diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-01-17 14:51:03 +0100 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-01-25 13:25:09 +0100 |
commit | b2ca1d65532a49d13d1727ea837ac13e4f8bfcd6 (patch) | |
tree | 70b432f7b7f7b452a5e9cade199d467c4ee861d3 | |
parent | eddd135f14bc0d5d843b3c0ce7b011b603862ea0 (diff) | |
download | nextcloud-server-b2ca1d65532a49d13d1727ea837ac13e4f8bfcd6.tar.gz nextcloud-server-b2ca1d65532a49d13d1727ea837ac13e4f8bfcd6.zip |
Make admin_audit listen to 2fa events
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
-rw-r--r-- | apps/admin_audit/lib/Actions/Security.php | 75 | ||||
-rw-r--r-- | apps/admin_audit/lib/AppInfo/Application.php | 16 |
2 files changed, 91 insertions, 0 deletions
diff --git a/apps/admin_audit/lib/Actions/Security.php b/apps/admin_audit/lib/Actions/Security.php new file mode 100644 index 00000000000..4e631aedddd --- /dev/null +++ b/apps/admin_audit/lib/Actions/Security.php @@ -0,0 +1,75 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\AdminAudit\Actions; +use OCP\IUser; + +/** + * Class Sharing logs the sharing actions + * + * @package OCA\AdminAudit\Actions + */ +class Security extends Action { + /** + * Log twofactor auth enabled + * + * @param IUser $user + * @param array $params + */ + public function twofactorFailed(IUser $user, array $params) { + $params['uid'] = $user->getUID(); + $params['displayName'] = $user->getDisplayName(); + + $this->log( + 'Failed two factor attempt by user %s (%s) with provider %s', + $params, + [ + 'displayname', + 'uid', + 'provider', + ] + ); + } + + /** + * Logs unsharing of data + * + * @param IUser $user + * @param array $params + */ + public function twofactorSuccess(IUser $user, array $params) { + $params['uid'] = $user->getUID(); + $params['displayName'] = $user->getDisplayName(); + + $this->log( + 'Successful two factor attempt by user %s (%s) with provider %s', + $params, + [ + 'displayname', + 'uid', + 'provider', + ] + ); + } +} diff --git a/apps/admin_audit/lib/AppInfo/Application.php b/apps/admin_audit/lib/AppInfo/Application.php index d3ae4ad26c1..470352f895e 100644 --- a/apps/admin_audit/lib/AppInfo/Application.php +++ b/apps/admin_audit/lib/AppInfo/Application.php @@ -33,12 +33,14 @@ use OCA\AdminAudit\Actions\Auth; use OCA\AdminAudit\Actions\Console; use OCA\AdminAudit\Actions\Files; use OCA\AdminAudit\Actions\GroupManagement; +use OCA\AdminAudit\Actions\Security; use OCA\AdminAudit\Actions\Sharing; use OCA\AdminAudit\Actions\Trashbin; use OCA\AdminAudit\Actions\UserManagement; use OCA\AdminAudit\Actions\Versions; use OCP\App\ManagerEvent; use OCP\AppFramework\App; +use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Console\ConsoleEvent; use OCP\IGroupManager; use OCP\ILogger; @@ -75,6 +77,8 @@ class Application extends App { $this->fileHooks($logger); $this->trashbinHooks($logger); $this->versionsHooks($logger); + + $this->securityHooks($logger); } protected function userManagementHooks(ILogger $logger) { @@ -218,4 +222,16 @@ class Application extends App { Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete'); Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore'); } + + protected function securityHooks(ILogger $logger) { + $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher(); + $eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function(GenericEvent $event) use ($logger) { + $security = new Security($logger); + $security->twofactorSuccess($event->getSubject(), $event->getArguments()); + }); + $eventDispatcher->addListener(IProvider::EVENT_FAILED, function(GenericEvent $event) use ($logger) { + $security = new Security($logger); + $security->twofactorFailed($event->getSubject(), $event->getArguments()); + }); + } } |