MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/app/View/Events/view.ctp

545 lines
21 KiB
Plaintext
Raw Normal View History

DataBase migrate, Audit and Access Control granulation.
2012-06-28 17:24:12 +02:00
<?php
Work on the background job and the proposals - Proposals now get synced on pull - several bug fixes - new startup script for the background workers
2014-01-05 21:30:39 +01:00
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Event']['orgc'] == $me['org']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
$mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
DataBase migrate, Audit and Access Control granulation.
2012-06-28 17:24:12 +02:00
?>
replace Risk with ThreatLevel [skip ci] - Event.risk has been replaced by Event.threat_level_id. all functionality remains the same and users should not see any difference. ENUM() used for Event.risk is vendor specific and requires too many hacks to play nicely with bake. - Added default schema file, SQL dumps should be avoided since they make updating/upgrading a pain. - Removed old unused schemas
2013-11-17 17:54:15 +01:00
<?php
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes
2014-01-06 05:15:47 +01:00
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent', 'mayModify' => $mayModify, 'mayPublish' => $mayPublish));
First revision of the unified menu and XML upload - centalising the side menu for easier maintainability - XML upload of event(s) from the interactive interface
2013-10-24 10:33:34 +02:00
?>
initial import
2011-11-26 10:45:31 +01:00
unified links
2013-06-10 17:57:20 +02:00
<div class="events view">
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
<?php
Mass replace replace of the old CyDefSig name to MISP - fixes #82
2014-02-05 15:01:26 +01:00
if ('true' == Configure::read('MISP.showorg') || $isAdmin) {
Various changes - contributors shown on the event view (list of the organisation logos of users that have contributed through proposals) - these link to the event history containing only entries from their organisation - changes to the activity heatmap - heatmap now dynamically changes the range on the graph based on the obtained values - performance improved - buttons to move back or forward in time on the calendar - Attributes: - warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information - UI improvements across most attribute and shadowattribute input views - Updated cal-heatmap to the newest version
2014-02-05 13:45:18 +01:00
echo $this->element('img', array('id' => $event['Event']['orgc']));
$left = true;
}
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
$title = $event['Event']['info'];
if (strlen($title) > 55) $title = substr($title, 0, 55) . '...';
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
?>
<div class="row-fluid">
<div class="span8">
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
<h2><?php echo nl2br(h($title)); ?></h2>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dl>
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
<dt>Event ID</dt>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dd>
<?php echo h($event['Event']['id']); ?>
&nbsp;
</dd>
<dt>Uuid</dt>
<dd>
<?php echo h($event['Event']['uuid']); ?>
&nbsp;
</dd>
Mass replace replace of the old CyDefSig name to MISP - fixes #82
2014-02-05 15:01:26 +01:00
<?php if ('true' == Configure::read('MISP.showorg') || $isAdmin): ?>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dt>Org</dt>
<dd>
<?php echo h($event['Event']['orgc']); ?>
&nbsp;
</dd>
<?php endif; ?>
<?php if ($isSiteAdmin): ?>
<dt>Owner org</dt>
<dd>
<?php echo h($event['Event']['org']); ?>
&nbsp;
</dd>
<?php endif; ?>
Various changes - contributors shown on the event view (list of the organisation logos of users that have contributed through proposals) - these link to the event history containing only entries from their organisation - changes to the activity heatmap - heatmap now dynamically changes the range on the graph based on the obtained values - performance improved - buttons to move back or forward in time on the calendar - Attributes: - warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information - UI improvements across most attribute and shadowattribute input views - Updated cal-heatmap to the newest version
2014-02-05 13:45:18 +01:00
<dt>Contributors</dt>
<dd>
<?php
foreach($logEntries as $k => $entry) {
Mass replace replace of the old CyDefSig name to MISP - fixes #82
2014-02-05 15:01:26 +01:00
if ('true' == Configure::read('MISP.showorg') || $isAdmin) {
Various changes - contributors shown on the event view (list of the organisation logos of users that have contributed through proposals) - these link to the event history containing only entries from their organisation - changes to the activity heatmap - heatmap now dynamically changes the range on the graph based on the obtained values - performance improved - buttons to move back or forward in time on the calendar - Attributes: - warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information - UI improvements across most attribute and shadowattribute input views - Updated cal-heatmap to the newest version
2014-02-05 13:45:18 +01:00
?>
<a href="/logs/event_index/<?php echo $event['Event']['id'] . '/' . h($entry['Log']['org']);?>" style="margin-right:2px;text-decoration: none;">
<?php
echo $this->element('img', array('id' => $entry['Log']['org'], 'imgSize' => 24, 'imgStyle' => true));
?>
</a>
<?php
}
}
?>
&nbsp;
</dd>
Merge remote-tracking branch 'origin/feature/XML_and_UI' into feature/discussion - Also some improvements to the shadow attributes - some minor UI changes Conflicts: app/Controller/EventsController.php app/View/Elements/global_menu.ctp app/View/Layouts/default.ctp
2013-10-30 10:06:12 +01:00
<?php if (isset($event['User']['email']) && ($isSiteAdmin || ($isAdmin && $me['org'] == $event['Event']['org']))): ?>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dt>Email</dt>
<dd>
<?php echo h($event['User']['email']); ?>
&nbsp;
</dd>
<?php endif; ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
<?php
if (Configure::read('MISP.tagging')): ?>
<dt>Tags</dt>
<dd>
<table>
<tr>
<?php
foreach ($tags as $tag): ?>
<td style="padding-right:0px;">
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
<?php if ($isAclTagger): ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
<a href="/events/index/searchtag:<?php echo $tag['Tag']['id']; ?>" class=tagFirstHalf style="background-color:<?php echo $tag['Tag']['colour'];?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
<?php else: ?>
<a href="/events/index/searchtag:<?php echo $tag['Tag']['id']; ?>" class=tag style="background-color:<?php echo $tag['Tag']['colour'];?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php endif; ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
</td>
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
<?php if ($isAclTagger): ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
<td style="padding-left:0px;padding-right:5px;">
<?php
echo $this->Form->postLink('x', array('action' => 'removeTag', $event['Event']['id'], $tag['Tag']['id']), array('class' => 'tagSecondHalf', 'title' => 'Delete'), ('Are you sure you want to delete this tag?'));
?>
</td>
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
<?php endif; ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
<?php
endforeach;
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
if ($isAclTagger) : ?>
<td id ="addTagTD" style="display:none;">
<?php
echo $this->Form->create('', array('action' => 'addTag', 'style' => 'margin:0px;'));
echo $this->Form->hidden('id', array('value' => $event['Event']['id']));
echo $this->Form->input('tag', array(
'options' => array($allTags),
'value' => 0,
'label' => false,
'style' => array('height:22px;padding:0px;margin-bottom:0px;'),
'onChange' => 'this.form.submit()',
'class' => 'input-large'));
echo $this->Form->end();
?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
</td>
<td>
<button id="addTagButton" class="btn btn-inverse" style="line-height:10px; padding: 4px 4px;">+</button>
Fixes to the tagging - made menu options invisible for non tagging permission users that requires the permission - colour picker added to edit (was only enabled on add)
2014-01-24 09:24:04 +01:00
</td>
Changes to the tagging - tags can now be set correctly for all events - some UI changes to the tags - moved the deletion of all event_tags when a tag gets deleted to beforefilter
2014-02-20 10:07:51 +01:00
<?php else:
if (empty($tags)) echo '&nbsp;';
Various changes - contributors shown on the event view (list of the organisation logos of users that have contributed through proposals) - these link to the event history containing only entries from their organisation - changes to the activity heatmap - heatmap now dynamically changes the range on the graph based on the obtained values - performance improved - buttons to move back or forward in time on the calendar - Attributes: - warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information - UI improvements across most attribute and shadowattribute input views - Updated cal-heatmap to the newest version
2014-02-05 13:45:18 +01:00
endif; ?>
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
</tr>
</table>
</dd>
<?php endif; ?>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dt>Date</dt>
<dd>
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">Threat Level</dt>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dd>
Threat level changes - upgrade script that populates threat level from the old risk field for every event that doesn't have a threat level set. - threat levels in an event (from a sync for example) that are unknown to the local instance now show the numeric value of the threat level
2014-01-21 13:32:24 +01:00
<?php
if ($event['ThreatLevel']['name']) echo h($event['ThreatLevel']['name']);
else echo h($event['Event']['threat_level_id']);
?>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
&nbsp;
</dd>
UI tooltip love
2013-06-06 16:36:28 +02:00
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dd>
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
&nbsp;
</dd>
<dt>Distribution</dt>
Distribution field in event view shortened - now only shows the distribution level name - the description is in the title of the field, hovering over it will show it
2014-03-13 14:52:32 +01:00
<dd <?php if($event['Event']['distribution'] == 0) echo 'class = "privateRedText"';?> title = "<?php echo h($distributionDescriptions[$event['Event']['distribution']]['formdesc'])?>">
<?php
echo h($distributionLevels[$event['Event']['distribution']]);
?>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
</dd>
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
<dt>Description</dt>
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<dd>
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
<dt>Published</dt>
UI tooltip love
2013-06-06 16:36:28 +02:00
<dd style="color: red;">
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<b><?php echo ($event['Event']['published'] == 1 ? 'Yes' : 'No'); ?></b>
&nbsp;
</dd>
</dl>
</div>
Change to the location of the add attribute/attachment buttons. Fixes #49
2013-03-18 15:25:32 +01:00
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
<?php if (!empty($relatedEvents)):?>
<div class="related span4">
<h3>Related Events</h3>
<ul class="inline">
<?php foreach ($relatedEvents as $relatedEvent): ?>
<li>
<div title="<?php echo h($relatedEvent['Event']['info']); ?>">
<?php
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
if ($relatedEvent['Event']['org'] == $me['org']) {
First refactoring of the pivoting
2013-09-05 10:40:53 +02:00
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id'], true, $event['Event']['id']), array('style' => 'color:red;'));
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
} else {
First refactoring of the pivoting
2013-09-05 10:40:53 +02:00
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id'], true, $event['Event']['id']));
Display related events in multiple columns. fixes #113
2013-06-03 14:23:15 +02:00
}
?>
</div></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
<br />
Fix to the xml automation export and various other changes - xml export now correctly exports all attachments if specified as parameter - print view fixes - disclaimer for old IE versions (< 10) and compatibility mode users when viewing the statistics (The heatmap calendar requires 10+)
2014-03-03 12:00:48 +01:00
<div class="toggleButtons">
Merge remote-tracking branch 'origin/feature/XML_and_UI' into feature/discussion - Also some improvements to the shadow attributes - some minor UI changes Conflicts: app/Controller/EventsController.php app/View/Elements/global_menu.ctp app/View/Layouts/default.ctp
2013-10-30 10:06:12 +01:00
<button class="btn btn-inverse toggle-left btn.active qet" id="pivots_active">
<span class="icon-minus icon-white" style="vertical-align:top;"></span>Pivots
</button>
<button class="btn btn-inverse toggle-left qet" style="display:none;" id="pivots_inactive">
<span class="icon-plus icon-white" style="vertical-align:top;"></span>Pivots
</button>
<button class="btn btn-inverse toggle qet" id="attributes_active">
<span class="icon-minus icon-white" style="vertical-align:top;"></span>Attributes
</button>
<button class="btn btn-inverse toggle qet" id="attributes_inactive" style="display:none;">
<span class="icon-plus icon-white" style="vertical-align:top;"></span>Attributes
</button>
<button class="btn btn-inverse toggle-right qet" id="discussions_active">
More changes to the discussion boards - quote / event tags - anonymised e-mail addresses
2013-10-29 13:45:53 +01:00
<span class="icon-minus icon-white" style="vertical-align:top;"></span>Discussion
Merge remote-tracking branch 'origin/feature/XML_and_UI' into feature/discussion - Also some improvements to the shadow attributes - some minor UI changes Conflicts: app/Controller/EventsController.php app/View/Elements/global_menu.ctp app/View/Layouts/default.ctp
2013-10-30 10:06:12 +01:00
</button>
<button class="btn btn-inverse toggle-right qet" id="discussions_inactive" style="display:none;">
More changes to the discussion boards - quote / event tags - anonymised e-mail addresses
2013-10-29 13:45:53 +01:00
<span class="icon-plus icon-white" style="vertical-align:top;"></span>Discussion
</button>
</div>
<br />
Merge remote-tracking branch 'origin/feature/XML_and_UI' into feature/discussion - Also some improvements to the shadow attributes - some minor UI changes Conflicts: app/Controller/EventsController.php app/View/Elements/global_menu.ctp app/View/Layouts/default.ctp
2013-10-30 10:06:12 +01:00
<br />
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
<div id="pivots_div">
First refactoring of the pivoting
2013-09-05 10:40:53 +02:00
<?php if (sizeOf($allPivots) > 1) echo $this->element('pivot'); ?>
Pivot threads and other changes - Users can now see the path they took while jumping from related event to related event - Removed the breadcrumbs - Some UI changes (user menues were not showing the active page, etc)
2013-08-02 11:53:17 +02:00
</div>
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
<div id="attributes_div">
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
<?php
Some UI changes and other minor changes - images updated in user manual - fixed validation issues with named pipe (at the moment it's very loose) - Fixed an issue with shadow attriubutes not showing for events that have no attributes - some minor UI changes to make MISP a bit prettier
2014-03-06 17:21:57 +01:00
if (!empty($event['Attribute']) || !empty($remaining)):?>
UI improvement on private event/attribute
2013-07-12 07:54:58 +02:00
<table class="table table-striped table-condensed">
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
<tr>
Changes to the attributes - attributes in the event view now show the date when they were added / modified - the alert e-mail now shows which attributes are new since the last commit
2014-01-13 11:39:35 +01:00
<th>Date</th>
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
<th>Category</th>
<th>Type</th>
<th>Value</th>
Contextual comments - Attributes now have a comment field
2013-10-30 16:00:46 +01:00
<th>Comment</th>
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
<th>Related Events</th>
minor UI glitch in IOC/IDS naming
2013-07-12 12:47:55 +02:00
<th title="<?php echo $attrDescriptions['signature']['desc'];?>">IDS</th>
Removal of some references to the old private flag
2013-07-11 17:25:47 +02:00
<th title="<?php echo $attrDescriptions['distribution']['desc'];?>">Distribution</th>
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
<th class="actions">Actions</th>
Merge branch 'master' into develop Conflicts: app/Controller/AppController.php app/Controller/AttributesController.php app/Controller/EventsController.php app/Controller/ServersController.php app/Controller/UsersController.php app/Model/Attribute.php app/Model/Event.php app/Model/Server.php app/Model/User.php app/View/Attributes/edit.ctp app/View/Attributes/index.ctp app/View/Elements/actions_menu.ctp app/View/Events/add.ctp app/View/Events/index.ctp app/View/Events/view.ctp app/View/Events/xml/view.ctp app/View/Servers/index.ctp app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
</tr><?php
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
foreach ($categories as $category):
$first = 1;
foreach ($event['Attribute'] as $attribute):
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
$extra = "";
if ($attribute['category'] != $category) continue;
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
if (count($attribute['ShadowAttribute'])) $extra .= 'highlight1';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
Merge branch 'feature/gui' of https://github.com/MISP/MISP into feature/gui Conflicts: app/View/Events/view.ctp
2013-06-03 16:30:32 +02:00
<tr>
Changes to the attributes - attributes in the event view now show the date when they were added / modified - the alert e-mail now shows which attributes are new since the last commit
2014-01-13 11:39:35 +01:00
<td class= "short <?php echo $extra; ?>">
<?php
if (isset($attribute['timestamp'])) echo date('Y-m-d', $attribute['timestamp']);
else echo '&nbsp';
?>
</td>
UI tooltip love
2013-06-06 16:36:28 +02:00
<?php if($first): ?>
<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>">
<?php
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
if ('' == $attribute['category']) echo '(no category)';
UI tooltip love
2013-06-06 16:36:28 +02:00
else echo h($attribute['category']);
?>
</td>
<?php else: ?>
<td class= "short <?php echo $extra; ?>">
&nbsp;
</td>
<?php endif; ?>
<td class="short <?php echo $extra; ?>" title="<?php echo $typeDefinitions[$attribute['type']]['desc'];?>">
<?php echo h($attribute['type']);?>
</td>
Some css changes broke the shadow attributes - should be fixed
2013-07-17 12:04:57 +02:00
<td class="showspaces <?php echo $extra; ?>"><?php $sigDisplay = $attribute['value'];
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
Quick fix to the sanitization - the double sanitization needed a quick fix until the development branch gets merged in the future
2013-05-24 10:29:08 +02:00
$filenameHash = explode('|', nl2br(h($attribute['value'])));
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo h($filepath);
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
echo $this->Html->link($filename, array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($attribute['type'], '|') !== false) {
Double sanitization fixed
2013-03-19 15:13:07 +01:00
$filenameHash = explode('|', $attribute['value']);
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo h($filenameHash[0]);
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $attribute['type']) {
Mass replace replace of the old CyDefSig name to MISP - fixes #82
2014-02-05 15:01:26 +01:00
if (! is_null(Configure::read('MISP.cveurl'))) {
$cveUrl = Configure::read('MISP.cveurl');
Vulnerability url is now configurable (Fix #153). A global configuration CyDefSig.cveurl added to specify the URL where to reference a CVE/NVD number. CyDefSig.cveurl is optional and if not existing fallbacks to the original google.com URL.
2013-08-16 11:09:55 +02:00
} else {
$cveUrl = "http://www.google.com/search?q=";
}
echo $this->Html->link(h($sigDisplay), h($cveUrl) . h($sigDisplay), array('target' => '_blank'));
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
} elseif ('link' == $attribute['type']) {
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
} else {
Changes to export validation, CSV export, Whitelist redesign - CSV export for individual events, all events, search results - Whitelists are now preg_matches instead of simple string matches - whitelist checks are to be applied on almost all exports (implementation in progress) - the exception will be the search result exports, if the (to be implemented) to_ids only checkbox isn't checked
2013-06-26 14:48:25 +02:00
$sigDisplay = str_replace("\r", '', $sigDisplay);
Line breaks not shown in attribute values
2013-10-31 14:33:57 +01:00
echo nl2br(h($sigDisplay));
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
}
Contextual comments - Attributes now have a comment field
2013-10-30 16:00:46 +01:00
?>
</td>
<td class="showspaces bitwider <?php echo $extra; ?>"><?php echo h($attribute['comment']); ?></td>
<td class="shortish <?php echo $extra; ?>">
Merge branch 'master' into develop Conflicts: app/Controller/AppController.php app/Controller/AttributesController.php app/Controller/EventsController.php app/Controller/ServersController.php app/Controller/UsersController.php app/Model/Attribute.php app/Model/Event.php app/Model/Server.php app/Model/User.php app/View/Attributes/edit.ctp app/View/Attributes/index.ctp app/View/Elements/actions_menu.ctp app/View/Events/add.ctp app/View/Events/index.ctp app/View/Events/view.ctp app/View/Events/xml/view.ctp app/View/Servers/index.ctp app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
<?php
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
$first = 0;
Fix to the related attributes - related atributes were flowing into the next field if there were too many to fit the 5% width - hovering over a related attribute caused a misaligned tooltip to appear and block the link itself on IE
2013-09-10 09:13:52 +02:00
?>
<ul class="inline" style="margin:0px;">
replace Risk with ThreatLevel [skip ci] - Event.risk has been replaced by Event.threat_level_id. all functionality remains the same and users should not see any difference. ENUM() used for Event.risk is vendor specific and requires too many hacks to play nicely with bake. - Added default schema file, SQL dumps should be avoided since they make updating/upgrading a pain. - Removed old unused schemas
2013-11-17 17:54:15 +01:00
<?php
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
Fix to the related attributes - related atributes were flowing into the next field if there were too many to fit the 5% width - hovering over a related attribute caused a misaligned tooltip to appear and block the link itself on IE
2013-09-10 09:13:52 +02:00
echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
if ($relatedAttribute['org'] == $me['org']) {
Further work on the pivoting - still has some issues with arranging the height for some branching
2013-09-05 17:00:15 +02:00
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array ('style' => 'color:red;'));
Related events - Implemented on request: related events created by the same organisation are now coloured red
2013-03-19 10:30:32 +01:00
} else {
Further work on the pivoting - still has some issues with arranging the height for some branching
2013-09-05 17:00:15 +02:00
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']));
Related events - Implemented on request: related events created by the same organisation are now coloured red
2013-03-19 10:30:32 +01:00
}
Fix to the related attributes - related atributes were flowing into the next field if there were too many to fit the 5% width - hovering over a related attribute caused a misaligned tooltip to appear and block the link itself on IE
2013-09-10 09:13:52 +02:00
echo "</span></li>";
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
echo ' ';
}
}
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
?>
Fix to the related attributes - related atributes were flowing into the next field if there were too many to fit the 5% width - hovering over a related attribute caused a misaligned tooltip to appear and block the link itself on IE
2013-09-10 09:13:52 +02:00
</ul>
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
</td>
alignment of action buttons
2013-06-03 14:44:31 +02:00
<td class="short <?php echo $extra; ?>"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
<td class="short
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
<?php
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
echo $extra;
if ($attribute['distribution'] == 0) echo 'privateRedText';
?>
">
<?php echo $attribute['distribution'] != 3 ? $distributionLevels[$attribute['distribution']] : 'All';?>
</td>
<td class="short action-links
<?php echo $extra;?>
">
<?php
if ($isSiteAdmin || $mayModify) {
echo $this->Html->link('', array('controller' => 'attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('controller' => 'attributes', 'action' => 'delete', $attribute['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
} else {
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Propose Edit'));
}
CakePHP Coding Standards http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html Eclipse: Window->Preferences General->Editors->Text Editors Displayed tab width: 4 Insert spaces for tabs NOT PHP->Code Style->Formatter Tab policy: Tabs File->Convert Line Delimeters To->Unix [default] http://mark-story.com/posts/view/static-analysis-tools-for-php for instance: phpcs --standard=CakePHP app/Model/ Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
?>
</td>
</tr>
coding standards Coding Standards.
2012-12-18 20:25:12 +01:00
<?php
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
// Create an entry for each shadow attribute right below the attribute that it proposes to edit
// $extra is used for extra style code added to cells that have a highlighting border around them.
$extra = null;
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
$extra = 'highlight2';
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
foreach ($attribute['ShadowAttribute'] as $shadowAttribute): ?>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<tr class="highlight2">
Some minor changes and fix to a vulnerability - fix to the creator of a proposal being able to also accept it - new attributes are now shown in the e-mail denoted by a * when an event is republished - the date of an attribute's creation is shown
2014-01-13 16:38:49 +01:00
<td class= "short <?php echo $extra; ?>">&nbsp</td>
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
<td class="short highlight2" title="
<?php if('' != $shadowAttribute['category']) echo $categoryDefinitions[$shadowAttribute['category']]['desc'];?>
">
<?php
if ($shadowAttribute['category'] != $attribute['category']) echo h($shadowAttribute['category']);
?>
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
</td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2" title="
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
echo $typeDefinitions[$shadowAttribute['type']]['desc'];
?>
">
<?php
if ($shadowAttribute['type'] != $attribute['type']) echo h($shadowAttribute['type']);
?>
</td>
Some css changes broke the shadow attributes - should be fixed
2013-07-17 12:04:57 +02:00
<td class="showspaces highlight2"><?php
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
if ($shadowAttribute['value'] != $attribute['value']) {
$sigDisplay = $shadowAttribute['value'];
if ('attachment' == $shadowAttribute['type'] || 'malware-sample' == $shadowAttribute['type'] ) {
$filenameHash = explode('|', $shadowAttribute['value']);
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo $filepath;
echo $this->Html->link($filename, array('controller' => 'attributes', 'action' => 'download', $shadowAttribute['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $shadowAttribute['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($shadowAttribute['type'], '|') !== false) {
$filenameHash = explode('|', $shadowAttribute['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $shadowAttribute['type']) {
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $shadowAttribute['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
Line breaks not shown in attribute values
2013-10-31 14:33:57 +01:00
echo nl2br(h($sigDisplay));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
}
}
Some css changes broke the shadow attributes - should be fixed
2013-07-17 12:04:57 +02:00
?></td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2">
Work on the background job and the proposals - Proposals now get synced on pull - several bug fixes - new startup script for the background workers
2014-01-05 21:30:39 +01:00
<?php
echo h($shadowAttribute['comment']);
?>
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
</td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2">
Contextual comments - Attributes now have a comment field
2013-10-30 16:00:46 +01:00
</td>
<td class="short highlight2">
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
if ($shadowAttribute['to_ids'] != $attribute['to_ids']) echo $shadowAttribute['to_ids'] ? 'Yes' : 'No';
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
?>
</td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2"></td>
Merge branch 'feature/gui' of https://github.com/MISP/MISP into feature/gui Conflicts: app/View/Events/view.ctp
2013-06-03 16:30:32 +02:00
<td class="short action-links highlight2">
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
File left off from previous commit
2014-01-10 15:11:33 +01:00
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin) {
Accepting / Discarding Proposals changed to POST only - it is not possible to discard / accept a proposal with a GET request anymore
2014-01-16 10:11:44 +01:00
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'accept', $shadowAttribute['id']), array('class' => 'icon-ok', 'title' => 'Accept'), 'Are you sure you want to accept this proposal?');
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
}
File left off from previous commit
2014-01-10 15:11:33 +01:00
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($shadowAttribute['org'] == $me['org'])) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'discard', $shadowAttribute['id']), array('class' => 'icon-trash', 'title' => 'Discard'), 'Are you sure you want to discard this proposal?');
}
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
Some UI changes and reattached the regexp for the admin validation tool - org only events have a redish background in the event index - org only events and attributes have their distribution level marked in red
2013-07-11 16:38:39 +02:00
</td>
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
</tr>
<?php
endforeach;
endforeach;
endforeach;
initial import
2011-11-26 10:45:31 +01:00
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
// As a last step, attributes that have been proposed by users of other organisations to be added to an event are listed at the end
$first = true;
if (isset($remaining)):
foreach ($remaining as $remain):
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
$extra = 'highlight2';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
if ($first) {
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
//$extra .= ' highlightTop';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
$first = false;
}
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
//if ($remain === end($remaining)) $extra .= ' highlightBottom';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<tr class="highlight2">
Changes to the attributes - attributes in the event view now show the date when they were added / modified - the alert e-mail now shows which attributes are new since the last commit
2014-01-13 11:39:35 +01:00
<td class= "short <?php echo $extra; ?>">
<?php
echo '&nbsp';
?>
</td>
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
<td class="highlight2" title="<?php if('' != $remain['category']) echo $categoryDefinitions[$remain['category']]['desc'];?>">
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo h($remain['category']);
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
</td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2" title="
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo $typeDefinitions[$remain['type']]['desc'];
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
">
<?php
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo h($remain['type']);
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
</td>
Minor change with shadowattributes - short was still used on the shadow attribute value field, if the shadow attribute was a proposal to the event itself and not to an attribute
2013-07-17 13:25:28 +02:00
<td class="showspaces highlight2"><?php
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
$sigDisplay = nl2br(h($remain['value']));
if ('attachment' == $remain['type'] || 'malware-sample' == $remain['type'] ) {
$filenameHash = explode('|', $remain['value']);
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo $filepath;
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo $this->Html->link($filename, array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
} else {
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo $this->Html->link($filenameHash[0], array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
} elseif (strpos($remain['type'], '|') !== false) {
$filenameHash = explode('|', $remain['value']);
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
} elseif ('vulnerability' == $remain['type']) {
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
} elseif ('link' == $remain['type']) {
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
Line breaks not shown in attribute values
2013-10-31 14:33:57 +01:00
echo nl2br(h($sigDisplay));
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
}
shows spaces in attribute value. fixes #19
2013-06-19 11:05:34 +02:00
?></td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2">
Work on the background job and the proposals - Proposals now get synced on pull - several bug fixes - new startup script for the background workers
2014-01-05 21:30:39 +01:00
<?php
echo h($remain['comment']);
?>
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
</td>
Contextual comments - Attributes now have a comment field
2013-10-30 16:00:46 +01:00
<td class="short highlight2">
</td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2">
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
Changes to the event view - reworked the way events are loaded and reloaded to check for privileges
2013-06-03 17:23:34 +02:00
echo $remain['to_ids'] ? 'Yes' : 'No';
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?></td>
Update to the shadow attributes - UI changes - changed the relationship between shadowattributes and events to be hasMany
2013-06-03 16:25:43 +02:00
<td class="short highlight2"></td>
Merge branch 'feature/gui' of https://github.com/MISP/MISP into feature/gui Conflicts: app/View/Events/view.ctp
2013-06-03 16:30:32 +02:00
<td class="short action-links highlight2">
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
<?php
File left off from previous commit
2014-01-10 15:11:33 +01:00
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin) {
Accepting / Discarding Proposals changed to POST only - it is not possible to discard / accept a proposal with a GET request anymore
2014-01-16 10:11:44 +01:00
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'accept', $remain['id']), array('class' => 'icon-ok', 'title' => 'Accept'), 'Are you sure you want to accept this proposal?');
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
}
File left off from previous commit
2014-01-10 15:11:33 +01:00
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($remain['org'] == $me['org'])) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'discard', $remain['id']), array('class' => 'icon-trash', 'title' => 'Discard'), 'Are you sure you want to discard this proposal?');
}
Integrated ownership, ACL and minor fixes - Orgs can propose new attributes or changes to existing attributes for events that they do not own - publishing users of the owner organisation can see, accept or discard them - Reworked the access control - minor fixes
2013-04-25 14:04:08 +02:00
?>
</td>
</tr>
<?php
endforeach;
endif;
?>
</table>
<?php
endif; ?>
</div>
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
<div id="discussions_div">
replace Risk with ThreatLevel [skip ci] - Event.risk has been replaced by Event.threat_level_id. all functionality remains the same and users should not see any difference. ENUM() used for Event.risk is vendor specific and requires too many hacks to play nicely with bake. - Added default schema file, SQL dumps should be avoided since they make updating/upgrading a pain. - Removed old unused schemas
2013-11-17 17:54:15 +01:00
<?php
Discussion boards - First fully working version - Create threads or create a thread attached to an event - Add posts to threads / edit them / delete them
2013-08-14 17:46:57 +02:00
echo $this->element('eventdiscussion');
?>
</div>
initial import
2011-11-26 10:45:31 +01:00
</div>
UI tooltip love
2013-06-06 16:36:28 +02:00
<script type="text/javascript">
// tooltips
$(document).ready(function () {
Fix to the related attributes - related atributes were flowing into the next field if there were too many to fit the 5% width - hovering over a related attribute caused a misaligned tooltip to appear and block the link itself on IE
2013-09-10 09:13:52 +02:00
$("th, td, dt, div, span, li").tooltip({
UI tooltip love
2013-06-06 16:36:28 +02:00
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
$('#discussions_active').click(function() {
$('#discussions_div').hide();
$('#discussions_active').hide();
$('#discussions_inactive').show();
});
$('#discussions_inactive').click(function() {
$('#discussions_div').show();
$('#discussions_active').show();
$('#discussions_inactive').hide();
});
$('#attributes_active').click(function() {
$('#attributes_div').hide();
$('#attributes_active').hide();
$('#attributes_inactive').show();
});
$('#attributes_inactive').click(function() {
$('#attributes_div').show();
$('#attributes_active').show();
$('#attributes_inactive').hide();
});
$('#pivots_active').click(function() {
$('#pivots_div').hide();
$('#pivots_active').hide();
$('#pivots_inactive').show();
});
$('#pivots_inactive').click(function() {
$('#pivots_div').show();
$('#pivots_active').show();
$('#pivots_inactive').hide();
});
Tagging system - new special role for tagging - can create tags with a name + colour combination (using a colour picker plugin) - users can assign tags to events - can filter events by tags on the index
2014-01-23 12:25:04 +01:00
$('#addTagButton').click(function() {
$('#addTagTD').show();
$('#addTagButton').hide();
});
UI tooltip love
2013-06-06 16:36:28 +02:00
});
Discussion boards - First fully working version - Create threads or create a thread attached to an event - Add posts to threads / edit them / delete them
2013-08-14 17:46:57 +02:00
Merge branch 'develop' into feature/discussion - Pivots, attributes, discussions hideable Conflicts: app/Controller/EventsController.php app/webroot/css/main.css
2013-09-10 16:51:56 +02:00
UI tooltip love
2013-06-06 16:36:28 +02:00
</script>