Adding options for tracking NemID fields access

Author: stankut

README.md

@@ -2,11 +2,11 @@
 
 ## Module purpose
 
-The aim of this module is to provide logging of node access.
+The aim of this module is to provide logging of node access and NemID webform fields.
 
 ## How does it work
 
-When node is access this is logged by the module.
+When node or NemID webform field is access this is logged by the module.
 
 Logs are stored in two places: database + files.
 
@@ -18,9 +18,12 @@ It is **required** that this directory exists and is writable.
 
 ## Additional settings
 Settings are available under `admin/config/content/os2web-borgerdk`
-* **Node types to keep log of** - Select node type to keep logs of.
+* **Node types access to keep log of** - Select node type to keep logs of.
+* **Webform fields access to keep log of** - Select webform fields type to keep logs of.
+* **Log anonymous user actions** - If anonymous user actions are being logged
 * **Store database logs for this period** - Database logs will be stored for the selected number of days, after that they will be automatically deleted (cleanup is done daily).
 * **Store log files for this period** - Log file will be stored for the selected number of days, after that they will be automatically deleted
+* **Store log files directory** - Logs will be saved in this path.
 
 ## Install
 

composer.json

@@ -1,7 +1,7 @@
 {
     "name": "os2web/os2web_logging",
     "type": "drupal-module",
-    "description": "Logs node access for selected content type access",
+    "description": "Logs access selected content type or webform elements",
     "minimum-stability": "dev",
     "prefer-stable": true,
     "license": "EUPL-1.2",

os2web_logging.info.yml

@@ -1,5 +1,5 @@
 name: 'OS2Web logging'
-description: 'Logs node access for selected content type access.'
+description: 'Logs access selected content type or webform elements.'
 type: module
 package: 'OS2Web'
 core: 8.x

os2web_logging.module

@@ -6,9 +6,11 @@
  */
 
 use Drupal\Component\Datetime\DateTimePlus;
+use Drupal\Core\Access\AccessResult;
 use Drupal\Core\Entity\Display\EntityViewDisplayInterface;
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Form\FormStateInterface;
+use Drupal\Core\Session\AccountInterface;
 use Drupal\os2web_logging\Controller\LoggingController;
 use Drupal\os2web_logging\Form\SettingsForm;
 
@@ -34,12 +36,47 @@ function os2web_logging_node_view(array &$build, EntityInterface $entity, Entity
     if (in_array($entity->getType(), $node_types, TRUE)) {
 
       // Log entry.
-      $logger = \Drupal::logger('os2web_logging.node_access');
+      $logger = \Drupal::logger('os2web_logging.access_log');
       $logger->info('Node loaded', ['sid' => $entity->id()]);
     }
   }
 }
 
+/**
+ * Implements hook_webform_element_access().
+ */
+function os2web_logging_webform_element_access($operation, array &$element, AccountInterface $account = NULL, array $context = []) {
+  // Ignoring requests from CLI.
+  if (PHP_SAPI === 'cli') {
+    return AccessResult::neutral();
+  }
+
+  // Ignoring if operation is not view or update.
+  if ($operation != 'view' && $operation != 'update') {
+    return AccessResult::neutral();
+  }
+
+  $config = \Drupal::config(SettingsForm::$configName);
+
+  // Ignore anonymous user.
+  $logAnonymUser = $config->get('log_anonymous_user');
+  if (!$logAnonymUser && \Drupal::currentUser()->isAnonymous()) {
+    return AccessResult::neutral();
+  }
+
+  // Filter on element type.
+  if ($webform_elements = $config->get('logged_webform_elements')) {
+    if (in_array($element['#type'], $webform_elements, TRUE)) {
+      // Log entry.
+      $logger = \Drupal::logger('os2web_logging.access_log');
+      $logger->info('CPR accessed');
+    }
+  }
+
+  // As we are hooking into access, we make sure the return value is not altered.
+  return AccessResult::neutral();
+}
+
 /**
  * Implements hook_form_FORM_ID_alter().
  */

os2web_logging.services.yml

@@ -4,18 +4,18 @@ parameters:
     default: ['os2web_logging_watchdog']
     # Log php channel to web server's error log.
     php: ['error_log']
-    os2web_logging.node_access:
-      handlers: ['os2web_logging_node_access_file', 'drupal.os2web_logging_node_access_dblog']
+    os2web_logging.access_log:
+      handlers: ['os2web_logging_access_log_file', 'drupal.os2web_logging_access_log_dblog']
       formatter: 'json'
 
 services:
   monolog.handler.os2web_logging_watchdog:
     class: Monolog\Handler\RotatingFileHandler
     arguments: ['../logs/os2web_logging_watchdog.log', 60, 'monolog.level.debug']
-  monolog.handler.os2web_logging_node_access_file:
+  monolog.handler.os2web_logging_access_log_file:
     class: Monolog\Handler\RotatingFileHandler
-    arguments: ['../logs/os2web_logging_node_access.log', 60, 'monolog.level.debug']
-  logger.os2web_logging_node_access_dblog:
-    class: Drupal\os2web_logging\Logger\NodeAccessDbLog
+    arguments: ['../logs/os2web_logging_access_log.log', 60, 'monolog.level.debug']
+  logger.os2web_logging_access_log_dblog:
+    class: Drupal\os2web_logging\Logger\AccessLogsDbLog
     tags:
       - { name: logger }

src/Controller/LoggingController.php

@@ -125,7 +125,29 @@ public static function getCheckedRequirements() {
       $requirements['error'][] = $req;
     }
 
-    // 3. Number of days to store DB logs:
+    // 3. NemID fields.
+    $moduleHandler = \Drupal::service('module_handler');
+    if ($moduleHandler->moduleExists('os2forms_nemid')) {
+      $webform_elements = $config->get('logged_webform_elements');
+      $webform_elements = array_filter($webform_elements);
+
+      $webform_elements_build = [
+        '#theme' => 'item_list',
+        '#title' => t('NemID fields type'),
+        '#items' => $webform_elements,
+      ];
+      $webform_elements_rendered = \Drupal::service('renderer')->renderPlain($webform_elements_build);
+
+      $req = [
+        'title' => t('Selected NemID fields'),
+        'description' => t('These NemID fields access will be logged'),
+      ];
+
+      $req['value'] = !empty($webform_elements) ? $webform_elements_rendered : t('Empty');
+      $requirements['checked'][] = $req;
+    }
+
+    // 4. Number of days to store DB logs:
     $dblogStorePeriod = $config->get('dblogs_store_period');
 
     $req = [
@@ -142,7 +164,7 @@ public static function getCheckedRequirements() {
       $requirements['error'][] = $req;
     }
 
-    // 3. Number of days to store file logs.
+    // 5. Number of days to store file logs.
     $fileLogsStorePeriod = $config->get('files_store_period');
 
     $req = [
@@ -159,8 +181,8 @@ public static function getCheckedRequirements() {
       $requirements['error'][] = $req;
     }
 
-    // 4. File directory is writable.
-    $logger = \Drupal::service('monolog.handler.os2web_logging_node_access_file');
+    // 6. File directory is writable.
+    $logger = \Drupal::service('monolog.handler.os2web_logging_access_log_file');
     $logsDir = dirname($logger->getUrl());
     $exists = \Drupal::service('file_system')->prepareDirectory($logsDir, FileSystemInterface::MODIFY_PERMISSIONS);
 

src/Form/SettingsForm.php

@@ -54,20 +54,41 @@ public function buildForm(array $form, FormStateInterface $form_state) {
     $node_types = NodeType::loadMultiple();
 
     // Node types.
-    $options = [];
+    $nodeTypeOptions = [];
     foreach ($node_types as $node_type) {
-      $options[$node_type->id()] = $node_type->label();
+      $nodeTypeOptions[$node_type->id()] = $node_type->label();
     }
-
-    asort($options);
+    asort($nodeTypeOptions);
 
     $form['logged_node_types'] = [
       '#type' => 'checkboxes',
-      '#title' => $this->t('Node types to keep log of:'),
-      '#options' => $options,
+      '#title' => $this->t('Node types access to keep log of:'),
+      '#options' => $nodeTypeOptions,
       '#default_value' => $config->get('logged_node_types') ? $config->get('logged_node_types') : [],
     ];
 
+    // Webform elements.
+    $moduleHandler = \Drupal::service('module_handler');
+    if ($moduleHandler->moduleExists('os2forms_nemid')) {
+      $webformElementOptions = [];
+      /** @var \Drupal\webform\Plugin\WebformElementManagerInterface $element_manager */
+      $element_manager = \Drupal::service('plugin.manager.webform.element');
+      $webformElements = $element_manager->getDefinitions();
+      foreach ($webformElements as $el) {
+        if ($el['provider'] == 'os2forms_nemid') {
+          $webformElementOptions[$el['id']] = $el['label'];
+        }
+      }
+      asort($webformElementOptions);
+
+      $form['logged_webform_elements'] = [
+        '#type' => 'checkboxes',
+        '#title' => $this->t('Webform fields access to keep log of:'),
+        '#options' => $webformElementOptions,
+        '#default_value' => $config->get('logged_webform_elements') ? $config->get('logged_webform_elements') : [],
+      ];
+    }
+
     $form['log_anonymous_user'] = [
       '#type' => 'checkbox',
       '#title' => $this->t('Log anonymous user actions'),
@@ -111,7 +132,7 @@ public function buildForm(array $form, FormStateInterface $form_state) {
     $form['file_logs_detail']['files_log_path'] = [
       '#type' => 'textfield',
       '#title' => $this->t('Store log files directory'),
-      '#description' => $this->t('Log file will be stored for the selected number of days, after that they will be automatically deleted'),
+      '#description' => $this->t('Logs will be saved in this path'),
       '#default_value' => $config->get('files_log_path') ? $config->get('files_log_path') : '../logs',
     ];
 
@@ -121,19 +142,19 @@ public function buildForm(array $form, FormStateInterface $form_state) {
         ->t('Logs import'),
     ];
 
-    $options = [];
+    $nodeTypeOptions = [];
     if ($config->get('files_log_path')) {
-      $storedLogFiles = \Drupal::service('file_system')->scanDirectory($config->get('files_log_path'), '/os2web_logging_node_access-\d{4}-\d{2}-\d{2}\.(log|gz)/');
+      $storedLogFiles = \Drupal::service('file_system')->scanDirectory($config->get('files_log_path'), '/os2web_logging_access_log-\d{4}-\d{2}-\d{2}\.(log|gz)/');
 
       foreach ($storedLogFiles as $file) {
-        $options[$file->uri] = $file->filename;
+        $nodeTypeOptions[$file->uri] = $file->filename;
       }
-      arsort($options);
+      arsort($nodeTypeOptions);
     }
 
     $form['logs_import_file_detail']['logs_import_files_select'] = [
       '#type' => 'checkboxes',
-      '#options' => $options,
+      '#options' => $nodeTypeOptions,
       '#title' => $this->t('Import from existing files'),
       '#description' => $this->t('Archived log files will be automatically extracted'),
     ];

src/Logger/NodeAccessDbLog.php renamed to src/Logger/AccessLogsDbLog.php

@@ -7,9 +7,9 @@
 use Psr\Log\LoggerInterface;
 
 /**
- * Logs events in the watchdog database table.
+ * Logs events in the database table.
  */
-class NodeAccessDbLog implements LoggerInterface {
+class AccessLogsDbLog implements LoggerInterface {
   use RfcLoggerTrait;
 
   /**

src/Os2webLoggingServiceProvider.php

@@ -7,7 +7,7 @@
 use Drupal\os2web_logging\Form\SettingsForm;
 
 /**
- * Overrides the monolog.handler.os2web_logging_node_access_file service.
+ * Overrides the monolog.handler.os2web_logging_access_log_file service.
  */
 class Os2webLoggingServiceProvider extends ServiceProviderBase {
 
@@ -24,12 +24,12 @@ public function alter(ContainerBuilder $container) {
 
     $config = \Drupal::config(SettingsForm::$configName);
 
-    $logger = $container->getDefinition('monolog.handler.os2web_logging_node_access_file');
+    $logger = $container->getDefinition('monolog.handler.os2web_logging_access_log_file');
 
     // Updating store path for logger.
     $logs_path = $config->get('files_log_path');
     if (!empty($logs_path)) {
-      $logs_path .= '/os2web_logging_node_access.log';
+      $logs_path .= '/os2web_logging_access_log.log';
       $logger->replaceArgument(0, $logs_path);
     }