Laravel Userstamps Laravel Package

Product Decisions This Supports

• Auditability & Compliance: Enables tracking of who created, updated, or deleted records, critical for regulatory compliance (e.g., GDPR, SOX) or internal audits.
• Build vs. Buy: Buy—avoids reinventing a common pattern (userstamps) while maintaining flexibility for customization (e.g., polymorphic relationships).
• Feature Roadmap:
  • Phase 1: Core audit trails for high-priority models (e.g., financial records, user profiles).
  • Phase 2: Extend to soft-deleted records or integrate with activity logs for a unified audit system.
  • Phase 3: Add userstamps to API responses (e.g., created_by in JSON) for client-side tracking.
• Use Cases:
  • Admin Dashboards: Show "Last Modified By" for records.
  • Dispute Resolution: Prove ownership/edits of sensitive data (e.g., customer orders).
  • Multi-Tenant Systems: Track tenant-specific actions via polymorphic relationships (is_using_morph = true).
  • API Versioning: Log API user actions (e.g., updated_by for webhook-triggered updates).

When to Consider This Package

• Adopt if:

  • Your Laravel app lacks consistent user tracking across models.
  • You need low-code, maintainable audit trails (vs. manual created_at/updated_at + foreign keys).
  • Your team prioritizes developer velocity over custom solutions (e.g., no need to write 10+ migration snippets).
  • You require soft-deleted user tracking (e.g., deleted_by for archived records).
  • Your user model is standard (or polymorphic support is enabled).

• Look elsewhere if:

  • You need fine-grained event logging (e.g., "Field X changed from Y to Z") → Consider spatie/laravel-activitylog.
  • Your database schema is highly customized (e.g., non-standard ID columns) → May require forks or overrides.
  • You’re using non-Laravel PHP or need multi-framework support.
  • You require real-time userstamp updates (e.g., WebSockets) → This is a database-level solution.
  • Your team prefers event-driven architectures (e.g., Laravel Events) over model traits.

How to Pitch It (Stakeholders)

For Executives:

"This package automates audit trails for our Laravel models, reducing compliance risk and improving transparency. For example, if a customer disputes an order change, we can instantly show who made the edit and when—cutting resolution time by 50%. It’s a lightweight, maintainable solution that costs nothing upfront and pays dividends in trust and regulatory safety. We’ll start with core models (e.g., Orders, Users) and expand as needed."

ROI:

• Time Saved: No manual tracking code per model (hours/week).
• Risk Reduction: Proves accountability for sensitive data changes.
• Scalability: Works for 10 or 10,000 models with zero additional effort.

For Engineering:

*"This is a drop-in Laravel package that adds created_by, updated_by, and deleted_by fields to any model with zero boilerplate. Key benefits:

• Migration Macros: Add userstamps() to any table schema in seconds.
• Polymorphic Support: Works with custom user models or standard users table.
• Soft Deletes: Tracks who soft-deleted records (e.g., for archival).
• Zero Overhead: Uses Laravel’s existing event system under the hood.

Implementation Plan:

1. Pilot: Apply to 3 high-value models (e.g., Order, UserProfile, Invoice).
2. Config: Publish the package config to customize column names/behavior.
3. Testing: Verify soft-deletes and polymorphic relationships work as expected.
4. Document: Add a wiki page for future teams on how to extend it (e.g., custom queries).

Trade-offs:

• Not a full activity log: Only tracks who, not what changed (use spatie/activitylog for that).
• Requires Laravel: Not framework-agnostic.

Next Steps:

• Add to composer.json and publish config.
• Update migration templates to include userstamps().
• Test with a non-standard user model (e.g., Admin vs. User)."*