From f5baeaa06c44483886a017ea03932f9f6475505e Mon Sep 17 00:00:00 2001 From: Mat Date: Tue, 16 Oct 2018 09:56:36 +0200 Subject: [PATCH 1/6] init PrivacyEvent logger service --- Controller/PersonController.php | 19 ++- DependencyInjection/ChillPersonExtension.php | 1 + Privacy/PrivacyEvent.php | 117 +++++++++++++++++++ Privacy/PrivacyEventSubscriber.php | 99 ++++++++++++++++ Resources/config/services/controller.yml | 1 + Resources/config/services/privacyEvent.yml | 7 ++ 6 files changed, 241 insertions(+), 3 deletions(-) create mode 100644 Privacy/PrivacyEvent.php create mode 100644 Privacy/PrivacyEventSubscriber.php create mode 100644 Resources/config/services/privacyEvent.yml diff --git a/Controller/PersonController.php b/Controller/PersonController.php index 1ab1f5fa1..d89b55a75 100644 --- a/Controller/PersonController.php +++ b/Controller/PersonController.php @@ -22,10 +22,12 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Chill\PersonBundle\Entity\Person; use Chill\PersonBundle\Form\PersonType; use Chill\PersonBundle\Form\CreationPersonType; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Role\Role; @@ -48,12 +50,20 @@ class PersonController extends Controller */ protected $translator; + + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + public function __construct( SimilarPersonMatcher $similarPersonMatcher, - TranslatorInterface $translator + TranslatorInterface $translator, + EventDispatcherInterface $eventDispatcher ) { $this->similarPersonMatcher = $similarPersonMatcher; $this->translator = $translator; + $this->eventDispatcher = $eventDispatcher; } public function getCFGroup() @@ -79,10 +89,13 @@ class PersonController extends Controller throw $this->createNotFoundException("Person with id $person_id not" . " found on this server"); } - + $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person, "You are not allowed to see this person."); - + + $event = new PrivacyEvent($person); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); + return $this->render('ChillPersonBundle:Person:view.html.twig', array("person" => $person, "cFGroup" => $this->getCFGroup())); diff --git a/DependencyInjection/ChillPersonExtension.php b/DependencyInjection/ChillPersonExtension.php index b1fb57099..c6aa90d9d 100644 --- a/DependencyInjection/ChillPersonExtension.php +++ b/DependencyInjection/ChillPersonExtension.php @@ -62,6 +62,7 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac $loader->load('services/controller.yml'); $loader->load('services/search.yml'); $loader->load('services/menu.yml'); + $loader->load('services/privacyEvent.yml'); } private function handlePersonFieldsParameters(ContainerBuilder $container, $config) diff --git a/Privacy/PrivacyEvent.php b/Privacy/PrivacyEvent.php new file mode 100644 index 000000000..2940de3bd --- /dev/null +++ b/Privacy/PrivacyEvent.php @@ -0,0 +1,117 @@ +, + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +use Symfony\Component\EventDispatcher\Event; +use Chill\PersonBundle\Entity\Person; + +class PrivacyEvent extends Event +{ + const PERSON_PRIVACY_EVENT = 'chill_person.privacy_event'; + + /** + * @var Person + */ + private $person; + + /** + * @var Object + */ + private $element; + + /** + * @var array + */ + private $args; + + /** + * @var array + */ + private $persons; + + /** + * PrivacyEvent constructor. + * + * @param Person $person + * @param object $element + * @param array $args + */ + public function __construct(Person $person, object $element = null, array $args) + { + $this->person = $person; + $this->element = $element; + $this->args = $args; + $this->persons = array(); + } + + /** + * @return Person + */ + public function getPerson() + { + return $this->person; + } + + /** + * @param Person $person + */ + public function addPerson(Person $person) + { + $this->persons[] = $person; + + return $this; + } + + /** + * @return array $persons + */ + public function getPersons() + { + return $this->persons; + } + + /** + * @return bool + */ + public function hasPersons() + { + return (count($this->persons) >= 1 ? true : false); + } + + /** + * @return Object + */ + public function getElement() + { + return $this->element; + } + + /** + * @return array + */ + public function getArgs() + { + return $this->args; + } + +} \ No newline at end of file diff --git a/Privacy/PrivacyEventSubscriber.php b/Privacy/PrivacyEventSubscriber.php new file mode 100644 index 000000000..0b83c42ef --- /dev/null +++ b/Privacy/PrivacyEventSubscriber.php @@ -0,0 +1,99 @@ +, + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +use Psr\Log\LoggerInterface; +use Symfony\Component\EventDispatcher\EventSubscriberInterface; +use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; +use Symfony\Component\HttpKernel\KernelEvents; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; + +class PrivacyEventSubscriber implements EventSubscriberInterface +{ + + /** + * @var LoggerInterface + */ + protected $logger; + + /** + * @var TokenStorageInterface + */ + protected $token; + + /** + * PrivacyEventSubscriber constructor. + * + * @param LoggerInterface $logger + */ + public function __construct(LoggerInterface $logger, TokenStorageInterface $token) + { + $this->logger = $logger; + $this->token = $token; + } + + public static function getSubscribedEvents() + { + return array(PrivacyEvent::PERSON_PRIVACY_EVENT => array( + array('onPrivacyEvent') + )); + } + + public function onPrivacyEvent(PrivacyEvent $event) + { + $persons = array(); + + if ($event->hasPersons() === true) { + foreach ($event->getPersons() as $person) { + $persons[] = $person->getId(); + } + } + + $this->logger->notice("[Privacy Event] A Person Folder has been viewed", array( + 'by_user' => $this->token->getToken()->getUser()->getUsername(), + 'by_user_id' => $this->token->getToken()->getUser()->getId(), + 'person_id' => $event->getPerson()->getId(), + 'persons' => $persons, + 'element_class' => $event->getArgs()['element_class'], + 'element_id' => intval($event->getArgs()['element_id']), + 'action' => $event->getArgs()['action'] + )); + + dump($event); + } + + public function processException(GetResponseForExceptionEvent $event) + { + // ... + } + + public function logException(GetResponseForExceptionEvent $event) + { + // ... + } + + public function notifyException(GetResponseForExceptionEvent $event) + { + // ... + } +} \ No newline at end of file diff --git a/Resources/config/services/controller.yml b/Resources/config/services/controller.yml index d47ab2cbd..d4e232476 100644 --- a/Resources/config/services/controller.yml +++ b/Resources/config/services/controller.yml @@ -3,4 +3,5 @@ services: arguments: $similarPersonMatcher: '@Chill\PersonBundle\Search\SimilarPersonMatcher' $translator: '@Symfony\Component\Translation\TranslatorInterface' + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' tags: ['controller.service_arguments'] diff --git a/Resources/config/services/privacyEvent.yml b/Resources/config/services/privacyEvent.yml new file mode 100644 index 000000000..780601d9d --- /dev/null +++ b/Resources/config/services/privacyEvent.yml @@ -0,0 +1,7 @@ +services: + Chill\PersonBundle\Privacy\PrivacyEventSubscriber: + arguments: + $logger: '@chill.main.logger' + $token: '@Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface' + tags: + - { name: kernel.event_subscriber } From 4c8f1700256fca84383deffb1860dd65547b4bf9 Mon Sep 17 00:00:00 2001 From: Mat Date: Tue, 16 Oct 2018 12:03:54 +0200 Subject: [PATCH 2/6] privacyEvent, add event in timeline --- Controller/TimelinePersonController.php | 25 ++++++++++++++++++++++-- Privacy/PrivacyEvent.php | 2 +- Resources/config/services/controller.yml | 4 ++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/Controller/TimelinePersonController.php b/Controller/TimelinePersonController.php index ad8d46a67..3c47baced 100644 --- a/Controller/TimelinePersonController.php +++ b/Controller/TimelinePersonController.php @@ -19,6 +19,8 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; use Symfony\Bundle\FrameworkBundle\Controller\Controller; @@ -30,7 +32,23 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller; */ class TimelinePersonController extends Controller { - + + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + + /** + * TimelinePersonController constructor. + * + * @param EventDispatcherInterface $eventDispatcher + */ + public function __construct(EventDispatcherInterface $eventDispatcher) + { + $this->eventDispatcher = $eventDispatcher; + } + + public function personAction(Request $request, $person_id) { $person = $this->getDoctrine() @@ -52,7 +70,10 @@ class TimelinePersonController extends Controller ); $paginator = $paginatorFactory->create($nbItems); - + + $event = new PrivacyEvent($person); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); + return $this->render('ChillPersonBundle:Timeline:index.html.twig', array ( 'timeline' => $timelineBuilder->getTimelineHTML( diff --git a/Privacy/PrivacyEvent.php b/Privacy/PrivacyEvent.php index 2940de3bd..b89328fac 100644 --- a/Privacy/PrivacyEvent.php +++ b/Privacy/PrivacyEvent.php @@ -56,7 +56,7 @@ class PrivacyEvent extends Event * @param object $element * @param array $args */ - public function __construct(Person $person, object $element = null, array $args) + public function __construct(Person $person, object $element = null, array $args = array('action' => 'show')) { $this->person = $person; $this->element = $element; diff --git a/Resources/config/services/controller.yml b/Resources/config/services/controller.yml index d4e232476..7ca377e62 100644 --- a/Resources/config/services/controller.yml +++ b/Resources/config/services/controller.yml @@ -5,3 +5,7 @@ services: $translator: '@Symfony\Component\Translation\TranslatorInterface' $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' tags: ['controller.service_arguments'] + + Chill\PersonBundle\Controller\TimelinePersonController: + arguments: + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' From 5f36a623790d581bc54b15bb484a095ec5dde402 Mon Sep 17 00:00:00 2001 From: Mat Date: Tue, 16 Oct 2018 12:36:19 +0200 Subject: [PATCH 3/6] privacyEvent, add event in accompanyingPeriod --- Controller/AccompanyingPeriodController.php | 25 +++++++++++++++++++++ Resources/config/services/controller.yml | 4 ++++ 2 files changed, 29 insertions(+) diff --git a/Controller/AccompanyingPeriodController.php b/Controller/AccompanyingPeriodController.php index b7d4241ab..c678fe817 100644 --- a/Controller/AccompanyingPeriodController.php +++ b/Controller/AccompanyingPeriodController.php @@ -22,20 +22,45 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Chill\PersonBundle\Entity\Person; use Chill\PersonBundle\Form\AccompanyingPeriodType; use Chill\PersonBundle\Entity\AccompanyingPeriod; use Doctrine\Common\Collections\Criteria; use Chill\PersonBundle\Security\Authorization\PersonVoter; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; class AccompanyingPeriodController extends Controller { + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + + /** + * ReportController constructor. + * + * @param EventDispatcherInterface $eventDispatcher + */ + public function __construct(EventDispatcherInterface $eventDispatcher) + { + $this->eventDispatcher = $eventDispatcher; + } + + + public function listAction($person_id){ $person = $this->_getPerson($person_id); + + $event = new PrivacyEvent($person, null, array( + 'element_class' => AccompanyingPeriod::class, + 'action' => 'list' + )); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); return $this->render('ChillPersonBundle:AccompanyingPeriod:list.html.twig', array('accompanying_periods' => $person->getAccompanyingPeriodsOrdered(), diff --git a/Resources/config/services/controller.yml b/Resources/config/services/controller.yml index 7ca377e62..8e2fb9fdf 100644 --- a/Resources/config/services/controller.yml +++ b/Resources/config/services/controller.yml @@ -9,3 +9,7 @@ services: Chill\PersonBundle\Controller\TimelinePersonController: arguments: $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' + + Chill\PersonBundle\Controller\AccompanyingPeriodController: + arguments: + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' From 6324eceb1bdc2d2c2ce7ca4ddb384d8b953e028b Mon Sep 17 00:00:00 2001 From: Mat Date: Tue, 16 Oct 2018 14:47:19 +0200 Subject: [PATCH 4/6] privacyEvent: remove element parameter --- Controller/AccompanyingPeriodController.php | 2 +- Controller/TimelinePersonController.php | 2 +- Privacy/PrivacyEvent.php | 27 ++++++++------------- Privacy/PrivacyEventSubscriber.php | 12 +++++---- 4 files changed, 19 insertions(+), 24 deletions(-) diff --git a/Controller/AccompanyingPeriodController.php b/Controller/AccompanyingPeriodController.php index c678fe817..5af5bc14f 100644 --- a/Controller/AccompanyingPeriodController.php +++ b/Controller/AccompanyingPeriodController.php @@ -56,7 +56,7 @@ class AccompanyingPeriodController extends Controller $person = $this->_getPerson($person_id); - $event = new PrivacyEvent($person, null, array( + $event = new PrivacyEvent($person, array( 'element_class' => AccompanyingPeriod::class, 'action' => 'list' )); diff --git a/Controller/TimelinePersonController.php b/Controller/TimelinePersonController.php index 3c47baced..35935163d 100644 --- a/Controller/TimelinePersonController.php +++ b/Controller/TimelinePersonController.php @@ -71,7 +71,7 @@ class TimelinePersonController extends Controller $paginator = $paginatorFactory->create($nbItems); - $event = new PrivacyEvent($person); + $event = new PrivacyEvent($person, array('action' => 'timeline')); $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); return $this->render('ChillPersonBundle:Timeline:index.html.twig', array diff --git a/Privacy/PrivacyEvent.php b/Privacy/PrivacyEvent.php index b89328fac..65304f96a 100644 --- a/Privacy/PrivacyEvent.php +++ b/Privacy/PrivacyEvent.php @@ -25,6 +25,14 @@ namespace Chill\PersonBundle\Privacy; use Symfony\Component\EventDispatcher\Event; use Chill\PersonBundle\Entity\Person; +/** + * Class PrivacyEvent + * + * Array $args expects arguments with the following keys: 'element_class', 'element_id', 'action' + * By default, action is set to 'show' + * + * @package Chill\PersonBundle\Privacy + */ class PrivacyEvent extends Event { const PERSON_PRIVACY_EVENT = 'chill_person.privacy_event'; @@ -34,11 +42,6 @@ class PrivacyEvent extends Event */ private $person; - /** - * @var Object - */ - private $element; - /** * @var array */ @@ -53,13 +56,11 @@ class PrivacyEvent extends Event * PrivacyEvent constructor. * * @param Person $person - * @param object $element * @param array $args */ - public function __construct(Person $person, object $element = null, array $args = array('action' => 'show')) + public function __construct(Person $person, array $args = array('action' => 'show')) { $this->person = $person; - $this->element = $element; $this->args = $args; $this->persons = array(); } @@ -95,15 +96,7 @@ class PrivacyEvent extends Event */ public function hasPersons() { - return (count($this->persons) >= 1 ? true : false); - } - - /** - * @return Object - */ - public function getElement() - { - return $this->element; + return count($this->persons) >= 1; } /** diff --git a/Privacy/PrivacyEventSubscriber.php b/Privacy/PrivacyEventSubscriber.php index 0b83c42ef..7fbd0e3e7 100644 --- a/Privacy/PrivacyEventSubscriber.php +++ b/Privacy/PrivacyEventSubscriber.php @@ -69,15 +69,17 @@ class PrivacyEventSubscriber implements EventSubscriberInterface } } - $this->logger->notice("[Privacy Event] A Person Folder has been viewed", array( + $involved = array( 'by_user' => $this->token->getToken()->getUser()->getUsername(), 'by_user_id' => $this->token->getToken()->getUser()->getId(), 'person_id' => $event->getPerson()->getId(), 'persons' => $persons, - 'element_class' => $event->getArgs()['element_class'], - 'element_id' => intval($event->getArgs()['element_id']), - 'action' => $event->getArgs()['action'] - )); + ); + + $this->logger->notice( + "[Privacy Event] A Person Folder has been viewed", + array_merge($involved, $event->getArgs()) + ); dump($event); } From 4f78b8fb54dba6b34f7178042e1423ba6f6e1bce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Thu, 18 Oct 2018 21:54:04 +0200 Subject: [PATCH 5/6] remove unused code and dum --- Privacy/PrivacyEventSubscriber.php | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/Privacy/PrivacyEventSubscriber.php b/Privacy/PrivacyEventSubscriber.php index 7fbd0e3e7..5ca144b93 100644 --- a/Privacy/PrivacyEventSubscriber.php +++ b/Privacy/PrivacyEventSubscriber.php @@ -24,8 +24,6 @@ namespace Chill\PersonBundle\Privacy; use Psr\Log\LoggerInterface; use Symfony\Component\EventDispatcher\EventSubscriberInterface; -use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; -use Symfony\Component\HttpKernel\KernelEvents; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; class PrivacyEventSubscriber implements EventSubscriberInterface @@ -80,22 +78,5 @@ class PrivacyEventSubscriber implements EventSubscriberInterface "[Privacy Event] A Person Folder has been viewed", array_merge($involved, $event->getArgs()) ); - - dump($event); - } - - public function processException(GetResponseForExceptionEvent $event) - { - // ... - } - - public function logException(GetResponseForExceptionEvent $event) - { - // ... - } - - public function notifyException(GetResponseForExceptionEvent $event) - { - // ... } } \ No newline at end of file From f7f678f0cbd90933a18baa6ed070c34e98628262 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Thu, 18 Oct 2018 21:56:28 +0200 Subject: [PATCH 6/6] add `persons` only if not empty --- Privacy/PrivacyEventSubscriber.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Privacy/PrivacyEventSubscriber.php b/Privacy/PrivacyEventSubscriber.php index 5ca144b93..9af711ed9 100644 --- a/Privacy/PrivacyEventSubscriber.php +++ b/Privacy/PrivacyEventSubscriber.php @@ -71,9 +71,12 @@ class PrivacyEventSubscriber implements EventSubscriberInterface 'by_user' => $this->token->getToken()->getUser()->getUsername(), 'by_user_id' => $this->token->getToken()->getUser()->getId(), 'person_id' => $event->getPerson()->getId(), - 'persons' => $persons, ); + if ($event->hasPersons()) { + $involved['persons'] = $event->getPersons(); + } + $this->logger->notice( "[Privacy Event] A Person Folder has been viewed", array_merge($involved, $event->getArgs())