Merge pull request #1032 from dod-ccpo/dont-include-last-login-update-in-auditlog

Do not create AuditEvent if updating the User.last_login
2019-08-19 11:26:36 -04:00
parent a6f925e080 96a2520e0c
commit 0cbd971c11
2 changed files with 22 additions and 1 deletions
--- a/atst/models/user.py
+++ b/atst/models/user.py
@@ -7,7 +7,11 @@ from atst.models import Base, ApplicationRole, types, mixins
 from atst.models.permissions import Permissions
 from atst.models.portfolio_invitation import PortfolioInvitation
 from atst.models.application_invitation import ApplicationInvitation
-from atst.models.mixins.auditable import record_permission_sets_updates
+from atst.models.mixins.auditable import (
+    AuditableMixin,
+    ACTION_UPDATE,
+    record_permission_sets_updates,
+)


 users_permission_sets = Table(
@@ -121,5 +125,11 @@ class User(
            if c.name not in ["id"]
        }

+    @staticmethod
+    def audit_update(mapper, connection, target):
+        changes = AuditableMixin.get_changes(target)
+        if changes and not "last_login" in changes:
+            target.create_audit_event(connection, target, ACTION_UPDATE)
+

 listen(User.permission_sets, "bulk_replace", record_permission_sets_updates, raw=True)