diff options
author | Lukas Reschke <lukas@owncloud.com> | 2016-06-08 15:25:44 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2016-06-10 15:38:25 +0200 |
commit | aa831252b333c3fbd9ac580f9c584831f5a11f9d (patch) | |
tree | ad7f5a449ba170841cb9635575c645b78a7a4219 /apps/admin_audit/actions | |
parent | edf62eb41a338319488eb0b71134da2d38d0a7bd (diff) | |
download | nextcloud-server-aa831252b333c3fbd9ac580f9c584831f5a11f9d.tar.gz nextcloud-server-aa831252b333c3fbd9ac580f9c584831f5a11f9d.zip |
Add basic audit component to logger
Logs already:
- Share events
- Authentication events
- User management events
- File action events
Diffstat (limited to 'apps/admin_audit/actions')
-rw-r--r-- | apps/admin_audit/actions/action.php | 76 | ||||
-rw-r--r-- | apps/admin_audit/actions/auth.php | 56 | ||||
-rw-r--r-- | apps/admin_audit/actions/files.php | 135 | ||||
-rw-r--r-- | apps/admin_audit/actions/sharing.php | 189 | ||||
-rw-r--r-- | apps/admin_audit/actions/usermanagement.php | 77 |
5 files changed, 533 insertions, 0 deletions
diff --git a/apps/admin_audit/actions/action.php b/apps/admin_audit/actions/action.php new file mode 100644 index 00000000000..6aafacc6189 --- /dev/null +++ b/apps/admin_audit/actions/action.php @@ -0,0 +1,76 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\Admin_Audit\Actions; + +use OCP\ILogger; + +class Action { + /** @var ILogger */ + private $logger; + + /** + * @param ILogger $logger + */ + public function __construct(ILogger $logger) { + $this->logger = $logger; + } + + /** + * Log a single action with a log level of info + * + * @param string $text + * @param array $params + * @param array $elements + */ + public function log($text, + array $params, + array $elements) { + foreach($elements as $element) { + if(!isset($params[$element])) { + $this->logger->critical( + sprintf( + '$params["'.$element.'"] was missing. Transferred value: %s', + print_r($params, true) + ) + ); + return; + } + } + + $replaceArray = []; + foreach($elements as $element) { + if($params[$element] instanceof \DateTime) { + $params[$element] = $params[$element]->format('Y-m-d H:i:s'); + } + $replaceArray[] = $params[$element]; + } + + $this->logger->info( + vsprintf( + $text, + $replaceArray + ), + [ + 'app' => 'admin_audit' + ] + ); + } +} diff --git a/apps/admin_audit/actions/auth.php b/apps/admin_audit/actions/auth.php new file mode 100644 index 00000000000..4061ca89c4b --- /dev/null +++ b/apps/admin_audit/actions/auth.php @@ -0,0 +1,56 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\Admin_Audit\Actions; + +/** + * Class Auth logs all auth related actions + * + * @package OCA\Admin_Audit\Actions + */ +class Auth extends Action { + public function loginAttempt(array $params) { + $this->log( + 'Login attempt: "%s"', + $params, + [ + 'uid', + ] + ); + } + + public function loginSuccessful(array $params) { + $this->log( + 'Login successful: "%s"', + $params, + [ + 'uid', + ] + ); + } + + public function logout(array $params) { + $this->log( + 'Logout occurred', + [], + [] + ); + } +} diff --git a/apps/admin_audit/actions/files.php b/apps/admin_audit/actions/files.php new file mode 100644 index 00000000000..46da0ade6bb --- /dev/null +++ b/apps/admin_audit/actions/files.php @@ -0,0 +1,135 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\Admin_Audit\Actions; + +/** + * Class Files logs the actions to files + * + * @package OCA\Admin_Audit\Actions + */ +class Files extends Action { + /** + * Logs file read actions + * + * @param array $params + */ + public function read(array $params) { + $this->log( + 'File accessed: "%s"', + $params, + [ + 'path', + ] + ); + } + + /** + * Logs rename actions of files + * + * @param array $params + */ + public function rename(array $params) { + $this->log( + 'File renamed: "%s" to "%s"', + $params, + [ + 'oldpath', + 'newpath', + ] + ); + } + + /** + * Logs creation of files + * + * @param array $params + */ + public function create(array $params) { + $this->log( + 'File created: "%s"', + $params, + [ + 'path', + ] + ); + } + + /** + * Logs copying of files + * + * @param array $params + */ + public function copy(array $params) { + $this->log( + 'File copied: "%s" to "%s"', + $params, + [ + 'oldpath', + 'newpath', + ] + ); + } + + /** + * Logs writing of files + * + * @param array $params + */ + public function write(array $params) { + $this->log( + 'File written to: "%s"', + $params, + [ + 'path', + ] + ); + } + + /** + * Logs update of files + * + * @param array $params + */ + public function update(array $params) { + $this->log( + 'File updated: "%s"', + $params, + [ + 'path', + ] + ); + } + + /** + * Logs deletions of files + * + * @param array $params + */ + public function delete(array $params) { + $this->log( + 'File deleted: "%s"', + $params, + [ + 'path', + ] + ); + } +} diff --git a/apps/admin_audit/actions/sharing.php b/apps/admin_audit/actions/sharing.php new file mode 100644 index 00000000000..5f263748465 --- /dev/null +++ b/apps/admin_audit/actions/sharing.php @@ -0,0 +1,189 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\Admin_Audit\Actions; +use OCP\Share; + +/** + * Class Sharing logs the sharing actions + * + * @package OCA\Admin_Audit\Actions + */ +class Sharing extends Action { + /** + * Logs sharing of data + * + * @param array $params + */ + public function shared(array $params) { + if($params['shareType'] === Share::SHARE_TYPE_LINK) { + $this->log( + 'The %s "%s" with ID "%s" has been shared via link with permissions "%s" (Share ID: %s)', + $params, + [ + 'itemType', + 'itemTarget', + 'itemSource', + 'permissions', + 'id', + ] + ); + } elseif($params['shareType'] === Share::SHARE_TYPE_USER) { + $this->log( + 'The %s "%s" with ID "%s" has been shared to the user "%s" with permissions "%s" (Share ID: %s)', + $params, + [ + 'itemType', + 'itemTarget', + 'itemSource', + 'shareWith', + 'permissions', + 'id', + ] + ); + } elseif($params['shareType'] === Share::SHARE_TYPE_GROUP) { + $this->log( + 'The %s "%s" with ID "%s" has been shared to the group "%s" with permissions "%s" (Share ID: %s)', + $params, + [ + 'itemType', + 'itemTarget', + 'itemSource', + 'shareWith', + 'permissions', + 'id', + ] + ); + } + } + + /** + * Logs unsharing of data + * + * @param array $params + */ + public function unshare(array $params) { + if($params['shareType'] === Share::SHARE_TYPE_LINK) { + $this->log( + 'The %s "%s" with ID "%s" has been unshared (Share ID: %s)', + $params, + [ + 'itemType', + 'fileTarget', + 'itemSource', + 'id', + ] + ); + } elseif($params['shareType'] === Share::SHARE_TYPE_USER) { + $this->log( + 'The %s "%s" with ID "%s" has been unshared from the user "%s" (Share ID: %s)', + $params, + [ + 'itemType', + 'fileTarget', + 'itemSource', + 'shareWith', + 'id', + ] + ); + } elseif($params['shareType'] === Share::SHARE_TYPE_GROUP) { + $this->log( + 'The %s "%s" with ID "%s" has been unshared from the group "%s" (Share ID: %s)', + $params, + [ + 'itemType', + 'fileTarget', + 'itemSource', + 'shareWith', + 'id', + ] + ); + } + } + + /** + * Logs the updating of permission changes for shares + * + * @param array $params + */ + public function updatePermissions(array $params) { + $this->log( + 'The permissions of the shared %s "%s" with ID "%s" have been changed to "%s"', + $params, + [ + 'itemType', + 'path', + 'itemSource', + 'permissions', + ] + ); + } + + /** + * Logs the password changes for a share + * + * @param array $params + */ + public function updatePassword(array $params) { + $this->log( + 'The password of the publicly shared %s "%s" with ID "%s" has been changed', + $params, + [ + 'itemType', + 'token', + 'itemSource', + ] + ); + } + + /** + * Logs the expiration date changes for a share + * + * @param array $params + */ + public function updateExpirationDate(array $params) { + $this->log( + 'The expiration date of the publicly shared %s with ID "%s" has been changed to "%s"', + $params, + [ + 'itemType', + 'itemSource', + 'date', + ] + ); + } + + /** + * Logs access of shared files + * + * @param array $params + */ + public function shareAccessed(array $params) { + $this->log( + 'The shared %s with the token "%s" by "%s" has been accessed.', + $params, + [ + 'itemType', + 'token', + 'uidOwner', + ] + ); + } +} diff --git a/apps/admin_audit/actions/usermanagement.php b/apps/admin_audit/actions/usermanagement.php new file mode 100644 index 00000000000..be8b4a86027 --- /dev/null +++ b/apps/admin_audit/actions/usermanagement.php @@ -0,0 +1,77 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OCA\Admin_Audit\Actions; + +/** + * Class UserManagement logs all user management related actions. + * + * @package OCA\Admin_Audit\Actions + */ +class UserManagement extends Action { + /** + * Log creation of users + * + * @param array $params + */ + public function create(array $params) { + $this->log( + 'User created: "%s"', + $params, + [ + 'uid', + ] + ); + } + + /** + * Log deletion of users + * + * @param array $params + */ + public function delete(array $params) { + $this->log( + 'User deleted: "%s"', + $params, + [ + 'uid', + ] + ); + } + + /** + * Logs changing of the user scope + * + * @param \OCP\IUser $user + */ + public function setPassword(\OCP\IUser $user) { + if($user->getBackendClassName() === 'Database') { + $this->log( + 'Password of user "%s" has been changed', + [ + 'user' => $user->getUID(), + ], + [ + 'user', + ] + ); + } + } +} |