Skip to content

MODAUD-310: Skip storing user audit events that contain only internal metadata changes#260

Open
slaemmer wants to merge 14 commits into
masterfrom
MODAUD-310
Open

MODAUD-310: Skip storing user audit events that contain only internal metadata changes#260
slaemmer wants to merge 14 commits into
masterfrom
MODAUD-310

Conversation

@slaemmer
Copy link
Copy Markdown
Contributor

@slaemmer slaemmer commented May 13, 2026
edited
Loading

MODAUD-310

Purpose

GET /audit/users/{id} returns a totalRecords count that includes UPDATED events
whose entire diff consists of internal system-managed metadata fields
(metadata.createdDate, metadata.updatedDate, metadata.createdByUserId,
metadata.updatedByUserId). These carry no user-visible change but are updated
automatically by FOLIO on every save. The ui-users version history pane already filters
them out client-side, causing two problems:

  • totalRecords is inflated: the displayed count is higher than the number of visible entries
  • Page size is effectively reduced: the API returns limit events per page but visible entries
    are fewer, requiring extra "Load more" clicks to find real changes

Approach

Three layers of change:

1. Service-layer guard (new events)
Extend the existing isUpdateWithNoDiff check in UserEventServiceImpl with a new
isUpdateWithOnlyMetadataChanges predicate. Incoming UPDATED events whose diff contains
only paths listed in UserAuditConstants.INTERNAL_METADATA_FIELD_PATHS are silently
discarded before reaching the database. Events with at least one non-metadata field or
collection change are stored normally. Metadata fields are preserved in the diff of stored
events for context. CREATED and DELETED events are unaffected.

2. Retroactive cleanup (existing records)
Replace deleteEmptyUpdateRecords with the broader deleteMetadataOnlyUpdateRecords,
which deletes UPDATED records whose diff contains only internal metadata paths (including
null-diff records as a subset). This is chained into UserFieldExclusionHandler so that
changing the excluded-fields setting cleans up both newly metadata-only records and any
pre-existing ones in a single pass.

3. Upgrade migration
A new cleanup_metadata_only_update_records.ftl migration runs once on upgrade to
mod-audit-3.1.0, deleting all pre-existing metadata-only and null-diff UPDATED records
from the database before the new module version starts processing events.

Pre-Merge Checklist:

Before merging this PR, please go through the following list and take appropriate actions.

  • Does this PR meet or exceed the expected quality standards?
    • Code coverage on new code is 80% or greater
    • Duplications on new code is 3% or less
    • There are no major code smells or security issues
  • Does this introduce breaking changes?
    • There are no breaking changes in this PR.
    • Check logging

slaemmer added 9 commits May 13, 2026 09:58
@slaemmer
fix: restore unit test execution broken by Surefire and JUnit upgrades
9745bfc 
Two Dependabot commits each independently broke junit-platform-surefire-provider:1.3.2,
an obsolete plugin dependency added in 2018 before Surefire 2.22.0 introduced native
JUnit Platform support:

- 5dae2de bumped maven-surefire-plugin 2.22.2 -> 3.5.5: Surefire 3.x changed plugin
  classloading, causing the old provider to produce 0 tests.
- 0fbbb55 bumped junit-bom 5.12.0 -> 6.0.3 (JUnit 6): junit-platform-commons 6.x removed
  CollectionUtils.toUnmodifiableList(), which the old provider calls at startup, causing
  NoSuchMethodError. The junit-platform-runner module was also removed in JUnit 6.0.0.

Reverting either bump alone does not restore test execution - both independently break
the old provider for different reasons.

Fix: remove junit-platform-surefire-provider and the now-redundant junit-jupiter-engine
and junit-vintage-engine from the Surefire plugin dependencies in root pom.xml. Surefire
2.22+ discovers engines automatically from the project test classpath. Also remove the
unused junit-platform-runner test dependency (deprecated since JUnit Platform 1.8, removed
in 6.0.0, and has no usages in this codebase) and the stale TODO comment referencing
FOLIO-1609/SUREFIRE-1588.
@slaemmer
fix: correct profilePictureLink assertion in UserDiffCalculatorTest
fa09f44 
The shouldDetectProfilePictureLinkChange test was silently not running
due to the broken Surefire configuration. Now that tests run again, it
fails because FieldChangeDto stores URI values as Object, so equals()
comparison against a String literal fails despite identical toString()
output. Assert individual fields using toString() instead.
@slaemmer
MODAUD-310: Skip storing user audit events that contain only internal…
15749c4 
… metadata changes
@slaemmer
MODAUD-310: Remove redundant Object cast
acdfac5
@slaemmer
fix: restore unit test execution broken by Surefire and JUnit upgrades
a17d681 
Two Dependabot commits each independently broke junit-platform-surefire-provider:1.3.2,
an obsolete plugin dependency added in 2018 before Surefire 2.22.0 introduced native
JUnit Platform support:

- 5dae2de bumped maven-surefire-plugin 2.22.2 -> 3.5.5: Surefire 3.x changed plugin
  classloading, causing the old provider to produce 0 tests silently.
- 0fbbb55 bumped junit-bom 5.12.0 -> 6.0.3 (JUnit 6): junit-platform-commons 6.x removed
  CollectionUtils.toUnmodifiableList(), which the old provider calls at startup, causing
  NoSuchMethodError.

Reverting either bump alone does not restore test execution.

Fix: remove junit-platform-surefire-provider and the now-redundant junit-jupiter-engine
and junit-vintage-engine from the Surefire plugin dependencies in root pom.xml. Surefire
2.22+ discovers engines automatically from the project test classpath. Also remove the
unused junit-platform-runner test dependency and the stale TODO referencing
FOLIO-1609/SUREFIRE-1588, and remove useSystemClassLoader=false which the TODO indicated
should be dropped when upgrading to Surefire 3.x.
@slaemmer
fix: correct profilePictureLink assertion in UserDiffCalculatorTest
340a291
@slaemmer
fix: add missing @UnitTest annotation to CirculationLogsServiceTest a…
7aafc8c 
…nd InventoryEntitiesToAuditCollectionMapperTest
@slaemmer
MODAUD-310: Unify deleteEmptyUpdateRecords and deleteMetadataOnlyUpda…
9847f36 
…teRecords
@slaemmer
MODAUD-310: Add migration script to clean up pre-existing metadata-on…
8d35c27 
…ly update records
@slaemmer slaemmer changed the base branch from master to fix/restore-unit-tests May 20, 2026 11:46
Base automatically changed from fix/restore-unit-tests to master May 26, 2026 06:10
@slaemmer slaemmer marked this pull request as ready for review May 26, 2026 06:32
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 26, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
97.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@slaemmer slaemmer requested a review from a team May 26, 2026 07:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@slaemmer