diff options
author | Matthias <ilovemilk@wusa.io> | 2020-03-29 16:28:37 +0300 |
---|---|---|
committer | Matthias <ilovemilk@wusa.io> | 2020-03-29 16:28:37 +0300 |
commit | f1dcc36d1a7d6d6e4ac1f7cc57818c877357d32c (patch) | |
tree | a4c8e6a50523122e1af821c90d82f54119d69fca | |
parent | b4b724e0af7fbf923be596c64d1cb5a87b299063 (diff) |
try post file hooks
-rw-r--r-- | lib/AppInfo/Application.php | 60 | ||||
-rw-r--r-- | lib/Events/FilesEvents.php | 122 | ||||
-rw-r--r-- | lib/FilesHooks.php | 109 | ||||
-rw-r--r-- | lib/Monitor.php | 24 |
4 files changed, 301 insertions, 14 deletions
diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php index dedb5af..287c7f2 100644 --- a/lib/AppInfo/Application.php +++ b/lib/AppInfo/Application.php @@ -23,11 +23,15 @@ namespace OCA\RansomwareDetection\AppInfo; use OC\Files\Filesystem; use OCA\RansomwareDetection\Monitor; +use OCA\RansomwareDetection\Events\FilesEvents; +use OCA\RansomwareDetection\FilesHooks; use OCA\RansomwareDetection\Classifier; +use OCA\RansomwareDetection\Analyzer\EntropyAnalyzer; use OCA\RansomwareDetection\Analyzer\SequenceAnalyzer; use OCA\RansomwareDetection\Analyzer\SequenceSizeAnalyzer; use OCA\RansomwareDetection\Analyzer\FileTypeFunnellingAnalyzer; use OCA\RansomwareDetection\Analyzer\EntropyFunnellingAnalyzer; +use OCA\RansomwareDetection\Analyzer\FileCorruptionAnalyzer; use OCA\RansomwareDetection\Analyzer\FileExtensionAnalyzer; use OCA\RansomwareDetection\Entropy\Entropy; use OCA\RansomwareDetection\Notification\Notifier; @@ -36,6 +40,9 @@ use OCA\RansomwareDetection\Connector\Sabre\RequestPlugin; use OCA\RansomwareDetection\Service\FileOperationService; use OCA\RansomwareDetection\Mapper\FileOperationMapper; use OCP\AppFramework\App; +use OCP\App\IAppManager; +use OCP\Files\IRootFolder; +use OCP\AppFramework\Utility\ITimeFactory; use OCP\Files\Storage\IStorage; use OCP\Notification\IManager; use OCP\Util; @@ -44,6 +51,7 @@ use OCP\ILogger; use OCP\IConfig; use OCP\IUserSession; use OCP\ISession; +use OCP\IRequest; class Application extends App { @@ -65,7 +73,7 @@ class Application extends App // services $container->registerService('FileOperationService', function ($c) { return new FileOperationService( - $c->query('FileOperationMapper'), + $c->query(FileOperationMapper::class), $c->query('ServerContainer')->getUserSession()->getUser()->getUID() ); }); @@ -116,6 +124,47 @@ class Application extends App $c->query(EntropyFunnellingAnalyzer::class) ); }); + + $container->registerService('EntropyAnalyzer', function ($c) { + return new EntropyAnalyzer( + $c->query(ILogger::class), + $c->query(IRootFolder::class), + $c->query(Entropy::class), + $c->query('ServerContainer')->getUserSession()->getUser()->getUID() + ); + }); + + $container->registerService('FileCorruptionAnalyzer', function ($c) { + return new FileCorruptionAnalyzer( + $c->query(ILogger::class), + $c->query(IRootFolder::class), + $c->query('ServerContainer')->getUserSession()->getUser()->getUID() + ); + }); + + $container->registerService('Monitor', function ($c) { + return new Monitor( + $c->query(IRequest::class), + $c->query(IConfig::class), + $c->query(ITimeFactory::class), + $c->query(IAppManager::class), + $c->query(ILogger::class), + $c->query(IRootFolder::class), + $c->query(EntropyAnalyzer::class), + $c->query(FileOperationMapper::class), + $c->query(FileExtensionAnalyzer::class), + $c->query(FileCorruptionAnalyzer::class), + $c->query('ServerContainer')->getUserSession()->getUser()->getUID() + ); + }); + + $container->registerService('FilesEvents', function ($c) { + return new FilesEvents( + $c->query(ILogger::class), + $c->query(Monitor::class), + $c->query('ServerContainer')->getUserSession()->getUser()->getUID() + ); + }); } /** @@ -136,7 +185,14 @@ class Application extends App $sequenceAnalyzer = $this->getContainer()->query(SequenceAnalyzer::class); $event->getServer()->addPlugin(new RequestPlugin($logger, $config, $userSession, $session, $service, $notifications, $classifier, $sequenceAnalyzer)); }); - Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper'); + //Util::connectHook('OC_Filesystem', 'preSetup', $this, 'addStorageWrapper'); + Util::connectHook('OC_Filesystem', 'post_create', FilesHooks::class, 'onFileCreate'); + Util::connectHook('OC_Filesystem', 'post_update', FilesHooks::class, 'onFileUpdate'); + Util::connectHook('OC_Filesystem', 'post_rename', FilesHooks::class, 'onFileRename'); + Util::connectHook('OC_Filesystem', 'post_write', FilesHooks::class, 'onFileWrite'); + Util::connectHook('OC_Filesystem', 'post_delete', FilesHooks::class, 'onFileDelete'); + Util::connectHook('OC_Filesystem', 'post_touch', FilesHooks::class, 'onFileTouch'); + Util::connectHook('OC_Filesystem', 'post_copy', FilesHooks::class, 'onFileCopy'); $this->registerNotificationNotifier(); } diff --git a/lib/Events/FilesEvents.php b/lib/Events/FilesEvents.php new file mode 100644 index 0000000..b1ba0c1 --- /dev/null +++ b/lib/Events/FilesEvents.php @@ -0,0 +1,122 @@ +<?php +declare(strict_types=1); + + +/** + * Files_FullTextSearch - Index the content of your files + * + * This file is licensed under the Affero General Public License version 3 or + * later. See the COPYING file. + * + * @author Maxence Lange <maxence@artificial-owl.com> + * @copyright 2018 + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\RansomwareDetection\Events; + +use OCA\RansomwareDetection\Monitor; +use OCA\RansomwareDetection\AppInfo\Application; +use OCP\ILogger; + +/** + * Class FilesEvents + * + * @package OCA\Files_FullTextSearch\Events + */ +class FilesEvents { + + /** @var string */ + private $userId; + + private $logger; + + private $monitor; + + + /** + * FilesEvents constructor. + * + * @param string $userId + */ + public function __construct( + ILogger $logger, + $monitor, + $userId + + ) { + $this->logger = $logger; + $this->monitor = $monitor; + $this->userId = $userId; + } + + /** + * @param array $params + * + * @throws InvalidPathException + * @throws NotFoundException + */ + public function onFileUpdate(array $params) { + $this->analyze([$params['path']], Monitor::WRITE); + $this->logger->error("Updating ".$params['path'], ['app' => Application::APP_ID]); + } + + + /** + * @param array $params + * + * @throws NotFoundException + * @throws InvalidPathException + */ + public function onFileRename(array $params) { + $this->logger->error("Renaming ".$params['oldpath']." to ".$params['newpath'], ['app' => Application::APP_ID]); + $this->analyze([$params['oldpath'], $params['newpath']], Monitor::RENAME); + } + + public function onFileCreate(array $params) { + $this->logger->error("Creating ".$params['path'], ['app' => Application::APP_ID]); + } + + public function onFileWrite(array $params) { + $this->logger->error("Writing ".$params['path'], ['app' => Application::APP_ID]); + } + + public function onFileDelete(array $params) { + $this->logger->error("Deleting ".$params['path'], ['app' => Application::APP_ID]); + } + + public function onFileCopy(array $params) { + $this->logger->error("Copying ".$params['path'], ['app' => Application::APP_ID]); + } + + public function onFileTouch(array $params) { + $this->logger->error("Touching ".$params['path'], ['app' => Application::APP_ID]); + } + + /** + * Makes it easier to test. + * + * @param IStorage $storage + * @param string $path + * @param int $mode + */ + protected function analyze($path, $mode) + { + return $this->monitor->analyze($path, $mode); + } +}
\ No newline at end of file diff --git a/lib/FilesHooks.php b/lib/FilesHooks.php new file mode 100644 index 0000000..efd81d0 --- /dev/null +++ b/lib/FilesHooks.php @@ -0,0 +1,109 @@ +<?php +declare(strict_types=1); + + +/** + * Files_FullTextSearch - Index the content of your files + * + * This file is licensed under the Affero General Public License version 3 or + * later. See the COPYING file. + * + * @author Maxence Lange <maxence@artificial-owl.com> + * @copyright 2018 + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\RansomwareDetection; + +use OCA\RansomwareDetection\AppInfo\Application; +use OCA\RansomwareDetection\Events\FilesEvents; + +/** + * Class FilesHooks + * + * @package OCA\Files_FullTextSearch\Hooks + */ +class FilesHooks { + + /** + * retrieve the FilesEvents' Controller + * + * @return FilesEvents + * @throws QueryException + */ + protected static function getController(): FilesEvents { + $app = new Application(); + + return $app->getContainer() + ->query(FilesEvents::class); + } + + /** + * hook events: file is updated + * + * @param array $params + * + * @throws QueryException + * @throws InvalidPathException + * @throws NotFoundException + */ + public static function onFileUpdate(array $params) { + self::getController() + ->onFileUpdate($params); + } + + + /** + * hook events: file is renamed + * + * @param array $params + * + * @throws NotFoundException + * @throws QueryException + * @throws InvalidPathException + */ + public static function onFileRename(array $params) { + self::getController() + ->onFileRename($params); + } + + public static function onFileCreate(array $params) { + self::getController() + ->onFileCreate($params); + } + + public static function onFileWrite(array $params) { + self::getController() + ->onFileWrite($params); + } + + public static function onFileDelete(array $params) { + self::getController() + ->onFileDelete($params); + } + + public static function onFileTouch(array $params) { + self::getController() + ->onFileTouch($params); + } + + public static function onFileCopy(array $params) { + self::getController() + ->onFileCopy($params); + } +}
\ No newline at end of file diff --git a/lib/Monitor.php b/lib/Monitor.php index 9c658b9..955d854 100644 --- a/lib/Monitor.php +++ b/lib/Monitor.php @@ -89,17 +89,17 @@ class Monitor protected $nestingLevel = 0; /** - * @param IRequest $request - * @param IConfig $config - * @param ITimeFactory $time - * @param IAppManager $appManager - * @param ILogger $logger - * @param IRootFolder $rootFolder - * @param EntropyAnalyzer $entropyAnalyzer - * @param FileOperationMapper $mapper + * @param IRequest $request + * @param IConfig $config + * @param ITimeFactory $time + * @param IAppManager $appManager + * @param ILogger $logger + * @param IRootFolder $rootFolder + * @param EntropyAnalyzer $entropyAnalyzer + * @param FileOperationMapper $mapper * @param FileExtensionAnalyzer $fileExtensionAnalyzer - * @param FileCorruptionAnalyzer $fileCorruptionAnalyzer - * @param string $userId + * @param FileCorruptionAnalyzer $fileCorruptionAnalyzer + * @param string $userId */ public function __construct( IRequest $request, @@ -130,13 +130,13 @@ class Monitor /** * Analyze file. * - * @param IStorage $storage * @param array $paths * @param int $mode */ - public function analyze(IStorage $storage, $paths, $mode) + public function analyze($paths, $mode) { $path = $paths[0]; + $storage = $this->rootFolder->get(dirname($path))->getStorage(); if ($this->userId === null || $this->nestingLevel !== 0 || !$this->isUploadedFile($storage, $path) || $this->isCreatingSkeletonFiles()) { // check only cloud files and no system files return; |