Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Welcome to the CollectiveAccess support forum! Here the developers and community answer questions related to use of the software. Please include the following information in every new issue posted here:

  1. Version of the software that is used, along with browser and version

  2. If the issue pertains to Providence, Pawtucket or both

  3. What steps you’ve taken to try to resolve the issue

  4. Screenshots demonstrating the issue

  5. The relevant sections of your installation profile or configuration including the codes and settings defined for your local elements.


If your question pertains to data import or export, please also include:

  1. Data sample

  2. Your mapping


Answers may be delayed for posts that do not include sufficient information.

Is there anyway to disable login logging for a user?

I have created a user/password login for allowing external access to the database for searching from a wordpress site via service.php calls. The problem is that every access to the database gets added to the recent login widget....causing actual logins by users to be pushed down and out of the recent login list.

Is there anyway to disable recording the recent logins for this user? Or is there a better way to grant external access?

Comments

  • No, this is how it works currently. If you want to change the behavior, either submit a pull request with your code changes or create a JIRA ticket at https://collectiveaccess.atlassian.net.

  • I think I can get away with just not logging for my internal ip address.
    Is it too much of a hack to define a constant in setup.php and then wrap a check around it in /app/lib/Controller/Request/RequestHTTP.php around line 866:
    Might there be a less brutal way to go about this?


    setup:
    define("CA_IP_NO_LOGGING", '66.96.183.14');


    /app/lib/Controller/Request/RequestHTTP.php:
    if(!defined("CA_IP_NO_LOGGING") or $_SERVER["REMOTE_ADDR"] != CA_IP_NO_LOGGING){
    $o_event_log->log(array("CODE" => "LOGN", "SOURCE" => "Auth", "MESSAGE" => "Successful login for '".$pa_options["user_name"]."'; IP=".$_SERVER["REMOTE_ADDR"]."; user agent=".RequestHTTP::ip()));
    }

  • The issue is that my wordpress searcher that I'm building becomes a login event for every search from wordpress. I had generated over 32k login events for the searching in about a week

  • We could add a user login flag to not do this logging. That would be the cleanest solution, I think.

  • So then how about:


    /app/conf/user_actions.conf: section service.api:
    can_use_json_no_logging_login = {
    label = _("Use JSON Services without logging Logins"),
    description = _("Allow user to use JSON service without logging users Logins.")
    },
    ...


    /app/lib/Controller/Request/RequestHTTP.php:
    if (!$this->user->canDoAction('can_use_json_no_logging_login')) {
    $o_event_log->log(array("CODE" => "LOGN", "SOURCE" => "Auth", "MESSAGE" => "Successful login for '".$pa_options["user_name"]."'; IP=".$_SERVER["REMOTE_ADDR"]."; user agent=".RequestHTTP::ip()));
    }

  • Ok I'll do something like that.

  • What is the relationship between access_restrictions.conf and user_actions.conf? Should access_restriction.conf also be involved in this?

  • OK...after a little hair pulling I figured out that any user who is an administrator will always return canDoAction as enabled without actually checking, so in order for an administrator to be logged I had to reverse the logic so that the flag is enabling logging. This means that new access roles will default to no-logging. Not the end of the world.

  • edited May 11

    Hi. I have a similar issue. I applied mods, and it works fine.
    Will it be committed in next update?

Sign In or Register to comment.