Add information about deleted objects in auditlog table

[Simrayz]

Scope and purpose

Resolves #1727

This PR adds information to the Object column in the Auditlog table. If the LogEntry refers to an object that has been deleted, it displays a message in the format "{object name} #{object ID} has been deleted". This should make it easier to distinguish a deleted entry from an entry that has no associated object.

This PR adds information to the Actor, Object and Target column in the Auditlog table. If the LogEntry refers to a model that has been deleted, it displays a message in the format "{model name} #{model ID} has been deleted". This should make it easier to distinguish entries that have no associated model from those where the reference has been deleted.

Screenshots

Contributor Checklist

Every pull request should have this checklist filled out, no matter how small it is.
More information about contributing to NAV can be found in the
Hacker's guide to NAV.

• Added a changelog fragment for towncrier
• Added/amended tests for new/changed code
• Added/changed documentation
• Linted/formatted the code with ruff, easiest by using pre-commit
• Wrote the commit message so that the first line continues the sentence "If applied, this commit will ...", starts with a capital letter, does not end with punctuation and is 50 characters or less long. See https://cbea.ms/git-commit/
• Based this pull request on the correct upstream branch: For a patch/bugfix affecting the latest stable version, it should be based on that version's branch (<major>.<minor>.x). For a new feature or other additions, it should be based on master.
• If applicable: Created new issues if this PR does not fix the issue completely/there is further work to be done
• If it's not obvious from a linked issue, described how to interact with NAV in order for a reviewer to observe the effects of this change first-hand (commands, URLs, UI interactions)
• If this results in changes in the UI: Added screenshots of the before and after
• If this adds a new Python source code file: Added the boilerplate header to that file

[hmpf]

You need to do this for target and actor as well.

We could also do the HTML escape here, by escaping actor, object, target and also summary in a SerializerMethodField.

[hmpf]

When deleting an account, for some reason in my db the object_pk of the log entry delete-account was set to zero so this is not sufficient, it would print as "account #None has been deleted".

[hmpf]

Also, actor_pk, object_pk, target_pk need not be a number, it can be a string. They are stored as strings.

[Simrayz]

Sounds like a bug in the Account module. The object_pk should always point to a previously referenced object, no?

[hmpf]

In auditlogs for other systems (Microsoft Azure is one) I have seen they only show "deleted", just the pk, or a symbol.

In the same systems, still existing objects are frequently linked up to a details-page (very much out of scope!)

[hmpf]

Whether any _pk should always point to something after having been set once is undefined behavior I think.

[hmpf]

I have made #3709 for tracking the missing _pk matter.

[github-actions]

Test results

    27 files      27 suites   45m 35s ⏱️
 2 778 tests  2 778 ✅ 0 💤 0 ❌
20 614 runs  20 614 ✅ 0 💤 0 ❌

Results for commit 92eb9c4.

♻️ This comment has been updated with latest results.

[codecov]

Codecov Report

❌ Patch coverage is 66.66667% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 63.16%. Comparing base (1ee8e43) to head (92eb9c4).
⚠️ Report is 568 commits behind head on master.

Files with missing lines	Patch %	Lines
python/nav/auditlog/api.py	66.66%	7 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3705      +/-   ##
==========================================
+ Coverage   63.07%   63.16%   +0.09%     
==========================================
  Files         612      612              
  Lines       45247    45320      +73     
  Branches       43       43              
==========================================
+ Hits        28539    28627      +88     
+ Misses      16698    16683      -15     
  Partials       10       10              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[hmpf]

We should get a second opinion about when _pk has been set to None on deletion.

We need a second opinion about when _pk is missing.

[lunkwill42]

Debug how what why?

[Simrayz]

I added this method to debug what the view returns, and forgot to remove it. It's fixed now, and I squashed the fixups :)

[lunkwill42]

We should get a second opinion about when _pk has been set to None on deletion.

Not sure I understand what you're referring to here.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[hmpf]

We should get a second opinion about when _pk has been set to None on deletion.

Not sure I understand what you're referring to here.

See #3709

[hmpf]

See also #3709, #3738, #3739

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[hmpf]

When something has been deleted it is now shown as "TABLENAME deleted", no matter if the deletion was done correctly or not.

It still makes for a wider column than columns pointing to still existing objects, though.

[lunkwill42]

I prefer a version where the PK of the missing object is included in the description (when it is present in the auditlog), so I can at least see which auditlog entries that definitely refer to the same thing. It seems the original version before PR feedback did in fact include that...

[hmpf]

I prefer a version where the PK of the missing object is included in the description (when it is present in the auditlog), so I can at least see which auditlog entries that definitely refer to the same thing. It seems the original version before PR feedback did in fact include that...

But the format was only correct for integers and was incredibly verbose.

[lunkwill42]

I understand from @Simrayz (via Slack) that this PR may in reality have been superseded by another Auditlog PR (but not sure which one)...

[Simrayz]

I understand from @Simrayz (via Slack) that this PR may in reality have been superseded by another Auditlog PR (but not sure which one)...

I was referring to #3776. It removes the need for doing complicated queries for the account/target/object columns.

[Simrayz]

Made irrelevant by #3776