diff options
Diffstat (limited to 'apps/admin_audit/lib/Actions')
| -rw-r--r-- | apps/admin_audit/lib/Actions/Action.php | 9 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/AppManagement.php | 42 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Auth.php | 45 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Console.php | 28 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Files.php | 143 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/GroupManagement.php | 87 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Security.php | 60 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Sharing.php | 267 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/TagManagement.php | 27 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/UserManagement.php | 122 | ||||
| -rw-r--r-- | apps/admin_audit/lib/Actions/Versions.php | 10 |
11 files changed, 60 insertions, 780 deletions
diff --git a/apps/admin_audit/lib/Actions/Action.php b/apps/admin_audit/lib/Actions/Action.php index 5d06cf4fbf5..acd415d82ea 100644 --- a/apps/admin_audit/lib/Actions/Action.php +++ b/apps/admin_audit/lib/Actions/Action.php @@ -32,16 +32,13 @@ class Action { if (!isset($params[$element])) { if ($obfuscateParameters) { $this->logger->critical( - '$params["'.$element.'"] was missing.', + '$params["' . $element . '"] was missing.', ['app' => 'admin_audit'] ); } else { $this->logger->critical( - sprintf( - '$params["'.$element.'"] was missing. Transferred value: %s', - print_r($params, true) - ), - ['app' => 'admin_audit'] + '$params["' . $element . '"] was missing. Transferred value: {params}', + ['app' => 'admin_audit', 'params' => $params] ); } return; diff --git a/apps/admin_audit/lib/Actions/AppManagement.php b/apps/admin_audit/lib/Actions/AppManagement.php deleted file mode 100644 index 44907c856da..00000000000 --- a/apps/admin_audit/lib/Actions/AppManagement.php +++ /dev/null @@ -1,42 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -class AppManagement extends Action { - - /** - * @param string $appName - */ - public function enableApp(string $appName): void { - $this->log('App "%s" enabled', - ['app' => $appName], - ['app'] - ); - } - - /** - * @param string $appName - * @param string[] $groups - */ - public function enableAppForGroups(string $appName, array $groups): void { - $this->log('App "%1$s" enabled for groups: %2$s', - ['app' => $appName, 'groups' => implode(', ', $groups)], - ['app', 'groups'] - ); - } - - /** - * @param string $appName - */ - public function disableApp(string $appName): void { - $this->log('App "%s" disabled', - ['app' => $appName], - ['app'] - ); - } -} diff --git a/apps/admin_audit/lib/Actions/Auth.php b/apps/admin_audit/lib/Actions/Auth.php deleted file mode 100644 index 55a87cf170f..00000000000 --- a/apps/admin_audit/lib/Actions/Auth.php +++ /dev/null @@ -1,45 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -/** - * Class Auth logs all auth related actions - * - * @package OCA\AdminAudit\Actions - */ -class Auth extends Action { - public function loginAttempt(array $params): void { - $this->log( - 'Login attempt: "%s"', - $params, - [ - 'uid', - ], - true - ); - } - - public function loginSuccessful(array $params): void { - $this->log( - 'Login successful: "%s"', - $params, - [ - 'uid', - ], - true - ); - } - - public function logout(array $params): void { - $this->log( - 'Logout occurred', - [], - [] - ); - } -} diff --git a/apps/admin_audit/lib/Actions/Console.php b/apps/admin_audit/lib/Actions/Console.php deleted file mode 100644 index a41fa88bdad..00000000000 --- a/apps/admin_audit/lib/Actions/Console.php +++ /dev/null @@ -1,28 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -class Console extends Action { - /** - * @param array $arguments - */ - public function runCommand(array $arguments): void { - if (!isset($arguments[1]) || $arguments[1] === '_completion') { - // Don't log autocompletion - return; - } - - // Remove `./occ` - array_shift($arguments); - - $this->log('Console command executed: %s', - ['arguments' => implode(' ', $arguments)], - ['arguments'] - ); - } -} diff --git a/apps/admin_audit/lib/Actions/Files.php b/apps/admin_audit/lib/Actions/Files.php index ee40a4e1476..7be4a7cd581 100644 --- a/apps/admin_audit/lib/Actions/Files.php +++ b/apps/admin_audit/lib/Actions/Files.php @@ -7,17 +7,16 @@ declare(strict_types=1); */ namespace OCA\AdminAudit\Actions; +use OC\Files\Node\NonExistingFile; +use OCP\Files\Events\Node\BeforeNodeDeletedEvent; use OCP\Files\Events\Node\BeforeNodeReadEvent; -use OCP\Files\Events\Node\BeforeNodeRenamedEvent; -use OCP\Files\Events\Node\BeforeNodeWrittenEvent; use OCP\Files\Events\Node\NodeCopiedEvent; use OCP\Files\Events\Node\NodeCreatedEvent; -use OCP\Files\Events\Node\NodeDeletedEvent; use OCP\Files\Events\Node\NodeRenamedEvent; use OCP\Files\Events\Node\NodeWrittenEvent; use OCP\Files\InvalidPathException; use OCP\Files\NotFoundException; -use OCP\Preview\BeforePreviewFetchedEvent; +use OCP\Server; use Psr\Log\LoggerInterface; /** @@ -26,22 +25,19 @@ use Psr\Log\LoggerInterface; * @package OCA\AdminAudit\Actions */ class Files extends Action { - - private array $renamedNodes = []; /** * Logs file read actions - * - * @param BeforeNodeReadEvent $event */ public function read(BeforeNodeReadEvent $event): void { try { + $node = $event->getNode(); $params = [ - 'id' => $event->getNode()->getId(), - 'path' => mb_substr($event->getNode()->getInternalPath(), 5), + 'id' => $node instanceof NonExistingFile ? null : $node->getId(), + 'path' => $node->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file read: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file read: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -54,38 +50,19 @@ class Files extends Action { /** * Logs rename actions of files - * - * @param BeforeNodeRenamedEvent $event - */ - public function beforeRename(BeforeNodeRenamedEvent $event): void { - try { - $source = $event->getSource(); - $this->renamedNodes[$source->getId()] = $source; - } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file rename: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] - ); - return; - } - } - - /** - * Logs rename actions of files - * - * @param NodeRenamedEvent $event */ public function afterRename(NodeRenamedEvent $event): void { try { $target = $event->getTarget(); - $originalSource = $this->renamedNodes[$target->getId()]; + $source = $event->getSource(); $params = [ 'newid' => $target->getId(), - 'oldpath' => mb_substr($originalSource->getInternalPath(), 5), - 'newpath' => mb_substr($target->getInternalPath(), 5), + 'oldpath' => $source->getPath(), + 'newpath' => $target->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file rename: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file rename: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -100,18 +77,16 @@ class Files extends Action { /** * Logs creation of files - * - * @param NodeCreatedEvent $event */ public function create(NodeCreatedEvent $event): void { try { $params = [ 'id' => $event->getNode()->getId(), - 'path' => mb_substr($event->getNode()->getInternalPath(), 5), + 'path' => $event->getNode()->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file create: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file create: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -127,20 +102,18 @@ class Files extends Action { /** * Logs copying of files - * - * @param NodeCopiedEvent $event */ public function copy(NodeCopiedEvent $event): void { try { $params = [ 'oldid' => $event->getSource()->getId(), 'newid' => $event->getTarget()->getId(), - 'oldpath' => mb_substr($event->getSource()->getInternalPath(), 5), - 'newpath' => mb_substr($event->getTarget()->getInternalPath(), 5), + 'oldpath' => $event->getSource()->getPath(), + 'newpath' => $event->getTarget()->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file copy: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file copy: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -153,18 +126,17 @@ class Files extends Action { /** * Logs writing of files - * - * @param BeforeNodeWrittenEvent $event */ - public function write(BeforeNodeWrittenEvent $event): void { + public function write(NodeWrittenEvent $event): void { + $node = $event->getNode(); try { $params = [ - 'id' => $event->getNode()->getId(), - 'path' => mb_substr($event->getNode()->getInternalPath(), 5), + 'id' => $node->getId(), + 'path' => $node->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file write: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file write: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -180,43 +152,17 @@ class Files extends Action { } /** - * Logs update of files - * - * @param NodeWrittenEvent $event - */ - public function update(NodeWrittenEvent $event): void { - try { - $params = [ - 'id' => $event->getNode()->getId(), - 'path' => mb_substr($event->getNode()->getInternalPath(), 5), - ]; - } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file update: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] - ); - return; - } - $this->log( - 'File with id "%s" updated: "%s"', - $params, - array_keys($params) - ); - } - - /** * Logs deletions of files - * - * @param NodeDeletedEvent $event */ - public function delete(NodeDeletedEvent $event): void { + public function delete(BeforeNodeDeletedEvent $event): void { try { $params = [ 'id' => $event->getNode()->getId(), - 'path' => mb_substr($event->getNode()->getInternalPath(), 5), + 'path' => $event->getNode()->getPath(), ]; } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file delete: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] + Server::get(LoggerInterface::class)->error( + 'Exception thrown in file delete: ' . $e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] ); return; } @@ -226,33 +172,4 @@ class Files extends Action { array_keys($params) ); } - - /** - * Logs preview access to a file - * - * @param BeforePreviewFetchedEvent $event - */ - public function preview(BeforePreviewFetchedEvent $event): void { - try { - $file = $event->getNode(); - $params = [ - 'id' => $file->getId(), - 'width' => $event->getWidth(), - 'height' => $event->getHeight(), - 'crop' => $event->isCrop(), - 'mode' => $event->getMode(), - 'path' => mb_substr($file->getInternalPath(), 5) - ]; - } catch (InvalidPathException|NotFoundException $e) { - \OCP\Server::get(LoggerInterface::class)->error( - "Exception thrown in file preview: ".$e->getMessage(), ['app' => 'admin_audit', 'exception' => $e] - ); - return; - } - $this->log( - 'Preview accessed: (id: "%s", width: "%s", height: "%s" crop: "%s", mode: "%s", path: "%s")', - $params, - array_keys($params) - ); - } } diff --git a/apps/admin_audit/lib/Actions/GroupManagement.php b/apps/admin_audit/lib/Actions/GroupManagement.php deleted file mode 100644 index 8fb6a037fbf..00000000000 --- a/apps/admin_audit/lib/Actions/GroupManagement.php +++ /dev/null @@ -1,87 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -use OCP\IGroup; -use OCP\IUser; - -/** - * Class GroupManagement logs all group manager related events - * - * @package OCA\AdminAudit\Actions - */ -class GroupManagement extends Action { - - /** - * log add user to group event - * - * @param IGroup $group - * @param IUser $user - */ - public function addUser(IGroup $group, IUser $user): void { - $this->log('User "%s" added to group "%s"', - [ - 'group' => $group->getGID(), - 'user' => $user->getUID() - ], - [ - 'user', 'group' - ] - ); - } - - /** - * log remove user from group event - * - * @param IGroup $group - * @param IUser $user - */ - public function removeUser(IGroup $group, IUser $user): void { - $this->log('User "%s" removed from group "%s"', - [ - 'group' => $group->getGID(), - 'user' => $user->getUID() - ], - [ - 'user', 'group' - ] - ); - } - - /** - * log create group to group event - * - * @param IGroup $group - */ - public function createGroup(IGroup $group): void { - $this->log('Group created: "%s"', - [ - 'group' => $group->getGID() - ], - [ - 'group' - ] - ); - } - - /** - * log delete group to group event - * - * @param IGroup $group - */ - public function deleteGroup(IGroup $group): void { - $this->log('Group deleted: "%s"', - [ - 'group' => $group->getGID() - ], - [ - 'group' - ] - ); - } -} diff --git a/apps/admin_audit/lib/Actions/Security.php b/apps/admin_audit/lib/Actions/Security.php deleted file mode 100644 index 203090795fb..00000000000 --- a/apps/admin_audit/lib/Actions/Security.php +++ /dev/null @@ -1,60 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -use OCP\Authentication\TwoFactorAuth\IProvider; -use OCP\IUser; - -/** - * Class Sharing logs the sharing actions - * - * @package OCA\AdminAudit\Actions - */ -class Security extends Action { - /** - * Logs failed twofactor challenge - */ - public function twofactorFailed(IUser $user, IProvider $provider): void { - $params = [ - 'displayName' => $user->getDisplayName(), - 'uid' => $user->getUID(), - 'provider' => $provider->getDisplayName(), - ]; - - $this->log( - 'Failed two factor attempt by user %s (%s) with provider %s', - $params, - [ - 'displayName', - 'uid', - 'provider', - ] - ); - } - - /** - * Logs successful twofactor challenge - */ - public function twofactorSuccess(IUser $user, IProvider $provider): void { - $params = [ - 'displayName' => $user->getDisplayName(), - 'uid' => $user->getUID(), - 'provider' => $provider->getDisplayName(), - ]; - - $this->log( - 'Successful two factor attempt by user %s (%s) with provider %s', - $params, - [ - 'displayName', - 'uid', - 'provider', - ] - ); - } -} diff --git a/apps/admin_audit/lib/Actions/Sharing.php b/apps/admin_audit/lib/Actions/Sharing.php index bca2b6eecac..8f021d5f210 100644 --- a/apps/admin_audit/lib/Actions/Sharing.php +++ b/apps/admin_audit/lib/Actions/Sharing.php @@ -7,279 +7,12 @@ declare(strict_types=1); */ namespace OCA\AdminAudit\Actions; -use OCP\Share\IShare; - /** * Class Sharing logs the sharing actions * * @package OCA\AdminAudit\Actions */ class Sharing extends Action { - /** - * Logs sharing of data - * - * @param array $params - */ - public function shared(array $params): void { - if ($params['shareType'] === IShare::TYPE_LINK) { - $this->log( - 'The %s "%s" with ID "%s" has been shared via link with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_USER) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the user "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_GROUP) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the group "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_ROOM) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the room "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_EMAIL) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the email recipient "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_CIRCLE) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the circle "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_REMOTE) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the remote user "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_REMOTE_GROUP) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the remote group "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_DECK) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the deck card "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_SCIENCEMESH) { - $this->log( - 'The %s "%s" with ID "%s" has been shared to the ScienceMesh user "%s" with permissions "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'path', - 'itemSource', - 'shareWith', - 'permissions', - 'id', - ] - ); - } - } - - /** - * Logs unsharing of data - * - * @param array $params - */ - public function unshare(array $params): void { - if ($params['shareType'] === IShare::TYPE_LINK) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_USER) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the user "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_GROUP) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the group "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_ROOM) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the room "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_EMAIL) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the email recipient "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_CIRCLE) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the circle "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_REMOTE) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the remote user "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_REMOTE_GROUP) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the remote group "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_DECK) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the deck card "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } elseif ($params['shareType'] === IShare::TYPE_SCIENCEMESH) { - $this->log( - 'The %s "%s" with ID "%s" has been unshared from the ScienceMesh user "%s" (Share ID: %s)', - $params, - [ - 'itemType', - 'fileTarget', - 'itemSource', - 'shareWith', - 'id', - ] - ); - } - } /** * Logs the updating of permission changes for shares diff --git a/apps/admin_audit/lib/Actions/TagManagement.php b/apps/admin_audit/lib/Actions/TagManagement.php new file mode 100644 index 00000000000..a167017aec3 --- /dev/null +++ b/apps/admin_audit/lib/Actions/TagManagement.php @@ -0,0 +1,27 @@ +<?php + +declare(strict_types=1); + +/*! + * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later + */ +namespace OCA\AdminAudit\Actions; + +use OCP\SystemTag\ISystemTag; + +class TagManagement extends Action { + /** + * @param ISystemTag $tag newly created tag + */ + public function createTag(ISystemTag $tag): void { + $this->log('System tag "%s" (%s, %s) created', + [ + 'name' => $tag->getName(), + 'visbility' => $tag->isUserVisible() ? 'visible' : 'invisible', + 'assignable' => $tag->isUserAssignable() ? 'user assignable' : 'system only', + ], + ['name', 'visibility', 'assignable'] + ); + } +} diff --git a/apps/admin_audit/lib/Actions/UserManagement.php b/apps/admin_audit/lib/Actions/UserManagement.php deleted file mode 100644 index 25960197847..00000000000 --- a/apps/admin_audit/lib/Actions/UserManagement.php +++ /dev/null @@ -1,122 +0,0 @@ -<?php - -declare(strict_types=1); -/** - * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors - * SPDX-License-Identifier: AGPL-3.0-or-later - */ -namespace OCA\AdminAudit\Actions; - -use OCP\IUser; - -/** - * Class UserManagement logs all user management related actions. - * - * @package OCA\AdminAudit\Actions - */ -class UserManagement extends Action { - /** - * Log creation of users - * - * @param array $params - */ - public function create(array $params): void { - $this->log( - 'User created: "%s"', - $params, - [ - 'uid', - ] - ); - } - - /** - * Log assignments of users (typically user backends) - * - * @param string $uid - */ - public function assign(string $uid): void { - $this->log( - 'UserID assigned: "%s"', - [ 'uid' => $uid ], - [ 'uid' ] - ); - } - - /** - * Log deletion of users - * - * @param array $params - */ - public function delete(array $params): void { - $this->log( - 'User deleted: "%s"', - $params, - [ - 'uid', - ] - ); - } - - /** - * Log unassignments of users (typically user backends, no data removed) - * - * @param string $uid - */ - public function unassign(string $uid): void { - $this->log( - 'UserID unassigned: "%s"', - [ 'uid' => $uid ], - [ 'uid' ] - ); - } - - /** - * Log enabling of users - * - * @param array $params - */ - public function change(array $params): void { - switch ($params['feature']) { - case 'enabled': - $this->log( - $params['value'] === true - ? 'User enabled: "%s"' - : 'User disabled: "%s"', - ['user' => $params['user']->getUID()], - [ - 'user', - ] - ); - break; - case 'eMailAddress': - $this->log( - 'Email address changed for user %s', - ['user' => $params['user']->getUID()], - [ - 'user', - ] - ); - break; - } - } - - /** - * Logs changing of the user scope - * - * @param IUser $user - */ - public function setPassword(IUser $user): void { - if ($user->getBackendClassName() === 'Database') { - $this->log( - 'Password of user "%s" has been changed', - [ - 'user' => $user->getUID(), - ], - [ - 'user', - ] - ); - } - } -} diff --git a/apps/admin_audit/lib/Actions/Versions.php b/apps/admin_audit/lib/Actions/Versions.php index c856c994d3f..b3fdefd011d 100644 --- a/apps/admin_audit/lib/Actions/Versions.php +++ b/apps/admin_audit/lib/Actions/Versions.php @@ -8,16 +8,6 @@ declare(strict_types=1); namespace OCA\AdminAudit\Actions; class Versions extends Action { - public function rollback(array $params): void { - $this->log('Version "%s" of "%s" was restored.', - [ - 'version' => $params['revision'], - 'path' => $params['path'] - ], - ['version', 'path'] - ); - } - public function delete(array $params): void { $this->log('Version "%s" was deleted.', ['path' => $params['path']], |