Added audit logging to os2forms_nemid

OS2Forms · Dec 6, 2024 · 8ccdb91 · 8ccdb91
1 parent 80d2ebd
commit 8ccdb91
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,7 @@ before starting to add changes. Use example [placed in the end of the page](#exa
 - Ensured installation of `os2web_audit`
   - `os2web_audit` has default logging through `watchdog`
 - Adds audit logging to `os2forms_digital_post`
+- Adds audit logging to `os2forms_nemid`
 
 ## [3.17.0] 2024-11-21
 

diff --git a/modules/os2forms_nemid/os2forms_nemid.info.yml b/modules/os2forms_nemid/os2forms_nemid.info.yml
@@ -8,3 +8,4 @@ dependencies:
   - 'drupal:os2forms'
   - 'drupal:os2web_nemlogin'
   - 'os2web_datalookup:os2web_datalookup'
+  - 'os2web:os2web_audit'
diff --git a/modules/os2forms_nemid/os2forms_nemid.services.yml b/modules/os2forms_nemid/os2forms_nemid.services.yml
@@ -6,4 +6,4 @@ services:
       - {name: event_subscriber}
   os2forms_nemid.forms_helper:
     class: Drupal\os2forms_nemid\Service\FormsHelper
-    arguments: ['@os2web_nemlogin.auth_provider', '@plugin.manager.os2web_datalookup', '@current_route_match']
+    arguments: ['@os2web_nemlogin.auth_provider', '@plugin.manager.os2web_datalookup', '@current_route_match', '@os2web_audit.logger']
diff --git a/modules/os2forms_nemid/src/Service/FormsHelper.php b/modules/os2forms_nemid/src/Service/FormsHelper.php
@@ -8,9 +8,11 @@
 use Drupal\os2forms_nemid\Element\NemidCompanyCvrFetchData;
 use Drupal\os2forms_nemid\Element\NemidCompanyPNumber;
 use Drupal\os2forms_nemid\Element\NemidCprFetchData;
+use Drupal\os2web_audit\Service\Logger;
 use Drupal\os2web_datalookup\LookupResult\CompanyLookupResult;
 use Drupal\os2web_datalookup\LookupResult\CprLookupResult;
 use Drupal\os2web_datalookup\Plugin\DataLookupManager;
+use Drupal\os2web_nemlogin\Plugin\AuthProviderInterface;
 use Drupal\os2web_nemlogin\Service\AuthProviderService;
 use Drupal\webform\WebformSubmissionInterface;
 
@@ -70,6 +72,13 @@ class FormsHelper {
    */
   private RouteMatchInterface $routeMatch;
 
+  /**
+   * An audit logger.
+   *
+   * @var \Drupal\os2web_audit\Service\Logger
+   */
+  private Logger $auditLogger;
+
   /**
    * Constructor.
    *
@@ -79,11 +88,19 @@ class FormsHelper {
    *   Datalookup plugin manager.
    * @param \Drupal\Core\Routing\RouteMatchInterface $routeMatch
    *   Route match service.
+   * @param \Drupal\os2web_audit\Service\Logger $auditLogger
+   *   Audit logger.
    */
-  public function __construct(AuthProviderService $authProviderService, DataLookupManager $dataLookPluginManager, RouteMatchInterface $routeMatch) {
+  public function __construct(
+    AuthProviderService $authProviderService,
+    DataLookupManager $dataLookPluginManager,
+    RouteMatchInterface $routeMatch,
+    Logger $auditLogger,
+  ) {
     $this->authProviderService = $authProviderService;
     $this->dataLookManager = $dataLookPluginManager;
     $this->routeMatch = $routeMatch;
+    $this->auditLogger = $auditLogger;
   }
 
   /**
@@ -126,6 +143,14 @@ public function retrieveCprLookupResult(FormStateInterface $form_state) {
       }
     }
 
+    // We need the auth provider for logging purposes.
+    $authProviderPlugin = $this->getAuthProvider($form_state);
+
+    $userCpr = $authProviderPlugin->fetchValue('cpr');
+    $lookedUpCpr = $cprLookupResult->getCpr();
+
+    $this->auditLogger->info('DataLookup', 'User with cpr ' . $userCpr . ' looked at cpr ' . $lookedUpCpr);
+
     return $cprLookupResult;
   }
 
@@ -196,7 +221,7 @@ public function lookupPersonData(FormStateInterface $form_state) {
   /**
    * Retrieves the CompanyLookupResult which is stored in form_state.
    *
-   * If there is no CBVRLookupResult, it is requested and saved for future uses.
+   * If there is no CVRLookupResult, it is requested and saved for future uses.
    *
    * @param \Drupal\Core\Form\FormStateInterface $form_state
    *   Form state.
@@ -408,4 +433,31 @@ public function webformSubmissionPrepareForm(WebformSubmissionInterface $webform
     }
   }
 
+  /**
+   * Get active auth provider plugin.
+   *
+   * @param \Drupal\Core\Form\FormStateInterface $form_state
+   *   Form state.
+   *
+   * @return \Drupal\os2web_nemlogin\Plugin\AuthProviderInterface
+   *   The active auth provider plugin.
+   *
+   * @throws \Drupal\Component\Plugin\Exception\PluginException
+   */
+  private function getAuthProvider(FormStateInterface $form_state): AuthProviderInterface {
+    /** @var \Drupal\webform\WebformSubmissionInterface Interface $webformSubmission */
+    $webformSubmission = $form_state->getFormObject()->getEntity();
+    /** @var \Drupal\webform\WebformInterface $webform */
+    $webform = $webformSubmission->getWebform();
+    $webformNemidSettings = $webform->getThirdPartySetting('os2forms', 'os2forms_nemid');
+
+    // Getting auth plugin ID override.
+    $authPluginId = NULL;
+    if (!empty($webformNemidSettings['session_type'])) {
+      $authPluginId = $webformNemidSettings['session_type'];
+    }
+
+    return ($authPluginId) ? $this->authProviderService->getPluginInstance($authPluginId) : $this->authProviderService->getActivePlugin();
+  }
+
 }