From 807f4ea757c7d13d9fef8046f37d0e9f291927df Mon Sep 17 00:00:00 2001
From: AlanCoding <arominge@redhat.com>
Date: Thu, 2 Jan 2020 11:37:33 -0500
Subject: [PATCH] Remove incorrect activity stream entries related to managed
 types

---
 .../tests/functional/models/test_activity_stream.py  | 12 ++++++++++++
 awx/main/utils/common.py                             |  7 ++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/awx/main/tests/functional/models/test_activity_stream.py b/awx/main/tests/functional/models/test_activity_stream.py
index 4ea6a83ab0..0529b5377b 100644
--- a/awx/main/tests/functional/models/test_activity_stream.py
+++ b/awx/main/tests/functional/models/test_activity_stream.py
@@ -296,3 +296,15 @@ def test_cluster_node_long_node_name(inventory, project):
     # node name is very long, we just want to make sure it does not error
     entry = ActivityStream.objects.filter(job=job).first()
     assert entry.action_node.startswith('ffffff')
+
+
+@pytest.mark.django_db
+def test_credential_defaults_idempotency():
+    CredentialType.setup_tower_managed_defaults()
+    old_inputs = CredentialType.objects.get(name='Ansible Tower', kind='cloud').inputs
+    prior_count = ActivityStream.objects.count()
+    # this is commonly re-ran in migrations, and no changes should be shown
+    # because inputs and injectors are not actually tracked in the database
+    CredentialType.setup_tower_managed_defaults()
+    assert CredentialType.objects.get(name='Ansible Tower', kind='cloud').inputs == old_inputs
+    assert ActivityStream.objects.count() == prior_count
diff --git a/awx/main/utils/common.py b/awx/main/utils/common.py
index 7d196c9842..cc3272794f 100644
--- a/awx/main/utils/common.py
+++ b/awx/main/utils/common.py
@@ -379,7 +379,12 @@ def get_allowed_fields(obj, serializer_mapping):
         'oauth2accesstoken': ['last_used'],
         'oauth2application': ['client_secret']
     }
-    field_blacklist = ACTIVITY_STREAM_FIELD_EXCLUSIONS.get(obj._meta.model_name, [])
+    model_name = obj._meta.model_name
+    field_blacklist = ACTIVITY_STREAM_FIELD_EXCLUSIONS.get(model_name, [])
+    # see definition of from_db for CredentialType
+    # injection logic of any managed types are incompatible with activity stream
+    if model_name == 'credentialtype' and obj.managed_by_tower and obj.namespace:
+        field_blacklist.extend(['inputs', 'injectors'])
     if field_blacklist:
         allowed_fields = [f for f in allowed_fields if f not in field_blacklist]
     return allowed_fields