Don't create `EE::Member` audit events when there is no change
What does this MR do and why?
An audit event is emitted whenever a group member's access level is updated.
Currently, this includes situations where a group member has their
access level "updated" to its current value (i.e. updating from
maintainer
to maintainer
)
This change adds an early return that prevents update
calls if all
of the new parameters match the existing parameters of the group
member
closes: #370702 (closed)
How to set up and validate locally
- create an access token to use with the REST API
- In a terminal,
curl
a real updatecurl --request PUT --header "PRIVATE-TOKEN: ACCESS_TOKEN" "http://localhost:3000/api/v4/groups/:group_id/members/:user_id?access_level=40"
- Use the rails console to see the audit event
- In a terminal, repeat the
curl
to create anoOp
updatecurl --request PUT --header "PRIVATE-TOKEN: ACCESS_TOKEN" "http://localhost:3000/api/v4/groups/:group_id/members/:user_id?access_level=40"
- Use the rails console to verify no new audit event was created
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Michael Becker