mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merged [47069]: Replaced explicit calls to AccessLogEntry::create with more flexible calls to extensions. AccessLogEntry to be refactored into separate module.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60504 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Hayden Smith
parent
5be532e96d
commit
ca6c248de1
@ -193,6 +193,9 @@ class Member extends DataObject {
|
|||||||
$this->LockedOutUntil = null;
|
$this->LockedOutUntil = null;
|
||||||
|
|
||||||
$this->write();
|
$this->write();
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$this->extend('memberLoggedIn');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -223,6 +226,9 @@ class Member extends DataObject {
|
|||||||
|
|
||||||
$member->NumVisit++;
|
$member->NumVisit++;
|
||||||
$member->write();
|
$member->write();
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$this->extend('memberAutoLoggedIn');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -242,6 +248,9 @@ class Member extends DataObject {
|
|||||||
Cookie::forceExpiry('alc_enc');
|
Cookie::forceExpiry('alc_enc');
|
||||||
|
|
||||||
$this->write();
|
$this->write();
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$this->extend('memberLoggedOut');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -36,16 +36,31 @@ class MemberAuthenticator extends Authenticator {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Optionally record every login attempt as a {@link LoginAttempt} object
|
// Optionally record every login attempt as a {@link LoginAttempt} object
|
||||||
|
/**
|
||||||
|
* TODO We could handle this with an extension
|
||||||
|
*/
|
||||||
if(Security::login_recording()) {
|
if(Security::login_recording()) {
|
||||||
$attempt = new LoginAttempt();
|
$attempt = new LoginAttempt();
|
||||||
if($member) {
|
if($member) {
|
||||||
// successful login (member is existing with matching password)
|
// successful login (member is existing with matching password)
|
||||||
$attempt->MemberID = $member->ID;
|
$attempt->MemberID = $member->ID;
|
||||||
$attempt->Status = 'Success';
|
$attempt->Status = 'Success';
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$member->extend('authenticated');
|
||||||
} else {
|
} else {
|
||||||
// failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
|
// failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
|
||||||
$existingMember = DataObject::get_one("Member", "Email = '$SQL_user'");
|
$existingMember = DataObject::get_one("Member", "Email = '$SQL_user'");
|
||||||
if($existingMember) $attempt->MemberID = $existingMember->ID;
|
if($existingMember) {
|
||||||
|
$attempt->MemberID = $existingMember->ID;
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$existingMember->extend('authenticationFailed');
|
||||||
|
} else {
|
||||||
|
|
||||||
|
// Audit logging hook
|
||||||
|
$this->extend('authenticationFailedUnknownUser', $RAW_data);
|
||||||
|
}
|
||||||
$attempt->Status = 'Failure';
|
$attempt->Status = 'Failure';
|
||||||
}
|
}
|
||||||
if(is_array($RAW_data['Email'])) {
|
if(is_array($RAW_data['Email'])) {
|
||||||
|
|||||||
@ -163,6 +163,7 @@ class MemberLoginForm extends LoginForm {
|
|||||||
return $member;
|
return $member;
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
$this->extend('authenticationFailed', $data);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -183,6 +183,12 @@ class Security extends Controller {
|
|||||||
|
|
||||||
Session::set("BackURL", $_SERVER['REQUEST_URI']);
|
Session::set("BackURL", $_SERVER['REQUEST_URI']);
|
||||||
|
|
||||||
|
// TODO AccessLogEntry needs an extension to handle permission denied errors
|
||||||
|
// Audit logging hook
|
||||||
|
if($controller) $controller->extend('permissionDenied', $member);
|
||||||
|
|
||||||
|
// AccessLogEntry::create("Permission to access {$name} denied");
|
||||||
|
|
||||||
if(Director::is_ajax()) {
|
if(Director::is_ajax()) {
|
||||||
die('NOTLOGGEDIN:');
|
die('NOTLOGGEDIN:');
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user