FreeDSx · ChadSikorra · May 26, 2026 · May 26, 2026 · May 26, 2026 · May 26, 2026
diff --git a/src/FreeDSx/Ldap/Protocol/Factory/ProtocolHandlerProvider.php b/src/FreeDSx/Ldap/Protocol/Factory/ProtocolHandlerProvider.php
@@ -86,7 +86,6 @@ private function getPasswordModifyHandler(): ServerProtocolHandler\ServerPasswor
                 ),
                 passwordPolicyContext: $this->passwordPolicyContext,
             ),
-            eventLogger: $this->eventLogger,
             passwordPolicyContext: $this->passwordPolicyContext,
         );
     }
@@ -117,7 +116,6 @@ private function getSearchHandler(): ServerProtocolHandler\ServerSearchHandler
             accessControl: $this->options->getAccessControl(),
             schema: $this->options->getSchema(),
             limits: $this->options->makeSearchLimits(),
-            eventLogger: $this->eventLogger,
         );
     }
 
@@ -158,7 +156,6 @@ private function getPagingHandler(): ServerProtocolHandler\ServerPagingHandler
             requestHistory: $this->requestHistory,
             schema: $this->options->getSchema(),
             limits: $this->options->makeSearchLimits(),
-            eventLogger: $this->eventLogger,
         );
     }
 }
diff --git a/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPagingHandler.php b/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPagingHandler.php
@@ -25,15 +25,14 @@
 use FreeDSx\Ldap\Protocol\Queue\ServerQueue;
 use FreeDSx\Ldap\Schema\Schema;
 use FreeDSx\Ldap\Server\AccessControl\AccessControlInterface;
-use FreeDSx\Ldap\Server\Logging\EventLogger;
 use FreeDSx\Ldap\Server\Backend\LdapBackendInterface;
 use FreeDSx\Ldap\Server\Paging\PagingRequest;
 use FreeDSx\Ldap\Server\Paging\PagingRequestComparator;
 use FreeDSx\Ldap\Server\Paging\PagingResponse;
 use FreeDSx\Ldap\Server\RequestHistory;
 use FreeDSx\Ldap\Server\Backend\Storage\FilterEvaluatorInterface;
-use FreeDSx\Ldap\Server\Operation\OperationOutcomeResult;
 use FreeDSx\Ldap\Server\Operation\OperationResult;
+use FreeDSx\Ldap\Server\Operation\SearchOperationResult;
 use FreeDSx\Ldap\Server\SearchLimits;
 use FreeDSx\Ldap\Server\Token\TokenInterface;
 use Generator;
@@ -58,7 +57,6 @@ public function __construct(
         private readonly Schema $schema,
         private readonly PagingRequestComparator $requestComparator = new PagingRequestComparator(),
         private readonly SearchLimits $limits = new SearchLimits(),
-        private readonly EventLogger $eventLogger = new EventLogger(null),
     ) {}
 
     /**
@@ -74,6 +72,8 @@ public function handleRequest(
 
         $response = null;
         $controls = [];
+        $entriesReturned = 0;
+        $failure = null;
         try {
             $this->assertBaseDnProvided($searchRequest);
             $response = $this->handlePaging(
@@ -99,7 +99,9 @@ public function handleRequest(
                         : $pagingRequest->getNextCookie(),
                 );
             }
+            $entriesReturned = $response->getEntries()->count();
         } catch (OperationException $e) {
+            $failure = $e;
             $matchedDn = $this->filterMatchedDn(
                 $e->getMatchedDn(),
                 $token,
@@ -114,19 +116,6 @@ public function handleRequest(
                 $e->getMessage(),
             );
             $controls[] = new PagingControl(0, '');
-            $this->eventLogger->recordSearchFailure(
-                $message,
-                $e,
-                $token,
-            );
-        }
-
-        if ($response !== null) {
-            $this->eventLogger->recordSearchSuccess(
-                $message,
-                $response->getEntries()->count(),
-                $token,
-            );
         }
 
         $sortControl = $this->sortingControl($message);
@@ -159,9 +148,15 @@ public function handleRequest(
             ...$controls,
         );
 
-        return $response !== null
-            ? OperationOutcomeResult::succeeded()
-            : OperationOutcomeResult::failed();
+        return $failure !== null
+            ? SearchOperationResult::failure(
+                $message,
+                $failure,
+            )
+            : SearchOperationResult::success(
+                $message,
+                $entriesReturned,
+            );
     }
 
     /**

diff --git a/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPasswordModifyHandler.php b/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerPasswordModifyHandler.php
@@ -15,7 +15,6 @@
 
 use FreeDSx\Asn1\Exception\EncoderException;
 use FreeDSx\Ldap\Control\Control;
-use FreeDSx\Ldap\Entry\Dn;
 use FreeDSx\Ldap\Exception\OperationException;
 use FreeDSx\Ldap\Operation\LdapResult;
 use FreeDSx\Ldap\Operation\Request\ExtendedRequest;
@@ -26,11 +25,8 @@
 use FreeDSx\Ldap\Protocol\LdapMessageRequest;
 use FreeDSx\Ldap\Protocol\LdapMessageResponse;
 use FreeDSx\Ldap\Protocol\Queue\ServerQueue;
-use FreeDSx\Ldap\Server\Logging\EventContext;
-use FreeDSx\Ldap\Server\Logging\EventLogger;
-use FreeDSx\Ldap\Server\Logging\ServerEvent;
-use FreeDSx\Ldap\Server\Operation\OperationOutcomeResult;
 use FreeDSx\Ldap\Server\Operation\OperationResult;
+use FreeDSx\Ldap\Server\Operation\PasswordModifyOperationResult;
 use FreeDSx\Ldap\Server\PasswordModify\PasswordModifyResult;
 use FreeDSx\Ldap\Server\PasswordModify\PasswordModifyService;
 use FreeDSx\Ldap\Server\PasswordPolicy\PasswordPolicyContext;
@@ -47,7 +43,6 @@
     public function __construct(
         private ServerQueue $queue,
         private PasswordModifyService $service,
-        private EventLogger $eventLogger = new EventLogger(null),
         private ResponseFactory $responseFactory = new ResponseFactory(),
         private ?PasswordPolicyContext $passwordPolicyContext = null,
     ) {}
@@ -83,26 +78,18 @@ public function handleRequest(
                 null,
                 ...($control === null ? [] : [$control]),
             ));
-            $this->recordFailure(
+
+            return PasswordModifyOperationResult::failure(
+                $message,
                 $e,
-                $token,
                 $targetDn,
-                $message,
             );
-
-            return OperationOutcomeResult::failed();
         }
 
-        $this->eventLogger->record(
-            ServerEvent::PasswordModifySuccess,
-            [
-                EventContext::TARGET => [EventContext::DN => $targetDn->toString()],
-            ],
-            subject: $token,
-            message: $message,
+        return PasswordModifyOperationResult::success(
+            $message,
+            $targetDn,
         );
-
-        return OperationOutcomeResult::succeeded();
     }
 
     /**
@@ -151,35 +138,4 @@ private function passwordPolicyControl(): ?Control
 
         return $control;
     }
-
-    private function recordFailure(
-        OperationException $exception,
-        TokenInterface $token,
-        ?Dn $targetDn,
-        LdapMessageRequest $message,
-    ): void {
-        $event = ServerEvent::fromOperationException(
-            $exception,
-            ServerEvent::AuthorizationDeniedWrite,
-            ServerEvent::PasswordModifyFailed,
-        );
-
-        if ($event === null) {
-            return;
-        }
-
-        $context = [];
-
-        if ($targetDn !== null) {
-            $context[EventContext::TARGET] = [EventContext::DN => $targetDn->toString()];
-        }
-
-        $this->eventLogger->recordFailure(
-            $event,
-            $exception,
-            $context,
-            subject: $token,
-            message: $message,
-        );
-    }
 }
diff --git a/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerSearchHandler.php b/src/FreeDSx/Ldap/Protocol/ServerProtocolHandler/ServerSearchHandler.php
@@ -27,9 +27,8 @@
 use FreeDSx\Ldap\Schema\Schema;
 use FreeDSx\Ldap\Server\Backend\Storage\EntryStream;
 use FreeDSx\Ldap\Server\Backend\Storage\FilterEvaluatorInterface;
-use FreeDSx\Ldap\Server\Logging\EventLogger;
-use FreeDSx\Ldap\Server\Operation\OperationOutcomeResult;
 use FreeDSx\Ldap\Server\Operation\OperationResult;
+use FreeDSx\Ldap\Server\Operation\SearchOperationResult;
 use FreeDSx\Ldap\Server\SearchLimits;
 use FreeDSx\Ldap\Server\Token\TokenInterface;
 use Generator;
@@ -54,7 +53,6 @@ public function __construct(
         private readonly AccessControlInterface $accessControl,
         private readonly Schema $schema,
         private readonly SearchLimits $limits = new SearchLimits(),
-        private readonly EventLogger $eventLogger = new EventLogger(null),
     ) {}
 
     /**
@@ -66,7 +64,7 @@ public function handleRequest(
     ): OperationResult {
         $request = $this->getSearchRequestFromMessage($message);
         $state = new SearchResultState();
-        $isSuccessful = true;
+        $failure = null;
 
         try {
             $this->assertBaseDnProvided($request);
@@ -94,7 +92,7 @@ public function handleRequest(
                 $state,
             );
         } catch (OperationException $e) {
-            $isSuccessful = false;
+            $failure = $e;
             $matchedDn = $this->filterMatchedDn(
                 $e->getMatchedDn(),
                 $token,
@@ -108,11 +106,6 @@ public function handleRequest(
                     : '',
                 $e->getMessage(),
             );
-            $this->eventLogger->recordSearchFailure(
-                $message,
-                $e,
-                $token,
-            );
         }
 
         $sortControl = $this->sortingControl($message);
@@ -127,17 +120,15 @@ public function handleRequest(
             ...$responseControls,
         );
 
-        if ($isSuccessful) {
-            $this->eventLogger->recordSearchSuccess(
+        return $failure !== null
+            ? SearchOperationResult::failure(
+                $message,
+                $failure,
+            )
+            : SearchOperationResult::success(
                 $message,
                 $state->entriesReturned,
-                $token,
             );
-        }
-
-        return $isSuccessful
-            ? OperationOutcomeResult::succeeded()
-            : OperationOutcomeResult::failed();
     }
 
     /**

diff --git a/src/FreeDSx/Ldap/Server/AccessControl/OperationTargetDn.php b/src/FreeDSx/Ldap/Server/AccessControl/OperationTargetDn.php
@@ -0,0 +1,42 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * This file is part of the FreeDSx LDAP package.
+ *
+ * (c) Chad Sikorra <Chad.Sikorra@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace FreeDSx\Ldap\Server\AccessControl;
+
+use FreeDSx\Ldap\Entry\Dn;
+use FreeDSx\Ldap\Operation\Request\AddRequest;
+use FreeDSx\Ldap\Operation\Request\CompareRequest;
+use FreeDSx\Ldap\Operation\Request\DeleteRequest;
+use FreeDSx\Ldap\Operation\Request\ModifyDnRequest;
+use FreeDSx\Ldap\Operation\Request\ModifyRequest;
+use FreeDSx\Ldap\Operation\Request\RequestInterface;
+
+/**
+ * Resolves the primary target DN an operation request acts on.
+ *
+ * @author Chad Sikorra <Chad.Sikorra@gmail.com>
+ */
+final class OperationTargetDn
+{
+    public static function of(RequestInterface $request): ?Dn
+    {
+        return match (true) {
+            $request instanceof AddRequest => $request->getEntry()->getDn(),
+            $request instanceof ModifyRequest,
+            $request instanceof DeleteRequest,
+            $request instanceof ModifyDnRequest,
+            $request instanceof CompareRequest => $request->getDn(),
+            default => null,
+        };
+    }
+}
diff --git a/src/FreeDSx/Ldap/Server/Logging/EventLogger.php b/src/FreeDSx/Ldap/Server/Logging/EventLogger.php
@@ -14,7 +14,6 @@
 namespace FreeDSx\Ldap\Server\Logging;
 
 use FreeDSx\Ldap\Exception\OperationException;
-use FreeDSx\Ldap\Operation\Request\SearchRequest;
 use FreeDSx\Ldap\Protocol\LdapMessageRequest;
 use FreeDSx\Ldap\Server\Token\AuthenticatedTokenInterface;
 use FreeDSx\Ldap\Server\Token\TokenInterface;
@@ -150,68 +149,6 @@ public function recordFailure(
         );
     }
 
-    public function recordSearchSuccess(
-        LdapMessageRequest $message,
-        int $entriesReturned,
-        TokenInterface $token,
-    ): void {
-        $request = $message->getRequest();
-
-        if (!$request instanceof SearchRequest) {
-            return;
-        }
-
-        $this->record(
-            ServerEvent::SearchAuthorized,
-            [
-                EventContext::ENTRIES_RETURNED => $entriesReturned,
-                EventContext::TARGET => self::searchTarget($request),
-            ],
-            subject: $token,
-            message: $message,
-        );
-    }
-
-    public function recordSearchFailure(
-        LdapMessageRequest $message,
-        OperationException $exception,
-        TokenInterface $token,
-    ): void {
-        $event = ServerEvent::fromOperationException(
-            $exception,
-            ServerEvent::AuthorizationDeniedRead,
-        );
-
-        if ($event === null) {
-            return;
-        }
-
-        $request = $message->getRequest();
-
-        if (!$request instanceof SearchRequest) {
-            return;
-        }
-
-        $this->recordFailure(
-            $event,
-            $exception,
-            [EventContext::TARGET => self::searchTarget($request)],
-            subject: $token,
-            message: $message,
-        );
-    }
-
-    /**
-     * @return array<string, mixed>
-     */
-    private static function searchTarget(SearchRequest $request): array
-    {
-        return [
-            EventContext::BASE_DN => (string) $request->getBaseDn(),
-            EventContext::SCOPE => $request->getScope(),
-        ];
-    }
-
     /**
      * @return array<string, mixed>
      */