OS2Forms · jekuaitk · Dec 6, 2024 · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,11 @@ before starting to add changes. Use example [placed in the end of the page](#exa
 
 ## [Unreleased]
 
+- Ensured installation of `os2web_audit`
+  - `os2web_audit` has default logging through `watchdog`
+- Adds audit logging to `os2forms_digital_post`
+- Adds audit logging to `os2forms_nemid`
+
 ## [3.18.0] 2024-12-05
 
 - Added `os2forms_fasit` module.

diff --git a/modules/os2forms_digital_post/os2forms_digital_post.info.yml b/modules/os2forms_digital_post/os2forms_digital_post.info.yml
@@ -9,5 +9,6 @@ dependencies:
   - 'os2web_datalookup:os2web_datalookup'
   - 'webform:webform'
   - 'webform:webform_submission_log'
+  - 'os2web:os2web_audit'
 
 configure: os2forms_digital_post.admin.settings
diff --git a/modules/os2forms_digital_post/os2forms_digital_post.services.yml b/modules/os2forms_digital_post/os2forms_digital_post.services.yml
@@ -37,6 +37,7 @@ services:
       - "@Drupal\\os2forms_digital_post\\Helper\\BeskedfordelerHelper"
       - "@logger.channel.os2forms_digital_post"
       - "@logger.channel.os2forms_digital_post_submission"
+      - "@os2web_audit.logger"
 
   Drupal\os2forms_digital_post\Helper\WebformHelperSF1601:
     arguments:

diff --git a/modules/os2forms_digital_post/src/Helper/DigitalPostHelper.php b/modules/os2forms_digital_post/src/Helper/DigitalPostHelper.php
@@ -5,6 +5,7 @@
 use DigitalPost\MeMo\Message;
 use Drupal\Core\Logger\LoggerChannelInterface;
 use Drupal\os2forms_digital_post\Exception\RuntimeException;
+use Drupal\os2web_audit\Service\Logger;
 use Drupal\os2web_datalookup\LookupResult\CompanyLookupResult;
 use Drupal\os2web_datalookup\LookupResult\CprLookupResult;
 use Drupal\os2web_datalookup\Plugin\DataLookupManager;
@@ -35,6 +36,7 @@ public function __construct(
     private readonly BeskedfordelerHelper $beskedfordelerHelper,
     private readonly LoggerChannelInterface $logger,
     private readonly LoggerChannelInterface $submissionLogger,
+    private readonly Logger $auditLogger,
   ) {
   }
 
@@ -64,13 +66,19 @@ public function sendDigitalPost(string $type, Message $message, ?ForsendelseI $f
     ];
     $service = new SF1601($options);
     $transactionId = Serializer::createUuid();
+
     $response = $service->kombiPostAfsend($transactionId, $type, $message, $forsendelse);
 
     $content = (string) $response->getContent();
     if (NULL !== $submission) {
       $this->beskedfordelerHelper->createMessage($submission->id(), $message, $content);
     }
 
+    // RecipientID should be the same in Message and Forsendelse,
+    // so fetch it from Message as it is always set.
+    $msg = sprintf('Sent digital post of type %s to %s', $type, $message->getMessageHeader()->getRecipient()->getRecipientID());
+    $this->auditLogger->info('DigitalPost', $msg);
+
     return [$response, $service->getLastKombiMeMoMessage()];
   }
 

diff --git a/modules/os2forms_nemid/os2forms_nemid.info.yml b/modules/os2forms_nemid/os2forms_nemid.info.yml
@@ -8,3 +8,4 @@ dependencies:
   - 'drupal:os2forms'
   - 'drupal:os2web_nemlogin'
   - 'os2web_datalookup:os2web_datalookup'
+  - 'os2web:os2web_audit'
diff --git a/modules/os2forms_nemid/os2forms_nemid.services.yml b/modules/os2forms_nemid/os2forms_nemid.services.yml
@@ -6,4 +6,4 @@ services:
       - {name: event_subscriber}
   os2forms_nemid.forms_helper:
     class: Drupal\os2forms_nemid\Service\FormsHelper
-    arguments: ['@os2web_nemlogin.auth_provider', '@plugin.manager.os2web_datalookup', '@current_route_match']
+    arguments: ['@os2web_nemlogin.auth_provider', '@plugin.manager.os2web_datalookup', '@current_route_match', '@os2web_audit.logger']
diff --git a/modules/os2forms_nemid/src/Service/FormsHelper.php b/modules/os2forms_nemid/src/Service/FormsHelper.php
@@ -8,9 +8,11 @@
 use Drupal\os2forms_nemid\Element\NemidCompanyCvrFetchData;
 use Drupal\os2forms_nemid\Element\NemidCompanyPNumber;
 use Drupal\os2forms_nemid\Element\NemidCprFetchData;
+use Drupal\os2web_audit\Service\Logger;
 use Drupal\os2web_datalookup\LookupResult\CompanyLookupResult;
 use Drupal\os2web_datalookup\LookupResult\CprLookupResult;
 use Drupal\os2web_datalookup\Plugin\DataLookupManager;
+use Drupal\os2web_nemlogin\Plugin\AuthProviderInterface;
 use Drupal\os2web_nemlogin\Service\AuthProviderService;
 use Drupal\webform\WebformSubmissionInterface;
 
@@ -70,6 +72,13 @@ class FormsHelper {
    */
   private RouteMatchInterface $routeMatch;
 
+  /**
+   * An audit logger.
+   *
+   * @var \Drupal\os2web_audit\Service\Logger
+   */
+  private Logger $auditLogger;
+
   /**
    * Constructor.
    *
@@ -79,11 +88,19 @@ class FormsHelper {
    *   Datalookup plugin manager.
    * @param \Drupal\Core\Routing\RouteMatchInterface $routeMatch
    *   Route match service.
+   * @param \Drupal\os2web_audit\Service\Logger $auditLogger
+   *   Audit logger.
    */
-  public function __construct(AuthProviderService $authProviderService, DataLookupManager $dataLookPluginManager, RouteMatchInterface $routeMatch) {
+  public function __construct(
+    AuthProviderService $authProviderService,
+    DataLookupManager $dataLookPluginManager,
+    RouteMatchInterface $routeMatch,
+    Logger $auditLogger,
+  ) {
     $this->authProviderService = $authProviderService;
     $this->dataLookManager = $dataLookPluginManager;
     $this->routeMatch = $routeMatch;
+    $this->auditLogger = $auditLogger;
   }
 
   /**
@@ -126,6 +143,14 @@ public function retrieveCprLookupResult(FormStateInterface $form_state) {
       }
     }
 
+    // We need the auth provider for logging purposes.
+    $authProviderPlugin = $this->getAuthProvider($form_state);
+
+    $userCpr = $authProviderPlugin->fetchValue('cpr');
+    $lookedUpCpr = $cprLookupResult->getCpr();
+
+    $this->auditLogger->info('DataLookup', 'User with cpr ' . $userCpr . ' looked at cpr ' . $lookedUpCpr);
+
     return $cprLookupResult;
   }
 
@@ -196,7 +221,7 @@ public function lookupPersonData(FormStateInterface $form_state) {
   /**
    * Retrieves the CompanyLookupResult which is stored in form_state.
    *
-   * If there is no CBVRLookupResult, it is requested and saved for future uses.
+   * If there is no CVRLookupResult, it is requested and saved for future uses.
    *
    * @param \Drupal\Core\Form\FormStateInterface $form_state
    *   Form state.
@@ -408,4 +433,31 @@ public function webformSubmissionPrepareForm(WebformSubmissionInterface $webform
     }
   }
 
+  /**
+   * Get active auth provider plugin.
+   *
+   * @param \Drupal\Core\Form\FormStateInterface $form_state
+   *   Form state.
+   *
+   * @return \Drupal\os2web_nemlogin\Plugin\AuthProviderInterface
+   *   The active auth provider plugin.
+   *
+   * @throws \Drupal\Component\Plugin\Exception\PluginException
+   */
+  private function getAuthProvider(FormStateInterface $form_state): AuthProviderInterface {
+    /** @var \Drupal\webform\WebformSubmissionInterface Interface $webformSubmission */
+    $webformSubmission = $form_state->getFormObject()->getEntity();
+    /** @var \Drupal\webform\WebformInterface $webform */
+    $webform = $webformSubmission->getWebform();
+    $webformNemidSettings = $webform->getThirdPartySetting('os2forms', 'os2forms_nemid');
+
+    // Getting auth plugin ID override.
+    $authPluginId = NULL;
+    if (!empty($webformNemidSettings['session_type'])) {
+      $authPluginId = $webformNemidSettings['session_type'];
+    }
+
+    return ($authPluginId) ? $this->authProviderService->getPluginInstance($authPluginId) : $this->authProviderService->getActivePlugin();
+  }
+
 }
diff --git a/os2forms.install b/os2forms.install
@@ -222,3 +222,12 @@ function _os2form_install_init_area_terms() {
     ])->save();
   }
 }
+
+/**
+ * Implements hook_update_N().
+ *
+ * Enable os2web_audit module.
+ */
+function os2forms_update_103001() {
+  \Drupal::service('module_installer')->install(['os2web_audit']);
+}