Giters

nextcloud / files_antivirus

👾 Antivirus app for Nextcloud Files

Home Page:https://apps.nextcloud.com/apps/files_antivirus

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Administrator notification does not work

GAS85 opened this issue · comments

commented

Steps to reproduce

  1. As mentioned in #150 set 2 Virus Test files for 2 different Users
  2. User 1 in in Administrative Group, User 2 is not.
  3. User 1 will see Antivirus notifications only for File 1 that is in his folder, but not for a File 2 that belongs to user 2.
  4. Administrator - User 3 will not see any notifications and needs to grep logs manually:
    grafik

Expected behaviour

Administrator AND all users under Administrative Group must receive a notifications about all users infected files.

Actual behaviour

Only actual User will see notification. Non of Administrators can see it if file is not shared with them.

Server configuration

Operating system: Ubuntu 18.04

Web server: Apache/2.4.43

Database: mysql Ver 15.1 Distrib 10.1.44-MariaDB

PHP version: 7.3.17-1

Nextcloud version: 18.0.4

Where did you install Nextcloud from: Official

List of activated apps:

Enabled:
  - accessibility: 1.4.0
  - activity: 2.11.0
  - admin_audit: 1.8.0
  - audioplayer: 2.10.0
  - bruteforcesettings: 1.6.0
  - calendar: 2.0.3
  - checksum: 0.4.4
  - cloud_federation_api: 1.1.0
  - comments: 1.8.0
  - data_request: 1.5.0
  - dav: 1.14.0
  - deck: 1.0.0
  - drawio: 0.9.5
  - federatedfilesharing: 1.8.0
  - federation: 1.8.0
  - files: 1.13.1
  - files_antivirus: 2.3.0
  - files_automatedtagging: 1.8.2
  - files_external: 1.9.0
  - files_mindmap: 0.0.21
  - files_pdfviewer: 1.7.0
  - files_retention: 1.7.0
  - files_rightclick: 0.15.2
  - files_sharing: 1.10.1
  - files_trashbin: 1.8.0
  - files_versions: 1.11.0
  - files_videoplayer: 1.7.0
  - firstrunwizard: 2.7.0
  - flowupload: 0.1.8
  - forms: 1.1.1
  - gpxpod: 4.2.1
  - keeweb: 0.6.2
  - logreader: 2.3.0
  - lookup_server_connector: 1.6.0
  - mail: 1.3.4
  - maps: 0.1.6
  - nextcloud_announcements: 1.7.0
  - notes: 3.3.0
  - notifications: 2.6.0
  - oauth2: 1.6.0
  - ocdownloader: 1.7.7
  - password_policy: 1.8.0
  - phonetrack: 0.6.2
  - photos: 1.0.0
  - polls: 1.4.3
  - previewgenerator: 2.3.0
  - privacy: 1.2.0
  - provisioning_api: 1.8.0
  - radio: 0.6.6
  - recommendations: 0.6.0
  - serverinfo: 1.8.0
  - settings: 1.0.0
  - sharebymail: 1.8.0
  - spreed: 8.0.8
  - survey_client: 1.6.0
  - systemtags: 1.8.0
  - text: 2.0.0
  - theming: 1.9.0
  - twofactor_backupcodes: 1.7.0
  - twofactor_totp: 4.1.3
  - unsplash: 1.1.5
  - updatenotification: 1.8.0
  - viewer: 1.2.0
  - weather: 1.7.2
  - workflowengine: 2.0.0
Disabled:
  - encryption
  - impersonate
  - sharerenamer
  - support
  - user_ldap

Nextcloud configuration:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": {
            "0": "***REMOVED SENSITIVE VALUE***",
            "2": "***REMOVED SENSITIVE VALUE***"
        },
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***\/nextcloud",
        "dbtype": "mysql",
        "version": "18.0.4.2",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "filesystem_check_changes": 0,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379,
            "timeout": 1.5
        },
        "mail_smtpmode": "smtp",
        "mail_smtpauthtype": "LOGIN",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "maintenance": false,
        "theme": "",
        "logfile": "\/var\/log\/nextcloud.log",
        "loglevel": 1,
        "trashbin_retention_obligation": "14, auto",
        "versions_retention_obligation": "14, auto",
        "data-fingerprint": "***REMOVED SENSITIVE VALUE***",
        "enable_previews": true,
        "enabledPreviewProviders": [
            "OC\\Preview\\PNG",
            "OC\\Preview\\JPEG",
            "OC\\Preview\\GIF",
            "OC\\Preview\\BMP",
            "OC\\Preview\\XBitmap",
            "OC\\Preview\\Movie",
            "OC\\Preview\\PDF",
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown"
        ],
        "preview_max_x": 1920,
        "preview_max_y": 1080,
        "jpeg_quality": 90,
        "auth.bruteforce.protection.enabled": true,
        "simpleSignUpLink.shown": false,
        "mail_smtpsecure": "tls",
        "mail_smtpauth": 1,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "twofactor_enforced": "true",
        "twofactor_enforced_groups": [
            "admin"
        ],
        "twofactor_enforced_excluded_groups": [],
        "has_rebuilt_cache": true,
        "updater.release.channel": "stable",
        "app_install_overwrite": [
            "keeweb",
            "radio"
        ]
    }
}

Logs

Nextcloud log (data/owncloud.log)

nextcloud.log:{"reqId":"MjJnqGiZOUnS7LX5R3k1","level":4,"time":"2020-05-11T06:15:16+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"MjJnqGiZOUnS7LX5R3k1","level":4,"time":"2020-05-11T06:15:16+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"2IpNCCghPo92PmCbvPlJ","level":4,"time":"2020-05-11T06:30:25+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"2IpNCCghPo92PmCbvPlJ","level":4,"time":"2020-05-11T06:30:25+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"3V6LbskveKSaUWSdDgs8","level":4,"time":"2020-05-11T07:00:03+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"3V6LbskveKSaUWSdDgs8","level":4,"time":"2020-05-11T07:00:03+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"EK6P2yTtHtx7WqHbJ7kf","level":4,"time":"2020-05-11T07:15:22+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"EK6P2yTtHtx7WqHbJ7kf","level":4,"time":"2020-05-11T07:15:22+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"N2n6g17X4R2j5PoYee9Z","level":4,"time":"2020-05-11T07:45:18+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"N2n6g17X4R2j5PoYee9Z","level":4,"time":"2020-05-11T07:45:18+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
commented

I create a script that evaluate logs and could notify any user: https://github.com/GAS85/nextcloud_scripts/blob/master/nextcloud-av-notification.sh
For NC before 14 this script needs "Admin notifications" App to be enabled.