Skip to content

Commit

Permalink
NEW Support for session-manager module
Browse files Browse the repository at this point in the history
  • Loading branch information
emteknetnz committed Mar 28, 2021
1 parent 41815f8 commit 698c495
Show file tree
Hide file tree
Showing 4 changed files with 124 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,13 @@ jobs:
- REQUIRE_RECIPE=4.6.x-dev
- REQUIRE_MFA=4.0.x-dev
- PHPUNIT_TEST=1
- php: 7.4
env:
- DB=MYSQL
- REQUIRE_RECIPE=4.6.x-dev
- REQUIRE_SESSION_MANAGER=1.x-dev
- PHPUNIT_TEST=1

before_script:
- if [[ $REQUIRE_MFA ]]; then composer require --no-update silverstripe/mfa:"$REQUIRE_MFA"; fi
- if [[ $REQUIRE_SESSION_MANAGER ]]; then composer require --no-update silverstripe/session-manager:"$REQUIRE_SESSION_MANAGER"; fi
8 changes: 8 additions & 0 deletions _config/session-manager.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
Name: auditor-session-manager
Only:
moduleexists: silverstripe/session-manager
---
SilverStripe\SessionManager\Control\LoginSessionController:
extensions:
- SilverStripe\Auditor\AuditHookSessionManager
45 changes: 45 additions & 0 deletions code/AuditHookSessionManager.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
<?php

namespace SilverStripe\Auditor;

use Psr\Log\LoggerInterface;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\DataExtension;
use SilverStripe\Security\Security;
use SilverStripe\SessionManager\Model\LoginSession;

/**
* Provides logging actions on extension hooks from certain silverstripe/session-manager actions.
*/
class AuditHookSessionManager extends DataExtension
{
/**
* Login session for a member is being removed
*
* @param LoginSession $loginSession
*/
public function onBeforeRemoveLoginSession(LoginSession $loginSession)
{
$member = $loginSession->Member();
$currentUser = Security::getCurrentUser();
if (is_null($member) || $member->ID === 0 || is_null($currentUser) || $currentUser->ID === 0) {
return;
}
$this->getAuditLogger()->info(sprintf(
'Login session (ID: %s) for Member "%s" (ID: %s) is being removed by Member "%s" (ID: %s)',
$loginSession->ID,
$member->Email ?: $member->Title,
$member->ID,
$currentUser->Email ?: $currentUser->Title,
$currentUser->ID
));
}

/**
* @return LoggerInterface
*/
protected function getAuditLogger()
{
return Injector::inst()->get('AuditLogger');
}
}
64 changes: 64 additions & 0 deletions tests/AuditHookSessionManagerTest.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
<?php

namespace SilverStripe\Auditor\Tests;

use SilverStripe\Auditor\Tests\AuditHookTest\Logger;
use SilverStripe\Control\Controller;
use SilverStripe\Control\HTTPRequest;
use SilverStripe\Core\Injector\Injector;
use SilverStripe\Dev\SapphireTest;
use SilverStripe\Security\Member;
use SilverStripe\Security\Security;
use SilverStripe\Security\SecurityToken;
use SilverStripe\SessionManager\Control\LoginSessionController;
use SilverStripe\SessionManager\Model\LoginSession;

class AuditHookSessionManagerTest extends SapphireTest
{
protected $usesDatabase = true;

/**
* @var Logger
*/
protected $writer = null;

protected function setUp()
{
parent::setUp();
if (!class_exists(LoginSessionController::class)) {
$this->markTestSkipped('This test requires the silverstripe/session-manager module to be installed');
return;
}
$this->writer = new Logger;
Injector::inst()->unregisterNamedObject('AuditLogger');
Injector::inst()->registerService($this->writer, 'AuditLogger');
}

public function testOnBeforeRemoveLoginSession()
{
$this->logInWithPermission('ADMIN');

$currentUser = Security::getCurrentUser();

$member = new Member(array('FirstName' => 'Joe', 'Email' => 'joe3'));
$member->write();
$request = Controller::curr()->getRequest();
$loginSession = LoginSession::generate($member, false, $request);

SecurityToken::disable();
$mockRequest = new HTTPRequest('DELETE', '');
$mockRequest->setRouteParams(['ID' => $loginSession->ID]);
$controller = new LoginSessionController();
$controller->removeLoginSession($mockRequest);

$message = sprintf(
'Login session (ID: %s) for Member "%s" (ID: %s) is being removed by Member "%s" (ID: %s)',
$loginSession->ID,
$member->Email,
$member->ID,
$currentUser->Email,
$currentUser->ID
);
$this->assertContains($message, $this->writer->getLastMessage());
}
}

0 comments on commit 698c495

Please sign in to comment.