From 6e0c9acb34a021855bc63df33b1c835e5a6e540f Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 18 Jan 2023 13:52:11 +0100 Subject: [PATCH] events: exclude base models from model audit log Signed-off-by: Jens Langhammer --- authentik/blueprints/v1/common.py | 2 +- authentik/events/middleware.py | 23 ++++++++++++++++++++--- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/authentik/blueprints/v1/common.py b/authentik/blueprints/v1/common.py index a64734b5b..3a75129fe 100644 --- a/authentik/blueprints/v1/common.py +++ b/authentik/blueprints/v1/common.py @@ -94,7 +94,7 @@ class BlueprintEntry: depth: int = 0, context_tag_type: Optional[type["YAMLTagContext"] | tuple["YAMLTagContext", ...]] = None, ) -> "YAMLTagContext": - """Get a YAMLTagContex object located at a certain depth in the tag tree""" + """Get a YAMLTagContext object located at a certain depth in the tag tree""" if depth < 0: raise ValueError("depth must be a positive number or zero") diff --git a/authentik/events/middleware.py b/authentik/events/middleware.py index e7a953a2f..a6df26d9a 100644 --- a/authentik/events/middleware.py +++ b/authentik/events/middleware.py @@ -12,12 +12,21 @@ from django.http import HttpRequest, HttpResponse from django_otp.plugins.otp_static.models import StaticToken from guardian.models import UserObjectPermission -from authentik.core.models import AuthenticatedSession, User +from authentik.core.models import ( + AuthenticatedSession, + PropertyMapping, + Provider, + Source, + User, + UserSourceConnection, +) from authentik.events.models import Event, EventAction, Notification from authentik.events.utils import model_to_dict -from authentik.flows.models import FlowToken +from authentik.flows.models import FlowToken, Stage from authentik.lib.sentry import before_send from authentik.lib.utils.errors import exception_to_string +from authentik.outposts.models import OutpostServiceConnection +from authentik.policies.models import Policy, PolicyBindingModel IGNORED_MODELS = ( Event, @@ -27,6 +36,14 @@ IGNORED_MODELS = ( StaticToken, Session, FlowToken, + Provider, + Source, + PropertyMapping, + UserSourceConnection, + Stage, + OutpostServiceConnection, + Policy, + PolicyBindingModel, ) @@ -34,7 +51,7 @@ def should_log_model(model: Model) -> bool: """Return true if operation on `model` should be logged""" if model.__module__.startswith("silk"): return False - return not isinstance(model, IGNORED_MODELS) + return model.__class__ not in IGNORED_MODELS class EventNewThread(Thread):