From bc52765beeb2624c5481705640736bfc11939674 Mon Sep 17 00:00:00 2001
From: Federico Colombo <thepirat000@hotmail.com>
Date: Sun, 11 Dec 2022 23:36:18 -0600
Subject: [PATCH] Audit.Mvc: Adding `IncludeChildActions` configuration to the
 Audit action filter for MVC 5 (#554)

---
 CHANGELOG.md                         |  3 +++
 Directory.Build.props                |  2 +-
 src/Audit.Mvc/AuditAttribute.Core.cs |  9 +++++++--
 src/Audit.Mvc/AuditAttribute.cs      | 20 +++++++++++++++-----
 4 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1d58a2b4..50d5a455 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,9 @@ All notable changes to Audit.NET and its extensions will be documented in this f
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
+## [20.1.1] - 2022-12-12
+- Audit.Mvc: Adding `IncludeChildActions` configuration to the `AuditAttribute` action filter for MVC 5 (#554)
+
 ## [20.1.0] - 2022-12-01
 - Audit.NET / Audit.EntityFramework.Core: Upgrade to net7.0 as target, adding support for EF Core 7.0.0 (#544)
 
diff --git a/Directory.Build.props b/Directory.Build.props
index efe879ae..dcf82c8f 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -1,6 +1,6 @@
 <Project>
  <PropertyGroup>
-	 <Version>20.1.0</Version>
+	 <Version>20.1.1</Version>
 	 <PackageReleaseNotes>
 	 </PackageReleaseNotes>
  </PropertyGroup>
diff --git a/src/Audit.Mvc/AuditAttribute.Core.cs b/src/Audit.Mvc/AuditAttribute.Core.cs
index 75e48967..eaaa3639 100644
--- a/src/Audit.Mvc/AuditAttribute.Core.cs
+++ b/src/Audit.Mvc/AuditAttribute.Core.cs
@@ -160,7 +160,7 @@ private async Task AfterResultAsync(ResultExecutedContext filterContext)
 
         public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
         {
-            if (Configuration.AuditDisabled || IsActionIgnored(context.ActionDescriptor))
+            if (IsActionIgnored(context.ActionDescriptor))
             {
                 await next.Invoke();
                 return;
@@ -172,7 +172,7 @@ public override async Task OnActionExecutionAsync(ActionExecutingContext context
 
         public override async Task OnResultExecutionAsync(ResultExecutingContext context, ResultExecutionDelegate next)
         {
-            if (Configuration.AuditDisabled || IsActionIgnored(context.ActionDescriptor))
+            if (IsActionIgnored(context.ActionDescriptor))
             {
                 await next.Invoke();
                 return;
@@ -319,6 +319,11 @@ private object GetResponseBody(ActionDescriptor descriptor, IActionResult result
 
         private bool IsActionIgnored(ActionDescriptor actionDescriptor)
         {
+            if (Configuration.AuditDisabled)
+            {
+                return true;
+            }
+
             if (actionDescriptor == null)
             {
                 return false;
diff --git a/src/Audit.Mvc/AuditAttribute.cs b/src/Audit.Mvc/AuditAttribute.cs
index 03e82cc7..0b77b9ea 100644
--- a/src/Audit.Mvc/AuditAttribute.cs
+++ b/src/Audit.Mvc/AuditAttribute.cs
@@ -49,13 +49,17 @@ public class AuditAttribute : ActionFilterAttribute
         /// Gets or sets a value indicating whether the action arguments should be pre-serialized to the audit event.
         /// </summary>
         public bool SerializeActionParameters { get; set; }
+        /// <summary>
+        /// Gets or sets a value indicating whether the child actions should be audited.
+        /// </summary>
+        public bool IncludeChildActions { get; set; }
 
         private const string AuditActionKey = "__private_AuditAction__";
         private const string AuditScopeKey = "__private_AuditScope__";
 
         public override void OnActionExecuting(ActionExecutingContext filterContext)
         {
-            if (Configuration.AuditDisabled || IsActionIgnored(filterContext.ActionDescriptor))
+            if (IsActionIgnored(filterContext.ActionDescriptor, filterContext.IsChildAction))
             {
                 base.OnActionExecuting(filterContext);
                 return;
@@ -103,7 +107,7 @@ public override void OnActionExecuting(ActionExecutingContext filterContext)
 
         public override void OnActionExecuted(ActionExecutedContext filterContext)
         {
-            if (Configuration.AuditDisabled)
+            if (IsActionIgnored(filterContext.ActionDescriptor, filterContext.IsChildAction))
             {
                 base.OnActionExecuted(filterContext);
                 return;
@@ -133,7 +137,7 @@ public override void OnActionExecuted(ActionExecutedContext filterContext)
 
         public override void OnResultExecuted(ResultExecutedContext filterContext)
         {
-            if (Configuration.AuditDisabled)
+            if (IsActionIgnored(null, filterContext.IsChildAction))
             {
                 base.OnResultExecuted(filterContext);
                 return;
@@ -165,19 +169,25 @@ public override void OnResultExecuted(ResultExecutedContext filterContext)
             base.OnResultExecuted(filterContext);
         }
 
-        private bool IsActionIgnored(ActionDescriptor actionDescriptor)
+        private bool IsActionIgnored(ActionDescriptor actionDescriptor, bool isChildAction)
         {
+            if (Configuration.AuditDisabled || !IncludeChildActions && isChildAction)
+            {
+                return true;
+            }
+
             if (actionDescriptor == null)
             {
                 return false;
             }
+
             var controllerIgnored = actionDescriptor.ControllerDescriptor.ControllerType
                 .GetCustomAttributes(typeof(AuditIgnoreAttribute), true).Any();
-
             if (controllerIgnored)
             {
                 return true;
             }
+
             return actionDescriptor.GetCustomAttributes(typeof(AuditIgnoreAttribute), true).Any();
         }