Developed with love by KnpLabs Hire us for your project!
68

DoctrineAuditBundle

by DamienHarper

This bundle creates audit logs for all doctrine ORM database related changes.

DoctrineAuditBundle

GitHub license
release-version-badge
![php-version-badge]
Downloads

This bundle creates audit logs for all doctrine ORM database related changes:

  • inserts and updates including their diffs and relation field diffs.
  • many to many relation changes, association and dissociation actions.
  • if there is an user in token storage, it is used to identify the user who made the changes.
  • the audit entries are inserted within the same transaction during flush, if something fails the state remains clean.

Basically you can track any change from these log entries if they were
managed through standard ORM operations.

NOTE: audit cannot track DQL or direct SQL updates or delete statement executions.

This bundle is inspired by data-dog/audit-bundle and
simplethings/entity-audit-bundle

Installation

Applications that use Symfony Flex

Open a command console, enter your project directory and execute:

composer require damienharper/doctrine-audit-bundle

Applications that don't use Symfony Flex

Step 1: Download the Bundle

Open a command console, enter your project directory and execute the
following command to download the latest stable version of this bundle:

composer require damienharper/doctrine-audit-bundle

This command requires you to have Composer installed globally, as explained
in the installation chapter
of the Composer documentation.

Step 2: Enable the Bundle

Then, enable the bundle by adding it to the list of registered bundles
in the app/AppKernel.php file of your project:

<?php
// app/AppKernel.php

// ...
class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = array(
            // ...
            new DH\DoctrineAuditBundle\DHDoctrineAuditBundle(),
        );

        // ...
    }

    // ...
}

Configuration

Audited entities and properties

By default, DoctrineAuditBundle won't audit any entity, you have to configure which entities have to be audited.

// app/config/config.yml (symfony < 3.4)
// config/packages/dh_doctrine_audit.yaml (symfony >= 3.4)
dh_doctrine_audit:
    entities:
        MyBundle\Entity\MyAuditedEntity1: ~
        MyBundle\Entity\MyAuditedEntity2: ~

All MyAuditedEntity1 and MyAuditedEntity2 properties will be audited.
Though it is possible to exclude some of them from the audit process.

// app/config/config.yml (symfony < 3.4)
// config/packages/dh_doctrine_audit.yaml (symfony >= 3.4)
dh_doctrine_audit:
    entities:
        MyBundle\Entity\MyAuditedEntity1: ~   # all MyAuditedEntity1 properties are audited
        MyBundle\Entity\MyAuditedEntity2:
            ignored_columns:                  # properties ignored by the audit process
                - createdAt
                - updatedAt

It is also possible to specify properties that are globally ignored by the audit process.

// app/config/config.yml (symfony < 3.4)
// config/packages/dh_doctrine_audit.yaml (symfony >= 3.4)
dh_doctrine_audit:
    ignored_columns:    # properties ignored by the audit process in any audited entity
        - createdAt
        - updatedAt

Audit tables naming format

Audit table names are composed of a prefix, the audited table name and a suffix.
By default, the prefix is empty and the suffix is _audit. Though, they can be customized.

// app/config/config.yml (symfony < 3.4)
// config/packages/dh_doctrine_audit.yaml (symfony >= 3.4)
dh_doctrine_audit:
    table_prefix: ''
    table_suffix: '_audit'

Creating audit tables

Open a command console, enter your project directory and execute the
following command to review the new audit tables in the update schema queue.

# symfony < 3.4
app/console doctrine:schema:update --dump-sql 
# symfony >= 3.4
bin/console doctrine:schema:update --dump-sql 

Notice: DoctrineAuditBundle currently only works with a DBAL Connection and EntityManager named "default".

Using Doctrine Migrations Bundle

# symfony < 3.4
app/console doctrine:migrations:diff
app/console doctrine:migrations:migrate
# symfony >= 3.4
bin/console doctrine:migrations:diff
bin/console doctrine:migrations:migrate

Using Doctrine Schema

# symfony < 3.4
app/console doctrine:schema:update --force
# symfony >= 3.4
bin/console doctrine:schema:update --force

Audit viewer

Add the following routes to the routing configuration to enable the included audits viewer.

// app/config/routing.yml (symfony < 3.4)
// config/routes.yaml (symfony >= 3.4)
dh_doctrine_audit:
    resource: "@DHDoctrineAuditBundle/Controller/"
    type: annotation

It is possible to filter results by event type by calling AuditReader::filterBy method before getting the results.

    /**
     * @Route("/audit/details/{entity}/{id}", name="dh_doctrine_audit_show_audit_entry", methods={"GET"})
     */
    public function showAuditEntryAction(string $entity, int $id)
    {
        $reader = $this->container->get('dh_doctrine_audit.reader');

        $data = $reader
             ->filterBy(AuditReader::UPDATE)   // add this to only get `update` entries.
             ->getAudit($entity, $id)
         ;

        return $this->render('@DHDoctrineAudit/Audit/entity_audit_details.html.twig', [
            'entity' => $entity,
            'entry' => $data[0],
        ]);
    }

Available constants are:
php
AuditReader::UPDATE
AuditReader::ASSOCIATE
AuditReader::DISSOCIATE
AuditReader::INSERT
AuditReader::REMOVE

Custom user provider

If you don't use Symfony's TokenStorage to save your current user, you can configure a custom user provider. You just
need to implement the UserProviderInterface and configure it as a service named dh_doctrine_audit.user_provider.

use DH\DoctrineAuditBundle\User\User;
use DH\DoctrineAuditBundle\User\UserInterface;
use DH\DoctrineAuditBundle\User\UserProviderInterface;

class CustomUserProvider implements UserProviderInterface
{
    public function getUser(): ?UserInterface
    {
        // Your logic goes here...
        return new User($yourUserId, $yourUsername);
    }
}

Then add this to your services.yaml file:

services:
    dh_doctrine_audit.user_provider:
        class: App\CustomUserProvider

Disable auditing at runtime

You can disable audit logging at runtime by calling AuditConfiguration::disableAuditFor(string $entity)
This will prevent the system from logging changes applied to $entity objects.

You can then re-enable audit logging at runtime by calling AuditConfiguration::enableAuditFor(string $entity)

Warning: disabling audit logging for an entity will make its audit logs incomplete/partial (no change applied to specified entity is logged in the relevant audit table while audit logging is disabled for that entity).

To disable auditing for an entity, you first have to inject the dh_doctrine_audit.configuration service in your class, then use:

$auditConfiguration->disableAuditFor(MyAuditedEntity1::class);

To enable auditing afterwards, use:

$auditConfiguration->enableAuditFor(MyAuditedEntity1::class);

You can also disable audit logging for an entity by default and only enable auditing when needed. To do so, add
this to your configuration file:

dh_doctrine_audit:
    entities:
        MyBundle\Entity\MyAuditedEntity1:
            enabled: false

This will create the audit table for this entity, but will only save audit entries when explicitly enabled as shown
above.

Usage

audit entities will be mapped automatically if you run schema update or similar.
And all the database changes will be reflected in the audit logs afterwards.

Audits cleanup

Notice: symfony/lock is required, to install it use composer require symfony/lock

DoctrineAuditBundle provides a convenient command that helps you cleaning audit tables.
Open a command console, enter your project directory and execute:

# symfony < 3.4
app/console audit:clean
# symfony >= 3.4
bin/console audit:clean

By default it cleans audit entries older than 12 months. You can override this by providing the number of months
you want to keep in the audit tables. For example, to keep 18 months:

# symfony < 3.4
app/console audit:clean 18
# symfony >= 3.4
bin/console audit:clean 18

It is also possible to bypass the confirmation and make the command un-interactive if you plan to schedule it (ie. cron)

# symfony < 3.4
app/console audit:clean --no-confirm
# symfony >= 3.4
bin/console audit:clean --no-confirm

FAQ:

I've added an new entity in the config file but it's not audited.

First check its namespace, then clear your cache and re-run doctrine:schema:update or doctrine:migrations:migrate.

I don't use Symfony's TokenStorage to manage my users, how do I proceed?

Check the Custom user provider section.

License

DoctrineAuditBundle is free to use and is licensed under the MIT license

<!-- Badges -->

MIT License

Copyright 2018 Damien Harper

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
  • Handle cases where schema info is not available from metadata.
    By DamienHarper, 1 month ago
  • Do not consider an entity as audited if its parent is (fix #34)
    By DamienHarper, 1 month ago
  • Add schema support (#33)
    By DamienHarper, 2 months ago
  • Wording
    By DamienHarper, 2 months ago
  • Add option to disable audit for a specific entity at runtime (#31)
    By DamienHarper, 2 months ago
  • Add dependency to symfony/security-bundle
    By DamienHarper, 2 months ago
  • Add dependency to symfony/orm-pack
    By DamienHarper, 2 months ago
  • Add dependency to symfony/security-core
    By DamienHarper, 2 months ago
  • Configuration file path was not valid.
    By DamienHarper, 2 months ago
  • Symfony 4.2 compatibility
    By DamienHarper, 2 months ago
  • Support Symfony 4.2+ (#28)
    By DamienHarper, 2 months ago
  • FAQ update
    By DamienHarper, 3 months ago
  • Fixes UserInterface usage in TokenStorageUserProvider
    By DamienHarper, 3 months ago
  • Custom user provider (#27)
    By DamienHarper, 3 months ago
  • Fix #4
    By DamienHarper, 3 months ago
  • Wording
    By DamienHarper, 3 months ago
  • Update ReadMe (#25)
    By DamienHarper, 3 months ago
  • Update README.md (#20)
    By DamienHarper, 3 months ago
  • AuditReader::filterBy can be chained (fluent method).
    By DamienHarper, 4 months ago
  • ADD Audit entry filterBy (#24)
    By DamienHarper, 4 months ago
  • Audit entries creation date are now using UTC timezone
    By DamienHarper, 4 months ago
  • Remove unneeded dependency to SensioFrameworkExtraBundle
    By DamienHarper, 4 months ago
  • Update README.md (#19)
    By DamienHarper, 4 months ago
  • Small optimization
    By DamienHarper, 4 months ago
  • Subscribe to SoftDeleteable event to audit softdeletes
    By DamienHarper, 4 months ago
  • Add downloads badge
    By DamienHarper, 6 months ago
  • Fix deprecated
    By DamienHarper, 6 months ago
  • Fix listener on embedded field (#17)
    By DamienHarper, 7 months ago
  • Use native Twig references for templates (#16)
    By DamienHarper, 7 months ago
  • Allow singe table inheritance (#15)
    By DamienHarper, 7 months ago