Merge pull request #31594 from nextcloud/fix/federated-shares-events

Log in audit log federated shares events
2026-05-28 04:32:30 -04:00 · 2022-04-06 11:16:47 +02:00 · 2022-04-06 11:16:47 +02:00 · dd97809266
commit dd97809266
parent b8b4d247b4 1d8bf9a89c
2 changed files with 25 additions and 3 deletions
--- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
+++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php
@ -36,6 +36,7 @@ use OCP\AppFramework\OCS\OCSException;
 use OCP\AppFramework\OCS\OCSForbiddenException;
 use OCP\AppFramework\OCSController;
 use OCP\Constants;
+use OCP\EventDispatcher\IEventDispatcher;
 use OCP\Federation\Exceptions\ProviderCouldNotAddShareException;
 use OCP\Federation\Exceptions\ProviderDoesNotExistsException;
 use OCP\Federation\ICloudFederationFactory;
@ -44,6 +45,7 @@ use OCP\Federation\ICloudIdManager;
 use OCP\IDBConnection;
 use OCP\IRequest;
 use OCP\IUserManager;
+use OCP\Log\Audit\CriticalActionPerformedEvent;
 use OCP\Share;
 use OCP\Share\Exceptions\ShareNotFound;
 use Psr\Log\LoggerInterface;
@ -83,6 +85,9 @@ class RequestHandlerController extends OCSController {
 	/** @var ICloudFederationProviderManager */
 	private $cloudFederationProviderManager;

+	/** @var IEventDispatcher */
+	private $eventDispatcher;
+
 	public function __construct(string $appName,
 								IRequest $request,
 								FederatedShareProvider $federatedShareProvider,
@ -94,7 +99,8 @@ class RequestHandlerController extends OCSController {
 								ICloudIdManager $cloudIdManager,
 								LoggerInterface $logger,
 								ICloudFederationFactory $cloudFederationFactory,
-								ICloudFederationProviderManager $cloudFederationProviderManager
+								ICloudFederationProviderManager $cloudFederationProviderManager,
+								IEventDispatcher $eventDispatcher
 	) {
 		parent::__construct($appName, $request);

@ -108,6 +114,7 @@ class RequestHandlerController extends OCSController {
 		$this->logger = $logger;
 		$this->cloudFederationFactory = $cloudFederationFactory;
 		$this->cloudFederationProviderManager = $cloudFederationProviderManager;
+		$this->eventDispatcher = $eventDispatcher;
 	}

 	/**
@ -156,6 +163,11 @@ class RequestHandlerController extends OCSController {
 		try {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
 			$provider->shareReceived($share);
+			if ($sharedByFederatedId === $ownerFederatedId) {
+					$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('A new federated share with "%s" was created by "%s" and shared with "%s"', [$name, $ownerFederatedId, $shareWith]));
+			} else {
+					$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('A new federated share with "%s" was shared by "%s" (resource owner is: "%s") and shared with "%s"', [$name, $sharedByFederatedId, $ownerFederatedId, $shareWith]));
+			}
 		} catch (ProviderDoesNotExistsException $e) {
 			throw new OCSException('Server does not support federated cloud sharing', 503);
 		} catch (ProviderCouldNotAddShareException $e) {
@ -243,6 +255,7 @@ class RequestHandlerController extends OCSController {
 		try {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
 			$provider->notificationReceived('SHARE_ACCEPTED', $id, $notification);
+			$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was accepted', [$id]));
 		} catch (ProviderDoesNotExistsException $e) {
 			throw new OCSException('Server does not support federated cloud sharing', 503);
 		} catch (ShareNotFound $e) {
@ -275,6 +288,7 @@ class RequestHandlerController extends OCSController {
 		try {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
 			$provider->notificationReceived('SHARE_DECLINED', $id, $notification);
+			$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was declined', [$id]));
 		} catch (ProviderDoesNotExistsException $e) {
 			throw new OCSException('Server does not support federated cloud sharing', 503);
 		} catch (ShareNotFound $e) {
@ -307,6 +321,7 @@ class RequestHandlerController extends OCSController {
 			$provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file');
 			$notification = ['sharedSecret' => $token];
 			$provider->notificationReceived('SHARE_UNSHARED', $id, $notification);
+			$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" was unshared', [$id]));
 		} catch (\Exception $e) {
 			$this->logger->debug('processing unshare notification failed: ' . $e->getMessage(), ['exception' => $e]);
 		}
@ -381,6 +396,7 @@ class RequestHandlerController extends OCSController {
 			$ocmPermissions = $this->ncPermissions2ocmPermissions((int)$ncPermissions);
 			$notification = ['sharedSecret' => $token, 'permission' => $ocmPermissions];
 			$provider->notificationReceived('RESHARE_CHANGE_PERMISSION', $id, $notification);
+			$this->eventDispatcher->dispatchTyped(new CriticalActionPerformedEvent('Federated share with id "%s" has updated permissions "%s"', [$id, implode(', ', $ocmPermissions)]));
 		} catch (\Exception $e) {
 			$this->logger->debug($e->getMessage(), ['exception' => $e]);
 			throw new OCSBadRequestException();
--- a/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php
+++ b/apps/federatedfilesharing/tests/Controller/RequestHandlerControllerTest.php
@ -34,6 +34,7 @@ use OCP\Federation\ICloudFederationProvider;
 use OCP\Federation\ICloudFederationProviderManager;
 use OCP\Federation\ICloudFederationShare;
 use OCP\Federation\ICloudIdManager;
+use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IDBConnection;
 use OCP\IRequest;
 use OCP\IUserManager;
@ -100,6 +101,9 @@ class RequestHandlerControllerTest extends \Test\TestCase {
 	/** @var ICloudFederationShare|\PHPUnit\Framework\MockObject\MockObject */
 	private $cloudFederationShare;

+	/** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
+	private $eventDispatcher;
+
 	protected function setUp(): void {
 		$this->share = $this->getMockBuilder(IShare::class)->getMock();
 		$this->federatedShareProvider = $this->getMockBuilder('OCA\FederatedFileSharing\FederatedShareProvider')
@ -124,7 +128,8 @@ class RequestHandlerControllerTest extends \Test\TestCase {
 		$this->cloudFederationProviderManager = $this->createMock(ICloudFederationProviderManager::class);
 		$this->cloudFederationProvider = $this->createMock(ICloudFederationProvider::class);
 		$this->cloudFederationShare = $this->createMock(ICloudFederationShare::class);
-
+		$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
+		$this->eventDispatcher->expects($this->any())->method('dispatchTyped');

 		$this->logger = $this->createMock(LoggerInterface::class);

@ -140,7 +145,8 @@ class RequestHandlerControllerTest extends \Test\TestCase {
 			$this->cloudIdManager,
 			$this->logger,
 			$this->cloudFederationFactory,
-			$this->cloudFederationProviderManager
+			$this->cloudFederationProviderManager,
+			$this->eventDispatcher
 		);
 	}