Commit 5a9823d1 authored by catch's avatar catch

Issue #3114122 by jungle, klausi, dww: ExceptionLoggingSubscriber should log...

Issue #3114122 by jungle, klausi, dww: ExceptionLoggingSubscriber should log 403 access denied reason

(cherry picked from commit 5fbd9c79)
parent 2a52b32d
......@@ -38,8 +38,12 @@ public function __construct(LoggerChannelFactoryInterface $logger) {
* The event to process.
*/
public function on403(ExceptionEvent $event) {
$request = $event->getRequest();
$this->logger->get('access denied')->warning('@uri', ['@uri' => $request->getRequestUri()]);
// Log the exception with the page where it happened so that admins know
// why access was denied.
$exception = $event->getThrowable();
$error = Error::decodeException($exception);
$error['@uri'] = $event->getRequest()->getRequestUri();
$this->logger->get('access denied')->warning('Path: @uri. %type: @message in %function (line %line of %file).', $error);
}
/**
......
......@@ -135,6 +135,44 @@ public function testLogEventPage() {
$this->assertText('Notice', 'The severity was properly displayed on the detail page.');
}
/**
* Tests that a 403 event is logged with the exception triggering it.
*/
public function test403LogEventPage() {
$assert_session = $this->assertSession();
$uri = 'admin/reports';
$this->drupalLogin($this->webUser);
$this->drupalGet($uri);
$assert_session->statusCodeEquals(403);
$this->drupalLogin($this->adminUser);
$wid = Database::getConnection()->query("SELECT MAX(wid) FROM {watchdog} WHERE type='access denied'")->fetchField();
$this->drupalGet('admin/reports/dblog/event/' . $wid);
$table = $this->xpath("//table[@class='dblog-event']");
$this->assertCount(1, $table);
// Verify type, severity and location.
$type = $table[0]->findAll('xpath', "//tr/th[contains(text(), 'Type')]/../td");
$this->assertCount(1, $type);
$this->assertEquals('access denied', $type[0]->getText());
$severity = $table[0]->findAll('xpath', "//tr/th[contains(text(), 'Severity')]/../td");
$this->assertCount(1, $severity);
$this->assertEquals('Warning', $severity[0]->getText());
$location = $table[0]->findAll('xpath', "//tr/th[contains(text(), 'Location')]/../td/a");
$this->assertCount(1, $location);
$href = $location[0]->getAttribute('href');
$this->assertEquals($this->baseUrl . '/' . $uri, $href);
// Verify message.
$message = $table[0]->findAll('xpath', "//tr/th[contains(text(), 'Message')]/../td");
$this->assertCount(1, $message);
$regex = "@Path: .+admin/reports\. Drupal\\\\Core\\\\Http\\\\Exception\\\\CacheableAccessDeniedHttpException: The 'access site reports' permission is required\. in Drupal\\\\Core\\\\Routing\\\\AccessAwareRouter->checkAccess\(\) \(line \d+ of .+/core/lib/Drupal/Core/Routing/AccessAwareRouter\.php\)\.@";
$this->assertRegExp($regex, $message[0]->getText());
}
/**
* Test not-existing log event page.
*/
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment