2020-10-20 01:48:04 +02:00
|
|
|
<?php
|
|
|
|
|
App::uses('AppController', 'Controller');
|
|
|
|
|
|
2020-11-28 16:46:00 +01:00
|
|
|
/**
|
|
|
|
|
* @property AuthKey $AuthKey
|
|
|
|
|
*/
|
2020-10-20 01:48:04 +02:00
|
|
|
class AuthKeysController extends AppController
|
|
|
|
|
{
|
|
|
|
|
public $components = array(
|
|
|
|
|
'Security',
|
|
|
|
|
'CRUD',
|
|
|
|
|
'RequestHandler'
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
public $paginate = array(
|
2020-11-29 20:13:41 +01:00
|
|
|
'limit' => 60,
|
|
|
|
|
'order' => array(
|
|
|
|
|
'AuthKey.name' => 'ASC',
|
|
|
|
|
)
|
2020-10-20 01:48:04 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
public function index($id = false)
|
|
|
|
|
{
|
2020-11-15 14:51:41 +01:00
|
|
|
$conditions = $this->__prepareConditions();
|
2020-10-20 01:48:04 +02:00
|
|
|
if ($id !== false) {
|
2020-11-13 12:48:27 +01:00
|
|
|
$this->set('user_id', $id);
|
2020-10-20 01:48:04 +02:00
|
|
|
$conditions['AND'][] = ['AuthKey.user_id' => $id];
|
|
|
|
|
}
|
|
|
|
|
$this->CRUD->index([
|
|
|
|
|
'filters' => ['User.username', 'authkey', 'comment', 'User.id'],
|
|
|
|
|
'quickFilters' => ['authkey', 'comment'],
|
2020-11-28 16:46:00 +01:00
|
|
|
'contain' => ['User.id', 'User.email'],
|
2020-11-15 14:51:41 +01:00
|
|
|
'conditions' => $conditions,
|
2020-11-29 20:13:41 +01:00
|
|
|
'afterFind' => function (array $authKeys) {
|
2020-11-28 16:46:00 +01:00
|
|
|
$keyUsageEnabled = Configure::read('MISP.log_user_ips') && Configure::read('MISP.log_user_ips_auth');
|
2020-11-29 20:13:41 +01:00
|
|
|
foreach ($authKeys as &$authKey) {
|
2020-11-28 16:46:00 +01:00
|
|
|
if ($keyUsageEnabled) {
|
|
|
|
|
$lastUsed = $this->AuthKey->getKeyUsage($authKey['AuthKey']['id'])[1];
|
|
|
|
|
$key['AuthKey']['last_used'] = $lastUsed ? $lastUsed->format('c') : null;
|
|
|
|
|
}
|
2020-11-29 20:13:41 +01:00
|
|
|
unset($authKey['AuthKey']['authkey']);
|
|
|
|
|
}
|
|
|
|
|
return $authKeys;
|
|
|
|
|
}
|
2020-10-20 01:48:04 +02:00
|
|
|
]);
|
|
|
|
|
if ($this->IndexFilter->isRest()) {
|
|
|
|
|
return $this->restResponsePayload;
|
|
|
|
|
}
|
2020-11-11 10:46:38 +01:00
|
|
|
$this->set('metaGroup', $this->_isAdmin ? 'admin' : 'globalActions');
|
2020-10-20 01:48:04 +02:00
|
|
|
$this->set('metaAction', 'authkeys_index');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function delete($id)
|
|
|
|
|
{
|
2020-11-15 14:51:41 +01:00
|
|
|
$this->CRUD->delete($id, [
|
|
|
|
|
'conditions' => $this->__prepareConditions(),
|
|
|
|
|
'contain' => ['User'],
|
|
|
|
|
]);
|
2020-10-20 01:48:04 +02:00
|
|
|
if ($this->IndexFilter->isRest()) {
|
|
|
|
|
return $this->restResponsePayload;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function edit($id)
|
|
|
|
|
{
|
|
|
|
|
$this->set('metaGroup', 'admin');
|
|
|
|
|
$this->set('metaAction', 'authkeys_edit');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function add($user_id = false)
|
|
|
|
|
{
|
|
|
|
|
$this->set('menuData', array('menuList' => $this->_isSiteAdmin() ? 'admin' : 'globalActions', 'menuItem' => 'authKeyAdd'));
|
|
|
|
|
$params = [
|
|
|
|
|
'displayOnSuccess' => 'authkey_display',
|
|
|
|
|
'saveModelVariable' => ['authkey_raw']
|
|
|
|
|
];
|
|
|
|
|
$selectConditions = [];
|
|
|
|
|
if (!$this->_isSiteAdmin()) {
|
|
|
|
|
$selectConditions['AND'][] = ['User.id' => $this->Auth->user('id')];
|
|
|
|
|
$params['override'] = ['user_id' => $this->Auth->user('id')];
|
2020-11-13 12:48:27 +01:00
|
|
|
} else if ($user_id) {
|
|
|
|
|
$selectConditions['AND'][] = ['User.id' => $user_id];
|
|
|
|
|
$params['override'] = ['user_id' => $user_id];
|
2020-10-20 01:48:04 +02:00
|
|
|
}
|
|
|
|
|
$this->CRUD->add($params);
|
|
|
|
|
if ($this->IndexFilter->isRest()) {
|
|
|
|
|
return $this->restResponsePayload;
|
|
|
|
|
}
|
|
|
|
|
$this->loadModel('User');
|
|
|
|
|
$dropdownData = [
|
|
|
|
|
'user' => $this->User->find('list', [
|
|
|
|
|
'sort' => ['username' => 'asc'],
|
|
|
|
|
'conditions' => $selectConditions
|
|
|
|
|
])
|
|
|
|
|
];
|
|
|
|
|
$this->set(compact('dropdownData'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function view($id = false)
|
|
|
|
|
{
|
2020-11-15 14:51:41 +01:00
|
|
|
$this->CRUD->view($id, [
|
|
|
|
|
'contain' => ['User.id', 'User.email'],
|
|
|
|
|
'conditions' => $this->__prepareConditions(),
|
2020-11-29 20:13:41 +01:00
|
|
|
'afterFind' => function (array $authKey) {
|
|
|
|
|
unset($authKey['AuthKey']['authkey']);
|
|
|
|
|
return $authKey;
|
|
|
|
|
}
|
2020-11-15 14:51:41 +01:00
|
|
|
]);
|
2020-10-20 01:48:04 +02:00
|
|
|
if ($this->IndexFilter->isRest()) {
|
|
|
|
|
return $this->restResponsePayload;
|
|
|
|
|
}
|
2020-11-28 16:46:00 +01:00
|
|
|
|
|
|
|
|
if (Configure::read('MISP.log_user_ips') && Configure::read('MISP.log_user_ips_auth')) {
|
|
|
|
|
list($keyUsage, $lastUsed) = $this->AuthKey->getKeyUsage($id);
|
|
|
|
|
$this->set('keyUsage', $keyUsage);
|
|
|
|
|
$this->set('lastUsed', $lastUsed);
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-29 20:13:41 +01:00
|
|
|
$this->set('menuData', [
|
|
|
|
|
'menuList' => $this->_isSiteAdmin() ? 'admin' : 'globalActions',
|
|
|
|
|
'menuItem' => 'authKeyView',
|
|
|
|
|
]);
|
2020-10-20 01:48:04 +02:00
|
|
|
}
|
2020-11-15 14:51:41 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return conditions according to current user permission.
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
private function __prepareConditions()
|
|
|
|
|
{
|
|
|
|
|
$user = $this->Auth->user();
|
|
|
|
|
if ($user['Role']['perm_site_admin']) {
|
|
|
|
|
$conditions = []; // site admin can see all keys
|
|
|
|
|
} else if ($user['Role']['perm_admin']) {
|
|
|
|
|
$conditions['AND'][]['User.org_id'] = $user['org_id']; // org admin can see his/her user org auth keys
|
|
|
|
|
} else {
|
|
|
|
|
$conditions['AND'][]['User.id'] = $user['id'];
|
|
|
|
|
}
|
|
|
|
|
return $conditions;
|
|
|
|
|
}
|
2020-10-20 01:48:04 +02:00
|
|
|
}
|
