From 05b0c5ec6f46d3555d6ea2e3fdabb259209a60f4 Mon Sep 17 00:00:00 2001
From: Ryan Petrello <rpetrell@redhat.com>
Date: Tue, 15 May 2018 09:16:37 -0400
Subject: [PATCH] censor OAuth tokens from activity stream deletion records

see: https://github.com/ansible/tower/issues/1772
---
 awx/main/signals.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/awx/main/signals.py b/awx/main/signals.py
index ea663eba39..86c798795d 100644
--- a/awx/main/signals.py
+++ b/awx/main/signals.py
@@ -494,6 +494,8 @@ def activity_stream_delete(sender, instance, **kwargs):
         return
     changes = model_to_dict(instance)
     object1 = camelcase_to_underscore(instance.__class__.__name__)
+    if type(instance) == OAuth2AccessToken:
+        changes['token'] = TOKEN_CENSOR
     activity_entry = ActivityStream(
         operation='delete',
         changes=json.dumps(changes),