Merge pull request #17543 from abpframework/Disbale-Options-Request

Disable logging for `HEAD` if `IsEnabledForGetRequests` is `false`.
2 years ago · 966c07c5ae
parent 05b815c1a5 cc0a2c8bb5
commit 966c07c5ae
3 changed files with 41 additions and 5 deletions
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs
@ -98,13 +98,13 @@ public class AbpAuditingMiddleware : IMiddleware, ITransientDependency
        {
            return false;
        }
-        
-        if (!AuditingOptions.IsEnabledForIntegrationServices && 
+
+        if (!AuditingOptions.IsEnabledForIntegrationServices &&
            context.Request.Path.Value.StartsWith($"/{AbpAspNetCoreConsts.DefaultIntegrationServiceApiPrefix}/"))
        {
            return true;
        }
-        
+
        if (AspNetCoreAuditingOptions.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x)))
        {
            return true;
@ -134,7 +134,8 @@ public class AbpAuditingMiddleware : IMiddleware, ITransientDependency
        }

        if (!AuditingOptions.IsEnabledForGetRequests &&
-            string.Equals(httpContext.Request.Method, HttpMethods.Get, StringComparison.OrdinalIgnoreCase))
+            (string.Equals(httpContext.Request.Method, HttpMethods.Get, StringComparison.OrdinalIgnoreCase) ||
+             string.Equals(httpContext.Request.Method, HttpMethods.Head, StringComparison.OrdinalIgnoreCase)))
        {
            return false;
        }
--- a/framework/test/Volo.Abp.AspNetCore.Mvc.Tests/Volo/Abp/AspNetCore/Mvc/Auditing/AuditTestController_Tests.cs
+++ b/framework/test/Volo.Abp.AspNetCore.Mvc.Tests/Volo/Abp/AspNetCore/Mvc/Auditing/AuditTestController_Tests.cs
@ -1,5 +1,6 @@
 using System.Collections.Generic;
 using System.Linq;
+using System.Net.Http;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Hosting;
@ -41,6 +42,23 @@ public class AuditTestController_Tests : AspNetCoreMvcTestBase
            x.Actions.Any(a => a.MethodName == nameof(AuditTestController.Get))));
    }

+
+    [Fact]
+    public async Task Should_Disable_AuditLog_For_Get_And_Head_Requests()
+    {
+        _options.IsEnabledForGetRequests = false;
+        await GetResponseAsync("api/audit-test/audit-success");
+        await _auditingStore.Received().DidNotReceive().SaveAsync(Arg.Any<AuditLogInfo>());
+
+        using (var requestMessage = new HttpRequestMessage(HttpMethod.Head, "api/audit-test/audit-success"))
+        {
+            var response = await Client.SendAsync(requestMessage);
+            response.StatusCode.ShouldBe(System.Net.HttpStatusCode.OK);
+        }
+
+        await _auditingStore.Received().DidNotReceive().SaveAsync(Arg.Any<AuditLogInfo>());
+    }
+
    [Fact]
    public async Task Should_Trigger_Middleware_And_AuditLog_Success_For_GetRequests()
    {
@ -50,7 +68,6 @@ public class AuditTestController_Tests : AspNetCoreMvcTestBase
        await _auditingStore.Received().SaveAsync(Arg.Any<AuditLogInfo>());
    }

-
    [Fact]
    public async Task Should_Trigger_Middleware_And_AuditLog_Success_For_Specified_Requests()
    {
--- a/framework/test/Volo.Abp.AspNetCore.Mvc.Tests/Volo/Abp/AspNetCore/Mvc/Auditing/AuditTestPage_Tests.cs
+++ b/framework/test/Volo.Abp.AspNetCore.Mvc.Tests/Volo/Abp/AspNetCore/Mvc/Auditing/AuditTestPage_Tests.cs
@ -1,11 +1,13 @@
 using System.Collections.Generic;
 using System.Linq;
+using System.Net.Http;
 using System.Threading.Tasks;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Options;
 using NSubstitute;
+using Shouldly;
 using Volo.Abp.Auditing;
 using Xunit;

@ -40,6 +42,22 @@ public class AuditTestPage_Tests : AspNetCoreMvcTestBase
            x.Actions.Any(a => a.MethodName == nameof(AuditTestPage.OnGet))));
    }

+    [Fact]
+    public async Task Should_Disable_AuditLog_For_Get_And_Head_Requests()
+    {
+        _options.IsEnabledForGetRequests = false;
+        await GetResponseAsync("/Auditing/AuditTestPage");
+        await _auditingStore.Received().DidNotReceive().SaveAsync(Arg.Any<AuditLogInfo>());
+
+        using (var requestMessage = new HttpRequestMessage(HttpMethod.Head, "/Auditing/AuditTestPage"))
+        {
+            var response = await Client.SendAsync(requestMessage);
+            response.StatusCode.ShouldBe(System.Net.HttpStatusCode.OK);
+        }
+
+        await _auditingStore.Received().DidNotReceive().SaveAsync(Arg.Any<AuditLogInfo>());
+    }
+
    [Fact]
    public async Task Should_Trigger_Middleware_And_AuditLog_Success_For_GetRequests()
    {