diff --git a/.gitignore b/.gitignore index e7ced4b393..69b977aee0 100644 --- a/.gitignore +++ b/.gitignore @@ -23,6 +23,7 @@ !/apps/provisioning_api !/apps/systemtags !/apps/testing +!/apps/admin_audit !/apps/updatenotification /apps/files_external/3rdparty/irodsphp/PHPUnitTest /apps/files_external/3rdparty/irodsphp/web diff --git a/apps/admin_audit/appinfo/app.php b/apps/admin_audit/appinfo/app.php index 4418ada2ed..ea5fb0286b 100644 --- a/apps/admin_audit/appinfo/app.php +++ b/apps/admin_audit/appinfo/app.php @@ -20,123 +20,8 @@ */ $logger = \OC::$server->getLogger(); +$userSession = \OC::$server->getUserSession(); +$groupManager = \OC::$server->getGroupManager(); -logUserManagement( - $logger, - \OC::$server->getUserSession() -); -logFileActions($logger); -logAuthEvents($logger); -logShareEvents($logger); - -/** - * Logs sharing events - * - * @param \OCP\ILogger $logger - */ -function logShareEvents($logger) { - $shareActions = new \OCA\Admin_Audit\Actions\Sharing( - $logger - ); - - OCP\Util::connectHook('OCP\Share', 'post_shared', $shareActions, 'shared'); - OCP\Util::connectHook('OCP\Share', 'post_unshare', $shareActions, 'unshare'); - OCP\Util::connectHook('OCP\Share', 'post_update_permissions', $shareActions, 'updatePermissions'); - OCP\Util::connectHook('OCP\Share', 'post_update_password', $shareActions, 'updatePassword'); - OCP\Util::connectHook('OCP\Share', 'post_set_expiration_date', $shareActions, 'updateExpirationDate'); - OCP\Util::connectHook('OCP\Share', 'share_link_access', $shareActions, 'shareAccessed'); -} - -/** - * Log authentication event related actions - * - * @param \OCP\ILogger $logger - */ -function logAuthEvents($logger) { - $authActions = new \OCA\Admin_Audit\Actions\Auth( - $logger - ); - OCP\Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt'); - OCP\Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful'); - OCP\Util::connectHook('OC_User', 'logout', $authActions, 'logout'); -} - -/** - * Log user management related actions - * - * @param \OCP\ILogger $logger - * @param \OC\User\Session $userSession - */ -function logUserManagement($logger, $userSession) { - $userActions = new \OCA\Admin_Audit\Actions\UserManagement( - $logger - ); - - OCP\Util::connectHook( - 'OC_User', - 'post_createUser', - $userActions, - 'create' - ); - OCP\Util::connectHook( - 'OC_User', - 'post_deleteUser', - $userActions, - 'delete' - ); - $userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']); -} - -/** - * Log file related actions - * - * @param \OCP\ILogger $logger - */ -function logFileActions($logger) { - $fileActions = new \OCA\Admin_Audit\Actions\Files( - $logger - ); - - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_post_rename, - $fileActions, - 'rename' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_post_create, - $fileActions, - 'create' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_post_copy, - $fileActions, - 'copy' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_post_write, - $fileActions, - 'write' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_post_update, - $fileActions, - 'update' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_read, - $fileActions, - 'read' - ); - OCP\Util::connectHook( - OC\Files\Filesystem::CLASSNAME, - OC\Files\Filesystem::signal_delete, - $fileActions, - 'delete' - ); -} +$auditLogger = new \OCA\Admin_Audit\AuditLogger($logger, $userSession, $groupManager); +$auditLogger->registerHooks(); diff --git a/apps/admin_audit/actions/action.php b/apps/admin_audit/lib/actions/action.php similarity index 100% rename from apps/admin_audit/actions/action.php rename to apps/admin_audit/lib/actions/action.php diff --git a/apps/admin_audit/actions/auth.php b/apps/admin_audit/lib/actions/auth.php similarity index 100% rename from apps/admin_audit/actions/auth.php rename to apps/admin_audit/lib/actions/auth.php diff --git a/apps/admin_audit/actions/files.php b/apps/admin_audit/lib/actions/files.php similarity index 100% rename from apps/admin_audit/actions/files.php rename to apps/admin_audit/lib/actions/files.php diff --git a/apps/admin_audit/lib/actions/groupmanagement.php b/apps/admin_audit/lib/actions/groupmanagement.php new file mode 100644 index 0000000000..4ece8994f3 --- /dev/null +++ b/apps/admin_audit/lib/actions/groupmanagement.php @@ -0,0 +1,73 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + + +namespace OCA\Admin_Audit\Actions; + + +use OCA\Admin_Audit\Actions\Action; +use OCP\IGroup; +use OCP\IUser; + +/** + * Class GroupManagement logs all group manager related events + * + * @package OCA\Admin_Audit + */ +class GroupManagement extends Action { + + /** + * log add user to group event + * + * @param IGroup $group + * @param IUser $user + */ + public function addUser(IGroup $group, IUser $user) { + $this->log('User "%s" added to group "%s"', + [ + 'group' => $group->getGID(), + 'user' => $user->getUID() + ], + [ + 'user', 'group' + ] + ); + } + + /** + * log remove user from group event + * + * @param IGroup $group + * @param IUser $user + */ + public function removeUser(IGroup $group, IUser $user) { + $this->log('User "%s" removed from group "%s"', + [ + 'group' => $group->getGID(), + 'user' => $user->getUID() + ], + [ + 'user', 'group' + ] + ); + } + +} diff --git a/apps/admin_audit/actions/sharing.php b/apps/admin_audit/lib/actions/sharing.php similarity index 100% rename from apps/admin_audit/actions/sharing.php rename to apps/admin_audit/lib/actions/sharing.php diff --git a/apps/admin_audit/lib/actions/trashbin.php b/apps/admin_audit/lib/actions/trashbin.php new file mode 100644 index 0000000000..2cd3189d06 --- /dev/null +++ b/apps/admin_audit/lib/actions/trashbin.php @@ -0,0 +1,69 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + + +namespace OCA\Admin_Audit\Actions; + + +use OCP\ILogger; +use OCP\IUserSession; + +class Trashbin extends Action { + + /** @var IUserSession */ + private $userSession; + + /** + * Trashbin constructor. + * + * @param ILogger $logger + * @param IUserSession $userSession + */ + public function __construct(ILogger $logger, IUserSession $userSession) { + parent::__construct($logger); + $this->userSession = $userSession; + } + + public function delete($params) { + $this->log('File "%s" deleted from trash bin by "%s"', + [ + 'path' => $params['path'], + 'user' => $this->userSession->getUser()->getUID() + ], + [ + 'path', 'user' + ] + ); + } + + public function restore($params) { + $this->log('File "%s" restored from trash bin by "%s"', + [ + 'path' => $params['filePath'], + 'user' => $this->userSession->getUser()->getUID() + ], + [ + 'path', 'user' + ] + ); + } + +} diff --git a/apps/admin_audit/actions/usermanagement.php b/apps/admin_audit/lib/actions/usermanagement.php similarity index 95% rename from apps/admin_audit/actions/usermanagement.php rename to apps/admin_audit/lib/actions/usermanagement.php index be8b4a8602..5005d15096 100644 --- a/apps/admin_audit/actions/usermanagement.php +++ b/apps/admin_audit/lib/actions/usermanagement.php @@ -19,6 +19,7 @@ * */ namespace OCA\Admin_Audit\Actions; +use OCP\IUser; /** * Class UserManagement logs all user management related actions. @@ -59,9 +60,9 @@ class UserManagement extends Action { /** * Logs changing of the user scope * - * @param \OCP\IUser $user + * @param IUser $user */ - public function setPassword(\OCP\IUser $user) { + public function setPassword(IUser $user) { if($user->getBackendClassName() === 'Database') { $this->log( 'Password of user "%s" has been changed', diff --git a/apps/admin_audit/lib/auditlogger.php b/apps/admin_audit/lib/auditlogger.php new file mode 100644 index 0000000000..e3cfd42f5d --- /dev/null +++ b/apps/admin_audit/lib/auditlogger.php @@ -0,0 +1,178 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + + +namespace OCA\Admin_Audit; + + +use OC\Files\Filesystem; +use OCA\Admin_Audit\Actions\Auth; +use OCA\Admin_Audit\Actions\Files; +use OCA\Admin_Audit\Actions\GroupManagement; +use OCA\Admin_Audit\Actions\Sharing; +use OCA\Admin_Audit\Actions\Trashbin; +use OCA\Admin_Audit\Actions\UserManagement; +use OCP\IGroupManager; +use OCP\ILogger; +use OCP\IUserSession; +use OCP\Util; + +class AuditLogger { + + /** @var ILogger */ + private $logger; + + /** @var IUserSession */ + private $userSession; + + /** @var IGroupManager */ + private $groupManager; + + /** + * AuditLogger constructor. + * + * @param ILogger $logger + * @param IUserSession $userSession + * @param IGroupManager $groupManager + */ + public function __construct(ILogger $logger, + IUserSession $userSession, + IGroupManager $groupManager) { + $this->logger = $logger; + $this->userSession = $userSession; + $this->groupManager = $groupManager; + } + + /** + * register hooks in order to log them + */ + public function registerHooks() { + $this->userManagementHooks(); + $this->groupHooks(); + $this->sharingHooks(); + $this->authHooks(); + $this->fileHooks(); + $this->trashbinHooks(); + } + + /** + * connect to user management hooks + */ + private function userManagementHooks() { + $userActions = new UserManagement($this->logger); + + Util::connectHook('OC_User', 'post_createUser', $userActions, 'create'); + Util::connectHook('OC_User', 'post_deleteUser', $userActions, 'delete'); + $this->userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']); + } + + private function groupHooks() { + $groupActions = new GroupManagement($this->logger); + $this->groupManager->listen('\OC\Group', 'postRemoveUser', [$groupActions, 'removeUser']); + $this->groupManager->listen('\OC\Group', 'postAddUser', [$groupActions, 'addUser']); + } + + /** + * connect to sharing events + */ + private function sharingHooks() { + $shareActions = new Sharing($this->logger); + + Util::connectHook('OCP\Share', 'post_shared', $shareActions, 'shared'); + Util::connectHook('OCP\Share', 'post_unshare', $shareActions, 'unshare'); + Util::connectHook('OCP\Share', 'post_update_permissions', $shareActions, 'updatePermissions'); + Util::connectHook('OCP\Share', 'post_update_password', $shareActions, 'updatePassword'); + Util::connectHook('OCP\Share', 'post_set_expiration_date', $shareActions, 'updateExpirationDate'); + Util::connectHook('OCP\Share', 'share_link_access', $shareActions, 'shareAccessed'); + } + + /** + * connect to authentication event and related actions + */ + private function authHooks() { + $authActions = new Auth($this->logger); + + Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt'); + Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful'); + Util::connectHook('OC_User', 'logout', $authActions, 'logout'); + } + + + /** + * connect to file hooks + */ + private function fileHooks() { + $fileActions = new Files($this->logger); + + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_post_rename, + $fileActions, + 'rename' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_post_create, + $fileActions, + 'create' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_post_copy, + $fileActions, + 'copy' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_post_write, + $fileActions, + 'write' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_post_update, + $fileActions, + 'update' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_read, + $fileActions, + 'read' + ); + Util::connectHook( + Filesystem::CLASSNAME, + Filesystem::signal_delete, + $fileActions, + 'delete' + ); + } + + /** + * connect to trash bin hooks + */ + private function trashbinHooks() { + $trashActions = new Trashbin($this->logger, $this->userSession); + Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete'); + Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore'); + } + +}