mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merged [47069]: Replaced explicit calls to AccessLogEntry::create with more flexible calls to extensions. AccessLogEntry to be refactored into separate module.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60504 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
5be532e96d
commit
ca6c248de1
@ -193,6 +193,9 @@ class Member extends DataObject {
|
||||
$this->LockedOutUntil = null;
|
||||
|
||||
$this->write();
|
||||
|
||||
// Audit logging hook
|
||||
$this->extend('memberLoggedIn');
|
||||
}
|
||||
|
||||
|
||||
@ -223,6 +226,9 @@ class Member extends DataObject {
|
||||
|
||||
$member->NumVisit++;
|
||||
$member->write();
|
||||
|
||||
// Audit logging hook
|
||||
$this->extend('memberAutoLoggedIn');
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -242,6 +248,9 @@ class Member extends DataObject {
|
||||
Cookie::forceExpiry('alc_enc');
|
||||
|
||||
$this->write();
|
||||
|
||||
// Audit logging hook
|
||||
$this->extend('memberLoggedOut');
|
||||
}
|
||||
|
||||
|
||||
|
@ -36,16 +36,31 @@ class MemberAuthenticator extends Authenticator {
|
||||
}
|
||||
|
||||
// Optionally record every login attempt as a {@link LoginAttempt} object
|
||||
/**
|
||||
* TODO We could handle this with an extension
|
||||
*/
|
||||
if(Security::login_recording()) {
|
||||
$attempt = new LoginAttempt();
|
||||
if($member) {
|
||||
// successful login (member is existing with matching password)
|
||||
$attempt->MemberID = $member->ID;
|
||||
$attempt->Status = 'Success';
|
||||
|
||||
// Audit logging hook
|
||||
$member->extend('authenticated');
|
||||
} else {
|
||||
// failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
|
||||
$existingMember = DataObject::get_one("Member", "Email = '$SQL_user'");
|
||||
if($existingMember) $attempt->MemberID = $existingMember->ID;
|
||||
if($existingMember) {
|
||||
$attempt->MemberID = $existingMember->ID;
|
||||
|
||||
// Audit logging hook
|
||||
$existingMember->extend('authenticationFailed');
|
||||
} else {
|
||||
|
||||
// Audit logging hook
|
||||
$this->extend('authenticationFailedUnknownUser', $RAW_data);
|
||||
}
|
||||
$attempt->Status = 'Failure';
|
||||
}
|
||||
if(is_array($RAW_data['Email'])) {
|
||||
|
@ -163,6 +163,7 @@ class MemberLoginForm extends LoginForm {
|
||||
return $member;
|
||||
|
||||
} else {
|
||||
$this->extend('authenticationFailed', $data);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
@ -183,6 +183,12 @@ class Security extends Controller {
|
||||
|
||||
Session::set("BackURL", $_SERVER['REQUEST_URI']);
|
||||
|
||||
// TODO AccessLogEntry needs an extension to handle permission denied errors
|
||||
// Audit logging hook
|
||||
if($controller) $controller->extend('permissionDenied', $member);
|
||||
|
||||
// AccessLogEntry::create("Permission to access {$name} denied");
|
||||
|
||||
if(Director::is_ajax()) {
|
||||
die('NOTLOGGEDIN:');
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user