Administrator notification does not work
GAS85 opened this issue · comments
Steps to reproduce
- As mentioned in #150 set 2 Virus Test files for 2 different Users
- User 1 in in Administrative Group, User 2 is not.
- User 1 will see Antivirus notifications only for File 1 that is in his folder, but not for a File 2 that belongs to user 2.
- Administrator - User 3 will not see any notifications and needs to grep logs manually:
Expected behaviour
Administrator AND all users under Administrative Group must receive a notifications about all users infected files.
Actual behaviour
Only actual User will see notification. Non of Administrators can see it if file is not shared with them.
Server configuration
Operating system: Ubuntu 18.04
Web server: Apache/2.4.43
Database: mysql Ver 15.1 Distrib 10.1.44-MariaDB
PHP version: 7.3.17-1
Nextcloud version: 18.0.4
Where did you install Nextcloud from: Official
List of activated apps:
Enabled:
- accessibility: 1.4.0
- activity: 2.11.0
- admin_audit: 1.8.0
- audioplayer: 2.10.0
- bruteforcesettings: 1.6.0
- calendar: 2.0.3
- checksum: 0.4.4
- cloud_federation_api: 1.1.0
- comments: 1.8.0
- data_request: 1.5.0
- dav: 1.14.0
- deck: 1.0.0
- drawio: 0.9.5
- federatedfilesharing: 1.8.0
- federation: 1.8.0
- files: 1.13.1
- files_antivirus: 2.3.0
- files_automatedtagging: 1.8.2
- files_external: 1.9.0
- files_mindmap: 0.0.21
- files_pdfviewer: 1.7.0
- files_retention: 1.7.0
- files_rightclick: 0.15.2
- files_sharing: 1.10.1
- files_trashbin: 1.8.0
- files_versions: 1.11.0
- files_videoplayer: 1.7.0
- firstrunwizard: 2.7.0
- flowupload: 0.1.8
- forms: 1.1.1
- gpxpod: 4.2.1
- keeweb: 0.6.2
- logreader: 2.3.0
- lookup_server_connector: 1.6.0
- mail: 1.3.4
- maps: 0.1.6
- nextcloud_announcements: 1.7.0
- notes: 3.3.0
- notifications: 2.6.0
- oauth2: 1.6.0
- ocdownloader: 1.7.7
- password_policy: 1.8.0
- phonetrack: 0.6.2
- photos: 1.0.0
- polls: 1.4.3
- previewgenerator: 2.3.0
- privacy: 1.2.0
- provisioning_api: 1.8.0
- radio: 0.6.6
- recommendations: 0.6.0
- serverinfo: 1.8.0
- settings: 1.0.0
- sharebymail: 1.8.0
- spreed: 8.0.8
- survey_client: 1.6.0
- systemtags: 1.8.0
- text: 2.0.0
- theming: 1.9.0
- twofactor_backupcodes: 1.7.0
- twofactor_totp: 4.1.3
- unsplash: 1.1.5
- updatenotification: 1.8.0
- viewer: 1.2.0
- weather: 1.7.2
- workflowengine: 2.0.0
Disabled:
- encryption
- impersonate
- sharerenamer
- support
- user_ldap
Nextcloud configuration:
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": {
"0": "***REMOVED SENSITIVE VALUE***",
"2": "***REMOVED SENSITIVE VALUE***"
},
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***\/nextcloud",
"dbtype": "mysql",
"version": "18.0.4.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"filesystem_check_changes": 0,
"memcache.local": "\\OC\\Memcache\\APCu",
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379,
"timeout": 1.5
},
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"theme": "",
"logfile": "\/var\/log\/nextcloud.log",
"loglevel": 1,
"trashbin_retention_obligation": "14, auto",
"versions_retention_obligation": "14, auto",
"data-fingerprint": "***REMOVED SENSITIVE VALUE***",
"enable_previews": true,
"enabledPreviewProviders": [
"OC\\Preview\\PNG",
"OC\\Preview\\JPEG",
"OC\\Preview\\GIF",
"OC\\Preview\\BMP",
"OC\\Preview\\XBitmap",
"OC\\Preview\\Movie",
"OC\\Preview\\PDF",
"OC\\Preview\\MP3",
"OC\\Preview\\TXT",
"OC\\Preview\\MarkDown"
],
"preview_max_x": 1920,
"preview_max_y": 1080,
"jpeg_quality": 90,
"auth.bruteforce.protection.enabled": true,
"simpleSignUpLink.shown": false,
"mail_smtpsecure": "tls",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"twofactor_enforced": "true",
"twofactor_enforced_groups": [
"admin"
],
"twofactor_enforced_excluded_groups": [],
"has_rebuilt_cache": true,
"updater.release.channel": "stable",
"app_install_overwrite": [
"keeweb",
"radio"
]
}
}
Logs
Nextcloud log (data/owncloud.log)
nextcloud.log:{"reqId":"MjJnqGiZOUnS7LX5R3k1","level":4,"time":"2020-05-11T06:15:16+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"MjJnqGiZOUnS7LX5R3k1","level":4,"time":"2020-05-11T06:15:16+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"2IpNCCghPo92PmCbvPlJ","level":4,"time":"2020-05-11T06:30:25+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"2IpNCCghPo92PmCbvPlJ","level":4,"time":"2020-05-11T06:30:25+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"3V6LbskveKSaUWSdDgs8","level":4,"time":"2020-05-11T07:00:03+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"3V6LbskveKSaUWSdDgs8","level":4,"time":"2020-05-11T07:00:03+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"EK6P2yTtHtx7WqHbJ7kf","level":4,"time":"2020-05-11T07:15:22+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"EK6P2yTtHtx7WqHbJ7kf","level":4,"time":"2020-05-11T07:15:22+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"N2n6g17X4R2j5PoYee9Z","level":4,"time":"2020-05-11T07:45:18+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Win.Test.EICAR_HDB-1 File: 4622181Account: USER1 Path: /USER1/files/testvirus.com","userAgent":"--","version":"18.0.4.2"}
nextcloud.log:{"reqId":"N2n6g17X4R2j5PoYee9Z","level":4,"time":"2020-05-11T07:45:18+00:00","remoteAddr":"","user":"--","app":"files_antivirus","method":"","url":"--","message":"Infected file found (during background scan) Eicar-Signature File: 4638250Account: USER2 Path: /USER2/files/New text document.txt","userAgent":"--","version":"18.0.4.2"}
I create a script that evaluate logs and could notify any user: https://github.com/GAS85/nextcloud_scripts/blob/master/nextcloud-av-notification.sh
For NC before 14 this script needs "Admin notifications" App to be enabled.