Merged [47069]: Replaced explicit calls to AccessLogEntry::create with more flexible calls to extensions. AccessLogEntry to be refactored into separate module.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60504 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Hayden Smith 2008-08-12 20:59:32 +00:00
parent 5be532e96d
commit ca6c248de1
4 changed files with 32 additions and 1 deletions

View File

@ -193,6 +193,9 @@ class Member extends DataObject {
$this->LockedOutUntil = null; $this->LockedOutUntil = null;
$this->write(); $this->write();
// Audit logging hook
$this->extend('memberLoggedIn');
} }
@ -223,6 +226,9 @@ class Member extends DataObject {
$member->NumVisit++; $member->NumVisit++;
$member->write(); $member->write();
// Audit logging hook
$this->extend('memberAutoLoggedIn');
} }
} }
} }
@ -242,6 +248,9 @@ class Member extends DataObject {
Cookie::forceExpiry('alc_enc'); Cookie::forceExpiry('alc_enc');
$this->write(); $this->write();
// Audit logging hook
$this->extend('memberLoggedOut');
} }

View File

@ -36,16 +36,31 @@ class MemberAuthenticator extends Authenticator {
} }
// Optionally record every login attempt as a {@link LoginAttempt} object // Optionally record every login attempt as a {@link LoginAttempt} object
/**
* TODO We could handle this with an extension
*/
if(Security::login_recording()) { if(Security::login_recording()) {
$attempt = new LoginAttempt(); $attempt = new LoginAttempt();
if($member) { if($member) {
// successful login (member is existing with matching password) // successful login (member is existing with matching password)
$attempt->MemberID = $member->ID; $attempt->MemberID = $member->ID;
$attempt->Status = 'Success'; $attempt->Status = 'Success';
// Audit logging hook
$member->extend('authenticated');
} else { } else {
// failed login - we're trying to see if a user exists with this email (disregarding wrong passwords) // failed login - we're trying to see if a user exists with this email (disregarding wrong passwords)
$existingMember = DataObject::get_one("Member", "Email = '$SQL_user'"); $existingMember = DataObject::get_one("Member", "Email = '$SQL_user'");
if($existingMember) $attempt->MemberID = $existingMember->ID; if($existingMember) {
$attempt->MemberID = $existingMember->ID;
// Audit logging hook
$existingMember->extend('authenticationFailed');
} else {
// Audit logging hook
$this->extend('authenticationFailedUnknownUser', $RAW_data);
}
$attempt->Status = 'Failure'; $attempt->Status = 'Failure';
} }
if(is_array($RAW_data['Email'])) { if(is_array($RAW_data['Email'])) {

View File

@ -163,6 +163,7 @@ class MemberLoginForm extends LoginForm {
return $member; return $member;
} else { } else {
$this->extend('authenticationFailed', $data);
return null; return null;
} }
} }

View File

@ -183,6 +183,12 @@ class Security extends Controller {
Session::set("BackURL", $_SERVER['REQUEST_URI']); Session::set("BackURL", $_SERVER['REQUEST_URI']);
// TODO AccessLogEntry needs an extension to handle permission denied errors
// Audit logging hook
if($controller) $controller->extend('permissionDenied', $member);
// AccessLogEntry::create("Permission to access {$name} denied");
if(Director::is_ajax()) { if(Director::is_ajax()) {
die('NOTLOGGEDIN:'); die('NOTLOGGEDIN:');
} else { } else {