[Security] add impersonator_user to "User was reloaded" log message #24026
Conversation
|
It looks like this:
|
|
The new entry seems redundant with the previous one (logged by |
|
I agree and would be happy to reduce the messages. |
|
Actually only the user is refreshed, not the token itself :) |
|
Like this (code changed)?
|
| $this->logger->debug('User was reloaded from a user provider.', array( | ||
| 'provider' => get_class($provider), | ||
| 'username' => $refreshedUser->getUsername(), | ||
| 'impersonator_username' => $impersonatorUsername, |
There was a problem hiding this comment.
I'd like to see this info only on switching user, so maybe impersonator_username could be ignored if is it null?
There was a problem hiding this comment.
agreed, let's not add it if no switch_user in place.
There was a problem hiding this comment.
Shouldnt it be impersonated_username?
There was a problem hiding this comment.
There was a problem hiding this comment.
You're right :) i mixed up.
In some cases you may need to get the object that represents the impersonating user rather than the impersonated user.
impersonating_username then?
cc @gharlan
There was a problem hiding this comment.
|
Thank you @gharlan. |
…" log message (gharlan) This PR was squashed before being merged into the 3.4 branch (closes #24026). Discussion ---------- [Security] add impersonator_user to "User was reloaded" log message | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | My main concern is this: I use the swift monolog handler to get emails for exceptions. I would like to see the impersonator in these mails. But I'm not sure, if this is a good place for the log message. Commits ------- fc44215 [Security] add impersonator_user to "User was reloaded" log message
…ing user" (chalasr) This PR was merged into the 2.7 branch. Discussion ---------- [Security] Use "impersonator user" instead of "impersonating user" Feels better to me, it's also consistent with the profiler's security panel (and a log being introduced in symfony/symfony#24026). Commits ------- 6509fc9 Use "impersonator user" instead of "impersonating user"
My main concern is this: I use the swift monolog handler to get emails for exceptions.
I would like to see the impersonator in these mails.
But I'm not sure, if this is a good place for the log message.