summaryrefslogtreecommitdiffstats
path: root/apps/admin_audit/lib
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2018-01-17 14:51:03 +0100
committerRoeland Jago Douma <roeland@famdouma.nl>2018-01-25 13:25:09 +0100
commitb2ca1d65532a49d13d1727ea837ac13e4f8bfcd6 (patch)
tree70b432f7b7f7b452a5e9cade199d467c4ee861d3 /apps/admin_audit/lib
parenteddd135f14bc0d5d843b3c0ce7b011b603862ea0 (diff)
downloadnextcloud-server-b2ca1d65532a49d13d1727ea837ac13e4f8bfcd6.tar.gz
nextcloud-server-b2ca1d65532a49d13d1727ea837ac13e4f8bfcd6.zip
Make admin_audit listen to 2fa events
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'apps/admin_audit/lib')
-rw-r--r--apps/admin_audit/lib/Actions/Security.php75
-rw-r--r--apps/admin_audit/lib/AppInfo/Application.php16
2 files changed, 91 insertions, 0 deletions
diff --git a/apps/admin_audit/lib/Actions/Security.php b/apps/admin_audit/lib/Actions/Security.php
new file mode 100644
index 00000000000..4e631aedddd
--- /dev/null
+++ b/apps/admin_audit/lib/Actions/Security.php
@@ -0,0 +1,75 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\AdminAudit\Actions;
+use OCP\IUser;
+
+/**
+ * Class Sharing logs the sharing actions
+ *
+ * @package OCA\AdminAudit\Actions
+ */
+class Security extends Action {
+ /**
+ * Log twofactor auth enabled
+ *
+ * @param IUser $user
+ * @param array $params
+ */
+ public function twofactorFailed(IUser $user, array $params) {
+ $params['uid'] = $user->getUID();
+ $params['displayName'] = $user->getDisplayName();
+
+ $this->log(
+ 'Failed two factor attempt by user %s (%s) with provider %s',
+ $params,
+ [
+ 'displayname',
+ 'uid',
+ 'provider',
+ ]
+ );
+ }
+
+ /**
+ * Logs unsharing of data
+ *
+ * @param IUser $user
+ * @param array $params
+ */
+ public function twofactorSuccess(IUser $user, array $params) {
+ $params['uid'] = $user->getUID();
+ $params['displayName'] = $user->getDisplayName();
+
+ $this->log(
+ 'Successful two factor attempt by user %s (%s) with provider %s',
+ $params,
+ [
+ 'displayname',
+ 'uid',
+ 'provider',
+ ]
+ );
+ }
+}
diff --git a/apps/admin_audit/lib/AppInfo/Application.php b/apps/admin_audit/lib/AppInfo/Application.php
index d3ae4ad26c1..470352f895e 100644
--- a/apps/admin_audit/lib/AppInfo/Application.php
+++ b/apps/admin_audit/lib/AppInfo/Application.php
@@ -33,12 +33,14 @@ use OCA\AdminAudit\Actions\Auth;
use OCA\AdminAudit\Actions\Console;
use OCA\AdminAudit\Actions\Files;
use OCA\AdminAudit\Actions\GroupManagement;
+use OCA\AdminAudit\Actions\Security;
use OCA\AdminAudit\Actions\Sharing;
use OCA\AdminAudit\Actions\Trashbin;
use OCA\AdminAudit\Actions\UserManagement;
use OCA\AdminAudit\Actions\Versions;
use OCP\App\ManagerEvent;
use OCP\AppFramework\App;
+use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\Console\ConsoleEvent;
use OCP\IGroupManager;
use OCP\ILogger;
@@ -75,6 +77,8 @@ class Application extends App {
$this->fileHooks($logger);
$this->trashbinHooks($logger);
$this->versionsHooks($logger);
+
+ $this->securityHooks($logger);
}
protected function userManagementHooks(ILogger $logger) {
@@ -218,4 +222,16 @@ class Application extends App {
Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
}
+
+ protected function securityHooks(ILogger $logger) {
+ $eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
+ $eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function(GenericEvent $event) use ($logger) {
+ $security = new Security($logger);
+ $security->twofactorSuccess($event->getSubject(), $event->getArguments());
+ });
+ $eventDispatcher->addListener(IProvider::EVENT_FAILED, function(GenericEvent $event) use ($logger) {
+ $security = new Security($logger);
+ $security->twofactorFailed($event->getSubject(), $event->getArguments());
+ });
+ }
}