more unit tests and events

Signed-off-by: jkoberg <jkoberg@owncloud.com>

audit/pkg/service/service.go

@@ -55,6 +55,12 @@ func StartAuditLogger(ctx context.Context, ch <-chan interface{}, log log.Logger
 				auditEvent = types.ShareRemoved(ev)
 			case events.LinkRemoved:
 				auditEvent = types.LinkRemoved(ev)
+			case events.ReceivedShareUpdated:
+				auditEvent = types.ReceivedShareUpdated(ev)
+			case events.LinkAccessed:
+				auditEvent = types.LinkAccessed(ev)
+			case events.LinkAccessFailed:
+				auditEvent = types.LinkAccessFailed(ev)
 			default:
 				log.Error().Interface("event", ev).Msg(fmt.Sprintf("can't handle event of type '%T'", ev))
 				continue

audit/pkg/service/service_test.go

@@ -140,6 +140,88 @@ var testCases = []struct {
 			require.Equal(t, "sharing-userid", ev.ShareOwner)
 			require.Equal(t, "token-123", ev.ShareToken)
 		},
+	}, {
+		Alias: "ShareRemoved",
+		SystemEvent: events.ShareRemoved{
+			ShareID:  shareID("shareid"),
+			ShareKey: nil,
+		},
+		CheckAuditEvent: func(t *testing.T, b []byte) {
+			ev := types.AuditEventShareRemoved{}
+			require.NoError(t, json.Unmarshal(b, &ev))
+
+			// AuditEvent fields
+			checkBaseAuditEvent(t, ev.AuditEvent, "", "", "share id:'shareid' uid:'' item-id:'' was removed", "file_unshared")
+			// AuditEventSharing fields
+			checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "shareid")
+			// AuditEventShareUpdated fields
+			require.Equal(t, "", ev.ItemType) // not implemented atm
+			require.Equal(t, "", ev.ShareType)
+			require.Equal(t, "", ev.ShareWith) // not filled on links
+		},
+	}, {
+		Alias: "LinkRemoved - id",
+		SystemEvent: events.LinkRemoved{
+			ShareID:    linkID("shareid"),
+			ShareToken: "",
+		},
+		CheckAuditEvent: func(t *testing.T, b []byte) {
+			ev := types.AuditEventShareRemoved{}
+			require.NoError(t, json.Unmarshal(b, &ev))
+
+			// AuditEvent fields
+			checkBaseAuditEvent(t, ev.AuditEvent, "", "", "public link id:'shareid' was removed", "file_unshared")
+			// AuditEventSharing fields
+			checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "shareid")
+			// AuditEventShareUpdated fields
+			require.Equal(t, "", ev.ItemType) // not implemented atm
+			require.Equal(t, "link", ev.ShareType)
+			require.Equal(t, "", ev.ShareWith) // not filled on links
+		},
+	}, {
+		Alias: "LinkRemoved - token",
+		SystemEvent: events.LinkRemoved{
+			ShareID:    nil,
+			ShareToken: "token-123",
+		},
+		CheckAuditEvent: func(t *testing.T, b []byte) {
+			ev := types.AuditEventShareRemoved{}
+			require.NoError(t, json.Unmarshal(b, &ev))
+
+			// AuditEvent fields
+			checkBaseAuditEvent(t, ev.AuditEvent, "", "", "public link id:'token-123' was removed", "file_unshared")
+			// AuditEventSharing fields
+			checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "token-123")
+			// AuditEventShareUpdated fields
+			require.Equal(t, "", ev.ItemType) // not implemented atm
+			require.Equal(t, "link", ev.ShareType)
+			require.Equal(t, "", ev.ShareWith) // not filled on links
+		},
+	}, {
+		Alias: "Share accepted",
+		SystemEvent: events.ReceivedShareUpdated{
+			ShareID:        shareID("shareid"),
+			ItemID:         resourceID("storageid-1", "itemid-1"),
+			Permissions:    sharePermissions("get_quota"),
+			GranteeUserID:  userID("beshared-userid"),
+			GranteeGroupID: nil,
+			Sharer:         userID("sharing-userid"),
+			MTime:          timestamp(10e8),
+			State:          "SHARE_STATE_ACCEPTED",
+		},
+		CheckAuditEvent: func(t *testing.T, b []byte) {
+			ev := types.AuditEventReceivedShareUpdated{}
+			require.NoError(t, json.Unmarshal(b, &ev))
+
+			// AuditEvent fields
+			checkBaseAuditEvent(t, ev.AuditEvent, "", "", "public link id:'token-123' was removed", "file_unshared")
+			// AuditEventSharing fields
+			checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "token-123")
+			// AuditEventShareUpdated fields
+			require.Equal(t, "", ev.ItemType) // not implemented atm
+			require.Equal(t, "link", ev.ShareType)
+			require.Equal(t, "", ev.ShareWith) // not filled on links
+		},
 	},
 }
 

audit/pkg/types/conversion.go

@@ -166,6 +166,21 @@ func LinkRemoved(ev events.LinkRemoved) AuditEventShareRemoved {
 	}
 }
 
+// ReceivedShareUpdated converts a ReceivedShareUpdated event to an AuditEventReceivedShareUpdated
+func ReceivedShareUpdated(ev events.ReceivedShareUpdated) AuditEventReceivedShareUpdated {
+	return AuditEventReceivedShareUpdated{}
+}
+
+// LinkAccessed converts a LinkAccessed event to an AuditEventLinkAccessed
+func LinkAccessed(ev events.LinkAccessed) AuditEventLinkAccessed {
+	return AuditEventLinkAccessed{}
+}
+
+// LinkAccessFailed converts a LinkAccessFailed event to an AuditEventLinkAccessed
+func LinkAccessFailed(ev events.LinkAccessFailed) AuditEventLinkAccessed {
+	return AuditEventLinkAccessed{}
+}
+
 func extractGrantee(uid *user.UserId, gid *group.GroupId) (string, string) {
 	switch {
 	case uid != nil && uid.OpaqueId != "":

audit/pkg/types/events.go

@@ -13,5 +13,8 @@ func RegisteredEvents() []events.Unmarshaller {
 		events.LinkUpdated{},
 		events.ShareRemoved{},
 		events.LinkRemoved{},
+		events.ReceivedShareUpdated{},
+		events.LinkAccessed{},
+		events.LinkAccessFailed{},
 	}
 }

audit/pkg/types/types.go

@@ -60,3 +60,23 @@ type AuditEventShareRemoved struct {
 	ShareType string // group user or link
 	ShareWith string // The UID or GID of the share recipient.
 }
+
+// AuditEventReceivedShareUpdated is the event logged when a share is accepted or declined
+type AuditEventReceivedShareUpdated struct {
+	AuditEventSharing
+	ItemType  string // file or folder
+	ShareType string // group user or link
+	ShareWith string // The UID or GID of the share recipient.
+	Path      string // The path of the shared item.
+	Owner     string // The UID of the owner of the shared item.
+	FileID    string // The file identifier for the item shared.
+	ShareID   string // The sharing identifier. (not available for public_link_accessed)
+}
+
+// AuditEventLinkAccessed is the event logged when a link is accessed
+type AuditEventLinkAccessed struct {
+	AuditEventSharing
+	ShareToken string // The share token.
+	Success    bool   // If the request was successful.
+	ItemType   string // file or folder
+}