1
0

Application.php 8.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace OCA\AdminAudit\AppInfo;
  8. use OCA\AdminAudit\Actions\Auth;
  9. use OCA\AdminAudit\Actions\Console;
  10. use OCA\AdminAudit\Actions\Files;
  11. use OCA\AdminAudit\Actions\Sharing;
  12. use OCA\AdminAudit\Actions\TagManagement;
  13. use OCA\AdminAudit\Actions\Trashbin;
  14. use OCA\AdminAudit\Actions\Versions;
  15. use OCA\AdminAudit\AuditLogger;
  16. use OCA\AdminAudit\IAuditLogger;
  17. use OCA\AdminAudit\Listener\AppManagementEventListener;
  18. use OCA\AdminAudit\Listener\AuthEventListener;
  19. use OCA\AdminAudit\Listener\ConsoleEventListener;
  20. use OCA\AdminAudit\Listener\CriticalActionPerformedEventListener;
  21. use OCA\AdminAudit\Listener\FileEventListener;
  22. use OCA\AdminAudit\Listener\GroupManagementEventListener;
  23. use OCA\AdminAudit\Listener\SecurityEventListener;
  24. use OCA\AdminAudit\Listener\SharingEventListener;
  25. use OCA\AdminAudit\Listener\UserManagementEventListener;
  26. use OCP\App\Events\AppDisableEvent;
  27. use OCP\App\Events\AppEnableEvent;
  28. use OCP\App\Events\AppUpdateEvent;
  29. use OCP\AppFramework\App;
  30. use OCP\AppFramework\Bootstrap\IBootContext;
  31. use OCP\AppFramework\Bootstrap\IBootstrap;
  32. use OCP\AppFramework\Bootstrap\IRegistrationContext;
  33. use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
  34. use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
  35. use OCP\Console\ConsoleEvent;
  36. use OCP\EventDispatcher\IEventDispatcher;
  37. use OCP\Files\Events\Node\BeforeNodeDeletedEvent;
  38. use OCP\Files\Events\Node\BeforeNodeReadEvent;
  39. use OCP\Files\Events\Node\BeforeNodeRenamedEvent;
  40. use OCP\Files\Events\Node\NodeCopiedEvent;
  41. use OCP\Files\Events\Node\NodeCreatedEvent;
  42. use OCP\Files\Events\Node\NodeRenamedEvent;
  43. use OCP\Files\Events\Node\NodeWrittenEvent;
  44. use OCP\Group\Events\GroupCreatedEvent;
  45. use OCP\Group\Events\GroupDeletedEvent;
  46. use OCP\Group\Events\UserAddedEvent;
  47. use OCP\Group\Events\UserRemovedEvent;
  48. use OCP\IConfig;
  49. use OCP\Log\Audit\CriticalActionPerformedEvent;
  50. use OCP\Log\ILogFactory;
  51. use OCP\Preview\BeforePreviewFetchedEvent;
  52. use OCP\Share;
  53. use OCP\Share\Events\ShareCreatedEvent;
  54. use OCP\Share\Events\ShareDeletedEvent;
  55. use OCP\SystemTag\ManagerEvent;
  56. use OCP\User\Events\BeforeUserLoggedInEvent;
  57. use OCP\User\Events\BeforeUserLoggedOutEvent;
  58. use OCP\User\Events\PasswordUpdatedEvent;
  59. use OCP\User\Events\UserChangedEvent;
  60. use OCP\User\Events\UserCreatedEvent;
  61. use OCP\User\Events\UserDeletedEvent;
  62. use OCP\User\Events\UserIdAssignedEvent;
  63. use OCP\User\Events\UserIdUnassignedEvent;
  64. use OCP\User\Events\UserLoggedInEvent;
  65. use OCP\User\Events\UserLoggedInWithCookieEvent;
  66. use OCP\Util;
  67. use Psr\Container\ContainerInterface;
  68. class Application extends App implements IBootstrap {
  69. public function __construct() {
  70. parent::__construct('admin_audit');
  71. }
  72. public function register(IRegistrationContext $context): void {
  73. $context->registerService(IAuditLogger::class, function (ContainerInterface $c) {
  74. return new AuditLogger($c->get(ILogFactory::class), $c->get(IConfig::class));
  75. });
  76. $context->registerEventListener(CriticalActionPerformedEvent::class, CriticalActionPerformedEventListener::class);
  77. // User management events
  78. $context->registerEventListener(UserCreatedEvent::class, UserManagementEventListener::class);
  79. $context->registerEventListener(UserDeletedEvent::class, UserManagementEventListener::class);
  80. $context->registerEventListener(UserChangedEvent::class, UserManagementEventListener::class);
  81. $context->registerEventListener(PasswordUpdatedEvent::class, UserManagementEventListener::class);
  82. $context->registerEventListener(UserIdAssignedEvent::class, UserManagementEventListener::class);
  83. $context->registerEventListener(UserIdUnassignedEvent::class, UserManagementEventListener::class);
  84. // Group management events
  85. $context->registerEventListener(UserAddedEvent::class, GroupManagementEventListener::class);
  86. $context->registerEventListener(UserRemovedEvent::class, GroupManagementEventListener::class);
  87. $context->registerEventListener(GroupCreatedEvent::class, GroupManagementEventListener::class);
  88. $context->registerEventListener(GroupDeletedEvent::class, GroupManagementEventListener::class);
  89. // Sharing events
  90. $context->registerEventListener(ShareCreatedEvent::class, SharingEventListener::class);
  91. $context->registerEventListener(ShareDeletedEvent::class, SharingEventListener::class);
  92. // Auth events
  93. $context->registerEventListener(BeforeUserLoggedInEvent::class, AuthEventListener::class);
  94. $context->registerEventListener(UserLoggedInWithCookieEvent::class, AuthEventListener::class);
  95. $context->registerEventListener(UserLoggedInEvent::class, AuthEventListener::class);
  96. $context->registerEventListener(BeforeUserLoggedOutEvent::class, AuthEventListener::class);
  97. // File events
  98. $context->registerEventListener(BeforePreviewFetchedEvent::class, FileEventListener::class);
  99. // Security events
  100. $context->registerEventListener(TwoFactorProviderChallengePassed::class, SecurityEventListener::class);
  101. $context->registerEventListener(TwoFactorProviderChallengeFailed::class, SecurityEventListener::class);
  102. // App management events
  103. $context->registerEventListener(AppEnableEvent::class, AppManagementEventListener::class);
  104. $context->registerEventListener(AppDisableEvent::class, AppManagementEventListener::class);
  105. $context->registerEventListener(AppUpdateEvent::class, AppManagementEventListener::class);
  106. // Console events
  107. $context->registerEventListener(ConsoleEvent::class, ConsoleEventListener::class);
  108. }
  109. public function boot(IBootContext $context): void {
  110. /** @var IAuditLogger $logger */
  111. $logger = $context->getAppContainer()->get(IAuditLogger::class);
  112. /*
  113. * TODO: once the hooks are migrated to lazy events, this should be done
  114. * in \OCA\AdminAudit\AppInfo\Application::register
  115. */
  116. $this->registerLegacyHooks($logger, $context->getServerContainer());
  117. }
  118. /**
  119. * Register hooks in order to log them
  120. */
  121. private function registerLegacyHooks(IAuditLogger $logger, ContainerInterface $serverContainer): void {
  122. /** @var IEventDispatcher $eventDispatcher */
  123. $eventDispatcher = $serverContainer->get(IEventDispatcher::class);
  124. $this->sharingLegacyHooks($logger);
  125. $this->fileHooks($logger, $eventDispatcher);
  126. $this->trashbinHooks($logger);
  127. $this->versionsHooks($logger);
  128. $this->tagHooks($logger, $eventDispatcher);
  129. }
  130. private function sharingLegacyHooks(IAuditLogger $logger): void {
  131. $shareActions = new Sharing($logger);
  132. Util::connectHook(Share::class, 'post_update_permissions', $shareActions, 'updatePermissions');
  133. Util::connectHook(Share::class, 'post_update_password', $shareActions, 'updatePassword');
  134. Util::connectHook(Share::class, 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
  135. Util::connectHook(Share::class, 'share_link_access', $shareActions, 'shareAccessed');
  136. }
  137. private function tagHooks(IAuditLogger $logger,
  138. IEventDispatcher $eventDispatcher): void {
  139. $eventDispatcher->addListener(ManagerEvent::EVENT_CREATE, function (ManagerEvent $event) use ($logger): void {
  140. $tagActions = new TagManagement($logger);
  141. $tagActions->createTag($event->getTag());
  142. });
  143. }
  144. private function fileHooks(IAuditLogger $logger, IEventDispatcher $eventDispatcher): void {
  145. $fileActions = new Files($logger);
  146. $eventDispatcher->addListener(
  147. BeforeNodeRenamedEvent::class,
  148. function (BeforeNodeRenamedEvent $event) use ($fileActions): void {
  149. $fileActions->beforeRename($event);
  150. }
  151. );
  152. $eventDispatcher->addListener(
  153. NodeRenamedEvent::class,
  154. function (NodeRenamedEvent $event) use ($fileActions): void {
  155. $fileActions->afterRename($event);
  156. }
  157. );
  158. $eventDispatcher->addListener(
  159. NodeCreatedEvent::class,
  160. function (NodeCreatedEvent $event) use ($fileActions): void {
  161. $fileActions->create($event);
  162. }
  163. );
  164. $eventDispatcher->addListener(
  165. NodeCopiedEvent::class,
  166. function (NodeCopiedEvent $event) use ($fileActions): void {
  167. $fileActions->copy($event);
  168. }
  169. );
  170. $eventDispatcher->addListener(
  171. NodeWrittenEvent::class,
  172. function (NodeWrittenEvent $event) use ($fileActions): void {
  173. $fileActions->write($event);
  174. }
  175. );
  176. $eventDispatcher->addListener(
  177. BeforeNodeReadEvent::class,
  178. function (BeforeNodeReadEvent $event) use ($fileActions): void {
  179. $fileActions->read($event);
  180. }
  181. );
  182. $eventDispatcher->addListener(
  183. BeforeNodeDeletedEvent::class,
  184. function (BeforeNodeDeletedEvent $event) use ($fileActions): void {
  185. $fileActions->delete($event);
  186. }
  187. );
  188. }
  189. private function versionsHooks(IAuditLogger $logger): void {
  190. $versionsActions = new Versions($logger);
  191. Util::connectHook('\OCP\Versions', 'rollback', $versionsActions, 'rollback');
  192. Util::connectHook('\OCP\Versions', 'delete', $versionsActions, 'delete');
  193. }
  194. private function trashbinHooks(IAuditLogger $logger): void {
  195. $trashActions = new Trashbin($logger);
  196. Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
  197. Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
  198. }
  199. }