try post file hooks

4 files changed, 301 insertions, 14 deletions

diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php
index dedb5af..287c7f2 100644
--- a/lib/AppInfo/Application.php
+++ b/lib/AppInfo/Application.php
@@ -23,11 +23,15 @@ namespace OCA\RansomwareDetection\AppInfo;
 
 use OC\Files\Filesystem;
 use OCA\RansomwareDetection\Monitor;
+use OCA\RansomwareDetection\Events\FilesEvents;
+use OCA\RansomwareDetection\FilesHooks;
 use OCA\RansomwareDetection\Classifier;
+use OCA\RansomwareDetection\Analyzer\EntropyAnalyzer;
 use OCA\RansomwareDetection\Analyzer\SequenceAnalyzer;
 use OCA\RansomwareDetection\Analyzer\SequenceSizeAnalyzer;
 use OCA\RansomwareDetection\Analyzer\FileTypeFunnellingAnalyzer;
 use OCA\RansomwareDetection\Analyzer\EntropyFunnellingAnalyzer;
+use OCA\RansomwareDetection\Analyzer\FileCorruptionAnalyzer;
 use OCA\RansomwareDetection\Analyzer\FileExtensionAnalyzer;
 use OCA\RansomwareDetection\Entropy\Entropy;
 use OCA\RansomwareDetection\Notification\Notifier;
@@ -36,6 +40,9 @@ use OCA\RansomwareDetection\Connector\Sabre\RequestPlugin;
 use OCA\RansomwareDetection\Service\FileOperationService;
 use OCA\RansomwareDetection\Mapper\FileOperationMapper;
 use OCP\AppFramework\App;
+use OCP\App\IAppManager;
+use OCP\Files\IRootFolder;
+use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Files\Storage\IStorage;
 use OCP\Notification\IManager;
 use OCP\Util;
@@ -44,6 +51,7 @@ use OCP\ILogger;
 use OCP\IConfig;
 use OCP\IUserSession;
 use OCP\ISession;
+use OCP\IRequest;
 
 class Application extends App
 {
@@ -65,7 +73,7 @@ class Application extends App
         // services
         $container->registerService('FileOperationService', function ($c) {
             return new FileOperationService(
-                $c->query('FileOperationMapper'),
+                $c->query(FileOperationMapper::class),
                 $c->query('ServerContainer')->getUserSession()->getUser()->getUID()
             );
         });
@@ -116,6 +124,47 @@ class Application extends App
                 $c->query(EntropyFunnellingAnalyzer::class)
             );
         });
+
+        $container->registerService('EntropyAnalyzer', function ($c) {
+            return new EntropyAnalyzer(
+                $c->query(ILogger::class),
+                $c->query(IRootFolder::class),
+                $c->query(Entropy::class),
+                $c->query('ServerContainer')->getUserSession()->getUser()->getUID()
+            );
+        });
+
+        $container->registerService('FileCorruptionAnalyzer', function ($c) {
+            return new FileCorruptionAnalyzer(
+                $c->query(ILogger::class),
+                $c->query(IRootFolder::class),
+                $c->query('ServerContainer')->getUserSession()->getUser()->getUID()
+            );
+        });
+
+        $container->registerService('Monitor', function ($c) {
+            return new Monitor(
+                $c->query(IRequest::class),
+                $c->query(IConfig::class),
+                $c->query(ITimeFactory::class),
+                $c->query(IAppManager::class),
+                $c->query(ILogger::class),
+                $c->query(IRootFolder::class),
+                $c->query(EntropyAnalyzer::class),
+                $c->query(FileOperationMapper::class),
+                $c->query(FileExtensionAnalyzer::class),
+                $c->query(FileCorruptionAnalyzer::class),
+                $c->query('ServerContainer')->getUserSession()->getUser()->getUID()
+            );
+        });
+
+        $container->registerService('FilesEvents', function ($c) {
+            return new FilesEvents(
+                $c->query(ILogger::class),
+                $c->query(Monitor::class),
+                $c->query('ServerContainer')->getUserSession()->getUser()->getUID()
+            );
+        });
     }
 
     /**
@@ -136,7 +185,14 @@ class Application extends App
             $sequenceAnalyzer = $this->getContainer()->query(SequenceAnalyzer::class);
             $event->getServer()->addPlugin(new RequestPlugin($logger, $config, $userSession, $session, $service, $notifications, $classifier, $sequenceAnalyzer));
         });
-        Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper');
+        //Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper');
+        Util::connectHook('OC_Filesystem', 'post_create', FilesHooks::class, 'onFileCreate');
+        Util::connectHook('OC_Filesystem', 'post_update', FilesHooks::class, 'onFileUpdate');
+        Util::connectHook('OC_Filesystem', 'post_rename', FilesHooks::class, 'onFileRename');
+        Util::connectHook('OC_Filesystem', 'post_write', FilesHooks::class, 'onFileWrite');
+        Util::connectHook('OC_Filesystem', 'post_delete', FilesHooks::class, 'onFileDelete');
+        Util::connectHook('OC_Filesystem', 'post_touch', FilesHooks::class, 'onFileTouch');
+        Util::connectHook('OC_Filesystem', 'post_copy', FilesHooks::class, 'onFileCopy');
         $this->registerNotificationNotifier();
     }
 
diff --git a/lib/Events/FilesEvents.php b/lib/Events/FilesEvents.php
new file mode 100644
index 0000000..b1ba0c1
--- /dev/null
+++ b/lib/Events/FilesEvents.php
@@ -0,0 +1,122 @@
+<?php
+declare(strict_types=1);
+
+
+/**
+ * Files_FullTextSearch - Index the content of your files
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later. See the COPYING file.
+ *
+ * @author Maxence Lange <maxence@artificial-owl.com>
+ * @copyright 2018
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+namespace OCA\RansomwareDetection\Events;
+
+use OCA\RansomwareDetection\Monitor;
+use OCA\RansomwareDetection\AppInfo\Application;
+use OCP\ILogger;
+
+/**
+ * Class FilesEvents
+ *
+ * @package OCA\Files_FullTextSearch\Events
+ */
+class FilesEvents {
+
+	/** @var string */
+    private $userId;
+    
+    private $logger;
+
+    private $monitor;
+
+
+	/**
+	 * FilesEvents constructor.
+	 *
+	 * @param string $userId
+	 */
+	public function __construct(
+        ILogger $logger,
+        $monitor,
+        $userId
+
+	) {
+        $this->logger = $logger;
+        $this->monitor = $monitor;
+		$this->userId = $userId;
+	}
+
+	/**
+	 * @param array $params
+	 *
+	 * @throws InvalidPathException
+	 * @throws NotFoundException
+	 */
+	public function onFileUpdate(array $params) {
+        $this->analyze([$params['path']], Monitor::WRITE);
+		$this->logger->error("Updating ".$params['path'], ['app' =>  Application::APP_ID]);
+	}
+
+
+	/**
+	 * @param array $params
+	 *
+	 * @throws NotFoundException
+	 * @throws InvalidPathException
+	 */
+	public function onFileRename(array $params) {
+        $this->logger->error("Renaming ".$params['oldpath']." to ".$params['newpath'], ['app' =>  Application::APP_ID]);
+        $this->analyze([$params['oldpath'], $params['newpath']], Monitor::RENAME);
+    }
+
+    public function onFileCreate(array $params) {
+		$this->logger->error("Creating ".$params['path'], ['app' =>  Application::APP_ID]);
+    }
+    
+    public function onFileWrite(array $params) {
+		$this->logger->error("Writing ".$params['path'], ['app' =>  Application::APP_ID]);
+    }
+    
+    public function onFileDelete(array $params) {
+		$this->logger->error("Deleting ".$params['path'], ['app' =>  Application::APP_ID]);
+    }
+    
+    public function onFileCopy(array $params) {
+		$this->logger->error("Copying ".$params['path'], ['app' =>  Application::APP_ID]);
+    }
+    
+    public function onFileTouch(array $params) {
+		$this->logger->error("Touching ".$params['path'], ['app' =>  Application::APP_ID]);
+    }
+    
+    /**
+     * Makes it easier to test.
+     *
+     * @param IStorage $storage
+     * @param string   $path
+     * @param int      $mode
+     */
+    protected function analyze($path, $mode)
+    {
+        return $this->monitor->analyze($path, $mode);
+    }
+}
\ No newline at end of file
diff --git a/lib/FilesHooks.php b/lib/FilesHooks.php
new file mode 100644
index 0000000..efd81d0
--- /dev/null
+++ b/lib/FilesHooks.php
@@ -0,0 +1,109 @@
+<?php
+declare(strict_types=1);
+
+
+/**
+ * Files_FullTextSearch - Index the content of your files
+ *
+ * This file is licensed under the Affero General Public License version 3 or
+ * later. See the COPYING file.
+ *
+ * @author Maxence Lange <maxence@artificial-owl.com>
+ * @copyright 2018
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+
+namespace OCA\RansomwareDetection;
+
+use OCA\RansomwareDetection\AppInfo\Application;
+use OCA\RansomwareDetection\Events\FilesEvents;
+
+/**
+ * Class FilesHooks
+ *
+ * @package OCA\Files_FullTextSearch\Hooks
+ */
+class FilesHooks {
+
+	/**
+	 * retrieve the FilesEvents' Controller
+	 *
+	 * @return FilesEvents
+	 * @throws QueryException
+	 */
+	protected static function getController(): FilesEvents {
+		$app = new Application();
+
+		return $app->getContainer()
+				   ->query(FilesEvents::class);
+	}
+
+	/**
+	 * hook events: file is updated
+	 *
+	 * @param array $params
+	 *
+	 * @throws QueryException
+	 * @throws InvalidPathException
+	 * @throws NotFoundException
+	 */
+	public static function onFileUpdate(array $params) {
+		self::getController()
+			->onFileUpdate($params);
+	}
+
+
+	/**
+	 * hook events: file is renamed
+	 *
+	 * @param array $params
+	 *
+	 * @throws NotFoundException
+	 * @throws QueryException
+	 * @throws InvalidPathException
+	 */
+	public static function onFileRename(array $params) {
+		self::getController()
+			->onFileRename($params);
+    }
+    
+    public static function onFileCreate(array $params) {
+		self::getController()
+			->onFileCreate($params);
+    }
+    
+    public static function onFileWrite(array $params) {
+		self::getController()
+			->onFileWrite($params);
+    }
+    
+    public static function onFileDelete(array $params) {
+		self::getController()
+			->onFileDelete($params);
+    }
+    
+    public static function onFileTouch(array $params) {
+		self::getController()
+			->onFileTouch($params);
+    }
+    
+    public static function onFileCopy(array $params) {
+		self::getController()
+			->onFileCopy($params);
+	}
+}
\ No newline at end of file
diff --git a/lib/Monitor.php b/lib/Monitor.php
index 9c658b9..955d854 100644
--- a/lib/Monitor.php
+++ b/lib/Monitor.php
@@ -89,17 +89,17 @@ class Monitor
     protected $nestingLevel = 0;
 
     /**
-     * @param IRequest             $request
-     * @param IConfig              $config
-     * @param ITimeFactory         $time
-     * @param IAppManager          $appManager
-     * @param ILogger              $logger
-     * @param IRootFolder          $rootFolder
-     * @param EntropyAnalyzer      $entropyAnalyzer
-     * @param FileOperationMapper  $mapper
+     * @param IRequest                  $request
+     * @param IConfig                   $config
+     * @param ITimeFactory              $time
+     * @param IAppManager               $appManager
+     * @param ILogger                   $logger
+     * @param IRootFolder               $rootFolder
+     * @param EntropyAnalyzer           $entropyAnalyzer
+     * @param FileOperationMapper       $mapper
      * @param FileExtensionAnalyzer     $fileExtensionAnalyzer
-     * @param FileCorruptionAnalyzer $fileCorruptionAnalyzer
-     * @param string               $userId
+     * @param FileCorruptionAnalyzer    $fileCorruptionAnalyzer
+     * @param string                    $userId
      */
     public function __construct(
         IRequest $request,
@@ -130,13 +130,13 @@ class Monitor
     /**
      * Analyze file.
      *
-     * @param IStorage $storage
      * @param array    $paths
      * @param int      $mode
      */
-    public function analyze(IStorage $storage, $paths, $mode)
+    public function analyze($paths, $mode)
     {
         $path = $paths[0];
+        $storage = $this->rootFolder->get(dirname($path))->getStorage();
         if ($this->userId === null || $this->nestingLevel !== 0 || !$this->isUploadedFile($storage, $path) || $this->isCreatingSkeletonFiles()) {
             // check only cloud files and no system files
             return;