CODEWITHSUNDEEP
c#audit.net
Azri Zakaria
Azri Zakaria

Reputation: 1364

AuditIgnore on IdentityUser - Audit.Net

I'am using the Audit.Net to track the changes. Very good libray

By using Audit.EntityFramework extension, we can ignore the properties to be track.

public class User
{
    public int Id { get; set; }
    [AuditIgnore]
    public string Password { get; set; }
    ...
}

But I have problem

  1. I'am not using Audit.EntityFramework extension. Just get the json format by using my own custom data provider. So [AuditIgnore] cannot work here.
  2. How to ignore the password property on the IdentityUser class?

Here my custom data provider

public class MyCustomDataProvider : AuditDataProvider
    {
        public override object InsertEvent(AuditEvent auditEvent)
        {
            var AuditEventInJson = auditEvent.ToJson();

            //Save into to DB;
        }
    }

Upvotes: 2

Views: 1208

Answers (1)

thepirat000
thepirat000

Reputation: 13114

The ToJson() method will internally use the JSON.NET library to serialize the event and will use the default settings from the static property Audit.Core.Configuration.JsonSettings

So if you can change the code of the class containing the password, you can use the JsonIgnore attribute:

public class User
{
    [JsonIgnore]
    public string Password { get; set; }
    ...
}

Alternatively, if you cannot decorate the property, you can create a custom Contract Resolver to ignore properties generically, for example to ignore any property called "Password":

class MyCustomResolver : DefaultContractResolver
{
    protected override IList<JsonProperty> CreateProperties(Type type, MemberSerialization memberSerialization)
    {
        var props = base.CreateProperties(type, memberSerialization);
        return props.Where(p => p.PropertyName != "Password").ToList();
    }
}

For this to work with the Audit.NET ToJson() method, you need to set the contract resolver on the Audit.NET global configuration like this:

Audit.Core.Configuration.JsonSettings.ContractResolver = new MyCustomResolver();

A third option is to attach a Custom Action to remove the properties to ignore before the event saving takes place, for example:

Audit.Core.Configuration.AddCustomAction(ActionType.OnEventSaving, scope =>
{
    var efEvent = scope.Event.GetEntityFrameworkEvent();
    efEvent.Entries.ForEach(e => 
    { 
        e.Changes.RemoveAll(ch => ch.ColumnName == "Password");
    });
});

Upvotes: 3

Related Questions