Merge pull request #17 from nextcloud/activities

publish activities when a device is added/removed
This commit is contained in:
Christoph Wurst 2016-12-19 14:55:48 +01:00 коммит произвёл GitHub
Родитель 5a74515830 233c56cfe9
Коммит 3321e0dc84
10 изменённых файлов: 389 добавлений и 19 удалений

Просмотреть файл

@ -24,4 +24,13 @@
<two-factor-providers> <two-factor-providers>
<provider>OCA\TwoFactorU2F\Provider\U2FProvider</provider> <provider>OCA\TwoFactorU2F\Provider\U2FProvider</provider>
</two-factor-providers> </two-factor-providers>
<activity>
<settings>
<setting>OCA\TwoFactorU2F\Activity\Setting</setting>
</settings>
<providers>
<provider>OCA\TwoFactorU2F\Activity\Provider</provider>
</providers>
</activity>
</info> </info>

80
lib/Activity/Provider.php Normal file
Просмотреть файл

@ -0,0 +1,80 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor U2F
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorU2F\Activity;
use InvalidArgumentException;
use OCP\Activity\IEvent;
use OCP\Activity\IProvider;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\L10N\IFactory as L10nFactory;
class Provider implements IProvider {
/** @var L10nFactory */
private $l10n;
/** @var IURLGenerator */
private $urlGenerator;
/** @var ILogger */
private $logger;
/**
* @param L10nFactory $l10n
* @param IURLGenerator $urlGenerator
* @param ILogger $logger
*/
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
$this->logger = $logger;
$this->urlGenerator = $urlGenerator;
$this->l10n = $l10n;
}
/**
* @param string $language
* @param IEvent $event
* @param IEvent $previousEvent
* @return IEvent
* @throws InvalidArgumentException
*/
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
if ($event->getApp() !== 'twofactor_u2f') {
throw new InvalidArgumentException();
}
$l = $this->l10n->get('twofactor_u2f', $language);
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
switch ($event->getSubject()) {
case 'u2f_device_added':
$event->setSubject($l->t('You added an U2F hardware token'));
break;
case 'u2f_device_removed':
$event->setSubject($l->t('You removed an U2F hardware token'));
break;
}
return $event;
}
}

89
lib/Activity/Setting.php Normal file
Просмотреть файл

@ -0,0 +1,89 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor U2F
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorU2F\Activity;
use OCP\Activity\ISetting;
use OCP\IL10N;
class Setting implements ISetting {
/** @var IL10N */
private $l10n;
/**
* @param IL10N $l10n
*/
public function __construct(IL10N $l10n) {
$this->l10n = $l10n;
}
/**
* @return boolean
*/
public function canChangeMail() {
return false;
}
/**
* @return boolean
*/
public function canChangeStream() {
return false;
}
/**
* @return string
*/
public function getIdentifier() {
return 'twofactor_u2f';
}
/**
* @return string
*/
public function getName() {
return $this->l10n->t('U2F device');
}
/**
* @return int
*/
public function getPriority() {
return 30;
}
/**
* @return boolean
*/
public function isDefaultEnabledMail() {
return true;
}
/**
* @return boolean
*/
public function isDefaultEnabledStream() {
return true;
}
}

Просмотреть файл

@ -15,13 +15,12 @@ namespace OCA\TwoFactorU2F\Service;
require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php'); require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php');
use InvalidArgumentException; use InvalidArgumentException;
use OC;
use OCA\TwoFactorU2F\Db\Registration; use OCA\TwoFactorU2F\Db\Registration;
use OCA\TwoFactorU2F\Db\RegistrationMapper; use OCA\TwoFactorU2F\Db\RegistrationMapper;
use OCP\Activity\IManager;
use OCP\ILogger; use OCP\ILogger;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\IURLGenerator;
use OCP\IUser; use OCP\IUser;
use u2flib_server\Error; use u2flib_server\Error;
use u2flib_server\U2F; use u2flib_server\U2F;
@ -40,11 +39,15 @@ class U2FManager {
/** @var IRequest */ /** @var IRequest */
private $request; private $request;
public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request) { /** @var IManager */
private $activityManager;
public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request, IManager $activityManager) {
$this->mapper = $mapper; $this->mapper = $mapper;
$this->session = $session; $this->session = $session;
$this->logger = $logger; $this->logger = $logger;
$this->request = $request; $this->request = $request;
$this->activityManager = $activityManager;
} }
private function getU2f() { private function getU2f() {
@ -69,6 +72,7 @@ class U2FManager {
// TODO: use single query instead // TODO: use single query instead
foreach ($this->mapper->findRegistrations($user) as $registration) { foreach ($this->mapper->findRegistrations($user) as $registration) {
$this->mapper->delete($registration); $this->mapper->delete($registration);
$this->publishEvent($user, 'u2f_device_removed');
} }
} }
@ -107,10 +111,27 @@ class U2FManager {
$registration->setCertificate($reg->certificate); $registration->setCertificate($reg->certificate);
$registration->setCounter($reg->counter); $registration->setCounter($reg->counter);
$this->mapper->insert($registration); $this->mapper->insert($registration);
$this->publishEvent($user, 'u2f_device_added');
$this->logger->debug(json_encode($reg)); $this->logger->debug(json_encode($reg));
} }
/**
* Push an U2F event the user's activity stream
*
* @param IUser $user
* @param string $event
*/
private function publishEvent(IUser $user, $event) {
$activity = $this->activityManager->generateEvent();
$activity->setApp('twofactor_u2f')
->setType('twofactor')
->setAuthor($user->getUID())
->setAffectedUser($user->getUID());
$activity->setSubject($event);
$this->activityManager->publish($activity);
}
public function startAuthenticate(IUser $user) { public function startAuthenticate(IUser $user) {
$u2f = $this->getU2f(); $u2f = $this->getU2f();
$reqs = $u2f->getAuthenticateData($this->getRegistrations($user)); $reqs = $u2f->getAuthenticateData($this->getRegistrations($user));

Просмотреть файл

@ -1,7 +1,22 @@
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_create_2e_tests=false
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_enabled=false
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_path=
auxiliary.org-netbeans-modules-php-phpunit.configuration_2e_enabled=true
auxiliary.org-netbeans-modules-php-phpunit.configuration_2e_path=tests/phpunit.xml
auxiliary.org-netbeans-modules-php-phpunit.customSuite_2e_enabled=false
auxiliary.org-netbeans-modules-php-phpunit.customSuite_2e_path=
auxiliary.org-netbeans-modules-php-phpunit.phpUnit_2e_enabled=false
auxiliary.org-netbeans-modules-php-phpunit.phpUnit_2e_path=
auxiliary.org-netbeans-modules-php-phpunit.test_2e_groups_2e_ask=false
auxiliary.org-netbeans-modules-php-phpunit.test_2e_run_2e_all=false
auxiliary.org-netbeans-modules-php-phpunit.test_2e_run_2e_phpunit_2e_only=false
file.reference.twofactor_u2f-tests=tests
include.path=${php.global.include.path} include.path=${php.global.include.path}
php.version=PHP_54 php.version=PHP_56
source.encoding=UTF-8 source.encoding=UTF-8
src.dir=. src.dir=.
tags.asp=false tags.asp=false
tags.short=false tags.short=false
test.src.dir=${file.reference.twofactor_u2f-tests}
testing.providers=PhpUnit
web.root=. web.root=.

Просмотреть файл

@ -1,7 +0,0 @@
<phpunit bootstrap="tests/bootstrap.php" colors="true">
<testsuites>
<testsuite name="integration">
<directory>./tests/integration</directory>
</testsuite>
</testsuites>
</phpunit>

Просмотреть файл

@ -1,7 +0,0 @@
<phpunit bootstrap="tests/bootstrap.php" colors="true">
<testsuites>
<testsuite name="unit">
<directory>./tests/unit</directory>
</testsuite>
</testsuites>
</phpunit>

Просмотреть файл

@ -6,7 +6,7 @@
timeoutForLargeTests="900" timeoutForLargeTests="900"
> >
<testsuite name="U2F app tests"> <testsuite name="U2F app tests">
<directory suffix="test.php">.</directory> <directory suffix="Test.php">.</directory>
</testsuite> </testsuite>
</phpunit> </phpunit>

Просмотреть файл

@ -0,0 +1,112 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor U2F
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorU2F\Test\Unit\Activity;
use InvalidArgumentException;
use OCA\TwoFactorU2F\Activity\Provider;
use OCP\Activity\IEvent;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\L10N\IFactory;
use Test\TestCase;
class ProviderTest extends TestCase {
private $l10n;
private $urlGenerator;
private $logger;
/** @var Provider */
private $provider;
protected function setUp() {
parent::setUp();
$this->l10n = $this->createMock(IFactory::class);
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->logger = $this->createMock(ILogger::class);
$this->provider = new Provider($this->l10n, $this->urlGenerator, $this->logger);
}
public function testParseUnrelated() {
$lang = 'ru';
$event = $this->createMock(IEvent::class);
$event->expects($this->once())
->method('getApp')
->will($this->returnValue('comments'));
$this->setExpectedException(InvalidArgumentException::class);
$this->provider->parse($lang, $event);
}
public function subjectData() {
return [
['u2f_device_added'],
['u2f_device_removed'],
[null],
];
}
/**
* @dataProvider subjectData
*/
public function testParse($subject) {
$lang = 'ru';
$event = $this->createMock(IEvent::class);
$l = $this->createMock(IL10N::class);
$event->expects($this->once())
->method('getApp')
->will($this->returnValue('twofactor_u2f'));
$this->l10n->expects($this->once())
->method('get')
->with('twofactor_u2f', $lang)
->will($this->returnValue($l));
$this->urlGenerator->expects($this->once())
->method('imagePath')
->with('core', 'actions/password.svg')
->will($this->returnValue('path/to/image'));
$this->urlGenerator->expects($this->once())
->method('getAbsoluteURL')
->with('path/to/image')
->will($this->returnValue('absolute/path/to/image'));
$event->expects($this->once())
->method('setIcon')
->with('absolute/path/to/image');
$event->expects($this->once())
->method('getSubject')
->will($this->returnValue($subject));
if (is_null($subject)) {
$event->expects($this->never())
->method('setSubject');
} else {
$event->expects($this->once())
->method('setSubject');
}
$this->provider->parse($lang, $event);
}
}

Просмотреть файл

@ -0,0 +1,58 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor U2F
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorU2F\Test\Unit\Activity;
use OCA\TwoFactorU2F\Activity\Setting;
use OCP\IL10N;
use Test\TestCase;
class SettingTest extends TestCase {
private $l10n;
/** @var Setting */
private $setting;
protected function setUp() {
parent::setUp();
$this->l10n = $this->createMock(IL10N::class);
$this->setting = new Setting($this->l10n);
}
public function testAll() {
$this->assertEquals(false, $this->setting->canChangeMail());
$this->assertEquals(false, $this->setting->canChangeStream());
$this->assertEquals('twofactor_u2f', $this->setting->getIdentifier());
$this->l10n->expects($this->once())
->method('t')
->with('U2F device')
->will($this->returnValue('U2F Gerät'));
$this->assertEquals('U2F Gerät', $this->setting->getName());
$this->assertEquals(30, $this->setting->getPriority());
$this->assertEquals(true, $this->setting->isDefaultEnabledMail());
$this->assertEquals(true, $this->setting->isDefaultEnabledStream());
}
}