Audit Log Provider
Overview
refine allows you to track changes in your data and keep track of who made the changes. This is done by sending a new log event record whenever a new record is created, updated or deleted. Mutations made with data hooks are automatically sent the auditLogProvider as an event. You can also manually send events to the auditLogProvider via hooks.
An audit log provider must have the following three methods:
create: Logs an event to the audit log.get: Returns a list of events.update: Updates an event in the audit log.
Below are the corresponding interfaces for each of these methods.
const auditLogProvider = {
create: (params: {
resource: string;
action: string;
data?: any;
author?: {
name?: string;
[key: string]: any;
};
previousData?: any;
meta?: Record<string, any>;
}) => void;
get: (params: {
resource: string;
action?: string;
meta?: Record<string, any>;
author?: Record<string, any>;
metaData?: MetaDataQuery;
}) => Promise<any>;
update: (params: {
id: BaseKey;
name: string;
}) => Promise<any>;
}
refine provides the useLog and useLogList hooks to access your auditLogProvider methods from anywhere in your application.
Usage
You just need to pass your auditLogProvider object to <Refine>:
import { Refine } from "@pankod/refine-core";
import auditLogProvider from "./auditLogProvider";
const App: React.FC = () => {
return <Refine auditLogProvider={auditLogProvider} />;
};
Creating an Audit Log Provider
Let's create an auditLogProvider to understand better. In this example, we will use dataProvider to handle events. But you can handle events whatever you want because refine provides an agnostic API. So, If you want to use a third-party library, of course, you can.
get
This method is used to list audit log events.
For example, using useLogList hook to list all resource activities by a specific record id creates an event like this:
{
"resource": "posts",
"meta": {
"id": "1"
}
}
The event is create with parameters passed to the useLogList hook.
Now let's see how we can handle these events in our audit log provider.
import refineSimpleRestDataProvider from "@pankod/refine-simple-rest";
const API_URL = "https://api.fake-rest.refine.dev";
const dataProvider = refineSimpleRestDataProvider(API_URL);
const auditLogProvider: AuditLogProvider = {
get: async ({ resource, meta }) => {
const { data } = await dataProvider(API_URL).getList({
resource: "logs",
filters: [
{
field: "resource",
operator: "eq",
value: resource,
},
{
field: "meta.id",
operator: "eq",
value: meta?.id,
},
],
});
return data;
},
};
Parameter Types
This method can take the following parameters via hooks. You can use these parameters to filter the events.
| Name | Type |
|---|---|
| resource | string |
| action | "create" | "update" | "delete" | string |
| meta | Record<string, any> |
| author | Record<string, any> |
create
This method is used to create an audit log event. It is triggered when a new successful mutation or when you use useLog's log method. The incoming parameters show the values of the new record to be created.
We recommend you create audit logs on the API side for security concerns because data can be changed on the client side.
When the mutations is successful, the create method is called with the following parameters, depending on the mutation type:
- Create event
- Update event
- Delete event
When a record is created, refine automatically sends an event to create method like this:
{
"action": "create",
"resource": "posts",
"data": {
"id": "1",
"title": "Hello World",
"content": "Hello World"
},
"meta": {
"dataProviderName": "simple-rest",
// If request response has a `id` field, it will be add in the `meta` field.
"id": "1"
}
}
The id of the created record is added to the meta object. It can be used for filtering purposes.
When a record is updated, refine automatically sends an event to create method like this:
{
"action": "update",
"resource": "posts",
"data": {
"id": "1",
"title": "New Hello World",
"content": "New Hello World"
},
"previousData": {
"id": "1",
"title": "Hello World",
"content": "Hello World"
},
"meta": {
"dataProviderName": "simple-rest",
"id": "1"
}
}
refine returns the previousData from the react-query cache. So, if it cannot find the previous data, it will return undefined.
When a record is deleted, refine automatically sends an event to create method like this:
{
"action": "delete",
"resource": "posts",
"meta": {
"dataProviderName": "simple-rest",
"id": "1"
}
}
If getUserIdentity is defined in your auth provider, the author object is added to the event with the value returned by getUserIdentity.
Now let's see how we can handle these events in our audit log provider.
import refineSimpleRestDataProvider from "@pankod/refine-simple-rest";
const API_URL = "https://api.fake-rest.refine.dev";
const dataProvider = refineSimpleRestDataProvider(API_URL);
const auditLogProvider: AuditLogProvider = {
create: (params) => {
return dataProvider(API_URL).create({
resource: "logs",
variables: params,
});
},
};
Parameter Types
This method can take the following parameters.
| Name | Type |
|---|---|
| resource | string |
| action | "create" | "update" | "delete" | string |
| meta | Record<string, any> |
| data | Record<string, any> |
| author | Record<string, any> |
refine will use this create method in the useLog hook.
update
This method is used to update an audit log event.
If you want to name an event, this is the way to do it. You can create a milestone by naming it.
For example, using useLog's log method creates an event like below:
{
"id": "1",
"name": "event name"
}
import refineSimpleRestDataProvider from "@pankod/refine-simple-rest";
const API_URL = "https://api.fake-rest.refine.dev";
const dataProvider = refineSimpleRestDataProvider(API_URL);
const auditLogProvider: AuditLogProvider = {
update: async ({ id, name }) => {
const { data } = await dataProvider(API_URL).update({
resource: "logs",
id,
variables: { name },
});
return data;
},
};
Parameter Types
This method can take the following parameters.
| Name | Type |
|---|---|
| id | BaseKey |
| name | string |
refine will use this update method in the useLog hook.
Supported Hooks
refine creates an audit log event when the mutation is successful on hooks that useCreate, useUpdate and useDelete hooks. The useCreateMany, useUpdateMany and useDeleteMany hooks are not create audit log events.
useCreate
When useCreate is called, refine sends the following parameters to audit log provider's create method.
const { mutate } = useCreate();
mutate({
resource: "posts",
values: {
title: "New Post",
status: "published",
content: "New Post Content",
},
metaData: {
foo: "bar",
},
});
{
"action": "create",
"resource": "posts",
"data": {
"title": "Title",
"status": "published",
"content": "New Post Content"
},
"meta": {
"id": "1",
// `metaData` is included in `meta`.
"foo": "bar"
}
}
useUpdate
When useUpdate is called, refine sends the following parameters to audit log provider's create method.
const { mutate } = useUpdate();
mutate({
id: 1,
resource: "posts",
values: {
title: "Updated New Title",
},
});
{
"action": "update",
"resource": "posts",
"data": {
"title": "Updated New Title",
"status": "published",
"content": "New Post Content"
},
"previousData": {
"title": "Title",
"status": "published",
"content": "New Post Content"
},
"meta": {
"id": 1
}
}
useDelete
When useDelete is called, refine sends the following parameters to audit log provider's create method.
const { mutate } = useDelete();
mutate({
id: 1,
resource: "posts",
});
{
"action": "delete",
"resource": "posts",
"meta": {
"id": 1
}
}
Enable/Disable to Audit Log by Mutation Type for a Resource
The options allows you to manage the audit log events for a resource. In addition, it can be managed in which type of mutations an event will be created. If no definition is made, it works in all actions.
In this case, only events will be created for the create mutation.
<Refine
dataProvider={dataProvider(API_URL)}
resources={[
{
name: "posts",
list: PostList,
create: PostCreate,
edit: PostEdit,
show: PostShow,
canDelete: true,
options: {
auditLog: {
permissions: ["create"],
},
},
},
]}
/>
Example
npm create refine-app@latest -- --example audit-log-provider