|
| 1 | +# History System Documentation |
| 2 | + |
| 3 | +## Overview |
| 4 | + |
| 5 | +The History system in Adminizer provides a flexible and extensible way to track changes to model instances, store historical records, and expose them securely to users through an API. It supports multiple adapters, access control, model-specific configurations, and smart data formatting. |
| 6 | + |
| 7 | +The core idea is to **capture state snapshots** of any model change (create, update, delete), assign metadata (user, timestamp, model name, ID), and allow retrieval filtered by user permissions, time range, or model type. |
| 8 | + |
| 9 | +--- |
| 10 | + |
| 11 | +## Key Components |
| 12 | + |
| 13 | +### 1. `HistoryHandler` |
| 14 | + |
| 15 | +- Central registry for managing one or more history adapters. |
| 16 | +- Aggregates functionality from registered adapters. |
| 17 | +- Ensures proper routing of requests based on adapter availability. |
| 18 | + |
| 19 | +### 2. `AbstractHistoryAdapter` |
| 20 | + |
| 21 | +An abstract base class defining the contract for all history adapters. It includes: |
| 22 | +- Access rights management (`history-${id}`, `users-history-${id}`). |
| 23 | +- Built-in filtering based on user permissions. |
| 24 | +- Model access checks (via `getModels()`). |
| 25 | +- Data enhancement (e.g., `displayName` resolution). |
| 26 | +- Media manager and association field handling. |
| 27 | +- Protection against internal/admin models via `excludedModels`. |
| 28 | + |
| 29 | +--- |
| 30 | + |
| 31 | +## Default Adapter: `DefaultHistoryAdapter` |
| 32 | + |
| 33 | +This built-in adapter uses the `HistoryActionsAP` model to persist history records in the database. |
| 34 | + |
| 35 | +### How It Works |
| 36 | + |
| 37 | +1. **Storage** |
| 38 | + On every tracked change: |
| 39 | + - Existing current record (`isCurrent: true`) for the same `(modelName, modelId)` is marked as outdated. |
| 40 | + - A new record is created with `isCurrent: true`, containing: |
| 41 | + - `modelName`, `modelId` |
| 42 | + - `user` (ID or login) |
| 43 | + - `action` (e.g., "update") |
| 44 | + - `data` — full snapshot of the model's fields at that time |
| 45 | + - Timestamps (`createdAt`, etc.) |
| 46 | + |
| 47 | +2. **Retrieval** |
| 48 | + - Filters results based on: |
| 49 | + - User's read access to the model. |
| 50 | + - Whether the user has `users-history-default` permission (to view others’ actions). |
| 51 | + - Optional filters: `modelName`, `forUserName`, `from`, `to`, pagination. |
| 52 | + |
| 53 | +3. **Data Formatting** |
| 54 | + - Resolves `displayName` using model config: |
| 55 | + ```ts |
| 56 | + displayName: string | ((record: any) => string) |
| 57 | + ``` |
| 58 | + If not defined → falls back to `modelId`. |
| 59 | + |
| 60 | +4. **Security** |
| 61 | + - Respects RBAC (Role-Based Access Control). |
| 62 | + - Internal models (like `UserAP`, `MediaManagerAP`, etc.) are excluded by default. |
| 63 | + - Configurable extra exclusions via `config.history.excludeModels`. |
| 64 | + |
| 65 | +--- |
| 66 | + |
| 67 | +## Configuration (Type Definition) |
| 68 | + |
| 69 | +```ts |
| 70 | +interface HistoryConfig { |
| 71 | + enabled?: boolean; |
| 72 | + adapter?: string; // 'default' | custom adapter ID |
| 73 | + excludeModels?: string[]; // additional models to exclude from tracking |
| 74 | +} |
| 75 | +``` |
| 76 | + |
| 77 | +**Example:** |
| 78 | + |
| 79 | +```ts |
| 80 | +config: { |
| 81 | + history: { |
| 82 | + enabled: true, |
| 83 | + adapter: "default", // optional, default if not specified |
| 84 | + excludeModels: ["post", "category"] |
| 85 | + } |
| 86 | +} |
| 87 | +``` |
| 88 | +If `enabled: false` or not set, no history will be recorded or served. |
| 89 | + |
| 90 | +## Using a Custom Adapter |
| 91 | +You can replace or extend the default behavior by implementing your own adapter. |
| 92 | + |
| 93 | +**Step 1:** Implement `AbstractHistoryAdapter` |
| 94 | + |
| 95 | +```ts |
| 96 | +import { AbstractHistoryAdapter } from '../lib/history-actions/AbstractHistoryAdapter'; |
| 97 | +import { HistoryActionsAP, UserAP } from '../models'; |
| 98 | +
|
| 99 | +export class MyCustomHistoryAdapter extends AbstractHistoryAdapter { |
| 100 | + public id = 'myadapter'; // must be unique |
| 101 | + public model = 'custom_history'; // optional, depends on your storage |
| 102 | +
|
| 103 | + constructor(adminizer) { |
| 104 | + super(adminizer); |
| 105 | + // Your initialization |
| 106 | + } |
| 107 | +
|
| 108 | + async getAllHistory(...) { ... } |
| 109 | + async getAllModelHistory(...) { ... } |
| 110 | + async setHistory(...) { ... } |
| 111 | + async getModelFieldsHistory(...) { ... } |
| 112 | +} |
| 113 | +``` |
| 114 | + |
| 115 | +You must implement all abstract methods. |
| 116 | + |
| 117 | +**Step 2:** Register Your Adapter |
| 118 | + |
| 119 | +```ts |
| 120 | +adminizer.historyHandler = new HistoryHandler(); |
| 121 | +adminizer.historyHandler.add(new MyCustomHistoryAdapter(adminizer)); |
| 122 | +``` |
| 123 | +Use Cases for Custom Adapters |
| 124 | + |
| 125 | +Logging to external systems (e.g., Kafka, ELK). |
| 126 | +Immutable storage (e.g., blockchain-like ledger). |
| 127 | +Lightweight logging without full snapshots. |
| 128 | +Different DB (e.g., MongoDB, Redis for recent activity). |
| 129 | + |
| 130 | +## Access Control Tokens |
| 131 | + |
| 132 | +Each adapter registers its own permissions: |
| 133 | + |
| 134 | +| Token | Purpose | |
| 135 | +|-------|---------| |
| 136 | +| `history-${id}` | General access to view history | |
| 137 | +| `users-history-${id}` | View history of any user (otherwise only own) | |
| 138 | + |
| 139 | +These are auto-registered with the Adminizer access rights system. |
| 140 | + |
| 141 | +## Summary Flow |
| 142 | + |
| 143 | +| Step | Description | |
| 144 | +|------|-------------| |
| 145 | +| **1** | **Model Update** | |
| 146 | +| **2** | Adminizer calls `.setHistory(data)` | |
| 147 | +| **3** | Adapter saves snapshot with: `user`, `model`, `id`, `data`, `isCurrent = true` | |
| 148 | +| **4** | Older records for same `(model, id)` → `isCurrent = false` | |
| 149 | +| **5** | **On GET history → filter by:**<br>• User permissions<br>• Model access<br>• Time range<br>• User scope (own vs all) | |
| 150 | +| **6** | **Format output:**<br>• Add `displayName`<br>• Resolve media/associations | |
| 151 | +| **7** | **Return to frontend** | |
| 152 | + |
| 153 | +## Notes |
| 154 | + |
| 155 | +The system is opt-out: all models are tracked unless listed in excludeModels. |
| 156 | +Future improvements may include diff-only storage and compression. |
0 commit comments