Make admin_audit listen to 2fa events
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
eddd135f14
commit
b2ca1d6553
|
@ -0,0 +1,75 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
/**
|
||||
* @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\AdminAudit\Actions;
|
||||
use OCP\IUser;
|
||||
|
||||
/**
|
||||
* Class Sharing logs the sharing actions
|
||||
*
|
||||
* @package OCA\AdminAudit\Actions
|
||||
*/
|
||||
class Security extends Action {
|
||||
/**
|
||||
* Log twofactor auth enabled
|
||||
*
|
||||
* @param IUser $user
|
||||
* @param array $params
|
||||
*/
|
||||
public function twofactorFailed(IUser $user, array $params) {
|
||||
$params['uid'] = $user->getUID();
|
||||
$params['displayName'] = $user->getDisplayName();
|
||||
|
||||
$this->log(
|
||||
'Failed two factor attempt by user %s (%s) with provider %s',
|
||||
$params,
|
||||
[
|
||||
'displayname',
|
||||
'uid',
|
||||
'provider',
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Logs unsharing of data
|
||||
*
|
||||
* @param IUser $user
|
||||
* @param array $params
|
||||
*/
|
||||
public function twofactorSuccess(IUser $user, array $params) {
|
||||
$params['uid'] = $user->getUID();
|
||||
$params['displayName'] = $user->getDisplayName();
|
||||
|
||||
$this->log(
|
||||
'Successful two factor attempt by user %s (%s) with provider %s',
|
||||
$params,
|
||||
[
|
||||
'displayname',
|
||||
'uid',
|
||||
'provider',
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
|
@ -33,12 +33,14 @@ use OCA\AdminAudit\Actions\Auth;
|
|||
use OCA\AdminAudit\Actions\Console;
|
||||
use OCA\AdminAudit\Actions\Files;
|
||||
use OCA\AdminAudit\Actions\GroupManagement;
|
||||
use OCA\AdminAudit\Actions\Security;
|
||||
use OCA\AdminAudit\Actions\Sharing;
|
||||
use OCA\AdminAudit\Actions\Trashbin;
|
||||
use OCA\AdminAudit\Actions\UserManagement;
|
||||
use OCA\AdminAudit\Actions\Versions;
|
||||
use OCP\App\ManagerEvent;
|
||||
use OCP\AppFramework\App;
|
||||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
use OCP\Console\ConsoleEvent;
|
||||
use OCP\IGroupManager;
|
||||
use OCP\ILogger;
|
||||
|
@ -75,6 +77,8 @@ class Application extends App {
|
|||
$this->fileHooks($logger);
|
||||
$this->trashbinHooks($logger);
|
||||
$this->versionsHooks($logger);
|
||||
|
||||
$this->securityHooks($logger);
|
||||
}
|
||||
|
||||
protected function userManagementHooks(ILogger $logger) {
|
||||
|
@ -218,4 +222,16 @@ class Application extends App {
|
|||
Util::connectHook('\OCP\Trashbin', 'preDelete', $trashActions, 'delete');
|
||||
Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', $trashActions, 'restore');
|
||||
}
|
||||
|
||||
protected function securityHooks(ILogger $logger) {
|
||||
$eventDispatcher = $this->getContainer()->getServer()->getEventDispatcher();
|
||||
$eventDispatcher->addListener(IProvider::EVENT_SUCCESS, function(GenericEvent $event) use ($logger) {
|
||||
$security = new Security($logger);
|
||||
$security->twofactorSuccess($event->getSubject(), $event->getArguments());
|
||||
});
|
||||
$eventDispatcher->addListener(IProvider::EVENT_FAILED, function(GenericEvent $event) use ($logger) {
|
||||
$security = new Security($logger);
|
||||
$security->twofactorFailed($event->getSubject(), $event->getArguments());
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue