1
0

Application.php 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2017 Joas Schilling <coding@schilljs.com>
  5. *
  6. * @author Bjoern Schiessle <bjoern@schiessle.org>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. *
  9. * @license GNU AGPL version 3 or any later version
  10. *
  11. * This program is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License as
  13. * published by the Free Software Foundation, either version 3 of the
  14. * License, or (at your option) any later version.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  23. *
  24. */
  25. namespace OCA\AdminAudit\AppInfo;
  26. use OC\Files\Filesystem;
  27. use OC\Files\Node\File;
  28. use OC\Group\Manager;
  29. use OC\User\Session;
  30. use OCA\AdminAudit\Actions\AppManagement;
  31. use OCA\AdminAudit\Actions\Auth;
  32. use OCA\AdminAudit\Actions\Console;
  33. use OCA\AdminAudit\Actions\Files;
  34. use OCA\AdminAudit\Actions\GroupManagement;
  35. use OCA\AdminAudit\Actions\Security;
  36. use OCA\AdminAudit\Actions\Sharing;
  37. use OCA\AdminAudit\Actions\Trashbin;
  38. use OCA\AdminAudit\Actions\UserManagement;
  39. use OCA\AdminAudit\Actions\Versions;
  40. use OCP\App\ManagerEvent;
  41. use OCP\AppFramework\App;
  42. use OCP\Authentication\TwoFactorAuth\IProvider;
  43. use OCP\Console\ConsoleEvent;
  44. use OCP\IGroupManager;
  45. use OCP\ILogger;
  46. use OCP\IPreview;
  47. use OCP\IUserSession;
  48. use OCP\Util;
  49. use Symfony\Component\EventDispatcher\GenericEvent;
  50. use OCP\Share;
  51. class Application extends App {
  52. /** @var ILogger */
  53. protected $logger;
  54. public function __construct() {
  55. parent::__construct('admin_audit');
  56. $this->initLogger();
  57. }
  58. public function initLogger() {
  59. $c = $this->getContainer()->getServer();
  60. $config = $c->getConfig();
  61. $default = $config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/audit.log';
  62. $logFile = $config->getAppValue('admin_audit', 'logfile', $default);
  63. if($logFile === null) {
  64. $this->logger = $c->getLogger();
  65. return;
  66. }
  67. $this->logger = $c->getLogFactory()->getCustomLogger($logFile);
  68. }
  69. public function register() {
  70. $this->registerHooks();
  71. }
  72. /**
  73. * Register hooks in order to log them
  74. */
  75. protected function registerHooks() {
  76. $this->userManagementHooks();
  77. $this->groupHooks();
  78. $this->authHooks();
  79. $this->consoleHooks();
  80. $this->appHooks();
  81. $this->sharingHooks();
  82. $this->fileHooks();
  83. $this->trashbinHooks();
  84. $this->versionsHooks();
  85. $this->securityHooks();
  86. }
  87. protected function userManagementHooks() {
  88. $userActions = new UserManagement($this->logger);
  89. Util::connectHook('OC_User', 'post_createUser', $userActions, 'create');
  90. Util::connectHook('OC_User', 'post_deleteUser', $userActions, 'delete');
  91. Util::connectHook('OC_User', 'changeUser', $userActions, 'change');
  92. /** @var IUserSession|Session $userSession */
  93. $userSession = $this->getContainer()->getServer()->getUserSession();
  94. $userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']);
  95. $userSession->listen('\OC\User', 'assignedUserId', [$userActions, 'assign']);
  96. $userSession->listen('\OC\User', 'postUnassignedUserId', [$userActions, 'unassign']);
  97. }
  98. protected function groupHooks() {
  99. $groupActions = new GroupManagement($this->logger);
  100. /** @var IGroupManager|Manager $groupManager */
  101. $groupManager = $this->getContainer()->getServer()->getGroupManager();
  102. $groupManager->listen('\OC\Group', 'postRemoveUser', [$groupActions, 'removeUser']);
  103. $groupManager->listen('\OC\Group', 'postAddUser', [$groupActions, 'addUser']);
  104. $groupManager->listen('\OC\Group', 'postDelete', [$groupActions, 'deleteGroup']);
  105. $groupManager->listen('\OC\Group', 'postCreate', [$groupActions, 'createGroup']);
  106. }
  107. protected function sharingHooks() {
  108. $shareActions = new Sharing($this->logger);
  109. Util::connectHook(Share::class, 'post_shared', $shareActions, 'shared');
  110. Util::connectHook(Share::class, 'post_unshare', $shareActions, 'unshare');
  111. Util::connectHook(Share::class, 'post_update_permissions', $shareActions, 'updatePermissions');
  112. Util::connectHook(Share::class, 'post_update_password', $shareActions, 'updatePassword');
  113. Util::connectHook(Share::class, 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
  114. Util::connectHook(Share::class, 'share_link_access', $shareActions, 'shareAccessed');
  115. }
  116. protected function authHooks() {
  117. $authActions = new Auth($this->logger);
  118. Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt');
  119. Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful');
  120. Util::connectHook('OC_User', 'logout', $authActions, 'logout');
  121. }
  122. protected function appHooks() {
  123. $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
  124. $eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE, function(ManagerEvent $event) {
  125. $appActions = new AppManagement($this->logger);
  126. $appActions->enableApp($event->getAppID());
  127. });
  128. $eventDispatcher->addListener(ManagerEvent::EVENT_APP_ENABLE_FOR_GROUPS, function(ManagerEvent $event) {
  129. $appActions = new AppManagement($this->logger);
  130. $appActions->enableAppForGroups($event->getAppID(), $event->getGroups());
  131. });
  132. $eventDispatcher->addListener(ManagerEvent::EVENT_APP_DISABLE, function(ManagerEvent $event) {
  133. $appActions = new AppManagement($this->logger);
  134. $appActions->disableApp($event->getAppID());
  135. });
  136. }
  137. protected function consoleHooks() {
  138. $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
  139. $eventDispatcher->addListener(ConsoleEvent::EVENT_RUN, function(ConsoleEvent $event) {
  140. $appActions = new Console($this->logger);
  141. $appActions->runCommand($event->getArguments());
  142. });
  143. }
  144. protected function fileHooks() {
  145. $fileActions = new Files($this->logger);
  146. $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
  147. $eventDispatcher->addListener(
  148. IPreview::EVENT,
  149. function(GenericEvent $event) use ($fileActions) {
  150. /** @var File $file */
  151. $file = $event->getSubject();
  152. $fileActions->preview([
  153. 'path' => substr($file->getInternalPath(), 5),
  154. 'width' => $event->getArguments()['width'],
  155. 'height' => $event->getArguments()['height'],
  156. 'crop' => $event->getArguments()['crop'],
  157. 'mode' => $event->getArguments()['mode']
  158. ]);
  159. }
  160. );
  161. Util::connectHook(
  162. Filesystem::CLASSNAME,
  163. Filesystem::signal_post_rename,
  164. $fileActions,
  165. 'rename'
  166. );
  167. Util::connectHook(
  168. Filesystem::CLASSNAME,
  169. Filesystem::signal_post_create,
  170. $fileActions,
  171. 'create'
  172. );
  173. Util::connectHook(
  174. Filesystem::CLASSNAME,
  175. Filesystem::signal_post_copy,
  176. $fileActions,
  177. 'copy'
  178. );
  179. Util::connectHook(
  180. Filesystem::CLASSNAME,
  181. Filesystem::signal_post_write,
  182. $fileActions,
  183. 'write'
  184. );
  185. Util::connectHook(
  186. Filesystem::CLASSNAME,
  187. Filesystem::signal_post_update,
  188. $fileActions,
  189. 'update'
  190. );
  191. Util::connectHook(
  192. Filesystem::CLASSNAME,
  193. Filesystem::signal_read,
  194. $fileActions,
  195. 'read'
  196. );
  197. Util::connectHook(
  198. Filesystem::CLASSNAME,
  199. Filesystem::signal_delete,
  200. $fileActions,
  201. 'delete'
  202. );
  203. }
  204. protected function versionsHooks() {
  205. $versionsActions = new Versions($this->logger);
  206. Util::connectHook('\OCP\Versions', 'rollback', $versionsActions, 'rollback');
  207. Util::connectHook('\OCP\Versions', 'delete',$versionsActions, 'delete');
  208. }
  209. protected function trashbinHooks() {
  210. $trashActions = new Trashbin($this->logger);
  211. Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
  212. Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
  213. }
  214. protected function securityHooks() {
  215. $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
  216. $eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function(GenericEvent $event) {
  217. $security = new Security($this->logger);
  218. $security->twofactorSuccess($event->getSubject(), $event->getArguments());
  219. });
  220. $eventDispatcher->addListener(IProvider::EVENT_FAILED, function(GenericEvent $event) {
  221. $security = new Security($this->logger);
  222. $security->twofactorFailed($event->getSubject(), $event->getArguments());
  223. });
  224. }
  225. }