er314 Posted August 13, 2021 Share Posted August 13, 2021 GetFieldValue is responsible for performing access control to a field value, and denying access when applicable. I would like to be able to log the access denied events (on Dev, for debugging purpose ; in Prod, for security monitoring purpose). -> basically, I would need to do, via hook, the equivalent of the following addition : Page.php [...] protected function getFieldValue($key, $selector = '') { [...] if($field->useRoles && $this->outputFormatting) { // API access may be limited when output formatting is ON if($field->flags & Field::flagAccessAPI) { // API access always allowed because of flag } else if($this->viewable($field)) { // User has view permission for this field } else { // API access is denied when output formatting is ON // so just return a blank value as defined by the Fieldtype // note: we do not store this blank value in the Page, so that // the real value can potentially be loaded later without output formatting /*** CODE ADDED ***/ if ($this->wire()->config->is_logging_access_denied) { $log = $this->wire()->log; $log->save("errors", "Core access denied - field {$field->name}, template {$template->name}, page {$this->id}"); // + user & URL are auto-added to the log event } /*** ***/ $value = $fieldtype->getBlankValue($this, $field); return $this->formatFieldValue($field, $value); } [...] Question : Is it possible to somehow hook into this getFieldValue() method ? (in order to perform the above added processing via hook) I don't think so (according to https://somatonic.github.io/Captain-Hook/index-dev.html), but I'm asking, for possible ideas. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now