summaryrefslogtreecommitdiffstats
path: root/apps/admin_audit/appinfo
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2016-06-08 15:25:44 +0200
committerLukas Reschke <lukas@owncloud.com>2016-06-10 15:38:25 +0200
commitaa831252b333c3fbd9ac580f9c584831f5a11f9d (patch)
treead7f5a449ba170841cb9635575c645b78a7a4219 /apps/admin_audit/appinfo
parentedf62eb41a338319488eb0b71134da2d38d0a7bd (diff)
downloadnextcloud-server-aa831252b333c3fbd9ac580f9c584831f5a11f9d.tar.gz
nextcloud-server-aa831252b333c3fbd9ac580f9c584831f5a11f9d.zip
Add basic audit component to logger
Logs already: - Share events - Authentication events - User management events - File action events
Diffstat (limited to 'apps/admin_audit/appinfo')
-rw-r--r--apps/admin_audit/appinfo/app.php142
-rw-r--r--apps/admin_audit/appinfo/info.xml18
2 files changed, 160 insertions, 0 deletions
diff --git a/apps/admin_audit/appinfo/app.php b/apps/admin_audit/appinfo/app.php
new file mode 100644
index 00000000000..4418ada2ed0
--- /dev/null
+++ b/apps/admin_audit/appinfo/app.php
@@ -0,0 +1,142 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+$logger = \OC::$server->getLogger();
+
+logUserManagement(
+ $logger,
+ \OC::$server->getUserSession()
+);
+logFileActions($logger);
+logAuthEvents($logger);
+logShareEvents($logger);
+
+/**
+ * Logs sharing events
+ *
+ * @param \OCP\ILogger $logger
+ */
+function logShareEvents($logger) {
+ $shareActions = new \OCA\Admin_Audit\Actions\Sharing(
+ $logger
+ );
+
+ OCP\Util::connectHook('OCP\Share', 'post_shared', $shareActions, 'shared');
+ OCP\Util::connectHook('OCP\Share', 'post_unshare', $shareActions, 'unshare');
+ OCP\Util::connectHook('OCP\Share', 'post_update_permissions', $shareActions, 'updatePermissions');
+ OCP\Util::connectHook('OCP\Share', 'post_update_password', $shareActions, 'updatePassword');
+ OCP\Util::connectHook('OCP\Share', 'post_set_expiration_date', $shareActions, 'updateExpirationDate');
+ OCP\Util::connectHook('OCP\Share', 'share_link_access', $shareActions, 'shareAccessed');
+}
+
+/**
+ * Log authentication event related actions
+ *
+ * @param \OCP\ILogger $logger
+ */
+function logAuthEvents($logger) {
+ $authActions = new \OCA\Admin_Audit\Actions\Auth(
+ $logger
+ );
+ OCP\Util::connectHook('OC_User', 'pre_login', $authActions, 'loginAttempt');
+ OCP\Util::connectHook('OC_User', 'post_login', $authActions, 'loginSuccessful');
+ OCP\Util::connectHook('OC_User', 'logout', $authActions, 'logout');
+}
+
+/**
+ * Log user management related actions
+ *
+ * @param \OCP\ILogger $logger
+ * @param \OC\User\Session $userSession
+ */
+function logUserManagement($logger, $userSession) {
+ $userActions = new \OCA\Admin_Audit\Actions\UserManagement(
+ $logger
+ );
+
+ OCP\Util::connectHook(
+ 'OC_User',
+ 'post_createUser',
+ $userActions,
+ 'create'
+ );
+ OCP\Util::connectHook(
+ 'OC_User',
+ 'post_deleteUser',
+ $userActions,
+ 'delete'
+ );
+ $userSession->listen('\OC\User', 'postSetPassword', [$userActions, 'setPassword']);
+}
+
+/**
+ * Log file related actions
+ *
+ * @param \OCP\ILogger $logger
+ */
+function logFileActions($logger) {
+ $fileActions = new \OCA\Admin_Audit\Actions\Files(
+ $logger
+ );
+
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_post_rename,
+ $fileActions,
+ 'rename'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_post_create,
+ $fileActions,
+ 'create'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_post_copy,
+ $fileActions,
+ 'copy'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_post_write,
+ $fileActions,
+ 'write'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_post_update,
+ $fileActions,
+ 'update'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_read,
+ $fileActions,
+ 'read'
+ );
+ OCP\Util::connectHook(
+ OC\Files\Filesystem::CLASSNAME,
+ OC\Files\Filesystem::signal_delete,
+ $fileActions,
+ 'delete'
+ );
+}
diff --git a/apps/admin_audit/appinfo/info.xml b/apps/admin_audit/appinfo/info.xml
new file mode 100644
index 00000000000..74fc880c881
--- /dev/null
+++ b/apps/admin_audit/appinfo/info.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0"?>
+<info>
+ <id>admin_audit</id>
+ <name>Auditing / Logging</name>
+ <description>Provides logging abilities for Nextcloud such as logging file
+ accesses or otherwise sensitive actions.
+ </description>
+ <licence>AGPL</licence>
+ <author>Nextcloud</author>
+ <version>1.0.0</version>
+ <dependencies>
+ <owncloud min-version="9.0" max-version="9.1" />
+ </dependencies>
+ <types>
+ <logging/>
+ </types>
+ <default_enable/>
+</info>