In instances where a user's account gets modified (like blocking), add a link to the watchdog message to the user's page or edit page. It would look something like this:

watchdog('user', 'Blocked user %username: with uid %uid due to security configuration.', $variables, WATCHDOG_NOTICE);

// could change to
watchdog('user', 'Blocked user %username: with uid %uid due to security configuration.', $variables, WATCHDOG_NOTICE, l(t('edit user'), "user/{$variables['%uid']}/edit", array('query' => array('destination' => 'admin/user/user'))));
CommentFileSizeAuthor
#2 501040_watchdog_messages.patch3.11 KBilo

Comments

ilo’s picture

ilo commented
Assigned: Unassigned » ilo

yes, I saw this and already did some changes to mimic the information shown by default from the user module in the new strings.

ilo’s picture

ilo commented
Status: Active » Needs review
StatusFileSize
new 501040_watchdog_messages.patch3.11 KB

I've done some changes also. The block operation now checks if user is blocked to avoid repeating the watchdog message. The IP ban address now follows the same rule, and the edit link to change the access rule is included in the watchdog message.

deekayen’s picture

deekayen commented

Have you verified to see that a watchdog entry is made for already blocked users? The core login happens before login_security_validate and should throw a core error for denied login on a blocked user before login_security gets a chance even to do a block of its own. In other words, does a login failure at the core validation prevent login_security_validate() from even executing it's own block and watchdog.

ilo’s picture

ilo commented

verified again.. starting from a clean track table, with blocking user max set to 3:

user 06/24/2009 - 23:32 Blocked user ilo: with uid 4 due ... Anonymous
user 06/24/2009 - 23:32 Login attempt failed for ilo. Anonymous
user 06/24/2009 - 23:32 Blocked user ilo: with uid 4 due ... Anonymous
user 06/24/2009 - 23:32 Login attempt failed for ilo. Anonymous
user 06/24/2009 - 23:32 Blocked user ilo: with uid 4 due ... Anonymous
user 06/24/2009 - 23:32 Login attempt failed for ilo. Anonymous
user 06/24/2009 - 23:31 Login attempt failed for ilo. Anonymous
user 06/24/2009 - 23:31 Login attempt failed for ilo. Anonymous
user 06/24/2009 - 23:31 Login attempt failed for ilo. Anonymous

Currently it keeps blocking in each login attempt, even if user is already blocked. The user gets blocked in the login attempt at 23:32

All the validators are called and this includes login_security_validate. As there was no logic in that function to see if user was blocked, login_security just blocks the user again and again..

I'm not sure if you mean that login_security_validate should not be called if the user is blocked.. :?

deekayen’s picture

deekayen commented

No, that's what I wanted to know. Good catch. I'm working on #500394: Add new log fetcher, which should help with asserts on log messages, but that probably won't apply here any time soon (7.x and newer).

ilo’s picture

ilo commented

mm I started to write tests using raw db_query to watchdog table, and then assertTrue to see if watchdog matches what was expected. But it's going to be hand-to-hand with the proposed patch for the translatable strings, as watchdog messages may also be changed there.

I'll be waiting to see how that log fetcher ends, it would be quite useful!

deekayen’s picture

deekayen commented
Status: Needs review » Fixed

Committed to DRUPAL-6--1

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

  • deekayen committed bb32f0d on 6.x-1.x, 8.x-1.x 
    #501040 by deekayen, ilo: Add link to blocked user accounts for watchdog...