diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feature #24026 [Security] add impersonator_user to "User was reloaded" log message (gharlan)

Browse Source 
This PR was squashed before being merged into the 3.4 branch (closes #24026).

Discussion
----------

[Security] add impersonator_user to "User was reloaded" log message

| Q             | A
| ------------- | ---
| Branch?       | 3.4
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

My main concern is this: I use the swift monolog handler to get emails for exceptions.
I would like to see the impersonator in these mails.

But I'm not sure, if this is a good place for the log message.

Commits
-------

fc44215e70 [Security] add impersonator_user to "User was reloaded" log message
This commit is contained in:
Fabien Potencier 2017-08-31 10:53:59 -07:00
commit 80ac529742
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
View File

@ -23,6 +23,7 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInt
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Role\SwitchUserRole;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@ -91,7 +92,10 @@ class ContextListener implements ListenerInterface
$token = unserialize($token);
if (null !== $this->logger) {
$this->logger->debug('Read existing security token from the session.', array('key' => $this->sessionKey));
$this->logger->debug('Read existing security token from the session.', array(
'key' => $this->sessionKey,
'token_class' => is_object($token) ? get_class($token) : null,
));
}
if ($token instanceof TokenInterface) {
@ -169,7 +173,16 @@ class ContextListener implements ListenerInterface
$token->setUser($refreshedUser);
if (null !== $this->logger) {
$this->logger->debug('User was reloaded from a user provider.', array('username' => $refreshedUser->getUsername(), 'provider' => get_class($provider)));
$context = array('provider' => get_class($provider), 'username' => $refreshedUser->getUsername());
foreach ($token->getRoles() as $role) {
if ($role instanceof SwitchUserRole) {
$context['impersonator_username'] = $role->getSource()->getUsername();
break;
}
}
$this->logger->debug('User was reloaded from a user provider.', $context);
}
return $token;