2016-07-26 145 views
2

我正在將審計日誌記錄添加到Symfony2項目,該項目記錄所有頁面加載並將請求發佈到自定義審計表中。該項目使用Symfony2(訪問/註銷)的默認註銷路由,這會破壞會話,然後重新定向到/ login路由。Symfony2註銷事件監聽器問題

有一個事件監聽器爲onKernelRequest設置,然後將正確的數據寫入表中。在security.yml文件中,我列出了以下注銷路由。

security: 
    firewalls: 
     main: 
      logout: 
       path: /logout 
       target: /login 

對於除註銷事件以外的所有頁面,審計日誌記錄工作正常。註銷後,我嘗試訪問分析器,然後從側邊欄的「最後10個」選項中選擇「/註銷」操作。當點擊「事件」時,它列出了kernel.request的默認Symfony事件,例如DebugHandler和ProfileListener,但是我的自定義回調顯示在「Not Called Listeners」選項卡下。

有一個可以添加到security.yml文件中的success_handler,但是我需要一個可以在會話銷燬之前運行我的事件偵聽器的方法。有沒有辦法讓現有的監聽器在Symfony操作註銷之前記錄註銷事件?

編輯

<?php 

// src/AuditBundle/EventListener/AuditListener.php 
namespace AuditBundle\EventListener; 

use Symfony\Component\HttpFoundation\Response; 
use Symfony\Component\HttpKernel\Event\GetResponseEvent; 
use Symfony\Component\HttpFoundation\RequestStack; 
use AuditBundle\Entity\AuditLog; 

class AuditListener 
{ 
    protected $requestStack; 
    protected $em; 
    protected $tokenStorage; 
    protected $authorizationChecker; 

    public function __construct(RequestStack $requestStack, \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage $tokenStorage, $authorizationChecker, \Doctrine\ORM\EntityManager $em = NULL) 
    { 
     $this->requestStack = $requestStack; 
     $this->em = $em; 
     $this->tokenStorage = $tokenStorage; 
     $this->authorizationChecker = $authorizationChecker; 
    } 

    public function onKernelRequest(GetResponseEvent $response) 
    { 
     $request = $response->getRequest(); 
     if (strpos($request->getRequestUri(), 'fonts') !== false) 
      return; 
     if (strpos($request->getRequestUri(), 'css') !== false) 
      return; 
     if (strpos($request->getRequestUri(), '_wdt') !== false) 
      return; 
     if (strpos($request->getRequestUri(), 'js') !== false) 
      return; 

     if (strpos($request->getRequestUri(), '_profiler') !== false) 
      return; 

     $this->log('Request', $request); 
    } 

    public function postUpdate(\Doctrine\ORM\Event\LifecycleEventArgs $args) 
    { 
     $entity = $args->getEntity(); 
     $this->em = $args->getEntityManager(); 
     $className = $this->em->getClassMetadata(get_class($entity))->getName(); 
     if ($entity instanceof \AuditBundle\Entity\AuditLog) 
      return; 
     $this->log($className.' Updated', $this->requestStack->getCurrentRequest(), $entity); 
    } 

    public function postPersist(\Doctrine\ORM\Event\LifecycleEventArgs $args) 
    { 
     $entity = $args->getEntity(); 
     $this->em = $args->getEntityManager(); 
     $className = $this->em->getClassMetadata(get_class($entity))->getName(); 
     if ($entity instanceof \AuditBundle\Entity\AuditLog) 
      return; 
     $this->log($className.' Created', $this->requestStack->getCurrentRequest(), $entity); 
    } 

    public function postDelete(\Doctrine\ORM\Event\LifecycleEventArgs $args) 
    { 
     $entity = $args->getEntity(); 
     $this->em = $args->getEntityManager(); 
     $className = $this->em->getClassMetadata(get_class($entity))->getName(); 
     if ($entity instanceof \AuditBundle\Entity\AuditLog) 
      return; 
     $this->log($className.' Deleted', $this->requestStack->getCurrentRequest()); 
    } 

    protected function log($message, $request, $entity = NULL) 
    { 
     $log = new AuditLog(); 
     $log->setType($request->getRealMethod()); 
     if ($this->authorizationChecker->isGranted('IS_AUTHENTICATED_FULLY')) 
     { 
      $log->setUser($this->tokenStorage->getToken()->getUser()); 
     } 
     if ($entity) 
     { 
      $log->setEntityId($entity->getId()); 
     } 

     $log->setUriString($request->getRequestUri()); 
     $log->setMessage($message); 
     $log->setDatetime(new \DateTime()); 
     $log->setIp($request->getClientIp()); 
     $log->setBrowser(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''); 
     $this->em->persist($log); 
     $this->em->flush(); 
    } 
} 

services.yml

services: 
    audits.audit_listener: 
     class: AuditBundle\EventListener\AuditListener 
     arguments: [@request_stack, @security.token_storage, @security.authorization_checker, @doctrine.orm.entity_manager] 
     tags: 
      - { name: kernel.event_listener, event: kernel.request } 
+1

你能提供自定義的回調類和它的服務handlers參數? – Jeet

+0

您需要實現LogoutHandlerInterface,並告訴配置您有一個註銷處理程序,請參閱下面的答案 – Prof83

回答

0

由於我不在你Audit logging服務清楚,我猜,註銷事件手之前發生。因此,您應嘗試通過實施另一個LogoutHandler服務來調用您的Audit logging服務,該服務實施LogoutHandlerInterface並依賴於您的Audit logging服務。

當我們看到記錄中發生了什麼後,我們可以清楚地知道。

4

掛接到的Symfony的註銷事件的最好辦法是實施LogoutHandlerInterface這樣,

事件監聽器:

<?php 

namespace AppBundle\EventListener; 

use Symfony\Component\HttpFoundation\Request; 
use Symfony\Component\HttpFoundation\Response; 
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; 
use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; 

class MyListener implements LogoutHandlerInterface { 

    public function logout(Request $Request, Response $Response, TokenInterface $Token) { 

     // Your handling here 

     } 

} 

配置:

services: 
    appbundle_mylistener: 
     class: AppBundle\EventListener\MyListener 

security: 
    firewalls: 
     main: 
      logout: 
       handlers: [appbundle_mylistener] 

編輯

所以, OU真正需要做的,是與logout功能實現從AuditListenerLogoutHandlerInterface,然後登記在配置