Allow to ignore request.user validation

hugobranquinho · jheld · commit 817679cffda5 · 2022-09-03T23:12:55.000-04:00
If setting `DJANGO_EASY_AUDIT_CHECK_IF_REQUEST_USER_EXISTS` set to `False`, no `request.user` validation is made on DB.
This allow the calling proejct to ignore user validation and speed up audit creation, plus, save some DB queries.
diff --git a/README.md b/README.md
@@ -106,7 +106,11 @@ Below are some of the settings you may want to use. These should be defined in y
   determined by the `pre_save` handler sees that there are no changed fields. We are keeping it off by default so that
   projects that wish to use this (potentially less `CRUDEvent`) can choose to turn it on! And those that do not want it (yet or ever),
   or those that do not closely follow the release notes of this project will have one less worry when upgrading.
-  
+
+* `DJANGO_EASY_AUDIT_CHECK_IF_REQUEST_USER_EXISTS`
+
+  By default this is `True`, but this allows the calling project to make easyaudit ignore user validation on audit event creation.
+  This is useful when you have a app with soft delete or no delete on users model. With this set to `False`, easyaudit only fetch `request.user` for audit event creation, no db check is made, meaning you can speed up audit events creation and save some DB calls.
 
 * `DJANGO_EASY_AUDIT_READONLY_EVENTS`
 
diff --git a/easyaudit/signals/model_signals.py b/easyaudit/signals/model_signals.py
@@ -46,6 +46,23 @@ def should_audit(instance):
     return True
 
 
+def get_current_user_details():
+    user_id = None
+    user_pk_as_string = None
+
+    try:
+        user = get_current_user()
+        if user and not isinstance(user, AnonymousUser):
+            if getattr(settings, "DJANGO_EASY_AUDIT_CHECK_IF_REQUEST_USER_EXISTS", True):
+                # validate that the user still exists
+                user = get_user_model().objects.get(pk=user.pk)
+            user_id, user_pk_as_string = user.id, str(user.pk)
+    except:
+        pass
+
+    return user_id, user_pk_as_string
+
+
 # signals
 def pre_save(sender, instance, raw, using, update_fields, **kwargs):
     """https://docs.djangoproject.com/es/1.10/ref/signals/#post-save"""
@@ -76,15 +93,7 @@ def pre_save(sender, instance, raw, using, update_fields, **kwargs):
                 event_type = CRUDEvent.UPDATE
 
             # user
-            try:
-                user = get_current_user()
-                # validate that the user still exists
-                user = get_user_model().objects.get(pk=user.pk)
-            except:
-                user = None
-
-            if isinstance(user, AnonymousUser):
-                user = None
+            user_id, user_pk_as_string = get_current_user_details()
 
             # callbacks
             kwargs['request'] = get_current_request()  # make request available for callbacks
@@ -106,9 +115,9 @@ def crud_flow():
                                 'changed_fields': changed_fields,
                                 'content_type_id': c_t.id,
                                 'object_id': instance.pk,
-                                'user_id': getattr(user, 'id', None),
+                                'user_id': user_id,
                                 'datetime': timezone.now(),
-                                'user_pk_as_string': str(user.pk) if user else user
+                                'user_pk_as_string': user_pk_as_string,
                             })
                     except Exception as e:
                         try:
@@ -142,15 +151,7 @@ def post_save(sender, instance, created, raw, using, update_fields, **kwargs):
                 event_type = CRUDEvent.CREATE
 
             # user
-            try:
-                user = get_current_user()
-                # validate that the user still exists
-                user = get_user_model().objects.get(pk=user.pk)
-            except:
-                user = None
-
-            if isinstance(user, AnonymousUser):
-                user = None
+            user_id, user_pk_as_string = get_current_user_details()
 
             # callbacks
             kwargs['request'] = get_current_request()  # make request available for callbacks
@@ -172,9 +173,9 @@ def crud_flow():
                                 'object_json_repr': object_json_repr,
                                 'content_type_id': c_t.id,
                                 'object_id': instance.pk,
-                                'user_id': getattr(user, 'id', None),
+                                'user_id': user_id,
                                 'datetime': timezone.now(),
-                                'user_pk_as_string': str(user.pk) if user else user
+                                'user_pk_as_string': user_pk_as_string
                             })
                     except Exception as e:
                         try:
@@ -253,15 +254,8 @@ def m2m_changed(sender, instance, action, reverse, model, pk_set, using, **kwarg
                     event_type = CRUDEvent.M2M_CHANGE  # just in case
 
             # user
-            try:
-                user = get_current_user()
-                # validate that the user still exists
-                user = get_user_model().objects.get(pk=user.pk)
-            except:
-                user = None
+            user_id, user_pk_as_string = get_current_user_details()
 
-            if isinstance(user, AnonymousUser):
-                user = None
             c_t = ContentType.objects.get_for_model(instance)
 
             def crud_flow():
@@ -278,9 +272,9 @@ def crud_flow():
                             'changed_fields': changed_fields,
                             'content_type_id': c_t.id,
                             'object_id': instance.pk,
-                            'user_id': getattr(user, 'id', None),
+                            'user_id': user_id,
                             'datetime': timezone.now(),
-                            'user_pk_as_string': str(user.pk) if user else user
+                            'user_pk_as_string': user_pk_as_string
                         })
                 except Exception as e:
                     try:
@@ -308,15 +302,8 @@ def post_delete(sender, instance, using, **kwargs):
             object_json_repr = serializers.serialize("json", [instance])
 
             # user
-            try:
-                user = get_current_user()
-                # validate that the user still exists
-                user = get_user_model().objects.get(pk=user.pk)
-            except:
-                user = None
+            user_id, user_pk_as_string = get_current_user_details()
 
-            if isinstance(user, AnonymousUser):
-                user = None
             c_t = ContentType.objects.get_for_model(instance)
 
             # object id to be used later
@@ -332,9 +319,9 @@ def crud_flow():
                             'object_json_repr': object_json_repr,
                             'content_type_id': c_t.id,
                             'object_id': obj_id,
-                            'user_id': getattr(user, 'id', None),
+                            'user_id': user_id,
                             'datetime': timezone.now(),
-                            'user_pk_as_string': str(user.pk) if user else user
+                            'user_pk_as_string': user_pk_as_string
                         })
 
                 except Exception as e:
