From ae83c35dfdfa748f5a3d2442e14e811f839b013e Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 6 Nov 2021 13:00:59 +0100 Subject: [PATCH] events: ignore creation/deletion of AuthenticatedSession objects Signed-off-by: Jens Langhammer --- authentik/events/middleware.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/authentik/events/middleware.py b/authentik/events/middleware.py index 9a3c3d0ae..6e57365a7 100644 --- a/authentik/events/middleware.py +++ b/authentik/events/middleware.py @@ -7,16 +7,25 @@ from django.core.exceptions import SuspiciousOperation from django.db.models import Model from django.db.models.signals import post_save, pre_delete from django.http import HttpRequest, HttpResponse +from django_otp.plugins.otp_static.models import StaticToken from guardian.models import UserObjectPermission from authentik.core.middleware import LOCAL -from authentik.core.models import User +from authentik.core.models import AuthenticatedSession, User from authentik.events.models import Event, EventAction, Notification from authentik.events.signals import EventNewThread from authentik.events.utils import model_to_dict from authentik.lib.sentry import before_send from authentik.lib.utils.errors import exception_to_string +IGNORED_MODELS = ( + Event, + Notification, + UserObjectPermission, + AuthenticatedSession, + StaticToken, +) + class AuditMiddleware: """Register handlers for duration of request-response that log creation/update/deletion @@ -82,7 +91,7 @@ class AuditMiddleware: user: User, request: HttpRequest, sender, instance: Model, created: bool, **_ ): """Signal handler for all object's post_save""" - if isinstance(instance, (Event, Notification, UserObjectPermission)): + if isinstance(instance, IGNORED_MODELS): return action = EventAction.MODEL_CREATED if created else EventAction.MODEL_UPDATED @@ -92,7 +101,7 @@ class AuditMiddleware: # pylint: disable=unused-argument def pre_delete_handler(user: User, request: HttpRequest, sender, instance: Model, **_): """Signal handler for all object's pre_delete""" - if isinstance(instance, (Event, Notification, UserObjectPermission)): # pragma: no cover + if isinstance(instance, IGNORED_MODELS): # pragma: no cover return EventNewThread(