Merge pull request #1032 from dod-ccpo/dont-include-last-login-update-in-auditlog

Do not create AuditEvent if updating the User.last_login

atst/models/user.py

@@ -7,7 +7,11 @@ from atst.models import Base, ApplicationRole, types, mixins
 from atst.models.permissions import Permissions
 from atst.models.portfolio_invitation import PortfolioInvitation
 from atst.models.application_invitation import ApplicationInvitation
-from atst.models.mixins.auditable import record_permission_sets_updates
+from atst.models.mixins.auditable import (
+    AuditableMixin,
+    ACTION_UPDATE,
+    record_permission_sets_updates,
+)
 
 
 users_permission_sets = Table(
@@ -121,5 +125,11 @@ class User(
             if c.name not in ["id"]
         }
 
+    @staticmethod
+    def audit_update(mapper, connection, target):
+        changes = AuditableMixin.get_changes(target)
+        if changes and not "last_login" in changes:
+            target.create_audit_event(connection, target, ACTION_UPDATE)
+
 
 listen(User.permission_sets, "bulk_replace", record_permission_sets_updates, raw=True)

tests/models/test_user.py

@@ -1,6 +1,9 @@
 import pytest
 from sqlalchemy.exc import InternalError
+from datetime import datetime
 
+from atst.database import db
+from atst.domain.users import Users
 from atst.models.user import User
 
 from tests.factories import UserFactory, ApplicationFactory, ApplicationRoleFactory
@@ -37,3 +40,11 @@ def test_deleted_application_roles_are_ignored(session):
     session.commit()
 
     assert len(user.application_roles) == 0
+
+
+def test_does_not_log_user_update_when_updating_last_login(mock_logger):
+    user = UserFactory.create()
+    user.last_login = datetime.now()
+    db.session.add(user)
+    db.session.commit()
+    assert "Audit Event update" not in mock_logger.messages