Issue #2074641 by brad.bulger, DMaester: configurable logging levels

DMaester · Balazs Dianiska · commit da6f589939bb · 2015-08-19T22:02:19.000+02:00
diff --git a/simplesamlphp_auth.admin.inc b/simplesamlphp_auth.admin.inc
@@ -48,7 +48,18 @@ function simplesamlphp_auth_settings_basic() {
     '#default_value' => variable_get('simplesamlphp_auth_login_path', 'saml_login'),
     '#description' => t('Path for logging into SAML - Do not include proceeding slash.'),
   );
-
+  $form['simplesamlphp_auth_grp_debug'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('Debugging'),
+    '#collapsible' => FALSE,
+    '#collapsed' => FALSE,
+  );
+  $form['simplesamlphp_auth_grp_debug']['simplesamlphp_auth_debug'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Turn on debugging messages'),
+    '#default_value' => variable_get('simplesamlphp_auth_debug', FALSE),
+    '#description' => t('Expand the level of watchdog messages logged to include debugging information'),
+  );
   $form['simplesamlphp_auth_grp_reg'] = array(
     '#type' => 'fieldset',
     '#title' => t('User Provisioning'),
diff --git a/simplesamlphp_auth.inc b/simplesamlphp_auth.inc
@@ -20,15 +20,18 @@ function _simplesaml_auth_login_register() {
     // Get unique identifier from saml attributes.
     $authname = _simplesamlphp_auth_get_authname();
 
-    watchdog('simplesamlphp_auth', 'Authname is [%authname] userid is [%uid]', array(
-      '%authname' => $authname,
-      '%uid' => $user->uid,
-    ), WATCHDOG_DEBUG);
-
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', 'Authname is [%authname] userid is [%uid]', array(
+        '%authname' => $authname,
+        '%uid' => $user->uid,
+      ), WATCHDOG_DEBUG);
+    }
     if (!empty($authname)) {
       // User is logged in with SAML authentication and we got the unique
       // identifier, so try to log into Drupal.
-      watchdog('simplesamlphp_auth', 'Loading Drupal user [%authname]', array('%authname' => $authname), WATCHDOG_DEBUG);
+      if (variable_get('simplesamlphp_auth_debug', 0)) {
+        watchdog('simplesamlphp_auth', 'Loading Drupal user [%authname]', array('%authname' => $authname), WATCHDOG_DEBUG);
+      }
 
       // Retrieve user mapping and attempt to log the user in.
       $ext_user = user_external_load($authname);
@@ -92,16 +95,20 @@ function _simplesaml_auth_user_register($authname) {
   if (variable_get('simplesamlphp_auth_registerusers', TRUE)) {
 
     // We are allowed to register new users.
-    watchdog('simplesamlphp_auth', 'Register [%authname]', array('%authname' => $authname), WATCHDOG_DEBUG);
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', 'Register [%authname]', array('%authname' => $authname), WATCHDOG_DEBUG);
+    }
 
     // It's possible that a user with this name already exists, but is not
     // permitted to login to Drupal via SAML. If so, log out of SAML and
     // redirect to the front page.
     $account = user_load_by_name($authname);
     if ($account) {
-      watchdog('simplesamlphp_auth', 'User [%authname] could not be registered because that username already exists and is not SAML enabled.', array(
-        '%authname' => $authname,
-      ), WATCHDOG_DEBUG);
+      if (variable_get('simplesamlphp_auth_debug', 0)) {
+        watchdog('simplesamlphp_auth', 'User [%authname] could not be registered because that username already exists and is not SAML enabled.', array(
+          '%authname' => $authname,
+        ), WATCHDOG_DEBUG);
+      }
 
       drupal_set_message(t('We are sorry, your user account is not SAML enabled.'));
       $_simplesamlphp_auth_as->logout(base_path());
@@ -112,10 +119,12 @@ function _simplesaml_auth_user_register($authname) {
     // Register the new user.
     user_external_login_register($authname, 'simplesamlphp_auth');
 
-    watchdog('simplesamlphp_auth', 'Registered [%authname] with uid @uid', array(
-      '%authname' => $authname,
-      '@uid' => $user->uid,
-    ), WATCHDOG_DEBUG);
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', 'Registered [%authname] with uid @uid', array(
+        '%authname' => $authname,
+        '@uid' => $user->uid,
+      ), WATCHDOG_DEBUG);
+    }
 
     if (!empty($user->uid)) {
       // Populate roles based on configuration setting.
@@ -149,7 +158,9 @@ function _simplesaml_auth_user_register($authname) {
  *   The user account object to update.
  */
 function _simplesaml_auth_user_update($account) {
-  watchdog('simplesamlphp_auth', 'Updating username [%acctname]', array('%acctname' => $account->name), WATCHDOG_DEBUG);
+  if (variable_get('simplesamlphp_auth_debug', 0)) {
+    watchdog('simplesamlphp_auth', 'Updating username [%acctname]', array('%acctname' => $account->name), WATCHDOG_DEBUG);
+  }
 
   db_update('users')
     ->fields(array('name' => $account->name))
@@ -165,7 +176,9 @@ function _simplesaml_auth_user_update($account) {
     watchdog('simplesamlphp_auth', $e->getMessage(), NULL, WATCHDOG_CRITICAL);
   }
 
-  watchdog('simplesamlphp_auth', 'Updating mail [%mailaddr]', array('%mailaddr' => $mail_address), WATCHDOG_DEBUG);
+  if (variable_get('simplesamlphp_auth_debug', 0)) {
+    watchdog('simplesamlphp_auth', 'Updating mail [%mailaddr]', array('%mailaddr' => $mail_address), WATCHDOG_DEBUG);
+  }
 
   if (!empty($mail_address)) {
     db_update('users')
@@ -190,7 +203,9 @@ function _simplesaml_auth_user_login($ext_user) {
   // See if we're supposed to re-evaluate role assignments.
   if (variable_get('simplesamlphp_auth_roleevaleverytime', 0)) {
     // Populate roles based on configuration setting.
-    watchdog('simplesamlphp_auth', 'User already registered [%authname] updating roles.', array('%authname' => $ext_user->name), WATCHDOG_DEBUG);
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', 'User already registered [%authname] updating roles.', array('%authname' => $ext_user->name), WATCHDOG_DEBUG);
+    }
     $roles = _simplesamlphp_auth_rolepopulation(variable_get('simplesamlphp_auth_rolepopulation', ''));
     $userinfo = array('roles' => $roles);
 
diff --git a/simplesamlphp_auth.install b/simplesamlphp_auth.install
@@ -38,6 +38,7 @@ function simplesamlphp_auth_uninstall() {
   variable_del('simplesamlphp_auth_authsource');
   variable_del('simplesamlphp_auth_rolepopulation');
   variable_del('simplesamlphp_auth_roleevaleverytime');
+  variable_del('simplesamlphp_auth_debug');
   variable_del('simplesamlphp_auth_registerusers');
   variable_del('simplesamlphp_auth_allowsetdrupalpwd');
   variable_del('simplesamlphp_auth_allowdefaultlogin');
diff --git a/simplesamlphp_auth.module b/simplesamlphp_auth.module
@@ -199,7 +199,9 @@ function simplesamlphp_auth_user_insert(&$edit, $account, $category = NULL) {
     if ($_simplesamlphp_auth_as->isAuthenticated() && _simplesamlphp_auth_get_authname() == $account->init) {
       // Get name from default attributes.
       try {
-        watchdog('simplesamlphp_auth', 'Registering user [%acctname]', array('%acctname' => $account->name), WATCHDOG_DEBUG);
+        if (variable_get('simplesamlphp_auth_debug', 0)) {
+          watchdog('simplesamlphp_auth', 'Registering user [%acctname]', array('%acctname' => $account->name), WATCHDOG_DEBUG);
+        }
         $account->name = _simplesamlphp_auth_get_default_name($account->uid);
       }
       catch (Exception $e) {
@@ -438,7 +440,9 @@ function _simplesamlphp_auth_get_authname() {
 
   // Check if valid local session exists.
   if (isset($_simplesamlphp_auth_saml_attributes)) {
-    watchdog('simplesamlphp_auth', '_simplesamlphp_auth_get_authname: Valid local SAML session exists', NULL, WATCHDOG_DEBUG);
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', '_simplesamlphp_auth_get_authname: Valid local SAML session exists', NULL, WATCHDOG_DEBUG);
+    }
     if (isset($_simplesamlphp_auth_saml_attributes[variable_get('simplesamlphp_auth_unique_id', 'eduPersonPrincipalName')])) {
       $authname = $_simplesamlphp_auth_saml_attributes[variable_get('simplesamlphp_auth_unique_id', 'eduPersonPrincipalName')][0];
     }
@@ -551,11 +555,13 @@ function _simplesamlphp_auth_generate_block_text() {
  *   An array containing role value and the attribute, or FALSE.
  */
 function _simplesamlphp_auth_evaulaterolerule($roleruleevaluation, $attributes) {
-  watchdog('simplesamlphp_auth', 'Evaluate rule (key=%key,operator=%op,value=%val)', array(
-    '%key' => $roleruleevaluation[0],
-    '%op' => $roleruleevaluation[1],
-    '%val' => $roleruleevaluation[2],
-  ), WATCHDOG_DEBUG);
+  if (variable_get('simplesamlphp_auth_debug', 0)) {
+    watchdog('simplesamlphp_auth', 'Evaluate rule (key=%key,operator=%op,value=%val)', array(
+      '%key' => $roleruleevaluation[0],
+      '%op' => $roleruleevaluation[1],
+      '%val' => $roleruleevaluation[2],
+    ), WATCHDOG_DEBUG);
+  }
 
   if (!array_key_exists($roleruleevaluation[0], $attributes)) {
     return FALSE;
@@ -601,19 +607,24 @@ function _simplesamlphp_auth_rolepopulation($rolemap) {
   global $_simplesamlphp_auth_saml_attributes;
   $roles = array();
 
-  watchdog('simplesamlphp_auth', 'Rolemap: %rolemap', array('%rolemap' => $rolemap), WATCHDOG_DEBUG);
+  if (variable_get('simplesamlphp_auth_debug', 0)) {
+    watchdog('simplesamlphp_auth', 'Rolemap: %rolemap', array('%rolemap' => $rolemap), WATCHDOG_DEBUG);
+  }
 
   // Check if valid local session exists..
   if (!empty($rolemap) && $_simplesamlphp_auth_as->isAuthenticated()) {
     $attributes = $_simplesamlphp_auth_saml_attributes;
 
-    watchdog('simplesamlphp_auth', 'Evaluate rolemap: %rolemap', array('%rolemap' => $rolemap), WATCHDOG_DEBUG);
+    if (variable_get('simplesamlphp_auth_debug', 0)) {
+      watchdog('simplesamlphp_auth', 'Evaluate rolemap: %rolemap', array('%rolemap' => $rolemap), WATCHDOG_DEBUG);
+    }
 
     $rolerules = explode('|', $rolemap);
 
     foreach ($rolerules as $rolerule) {
-      watchdog('simplesamlphp_auth', 'Evaluate role rule: %rolerule', array('%rolerule' => $rolerule), WATCHDOG_DEBUG);
-
+      if (variable_get('simplesamlphp_auth_debug', 0)) {
+        watchdog('simplesamlphp_auth', 'Evaluate role rule: %rolerule', array('%rolerule' => $rolerule), WATCHDOG_DEBUG);
+      }
       $roleruledecompose = explode(':', $rolerule, 2);
 
       $roleid = $roleruledecompose[0];
@@ -622,7 +633,9 @@ function _simplesamlphp_auth_rolepopulation($rolemap) {
       $addnew = TRUE;
       foreach ($roleruleevaluations as $roleruleevaluation) {
 
-        watchdog('simplesamlphp_auth', 'Evaluate role evaulation: %roleruleeval', array('%roleruleeval' => $roleruleevaluation), WATCHDOG_DEBUG);
+        if (variable_get('simplesamlphp_auth_debug', 0)) {
+          watchdog('simplesamlphp_auth', 'Evaluate role evaulation: %roleruleeval', array('%roleruleeval' => $roleruleevaluation), WATCHDOG_DEBUG);
+        }
 
         $roleruleevaluationdc = str_getcsv($roleruleevaluation);
         if (!_simplesamlphp_auth_evaulaterolerule($roleruleevaluationdc, $attributes)) {
@@ -631,7 +644,9 @@ function _simplesamlphp_auth_rolepopulation($rolemap) {
       }
       if ($addnew) {
         $roles[$roleid] = $roleid;
-        watchdog('simplesamlphp_auth', 'Add new role: %roleid', array('%roleid' => $roleid), WATCHDOG_DEBUG);
+        if (variable_get('simplesamlphp_auth_debug', 0)) {
+          watchdog('simplesamlphp_auth', 'Add new role: %roleid', array('%roleid' => $roleid), WATCHDOG_DEBUG);
+        }
       }
 
     }
