From 1d8bf9a89c6856218802a1d365000a5831be8655 Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Wed, 16 Mar 2022 15:17:55 +0100 Subject: Log in audit log federated shares events Signed-off-by: Carl Schwan --- .../lib/Controller/RequestHandlerController.php | 18 +++++++++++++++++- .../tests/Controller/RequestHandlerControllerTest.php | 10 ++++++++-- 2 files changed, 25 insertions(+), 3 deletions(-) (limited to 'apps') diff --git a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php index f19e251fc7a..fe0c7a11ab7 100644 --- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php +++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php @@ -36,6 +36,7 @@ use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\AppFramework\OCSController; use OCP\Constants; +use OCP\EventDispatcher\IEventDispatcher; use OCP\Federation\Exceptions\ProviderCouldNotAddShareException; use OCP\Federation\Exceptions\ProviderDoesNotExistsException; use OCP\Federation\ICloudFederationFactory; @@ -44,6 +45,7 @@ use OCP\Federation\ICloudIdManager; use OCP\IDBConnection; use OCP\IRequest; use OCP\IUserManager; +use OCP\Log\Audit\CriticalActionPerformedEvent; use OCP\Share; use OCP\Share\Exceptions\ShareNotFound; use Psr\Log\LoggerInterface; @@ -83,6 +85,9 @@ class RequestHandlerController extends OCSController { /** @var ICloudFederationProviderManager */ private $cloudFederationProviderManager; + /** @var IEventDispatcher */ + private $eventDispatcher; + public function __construct(string $appName, IRequest $request, FederatedShareProvider $federatedShareProvider, @@ -94,7 +99,8 @@ class RequestHandlerController extends OCSController { ICloudIdManager $cloudIdManager, LoggerInterface $logger, ICloudFederationFactory $cloudFederationFactory, - ICloudFederationProviderManager $cloudFederationProviderManager + ICloudFederationProviderManager $cloudFederationProviderManager, + IEventDispatcher $eventDispatcher ) { parent::__construct($appName, $request); @@ -108,6 +114,7 @@ class RequestHandlerController extends OCSController { $this->logger = $logger; $this->cloudFederationFactory = $cloudFederationFactory; $this->cloudFederationProviderManager = $cloudFederationProviderManager; + $this->eventDispatcher = $eventDispatcher; } /** @@ -156,6 +163,11 @@ class RequestHandlerController extends OCSController { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); $provider->shareReceived($share); + if ($sharedByFederatedId === $ownerFederatedId) { + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('A new federated share with "%s" was created by "%s" and shared with "%s"', [$name, $ownerFederatedId, $shareWith])); + } else { + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('A new federated share with "%s" was shared by "%s" (resource owner is: "%s") and shared with "%s"', [$name, $sharedByFederatedId, $ownerFederatedId, $shareWith])); + } } catch (ProviderDoesNotExistsException $e) { throw new OCSException('Server does not support federated cloud sharing', 503); } catch (ProviderCouldNotAddShareException $e) { @@ -243,6 +255,7 @@ class RequestHandlerController extends OCSController { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); $provider->notificationReceived('SHARE_ACCEPTED', $id, $notification); + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was accepted', [$id])); } catch (ProviderDoesNotExistsException $e) { throw new OCSException('Server does not support federated cloud sharing', 503); } catch (ShareNotFound $e) { @@ -275,6 +288,7 @@ class RequestHandlerController extends OCSController { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); $provider->notificationReceived('SHARE_DECLINED', $id, $notification); + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was declined', [$id])); } catch (ProviderDoesNotExistsException $e) { throw new OCSException('Server does not support federated cloud sharing', 503); } catch (ShareNotFound $e) { @@ -307,6 +321,7 @@ class RequestHandlerController extends OCSController { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); $notification = ['sharedSecret' => $token]; $provider->notificationReceived('SHARE_UNSHARED', $id, $notification); + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was unshared', [$id])); } catch (\Exception $e) { $this->logger->debug('processing unshare notification failed: ' . $e->getMessage(), ['exception' => $e]); } @@ -381,6 +396,7 @@ class RequestHandlerController extends OCSController { $ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions); $notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions]; $provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification); + $this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" has updated permissions "%s"', [$id, implode(', ', $ocmPermissions)])); } catch (\Exception $e) { $this->logger->debug($e->getMessage(), ['exception' => $e]); throw new OCSBadRequestException(); diff --git a/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php b/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php index 0cb91fac1ae..77f7fde70fa 100644 --- a/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php +++ b/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php @@ -34,6 +34,7 @@ use OCP\Federation\ICloudFederationProvider; use OCP\Federation\ICloudFederationProviderManager; use OCP\Federation\ICloudFederationShare; use OCP\Federation\ICloudIdManager; +use OCP\EventDispatcher\IEventDispatcher; use OCP\IDBConnection; use OCP\IRequest; use OCP\IUserManager; @@ -100,6 +101,9 @@ class RequestHandlerControllerTest extends \Test\TestCase { /** @var ICloudFederationShare|\PHPUnit\Framework\MockObject\MockObject */ private $cloudFederationShare; + /** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */ + private $eventDispatcher; + protected function setUp(): void { $this->share = $this->getMockBuilder(IShare::class)->getMock(); $this->federatedShareProvider = $this->getMockBuilder('OCA\FederatedFileSharing\FederatedShareProvider') @@ -124,7 +128,8 @@ class RequestHandlerControllerTest extends \Test\TestCase { $this->cloudFederationProviderManager = $this->createMock(ICloudFederationProviderManager::class); $this->cloudFederationProvider = $this->createMock(ICloudFederationProvider::class); $this->cloudFederationShare = $this->createMock(ICloudFederationShare::class); - + $this->eventDispatcher = $this->createMock(IEventDispatcher::class); + $this->eventDispatcher->expects($this->any())->method('dispatchTyped'); $this->logger = $this->createMock(LoggerInterface::class); @@ -140,7 +145,8 @@ class RequestHandlerControllerTest extends \Test\TestCase { $this->cloudIdManager, $this->logger, $this->cloudFederationFactory, - $this->cloudFederationProviderManager + $this->cloudFederationProviderManager, + $this->eventDispatcher ); } -- cgit v1.2.3