Best practice forum (Archived)

Totara Sync Log - Multitennancy

Hi Guys, your suggestions please:

I have a setup where we have a multi tenant scenario on the LMS, there are a number of vendors on the LMS who should not technically be able to see each other. They are also given the responsibility to upload/amend their own users in the LMS. They do so via Totara Sync.

When uploading their users via Totara Sync they are directed to the log, after the upload occurs. In the Log they can see previous uploads, and could potentially then make out other vendors information by looking at the user records being updated, which they should not be able to do.

I want to know if its possible to programmatically clear the log as someone clicks the 'Run sync' button, before the sync is run, so that when they are directed to the log after the sync completes that they will only see their records.

Regards
Bodo

Permalink | Reply

Hey Bodo,

This would have to be a custom modification, and it kind of nullifys the point of having the log. However if you are on 2.4? there was a delete button added to the sync log recently. If you look at /admin/tool/totara_sync/admin/synclog.php line 50-78 you can see the code for it. You can copy that code (specifically line #69 where it deletes all records), to the top of the run sync code. You would need to put it in two places, in the /admin/tool/totara_sync/admin/syncexecute.php file (around line #47-48), and again in the admin/tool/totara_sync/lib.php file (before the foreach on line 97) to cover it being run by cron and being run from browser.

Hope this helps.
David

p.s. You would also have to add $DB to the global declaration of the function when you edit the lib.php file (line #57).

Permalink | Show parent | Reply

Hi Bodo.

I might be wrong, but wouldn't deleting before running sync still not guarantee that they cannot see each others logs? Isn't it just a link to a report, which can be viewed/refreshed at any time? For example:

Site A wipes the log, runs sync, views the log, and keeps the link to the log (e.g. bookmark).
Site B wipes the log, runs sync.
Site A opens the log. They see the results of Site B.

Nathan

Permalink | Show parent | Reply

That's a good point, and Site B can potentially wipe all of Site A's logs before they get to see them...

Permalink | Show parent | Reply

Both good Points!

How about:

Hard coding a filter on the log report to only show logs from past minute. And then clearing the log every few minutes via cron.
- There is still risk that Site A can Look at Site B's log if they time the report refresh perfectly.

any other suggestion?

Permalink | Show parent | Reply

Hey Bodo,

I guess it depends on how much work you are willing to put into it, you could customise the log entries to contain the organisation id (or something similar) of the user that ran it (might be harder if its run through cron) and then Automatically filter by that. That would let you keep the records without clearing them all the time and avoid A seeing records from B. Or stick with what you are doing and tell Org A they can sync in the morning and Org B they can sync in the afternoon? Or just run the risk of overlapping syncs, I'm not sure how likely that is to happen?

Either way let us know what you end up going with, it sounds interesting.

Cheers
David

Permalink | Show parent | Reply