mirror of
https://github.com/nextcloud/server.git
synced 2026-02-03 20:41:22 -05:00
Merge 4a72d2dc49 into d09b8c99de
This commit is contained in:
Jos Poortvliet
GitHub
commit
c95c14873e
3 changed files with 67 additions and 1 deletions
|
|
@ -39,6 +39,8 @@ use OCP\AppFramework\Bootstrap\IRegistrationContext;
|
|||
use OCP\Authentication\Events\AnyLoginFailedEvent;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserRegistered;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserUnregistered;
|
||||
use OCP\Console\ConsoleEvent;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
use OCP\Files\Cache\CacheEntryInsertedEvent;
|
||||
|
|
@ -118,6 +120,8 @@ class Application extends App implements IBootstrap {
|
|||
// Security events
|
||||
$context->registerEventListener(TwoFactorProviderChallengePassed::class, SecurityEventListener::class);
|
||||
$context->registerEventListener(TwoFactorProviderChallengeFailed::class, SecurityEventListener::class);
|
||||
$context->registerEventListener(TwoFactorProviderForUserRegistered::class, SecurityEventListener::class);
|
||||
$context->registerEventListener(TwoFactorProviderForUserUnregistered::class, SecurityEventListener::class);
|
||||
|
||||
// App management events
|
||||
$context->registerEventListener(AppEnableEvent::class, AppManagementEventListener::class);
|
||||
|
|
|
|||
|
|
@ -12,11 +12,13 @@ namespace OCA\AdminAudit\Listener;
|
|||
use OCA\AdminAudit\Actions\Action;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserRegistered;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserUnregistered;
|
||||
use OCP\EventDispatcher\Event;
|
||||
use OCP\EventDispatcher\IEventListener;
|
||||
|
||||
/**
|
||||
* @template-implements IEventListener<TwoFactorProviderChallengePassed|TwoFactorProviderChallengeFailed>
|
||||
* @template-implements IEventListener<TwoFactorProviderChallengePassed|TwoFactorProviderChallengeFailed|TwoFactorProviderForUserRegistered|TwoFactorProviderForUserUnregistered>
|
||||
*/
|
||||
class SecurityEventListener extends Action implements IEventListener {
|
||||
public function handle(Event $event): void {
|
||||
|
|
@ -24,6 +26,10 @@ class SecurityEventListener extends Action implements IEventListener {
|
|||
$this->twoFactorProviderChallengePassed($event);
|
||||
} elseif ($event instanceof TwoFactorProviderChallengeFailed) {
|
||||
$this->twoFactorProviderChallengeFailed($event);
|
||||
} elseif ($event instanceof TwoFactorProviderForUserRegistered) {
|
||||
$this->twoFactorProviderForUserRegistered($event);
|
||||
} elseif ($event instanceof TwoFactorProviderForUserUnregistered) {
|
||||
$this->twoFactorProviderForUserUnregistered($event);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -58,4 +64,36 @@ class SecurityEventListener extends Action implements IEventListener {
|
|||
]
|
||||
);
|
||||
}
|
||||
|
||||
private function twoFactorProviderForUserRegistered(TwoFactorProviderForUserRegistered $event): void {
|
||||
$this->log(
|
||||
'Two factor provider %s enabled for user %s (%s)',
|
||||
[
|
||||
'provider' => $event->getProvider()->getDisplayName(),
|
||||
'uid' => $event->getUser()->getUID(),
|
||||
'displayName' => $event->getUser()->getDisplayName()
|
||||
],
|
||||
[
|
||||
'provider',
|
||||
'uid',
|
||||
'displayName',
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
private function twoFactorProviderForUserUnregistered(TwoFactorProviderForUserUnregistered $event): void {
|
||||
$this->log(
|
||||
'Two factor provider %s disabled for user %s (%s)',
|
||||
[
|
||||
'provider' => $event->getProvider()->getDisplayName(),
|
||||
'uid' => $event->getUser()->getUID(),
|
||||
'displayName' => $event->getUser()->getDisplayName()
|
||||
],
|
||||
[
|
||||
'provider',
|
||||
'uid',
|
||||
'displayName',
|
||||
]
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,8 @@ use OCA\AdminAudit\Listener\SecurityEventListener;
|
|||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserRegistered;
|
||||
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserUnregistered;
|
||||
use OCP\IUser;
|
||||
use PHPUnit\Framework\MockObject\MockObject;
|
||||
use Test\TestCase;
|
||||
|
|
@ -62,4 +64,26 @@ class SecurityEventListenerTest extends TestCase {
|
|||
|
||||
$this->security->handle(new TwoFactorProviderChallengePassed($this->user, $this->provider));
|
||||
}
|
||||
|
||||
public function testTwofactorRegistered(): void {
|
||||
$this->logger->expects($this->once())
|
||||
->method('info')
|
||||
->with(
|
||||
$this->equalTo('Two factor provider myprovider enabled for user mydisplayname (myuid)'),
|
||||
['app' => 'admin_audit']
|
||||
);
|
||||
|
||||
$this->security->handle(new TwoFactorProviderForUserRegistered($this->user, $this->provider));
|
||||
}
|
||||
|
||||
public function testTwofactorUnregistered(): void {
|
||||
$this->logger->expects($this->once())
|
||||
->method('info')
|
||||
->with(
|
||||
$this->equalTo('Two factor provider myprovider disabled for user mydisplayname (myuid)'),
|
||||
['app' => 'admin_audit']
|
||||
);
|
||||
|
||||
$this->security->handle(new TwoFactorProviderForUserUnregistered($this->user, $this->provider));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue