From: Christoph Wurst Date: Tue, 16 May 2017 07:37:21 +0000 (+0200) Subject: Change 2FA activities to more generic security activities X-Git-Tag: v12.0.0RC1~1^2~5 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=0928b5f621c42b2675fd877417e02dfc18b4e82b;p=nextcloud-server.git Change 2FA activities to more generic security activities Signed-off-by: Christoph Wurst --- diff --git a/apps/twofactor_backupcodes/appinfo/info.xml b/apps/twofactor_backupcodes/appinfo/info.xml index e5e96eddcf9..77ecbd8e1a2 100644 --- a/apps/twofactor_backupcodes/appinfo/info.xml +++ b/apps/twofactor_backupcodes/appinfo/info.xml @@ -18,14 +18,7 @@ - - OCA\TwoFactorBackupCodes\Activity\GenericFilter - - - OCA\TwoFactorBackupCodes\Activity\GenericSetting - - OCA\TwoFactorBackupCodes\Activity\GenericProvider OCA\TwoFactorBackupCodes\Activity\Provider diff --git a/apps/twofactor_backupcodes/lib/Activity/GenericFilter.php b/apps/twofactor_backupcodes/lib/Activity/GenericFilter.php deleted file mode 100644 index 27c0274b600..00000000000 --- a/apps/twofactor_backupcodes/lib/Activity/GenericFilter.php +++ /dev/null @@ -1,66 +0,0 @@ - - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - * - */ - -namespace OCA\TwoFactorBackupCodes\Activity; - -use OCP\Activity\IFilter; -use OCP\IL10N; -use OCP\IURLGenerator; - -class GenericFilter implements IFilter { - - /** @var IURLGenerator */ - private $urlGenerator; - - /** @var IL10N */ - private $l10n; - - public function __construct(IURLGenerator $urlGenerator, IL10N $l10n) { - $this->urlGenerator = $urlGenerator; - $this->l10n = $l10n; - } - - public function allowedApps() { - return []; - } - - public function filterTypes(array $types) { - return array_intersect(['twofactor'], $types); - } - - public function getIcon() { - return $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')); - } - - public function getIdentifier() { - return 'twofactor'; - } - - public function getName() { - return $this->l10n->t('Two-factor authentication'); - } - - public function getPriority() { - return 30; - } - -} diff --git a/apps/twofactor_backupcodes/lib/Activity/GenericProvider.php b/apps/twofactor_backupcodes/lib/Activity/GenericProvider.php deleted file mode 100644 index ffdd47708d5..00000000000 --- a/apps/twofactor_backupcodes/lib/Activity/GenericProvider.php +++ /dev/null @@ -1,77 +0,0 @@ - - * @copyright Copyright (c) 2016 Christoph Wurst - * - * Two-factor backup codes - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\TwoFactorBackupCodes\Activity; - -use InvalidArgumentException; -use OCP\Activity\IEvent; -use OCP\Activity\IProvider; -use OCP\ILogger; -use OCP\IURLGenerator; -use OCP\L10N\IFactory as L10nFactory; - -class GenericProvider implements IProvider { - - /** @var L10nFactory */ - private $l10n; - - /** @var IURLGenerator */ - private $urlGenerator; - - /** @var ILogger */ - private $logger; - - public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) { - $this->logger = $logger; - $this->urlGenerator = $urlGenerator; - $this->l10n = $l10n; - } - - public function parse($language, IEvent $event, IEvent $previousEvent = null) { - if ($event->getType() !== 'twofactor') { - throw new InvalidArgumentException(); - } - - $l = $this->l10n->get('core', $language); - - switch ($event->getSubject()) { - case 'twofactor_success': - $params = $event->getSubjectParameters(); - $event->setParsedSubject($l->t('You successfully logged in using two-factor authentication (%1$s)', [ - $params['provider'], - ])); - $event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'))); - break; - case 'twofactor_failed': - $params = $event->getSubjectParameters(); - $event->setParsedSubject($l->t('A login attempt using two-factor authentication failed (%1$s)', [ - $params['provider'], - ])); - $event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'))); - break; - default: - throw new InvalidArgumentException(); - } - return $event; - } - -} diff --git a/apps/twofactor_backupcodes/lib/Activity/GenericSetting.php b/apps/twofactor_backupcodes/lib/Activity/GenericSetting.php deleted file mode 100644 index abd1c60f1d5..00000000000 --- a/apps/twofactor_backupcodes/lib/Activity/GenericSetting.php +++ /dev/null @@ -1,65 +0,0 @@ - - * @copyright Copyright (c) 2016 Christoph Wurst - * - * Two-factor backup codes - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see - * - */ - -namespace OCA\TwoFactorBackupCodes\Activity; - -use OCP\Activity\ISetting; -use OCP\IL10N; - -class GenericSetting implements ISetting { - - /** @var IL10N */ - private $l10n; - - public function __construct(IL10N $l10n) { - $this->l10n = $l10n; - } - - public function canChangeMail() { - return false; - } - - public function canChangeStream() { - return false; - } - - public function getIdentifier() { - return 'twofactor'; - } - - public function getName() { - return $this->l10n->t('Two-factor authentication'); - } - - public function getPriority() { - return 30; - } - - public function isDefaultEnabledMail() { - return true; - } - - public function isDefaultEnabledStream() { - return true; - } - -} diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 1d0deada696..06aa0224ae0 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -23,6 +23,7 @@ namespace OC\Authentication\TwoFactorAuth; +use BadMethodCallException; use Exception; use OC; use OC\App\AppManager; @@ -218,16 +219,16 @@ class Manager { */ private function publishEvent(IUser $user, $event, array $params) { $activity = $this->activityManager->generateEvent(); - $activity->setApp('twofactor_generic') - ->setType('twofactor') + $activity->setApp('core') + ->setType('security') ->setAuthor($user->getUID()) ->setAffectedUser($user->getUID()) ->setSubject($event, $params); try { $this->activityManager->publish($activity); - } catch (Exception $e) { - $this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']); - $this->logger->logException($e, ['app' => 'twofactor_backupcodes']); + } catch (BadMethodCallException $e) { + $this->logger->warning('could not publish backup code creation activity', ['app' => 'core']); + $this->logger->logException($e, ['app' => 'core']); } } diff --git a/settings/Activity/SecurityFilter.php b/settings/Activity/SecurityFilter.php new file mode 100644 index 00000000000..6bf36a9e488 --- /dev/null +++ b/settings/Activity/SecurityFilter.php @@ -0,0 +1,66 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Settings\Activity; + +use OCP\Activity\IFilter; +use OCP\IL10N; +use OCP\IURLGenerator; + +class SecurityFilter implements IFilter { + + /** @var IURLGenerator */ + private $urlGenerator; + + /** @var IL10N */ + private $l10n; + + public function __construct(IURLGenerator $urlGenerator, IL10N $l10n) { + $this->urlGenerator = $urlGenerator; + $this->l10n = $l10n; + } + + public function allowedApps() { + return []; + } + + public function filterTypes(array $types) { + return array_intersect(['security'], $types); + } + + public function getIcon() { + return $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')); + } + + public function getIdentifier() { + return 'security'; + } + + public function getName() { + return $this->l10n->t('Security'); + } + + public function getPriority() { + return 30; + } + +} diff --git a/settings/Activity/SecurityProvider.php b/settings/Activity/SecurityProvider.php new file mode 100644 index 00000000000..74747f684da --- /dev/null +++ b/settings/Activity/SecurityProvider.php @@ -0,0 +1,77 @@ + + * @copyright Copyright (c) 2016 Christoph Wurst + * + * Two-factor backup codes + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OC\Settings\Activity; + +use InvalidArgumentException; +use OCP\Activity\IEvent; +use OCP\Activity\IProvider; +use OCP\ILogger; +use OCP\IURLGenerator; +use OCP\L10N\IFactory as L10nFactory; + +class SecurityProvider implements IProvider { + + /** @var L10nFactory */ + private $l10n; + + /** @var IURLGenerator */ + private $urlGenerator; + + /** @var ILogger */ + private $logger; + + public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) { + $this->logger = $logger; + $this->urlGenerator = $urlGenerator; + $this->l10n = $l10n; + } + + public function parse($language, IEvent $event, IEvent $previousEvent = null) { + if ($event->getType() !== 'security') { + throw new InvalidArgumentException(); + } + + $l = $this->l10n->get('core', $language); + + switch ($event->getSubject()) { + case 'twofactor_success': + $params = $event->getSubjectParameters(); + $event->setParsedSubject($l->t('You successfully logged in using two-factor authentication (%1$s)', [ + $params['provider'], + ])); + $event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'))); + break; + case 'twofactor_failed': + $params = $event->getSubjectParameters(); + $event->setParsedSubject($l->t('A login attempt using two-factor authentication failed (%1$s)', [ + $params['provider'], + ])); + $event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'))); + break; + default: + throw new InvalidArgumentException(); + } + return $event; + } + +} diff --git a/settings/Activity/SecuritySetting.php b/settings/Activity/SecuritySetting.php new file mode 100644 index 00000000000..fe1b0dd8f57 --- /dev/null +++ b/settings/Activity/SecuritySetting.php @@ -0,0 +1,65 @@ + + * @copyright Copyright (c) 2016 Christoph Wurst + * + * Two-factor backup codes + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see + * + */ + +namespace OC\Settings\Activity; + +use OCP\Activity\ISetting; +use OCP\IL10N; + +class SecuritySetting implements ISetting { + + /** @var IL10N */ + private $l10n; + + public function __construct(IL10N $l10n) { + $this->l10n = $l10n; + } + + public function canChangeMail() { + return false; + } + + public function canChangeStream() { + return false; + } + + public function getIdentifier() { + return 'security'; + } + + public function getName() { + return $this->l10n->t('Security'); + } + + public function getPriority() { + return 30; + } + + public function isDefaultEnabledMail() { + return true; + } + + public function isDefaultEnabledStream() { + return true; + } + +} diff --git a/settings/Application.php b/settings/Application.php index 0ca2d28dfe6..f79453e3d01 100644 --- a/settings/Application.php +++ b/settings/Application.php @@ -34,6 +34,9 @@ use OC\AppFramework\Utility\TimeFactory; use OC\Authentication\Token\IProvider; use OC\Server; use OC\Settings\Activity\Provider; +use OC\Settings\Activity\SecurityFilter; +use OC\Settings\Activity\SecurityProvider; +use OC\Settings\Activity\SecuritySetting; use OC\Settings\Activity\Setting; use OC\Settings\Mailer\NewUserMailHelper; use OC\Settings\Middleware\SubadminMiddleware; @@ -114,6 +117,9 @@ class Application extends App { $activityManager = $this->getContainer()->getServer()->getActivityManager(); $activityManager->registerSetting(Setting::class); // FIXME move to info.xml $activityManager->registerProvider(Provider::class); // FIXME move to info.xml + $activityManager->registerFilter(SecurityFilter::class); // FIXME move to info.xml + $activityManager->registerSetting(SecuritySetting::class); // FIXME move to info.xml + $activityManager->registerProvider(SecurityProvider::class); // FIXME move to info.xml Util::connectHook('OC_User', 'post_setPassword', $this, 'onChangePassword'); Util::connectHook('OC_User', 'changeUser', $this, 'onChangeInfo');