feature #24026 [Security] add impersonator_user to "User was reloaded" log message (gharlan)
This PR was squashed before being merged into the 3.4 branch (closes #24026).
Discussion
----------
[Security] add impersonator_user to "User was reloaded" log message
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
My main concern is this: I use the swift monolog handler to get emails for exceptions.
I would like to see the impersonator in these mails.
But I'm not sure, if this is a good place for the log message.
Commits
-------
fc44215e70
[Security] add impersonator_user to "User was reloaded" log message
This commit is contained in:
commit
80ac529742
@ -23,6 +23,7 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInt
|
|||||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||||
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
||||||
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
|
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
|
||||||
|
use Symfony\Component\Security\Core\Role\SwitchUserRole;
|
||||||
use Symfony\Component\Security\Core\User\UserInterface;
|
use Symfony\Component\Security\Core\User\UserInterface;
|
||||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||||
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
||||||
@ -91,7 +92,10 @@ class ContextListener implements ListenerInterface
|
|||||||
$token = unserialize($token);
|
$token = unserialize($token);
|
||||||
|
|
||||||
if (null !== $this->logger) {
|
if (null !== $this->logger) {
|
||||||
$this->logger->debug('Read existing security token from the session.', array('key' => $this->sessionKey));
|
$this->logger->debug('Read existing security token from the session.', array(
|
||||||
|
'key' => $this->sessionKey,
|
||||||
|
'token_class' => is_object($token) ? get_class($token) : null,
|
||||||
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($token instanceof TokenInterface) {
|
if ($token instanceof TokenInterface) {
|
||||||
@ -169,7 +173,16 @@ class ContextListener implements ListenerInterface
|
|||||||
$token->setUser($refreshedUser);
|
$token->setUser($refreshedUser);
|
||||||
|
|
||||||
if (null !== $this->logger) {
|
if (null !== $this->logger) {
|
||||||
$this->logger->debug('User was reloaded from a user provider.', array('username' => $refreshedUser->getUsername(), 'provider' => get_class($provider)));
|
$context = array('provider' => get_class($provider), 'username' => $refreshedUser->getUsername());
|
||||||
|
|
||||||
|
foreach ($token->getRoles() as $role) {
|
||||||
|
if ($role instanceof SwitchUserRole) {
|
||||||
|
$context['impersonator_username'] = $role->getSource()->getUsername();
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->logger->debug('User was reloaded from a user provider.', $context);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $token;
|
return $token;
|
||||||
|
Reference in New Issue
Block a user