->{platform_identifier} = $platform->identifier; my $obj = InstrumentInstance->new( %$add ); $obj->load(speculative => 1); - $obj->save(audit_user => $c->user) or return $c->update_error($obj->error); + $obj->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($obj->error); } if (my $del = $json->{del}) { $del->{platform_identifier} = $platform->identifier; diff --git a/lib/Tuba/Reference.pm b/lib/Tuba/Reference.pm index fb5cbda6..3745190d 100644 --- a/lib/Tuba/Reference.pm +++ b/lib/Tuba/Reference.pm @@ -65,7 +65,7 @@ sub normalize_form_parameter { } if ($obj) { my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; return $pub->id; } return $value; @@ -78,7 +78,7 @@ sub create { my $report = $c->uri_to_obj($uri) or return $c->render(json => { error => "uri $uri not found" } ); $report->meta->table eq 'report' or return $c->render(json => { error => 'only reports for now' } ); my $pub = $report->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; $json->{publication_id} = $pub->id; $c->stash(object_json => $json); } @@ -242,7 +242,7 @@ sub update_rel { return $c->render(status => 400, json => { error => "$subpubref not found" }); }; $reference->add_subpubrefs({publication_id => $pub->id}); - $reference->save(changes_only => 1, audit_user => $c->user) or return $c->render_exception; + $reference->save(changes_only => 1, audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->render_exception; } if (my $subpubref = $json->{delete_subpub}) { my $pub = $c->uri_to_pub($subpubref) or do { @@ -258,30 +258,30 @@ sub update_rel { if ($c->param('delete_child_publication_id')) { $reference->child_publication_id(undef); - $reference->save(changes_only => 1, audit_user => $c->user) or return $c->redirect_with_error(update_rel_form => $reference->error); + $reference->save(changes_only => 1, audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->redirect_with_error(update_rel_form => $reference->error); } if (my $child = $c->param('child_publication_id')) { my $obj = $c->str_to_obj($child) or return $c->redirect_with_error(update_rel_form => "could not find $child"); my $child_publication = $obj->get_publication(autocreate => 1); - $child_publication->save(audit_user => $c->user) unless $child_publication->id; + $child_publication->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $child_publication->id; $reference->child_publication_id($child_publication->id); - $reference->save(changes_only => 1, audit_user => $c->user) or return $c->redirect_with_error(update_rel_form => $reference->error); + $reference->save(changes_only => 1, audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->redirect_with_error(update_rel_form => $reference->error); } if ( $report && (my $chapter_identifier = $c->param('chapter'))) { my $chapter = Chapter->new(identifier => $chapter_identifier, report_identifier => $report->identifier); my $chapter_pub = $chapter->get_publication(autocreate => 1); - $chapter_pub->save(audit_user => $c->user) unless $chapter_pub->id; + $chapter_pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $chapter_pub->id; $reference->add_subpubrefs({ publication_id => $chapter_pub->id }); - $reference->save(changes_only => 1, audit_user => $c->user) or + $reference->save(changes_only => 1, audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->redirect_with_error(update_rel_form => $reference->error); } if (my $other_pub = $c->param('other_pub')) { my $obj = $c->str_to_obj($other_pub) or return $c->redirect_without_error(update_rel_form => "not found : $other_pub"); my $pub = $obj->get_publication(autocreate => 1); - $pub->save(audit_user => $c->user) unless $pub->id; + $pub->save(audit_user => $c->audit_user, audit_note => $c->audit_note) unless $pub->id; $reference->add_subpubrefs({ publication_id => $pub->id }); - $reference->save(changes_only => 1, audit_user => $c->user) or + $reference->save(changes_only => 1, audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->redirect_with_error(update_rel_form => $reference->error); } if (my $which = $c->param('delete_subpub')) { diff --git a/lib/Tuba/Table.pm b/lib/Tuba/Table.pm index bc209fa8..00e4e37f 100644 --- a/lib/Tuba/Table.pm +++ b/lib/Tuba/Table.pm @@ -124,7 +124,7 @@ sub update_rel { if (my $new = $c->param('new_array')) { my $array = $c->Tuba::Search::autocomplete_str_to_object($new); $object->add_arrays($array); - $object->save(audit_user => $c->user) or do { + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or do { $c->flash(error => $object->error); return $c->redirect_to($next); }; @@ -133,7 +133,7 @@ sub update_rel { my $img = Array->new(identifier => $new)->load(speculative => 1) or return $c->update_error("array $new not found"); $object->add_arrays($img); - $object->save(audit_user => $c->user) or return $c->update_error($object->error); + $object->save(audit_user => $c->audit_user, audit_note => $c->audit_note) or return $c->update_error($object->error); } my $report_identifier = $c->stash('report_identifier');