Skip to content

Fix Audit Log Issue#25803

Merged
mohityadav766 merged 7 commits intomainfrom
fix-audit
Feb 11, 2026
Merged

Fix Audit Log Issue#25803
mohityadav766 merged 7 commits intomainfrom
fix-audit

Conversation

@mohityadav766
Copy link
Member

@mohityadav766 mohityadav766 commented Feb 11, 2026

Describe your changes:

Fixes

I worked on ... because ...

Type of change:

  • Bug fix
  • Improvement
  • New feature
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation

Checklist:

  • I have read the CONTRIBUTING document.
  • My PR title is Fixes <issue-number>: <short explanation>
  • I have commented on my code, particularly in hard-to-understand areas.
  • For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

Summary by Gitar

  • Fixed audit log data integrity:
    • Refactored writeAuthEvent() to use standard ChangeEvent flow, ensuring event_json column is populated for login/logout events
  • New EventType values:
    • Added USER_LOGIN and USER_LOGOUT to changeEventType.json schema for type-safe authentication events
  • Type safety improvement:
    • Migrated auth event constants from String literals to EventType enum in AuditLogRepository.java

This will update automatically on new commits.


@github-actions
Copy link
Contributor

TypeScript types have been updated based on the JSON schema changes in the PR

@github-actions
Copy link
Contributor

TypeScript types have been updated based on the JSON schema changes in the PR

@github-actions
Copy link
Contributor

github-actions bot commented Feb 11, 2026

Jest test Coverage

UI tests summary

Lines Statements Branches Functions
Coverage: 65%
65.73% (56105/85354) 45.11% (29353/65075) 47.89% (8858/18495)

@gitar-bot
Copy link

gitar-bot bot commented Feb 11, 2026

Code Review ✅ Approved 2 resolved / 2 findings

Clean refactoring that properly integrates auth events into the standard ChangeEvent flow. No new bugs, security issues, or performance concerns found.

✅ 2 resolved
Bug: Generated TypeScript enums don't match JSON schema values

📄 openmetadata-ui/src/main/resources/ui/src/generated/type/changeEventType.ts:36 📄 openmetadata-spec/src/main/resources/json/schema/type/changeEventType.json:28
The JSON schema changeEventType.json defines "userLogin" and "userLogout", but all 8 generated TypeScript files contain UserLoggedIn = "userLoggedIn" and UserLoggedOut = "userLoggedOut". These string values don't match.

The TypeScript files appear to have been generated from a previous version of the schema (when the enum values were "userLoggedIn"/"userLoggedOut") and were not regenerated after the schema was updated in commit 21c3482 to use "userLogin"/"userLogout".

Impact: The backend Java code will serialize these event types as "userLogin"/"userLogout" (matching the schema), but the frontend TypeScript code will use "userLoggedIn"/"userLoggedOut". This means:

  • Frontend event type filtering will fail to match backend events
  • Any TypeScript code comparing against these enum values will never match actual API responses
  • Type safety is broken across the full stack

Fix: Re-run the TypeScript code generator from the updated JSON schema so the TS enums produce UserLogin = "userLogin" and UserLogout = "userLogout".

Bug: Event type string changed, breaking existing data and tests

📄 openmetadata-spec/src/main/resources/json/schema/type/changeEventType.json:28 📄 openmetadata-service/src/main/java/org/openmetadata/service/audit/AuditLogRepository.java:503
The old string constants used "userLogin" / "userLogout", but the new enum values serialize to "userLoggedIn" / "userLoggedOut". This introduces two problems:

  1. Backward compatibility for existing data: Any audit log records already stored in the database with event_type = "userLogin" or "userLogout" will no longer match the new values. The formatAuthEventSummary() method (line 503) now compares against "userLoggedIn", so old records will fall through to the raw return eventType instead of getting the human-readable summary.

  2. Integration tests are broken: The tests in AuditLogResourceIT.java still reference the old event type strings ("userLogin", "userLogout") and will fail, as the new code stores different values.

Suggested fix options:

  • Option A: Add a data migration to update existing event_type values from "userLogin""userLoggedIn" and "userLogout""userLoggedOut" in the audit log table, and update the integration tests.
  • Option B: In formatAuthEventSummary(), also check for the legacy string values alongside the new enum values, and update the integration tests.
  • Option C: Change the enum values in the JSON schema to match the old strings ("userLogin", "userLogout") to maintain backward compatibility without migration.
Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply Compact
gitar auto-apply:on         
gitar display:verbose         

Was this helpful? React with 👍 / 👎 | Gitar

@sonarqubecloud
Copy link

@mohityadav766 mohityadav766 merged commit f473d5f into main Feb 11, 2026
26 of 35 checks passed
@mohityadav766 mohityadav766 deleted the fix-audit branch February 11, 2026 20:54
@github-actions
Copy link
Contributor

Failed to cherry-pick changes to the 1.11.9 branch.
Please cherry-pick the changes manually.
You can find more details here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backend safe to test Add this label to run secure Github workflows on PRs To release Will cherry-pick this PR into the release branch

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants