diff --git a/lib/Chat/SystemMessage/Listener.php b/lib/Chat/SystemMessage/Listener.php index d03aedf8ded..75ee319e6b9 100644 --- a/lib/Chat/SystemMessage/Listener.php +++ b/lib/Chat/SystemMessage/Listener.php @@ -64,6 +64,7 @@ use OCP\Share\Events\BeforeShareCreatedEvent; use OCP\Share\Events\ShareCreatedEvent; use OCP\Share\IShare; +use Psr\Log\LoggerInterface; /** * @template-implements IEventListener @@ -81,6 +82,7 @@ public function __construct( protected ParticipantService $participantService, protected MessageParser $messageParser, protected IL10N $l, + protected LoggerInterface $logger, ) { } @@ -308,6 +310,7 @@ protected function addSystemMessageUserAdded(AttendeesAddedEvent $event, Attende || $this->getUserId() !== $attendee->getActorId() // - has joined a listable room on their own || $attendee->getParticipantType() === Participant::USER) { + $this->logger->debug('User "' . $attendee->getActorId() . '" added to room "' . $room->getToken() . '"', ['app' => 'spreed-bfp']); $comment = $this->sendSystemMessage( $room, 'user_added', @@ -341,6 +344,7 @@ protected function sendSystemMessageUserRemoved(AttendeeRemovedEvent $event): vo return; } + $this->logger->debug('User "' . $event->getAttendee()->getActorId() . '" removed from room "' . $room->getToken() . '"', ['app' => 'spreed-bfp']); $this->sendSystemMessage($room, 'user_removed', ['user' => $event->getAttendee()->getActorId()]); } @@ -440,6 +444,7 @@ protected function attendeesAddedEvent(AttendeesAddedEvent $event): void { } foreach ($event->getAttendees() as $attendee) { + $this->logger->debug($attendee->getActorType() . ' "' . $attendee->getActorId() . '" added to room "' . $event->getRoom()->getToken() . '"', ['app' => 'spreed-bfp']); if ($attendee->getActorType() === Attendee::ACTOR_GROUPS) { $this->sendSystemMessage($event->getRoom(), 'group_added', ['group' => $attendee->getActorId()]); } elseif ($attendee->getActorType() === Attendee::ACTOR_CIRCLES) { @@ -460,6 +465,7 @@ protected function attendeesRemovedEvent(AttendeesRemovedEvent $event): void { } foreach ($event->getAttendees() as $attendee) { + $this->logger->debug($attendee->getActorType() . ' "' . $attendee->getActorId() . '" removed from room "' . $event->getRoom()->getToken() . '"', ['app' => 'spreed-bfp']); if ($attendee->getActorType() === Attendee::ACTOR_GROUPS) { $this->sendSystemMessage($event->getRoom(), 'group_removed', ['group' => $attendee->getActorId()]); } elseif ($attendee->getActorType() === Attendee::ACTOR_CIRCLES) { diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php index 37c8f52db94..cd4f3c6e63d 100644 --- a/lib/Controller/PageController.php +++ b/lib/Controller/PageController.php @@ -240,6 +240,7 @@ protected function pageHandler(string $token = '', string $callUser = '', string $response = new RedirectResponse($passwordVerification['url']); } + $this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $token . '"', ['app' => 'spreed-bfp']); $response->throttle(['token' => $token, 'action' => 'talkRoomPassword']); return $response; } @@ -284,6 +285,7 @@ protected function pageHandler(string $token = '', string $callUser = '', string $response->setContentSecurityPolicy($csp); if ($throttle) { // Logged-in user tried to access a chat they can not access + $this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $bruteForceToken . '"', ['app' => 'spreed-bfp']); $response->throttle(['token' => $bruteForceToken, 'action' => 'talkRoomToken']); } return $response; @@ -301,6 +303,7 @@ public function recording(string $token): Response { $room = $this->manager->getRoomByToken($token); } catch (RoomNotFoundException $e) { $response = new NotFoundResponse(); + $this->logger->debug('Recording "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $token . '"', ['app' => 'spreed-bfp']); $response->throttle(['token' => $token, 'action' => 'talkRoomToken']); return $response; diff --git a/lib/Middleware/InjectionMiddleware.php b/lib/Middleware/InjectionMiddleware.php index 2b665fb93fc..a3f82ba3276 100644 --- a/lib/Middleware/InjectionMiddleware.php +++ b/lib/Middleware/InjectionMiddleware.php @@ -67,6 +67,7 @@ use OCP\IURLGenerator; use OCP\Security\Bruteforce\IThrottler; use OCP\Security\Bruteforce\MaxDelayReached; +use Psr\Log\LoggerInterface; class InjectionMiddleware extends Middleware { public function __construct( @@ -79,6 +80,7 @@ public function __construct( protected IURLGenerator $url, protected InvitationMapper $invitationMapper, protected Authenticator $federationAuthenticator, + protected LoggerInterface $logger, protected ?string $userId, ) { } @@ -354,6 +356,7 @@ public function afterException(Controller $controller, string $methodName, \Exce $action = $protection->getAction(); if ($action === 'talkRoomToken') { + $this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . ($this->request->getParam('token') ?? 'UNKNOWN') . '"', ['app' => 'spreed-bfp']); try { $this->throttler->sleepDelayOrThrowOnMax($this->request->getRemoteAddress(), $action); } catch (MaxDelayReached $e) { diff --git a/tests/php/Chat/SystemMessage/ListenerTest.php b/tests/php/Chat/SystemMessage/ListenerTest.php index 8667ce3e6bf..820ea4c5b6a 100644 --- a/tests/php/Chat/SystemMessage/ListenerTest.php +++ b/tests/php/Chat/SystemMessage/ListenerTest.php @@ -45,6 +45,7 @@ use OCP\IUserSession; use PHPUnit\Framework\Assert; use PHPUnit\Framework\MockObject\MockObject; +use Psr\Log\LoggerInterface; use Test\TestCase; /** @@ -75,6 +76,7 @@ class ListenerTest extends TestCase { protected $participantService; /** @var MessageParser|MockObject */ protected $messageParser; + protected LoggerInterface|MockObject $logger; protected ?array $handlers = null; protected ?\DateTime $dummyTime = null; @@ -99,6 +101,7 @@ protected function setUp(): void { $this->manager = $this->createMock(Manager::class); $this->participantService = $this->createMock(ParticipantService::class); $this->messageParser = $this->createMock(MessageParser::class); + $this->logger = $this->createMock(LoggerInterface::class); $l = $this->createMock(IL10N::class); $l->expects($this->any()) ->method('t') @@ -125,6 +128,7 @@ protected function setUp(): void { $this->participantService, $this->messageParser, $l, + $this->logger, ); }