Global AuditDisabled flag doesn't affect collecting of audit data, just the saving of it (at least for Audit.EntityFramework)

[apawsey]

Describe the bug If the AuditDisabled flag is set on the global config, the AuditDbContext still spends a lot of time and effort on collecting the audit event data for the scope, only to have the scope dropped in the Save method.

To Reproduce Set up the AuditDbContext, set the global AuditDisabled flag to true.

Expected behavior Setting the global AuditDisabled flag should mean that no "effort" is expended on anything to do with auditing. The DbContextHelper should only collect data if the scope is going to be saved.

Libraries (specify the Audit.NET extensions being used including version):

• Audit.EntityFramework: 19.1.4

Target .NET framework:

• .NET Framework 4.8.1

Additional context I have tried to carefully examine the behaviour, and I believe this is the situation. If I'm somehow wrong, my apologies.

[thepirat000]

I believe there is no additional effort if you use inheritance from AuditDbContext.

If you are utilizing the save changes interceptor, the only extra task is calling the DbContextHelper.SetConfig method. That can be avoided by adding a validation. Are you referring to that method?

• AuditDbContext: https://github.com/thepirat000/Audit.NET/blob/bc76bff7e44cfe4de8ca791779657261dcc2b805/src/Audit.EntityFramework/DbContextHelper.cs#L499-L504

• Save Changes Interceptor: https://github.com/thepirat000/Audit.NET/blob/bc76bff7e44cfe4de8ca791779657261dcc2b805/src/Audit.EntityFramework/DbContextHelper.cs#L531-L536

[apawsey]

Apologies, I should have been clearer in my definitions above.

When I referred to the global AuditDisabled flag, I meant Audit.Core.Configuration.AuditDisabled = true;

So I have a config flag in our software that allows clients to disable the audit functionality if they really feel they want to, and that flag is then read in, to set the 'global' AuditDisabled flag above. I had assumed this would mean little to no processing would be spent on auditing, as the whole 'system' is turned off. However, in investigating an issue about performance in a certain area, I realised the AuditDbContext still goes and collects all the info, and then only at the end, does the scope decide it's not going to save. Again, that's my understanding, and I'm not sure if it applies to other providers.

I would expect that disabling the audit functionality globally, would mean that providers don't collect data as well as don't write it to the audit?

Hopefully that's clearer?

[thepirat000]

I see what you mean, I didn't realize that the AuditDbContext was not respecting the global AuditDisabled flag, but just its instance flag. I'll work on a fix so the audit will be bypassed before any processing

[thepirat000]

This was fixed in version 25.0.6, now the EF audit process will not take place if the audit is disabled globally. Please upgrade your references and re-test.

Additionally, note that the Audit.Core.Configuration.AuditDisabled setting is static. Therefore, if you're using this in a multi-user web application and you want this setting to be user-specific, you should use the instance AuditDisabled from the AuditDbContext rather than the global static setting.