silverstripe / silverstripe-auditor

code/AuditHookMemberGroupSet.php

<?php

namespace SilverStripe\Auditor;

use SilverStripe\Core\Injector\Injector;
use SilverStripe\Security\Group;
use SilverStripe\Security\Member;
use SilverStripe\Security\Member_GroupSet;
use SilverStripe\Security\Security;

class AuditHookMemberGroupSet extends Member_GroupSet
{
    /**
     * Overload {@link ManyManyList::removeByID()} so we can log
     * when a Member is removed from a Group.
     */
    public function removeByID($itemID)
    {
        parent::removeByID($itemID);

        if ($this->getJoinTable() === 'Group_Members') {
            $currentMember = Security::getCurrentUser();
            if (!$currentMember || !$currentMember->exists()) {

$currentMember is of type SilverStripe\Security\Member, thus it always evaluated to true.

                return;
            }

            $group = Group::get()->byId($itemID);
            $member = Member::get()->byId($this->getForeignID());

$this->getForeignID() of type string is incompatible with the type integer expected by parameter $id of SilverStripe\ORM\DataList::byID().

            if (!$group) {

$group is of type SilverStripe\ORM\DataObject, thus it always evaluated to true.

                return;
            }
            if (!$member) {

$member is of type SilverStripe\ORM\DataObject, thus it always evaluated to true.

                return;
            }

            $this->getAuditLogger()->info(sprintf(
                '"%s" (ID: %s) removed Member "%s" (ID: %s) from Group "%s" (ID: %s)',
                $currentMember->Email ?: $currentMember->Title,
                $currentMember->ID,
                $member->Email ?: $member->Title,
                $member->ID,
                $group->Title,
                $group->ID
            ));
        }
    }

    protected function getAuditLogger()
    {
        // See note on AuditHook::getAuditLogger
        return Injector::inst()->get('AuditLogger');
    }
}