Skip to content

Add AUDITLOG_EXCLUDE_REVERSE_RELATIONS to avoid logging reverse relation fields#768

Open
peymanahmadifar wants to merge 2 commits intojazzband:masterfrom
peymanahmadifar:fix/auditlog-exclude-reverse-relations
Open

Add AUDITLOG_EXCLUDE_REVERSE_RELATIONS to avoid logging reverse relation fields#768
peymanahmadifar wants to merge 2 commits intojazzband:masterfrom
peymanahmadifar:fix/auditlog-exclude-reverse-relations

Conversation

@peymanahmadifar
Copy link

Fixes issue #551 — Reverse relations are being logged.

Summary:
When computing model diffs we used Model._meta.get_fields() which includes
auto-created reverse relation fields. Those fields can trigger extra DB queries
(if not prefetched) and mutate instance._state.fields_cache as a side-effect.

This PR:

  • Adds a small opt-in setting AUDITLOG_EXCLUDE_REVERSE_RELATIONS (default False).
  • When enabled, reverse relation fields (auto_created & not concrete) are filtered out
    from the fields used to calculate diffs.

Notes:

  • Behaviour is opt-in to remain backward compatible.
  • I added a minimal documentation entry under configuration (docs).
  • I also added a (minimal) test verifying that reverse relations are excluded when the setting is enabled.

Please let me know if you'd prefer to make this opt-out instead of opt-in,
or if you'd rather that the default behavior be changed. Happy to update the PR.

peyman and others added 2 commits October 9, 2025 14:11
Add AUDITLOG_EXCLUDE_REVERSE_RELATIONS setting which, when True,
excludes auto-created reverse relation fields (auto_created and not concrete)
from the diff calculation to avoid extra DB hits and inadvertent mutation
of instance._state.fields_cache.

Closes jazzband#551 (or: Fixes behavior described in jazzband#551).
@codecov
Copy link

codecov bot commented Oct 9, 2025

Codecov Report

❌ Patch coverage is 40.00000% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 95.58%. Comparing base (85056b7) to head (952924f).
⚠️ Report is 6 commits behind head on master.

Files with missing lines Patch % Lines
auditlog/diff.py 25.00% 3 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##           master     #768      +/-   ##
==========================================
- Coverage   95.81%   95.58%   -0.24%     
==========================================
  Files          34       34              
  Lines        1195     1200       +5     
==========================================
+ Hits         1145     1147       +2     
- Misses         50       53       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@hramezani
Copy link
Member

Thanks @peymanahmadifar for the PR.

Please add tests and a changelog entry.

@2ykwang Please review the PR

@hramezani hramezani requested a review from 2ykwang October 9, 2025 11:00
@2ykwang 2ykwang added this to the 3.4.0 milestone Oct 17, 2025
Copy link
Member

@2ykwang 2ykwang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the patch! @peymanahmadifar
could you add test cases for this change?

- ``auditlog_history_template``: Template to use for rendering the history page (default: ``auditlog/object_history.html``)
- ``auditlog_history_per_page``: Number of log entries to display per page (default: 10)

.. versionadded:: 3.2.2
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
.. versionadded:: 3.2.2
.. versionadded:: 3.4.0

# Reverse relations (auto_created & not concrete) can cause unwanted DB hits
# and mutate instance._state.fields_cache as a side-effect.
# Make this behavior opt-in via AUDITLOG_EXCLUDE_REVERSE_RELATIONS.
if settings.AUDITLOG_EXCLUDE_REVERSE_RELATIONS:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the reverse-relation filtering belongs in track_field rather than model_instance_diff
That keeps the “what to track” policy in one place

def track_field(field):
    """
    Returns whether the given field should be tracked by Auditlog.

    Untracked fields are many-to-many relations and relations to the Auditlog LogEntry model.

    :param field: The field to check.
    :type field: Field
    :return: Whether the given field should be tracked.
    :rtype: bool
    """

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants