From 4aa9686e3b01732c32bd3ec2ec6d270493316817 Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Sun, 10 Oct 2021 13:08:05 +0200 Subject: [PATCH] refactor custom actions SFTPGo is now fully auditable, all fs and provider events that change something are notified and can be collected using hooks/plugins. There are some backward incompatible changes for command hooks --- cmd/startsubsys.go | 4 +- common/actions.go | 87 ++++++---- common/actions_test.go | 20 +-- common/connection.go | 16 +- common/protocol_test.go | 4 +- common/transfer.go | 8 +- config/config.go | 66 +++++--- config/config_test.go | 24 ++- dataprovider/actions.go | 105 ++++++++++++ dataprovider/admin.go | 17 ++ dataprovider/apikey.go | 17 ++ dataprovider/dataprovider.go | 139 ++++++---------- dataprovider/memory.go | 14 +- dataprovider/user.go | 12 +- docs/custom-actions.md | 84 +++++----- docs/full-configuration.md | 6 +- ftpd/ftpd_test.go | 14 +- ftpd/handler.go | 8 +- httpd/api_admin.go | 27 ++-- httpd/api_folder.go | 16 +- httpd/api_http_user.go | 6 +- httpd/api_keys.go | 24 ++- httpd/api_maintenance.go | 46 +++--- httpd/api_mfa.go | 8 +- httpd/api_user.go | 70 ++++---- httpd/handler.go | 4 +- httpd/httpd_test.go | 20 +-- httpd/internal_test.go | 118 ++++++++++++-- httpd/server.go | 6 +- httpd/webadmin.go | 41 ++++- httpd/webclient.go | 2 +- sdk/plugin/notifier.go | 86 ++++++---- sdk/plugin/notifier/grpc.go | 50 +++--- sdk/plugin/notifier/notifier.go | 6 +- sdk/plugin/notifier/proto/notifier.pb.go | 193 ++++++++++++++++------- sdk/plugin/notifier/proto/notifier.proto | 13 +- sdk/plugin/plugin.go | 16 +- service/service.go | 10 +- sftpd/handler.go | 6 +- sftpd/scp.go | 5 +- sftpd/sftpd_test.go | 10 +- sftpd/ssh_cmd.go | 20 +-- sftpgo.json | 1 + vfs/filesystem.go | 3 + webdavd/file.go | 2 +- webdavd/handler.go | 5 +- webdavd/internal_test.go | 42 ++--- webdavd/webdavd_test.go | 1 + 48 files changed, 966 insertions(+), 536 deletions(-) create mode 100644 dataprovider/actions.go diff --git a/cmd/startsubsys.go b/cmd/startsubsys.go index 76f45463..8f288ea9 100644 --- a/cmd/startsubsys.go +++ b/cmd/startsubsys.go @@ -116,7 +116,7 @@ Command-line flags should be specified in the Subsystem declaration. if user.HomeDir != filepath.Clean(homedir) && !preserveHomeDir { // update the user user.HomeDir = filepath.Clean(homedir) - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSystem, "") if err != nil { logger.Error(logSender, connectionID, "unable to update user %#v: %v", username, err) os.Exit(1) @@ -133,7 +133,7 @@ Command-line flags should be specified in the Subsystem declaration. user.Password = connectionID user.Permissions = make(map[string][]string) user.Permissions["/"] = []string{dataprovider.PermAny} - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, dataprovider.ActionExecutorSystem, "") if err != nil { logger.Error(logSender, connectionID, "unable to add user %#v: %v", username, err) os.Exit(1) diff --git a/common/actions.go b/common/actions.go index 4546b317..caa3331d 100644 --- a/common/actions.go +++ b/common/actions.go @@ -51,8 +51,10 @@ func InitializeActionHandler(handler ActionHandler) { } // ExecutePreAction executes a pre-* action and returns the result -func ExecutePreAction(user *dataprovider.User, operation, filePath, virtualPath, protocol string, fileSize int64, openFlags int) error { - plugin.Handler.NotifyFsEvent(time.Now(), operation, user.Username, filePath, "", "", protocol, fileSize, nil) +func ExecutePreAction(user *dataprovider.User, operation, filePath, virtualPath, protocol, ip string, fileSize int64, + openFlags int, +) error { + plugin.Handler.NotifyFsEvent(time.Now(), operation, user.Username, filePath, "", "", protocol, ip, virtualPath, "", fileSize, nil) if !util.IsStringInSlice(operation, Config.Actions.ExecuteOn) { // for pre-delete we execute the internal handling on error, so we must return errUnconfiguredAction. // Other pre action will deny the operation on error so if we have no configuration we must return @@ -62,14 +64,19 @@ func ExecutePreAction(user *dataprovider.User, operation, filePath, virtualPath, } return nil } - notification := newActionNotification(user, operation, filePath, virtualPath, "", "", protocol, fileSize, openFlags, nil) + notification := newActionNotification(user, operation, filePath, virtualPath, "", "", "", protocol, ip, fileSize, + openFlags, nil) return actionHandler.Handle(notification) } // ExecuteActionNotification executes the defined hook, if any, for the specified action -func ExecuteActionNotification(user *dataprovider.User, operation, filePath, virtualPath, target, sshCmd, protocol string, fileSize int64, err error) { - plugin.Handler.NotifyFsEvent(time.Now(), operation, user.Username, filePath, target, sshCmd, protocol, fileSize, err) - notification := newActionNotification(user, operation, filePath, virtualPath, target, sshCmd, protocol, fileSize, 0, err) +func ExecuteActionNotification(user *dataprovider.User, operation, filePath, virtualPath, target, virtualTarget, sshCmd, + protocol, ip string, fileSize int64, err error, +) { + plugin.Handler.NotifyFsEvent(time.Now(), operation, user.Username, filePath, target, sshCmd, protocol, ip, virtualPath, + virtualTarget, fileSize, err) + notification := newActionNotification(user, operation, filePath, virtualPath, target, virtualTarget, sshCmd, protocol, + ip, fileSize, 0, err) if util.IsStringInSlice(operation, Config.Actions.ExecuteSync) { actionHandler.Handle(notification) //nolint:errcheck @@ -86,23 +93,27 @@ type ActionHandler interface { // ActionNotification defines a notification for a Protocol Action. type ActionNotification struct { - Action string `json:"action"` - Username string `json:"username"` - Path string `json:"path"` - TargetPath string `json:"target_path,omitempty"` - SSHCmd string `json:"ssh_cmd,omitempty"` - FileSize int64 `json:"file_size,omitempty"` - FsProvider int `json:"fs_provider"` - Bucket string `json:"bucket,omitempty"` - Endpoint string `json:"endpoint,omitempty"` - Status int `json:"status"` - Protocol string `json:"protocol"` - OpenFlags int `json:"open_flags,omitempty"` + Action string `json:"action"` + Username string `json:"username"` + Path string `json:"path"` + TargetPath string `json:"target_path,omitempty"` + VirtualPath string `json:"virtual_path"` + VirtualTargetPath string `json:"virtual_target_path,omitempty"` + SSHCmd string `json:"ssh_cmd,omitempty"` + FileSize int64 `json:"file_size,omitempty"` + FsProvider int `json:"fs_provider"` + Bucket string `json:"bucket,omitempty"` + Endpoint string `json:"endpoint,omitempty"` + Status int `json:"status"` + Protocol string `json:"protocol"` + IP string `json:"ip"` + Timestamp int64 `json:"timestamp"` + OpenFlags int `json:"open_flags,omitempty"` } func newActionNotification( user *dataprovider.User, - operation, filePath, virtualPath, target, sshCmd, protocol string, + operation, filePath, virtualPath, target, virtualTarget, sshCmd, protocol, ip string, fileSize int64, openFlags int, err error, @@ -134,18 +145,22 @@ func newActionNotification( } return &ActionNotification{ - Action: operation, - Username: user.Username, - Path: filePath, - TargetPath: target, - SSHCmd: sshCmd, - FileSize: fileSize, - FsProvider: int(fsConfig.Provider), - Bucket: bucket, - Endpoint: endpoint, - Status: status, - Protocol: protocol, - OpenFlags: openFlags, + Action: operation, + Username: user.Username, + Path: filePath, + TargetPath: target, + VirtualPath: virtualPath, + VirtualTargetPath: virtualTarget, + SSHCmd: sshCmd, + FileSize: fileSize, + FsProvider: int(fsConfig.Provider), + Bucket: bucket, + Endpoint: endpoint, + Status: status, + Protocol: protocol, + IP: ip, + OpenFlags: openFlags, + Timestamp: util.GetTimeAsMsSinceEpoch(time.Now()), } } @@ -209,14 +224,14 @@ func (h *defaultActionHandler) handleCommand(notification *ActionNotification) e ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) defer cancel() - cmd := exec.CommandContext(ctx, Config.Actions.Hook, notification.Action, notification.Username, notification.Path, notification.TargetPath, notification.SSHCmd) + cmd := exec.CommandContext(ctx, Config.Actions.Hook) cmd.Env = append(os.Environ(), notificationAsEnvVars(notification)...) startTime := time.Now() err := cmd.Run() - logger.Debug(notification.Protocol, "", "executed command %#v with arguments: %#v, %#v, %#v, %#v, %#v, elapsed: %v, error: %v", - Config.Actions.Hook, notification.Action, notification.Username, notification.Path, notification.TargetPath, notification.SSHCmd, time.Since(startTime), err) + logger.Debug(notification.Protocol, "", "executed command %#v, elapsed: %v, error: %v", + Config.Actions.Hook, time.Since(startTime), err) return err } @@ -227,6 +242,8 @@ func notificationAsEnvVars(notification *ActionNotification) []string { fmt.Sprintf("SFTPGO_ACTION_USERNAME=%v", notification.Username), fmt.Sprintf("SFTPGO_ACTION_PATH=%v", notification.Path), fmt.Sprintf("SFTPGO_ACTION_TARGET=%v", notification.TargetPath), + fmt.Sprintf("SFTPGO_ACTION_VIRTUAL_PATH=%v", notification.VirtualPath), + fmt.Sprintf("SFTPGO_ACTION_VIRTUAL_TARGET=%v", notification.VirtualTargetPath), fmt.Sprintf("SFTPGO_ACTION_SSH_CMD=%v", notification.SSHCmd), fmt.Sprintf("SFTPGO_ACTION_FILE_SIZE=%v", notification.FileSize), fmt.Sprintf("SFTPGO_ACTION_FS_PROVIDER=%v", notification.FsProvider), @@ -234,6 +251,8 @@ func notificationAsEnvVars(notification *ActionNotification) []string { fmt.Sprintf("SFTPGO_ACTION_ENDPOINT=%v", notification.Endpoint), fmt.Sprintf("SFTPGO_ACTION_STATUS=%v", notification.Status), fmt.Sprintf("SFTPGO_ACTION_PROTOCOL=%v", notification.Protocol), + fmt.Sprintf("SFTPGO_ACTION_IP=%v", notification.IP), fmt.Sprintf("SFTPGO_ACTION_OPEN_FLAGS=%v", notification.OpenFlags), + fmt.Sprintf("SFTPGO_ACTION_TIMESTAMP=%v", notification.Timestamp), } } diff --git a/common/actions_test.go b/common/actions_test.go index 715fab79..8cf7d803 100644 --- a/common/actions_test.go +++ b/common/actions_test.go @@ -45,38 +45,38 @@ func TestNewActionNotification(t *testing.T) { Endpoint: "sftpendpoint", }, } - a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSFTP, 123, 0, errors.New("fake error")) + a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSFTP, "", 123, 0, errors.New("fake error")) assert.Equal(t, user.Username, a.Username) assert.Equal(t, 0, len(a.Bucket)) assert.Equal(t, 0, len(a.Endpoint)) assert.Equal(t, 0, a.Status) user.FsConfig.Provider = sdk.S3FilesystemProvider - a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSSH, 123, 0, nil) + a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSSH, "", 123, 0, nil) assert.Equal(t, "s3bucket", a.Bucket) assert.Equal(t, "endpoint", a.Endpoint) assert.Equal(t, 1, a.Status) user.FsConfig.Provider = sdk.GCSFilesystemProvider - a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSCP, 123, 0, ErrQuotaExceeded) + a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSCP, "", 123, 0, ErrQuotaExceeded) assert.Equal(t, "gcsbucket", a.Bucket) assert.Equal(t, 0, len(a.Endpoint)) assert.Equal(t, 2, a.Status) user.FsConfig.Provider = sdk.AzureBlobFilesystemProvider - a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSCP, 123, 0, nil) + a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSCP, "", 123, 0, nil) assert.Equal(t, "azcontainer", a.Bucket) assert.Equal(t, "azendpoint", a.Endpoint) assert.Equal(t, 1, a.Status) - a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSCP, 123, os.O_APPEND, nil) + a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSCP, "", 123, os.O_APPEND, nil) assert.Equal(t, "azcontainer", a.Bucket) assert.Equal(t, "azendpoint", a.Endpoint) assert.Equal(t, 1, a.Status) assert.Equal(t, os.O_APPEND, a.OpenFlags) user.FsConfig.Provider = sdk.SFTPFilesystemProvider - a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSFTP, 123, 0, nil) + a = newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSFTP, "", 123, 0, nil) assert.Equal(t, "sftpendpoint", a.Endpoint) } @@ -92,7 +92,7 @@ func TestActionHTTP(t *testing.T) { Username: "username", }, } - a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSFTP, 123, 0, nil) + a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSFTP, "", 123, 0, nil) err := actionHandler.Handle(a) assert.NoError(t, err) @@ -127,11 +127,11 @@ func TestActionCMD(t *testing.T) { Username: "username", }, } - a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", ProtocolSFTP, 123, 0, nil) + a := newActionNotification(user, operationDownload, "path", "vpath", "target", "", "", ProtocolSFTP, "", 123, 0, nil) err = actionHandler.Handle(a) assert.NoError(t, err) - ExecuteActionNotification(user, OperationSSHCmd, "path", "vpath", "target", "sha1sum", ProtocolSSH, 0, nil) + ExecuteActionNotification(user, OperationSSHCmd, "path", "vpath", "target", "vtarget", "sha1sum", ProtocolSSH, "", 0, nil) Config.Actions = actionsCopy } @@ -153,7 +153,7 @@ func TestWrongActions(t *testing.T) { }, } - a := newActionNotification(user, operationUpload, "", "", "", "", ProtocolSFTP, 123, 0, nil) + a := newActionNotification(user, operationUpload, "", "", "", "", "", ProtocolSFTP, "", 123, 0, nil) err := actionHandler.Handle(a) assert.Error(t, err, "action with bad command must fail") diff --git a/common/connection.go b/common/connection.go index 88affcbd..039ad2ed 100644 --- a/common/connection.go +++ b/common/connection.go @@ -84,6 +84,11 @@ func (c *BaseConnection) GetProtocol() string { return c.protocol } +// GetRemoteIP returns the remote ip address +func (c *BaseConnection) GetRemoteIP() string { + return util.GetIPFromRemoteAddress(c.remoteAddr) +} + // SetProtocol sets the protocol for this connection func (c *BaseConnection) SetProtocol(protocol string) { c.protocol = protocol @@ -248,7 +253,7 @@ func (c *BaseConnection) CreateDir(virtualPath string) error { logger.CommandLog(mkdirLogSender, fsPath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "", -1, c.localAddr, c.remoteAddr) - ExecuteActionNotification(&c.User, operationMkdir, fsPath, virtualPath, "", "", c.protocol, 0, nil) + ExecuteActionNotification(&c.User, operationMkdir, fsPath, virtualPath, "", "", "", c.protocol, c.GetRemoteIP(), 0, nil) return nil } @@ -271,7 +276,7 @@ func (c *BaseConnection) RemoveFile(fs vfs.Fs, fsPath, virtualPath string, info } size := info.Size() - actionErr := ExecutePreAction(&c.User, operationPreDelete, fsPath, virtualPath, c.protocol, size, 0) + actionErr := ExecutePreAction(&c.User, operationPreDelete, fsPath, virtualPath, c.protocol, c.GetRemoteIP(), size, 0) if actionErr == nil { c.Log(logger.LevelDebug, "remove for path %#v handled by pre-delete action", fsPath) } else { @@ -295,7 +300,7 @@ func (c *BaseConnection) RemoveFile(fs vfs.Fs, fsPath, virtualPath string, info } } if actionErr != nil { - ExecuteActionNotification(&c.User, operationDelete, fsPath, virtualPath, "", "", c.protocol, size, nil) + ExecuteActionNotification(&c.User, operationDelete, fsPath, virtualPath, "", "", "", c.protocol, c.GetRemoteIP(), size, nil) } return nil } @@ -355,7 +360,7 @@ func (c *BaseConnection) RemoveDir(virtualPath string) error { logger.CommandLog(rmdirLogSender, fsPath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "", -1, c.localAddr, c.remoteAddr) - ExecuteActionNotification(&c.User, operationRmdir, fsPath, virtualPath, "", "", c.protocol, 0, nil) + ExecuteActionNotification(&c.User, operationRmdir, fsPath, virtualPath, "", "", "", c.protocol, c.GetRemoteIP(), 0, nil) return nil } @@ -416,7 +421,8 @@ func (c *BaseConnection) Rename(virtualSourcePath, virtualTargetPath string) err c.updateQuotaAfterRename(fsDst, virtualSourcePath, virtualTargetPath, fsTargetPath, initialSize) //nolint:errcheck logger.CommandLog(renameLogSender, fsSourcePath, fsTargetPath, c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "", -1, c.localAddr, c.remoteAddr) - ExecuteActionNotification(&c.User, operationRename, fsSourcePath, virtualSourcePath, fsTargetPath, "", c.protocol, 0, nil) + ExecuteActionNotification(&c.User, operationRename, fsSourcePath, virtualSourcePath, fsTargetPath, virtualTargetPath, "", + c.protocol, c.GetRemoteIP(), 0, nil) return nil } diff --git a/common/protocol_test.go b/common/protocol_test.go index 60e47dfb..3a8ce9f8 100644 --- a/common/protocol_test.go +++ b/common/protocol_test.go @@ -2138,7 +2138,7 @@ func TestDelayedQuotaUpdater(t *testing.T) { assert.Equal(t, 10, folderGet.UsedQuotaFiles) assert.Equal(t, int64(6000), folderGet.UsedQuotaSize) - err = dataprovider.DeleteFolder(folder.Name) + err = dataprovider.DeleteFolder(folder.Name, "", "") assert.NoError(t, err) err = dataprovider.Close() @@ -2605,7 +2605,7 @@ func TestBuiltinKeyboardInteractiveAuthentication(t *testing.T) { Secret: kms.NewPlainSecret(secret), Protocols: []string{common.ProtocolSSH}, } - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) passcode, err := generateTOTPPasscode(secret, otp.AlgorithmSHA1) assert.NoError(t, err) diff --git a/common/transfer.go b/common/transfer.go index 1a8df966..388c63c0 100644 --- a/common/transfer.go +++ b/common/transfer.go @@ -243,8 +243,8 @@ func (t *BaseTransfer) Close() error { if t.transferType == TransferDownload { logger.TransferLog(downloadLogSender, t.fsPath, elapsed, atomic.LoadInt64(&t.BytesSent), t.Connection.User.Username, t.Connection.ID, t.Connection.protocol, t.Connection.localAddr, t.Connection.remoteAddr, t.ftpMode) - ExecuteActionNotification(&t.Connection.User, operationDownload, t.fsPath, t.requestPath, "", "", t.Connection.protocol, - atomic.LoadInt64(&t.BytesSent), t.ErrTransfer) + ExecuteActionNotification(&t.Connection.User, operationDownload, t.fsPath, t.requestPath, "", "", "", t.Connection.protocol, + t.Connection.GetRemoteIP(), atomic.LoadInt64(&t.BytesSent), t.ErrTransfer) } else { fileSize := atomic.LoadInt64(&t.BytesReceived) + t.MinWriteOffset if statSize, err := t.getUploadFileSize(); err == nil { @@ -254,8 +254,8 @@ func (t *BaseTransfer) Close() error { t.updateQuota(numFiles, fileSize) logger.TransferLog(uploadLogSender, t.fsPath, elapsed, atomic.LoadInt64(&t.BytesReceived), t.Connection.User.Username, t.Connection.ID, t.Connection.protocol, t.Connection.localAddr, t.Connection.remoteAddr, t.ftpMode) - ExecuteActionNotification(&t.Connection.User, operationUpload, t.fsPath, t.requestPath, "", "", t.Connection.protocol, fileSize, - t.ErrTransfer) + ExecuteActionNotification(&t.Connection.User, operationUpload, t.fsPath, t.requestPath, "", "", "", t.Connection.protocol, + t.Connection.GetRemoteIP(), fileSize, t.ErrTransfer) } if t.ErrTransfer != nil { t.Connection.Log(logger.LevelWarn, "transfer error: %v, path: %#v", t.ErrTransfer, t.fsPath) diff --git a/config/config.go b/config/config.go index 76531075..5773df58 100644 --- a/config/config.go +++ b/config/config.go @@ -227,9 +227,10 @@ func Init() { TrackQuota: 1, PoolSize: 0, UsersBaseDir: "", - Actions: dataprovider.UserActions{ - ExecuteOn: []string{}, - Hook: "", + Actions: dataprovider.ObjectsActions{ + ExecuteOn: []string{}, + ExecuteFor: []string{}, + Hook: "", }, ExternalAuthHook: "", ExternalAuthScope: 0, @@ -671,29 +672,42 @@ func getRateLimitersFromEnv(idx int) { } } -func getPluginsFromEnv(idx int) { - pluginConfig := plugin.Config{} - if len(globalConf.PluginsConfig) > idx { - pluginConfig = globalConf.PluginsConfig[idx] - } - +func getKMSPluginFromEnv(idx int, pluginConfig *plugin.Config) bool { isSet := false - pluginType, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__TYPE", idx)) + kmsScheme, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__SCHEME", idx)) if ok { - pluginConfig.Type = pluginType + pluginConfig.KMSOptions.Scheme = kmsScheme isSet = true } + kmsEncStatus, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__ENCRYPTED_STATUS", idx)) + if ok { + pluginConfig.KMSOptions.EncryptedStatus = kmsEncStatus + isSet = true + } + + return isSet +} + +func getNotifierPluginFromEnv(idx int, pluginConfig *plugin.Config) bool { + isSet := false + notifierFsEvents, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__FS_EVENTS", idx)) if ok { pluginConfig.NotifierOptions.FsEvents = notifierFsEvents isSet = true } - notifierUserEvents, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__USER_EVENTS", idx)) + notifierProviderEvents, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__PROVIDER_EVENTS", idx)) if ok { - pluginConfig.NotifierOptions.UserEvents = notifierUserEvents + pluginConfig.NotifierOptions.ProviderEvents = notifierProviderEvents + isSet = true + } + + notifierProviderObjects, ok := lookupStringListFromEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__NOTIFIER_OPTIONS__PROVIDER_OBJECTS", idx)) + if ok { + pluginConfig.NotifierOptions.ProviderObjects = notifierProviderObjects isSet = true } @@ -709,14 +723,29 @@ func getPluginsFromEnv(idx int) { isSet = true } - kmsScheme, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__SCHEME", idx)) - if ok { - pluginConfig.KMSOptions.Scheme = kmsScheme + return isSet +} + +func getPluginsFromEnv(idx int) { + pluginConfig := plugin.Config{} + if len(globalConf.PluginsConfig) > idx { + pluginConfig = globalConf.PluginsConfig[idx] } - kmsEncStatus, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__KMS_OPTIONS__ENCRYPTED_STATUS", idx)) + isSet := false + + pluginType, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__TYPE", idx)) if ok { - pluginConfig.KMSOptions.EncryptedStatus = kmsEncStatus + pluginConfig.Type = pluginType + isSet = true + } + + if getNotifierPluginFromEnv(idx, &pluginConfig) { + isSet = true + } + + if getKMSPluginFromEnv(idx, &pluginConfig) { + isSet = true } cmd, ok := os.LookupEnv(fmt.Sprintf("SFTPGO_PLUGINS__%v__CMD", idx)) @@ -1130,6 +1159,7 @@ func setViperDefaults() { viper.SetDefault("data_provider.pool_size", globalConf.ProviderConf.PoolSize) viper.SetDefault("data_provider.users_base_dir", globalConf.ProviderConf.UsersBaseDir) viper.SetDefault("data_provider.actions.execute_on", globalConf.ProviderConf.Actions.ExecuteOn) + viper.SetDefault("data_provider.actions.execute_for", globalConf.ProviderConf.Actions.ExecuteFor) viper.SetDefault("data_provider.actions.hook", globalConf.ProviderConf.Actions.Hook) viper.SetDefault("data_provider.external_auth_hook", globalConf.ProviderConf.ExternalAuthHook) viper.SetDefault("data_provider.external_auth_scope", globalConf.ProviderConf.ExternalAuthScope) diff --git a/config/config_test.go b/config/config_test.go index e9023832..0cc1df8f 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -420,7 +420,8 @@ func TestPluginsFromEnv(t *testing.T) { os.Setenv("SFTPGO_PLUGINS__0__TYPE", "notifier") os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__FS_EVENTS", "upload,download") - os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__USER_EVENTS", "add,update") + os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__PROVIDER_EVENTS", "add,update") + os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__PROVIDER_OBJECTS", "user,admin") os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__RETRY_MAX_TIME", "2") os.Setenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__RETRY_QUEUE_MAX_SIZE", "1000") os.Setenv("SFTPGO_PLUGINS__0__CMD", "plugin_start_cmd") @@ -432,7 +433,8 @@ func TestPluginsFromEnv(t *testing.T) { t.Cleanup(func() { os.Unsetenv("SFTPGO_PLUGINS__0__TYPE") os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__FS_EVENTS") - os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__USER_EVENTS") + os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__PROVIDER_EVENTS") + os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__PROVIDER_OBJECTS") os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__RETRY_MAX_TIME") os.Unsetenv("SFTPGO_PLUGINS__0__NOTIFIER_OPTIONS__RETRY_QUEUE_MAX_SIZE") os.Unsetenv("SFTPGO_PLUGINS__0__CMD") @@ -453,9 +455,12 @@ func TestPluginsFromEnv(t *testing.T) { require.Len(t, pluginConf.NotifierOptions.FsEvents, 2) require.True(t, util.IsStringInSlice("upload", pluginConf.NotifierOptions.FsEvents)) require.True(t, util.IsStringInSlice("download", pluginConf.NotifierOptions.FsEvents)) - require.Len(t, pluginConf.NotifierOptions.UserEvents, 2) - require.Equal(t, "add", pluginConf.NotifierOptions.UserEvents[0]) - require.Equal(t, "update", pluginConf.NotifierOptions.UserEvents[1]) + require.Len(t, pluginConf.NotifierOptions.ProviderEvents, 2) + require.Equal(t, "add", pluginConf.NotifierOptions.ProviderEvents[0]) + require.Equal(t, "update", pluginConf.NotifierOptions.ProviderEvents[1]) + require.Len(t, pluginConf.NotifierOptions.ProviderObjects, 2) + require.Equal(t, "user", pluginConf.NotifierOptions.ProviderObjects[0]) + require.Equal(t, "admin", pluginConf.NotifierOptions.ProviderObjects[1]) require.Equal(t, 2, pluginConf.NotifierOptions.RetryMaxTime) require.Equal(t, 1000, pluginConf.NotifierOptions.RetryQueueMaxSize) require.Equal(t, "plugin_start_cmd", pluginConf.Cmd) @@ -488,9 +493,12 @@ func TestPluginsFromEnv(t *testing.T) { require.Len(t, pluginConf.NotifierOptions.FsEvents, 2) require.True(t, util.IsStringInSlice("upload", pluginConf.NotifierOptions.FsEvents)) require.True(t, util.IsStringInSlice("download", pluginConf.NotifierOptions.FsEvents)) - require.Len(t, pluginConf.NotifierOptions.UserEvents, 2) - require.Equal(t, "add", pluginConf.NotifierOptions.UserEvents[0]) - require.Equal(t, "update", pluginConf.NotifierOptions.UserEvents[1]) + require.Len(t, pluginConf.NotifierOptions.ProviderEvents, 2) + require.Equal(t, "add", pluginConf.NotifierOptions.ProviderEvents[0]) + require.Equal(t, "update", pluginConf.NotifierOptions.ProviderEvents[1]) + require.Len(t, pluginConf.NotifierOptions.ProviderObjects, 2) + require.Equal(t, "user", pluginConf.NotifierOptions.ProviderObjects[0]) + require.Equal(t, "admin", pluginConf.NotifierOptions.ProviderObjects[1]) require.Equal(t, 2, pluginConf.NotifierOptions.RetryMaxTime) require.Equal(t, 1000, pluginConf.NotifierOptions.RetryQueueMaxSize) require.Equal(t, "plugin_start_cmd1", pluginConf.Cmd) diff --git a/dataprovider/actions.go b/dataprovider/actions.go new file mode 100644 index 00000000..2708b123 --- /dev/null +++ b/dataprovider/actions.go @@ -0,0 +1,105 @@ +package dataprovider + +import ( + "bytes" + "context" + "fmt" + "net/url" + "os" + "os/exec" + "path/filepath" + "strings" + "time" + + "github.com/drakkan/sftpgo/v2/httpclient" + "github.com/drakkan/sftpgo/v2/logger" + "github.com/drakkan/sftpgo/v2/sdk/plugin" + "github.com/drakkan/sftpgo/v2/util" +) + +const ( + // ActionExecutorSelf is used as username for self action, for example a user/admin that updates itself + ActionExecutorSelf = "__self__" + // ActionExecutorSystem is used as username for actions with no explicit executor associated, for example + // adding/updating a user/admin by loading initial data + ActionExecutorSystem = "__system__" +) + +const ( + actionObjectUser = "user" + actionObjectAdmin = "admin" + actionObjectAPIKey = "api_key" +) + +func executeAction(operation, executor, ip, objectType, objectName string, object plugin.Renderer) { + plugin.Handler.NotifyProviderEvent(time.Now(), operation, executor, objectType, objectName, ip, object) + if config.Actions.Hook == "" { + return + } + if !util.IsStringInSlice(operation, config.Actions.ExecuteOn) || + !util.IsStringInSlice(objectType, config.Actions.ExecuteFor) { + return + } + + go func() { + dataAsJSON, err := object.RenderAsJSON(operation != operationDelete) + if err != nil { + providerLog(logger.LevelWarn, "unable to serialize user as JSON for operation %#v: %v", operation, err) + return + } + if strings.HasPrefix(config.Actions.Hook, "http") { + var url *url.URL + url, err := url.Parse(config.Actions.Hook) + if err != nil { + providerLog(logger.LevelWarn, "Invalid http_notification_url %#v for operation %#v: %v", config.Actions.Hook, operation, err) + return + } + q := url.Query() + q.Add("action", operation) + q.Add("username", executor) + q.Add("ip", ip) + q.Add("object_type", objectType) + q.Add("object_name", objectName) + q.Add("timestamp", fmt.Sprintf("%v", util.GetTimeAsMsSinceEpoch(time.Now()))) + url.RawQuery = q.Encode() + startTime := time.Now() + resp, err := httpclient.RetryablePost(url.String(), "application/json", bytes.NewBuffer(dataAsJSON)) + respCode := 0 + if err == nil { + respCode = resp.StatusCode + resp.Body.Close() + } + providerLog(logger.LevelDebug, "notified operation %#v to URL: %v status code: %v, elapsed: %v err: %v", + operation, url.Redacted(), respCode, time.Since(startTime), err) + } else { + executeNotificationCommand(operation, executor, ip, objectType, objectName, dataAsJSON) //nolint:errcheck // the error is used in test cases only + } + }() +} + +func executeNotificationCommand(operation, executor, ip, objectType, objectName string, objectAsJSON []byte) error { + if !filepath.IsAbs(config.Actions.Hook) { + err := fmt.Errorf("invalid notification command %#v", config.Actions.Hook) + logger.Warn(logSender, "", "unable to execute notification command: %v", err) + return err + } + + ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second) + defer cancel() + + cmd := exec.CommandContext(ctx, config.Actions.Hook) + cmd.Env = append(os.Environ(), + fmt.Sprintf("SFTPGO_PROVIDER_ACTION=%v", operation), + fmt.Sprintf("SFTPGO_PROVIDER_OBJECT_TYPE=%v", objectType), + fmt.Sprintf("SFTPGO_PROVIDER_OBJECT_NAME=%v", objectName), + fmt.Sprintf("SFTPGO_PROVIDER_USERNAME=%v", executor), + fmt.Sprintf("SFTPGO_PROVIDER_IP=%v", ip), + fmt.Sprintf("SFTPGO_PROVIDER_TIMESTAMP=%v", util.GetTimeAsMsSinceEpoch(time.Now())), + fmt.Sprintf("SFTPGO_PROVIDER_OBJECT=%v", string(objectAsJSON))) + + startTime := time.Now() + err := cmd.Run() + providerLog(logger.LevelDebug, "executed command %#v, elapsed: %v, error: %v", config.Actions.Hook, + time.Since(startTime), err) + return err +} diff --git a/dataprovider/admin.go b/dataprovider/admin.go index 166643d4..372a2e01 100644 --- a/dataprovider/admin.go +++ b/dataprovider/admin.go @@ -3,6 +3,7 @@ package dataprovider import ( "crypto/sha256" "encoding/base64" + "encoding/json" "errors" "fmt" "net" @@ -15,6 +16,7 @@ import ( "golang.org/x/crypto/bcrypt" "github.com/drakkan/sftpgo/v2/kms" + "github.com/drakkan/sftpgo/v2/logger" "github.com/drakkan/sftpgo/v2/mfa" "github.com/drakkan/sftpgo/v2/sdk" "github.com/drakkan/sftpgo/v2/util" @@ -288,6 +290,21 @@ func (a *Admin) checkUserAndPass(password, ip string) error { return nil } +// RenderAsJSON implements the renderer interface used within plugins +func (a *Admin) RenderAsJSON(reload bool) ([]byte, error) { + if reload { + admin, err := provider.adminExists(a.Username) + if err != nil { + providerLog(logger.LevelWarn, "unable to reload admin before rendering as json: %v", err) + return nil, err + } + admin.HideConfidentialData() + return json.Marshal(admin) + } + a.HideConfidentialData() + return json.Marshal(a) +} + // HideConfidentialData hides admin confidential data func (a *Admin) HideConfidentialData() { a.Password = "" diff --git a/dataprovider/apikey.go b/dataprovider/apikey.go index e5ff1ecf..2b08049f 100644 --- a/dataprovider/apikey.go +++ b/dataprovider/apikey.go @@ -1,6 +1,7 @@ package dataprovider import ( + "encoding/json" "fmt" "strings" "time" @@ -9,6 +10,7 @@ import ( "github.com/lithammer/shortuuid/v3" "golang.org/x/crypto/bcrypt" + "github.com/drakkan/sftpgo/v2/logger" "github.com/drakkan/sftpgo/v2/util" ) @@ -76,6 +78,21 @@ func (k *APIKey) getACopy() APIKey { } } +// RenderAsJSON implements the renderer interface used within plugins +func (k *APIKey) RenderAsJSON(reload bool) ([]byte, error) { + if reload { + apiKey, err := provider.apiKeyExists(k.KeyID) + if err != nil { + providerLog(logger.LevelWarn, "unable to reload api key before rendering as json: %v", err) + return nil, err + } + apiKey.HideConfidentialData() + return json.Marshal(apiKey) + } + k.HideConfidentialData() + return json.Marshal(k) +} + // HideConfidentialData hides admin confidential data func (k *APIKey) HideConfidentialData() { k.Key = "" diff --git a/dataprovider/dataprovider.go b/dataprovider/dataprovider.go index bdf0d962..975c94af 100644 --- a/dataprovider/dataprovider.go +++ b/dataprovider/dataprovider.go @@ -204,10 +204,12 @@ type PasswordValidation struct { Users PasswordValidationRules `json:"users" mapstructure:"users"` } -// UserActions defines the action to execute on user create, update, delete. -type UserActions struct { +// ObjectsActions defines the action to execute on user create, update, delete for the specified objects +type ObjectsActions struct { // Valid values are add, update, delete. Empty slice to disable ExecuteOn []string `json:"execute_on" mapstructure:"execute_on"` + // Valid values are user, admin, api_key + ExecuteFor []string `json:"execute_for" mapstructure:"execute_for"` // Absolute path to an external program or an HTTP URL Hook string `json:"hook" mapstructure:"hook"` } @@ -261,9 +263,10 @@ type Config struct { // a valid absolute path, then the user home dir will be automatically // defined as the path obtained joining the base dir and the username UsersBaseDir string `json:"users_base_dir" mapstructure:"users_base_dir"` - // Actions to execute on user add, update, delete. + // Actions to execute on objects add, update, delete. + // The supported objects are user, admin, api_key. // Update action will not be fired for internal updates such as the last login or the user quota fields. - Actions UserActions `json:"actions" mapstructure:"actions"` + Actions ObjectsActions `json:"actions" mapstructure:"actions"` // Absolute path to an external program or an HTTP URL to invoke for users authentication. // Leave empty to use builtin authentication. // If the authentication succeed the user will be automatically added/updated inside the defined data provider. @@ -926,22 +929,34 @@ func GetUsedVirtualFolderQuota(name string) (int, int64, error) { } // AddAPIKey adds a new API key -func AddAPIKey(apiKey *APIKey) error { - return provider.addAPIKey(apiKey) +func AddAPIKey(apiKey *APIKey, executor, ipAddress string) error { + err := provider.addAPIKey(apiKey) + if err == nil { + executeAction(operationAdd, executor, ipAddress, actionObjectAPIKey, apiKey.KeyID, apiKey) + } + return err } // UpdateAPIKey updates an existing API key -func UpdateAPIKey(apiKey *APIKey) error { - return provider.updateAPIKey(apiKey) +func UpdateAPIKey(apiKey *APIKey, executor, ipAddress string) error { + err := provider.updateAPIKey(apiKey) + if err == nil { + executeAction(operationUpdate, executor, ipAddress, actionObjectAPIKey, apiKey.KeyID, apiKey) + } + return err } // DeleteAPIKey deletes an existing API key -func DeleteAPIKey(keyID string) error { +func DeleteAPIKey(keyID string, executor, ipAddress string) error { apiKey, err := provider.apiKeyExists(keyID) if err != nil { return err } - return provider.deleteAPIKeys(&apiKey) + err = provider.deleteAPIKeys(&apiKey) + if err == nil { + executeAction(operationDelete, executor, ipAddress, actionObjectAPIKey, apiKey.KeyID, &apiKey) + } + return err } // APIKeyExists returns the API key with the given ID if it exists @@ -959,7 +974,7 @@ func HasAdmin() bool { } // AddAdmin adds a new SFTPGo admin -func AddAdmin(admin *Admin) error { +func AddAdmin(admin *Admin, executor, ipAddress string) error { admin.Filters.RecoveryCodes = nil admin.Filters.TOTPConfig = TOTPConfig{ Enabled: false, @@ -967,22 +982,31 @@ func AddAdmin(admin *Admin) error { err := provider.addAdmin(admin) if err == nil { atomic.StoreInt32(&isAdminCreated, 1) + executeAction(operationAdd, executor, ipAddress, actionObjectAdmin, admin.Username, admin) } return err } // UpdateAdmin updates an existing SFTPGo admin -func UpdateAdmin(admin *Admin) error { - return provider.updateAdmin(admin) +func UpdateAdmin(admin *Admin, executor, ipAddress string) error { + err := provider.updateAdmin(admin) + if err == nil { + executeAction(operationUpdate, executor, ipAddress, actionObjectAdmin, admin.Username, admin) + } + return err } // DeleteAdmin deletes an existing SFTPGo admin -func DeleteAdmin(username string) error { +func DeleteAdmin(username, executor, ipAddress string) error { admin, err := provider.adminExists(username) if err != nil { return err } - return provider.deleteAdmin(&admin) + err = provider.deleteAdmin(&admin) + if err == nil { + executeAction(operationDelete, executor, ipAddress, actionObjectAdmin, admin.Username, &admin) + } + return err } // AdminExists returns the admin with the given username if it exists @@ -996,31 +1020,31 @@ func UserExists(username string) (User, error) { } // AddUser adds a new SFTPGo user. -func AddUser(user *User) error { +func AddUser(user *User, executor, ipAddress string) error { user.Filters.RecoveryCodes = nil user.Filters.TOTPConfig = sdk.TOTPConfig{ Enabled: false, } err := provider.addUser(user) if err == nil { - executeAction(operationAdd, user) + executeAction(operationAdd, executor, ipAddress, actionObjectUser, user.Username, user) } return err } // UpdateUser updates an existing SFTPGo user. -func UpdateUser(user *User) error { +func UpdateUser(user *User, executor, ipAddress string) error { err := provider.updateUser(user) if err == nil { webDAVUsersCache.swap(user) cachedPasswords.Remove(user.Username) - executeAction(operationUpdate, user) + executeAction(operationUpdate, executor, ipAddress, actionObjectUser, user.Username, user) } return err } // DeleteUser deletes an existing SFTPGo user. -func DeleteUser(username string) error { +func DeleteUser(username, executor, ipAddress string) error { user, err := provider.userExists(username) if err != nil { return err @@ -1030,7 +1054,7 @@ func DeleteUser(username string) error { RemoveCachedWebDAVUser(user.Username) delayedQuotaUpdater.resetUserQuota(username) cachedPasswords.Remove(username) - executeAction(operationDelete, &user) + executeAction(operationDelete, executor, ipAddress, actionObjectUser, user.Username, &user) } return err } @@ -1063,7 +1087,7 @@ func AddFolder(folder *vfs.BaseVirtualFolder) error { } // UpdateFolder updates the specified virtual folder -func UpdateFolder(folder *vfs.BaseVirtualFolder, users []string) error { +func UpdateFolder(folder *vfs.BaseVirtualFolder, users []string, executor, ipAddress string) error { err := provider.updateFolder(folder) if err == nil { for _, user := range users { @@ -1071,7 +1095,7 @@ func UpdateFolder(folder *vfs.BaseVirtualFolder, users []string) error { u, err := provider.userExists(user) if err == nil { webDAVUsersCache.swap(&u) - executeAction(operationUpdate, &u) + executeAction(operationUpdate, executor, ipAddress, actionObjectUser, u.Username, &u) } else { RemoveCachedWebDAVUser(user) } @@ -1081,7 +1105,7 @@ func UpdateFolder(folder *vfs.BaseVirtualFolder, users []string) error { } // DeleteFolder deletes an existing folder. -func DeleteFolder(folderName string) error { +func DeleteFolder(folderName, executor, ipAddress string) error { folder, err := provider.getFolderByName(folderName) if err != nil { return err @@ -1090,6 +1114,10 @@ func DeleteFolder(folderName string) error { if err == nil { for _, user := range folder.Users { provider.setUpdatedAt(user) + u, err := provider.userExists(user) + if err == nil { + executeAction(operationUpdate, executor, ipAddress, actionObjectUser, u.Username, &u) + } RemoveCachedWebDAVUser(user) } delayedQuotaUpdater.resetFolderQuota(folderName) @@ -2809,66 +2837,3 @@ func getUserAndJSONForHook(username string) (User, []byte, error) { func providerLog(level logger.LogLevel, format string, v ...interface{}) { logger.Log(level, logSender, "", format, v...) } - -func executeNotificationCommand(operation string, commandArgs []string, userAsJSON []byte) error { - if !filepath.IsAbs(config.Actions.Hook) { - err := fmt.Errorf("invalid notification command %#v", config.Actions.Hook) - logger.Warn(logSender, "", "unable to execute notification command: %v", err) - return err - } - - ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second) - defer cancel() - - cmd := exec.CommandContext(ctx, config.Actions.Hook, commandArgs...) - cmd.Env = append(os.Environ(), - fmt.Sprintf("SFTPGO_USER_ACTION=%v", operation), - fmt.Sprintf("SFTPGO_USER=%v", string(userAsJSON))) - - startTime := time.Now() - err := cmd.Run() - providerLog(logger.LevelDebug, "executed command %#v with arguments: %+v, elapsed: %v, error: %v", - config.Actions.Hook, commandArgs, time.Since(startTime), err) - return err -} - -func executeAction(operation string, user *User) { - plugin.Handler.NotifyUserEvent(time.Now(), operation, user) - if !util.IsStringInSlice(operation, config.Actions.ExecuteOn) { - return - } - if config.Actions.Hook == "" { - return - } - - go func() { - user.PrepareForRendering() - userAsJSON, err := user.RenderAsJSON(operation != operationDelete) - if err != nil { - providerLog(logger.LevelWarn, "unable to serialize user as JSON for operation %#v: %v", operation, err) - return - } - if strings.HasPrefix(config.Actions.Hook, "http") { - var url *url.URL - url, err := url.Parse(config.Actions.Hook) - if err != nil { - providerLog(logger.LevelWarn, "Invalid http_notification_url %#v for operation %#v: %v", config.Actions.Hook, operation, err) - return - } - q := url.Query() - q.Add("action", operation) - url.RawQuery = q.Encode() - startTime := time.Now() - resp, err := httpclient.RetryablePost(url.String(), "application/json", bytes.NewBuffer(userAsJSON)) - respCode := 0 - if err == nil { - respCode = resp.StatusCode - resp.Body.Close() - } - providerLog(logger.LevelDebug, "notified operation %#v to URL: %v status code: %v, elapsed: %v err: %v", - operation, url.Redacted(), respCode, time.Since(startTime), err) - } else { - executeNotificationCommand(operation, user.getNotificationFieldsAsSlice(operation), userAsJSON) //nolint:errcheck // the error is used in test cases only - } - }() -} diff --git a/dataprovider/memory.go b/dataprovider/memory.go index 6dee59cf..6e50c95e 100644 --- a/dataprovider/memory.go +++ b/dataprovider/memory.go @@ -1104,13 +1104,13 @@ func (p *MemoryProvider) restoreAPIKeys(dump *BackupData) error { apiKey := apiKey // pin if err == nil { apiKey.ID = k.ID - err = UpdateAPIKey(&apiKey) + err = UpdateAPIKey(&apiKey, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error updating API key %#v: %v", apiKey.KeyID, err) return err } } else { - err = AddAPIKey(&apiKey) + err = AddAPIKey(&apiKey, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error adding API key %#v: %v", apiKey.KeyID, err) return err @@ -1126,13 +1126,13 @@ func (p *MemoryProvider) restoreAdmins(dump *BackupData) error { admin := admin // pin if err == nil { admin.ID = a.ID - err = UpdateAdmin(&admin) + err = UpdateAdmin(&admin, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error updating admin %#v: %v", admin.Username, err) return err } } else { - err = AddAdmin(&admin) + err = AddAdmin(&admin, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error adding admin %#v: %v", admin.Username, err) return err @@ -1148,7 +1148,7 @@ func (p *MemoryProvider) restoreFolders(dump *BackupData) error { f, err := p.getFolderByName(folder.Name) if err == nil { folder.ID = f.ID - err = UpdateFolder(&folder, f.Users) + err = UpdateFolder(&folder, f.Users, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error updating folder %#v: %v", folder.Name, err) return err @@ -1171,13 +1171,13 @@ func (p *MemoryProvider) restoreUsers(dump *BackupData) error { u, err := p.userExists(user.Username) if err == nil { user.ID = u.ID - err = UpdateUser(&user) + err = UpdateUser(&user, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error updating user %#v: %v", user.Username, err) return err } } else { - err = AddUser(&user) + err = AddUser(&user, ActionExecutorSystem, "") if err != nil { providerLog(logger.LevelWarn, "error adding user %#v: %v", user.Username, err) return err diff --git a/dataprovider/user.go b/dataprovider/user.go index 4d48663e..b5fb9855 100644 --- a/dataprovider/user.go +++ b/dataprovider/user.go @@ -249,6 +249,7 @@ func (u *User) PrepareForRendering() { } } +// HasRedactedSecret returns true if the user has a redacted secret func (u *User) hasRedactedSecret() bool { if u.FsConfig.HasRedactedSecret() { return true @@ -1109,17 +1110,6 @@ func (u *User) getACopy() User { } } -func (u *User) getNotificationFieldsAsSlice(action string) []string { - return []string{action, u.Username, - strconv.FormatInt(u.ID, 10), - strconv.FormatInt(int64(u.Status), 10), - strconv.FormatInt(u.ExpirationDate, 10), - u.HomeDir, - strconv.FormatInt(int64(u.UID), 10), - strconv.FormatInt(int64(u.GID), 10), - } -} - // GetEncryptionAdditionalData returns the additional data to use for AEAD func (u *User) GetEncryptionAdditionalData() string { return u.Username diff --git a/docs/custom-actions.md b/docs/custom-actions.md index 34c6fe0f..327ca7e3 100644 --- a/docs/custom-actions.md +++ b/docs/custom-actions.md @@ -1,5 +1,9 @@ # Custom Actions +SFTPGo can notify filesystem and provider events using custom actions. A custom action can be an external program or an HTTP URL. + +## Filesystem events + The `actions` struct inside the `common` configuration section allows to configure the actions for file operations and SSH commands. The `hook` can be defined as the absolute path of your program or an HTTP URL. @@ -16,7 +20,7 @@ The following `actions` are supported: - `rmdir` - `ssh_cmd` -The `upload` condition includes both uploads to new files and overwrite of existing files. If an upload is aborted for quota limits SFTPGo tries to remove the partial file, so if the notification reports a zero size file and a quota exceeded error the file has been deleted. The `ssh_cmd` condition will be triggered after a command is successfully executed via SSH. `scp` will trigger the `download` and `upload` conditions and not `ssh_cmd`. +The `upload` condition includes both uploads to new files and overwrite of existing ones. If an upload is aborted for quota limits SFTPGo tries to remove the partial file, so if the notification reports a zero size file and a quota exceeded error the file has been deleted. The `ssh_cmd` condition will be triggered after a command is successfully executed via SSH. `scp` will trigger the `download` and `upload` conditions and not `ssh_cmd`. For cloud backends directories are virtual, they are created implicitly when you upload a file and are implicitly removed when the last file within a directory is removed. The `mkdir` and `rmdir` notifications are sent only when a directory is explicitly created or removed. The notification will indicate if an error is detected and so, for example, a partial file is uploaded. @@ -25,20 +29,14 @@ The `pre-delete` action, if defined, will be called just before files deletion. The `pre-download` and `pre-upload` actions, will be called before downloads and uploads. If the external command completes with a zero exit status or the HTTP notification response code is `200` then SFTPGo allows the operation, otherwise the client will get a permission denied error. -If the `hook` defines a path to an external program, then this program is invoked with the following arguments: +If the `hook` defines a path to an external program, then this program can read the following environment variables: -- `action`, string, supported action -- `username` -- `path` is the full filesystem path, can be empty for some ssh commands -- `target_path`, non-empty for `rename` action and for `sftpgo-copy` SSH command -- `ssh_cmd`, non-empty for `ssh_cmd` action - -The external program can also read the following environment variables: - -- `SFTPGO_ACTION` +- `SFTPGO_ACTION`, supported action - `SFTPGO_ACTION_USERNAME` -- `SFTPGO_ACTION_PATH` -- `SFTPGO_ACTION_TARGET`, non-empty for `rename` `SFTPGO_ACTION` +- `SFTPGO_ACTION_PATH`, is the full filesystem path, can be empty for some ssh commands +- `SFTPGO_ACTION_TARGET`, full filesystem path, non-empty for `rename` `SFTPGO_ACTION` and for some SSH commands +- `SFTPGO_ACTION_VIRTUAL_PATH`, virtual path, seen by SFTPGo users +- `SFTPGO_ACTION_VIRTUAL_TARGET`, virtual target path, seen by SFTPGo users - `SFTPGO_ACTION_SSH_CMD`, non-empty for `ssh_cmd` `SFTPGO_ACTION` - `SFTPGO_ACTION_FILE_SIZE`, non-zero for `pre-upload`,`upload`, `download` and `delete` actions if the file size is greater than `0` - `SFTPGO_ACTION_FS_PROVIDER`, `0` for local filesystem, `1` for S3 backend, `2` for Google Cloud Storage (GCS) backend, `3` for Azure Blob Storage backend, `4` for local encrypted backend, `5` for SFTP backend @@ -46,58 +44,66 @@ The external program can also read the following environment variables: - `SFTPGO_ACTION_ENDPOINT`, non-empty for S3, SFTP and Azure backend if configured. For Azure this is the endpoint, if configured - `SFTPGO_ACTION_STATUS`, integer. Status for `upload`, `download` and `ssh_cmd` actions. 0 means a generic error occurred. 1 means no error, 2 means quota exceeded error - `SFTPGO_ACTION_PROTOCOL`, string. Possible values are `SSH`, `SFTP`, `SCP`, `FTP`, `DAV`, `HTTP`, `DataRetention` +- `SFTPGO_ACTION_IP`, the action was executed from this IP address - `SFTPGO_ACTION_OPEN_FLAGS`, integer. File open flags, can be non-zero for `pre-upload` action. If `SFTPGO_ACTION_FILE_SIZE` is greater than zero and `SFTPGO_ACTION_OPEN_FLAGS&512 == 0` the target file will not be truncated +- `SFTPGO_ACTION_TIMESTAMP`, int64. Event timestamp as milliseconds since epoch Previous global environment variables aren't cleared when the script is called. The program must finish within 30 seconds. If the `hook` defines an HTTP URL then this URL will be invoked as HTTP POST. The request body will contain a JSON serialized struct with the following fields: -- `action` -- `username` -- `path` -- `target_path`, included for `rename` action and `sftpgo-copy` SSH command -- `ssh_cmd`, included for `ssh_cmd` action -- `file_size`, included for `pre-upload`, `upload`, `download`, `delete` actions if the file size is greater than `0` -- `fs_provider`, `0` for local filesystem, `1` for S3 backend, `2` for Google Cloud Storage (GCS) backend, `3` for Azure Blob Storage backend, `4` for local encrypted backend, `5` for SFTP backend -- `bucket`, inlcuded for S3, GCS and Azure backends -- `endpoint`, included for S3, SFTP and Azure backend if configured. For Azure this is the endpoint, if configured +- `action`, string +- `username`, string +- `path`, string +- `target_path`, string, included for `rename` action and `sftpgo-copy` SSH command +- `virtual_path`, string, virtual path, seen by SFTPGo users +- `virtual_target_path`, string, virtual target path, seen by SFTPGo users +- `ssh_cmd`, string, included for `ssh_cmd` action +- `file_size`, int64, included for `pre-upload`, `upload`, `download`, `delete` actions if the file size is greater than `0` +- `fs_provider`, integer, `0` for local filesystem, `1` for S3 backend, `2` for Google Cloud Storage (GCS) backend, `3` for Azure Blob Storage backend, `4` for local encrypted backend, `5` for SFTP backend +- `bucket`, string, inlcuded for S3, GCS and Azure backends +- `endpoint`, string, included for S3, SFTP and Azure backend if configured - `status`, integer. Status for `upload`, `download` and `ssh_cmd` actions. 0 means a generic error occurred. 1 means no error, 2 means quota exceeded error - `protocol`, string. Possible values are `SSH`, `SFTP`, `SCP`, `FTP`, `DAV`, `HTTP`, `DataRetention` +- `ip`, string. The action was executed from this IP address - `open_flags`, integer. File open flags, can be non-zero for `pre-upload` action. If `file_size` is greater than zero and `file_size&512 == 0` the target file will not be truncated +- `timestamp`, int64. Event timestamp as milliseconds since epoch The HTTP hook will use the global configuration for HTTP clients and will respect the retry configurations. The `pre-*` actions are always executed synchronously while the other ones are asynchronous. You can specify the actions to run synchronously via the `execute_sync` configuration key. Executing an action synchronously means that SFTPGo will not return a result code to the client (which is waiting for it) until your hook have completed its execution. If your hook takes a long time to complete this could cause a timeout on the client side, which wouldn't receive the server response in a timely manner and eventually drop the connection. -The `actions` struct inside the `data_provider` configuration section allows you to configure actions on user add, update, delete. +## Provider events + +The `actions` struct inside the `data_provider` configuration section allows you to configure actions on data provider objects add, update, delete. + +The supported object types are: + +- `user` +- `admin` +- `api_key` Actions will not be fired for internal updates, such as the last login or the user quota fields, or after external authentication. -If the `hook` defines a path to an external program, then this program is invoked with the following arguments: +If the `hook` defines a path to an external program, then this program can read the following environment variables: -- `action`, string, possible values are: `add`, `update`, `delete` -- `username` -- `ID` -- `status` -- `expiration_date` -- `home_dir` -- `uid` -- `gid` - -The external program can also read the following environment variables: - -- `SFTPGO_USER_ACTION` -- `SFTPGO_USER`, user serialized as JSON with sensitive fields removed +- `SFTPGO_PROVIDER_ACTION`, supported values are `add`, `update`, `delete` +- `SFTPGO_PROVIDER_OBJECT_TYPE`, affetected object type +- `SFTPGO_PROVIDER_OBJECT_NAME`, unique identifier for the affected object, for example username or key id +- `SFTPGO_PROVIDER_USERNAME`, the username that executed the action. There are two special usernames: `__self__` identifies a user/admin that updates itself and `__system__` identifies an action that does not have an explicit executor associated with it, for example users/admins can be added/updated by loading them from initial data +- `SFTPGO_PROVIDER_IP`, the action was executed from this IP address +- `SFTPGO_PROVIDER_TIMESTAMP`, event timestamp as milliseconds since epoch +- `SFTPGO_PROVIDER_OBJECT`, object serialized as JSON with sensitive fields removed Previous global environment variables aren't cleared when the script is called. The program must finish within 15 seconds. -If the `hook` defines an HTTP URL then this URL will be invoked as HTTP POST. The action is added to the query string, for example `?action=update`, and the user is sent serialized as JSON inside the POST body with sensitive fields removed. +If the `hook` defines an HTTP URL then this URL will be invoked as HTTP POST. The action, username, ip, object_type and object_name and timestamp are added to the query string, for example `?action=update&username=admin&ip=127.0.0.1&object_type=user&object_name=user1×tamp=1633860803249`, and the full object is sent serialized as JSON inside the POST body with sensitive fields removed. The HTTP hook will use the global configuration for HTTP clients and will respect the retry configurations. -The structure for SFTPGo users can be found within the [OpenAPI schema](../httpd/schema/openapi.yaml). +The structure for SFTPGo objects can be found within the [OpenAPI schema](../httpd/schema/openapi.yaml). ## Pub/Sub services diff --git a/docs/full-configuration.md b/docs/full-configuration.md index fde2fef6..9c106151 100644 --- a/docs/full-configuration.md +++ b/docs/full-configuration.md @@ -181,6 +181,7 @@ The configuration file contains the following sections: - `users_base_dir`, string. Users default base directory. If no home dir is defined while adding a new user, and this value is a valid absolute path, then the user home dir will be automatically defined as the path obtained joining the base dir and the username - `actions`, struct. It contains the command to execute and/or the HTTP URL to notify and the trigger conditions. See [Custom Actions](./custom-actions.md) for more details - `execute_on`, list of strings. Valid values are `add`, `update`, `delete`. `update` action will not be fired for internal updates such as the last login or the user quota fields. + - `execute_for`, list of strings. Defines the provider objects that trigger the action. Valid values are `user`, `admin`, `api_key`. - `hook`, string. Absolute path to the command to execute or HTTP URL to notify. - `external_auth_hook`, string. Absolute path to an external program or an HTTP URL to invoke for users authentication. See [External Authentication](./external-auth.md) for more details. Leave empty to disable. - `external_auth_scope`, integer. 0 means all supported authentication scopes (passwords, public keys and keyboard interactive). 1 means passwords only. 2 means public keys only. 4 means key keyboard interactive only. 8 means TLS certificate. The flags can be combined, for example 6 means public keys and keyboard interactive @@ -276,7 +277,8 @@ The configuration file contains the following sections: - `type`, string. Defines the plugin type. Supported types: `notifier`, `kms`, `auth`. - `notifier_options`, struct. Defines the options for notifier plugins. - `fs_events`, list of strings. Defines the filesystem events that will be notified to this plugin. - - `user_events`, list of strings. Defines the user events that will be notified to this plugin. + - `provider_events`, list of strings. Defines the provider events that will be notified to this plugin. + - `provider_objects`, list if strings. Defines the provider objects that will be notified to this plugin. - `retry_max_time`, integer. Defines the maximum number of seconds an event can be late. SFTPGo adds a timestamp to each event and add to an internal queue any events that a the plugin fails to handle (the plugin returns an error or it is not running). If a plugin fails to handle an event that is too late, based on this configuration, it will be discarded. SFTPGo will try to resend queued events every 30 seconds. 0 means no retry. - `retry_queue_max_size`, integer. Defines the maximum number of events that the internal queue can hold. Once the queue is full, the events that cannot be sent to the plugin will be discarded. 0 means no limit. - `kms_options`, struct. Defines the options for kms plugins. @@ -287,7 +289,7 @@ The configuration file contains the following sections: - `cmd`, string. Path to the plugin executable. - `args`, list of strings. Optional arguments to pass to the plugin executable. - `sha256sum`, string. SHA256 checksum for the plugin executable. If not empty it will be used to verify the integrity of the executable. - - `auto_mtls`, boolean. If enabled the client and the server automatically negotiate mTLS for transport authentication. This ensures that only the original client will be allowed to connect to the server, and all other connections will be rejected. The client will also refuse to connect to any server that isn't the original instance started by the client. + - `auto_mtls`, boolean. If enabled the client and the server automatically negotiate mutual TLS for transport authentication. This ensures that only the original client will be allowed to connect to the server, and all other connections will be rejected. The client will also refuse to connect to any server that isn't the original instance started by the client. Please note that the plugin system is experimental, the exposed configuration parameters and interfaces may change in a backward incompatible way in future. diff --git a/ftpd/ftpd_test.go b/ftpd/ftpd_test.go index 50cebee3..6bf1614b 100644 --- a/ftpd/ftpd_test.go +++ b/ftpd/ftpd_test.go @@ -610,7 +610,7 @@ func TestMultiFactorAuth(t *testing.T) { Secret: kms.NewPlainSecret(secret), Protocols: []string{common.ProtocolFTP}, } - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) user.Password = defaultPassword @@ -971,7 +971,7 @@ func TestMaxConnections(t *testing.T) { }, 1000*time.Millisecond, 50*time.Millisecond) user := getTestUser() - err := dataprovider.AddUser(&user) + err := dataprovider.AddUser(&user, "", "") assert.NoError(t, err) user.Password = "" client, err := getFTPClient(user, true, nil) @@ -983,7 +983,7 @@ func TestMaxConnections(t *testing.T) { err = client.Quit() assert.NoError(t, err) } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) @@ -1001,7 +1001,7 @@ func TestMaxPerHostConnections(t *testing.T) { }, 1000*time.Millisecond, 50*time.Millisecond) user := getTestUser() - err := dataprovider.AddUser(&user) + err := dataprovider.AddUser(&user, "", "") assert.NoError(t, err) user.Password = "" client, err := getFTPClient(user, true, nil) @@ -1013,7 +1013,7 @@ func TestMaxPerHostConnections(t *testing.T) { err = client.Quit() assert.NoError(t, err) } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) @@ -1070,7 +1070,7 @@ func TestRateLimiter(t *testing.T) { assert.Contains(t, err.Error(), "banned client IP") } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) @@ -1112,7 +1112,7 @@ func TestDefender(t *testing.T) { assert.Contains(t, err.Error(), "banned client IP") } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) diff --git a/ftpd/handler.go b/ftpd/handler.go index ba663497..777cfc64 100644 --- a/ftpd/handler.go +++ b/ftpd/handler.go @@ -325,7 +325,8 @@ func (c *Connection) downloadFile(fs vfs.Fs, fsPath, ftpPath string, offset int6 return nil, c.GetPermissionDeniedError() } - if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, fsPath, ftpPath, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, fsPath, ftpPath, c.GetProtocol(), c.GetRemoteIP(), + 0, 0); err != nil { c.Log(logger.LevelDebug, "download for file %#v denied by pre action: %v", ftpPath, err) return nil, c.GetPermissionDeniedError() } @@ -387,7 +388,8 @@ func (c *Connection) handleFTPUploadToNewFile(fs vfs.Fs, resolvedPath, filePath, c.Log(logger.LevelInfo, "denying file write due to quota limits") return nil, ftpserver.ErrStorageExceeded } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), + c.GetRemoteIP(), 0, 0); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, fmt.Errorf("%w, denied by pre-upload action", ftpserver.ErrFileNameNotAllowed) } @@ -432,7 +434,7 @@ func (c *Connection) handleFTPUploadToExistingFile(fs vfs.Fs, flags int, resolve c.Log(logger.LevelDebug, "unable to get max write size: %v", err) return nil, err } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), fileSize, flags); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), fileSize, flags); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, fmt.Errorf("%w, denied by pre-upload action", ftpserver.ErrFileNameNotAllowed) } diff --git a/httpd/api_admin.go b/httpd/api_admin.go index c0450529..d5b59f85 100644 --- a/httpd/api_admin.go +++ b/httpd/api_admin.go @@ -50,13 +50,18 @@ func renderAdmin(w http.ResponseWriter, r *http.Request, username string, status func addAdmin(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } var admin dataprovider.Admin - err := render.DecodeJSON(r.Body, &admin) + err = render.DecodeJSON(r.Body, &admin) if err != nil { sendAPIResponse(w, r, err, "", http.StatusBadRequest) return } - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -66,8 +71,12 @@ func addAdmin(w http.ResponseWriter, r *http.Request) { func disableAdmin2FA(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) - username := getURLParam(r, "username") - admin, err := dataprovider.AdminExists(username) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } + admin, err := dataprovider.AdminExists(getURLParam(r, "username")) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -76,7 +85,7 @@ func disableAdmin2FA(w http.ResponseWriter, r *http.Request) { admin.Filters.TOTPConfig = dataprovider.TOTPConfig{ Enabled: false, } - if err := dataprovider.UpdateAdmin(&admin); err != nil { + if err := dataprovider.UpdateAdmin(&admin, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -127,7 +136,7 @@ func updateAdmin(w http.ResponseWriter, r *http.Request) { admin.Username = username admin.Filters.TOTPConfig = totpConfig admin.Filters.RecoveryCodes = recoveryCodes - if err := dataprovider.UpdateAdmin(&admin); err != nil { + if err := dataprovider.UpdateAdmin(&admin, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -147,7 +156,7 @@ func deleteAdmin(w http.ResponseWriter, r *http.Request) { return } - err = dataprovider.DeleteAdmin(username) + err = dataprovider.DeleteAdmin(username, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -198,7 +207,7 @@ func updateAdminProfile(w http.ResponseWriter, r *http.Request) { admin.Email = req.Email admin.Description = req.Description admin.Filters.AllowAPIKeyAuth = req.AllowAPIKeyAuth - if err := dataprovider.UpdateAdmin(&admin); err != nil { + if err := dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -247,7 +256,7 @@ func doChangeAdminPassword(r *http.Request, currentPassword, newPassword, confir admin.Password = newPassword - return dataprovider.UpdateAdmin(&admin) + return dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) } func getTokenClaims(r *http.Request) (jwtTokenClaims, error) { diff --git a/httpd/api_folder.go b/httpd/api_folder.go index 0ecd82d7..e7270fdd 100644 --- a/httpd/api_folder.go +++ b/httpd/api_folder.go @@ -7,6 +7,7 @@ import ( "github.com/go-chi/render" "github.com/drakkan/sftpgo/v2/dataprovider" + "github.com/drakkan/sftpgo/v2/util" "github.com/drakkan/sftpgo/v2/vfs" ) @@ -43,7 +44,11 @@ func addFolder(w http.ResponseWriter, r *http.Request) { func updateFolder(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) - var err error + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } name := getURLParam(r, "name") folder, err := dataprovider.GetFolderByName(name) @@ -76,7 +81,7 @@ func updateFolder(w http.ResponseWriter, r *http.Request) { folder.FsConfig.SetEmptySecretsIfNil() updateEncryptedSecrets(&folder.FsConfig, currentS3AccessSecret, currentAzAccountKey, currentAzSASUrl, currentGCSCredentials, currentCryptoPassphrase, currentSFTPPassword, currentSFTPKey) - err = dataprovider.UpdateFolder(&folder, users) + err = dataprovider.UpdateFolder(&folder, users, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -107,8 +112,13 @@ func getFolderByName(w http.ResponseWriter, r *http.Request) { func deleteFolder(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } name := getURLParam(r, "name") - err := dataprovider.DeleteFolder(name) + err = dataprovider.DeleteFolder(name, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return diff --git a/httpd/api_http_user.go b/httpd/api_http_user.go index c752a59f..3c0cb912 100644 --- a/httpd/api_http_user.go +++ b/httpd/api_http_user.go @@ -341,7 +341,7 @@ func setUserPublicKeys(w http.ResponseWriter, r *http.Request) { } user.PublicKeys = publicKeys - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -404,7 +404,7 @@ func updateUserProfile(w http.ResponseWriter, r *http.Request) { user.Email = req.Email user.Description = req.Description } - if err := dataprovider.UpdateUser(&user); err != nil { + if err := dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -449,5 +449,5 @@ func doChangeUserPassword(r *http.Request, currentPassword, newPassword, confirm } user.Password = newPassword - return dataprovider.UpdateUser(&user) + return dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) } diff --git a/httpd/api_keys.go b/httpd/api_keys.go index 0aa6c2f5..3e5dc0f5 100644 --- a/httpd/api_keys.go +++ b/httpd/api_keys.go @@ -8,6 +8,7 @@ import ( "github.com/go-chi/render" "github.com/drakkan/sftpgo/v2/dataprovider" + "github.com/drakkan/sftpgo/v2/util" ) func getAPIKeys(w http.ResponseWriter, r *http.Request) { @@ -40,8 +41,13 @@ func getAPIKeyByID(w http.ResponseWriter, r *http.Request) { func addAPIKey(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } var apiKey dataprovider.APIKey - err := render.DecodeJSON(r.Body, &apiKey) + err = render.DecodeJSON(r.Body, &apiKey) if err != nil { sendAPIResponse(w, r, err, "", http.StatusBadRequest) return @@ -49,7 +55,7 @@ func addAPIKey(w http.ResponseWriter, r *http.Request) { apiKey.ID = 0 apiKey.KeyID = "" apiKey.Key = "" - err = dataprovider.AddAPIKey(&apiKey) + err = dataprovider.AddAPIKey(&apiKey, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -65,6 +71,11 @@ func addAPIKey(w http.ResponseWriter, r *http.Request) { func updateAPIKey(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } keyID := getURLParam(r, "id") apiKey, err := dataprovider.APIKeyExists(keyID) if err != nil { @@ -79,7 +90,7 @@ func updateAPIKey(w http.ResponseWriter, r *http.Request) { } apiKey.KeyID = keyID - if err := dataprovider.UpdateAPIKey(&apiKey); err != nil { + if err := dataprovider.UpdateAPIKey(&apiKey, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -89,8 +100,13 @@ func updateAPIKey(w http.ResponseWriter, r *http.Request) { func deleteAPIKey(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) keyID := getURLParam(r, "id") + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } - err := dataprovider.DeleteAPIKey(keyID) + err = dataprovider.DeleteAPIKey(keyID, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return diff --git a/httpd/api_maintenance.go b/httpd/api_maintenance.go index 0a8412a1..e9188ce9 100644 --- a/httpd/api_maintenance.go +++ b/httpd/api_maintenance.go @@ -97,6 +97,11 @@ func dumpData(w http.ResponseWriter, r *http.Request) { func loadDataFromRequest(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, MaxRestoreSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } _, scanQuota, mode, err := getLoaddataOptions(r) if err != nil { sendAPIResponse(w, r, err, "", http.StatusBadRequest) @@ -111,7 +116,7 @@ func loadDataFromRequest(w http.ResponseWriter, r *http.Request) { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } - if err := restoreBackup(content, "", scanQuota, mode); err != nil { + if err := restoreBackup(content, "", scanQuota, mode, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) } sendAPIResponse(w, r, err, "Data restored", http.StatusOK) @@ -119,6 +124,11 @@ func loadDataFromRequest(w http.ResponseWriter, r *http.Request) { func loadData(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } inputFile, scanQuota, mode, err := getLoaddataOptions(r) if err != nil { sendAPIResponse(w, r, err, "", http.StatusBadRequest) @@ -144,31 +154,31 @@ func loadData(w http.ResponseWriter, r *http.Request) { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } - if err := restoreBackup(content, inputFile, scanQuota, mode); err != nil { + if err := restoreBackup(content, inputFile, scanQuota, mode, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) } sendAPIResponse(w, r, err, "Data restored", http.StatusOK) } -func restoreBackup(content []byte, inputFile string, scanQuota, mode int) error { +func restoreBackup(content []byte, inputFile string, scanQuota, mode int, executor, ipAddress string) error { dump, err := dataprovider.ParseDumpData(content) if err != nil { return util.NewValidationError(fmt.Sprintf("Unable to parse backup content: %v", err)) } - if err = RestoreFolders(dump.Folders, inputFile, mode, scanQuota); err != nil { + if err = RestoreFolders(dump.Folders, inputFile, mode, scanQuota, executor, ipAddress); err != nil { return err } - if err = RestoreUsers(dump.Users, inputFile, mode, scanQuota); err != nil { + if err = RestoreUsers(dump.Users, inputFile, mode, scanQuota, executor, ipAddress); err != nil { return err } - if err = RestoreAdmins(dump.Admins, inputFile, mode); err != nil { + if err = RestoreAdmins(dump.Admins, inputFile, mode, executor, ipAddress); err != nil { return err } - if err = RestoreAPIKeys(dump.APIKeys, inputFile, mode); err != nil { + if err = RestoreAPIKeys(dump.APIKeys, inputFile, mode, executor, ipAddress); err != nil { return err } @@ -204,7 +214,7 @@ func getLoaddataOptions(r *http.Request) (string, int, int, error) { } // RestoreFolders restores the specified folders -func RestoreFolders(folders []vfs.BaseVirtualFolder, inputFile string, mode, scanQuota int) error { +func RestoreFolders(folders []vfs.BaseVirtualFolder, inputFile string, mode, scanQuota int, executor, ipAddress string) error { for _, folder := range folders { folder := folder // pin f, err := dataprovider.GetFolderByName(folder.Name) @@ -214,7 +224,7 @@ func RestoreFolders(folders []vfs.BaseVirtualFolder, inputFile string, mode, sca continue } folder.ID = f.ID - err = dataprovider.UpdateFolder(&folder, f.Users) + err = dataprovider.UpdateFolder(&folder, f.Users, executor, ipAddress) logger.Debug(logSender, "", "restoring existing folder: %+v, dump file: %#v, error: %v", folder, inputFile, err) } else { folder.Users = nil @@ -235,7 +245,7 @@ func RestoreFolders(folders []vfs.BaseVirtualFolder, inputFile string, mode, sca } // RestoreAPIKeys restores the specified API keys -func RestoreAPIKeys(apiKeys []dataprovider.APIKey, inputFile string, mode int) error { +func RestoreAPIKeys(apiKeys []dataprovider.APIKey, inputFile string, mode int, executor, ipAddress string) error { for _, apiKey := range apiKeys { apiKey := apiKey // pin if apiKey.Key == "" { @@ -249,11 +259,11 @@ func RestoreAPIKeys(apiKeys []dataprovider.APIKey, inputFile string, mode int) e continue } apiKey.ID = k.ID - err = dataprovider.UpdateAPIKey(&apiKey) + err = dataprovider.UpdateAPIKey(&apiKey, executor, ipAddress) apiKey.Key = redactedSecret logger.Debug(logSender, "", "restoring existing API key: %+v, dump file: %#v, error: %v", apiKey, inputFile, err) } else { - err = dataprovider.AddAPIKey(&apiKey) + err = dataprovider.AddAPIKey(&apiKey, executor, ipAddress) apiKey.Key = redactedSecret logger.Debug(logSender, "", "adding new API key: %+v, dump file: %#v, error: %v", apiKey, inputFile, err) } @@ -265,7 +275,7 @@ func RestoreAPIKeys(apiKeys []dataprovider.APIKey, inputFile string, mode int) e } // RestoreAdmins restores the specified admins -func RestoreAdmins(admins []dataprovider.Admin, inputFile string, mode int) error { +func RestoreAdmins(admins []dataprovider.Admin, inputFile string, mode int, executor, ipAddress string) error { for _, admin := range admins { admin := admin // pin a, err := dataprovider.AdminExists(admin.Username) @@ -275,11 +285,11 @@ func RestoreAdmins(admins []dataprovider.Admin, inputFile string, mode int) erro continue } admin.ID = a.ID - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, executor, ipAddress) admin.Password = redactedSecret logger.Debug(logSender, "", "restoring existing admin: %+v, dump file: %#v, error: %v", admin, inputFile, err) } else { - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, executor, ipAddress) admin.Password = redactedSecret logger.Debug(logSender, "", "adding new admin: %+v, dump file: %#v, error: %v", admin, inputFile, err) } @@ -292,7 +302,7 @@ func RestoreAdmins(admins []dataprovider.Admin, inputFile string, mode int) erro } // RestoreUsers restores the specified users -func RestoreUsers(users []dataprovider.User, inputFile string, mode, scanQuota int) error { +func RestoreUsers(users []dataprovider.User, inputFile string, mode, scanQuota int, executor, ipAddress string) error { for _, user := range users { user := user // pin u, err := dataprovider.UserExists(user.Username) @@ -302,14 +312,14 @@ func RestoreUsers(users []dataprovider.User, inputFile string, mode, scanQuota i continue } user.ID = u.ID - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, executor, ipAddress) user.Password = redactedSecret logger.Debug(logSender, "", "restoring existing user: %+v, dump file: %#v, error: %v", user, inputFile, err) if mode == 2 && err == nil { disconnectUser(user.Username) } } else { - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, executor, ipAddress) user.Password = redactedSecret logger.Debug(logSender, "", "adding new user: %+v, dump file: %#v, error: %v", user, inputFile, err) } diff --git a/httpd/api_mfa.go b/httpd/api_mfa.go index 61724f44..6d822a25 100644 --- a/httpd/api_mfa.go +++ b/httpd/api_mfa.go @@ -177,7 +177,7 @@ func generateRecoveryCodes(w http.ResponseWriter, r *http.Request) { return } user.Filters.RecoveryCodes = accountRecoveryCodes - if err := dataprovider.UpdateUser(&user); err != nil { + if err := dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -188,7 +188,7 @@ func generateRecoveryCodes(w http.ResponseWriter, r *http.Request) { return } admin.Filters.RecoveryCodes = accountRecoveryCodes - if err := dataprovider.UpdateAdmin(&admin); err != nil { + if err := dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -218,7 +218,7 @@ func saveUserTOTPConfig(username string, r *http.Request, recoveryCodes []sdk.Re if user.CountUnusedRecoveryCodes() < 5 && user.Filters.TOTPConfig.Enabled { user.Filters.RecoveryCodes = recoveryCodes } - return dataprovider.UpdateUser(&user) + return dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) } func saveAdminTOTPConfig(username string, r *http.Request, recoveryCodes []sdk.RecoveryCode) error { @@ -238,5 +238,5 @@ func saveAdminTOTPConfig(username string, r *http.Request, recoveryCodes []sdk.R if admin.Filters.TOTPConfig.Secret == nil || !admin.Filters.TOTPConfig.Secret.IsPlain() { admin.Filters.TOTPConfig.Secret = currentTOTPSecret } - return dataprovider.UpdateAdmin(&admin) + return dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) } diff --git a/httpd/api_user.go b/httpd/api_user.go index 031bdc19..1a165a0b 100644 --- a/httpd/api_user.go +++ b/httpd/api_user.go @@ -2,7 +2,6 @@ package httpd import ( "context" - "errors" "fmt" "net/http" "strconv" @@ -13,6 +12,7 @@ import ( "github.com/drakkan/sftpgo/v2/dataprovider" "github.com/drakkan/sftpgo/v2/kms" "github.com/drakkan/sftpgo/v2/sdk" + "github.com/drakkan/sftpgo/v2/util" "github.com/drakkan/sftpgo/v2/vfs" ) @@ -54,49 +54,19 @@ func renderUser(w http.ResponseWriter, r *http.Request, username string, status func addUser(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } var user dataprovider.User - err := render.DecodeJSON(r.Body, &user) + err = render.DecodeJSON(r.Body, &user) if err != nil { sendAPIResponse(w, r, err, "", http.StatusBadRequest) return } - user.SetEmptySecretsIfNil() - switch user.FsConfig.Provider { - case sdk.S3FilesystemProvider: - if user.FsConfig.S3Config.AccessSecret.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid access_secret"), "", http.StatusBadRequest) - return - } - case sdk.GCSFilesystemProvider: - if user.FsConfig.GCSConfig.Credentials.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid credentials"), "", http.StatusBadRequest) - return - } - case sdk.AzureBlobFilesystemProvider: - if user.FsConfig.AzBlobConfig.AccountKey.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid account_key"), "", http.StatusBadRequest) - return - } - if user.FsConfig.AzBlobConfig.SASURL.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid sas_url"), "", http.StatusBadRequest) - return - } - case sdk.CryptedFilesystemProvider: - if user.FsConfig.CryptConfig.Passphrase.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid passphrase"), "", http.StatusBadRequest) - return - } - case sdk.SFTPFilesystemProvider: - if user.FsConfig.SFTPConfig.Password.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid SFTP password"), "", http.StatusBadRequest) - return - } - if user.FsConfig.SFTPConfig.PrivateKey.IsRedacted() { - sendAPIResponse(w, r, errors.New("invalid SFTP private key"), "", http.StatusBadRequest) - return - } - } - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -106,6 +76,11 @@ func addUser(w http.ResponseWriter, r *http.Request) { func disableUser2FA(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } username := getURLParam(r, "username") user, err := dataprovider.UserExists(username) if err != nil { @@ -116,7 +91,7 @@ func disableUser2FA(w http.ResponseWriter, r *http.Request) { user.Filters.TOTPConfig = sdk.TOTPConfig{ Enabled: false, } - if err := dataprovider.UpdateUser(&user); err != nil { + if err := dataprovider.UpdateUser(&user, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return } @@ -125,7 +100,11 @@ func disableUser2FA(w http.ResponseWriter, r *http.Request) { func updateUser(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) - var err error + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } username := getURLParam(r, "username") disconnect := 0 @@ -179,7 +158,7 @@ func updateUser(w http.ResponseWriter, r *http.Request) { } updateEncryptedSecrets(&user.FsConfig, currentS3AccessSecret, currentAzAccountKey, currentAzSASUrl, currentGCSCredentials, currentCryptoPassphrase, currentSFTPPassword, currentSFTPKey) - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return @@ -192,8 +171,13 @@ func updateUser(w http.ResponseWriter, r *http.Request) { func deleteUser(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest) + return + } username := getURLParam(r, "username") - err := dataprovider.DeleteUser(username) + err = dataprovider.DeleteUser(username, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { sendAPIResponse(w, r, err, "", getRespStatus(err)) return diff --git a/httpd/handler.go b/httpd/handler.go index eba6b41d..375dd071 100644 --- a/httpd/handler.go +++ b/httpd/handler.go @@ -99,7 +99,7 @@ func (c *Connection) getFileReader(name string, offset int64, method string) (io } if method != http.MethodHead { - if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, p, name, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, p, name, c.GetProtocol(), c.GetRemoteIP(), 0, 0); err != nil { c.Log(logger.LevelDebug, "download for file %#v denied by pre action: %v", name, err) return nil, c.GetPermissionDeniedError() } @@ -174,7 +174,7 @@ func (c *Connection) handleUploadFile(fs vfs.Fs, resolvedPath, filePath, request c.Log(logger.LevelInfo, "denying file write due to quota limits") return nil, common.ErrQuotaExceeded } - err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), fileSize, os.O_TRUNC) + err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), fileSize, os.O_TRUNC) if err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, c.GetPermissionDeniedError() diff --git a/httpd/httpd_test.go b/httpd/httpd_test.go index f7480154..43ae0873 100644 --- a/httpd/httpd_test.go +++ b/httpd/httpd_test.go @@ -980,7 +980,7 @@ func TestChangeAdminPassword(t *testing.T) { admin, err := dataprovider.AdminExists(defaultTokenAuthUser) assert.NoError(t, err) admin.Password = defaultTokenAuthPass - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, "", "") assert.NoError(t, err) } @@ -1506,8 +1506,8 @@ func TestUserRedactedPassword(t *testing.T) { u.FsConfig.S3Config.StorageClass = "Standard" _, resp, err := httpdtest.AddUser(u, http.StatusBadRequest) assert.NoError(t, err, string(resp)) - assert.Contains(t, string(resp), "invalid access_secret") - err = dataprovider.AddUser(&u) + assert.Contains(t, string(resp), "cannot save a user with a redacted secret") + err = dataprovider.AddUser(&u, "", "") if assert.Error(t, err) { assert.Contains(t, err.Error(), "cannot save a user with a redacted secret") } @@ -1534,7 +1534,7 @@ func TestUserRedactedPassword(t *testing.T) { user.Password = defaultPassword user.VirtualFolders = append(user.VirtualFolders, vfolder) - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") if assert.Error(t, err) { assert.Contains(t, err.Error(), "cannot save a user with a redacted secret") } @@ -3547,7 +3547,7 @@ func TestSaveErrors(t *testing.T) { Protocols: []string{common.ProtocolSSH, common.ProtocolHTTP}, } user.Filters.RecoveryCodes = recoveryCodes - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) user, _, err = httpdtest.GetUserByUsername(user.Username, http.StatusOK) assert.NoError(t, err) @@ -3568,7 +3568,7 @@ func TestSaveErrors(t *testing.T) { Secret: kms.NewPlainSecret(secret), } admin.Filters.RecoveryCodes = recoveryCodes - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, "", "") assert.NoError(t, err) admin, _, err = httpdtest.GetAdminByUsername(admin.Username, http.StatusOK) assert.NoError(t, err) @@ -5694,7 +5694,7 @@ func TestMFAInvalidSecret(t *testing.T) { Used: false, Secret: kms.NewSecret(kms.SecretStatusSecretBox, "payload", "key", user.Username), }) - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) req, err := http.NewRequest(http.MethodGet, user2FARecoveryCodesPath, nil) @@ -5766,7 +5766,7 @@ func TestMFAInvalidSecret(t *testing.T) { Used: false, Secret: kms.NewSecret(kms.SecretStatusSecretBox, "payload", "key", user.Username), }) - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, "", "") assert.NoError(t, err) csrfToken, err = getCSRFToken(httpBaseURL + webLoginPath) @@ -6592,7 +6592,7 @@ func TestAdminHandlingWithAPIKeys(t *testing.T) { dbAdmin, err := dataprovider.AdminExists(defaultTokenAuthUser) assert.NoError(t, err) dbAdmin.Filters.AllowAPIKeyAuth = false - err = dataprovider.UpdateAdmin(&dbAdmin) + err = dataprovider.UpdateAdmin(&dbAdmin, "", "") assert.NoError(t, err) sysAdmin, _, err = httpdtest.GetAdminByUsername(defaultTokenAuthUser, http.StatusOK) assert.NoError(t, err) @@ -9669,7 +9669,7 @@ func TestWebAdminSetupMock(t *testing.T) { admins, err := dataprovider.GetAdmins(100, 0, dataprovider.OrderASC) assert.NoError(t, err) for _, admin := range admins { - err = dataprovider.DeleteAdmin(admin.Username) + err = dataprovider.DeleteAdmin(admin.Username, "", "") assert.NoError(t, err) } // close the provider and initializes it without creating the default admin diff --git a/httpd/internal_test.go b/httpd/internal_test.go index 9b7bd311..66f38d44 100644 --- a/httpd/internal_test.go +++ b/httpd/internal_test.go @@ -430,6 +430,96 @@ func TestInvalidToken(t *testing.T) { assert.Equal(t, http.StatusBadRequest, rr.Code) assert.Contains(t, rr.Body.String(), "Invalid token claims") + rr = httptest.NewRecorder() + loadData(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + loadDataFromRequest(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + addUser(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + disableUser2FA(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + updateUser(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + deleteUser(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + handleWebRestore(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "invalid token claims") + + rr = httptest.NewRecorder() + handleWebAddUserPost(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "invalid token claims") + + rr = httptest.NewRecorder() + handleWebUpdateUserPost(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "invalid token claims") + + rr = httptest.NewRecorder() + updateFolder(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + deleteFolder(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + handleWebUpdateFolderPost(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "invalid token claims") + + rr = httptest.NewRecorder() + addAdmin(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + disableAdmin2FA(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + addAPIKey(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + updateAPIKey(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + deleteAPIKey(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "Invalid token claims") + + rr = httptest.NewRecorder() + handleWebAddAdminPost(rr, req) + assert.Equal(t, http.StatusBadRequest, rr.Code) + assert.Contains(t, rr.Body.String(), "invalid token claims") + server := httpdServer{} server.initializeRouter() rr = httptest.NewRecorder() @@ -493,7 +583,7 @@ func TestRetentionInvalidTokenClaims(t *testing.T) { user.Permissions = make(map[string][]string) user.Permissions["/"] = []string{dataprovider.PermAny} user.Filters.AllowAPIKeyAuth = true - err := dataprovider.AddUser(&user) + err := dataprovider.AddUser(&user, "", "") assert.NoError(t, err) folderRetention := []common.FolderRetention{ { @@ -516,7 +606,7 @@ func TestRetentionInvalidTokenClaims(t *testing.T) { assert.Equal(t, http.StatusBadRequest, rr.Code) assert.Contains(t, rr.Body.String(), "Invalid token claims") - err = dataprovider.DeleteUser(username) + err = dataprovider.DeleteUser(username, "", "") assert.NoError(t, err) } @@ -691,7 +781,7 @@ func TestCreateTokenError(t *testing.T) { user.Permissions = make(map[string][]string) user.Permissions["/"] = []string{dataprovider.PermAny} user.Filters.AllowAPIKeyAuth = true - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, "", "") assert.NoError(t, err) rr = httptest.NewRecorder() @@ -708,20 +798,20 @@ func TestCreateTokenError(t *testing.T) { err = authenticateUserWithAPIKey(username, "", server.tokenAuth, req) assert.Error(t, err) - err = dataprovider.DeleteUser(username) + err = dataprovider.DeleteUser(username, "", "") assert.NoError(t, err) admin.Username += "1" admin.Status = 1 admin.Filters.AllowAPIKeyAuth = true admin.Permissions = []string{dataprovider.PermAdminAny} - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, "", "") assert.NoError(t, err) err = authenticateAdminWithAPIKey(admin.Username, "", server.tokenAuth, req) assert.Error(t, err) - err = dataprovider.DeleteAdmin(admin.Username) + err = dataprovider.DeleteAdmin(admin.Username, "", "") assert.NoError(t, err) } @@ -858,7 +948,7 @@ func TestCookieExpiration(t *testing.T) { assert.Empty(t, cookie) admin.Status = 0 - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, "", "") assert.NoError(t, err) req, _ = http.NewRequest(http.MethodGet, tokenPath, nil) ctx = jwtauth.NewContext(req.Context(), token, nil) @@ -868,7 +958,7 @@ func TestCookieExpiration(t *testing.T) { admin.Status = 1 admin.Filters.AllowList = []string{"172.16.1.0/24"} - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, "", "") assert.NoError(t, err) req, _ = http.NewRequest(http.MethodGet, tokenPath, nil) ctx = jwtauth.NewContext(req.Context(), token, nil) @@ -900,7 +990,7 @@ func TestCookieExpiration(t *testing.T) { cookie = rr.Header().Get("Set-Cookie") assert.True(t, strings.HasPrefix(cookie, "jwt=")) - err = dataprovider.DeleteAdmin(admin.Username) + err = dataprovider.DeleteAdmin(admin.Username, "", "") assert.NoError(t, err) // now check client cookie expiration username := "client" @@ -932,7 +1022,7 @@ func TestCookieExpiration(t *testing.T) { cookie = rr.Header().Get("Set-Cookie") assert.Empty(t, cookie) // the password will be hashed and so the signature will change - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, "", "") assert.NoError(t, err) req, _ = http.NewRequest(http.MethodGet, webClientFilesPath, nil) ctx = jwtauth.NewContext(req.Context(), token, nil) @@ -943,7 +1033,7 @@ func TestCookieExpiration(t *testing.T) { user, err = dataprovider.UserExists(user.Username) assert.NoError(t, err) user.Filters.AllowedIP = []string{"172.16.4.0/24"} - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) user, err = dataprovider.UserExists(user.Username) @@ -971,7 +1061,7 @@ func TestCookieExpiration(t *testing.T) { cookie = rr.Header().Get("Set-Cookie") assert.NotEmpty(t, cookie) - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) } @@ -1239,7 +1329,7 @@ func TestProxyHeaders(t *testing.T) { }, } - err := dataprovider.AddAdmin(&admin) + err := dataprovider.AddAdmin(&admin, "", "") assert.NoError(t, err) testIP := "10.29.1.9" @@ -1327,7 +1417,7 @@ func TestProxyHeaders(t *testing.T) { cookie = rr.Header().Get("Set-Cookie") assert.NotContains(t, cookie, "Secure") - err = dataprovider.DeleteAdmin(username) + err = dataprovider.DeleteAdmin(username, "", "") assert.NoError(t, err) } diff --git a/httpd/server.go b/httpd/server.go index 48309041..10940161 100644 --- a/httpd/server.go +++ b/httpd/server.go @@ -231,7 +231,7 @@ func (s *httpdServer) handleWebClientTwoFactorRecoveryPost(w http.ResponseWriter return } user.Filters.RecoveryCodes[idx].Used = true - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { logger.Warn(logSender, "", "unable to set the recovery code %#v as used: %v", recoveryCode, err) renderClientInternalServerErrorPage(w, r, errors.New("unable to set the recovery code as used")) @@ -332,7 +332,7 @@ func (s *httpdServer) handleWebAdminTwoFactorRecoveryPost(w http.ResponseWriter, return } admin.Filters.RecoveryCodes[idx].Used = true - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { logger.Warn(logSender, "", "unable to set the recovery code %#v as used: %v", recoveryCode, err) renderInternalServerErrorPage(w, r, errors.New("unable to set the recovery code as used")) @@ -472,7 +472,7 @@ func (s *httpdServer) handleWebAdminSetupPost(w http.ResponseWriter, r *http.Req Status: 1, Permissions: []string{dataprovider.PermAdminAny}, } - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { renderAdminSetupPage(w, r, username, err.Error()) return diff --git a/httpd/webadmin.go b/httpd/webadmin.go index 6981a539..ed10cb8b 100644 --- a/httpd/webadmin.go +++ b/httpd/webadmin.go @@ -1201,7 +1201,7 @@ func handleWebAdminProfilePost(w http.ResponseWriter, r *http.Request) { admin.Filters.AllowAPIKeyAuth = len(r.Form.Get("allow_api_key_auth")) > 0 admin.Email = r.Form.Get("email") admin.Description = r.Form.Get("description") - err = dataprovider.UpdateAdmin(&admin) + err = dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { renderProfilePage(w, r, err.Error()) return @@ -1225,7 +1225,12 @@ func handleWebMaintenance(w http.ResponseWriter, r *http.Request) { func handleWebRestore(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, MaxRestoreSize) - err := r.ParseMultipartForm(MaxRestoreSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + renderBadRequestPage(w, r, errors.New("invalid token claims")) + return + } + err = r.ParseMultipartForm(MaxRestoreSize) if err != nil { renderMaintenancePage(w, r, err.Error()) return @@ -1260,7 +1265,7 @@ func handleWebRestore(w http.ResponseWriter, r *http.Request) { return } - if err := restoreBackup(backupContent, "", scanQuota, restoreMode); err != nil { + if err := restoreBackup(backupContent, "", scanQuota, restoreMode, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil { renderMaintenancePage(w, r, err.Error()) return } @@ -1327,6 +1332,11 @@ func handleWebUpdateAdminGet(w http.ResponseWriter, r *http.Request) { func handleWebAddAdminPost(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + renderBadRequestPage(w, r, errors.New("invalid token claims")) + return + } admin, err := getAdminFromPostFields(r) if err != nil { renderAddUpdateAdminPage(w, r, &admin, err.Error(), true) @@ -1336,7 +1346,7 @@ func handleWebAddAdminPost(w http.ResponseWriter, r *http.Request) { renderForbiddenPage(w, r, err.Error()) return } - err = dataprovider.AddAdmin(&admin) + err = dataprovider.AddAdmin(&admin, claims.Username, util.GetIPFromRemoteAddress(r.Method)) if err != nil { renderAddUpdateAdminPage(w, r, &admin, err.Error(), true) return @@ -1388,7 +1398,7 @@ func handleWebUpdateAdminPost(w http.ResponseWriter, r *http.Request) { return } } - err = dataprovider.UpdateAdmin(&updatedAdmin) + err = dataprovider.UpdateAdmin(&updatedAdmin, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { renderAddUpdateAdminPage(w, r, &admin, err.Error(), false) return @@ -1595,6 +1605,11 @@ func handleWebUpdateUserGet(w http.ResponseWriter, r *http.Request) { func handleWebAddUserPost(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + renderBadRequestPage(w, r, errors.New("invalid token claims")) + return + } user, err := getUserFromPostFields(r) if err != nil { renderUserPage(w, r, &user, userPageModeAdd, err.Error()) @@ -1604,7 +1619,7 @@ func handleWebAddUserPost(w http.ResponseWriter, r *http.Request) { renderForbiddenPage(w, r, err.Error()) return } - err = dataprovider.AddUser(&user) + err = dataprovider.AddUser(&user, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err == nil { http.Redirect(w, r, webUsersPath, http.StatusSeeOther) } else { @@ -1614,6 +1629,11 @@ func handleWebAddUserPost(w http.ResponseWriter, r *http.Request) { func handleWebUpdateUserPost(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + renderBadRequestPage(w, r, errors.New("invalid token claims")) + return + } username := getURLParam(r, "username") user, err := dataprovider.UserExists(username) if _, ok := err.(*util.RecordNotFoundError); ok { @@ -1644,7 +1664,7 @@ func handleWebUpdateUserPost(w http.ResponseWriter, r *http.Request) { user.FsConfig.AzBlobConfig.SASURL, user.FsConfig.GCSConfig.Credentials, user.FsConfig.CryptConfig.Passphrase, user.FsConfig.SFTPConfig.Password, user.FsConfig.SFTPConfig.PrivateKey) - err = dataprovider.UpdateUser(&updatedUser) + err = dataprovider.UpdateUser(&updatedUser, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err == nil { if len(r.Form.Get("disconnect")) > 0 { disconnectUser(user.Username) @@ -1724,6 +1744,11 @@ func handleWebUpdateFolderGet(w http.ResponseWriter, r *http.Request) { func handleWebUpdateFolderPost(w http.ResponseWriter, r *http.Request) { r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize) + claims, err := getTokenClaims(r) + if err != nil || claims.Username == "" { + renderBadRequestPage(w, r, errors.New("invalid token claims")) + return + } name := getURLParam(r, "name") folder, err := dataprovider.GetFolderByName(name) if _, ok := err.(*util.RecordNotFoundError); ok { @@ -1760,7 +1785,7 @@ func handleWebUpdateFolderPost(w http.ResponseWriter, r *http.Request) { folder.FsConfig.AzBlobConfig.SASURL, folder.FsConfig.GCSConfig.Credentials, folder.FsConfig.CryptConfig.Passphrase, folder.FsConfig.SFTPConfig.Password, folder.FsConfig.SFTPConfig.PrivateKey) - err = dataprovider.UpdateFolder(updatedFolder, folder.Users) + err = dataprovider.UpdateFolder(updatedFolder, folder.Users, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { renderFolderPage(w, r, folder, folderPageModeUpdate, err.Error()) return diff --git a/httpd/webclient.go b/httpd/webclient.go index 3165cd72..bf948ab6 100644 --- a/httpd/webclient.go +++ b/httpd/webclient.go @@ -700,7 +700,7 @@ func handleWebClientProfilePost(w http.ResponseWriter, r *http.Request) { user.Email = r.Form.Get("email") user.Description = r.Form.Get("description") } - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr)) if err != nil { renderClientProfilePage(w, r, err.Error()) return diff --git a/sdk/plugin/notifier.go b/sdk/plugin/notifier.go index 7234a555..16964f54 100644 --- a/sdk/plugin/notifier.go +++ b/sdk/plugin/notifier.go @@ -20,7 +20,8 @@ import ( // NotifierConfig defines configuration parameters for notifiers plugins type NotifierConfig struct { FsEvents []string `json:"fs_events" mapstructure:"fs_events"` - UserEvents []string `json:"user_events" mapstructure:"user_events"` + ProviderEvents []string `json:"provider_events" mapstructure:"provider_events"` + ProviderObjects []string `json:"provider_objects" mapstructure:"provider_objects"` RetryMaxTime int `json:"retry_max_time" mapstructure:"retry_max_time"` RetryQueueMaxSize int `json:"retry_queue_max_size" mapstructure:"retry_queue_max_size"` } @@ -29,7 +30,7 @@ func (c *NotifierConfig) hasActions() bool { if len(c.FsEvents) > 0 { return true } - if len(c.UserEvents) > 0 { + if len(c.ProviderEvents) > 0 && len(c.ProviderObjects) > 0 { return true } return false @@ -37,11 +38,13 @@ func (c *NotifierConfig) hasActions() bool { type eventsQueue struct { sync.RWMutex - fsEvents []*proto.FsEvent - userEvents []*proto.UserEvent + fsEvents []*proto.FsEvent + providerEvents []*proto.ProviderEvent } -func (q *eventsQueue) addFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol string, fileSize int64, status int) { +func (q *eventsQueue) addFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip string, + fileSize int64, status int, +) { q.Lock() defer q.Unlock() @@ -54,18 +57,25 @@ func (q *eventsQueue) addFsEvent(timestamp time.Time, action, username, fsPath, SshCmd: sshCmd, FileSize: fileSize, Protocol: protocol, + Ip: ip, Status: int32(status), }) } -func (q *eventsQueue) addUserEvent(timestamp time.Time, action string, userAsJSON []byte) { +func (q *eventsQueue) addProviderEvent(timestamp time.Time, action, username, objectType, objectName, ip string, + objectAsJSON []byte, +) { q.Lock() defer q.Unlock() - q.userEvents = append(q.userEvents, &proto.UserEvent{ - Timestamp: timestamppb.New(timestamp), - Action: action, - User: userAsJSON, + q.providerEvents = append(q.providerEvents, &proto.ProviderEvent{ + Timestamp: timestamppb.New(timestamp), + Action: action, + ObjectType: objectType, + Username: username, + Ip: ip, + ObjectName: objectName, + ObjectData: objectAsJSON, }) } @@ -84,17 +94,17 @@ func (q *eventsQueue) popFsEvent() *proto.FsEvent { return ev } -func (q *eventsQueue) popUserEvent() *proto.UserEvent { +func (q *eventsQueue) popProviderEvent() *proto.ProviderEvent { q.Lock() defer q.Unlock() - if len(q.userEvents) == 0 { + if len(q.providerEvents) == 0 { return nil } - truncLen := len(q.userEvents) - 1 - ev := q.userEvents[truncLen] - q.userEvents[truncLen] = nil - q.userEvents = q.userEvents[:truncLen] + truncLen := len(q.providerEvents) - 1 + ev := q.providerEvents[truncLen] + q.providerEvents[truncLen] = nil + q.providerEvents = q.providerEvents[:truncLen] return ev } @@ -103,7 +113,7 @@ func (q *eventsQueue) getSize() int { q.RLock() defer q.RUnlock() - return len(q.userEvents) + len(q.fsEvents) + return len(q.providerEvents) + len(q.fsEvents) } type notifierPlugin struct { @@ -194,7 +204,7 @@ func (p *notifierPlugin) canQueueEvent(timestamp time.Time) bool { } func (p *notifierPlugin) notifyFsAction(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, - protocol string, fileSize int64, errAction error) { + protocol, ip, virtualPath, virtualTargetPath string, fileSize int64, errAction error) { if !util.IsStringInSlice(action, p.config.NotifierOptions.FsEvents) { return } @@ -204,40 +214,47 @@ func (p *notifierPlugin) notifyFsAction(timestamp time.Time, action, username, f if errAction != nil { status = 0 } - p.sendFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, fileSize, status) + p.sendFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, virtualPath, virtualTargetPath, + fileSize, status) }() } -func (p *notifierPlugin) notifyUserAction(timestamp time.Time, action string, user Renderer) { - if !util.IsStringInSlice(action, p.config.NotifierOptions.UserEvents) { +func (p *notifierPlugin) notifyProviderAction(timestamp time.Time, action, username, objectType, objectName, ip string, + object Renderer, +) { + if !util.IsStringInSlice(action, p.config.NotifierOptions.ProviderEvents) || + !util.IsStringInSlice(objectType, p.config.NotifierOptions.ProviderObjects) { return } go func() { - userAsJSON, err := user.RenderAsJSON(action != "delete") + objectAsJSON, err := object.RenderAsJSON(action != "delete") if err != nil { logger.Warn(logSender, "", "unable to render user as json for action %v: %v", action, err) return } - p.sendUserEvent(timestamp, action, userAsJSON) + p.sendProviderEvent(timestamp, action, username, objectType, objectName, ip, objectAsJSON) }() } func (p *notifierPlugin) sendFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, - protocol string, fileSize int64, status int) { - if err := p.notifier.NotifyFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, fileSize, status); err != nil { + protocol, ip, virtualPath, virtualTargetPath string, fileSize int64, status int) { + if err := p.notifier.NotifyFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, + virtualPath, virtualTargetPath, fileSize, status); err != nil { logger.Warn(logSender, "", "unable to send fs action notification to plugin %v: %v", p.config.Cmd, err) if p.canQueueEvent(timestamp) { - p.queue.addFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, fileSize, status) + p.queue.addFsEvent(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, fileSize, status) } } } -func (p *notifierPlugin) sendUserEvent(timestamp time.Time, action string, userAsJSON []byte) { - if err := p.notifier.NotifyUserEvent(timestamp, action, userAsJSON); err != nil { +func (p *notifierPlugin) sendProviderEvent(timestamp time.Time, action, username, objectType, objectName, ip string, + objectAsJSON []byte, +) { + if err := p.notifier.NotifyProviderEvent(timestamp, action, username, objectType, objectName, ip, objectAsJSON); err != nil { logger.Warn(logSender, "", "unable to send user action notification to plugin %v: %v", p.config.Cmd, err) if p.canQueueEvent(timestamp) { - p.queue.addUserEvent(timestamp, action, userAsJSON) + p.queue.addProviderEvent(timestamp, action, username, objectType, objectName, ip, objectAsJSON) } } } @@ -251,14 +268,15 @@ func (p *notifierPlugin) sendQueuedEvents() { fsEv := p.queue.popFsEvent() for fsEv != nil { go p.sendFsEvent(fsEv.Timestamp.AsTime(), fsEv.Action, fsEv.Username, fsEv.FsPath, fsEv.FsTargetPath, - fsEv.SshCmd, fsEv.Protocol, fsEv.FileSize, int(fsEv.Status)) + fsEv.SshCmd, fsEv.Protocol, fsEv.Ip, fsEv.VirtualPath, fsEv.VirtualTargetPath, fsEv.FileSize, int(fsEv.Status)) fsEv = p.queue.popFsEvent() } - userEv := p.queue.popUserEvent() - for userEv != nil { - go p.sendUserEvent(userEv.Timestamp.AsTime(), userEv.Action, userEv.User) - userEv = p.queue.popUserEvent() + providerEv := p.queue.popProviderEvent() + for providerEv != nil { + go p.sendProviderEvent(providerEv.Timestamp.AsTime(), providerEv.Action, providerEv.Username, providerEv.ObjectType, + providerEv.ObjectName, providerEv.Ip, providerEv.ObjectData) + providerEv = p.queue.popProviderEvent() } logger.Debug(logSender, "", "queued events sent for notifier %#v, new events size: %v", p.config.Cmd, p.queue.getSize()) } diff --git a/sdk/plugin/notifier/grpc.go b/sdk/plugin/notifier/grpc.go index 1d8865bc..cfe1f149 100644 --- a/sdk/plugin/notifier/grpc.go +++ b/sdk/plugin/notifier/grpc.go @@ -20,34 +20,43 @@ type GRPCClient struct { } // NotifyFsEvent implements the Notifier interface -func (c *GRPCClient) NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol string, fileSize int64, status int) error { +func (c *GRPCClient) NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, + virtualPath, virtualTargetPath string, fileSize int64, status int, +) error { ctx, cancel := context.WithTimeout(context.Background(), rpcTimeout) defer cancel() _, err := c.client.SendFsEvent(ctx, &proto.FsEvent{ - Timestamp: timestamppb.New(timestamp), - Action: action, - Username: username, - FsPath: fsPath, - FsTargetPath: fsTargetPath, - SshCmd: sshCmd, - FileSize: fileSize, - Protocol: protocol, - Status: int32(status), + Timestamp: timestamppb.New(timestamp), + Action: action, + Username: username, + FsPath: fsPath, + FsTargetPath: fsTargetPath, + SshCmd: sshCmd, + FileSize: fileSize, + Protocol: protocol, + Ip: ip, + Status: int32(status), + VirtualPath: virtualPath, + VirtualTargetPath: virtualTargetPath, }) return err } -// NotifyUserEvent implements the Notifier interface -func (c *GRPCClient) NotifyUserEvent(timestamp time.Time, action string, user []byte) error { +// NotifyProviderEvent implements the Notifier interface +func (c *GRPCClient) NotifyProviderEvent(timestamp time.Time, action, username, objectType, objectName, ip string, object []byte) error { ctx, cancel := context.WithTimeout(context.Background(), rpcTimeout) defer cancel() - _, err := c.client.SendUserEvent(ctx, &proto.UserEvent{ - Timestamp: timestamppb.New(timestamp), - Action: action, - User: user, + _, err := c.client.SendProviderEvent(ctx, &proto.ProviderEvent{ + Timestamp: timestamppb.New(timestamp), + Action: action, + ObjectType: objectType, + Username: username, + Ip: ip, + ObjectName: objectName, + ObjectData: object, }) return err @@ -61,12 +70,13 @@ type GRPCServer struct { // SendFsEvent implements the serve side fs notify method func (s *GRPCServer) SendFsEvent(ctx context.Context, req *proto.FsEvent) (*emptypb.Empty, error) { err := s.Impl.NotifyFsEvent(req.Timestamp.AsTime(), req.Action, req.Username, req.FsPath, req.FsTargetPath, req.SshCmd, - req.Protocol, req.FileSize, int(req.Status)) + req.Protocol, req.Ip, req.VirtualPath, req.VirtualTargetPath, req.FileSize, int(req.Status)) return &emptypb.Empty{}, err } -// SendUserEvent implements the serve side user notify method -func (s *GRPCServer) SendUserEvent(ctx context.Context, req *proto.UserEvent) (*emptypb.Empty, error) { - err := s.Impl.NotifyUserEvent(req.Timestamp.AsTime(), req.Action, req.User) +// SendProviderEvent implements the serve side provider event notify method +func (s *GRPCServer) SendProviderEvent(ctx context.Context, req *proto.ProviderEvent) (*emptypb.Empty, error) { + err := s.Impl.NotifyProviderEvent(req.Timestamp.AsTime(), req.Action, req.Username, req.ObjectType, req.ObjectName, + req.Ip, req.ObjectData) return &emptypb.Empty{}, err } diff --git a/sdk/plugin/notifier/notifier.go b/sdk/plugin/notifier/notifier.go index 380d2104..8a32b1da 100644 --- a/sdk/plugin/notifier/notifier.go +++ b/sdk/plugin/notifier/notifier.go @@ -33,9 +33,9 @@ var PluginMap = map[string]plugin.Plugin{ // Notifier defines the interface for notifiers plugins type Notifier interface { - NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol string, - fileSize int64, status int) error - NotifyUserEvent(timestamp time.Time, action string, user []byte) error + NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, + virtualPath, virtualTargetPath string, fileSize int64, status int) error + NotifyProviderEvent(timestamp time.Time, action, username, objectType, objectName, ip string, object []byte) error } // Plugin defines the implementation to serve/connect to a notifier plugin diff --git a/sdk/plugin/notifier/proto/notifier.pb.go b/sdk/plugin/notifier/proto/notifier.pb.go index 1fd5cae2..362c2589 100644 --- a/sdk/plugin/notifier/proto/notifier.pb.go +++ b/sdk/plugin/notifier/proto/notifier.pb.go @@ -31,15 +31,18 @@ type FsEvent struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"` - Action string `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"` - Username string `protobuf:"bytes,3,opt,name=username,proto3" json:"username,omitempty"` - FsPath string `protobuf:"bytes,4,opt,name=fs_path,json=fsPath,proto3" json:"fs_path,omitempty"` - FsTargetPath string `protobuf:"bytes,5,opt,name=fs_target_path,json=fsTargetPath,proto3" json:"fs_target_path,omitempty"` - SshCmd string `protobuf:"bytes,6,opt,name=ssh_cmd,json=sshCmd,proto3" json:"ssh_cmd,omitempty"` - FileSize int64 `protobuf:"varint,7,opt,name=file_size,json=fileSize,proto3" json:"file_size,omitempty"` - Protocol string `protobuf:"bytes,8,opt,name=protocol,proto3" json:"protocol,omitempty"` - Status int32 `protobuf:"varint,9,opt,name=status,proto3" json:"status,omitempty"` + Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + Action string `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"` + Username string `protobuf:"bytes,3,opt,name=username,proto3" json:"username,omitempty"` + FsPath string `protobuf:"bytes,4,opt,name=fs_path,json=fsPath,proto3" json:"fs_path,omitempty"` + FsTargetPath string `protobuf:"bytes,5,opt,name=fs_target_path,json=fsTargetPath,proto3" json:"fs_target_path,omitempty"` + SshCmd string `protobuf:"bytes,6,opt,name=ssh_cmd,json=sshCmd,proto3" json:"ssh_cmd,omitempty"` + FileSize int64 `protobuf:"varint,7,opt,name=file_size,json=fileSize,proto3" json:"file_size,omitempty"` + Protocol string `protobuf:"bytes,8,opt,name=protocol,proto3" json:"protocol,omitempty"` + Status int32 `protobuf:"varint,9,opt,name=status,proto3" json:"status,omitempty"` + Ip string `protobuf:"bytes,10,opt,name=ip,proto3" json:"ip,omitempty"` + VirtualPath string `protobuf:"bytes,11,opt,name=virtual_path,json=virtualPath,proto3" json:"virtual_path,omitempty"` + VirtualTargetPath string `protobuf:"bytes,12,opt,name=virtual_target_path,json=virtualTargetPath,proto3" json:"virtual_target_path,omitempty"` } func (x *FsEvent) Reset() { @@ -137,18 +140,43 @@ func (x *FsEvent) GetStatus() int32 { return 0 } -type UserEvent struct { +func (x *FsEvent) GetIp() string { + if x != nil { + return x.Ip + } + return "" +} + +func (x *FsEvent) GetVirtualPath() string { + if x != nil { + return x.VirtualPath + } + return "" +} + +func (x *FsEvent) GetVirtualTargetPath() string { + if x != nil { + return x.VirtualTargetPath + } + return "" +} + +type ProviderEvent struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"` - Action string `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"` - User []byte `protobuf:"bytes,3,opt,name=user,proto3" json:"user,omitempty"` // SFTPGo user JSON serialized + Timestamp *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=timestamp,proto3" json:"timestamp,omitempty"` + Action string `protobuf:"bytes,2,opt,name=action,proto3" json:"action,omitempty"` + ObjectType string `protobuf:"bytes,3,opt,name=object_type,json=objectType,proto3" json:"object_type,omitempty"` + Username string `protobuf:"bytes,4,opt,name=username,proto3" json:"username,omitempty"` + Ip string `protobuf:"bytes,5,opt,name=ip,proto3" json:"ip,omitempty"` + ObjectName string `protobuf:"bytes,6,opt,name=object_name,json=objectName,proto3" json:"object_name,omitempty"` + ObjectData []byte `protobuf:"bytes,7,opt,name=object_data,json=objectData,proto3" json:"object_data,omitempty"` // object JSON serialized } -func (x *UserEvent) Reset() { - *x = UserEvent{} +func (x *ProviderEvent) Reset() { + *x = ProviderEvent{} if protoimpl.UnsafeEnabled { mi := &file_notifier_proto_notifier_proto_msgTypes[1] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -156,13 +184,13 @@ func (x *UserEvent) Reset() { } } -func (x *UserEvent) String() string { +func (x *ProviderEvent) String() string { return protoimpl.X.MessageStringOf(x) } -func (*UserEvent) ProtoMessage() {} +func (*ProviderEvent) ProtoMessage() {} -func (x *UserEvent) ProtoReflect() protoreflect.Message { +func (x *ProviderEvent) ProtoReflect() protoreflect.Message { mi := &file_notifier_proto_notifier_proto_msgTypes[1] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -174,28 +202,56 @@ func (x *UserEvent) ProtoReflect() protoreflect.Message { return mi.MessageOf(x) } -// Deprecated: Use UserEvent.ProtoReflect.Descriptor instead. -func (*UserEvent) Descriptor() ([]byte, []int) { +// Deprecated: Use ProviderEvent.ProtoReflect.Descriptor instead. +func (*ProviderEvent) Descriptor() ([]byte, []int) { return file_notifier_proto_notifier_proto_rawDescGZIP(), []int{1} } -func (x *UserEvent) GetTimestamp() *timestamppb.Timestamp { +func (x *ProviderEvent) GetTimestamp() *timestamppb.Timestamp { if x != nil { return x.Timestamp } return nil } -func (x *UserEvent) GetAction() string { +func (x *ProviderEvent) GetAction() string { if x != nil { return x.Action } return "" } -func (x *UserEvent) GetUser() []byte { +func (x *ProviderEvent) GetObjectType() string { if x != nil { - return x.User + return x.ObjectType + } + return "" +} + +func (x *ProviderEvent) GetUsername() string { + if x != nil { + return x.Username + } + return "" +} + +func (x *ProviderEvent) GetIp() string { + if x != nil { + return x.Ip + } + return "" +} + +func (x *ProviderEvent) GetObjectName() string { + if x != nil { + return x.ObjectName + } + return "" +} + +func (x *ProviderEvent) GetObjectData() []byte { + if x != nil { + return x.ObjectData } return nil } @@ -209,7 +265,7 @@ var file_notifier_proto_notifier_proto_rawDesc = []byte{ 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65, 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xa0, 0x02, 0x0a, 0x07, 0x46, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, + 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x83, 0x03, 0x0a, 0x07, 0x46, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, @@ -227,24 +283,39 @@ var file_notifier_proto_notifier_proto_rawDesc = []byte{ 0x69, 0x7a, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, - 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x71, 0x0a, 0x09, 0x55, 0x73, 0x65, 0x72, 0x45, - 0x76, 0x65, 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, - 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, - 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, - 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, - 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x32, 0x7c, 0x0a, 0x08, 0x4e, 0x6f, - 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x35, 0x0a, 0x0b, 0x53, 0x65, 0x6e, 0x64, 0x46, 0x73, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x0e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x46, 0x73, - 0x45, 0x76, 0x65, 0x6e, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x39, 0x0a, - 0x0d, 0x53, 0x65, 0x6e, 0x64, 0x55, 0x73, 0x65, 0x72, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x10, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x45, 0x76, 0x65, 0x6e, 0x74, - 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0x1b, 0x5a, 0x19, 0x73, 0x64, 0x6b, 0x2f, - 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x2f, 0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x2f, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x70, 0x18, 0x0a, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x70, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x69, 0x72, 0x74, 0x75, + 0x61, 0x6c, 0x5f, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, + 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, 0x50, 0x61, 0x74, 0x68, 0x12, 0x2e, 0x0a, 0x13, 0x76, 0x69, + 0x72, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x70, 0x61, 0x74, + 0x68, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x76, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6c, + 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x50, 0x61, 0x74, 0x68, 0x22, 0xf0, 0x01, 0x0a, 0x0d, 0x50, + 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x38, 0x0a, 0x09, + 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, + 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, + 0x0a, 0x0b, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, + 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, + 0x70, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x70, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0a, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, + 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x07, 0x20, 0x01, 0x28, + 0x0c, 0x52, 0x0a, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x44, 0x61, 0x74, 0x61, 0x32, 0x84, 0x01, + 0x0a, 0x08, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x35, 0x0a, 0x0b, 0x53, 0x65, + 0x6e, 0x64, 0x46, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x0e, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x2e, 0x46, 0x73, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, + 0x79, 0x12, 0x41, 0x0a, 0x11, 0x53, 0x65, 0x6e, 0x64, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, + 0x72, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x14, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x50, + 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x1a, 0x16, 0x2e, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, + 0x6d, 0x70, 0x74, 0x79, 0x42, 0x1b, 0x5a, 0x19, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x6c, 0x75, 0x67, + 0x69, 0x6e, 0x2f, 0x6e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x2f, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -262,17 +333,17 @@ func file_notifier_proto_notifier_proto_rawDescGZIP() []byte { var file_notifier_proto_notifier_proto_msgTypes = make([]protoimpl.MessageInfo, 2) var file_notifier_proto_notifier_proto_goTypes = []interface{}{ (*FsEvent)(nil), // 0: proto.FsEvent - (*UserEvent)(nil), // 1: proto.UserEvent + (*ProviderEvent)(nil), // 1: proto.ProviderEvent (*timestamppb.Timestamp)(nil), // 2: google.protobuf.Timestamp (*emptypb.Empty)(nil), // 3: google.protobuf.Empty } var file_notifier_proto_notifier_proto_depIdxs = []int32{ 2, // 0: proto.FsEvent.timestamp:type_name -> google.protobuf.Timestamp - 2, // 1: proto.UserEvent.timestamp:type_name -> google.protobuf.Timestamp + 2, // 1: proto.ProviderEvent.timestamp:type_name -> google.protobuf.Timestamp 0, // 2: proto.Notifier.SendFsEvent:input_type -> proto.FsEvent - 1, // 3: proto.Notifier.SendUserEvent:input_type -> proto.UserEvent + 1, // 3: proto.Notifier.SendProviderEvent:input_type -> proto.ProviderEvent 3, // 4: proto.Notifier.SendFsEvent:output_type -> google.protobuf.Empty - 3, // 5: proto.Notifier.SendUserEvent:output_type -> google.protobuf.Empty + 3, // 5: proto.Notifier.SendProviderEvent:output_type -> google.protobuf.Empty 4, // [4:6] is the sub-list for method output_type 2, // [2:4] is the sub-list for method input_type 2, // [2:2] is the sub-list for extension type_name @@ -299,7 +370,7 @@ func file_notifier_proto_notifier_proto_init() { } } file_notifier_proto_notifier_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*UserEvent); i { + switch v := v.(*ProviderEvent); i { case 0: return &v.state case 1: @@ -344,7 +415,7 @@ const _ = grpc.SupportPackageIsVersion6 // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type NotifierClient interface { SendFsEvent(ctx context.Context, in *FsEvent, opts ...grpc.CallOption) (*emptypb.Empty, error) - SendUserEvent(ctx context.Context, in *UserEvent, opts ...grpc.CallOption) (*emptypb.Empty, error) + SendProviderEvent(ctx context.Context, in *ProviderEvent, opts ...grpc.CallOption) (*emptypb.Empty, error) } type notifierClient struct { @@ -364,9 +435,9 @@ func (c *notifierClient) SendFsEvent(ctx context.Context, in *FsEvent, opts ...g return out, nil } -func (c *notifierClient) SendUserEvent(ctx context.Context, in *UserEvent, opts ...grpc.CallOption) (*emptypb.Empty, error) { +func (c *notifierClient) SendProviderEvent(ctx context.Context, in *ProviderEvent, opts ...grpc.CallOption) (*emptypb.Empty, error) { out := new(emptypb.Empty) - err := c.cc.Invoke(ctx, "/proto.Notifier/SendUserEvent", in, out, opts...) + err := c.cc.Invoke(ctx, "/proto.Notifier/SendProviderEvent", in, out, opts...) if err != nil { return nil, err } @@ -376,7 +447,7 @@ func (c *notifierClient) SendUserEvent(ctx context.Context, in *UserEvent, opts // NotifierServer is the server API for Notifier service. type NotifierServer interface { SendFsEvent(context.Context, *FsEvent) (*emptypb.Empty, error) - SendUserEvent(context.Context, *UserEvent) (*emptypb.Empty, error) + SendProviderEvent(context.Context, *ProviderEvent) (*emptypb.Empty, error) } // UnimplementedNotifierServer can be embedded to have forward compatible implementations. @@ -386,8 +457,8 @@ type UnimplementedNotifierServer struct { func (*UnimplementedNotifierServer) SendFsEvent(context.Context, *FsEvent) (*emptypb.Empty, error) { return nil, status.Errorf(codes.Unimplemented, "method SendFsEvent not implemented") } -func (*UnimplementedNotifierServer) SendUserEvent(context.Context, *UserEvent) (*emptypb.Empty, error) { - return nil, status.Errorf(codes.Unimplemented, "method SendUserEvent not implemented") +func (*UnimplementedNotifierServer) SendProviderEvent(context.Context, *ProviderEvent) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method SendProviderEvent not implemented") } func RegisterNotifierServer(s *grpc.Server, srv NotifierServer) { @@ -412,20 +483,20 @@ func _Notifier_SendFsEvent_Handler(srv interface{}, ctx context.Context, dec fun return interceptor(ctx, in, info, handler) } -func _Notifier_SendUserEvent_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(UserEvent) +func _Notifier_SendProviderEvent_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ProviderEvent) if err := dec(in); err != nil { return nil, err } if interceptor == nil { - return srv.(NotifierServer).SendUserEvent(ctx, in) + return srv.(NotifierServer).SendProviderEvent(ctx, in) } info := &grpc.UnaryServerInfo{ Server: srv, - FullMethod: "/proto.Notifier/SendUserEvent", + FullMethod: "/proto.Notifier/SendProviderEvent", } handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(NotifierServer).SendUserEvent(ctx, req.(*UserEvent)) + return srv.(NotifierServer).SendProviderEvent(ctx, req.(*ProviderEvent)) } return interceptor(ctx, in, info, handler) } @@ -439,8 +510,8 @@ var _Notifier_serviceDesc = grpc.ServiceDesc{ Handler: _Notifier_SendFsEvent_Handler, }, { - MethodName: "SendUserEvent", - Handler: _Notifier_SendUserEvent_Handler, + MethodName: "SendProviderEvent", + Handler: _Notifier_SendProviderEvent_Handler, }, }, Streams: []grpc.StreamDesc{}, diff --git a/sdk/plugin/notifier/proto/notifier.proto b/sdk/plugin/notifier/proto/notifier.proto index 084860a4..5f7e77f8 100644 --- a/sdk/plugin/notifier/proto/notifier.proto +++ b/sdk/plugin/notifier/proto/notifier.proto @@ -16,15 +16,22 @@ message FsEvent { int64 file_size = 7; string protocol = 8; int32 status = 9; + string ip = 10; + string virtual_path = 11; + string virtual_target_path = 12; } -message UserEvent { +message ProviderEvent { google.protobuf.Timestamp timestamp = 1; string action = 2; - bytes user = 3; // SFTPGo user JSON serialized + string object_type = 3; + string username = 4; + string ip = 5; + string object_name = 6; + bytes object_data = 7; // object JSON serialized } service Notifier { rpc SendFsEvent(FsEvent) returns (google.protobuf.Empty); - rpc SendUserEvent(UserEvent) returns (google.protobuf.Empty); + rpc SendProviderEvent(ProviderEvent) returns (google.protobuf.Empty); } \ No newline at end of file diff --git a/sdk/plugin/plugin.go b/sdk/plugin/plugin.go index 7ec443ce..93bd5f5d 100644 --- a/sdk/plugin/plugin.go +++ b/sdk/plugin/plugin.go @@ -166,23 +166,27 @@ func (m *Manager) validateConfigs() error { } // NotifyFsEvent sends the fs event notifications using any defined notifier plugins -func (m *Manager) NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol string, - fileSize int64, err error) { +func (m *Manager) NotifyFsEvent(timestamp time.Time, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, + virtualPath, virtualTargetPath string, fileSize int64, err error, +) { m.notifLock.RLock() defer m.notifLock.RUnlock() for _, n := range m.notifiers { - n.notifyFsAction(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, fileSize, err) + n.notifyFsAction(timestamp, action, username, fsPath, fsTargetPath, sshCmd, protocol, ip, virtualPath, virtualTargetPath, + fileSize, err) } } -// NotifyUserEvent sends the user event notifications using any defined notifier plugins -func (m *Manager) NotifyUserEvent(timestamp time.Time, action string, user Renderer) { +// NotifyProviderEvent sends the provider event notifications using any defined notifier plugins +func (m *Manager) NotifyProviderEvent(timestamp time.Time, action, username, objectType, objectName, ip string, + object Renderer, +) { m.notifLock.RLock() defer m.notifLock.RUnlock() for _, n := range m.notifiers { - n.notifyUserAction(timestamp, action, user) + n.notifyProviderAction(timestamp, action, username, objectType, objectName, ip, object) } } diff --git a/service/service.go b/service/service.go index b7596bc0..6e9680fc 100644 --- a/service/service.go +++ b/service/service.go @@ -129,7 +129,7 @@ func (s *Service) Start() error { if s.PortableMode == 1 { // create the user for portable mode - err = dataprovider.AddUser(&s.PortableUser) + err = dataprovider.AddUser(&s.PortableUser, dataprovider.ActionExecutorSystem, "") if err != nil { logger.ErrorToConsole("error adding portable user: %v", err) return err @@ -300,19 +300,19 @@ func (s *Service) loadInitialData() error { } func (s *Service) restoreDump(dump *dataprovider.BackupData) error { - err := httpd.RestoreFolders(dump.Folders, s.LoadDataFrom, s.LoadDataMode, s.LoadDataQuotaScan) + err := httpd.RestoreFolders(dump.Folders, s.LoadDataFrom, s.LoadDataMode, s.LoadDataQuotaScan, dataprovider.ActionExecutorSystem, "") if err != nil { return fmt.Errorf("unable to restore folders from file %#v: %v", s.LoadDataFrom, err) } - err = httpd.RestoreUsers(dump.Users, s.LoadDataFrom, s.LoadDataMode, s.LoadDataQuotaScan) + err = httpd.RestoreUsers(dump.Users, s.LoadDataFrom, s.LoadDataMode, s.LoadDataQuotaScan, dataprovider.ActionExecutorSystem, "") if err != nil { return fmt.Errorf("unable to restore users from file %#v: %v", s.LoadDataFrom, err) } - err = httpd.RestoreAdmins(dump.Admins, s.LoadDataFrom, s.LoadDataMode) + err = httpd.RestoreAdmins(dump.Admins, s.LoadDataFrom, s.LoadDataMode, dataprovider.ActionExecutorSystem, "") if err != nil { return fmt.Errorf("unable to restore admins from file %#v: %v", s.LoadDataFrom, err) } - err = httpd.RestoreAPIKeys(dump.APIKeys, s.LoadDataFrom, s.LoadDataMode) + err = httpd.RestoreAPIKeys(dump.APIKeys, s.LoadDataFrom, s.LoadDataMode, dataprovider.ActionExecutorSystem, "") if err != nil { return fmt.Errorf("unable to restore API keys from file %#v: %v", s.LoadDataFrom, err) } diff --git a/sftpd/handler.go b/sftpd/handler.go index c8dd30dd..c9ff8cff 100644 --- a/sftpd/handler.go +++ b/sftpd/handler.go @@ -73,7 +73,7 @@ func (c *Connection) Fileread(request *sftp.Request) (io.ReaderAt, error) { return nil, err } - if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, p, request.Filepath, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreDownload, p, request.Filepath, c.GetProtocol(), c.GetRemoteIP(), 0, 0); err != nil { c.Log(logger.LevelDebug, "download for file %#v denied by pre action: %v", request.Filepath, err) return nil, c.GetPermissionDeniedError() } @@ -349,7 +349,7 @@ func (c *Connection) handleSFTPUploadToNewFile(fs vfs.Fs, resolvedPath, filePath return nil, c.GetQuotaExceededError() } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), 0, 0); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, c.GetPermissionDeniedError() } @@ -396,7 +396,7 @@ func (c *Connection) handleSFTPUploadToExistingFile(fs vfs.Fs, pflags sftp.FileO return nil, err } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), fileSize, osFlags); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), fileSize, osFlags); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, c.GetPermissionDeniedError() } diff --git a/sftpd/scp.go b/sftpd/scp.go index c5570f22..90680427 100644 --- a/sftpd/scp.go +++ b/sftpd/scp.go @@ -219,7 +219,8 @@ func (c *scpCommand) handleUploadFile(fs vfs.Fs, resolvedPath, filePath string, c.sendErrorMessage(fs, err) return err } - err := common.ExecutePreAction(&c.connection.User, common.OperationPreUpload, resolvedPath, requestPath, c.connection.GetProtocol(), fileSize, os.O_TRUNC) + err := common.ExecutePreAction(&c.connection.User, common.OperationPreUpload, resolvedPath, requestPath, + c.connection.GetProtocol(), c.connection.GetRemoteIP(), fileSize, os.O_TRUNC) if err != nil { c.connection.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) err = c.connection.GetPermissionDeniedError() @@ -514,7 +515,7 @@ func (c *scpCommand) handleDownload(filePath string) error { return common.ErrPermissionDenied } - if err := common.ExecutePreAction(&c.connection.User, common.OperationPreDownload, p, filePath, c.connection.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.connection.User, common.OperationPreDownload, p, filePath, c.connection.GetProtocol(), c.connection.GetRemoteIP(), 0, 0); err != nil { c.connection.Log(logger.LevelDebug, "download for file %#v denied by pre action: %v", filePath, err) c.sendErrorMessage(fs, common.ErrPermissionDenied) return common.ErrPermissionDenied diff --git a/sftpd/sftpd_test.go b/sftpd/sftpd_test.go index d868d6ed..3583a95e 100644 --- a/sftpd/sftpd_test.go +++ b/sftpd/sftpd_test.go @@ -633,7 +633,7 @@ func TestDefender(t *testing.T) { _, _, err = getSftpClient(user, usePubKey) assert.Error(t, err) - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) @@ -3194,7 +3194,7 @@ func TestMaxConnections(t *testing.T) { usePubKey := true user := getTestUser(usePubKey) - err := dataprovider.AddUser(&user) + err := dataprovider.AddUser(&user, "", "") assert.NoError(t, err) user.Password = "" conn, client, err := getSftpClient(user, usePubKey) @@ -3210,7 +3210,7 @@ func TestMaxConnections(t *testing.T) { err = conn.Close() assert.NoError(t, err) } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) @@ -3229,7 +3229,7 @@ func TestMaxPerHostConnections(t *testing.T) { usePubKey := true user := getTestUser(usePubKey) - err := dataprovider.AddUser(&user) + err := dataprovider.AddUser(&user, "", "") assert.NoError(t, err) user.Password = "" conn, client, err := getSftpClient(user, usePubKey) @@ -3245,7 +3245,7 @@ func TestMaxPerHostConnections(t *testing.T) { err = conn.Close() assert.NoError(t, err) } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(user.GetHomeDir()) assert.NoError(t, err) diff --git a/sftpd/ssh_cmd.go b/sftpd/ssh_cmd.go index 73175310..46c4c0d6 100644 --- a/sftpd/ssh_cmd.go +++ b/sftpd/ssh_cmd.go @@ -717,11 +717,13 @@ func (c *sshCommand) sendErrorResponse(err error) error { func (c *sshCommand) sendExitStatus(err error) { status := uint32(0) - cmdPath := c.getDestPath() + vCmdPath := c.getDestPath() + cmdPath := "" targetPath := "" + vTargetPath := "" if c.command == "sftpgo-copy" { - targetPath = cmdPath - cmdPath = c.getSourcePath() + vTargetPath = vCmdPath + vCmdPath = c.getSourcePath() } if err != nil { status = uint32(1) @@ -737,20 +739,20 @@ func (c *sshCommand) sendExitStatus(err error) { // for scp we notify single uploads/downloads if c.command != scpCmdName { metric.SSHCommandCompleted(err) - if cmdPath != "" { - _, p, errFs := c.connection.GetFsAndResolvedPath(cmdPath) + if vCmdPath != "" { + _, p, errFs := c.connection.GetFsAndResolvedPath(vCmdPath) if errFs == nil { cmdPath = p } } - if targetPath != "" { - _, p, errFs := c.connection.GetFsAndResolvedPath(targetPath) + if vTargetPath != "" { + _, p, errFs := c.connection.GetFsAndResolvedPath(vTargetPath) if errFs == nil { targetPath = p } } - common.ExecuteActionNotification(&c.connection.User, common.OperationSSHCmd, cmdPath, c.getDestPath(), targetPath, c.command, - common.ProtocolSSH, 0, err) + common.ExecuteActionNotification(&c.connection.User, common.OperationSSHCmd, cmdPath, vCmdPath, targetPath, + vTargetPath, c.command, common.ProtocolSSH, c.connection.GetRemoteIP(), 0, err) if err == nil { logger.CommandLog(sshCommandLogSender, cmdPath, targetPath, c.connection.User.Username, "", c.connection.ID, common.ProtocolSSH, -1, -1, "", "", c.connection.command, -1, c.connection.GetLocalAddress(), diff --git a/sftpgo.json b/sftpgo.json index a9e9b9f2..ca808963 100644 --- a/sftpgo.json +++ b/sftpgo.json @@ -160,6 +160,7 @@ "users_base_dir": "", "actions": { "execute_on": [], + "execute_for": [], "hook": "" }, "external_auth_hook": "", diff --git a/vfs/filesystem.go b/vfs/filesystem.go index d7de19ee..8476cce2 100644 --- a/vfs/filesystem.go +++ b/vfs/filesystem.go @@ -187,6 +187,9 @@ func (f *Filesystem) HasRedactedSecret() bool { if f.AzBlobConfig.AccountKey.IsRedacted() { return true } + if f.AzBlobConfig.SASURL.IsRedacted() { + return true + } case sdk.CryptedFilesystemProvider: if f.CryptConfig.Passphrase.IsRedacted() { return true diff --git a/webdavd/file.go b/webdavd/file.go index ac081100..e1d4ab61 100644 --- a/webdavd/file.go +++ b/webdavd/file.go @@ -148,7 +148,7 @@ func (f *webDavFile) Read(p []byte) (n int, err error) { return 0, f.Connection.GetPermissionDeniedError() } err := common.ExecutePreAction(&f.Connection.User, common.OperationPreDownload, f.GetFsPath(), f.GetVirtualPath(), - f.Connection.GetProtocol(), 0, 0) + f.Connection.GetProtocol(), f.Connection.GetRemoteIP(), 0, 0) if err != nil { f.Connection.Log(logger.LevelDebug, "download for file %#v denied by pre action: %v", f.GetVirtualPath(), err) return 0, f.Connection.GetPermissionDeniedError() diff --git a/webdavd/handler.go b/webdavd/handler.go index 6f9ad9f8..3e640386 100644 --- a/webdavd/handler.go +++ b/webdavd/handler.go @@ -199,7 +199,7 @@ func (c *Connection) handleUploadToNewFile(fs vfs.Fs, resolvedPath, filePath, re c.Log(logger.LevelInfo, "denying file write due to quota limits") return nil, common.ErrQuotaExceeded } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), 0, 0); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), 0, 0); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, c.GetPermissionDeniedError() } @@ -228,7 +228,8 @@ func (c *Connection) handleUploadToExistingFile(fs vfs.Fs, resolvedPath, filePat c.Log(logger.LevelInfo, "denying file write due to quota limits") return nil, common.ErrQuotaExceeded } - if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), fileSize, os.O_TRUNC); err != nil { + if err := common.ExecutePreAction(&c.User, common.OperationPreUpload, resolvedPath, requestPath, c.GetProtocol(), c.GetRemoteIP(), + fileSize, os.O_TRUNC); err != nil { c.Log(logger.LevelDebug, "upload for file %#v denied by pre action: %v", requestPath, err) return nil, c.GetPermissionDeniedError() } diff --git a/webdavd/internal_test.go b/webdavd/internal_test.go index 43aff361..c79e2aaa 100644 --- a/webdavd/internal_test.go +++ b/webdavd/internal_test.go @@ -935,7 +935,7 @@ func TestBasicUsersCache(t *testing.T) { } u.Permissions = make(map[string][]string) u.Permissions["/"] = []string{dataprovider.PermAny} - err := dataprovider.AddUser(&u) + err := dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) @@ -1007,7 +1007,7 @@ func TestBasicUsersCache(t *testing.T) { assert.False(t, cachedUser.IsExpired()) } // cache is not invalidated after a user modification if the fs does not change - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(username) assert.True(t, ok) @@ -1020,7 +1020,7 @@ func TestBasicUsersCache(t *testing.T) { VirtualPath: "/vdir", }) - err = dataprovider.UpdateUser(&user) + err = dataprovider.UpdateUser(&user, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(username) assert.False(t, ok) @@ -1032,12 +1032,12 @@ func TestBasicUsersCache(t *testing.T) { _, ok = dataprovider.GetCachedWebDAVUser(username) assert.True(t, ok) // cache is invalidated after user deletion - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(username) assert.False(t, ok) - err = dataprovider.DeleteFolder(folderName) + err = dataprovider.DeleteFolder(folderName, "", "") assert.NoError(t, err) err = os.RemoveAll(u.GetHomeDir()) @@ -1066,7 +1066,7 @@ func TestCachedUserWithFolders(t *testing.T) { }, VirtualPath: "/vpath", }) - err := dataprovider.AddUser(&u) + err := dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) @@ -1119,7 +1119,7 @@ func TestCachedUserWithFolders(t *testing.T) { folder, err := dataprovider.GetFolderByName(folderName) assert.NoError(t, err) // updating a used folder should invalidate the cache only if the fs changed - err = dataprovider.UpdateFolder(&folder, folder.Users) + err = dataprovider.UpdateFolder(&folder, folder.Users, "", "") assert.NoError(t, err) _, isCached, _, loginMethod, err = server.authenticate(req, ipAddr) @@ -1132,7 +1132,7 @@ func TestCachedUserWithFolders(t *testing.T) { } // changing the folder path should invalidate the cache folder.MappedPath = filepath.Join(os.TempDir(), "anotherpath") - err = dataprovider.UpdateFolder(&folder, folder.Users) + err = dataprovider.UpdateFolder(&folder, folder.Users, "", "") assert.NoError(t, err) _, isCached, _, loginMethod, err = server.authenticate(req, ipAddr) assert.NoError(t, err) @@ -1143,7 +1143,7 @@ func TestCachedUserWithFolders(t *testing.T) { assert.False(t, cachedUser.IsExpired()) } - err = dataprovider.DeleteFolder(folderName) + err = dataprovider.DeleteFolder(folderName, "", "") assert.NoError(t, err) // removing a used folder should invalidate the cache _, isCached, _, loginMethod, err = server.authenticate(req, ipAddr) @@ -1155,7 +1155,7 @@ func TestCachedUserWithFolders(t *testing.T) { assert.False(t, cachedUser.IsExpired()) } - err = dataprovider.DeleteUser(user.Username) + err = dataprovider.DeleteUser(user.Username, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(username) assert.False(t, ok) @@ -1181,25 +1181,25 @@ func TestUsersCacheSizeAndExpiration(t *testing.T) { u.Password = password + "1" u.Permissions = make(map[string][]string) u.Permissions["/"] = []string{dataprovider.PermAny} - err := dataprovider.AddUser(&u) + err := dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user1, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) u.Username = username + "2" u.Password = password + "2" - err = dataprovider.AddUser(&u) + err = dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user2, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) u.Username = username + "3" u.Password = password + "3" - err = dataprovider.AddUser(&u) + err = dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user3, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) u.Username = username + "4" u.Password = password + "4" - err = dataprovider.AddUser(&u) + err = dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user4, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) @@ -1332,7 +1332,7 @@ func TestUsersCacheSizeAndExpiration(t *testing.T) { // now remove user1 after an update user1.HomeDir += "_mod" - err = dataprovider.UpdateUser(&user1) + err = dataprovider.UpdateUser(&user1, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(user1.Username) assert.False(t, ok) @@ -1363,13 +1363,13 @@ func TestUsersCacheSizeAndExpiration(t *testing.T) { _, ok = dataprovider.GetCachedWebDAVUser(user4.Username) assert.True(t, ok) - err = dataprovider.DeleteUser(user1.Username) + err = dataprovider.DeleteUser(user1.Username, "", "") assert.NoError(t, err) - err = dataprovider.DeleteUser(user2.Username) + err = dataprovider.DeleteUser(user2.Username, "", "") assert.NoError(t, err) - err = dataprovider.DeleteUser(user3.Username) + err = dataprovider.DeleteUser(user3.Username, "", "") assert.NoError(t, err) - err = dataprovider.DeleteUser(user4.Username) + err = dataprovider.DeleteUser(user4.Username, "", "") assert.NoError(t, err) err = os.RemoveAll(u.GetHomeDir()) @@ -1391,7 +1391,7 @@ func TestUserCacheIsolation(t *testing.T) { } u.Permissions = make(map[string][]string) u.Permissions["/"] = []string{dataprovider.PermAny} - err := dataprovider.AddUser(&u) + err := dataprovider.AddUser(&u, "", "") assert.NoError(t, err) user, err := dataprovider.UserExists(u.Username) assert.NoError(t, err) @@ -1427,7 +1427,7 @@ func TestUserCacheIsolation(t *testing.T) { assert.False(t, cachedUser.User.FsConfig.S3Config.AccessSecret.IsEncrypted()) } - err = dataprovider.DeleteUser(username) + err = dataprovider.DeleteUser(username, "", "") assert.NoError(t, err) _, ok = dataprovider.GetCachedWebDAVUser(username) assert.False(t, ok) diff --git a/webdavd/webdavd_test.go b/webdavd/webdavd_test.go index 6148f1c8..33663759 100644 --- a/webdavd/webdavd_test.go +++ b/webdavd/webdavd_test.go @@ -672,6 +672,7 @@ func TestLockAfterDelete(t *testing.T) { req, err := http.NewRequest("LOCK", fmt.Sprintf("http://%v/%v", webDavServerAddr, testFileName), bytes.NewReader([]byte(lockBody))) assert.NoError(t, err) req.SetBasicAuth(u.Username, u.Password) + req.Header.Set("Timeout", "Second-3600") httpClient := httpclient.GetHTTPClient() resp, err := httpClient.Do(req) assert.NoError(t, err)