Open daledavies opened 1 month ago
Most basic level, an event logs details of which rule plugins denied access and when.
We could pass the rule plugin types as debug data to the event in a similar way to what tool_mfa does...
public static function user_failed_mfa_event($user) { // Build debug info string. $factors = \tool_mfa\plugininfo\factor::get_active_user_factor_types(); $debug = ''; $failurereason = get_string('event:failnotenoughfactors', 'tool_mfa'); foreach ($factors as $factor) { $debug .= "<br> Factor {$factor->name} status: {$factor->get_state()}"; if ($factor->get_state() === \tool_mfa\plugininfo\factor::STATE_FAIL) { $failurereason = get_string('event:failfactor', 'tool_mfa'); } else if ($factor->get_state() === \tool_mfa\plugininfo\factor::STATE_LOCKED) { $failurereason = get_string('event:faillockout', 'tool_mfa'); } } $data = [ 'relateduserid' => null, 'context' => \context_user::instance($user->id), 'other' => [ 'userid' => $user->id, 'debug' => $debug, 'failurereason' => $failurereason, ], ]; return self::create($data); }
Most basic level, an event logs details of which rule plugins denied access and when.
We could pass the rule plugin types as debug data to the event in a similar way to what tool_mfa does...