Make admin_audit listen to 2fa events

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2018-01-17 14:51:03 +01:00
parent eddd135f14
commit b2ca1d6553
No known key found for this signature in database
GPG Key ID: F941078878347C0C
2 changed files with 91 additions and 0 deletions

View File

@ -0,0 +1,75 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
*
* @author Roeland Jago Douma <roeland@famdouma.nl>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\AdminAudit\Actions;
use OCP\IUser;
/**
* Class Sharing logs the sharing actions
*
* @package OCA\AdminAudit\Actions
*/
class Security extends Action {
/**
* Log twofactor auth enabled
*
* @param IUser $user
* @param array $params
*/
public function twofactorFailed(IUser $user, array $params) {
$params['uid'] = $user->getUID();
$params['displayName'] = $user->getDisplayName();
$this->log(
'Failed two factor attempt by user %s (%s) with provider %s',
$params,
[
'displayname',
'uid',
'provider',
]
);
}
/**
* Logs unsharing of data
*
* @param IUser $user
* @param array $params
*/
public function twofactorSuccess(IUser $user, array $params) {
$params['uid'] = $user->getUID();
$params['displayName'] = $user->getDisplayName();
$this->log(
'Successful two factor attempt by user %s (%s) with provider %s',
$params,
[
'displayname',
'uid',
'provider',
]
);
}
}

View File

@ -33,12 +33,14 @@ use OCA\AdminAudit\Actions\Auth;
use OCA\AdminAudit\Actions\Console;
use OCA\AdminAudit\Actions\Files;
use OCA\AdminAudit\Actions\GroupManagement;
use OCA\AdminAudit\Actions\Security;
use OCA\AdminAudit\Actions\Sharing;
use OCA\AdminAudit\Actions\Trashbin;
use OCA\AdminAudit\Actions\UserManagement;
use OCA\AdminAudit\Actions\Versions;
use OCP\App\ManagerEvent;
use OCP\AppFramework\App;
use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\Console\ConsoleEvent;
use OCP\IGroupManager;
use OCP\ILogger;
@ -75,6 +77,8 @@ class Application extends App {
$this->fileHooks($logger);
$this->trashbinHooks($logger);
$this->versionsHooks($logger);
$this->securityHooks($logger);
}
protected function userManagementHooks(ILogger $logger) {
@ -218,4 +222,16 @@ class Application extends App {
Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
}
protected function securityHooks(ILogger $logger) {
$eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
$eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function(GenericEvent $event) use ($logger) {
$security = new Security($logger);
$security->twofactorSuccess($event->getSubject(), $event->getArguments());
});
$eventDispatcher->addListener(IProvider::EVENT_FAILED, function(GenericEvent $event) use ($logger) {
$security = new Security($logger);
$security->twofactorFailed($event->getSubject(), $event->getArguments());
});
}
}