From f24fa2051d7c2866ced8cfe26bf147b3ce031082 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Sat, 12 Jan 2019 17:48:27 +0100 Subject: Publish event for app token create/update/delete Signed-off-by: Daniel Kesselberg --- settings/Controller/AuthSettingsController.php | 62 +++++++++++++++++++++----- 1 file changed, 51 insertions(+), 11 deletions(-) (limited to 'settings/Controller') diff --git a/settings/Controller/AuthSettingsController.php b/settings/Controller/AuthSettingsController.php index 06cabd00b07..13b16c3ea73 100644 --- a/settings/Controller/AuthSettingsController.php +++ b/settings/Controller/AuthSettingsController.php @@ -27,16 +27,19 @@ namespace OC\Settings\Controller; +use BadMethodCallException; use OC\AppFramework\Http; use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; +use OC\Settings\Activity\Provider; +use OCP\Activity\IManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\JSONResponse; +use OCP\ILogger; use OCP\IRequest; use OCP\ISession; -use OCP\IUserManager; use OCP\Security\ISecureRandom; use OCP\Session\Exceptions\SessionNotAvailableException; @@ -45,9 +48,6 @@ class AuthSettingsController extends Controller { /** @var IProvider */ private $tokenProvider; - /** @var IUserManager */ - private $userManager; - /** @var ISession */ private $session; @@ -57,23 +57,37 @@ class AuthSettingsController extends Controller { /** @var ISecureRandom */ private $random; + /** @var IManager */ + private $activityManager; + + /** @var ILogger */ + private $logger; + /** * @param string $appName * @param IRequest $request * @param IProvider $tokenProvider - * @param IUserManager $userManager * @param ISession $session * @param ISecureRandom $random - * @param string $userId + * @param string|null $userId + * @param IManager $activityManager + * @param ILogger $logger */ - public function __construct($appName, IRequest $request, IProvider $tokenProvider, IUserManager $userManager, - ISession $session, ISecureRandom $random, $userId) { + public function __construct(string $appName, + IRequest $request, + IProvider $tokenProvider, + ISession $session, + ISecureRandom $random, + ?string $userId, + IManager $activityManager, + ILogger $logger) { parent::__construct($appName, $request); $this->tokenProvider = $tokenProvider; - $this->userManager = $userManager; $this->uid = $userId; $this->session = $session; $this->random = $random; + $this->activityManager = $activityManager; + $this->logger = $logger; } /** @@ -84,7 +98,7 @@ class AuthSettingsController extends Controller { */ public function index() { $tokens = $this->tokenProvider->getTokenByUser($this->uid); - + try { $sessionId = $this->session->getId(); } catch (SessionNotAvailableException $ex) { @@ -96,7 +110,7 @@ class AuthSettingsController extends Controller { return $this->getServiceNotAvailableResponse(); } - return array_map(function(IToken $token) use ($sessionToken) { + return array_map(function (IToken $token) use ($sessionToken) { $data = $token->jsonSerialize(); if ($sessionToken->getId() === $token->getId()) { $data['canDelete'] = false; @@ -140,6 +154,8 @@ class AuthSettingsController extends Controller { $tokenData = $deviceToken->jsonSerialize(); $tokenData['canDelete'] = true; + $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), $name); + return new JSONResponse([ 'token' => $token, 'loginName' => $loginName, @@ -179,6 +195,7 @@ class AuthSettingsController extends Controller { */ public function destroy($id) { $this->tokenProvider->invalidateTokenById($this->uid, $id); + $this->publishActivity(Provider::APP_TOKEN_DELETED, $id); return []; } @@ -204,6 +221,29 @@ class AuthSettingsController extends Controller { 'filesystem' => $scope['filesystem'] ]); $this->tokenProvider->updateToken($token); + $this->publishActivity(Provider::APP_TOKEN_UPDATED, $id, $token->getName()); return []; } + + /** + * @param string $subject + * @param int $id + * @param string|null $tokenName + */ + private function publishActivity(string $subject, int $id, ?string $tokenName = null): void { + $event = $this->activityManager->generateEvent(); + $event->setApp('settings') + ->setType('security') + ->setAffectedUser($this->uid) + ->setAuthor($this->uid) + ->setSubject($subject, [$tokenName]) + ->setObject('app_token', $id, 'App Password'); + + try { + $this->activityManager->publish($event); + } catch (BadMethodCallException $e) { + $this->logger->warning('could not publish activity'); + $this->logger->logException($e); + } + } } -- cgit v1.2.3