censor OAuth tokens from activity stream deletion records

see: https://github.com/ansible/tower/issues/1772
2026-01-12 02:19:58 -03:30 · 2018-05-15 09:16:37 -04:00 · 2018-05-15 09:16:37 -04:00 · 05b0c5ec6f
commit 05b0c5ec6f
parent f5c4abc81b
1 changed files with 2 additions and 0 deletions
--- a/awx/main/signals.py
+++ b/awx/main/signals.py
@ -494,6 +494,8 @@ def activity_stream_delete(sender, instance, **kwargs):
        return
    changes = model_to_dict(instance)
    object1 = camelcase_to_underscore(instance.__class__.__name__)
+    if type(instance) == OAuth2AccessToken:
+        changes['token'] = TOKEN_CENSOR
    activity_entry = ActivityStream(
        operation='delete',
        changes=json.dumps(changes),