From a0ae59442546cff7e5bbb580dd57d479388c1f5e Mon Sep 17 00:00:00 2001
From: nathan <manathane.co@gmail.com>
Date: Sun, 31 Mar 2024 01:37:39 +0100
Subject: [PATCH] Disable logging remote IP address (#620)

* Disable logging remote IP address

* Update auditlog/middleware.py

* Update CHANGELOG.md

* Update auditlog/middleware.py

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Update auditlog/middleware.py and add tests in ManyRelatedModelTest

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

---------

Co-authored-by: Hasan Ramezani <hasan.r67@gmail.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
---
 CHANGELOG.md            |  1 +
 auditlog/conf.py        |  5 +++++
 auditlog/middleware.py  |  6 ++++++
 auditlog_tests/tests.py | 14 ++++++++++++++
 docs/source/usage.rst   | 13 +++++++++++++
 5 files changed, 39 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index acd87542..4815afce 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 ## 3.0.0-beta.4 (2024-01-02)
 
 #### Improvements
+- feat: Excluding ip address when `AUDITLOG_DISABLE_REMOTE_ADDR` is set to True ([#620](https://github.com/jazzband/django-auditlog/pull/620))
 - feat: If any receiver returns False, no logging will be made. This can be useful if logging should be conditionally enabled / disabled ([#590](https://github.com/jazzband/django-auditlog/pull/590))
 - Django: Confirm Django 5.0 support ([#598](https://github.com/jazzband/django-auditlog/pull/598))
 - Django: Drop Django 4.1 support ([#598](https://github.com/jazzband/django-auditlog/pull/598))
diff --git a/auditlog/conf.py b/auditlog/conf.py
index 9046669a..dbdfc5b4 100644
--- a/auditlog/conf.py
+++ b/auditlog/conf.py
@@ -40,3 +40,8 @@
 settings.AUDITLOG_USE_TEXT_CHANGES_IF_JSON_IS_NOT_PRESENT = getattr(
     settings, "AUDITLOG_USE_TEXT_CHANGES_IF_JSON_IS_NOT_PRESENT", False
 )
+
+# Disable remote_addr field in database
+settings.AUDITLOG_DISABLE_REMOTE_ADDR = getattr(
+    settings, "AUDITLOG_DISABLE_REMOTE_ADDR", False
+)
diff --git a/auditlog/middleware.py b/auditlog/middleware.py
index e3274ee1..c47666bb 100644
--- a/auditlog/middleware.py
+++ b/auditlog/middleware.py
@@ -1,3 +1,4 @@
+from django.conf import settings
 from django.contrib.auth import get_user_model
 
 from auditlog.cid import set_cid
@@ -12,9 +13,14 @@ class AuditlogMiddleware:
 
     def __init__(self, get_response=None):
         self.get_response = get_response
+        if not isinstance(settings.AUDITLOG_DISABLE_REMOTE_ADDR, bool):
+            raise TypeError("Setting 'AUDITLOG_DISABLE_REMOTE_ADDR' must be a boolean")
 
     @staticmethod
     def _get_remote_addr(request):
+        if settings.AUDITLOG_DISABLE_REMOTE_ADDR:
+            return None
+
         # In case there is no proxy, return the original address
         if not request.headers.get("X-Forwarded-For"):
             return request.META.get("REMOTE_ADDR")
diff --git a/auditlog_tests/tests.py b/auditlog_tests/tests.py
index 0b173442..1ce319f0 100644
--- a/auditlog_tests/tests.py
+++ b/auditlog_tests/tests.py
@@ -513,6 +513,20 @@ def test_exception(self):
 
         self.assert_no_listeners()
 
+    def test_init_middleware(self):
+        with override_settings(AUDITLOG_DISABLE_REMOTE_ADDR="str"):
+            with self.assertRaisesMessage(
+                TypeError, "Setting 'AUDITLOG_DISABLE_REMOTE_ADDR' must be a boolean"
+            ):
+                AuditlogMiddleware()
+
+    def test_disable_remote_addr(self):
+        with override_settings(AUDITLOG_DISABLE_REMOTE_ADDR=True):
+            headers = {"HTTP_X_FORWARDED_FOR": "127.0.0.2"}
+            request = self.factory.get("/", **headers)
+            remote_addr = self.middleware._get_remote_addr(request)
+            self.assertIsNone(remote_addr)
+
     def test_get_remote_addr(self):
         tests = [  # (headers, expected_remote_addr)
             ({}, "127.0.0.1"),
diff --git a/docs/source/usage.rst b/docs/source/usage.rst
index 9e5ac990..8cabfbff 100644
--- a/docs/source/usage.rst
+++ b/docs/source/usage.rst
@@ -206,6 +206,19 @@ It will be considered when ``AUDITLOG_INCLUDE_ALL_MODELS`` is `True`.
 
 .. versionadded:: 3.0.0
 
+**AUDITLOG_EXCLUDE_TRACKING_FIELDS**
+
+When using "AuditlogMiddleware",
+the IP address is logged by default, you can use this setting
+to exclude the IP address from logging.
+It will be considered when ``AUDITLOG_DISABLE_REMOTE_ADDR`` is `True`.
+
+.. code-block:: python
+
+    AUDITLOG_DISABLE_REMOTE_ADDR = True
+
+.. versionadded:: 3.0.0
+
 **AUDITLOG_EXCLUDE_TRACKING_MODELS**
 
 You can use this setting to exclude models in registration process.