improve log

app/controllers/api/active_storage_blobs_proxy_controller.rb

@@ -21,7 +21,11 @@ module Api
 
       blob = ActiveStorage::Blob.find_by!(uuid: blob_uuid)
 
-      authorization_check!(blob) if exp.blank?
+      attachment = blob.attachments.take
+
+      @record = attachment.record
+
+      authorization_check!(attachment) if exp.blank?
 
       if request.headers['Range'].present?
         send_blob_byte_range_data blob, request.headers['Range']
@@ -37,9 +41,7 @@ module Api
 
     private
 
-    def authorization_check!(blob)
+    def authorization_check!(attachment)
-      attachment = blob.attachments.take
-
       is_authorized = attachment.name.in?(%w[logo preview_images]) ||
                       (current_user && attachment.record.account.id == current_user.account_id) ||
                       (current_user && !Docuseal.multitenant? && current_user.role == 'superadmin') ||

app/controllers/api/submitter_email_clicks_controller.rb

@@ -6,10 +6,10 @@ module Api
     skip_authorization_check
 
     def create
-      submitter = Submitter.find_by!(slug: params[:submitter_slug])
+      @submitter = Submitter.find_by!(slug: params[:submitter_slug])
 
-      if params[:t] == SubmissionEvents.build_tracking_param(submitter, 'click_email')
+      if params[:t] == SubmissionEvents.build_tracking_param(@submitter, 'click_email')
-        SubmissionEvents.create_with_tracking_data(submitter, 'click_email', request)
+        SubmissionEvents.create_with_tracking_data(@submitter, 'click_email', request)
       end
 
       render json: {}

app/controllers/api/submitter_form_views_controller.rb

@@ -6,15 +6,15 @@ module Api
     skip_authorization_check
 
     def create
-      submitter = Submitter.find_by!(slug: params[:submitter_slug])
+      @submitter = Submitter.find_by!(slug: params[:submitter_slug])
 
-      submitter.opened_at = Time.current
+      @submitter.opened_at = Time.current
-      submitter.save
+      @submitter.save
 
-      SubmissionEvents.create_with_tracking_data(submitter, 'view_form', request)
+      SubmissionEvents.create_with_tracking_data(@submitter, 'view_form', request)
 
-      WebhookUrls.for_account_id(submitter.account_id, 'form.viewed').each do |webhook_url|
+      WebhookUrls.for_account_id(@submitter.account_id, 'form.viewed').each do |webhook_url|
-        SendFormViewedWebhookRequestJob.perform_async('submitter_id' => submitter.id,
+        SendFormViewedWebhookRequestJob.perform_async('submitter_id' => @submitter.id,
                                                       'webhook_url_id' => webhook_url.id)
       end
 

app/controllers/preview_document_page_controller.rb

@@ -12,6 +12,8 @@ class PreviewDocumentPageController < ActionController::API
 
     return head :not_found unless attachment
 
+    @template = attachment.record
+
     preview_image = attachment.preview_images.joins(:blob)
                               .find_by(blob: { filename: ["#{params[:id]}.png", "#{params[:id]}.jpg"] })
 

app/controllers/submissions_download_controller.rb

@@ -8,20 +8,20 @@ class SubmissionsDownloadController < ApplicationController
   FILES_TTL = 5.minutes
 
   def index
-    submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present?
+    @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present?
 
     signature_valid =
-      if submitter&.slug == params[:submitter_slug]
+      if @submitter&.slug == params[:submitter_slug]
         true
       else
-        submitter = nil
+        @submitter = nil
       end
 
-    submitter ||= Submitter.find_by!(slug: params[:submitter_slug])
+    @submitter ||= Submitter.find_by!(slug: params[:submitter_slug])
 
-    Submissions::EnsureResultGenerated.call(submitter)
+    Submissions::EnsureResultGenerated.call(@submitter)
 
-    last_submitter = submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last
+    last_submitter = @submitter.submission.submitters.where.not(completed_at: nil).order(:completed_at).last
 
     return head :not_found unless last_submitter
 
@@ -34,7 +34,7 @@ class SubmissionsDownloadController < ApplicationController
     end
 
     if params[:combined] == 'true'
-      url = build_combined_url(submitter)
+      url = build_combined_url(@submitter)
 
       if url
         render json: [url]

app/controllers/submit_form_download_controller.rb

@@ -7,17 +7,17 @@ class SubmitFormDownloadController < ApplicationController
   FILES_TTL = 5.minutes
 
   def index
-    submitter = Submitter.find_by!(slug: params[:submit_form_slug])
+    @submitter = Submitter.find_by!(slug: params[:submit_form_slug])
 
-    return redirect_to submitter_download_index_path(submitter.slug) if submitter.completed_at?
+    return redirect_to submitter_download_index_path(@submitter.slug) if @submitter.completed_at?
 
-    return head :unprocessable_entity if submitter.declined_at? ||
+    return head :unprocessable_entity if @submitter.declined_at? ||
-                                         submitter.submission.archived_at? ||
+                                         @submitter.submission.archived_at? ||
-                                         submitter.submission.expired? ||
+                                         @submitter.submission.expired? ||
-                                         submitter.submission.template.archived_at?
+                                         @submitter.submission.template.archived_at?
 
-    last_completed_submitter = submitter.submission.submitters
+    last_completed_submitter = @submitter.submission.submitters
-                                        .where.not(id: submitter.id)
+                                         .where.not(id: @submitter.id)
                                          .where.not(completed_at: nil)
                                          .max_by(&:completed_at)
 
@@ -25,7 +25,7 @@ class SubmitFormDownloadController < ApplicationController
       if last_completed_submitter
         Submitters.select_attachments_for_download(last_completed_submitter)
       else
-        submitter.submission.template.schema_documents.preload(:blob)
+        @submitter.submission.template.schema_documents.preload(:blob)
       end
 
     urls = attachments.map do |attachment|

config/environments/production.rb

@@ -134,7 +134,15 @@ Rails.application.configure do
         {}
       end
 
+    resource = controller.instance_variable_get(:@submitter) ||
+               controller.instance_variable_get(:@submission) ||
+               controller.instance_variable_get(:@template) ||
+               controller.instance_variable_get(:@record)
+
+    current_user = controller.instance_variable_get(:@current_user)
+
     {
+      host: controller.request.host,
       fwd: controller.request.remote_ip,
       params: {
         id: params[:id],
@@ -148,8 +156,10 @@ Rails.application.configure do
                params[:submit_form_slug] ||
                params[:template_slug]).to_s.first(5)
       }.compact_blank,
-      host: controller.request.host,
+      uid: current_user.try(:id),
-      uid: controller.instance_variable_get(:@current_user).try(:id)
+      aid: current_user.try(:account_id),
+      rid: resource.try(:id),
+      raid: resource.try(:account_id)
     }
   end
 end