MISP/app/View/Users/admin_add.ctp

<div class="users form">
<?php echo $this->Form->create('User', array('novalidate'=>true));?>
	<fieldset>
		<legend><?php echo __('Admin Add User'); ?></legend>
	<?php
		echo $this->Form->input('email');
	?>
		<div class="clear"></div>
	<?php
		$password = true;
		if (Configure::read('Plugin.CustomAuth_enable')):
			if (Configure::read('Plugin.CustomAuth_required')):
				$password = false;
			else:
				$userType = Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : 'External authentication';
				echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => $userType . ' user'));
			endif;

	?>
		<div class="clear"></div>
		<div id="externalAuthDiv">
		<?php 
			echo $this->Form->input('external_auth_key', array('type' => 'text'));
		?>
		</div>
	<?php 
		endif;
	?>
	<div class="clear"></div>
	<div id="passwordDivDiv">
		<?php 
			echo $this->Form->input('enable_password', array('type' => 'checkbox', 'label' => 'Set password'));
		?>
		<div id="PasswordDiv">
			<div class="clear"></div>
			<?php 
				echo $this->Form->input('password');
				echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
			?>
		</div>
	</div>
	<div class="clear"></div>
	<?php
		if ($isSiteAdmin) {
			echo $this->Form->input('org_id', array(
					'options' => $orgs,
					'label' => 'Organisation',
					'empty' => 'Choose organisation',
			));
		}
		echo $this->Form->input('role_id', array('label' => 'Role'));
		echo $this->Form->input('authkey', array('value' => $authkey, 'readonly' => 'readonly', 'div' => 'input clear'));
		echo $this->Form->input('nids_sid');
	?>
		<div id = "syncServers" class="hidden">
	<?php 
			echo $this->Form->input('server_id', array('label' => 'Sync user for', 'div' => 'clear', 'options' => $servers));
	?>
		</div>
	<?php 
		echo $this->Form->input('gpgkey', array('label' => 'GPG key', 'div' => 'clear', 'class' => 'input-xxlarge'));
	?>
		<div class="clear"><span onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;">Fetch GPG key</span></div>
	<?php
		if (Configure::read('SMIME.enabled')) echo $this->Form->input('certif_public', array('label' => 'Public certificate (Encryption -- PEM format)', 'div' => 'clear', 'class' => 'input-xxlarge'));
		echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
		echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
	?>
		<div class="clear"></div>
	<?php 
		echo $this->Form->input('disabled', array('label' => 'Disable this user account'));

	?>
	</fieldset>
<?php echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
	echo $this->Form->end();?>
</div>
<?php 
	echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'addUser'));
?>
<script type="text/javascript">
var syncRoles = <?php echo json_encode($syncRoles); ?>;
$(document).ready(function() {
	syncUserSelected();
	$('#UserRoleId').change(function() {
		syncUserSelected();
	});
	checkUserPasswordEnabled();
	checkUserExternalAuth();
	$('#UserEnablePassword').change(function() {
		checkUserPasswordEnabled();
	});
	$('#UserExternalAuthRequired').change(function() {
		checkUserExternalAuth();
	});
});
</script>
Fixes to access rights, some sanitization, etc - Admins cannot manually change anyone's authkey, they need to generate a new one via the reset link - Some pages could be accessed by changing the url - fixed (though needs further testing) - Edited a change in the manual that may have been confusing - Some changes to the way ACL is set up - still needs more work 2013-02-04 17:55:35 +01:00			`<div class="users form">`
Disabled HTML5 validation for Users/admin_add - the new cakephp HTML5 validation forced users to enter a GPG key under all circumstances. Removed. 2013-05-13 15:27:11 +02:00			`<?php echo $this->Form->create('User', array('novalidate'=>true));?>`
Fixes to access rights, some sanitization, etc - Admins cannot manually change anyone's authkey, they need to generate a new one via the reset link - Some pages could be accessed by changing the url - fixed (though needs further testing) - Edited a change in the manual that may have been confusing - Some changes to the way ACL is set up - still needs more work 2013-02-04 17:55:35 +01:00			`<fieldset>`
			`<legend><?php echo __('Admin Add User'); ?></legend>`
			`<?php`
			`echo $this->Form->input('email');`
First implementation of the new auth mechanism 2016-03-15 23:04:20 +01:00			`?>`
			`<div class="clear"></div>`
			`<?php`
			`$password = true;`
			`if (Configure::read('Plugin.CustomAuth_enable')):`
			`if (Configure::read('Plugin.CustomAuth_required')):`
			`$password = false;`
			`else:`
			`$userType = Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : 'External authentication';`
			`echo $this->Form->input('external_auth_required', array('type' => 'checkbox', 'label' => $userType . ' user'));`
			`endif;`

			`?>`
			`<div class="clear"></div>`
			`<div id="externalAuthDiv">`
			`<?php`
			`echo $this->Form->input('external_auth_key', array('type' => 'text'));`
			`?>`
			`</div>`
			`<?php`
			`endif;`
			`?>`
			`<div class="clear"></div>`
			`<div id="passwordDivDiv">`
			`<?php`
			`echo $this->Form->input('enable_password', array('type' => 'checkbox', 'label' => 'Set password'));`
			`?>`
			`<div id="PasswordDiv">`
			`<div class="clear"></div>`
			`<?php`
			`echo $this->Form->input('password');`
			`echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));`
			`?>`
			`</div>`
			`</div>`
			`<div class="clear"></div>`
			`<?php`
First rework of the siteadmin role - ADMIN org removed. - Siteadmins are now identified by the perm_site_admin flag - Siteadmins can now be of any organisation - editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role - Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin - If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created) - Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin. 2013-10-03 11:45:27 +02:00			`if ($isSiteAdmin) {`
Further work on the new version - org checks fixed in a lot of places - fixed the searches to work with the new organisations 2015-04-14 17:51:38 +02:00			`echo $this->Form->input('org_id', array(`
Further progress 2015-03-21 14:27:53 +01:00			`'options' => $orgs,`
			`'label' => 'Organisation',`
			`'empty' => 'Choose organisation',`
			`));`
Subscription to alerts from contact reporter - Users can now choose to subscribe to receive e-mails from the "Contact Reporter" feature. 2013-03-06 11:34:22 +01:00			`}`
First implementation of the new auth mechanism 2016-03-15 23:04:20 +01:00			`echo $this->Form->input('role_id', array('label' => 'Role'));`
			`echo $this->Form->input('authkey', array('value' => $authkey, 'readonly' => 'readonly', 'div' => 'input clear'));`
Fixes to access rights, some sanitization, etc - Admins cannot manually change anyone's authkey, they need to generate a new one via the reset link - Some pages could be accessed by changing the url - fixed (though needs further testing) - Edited a change in the manual that may have been confusing - Some changes to the way ACL is set up - still needs more work 2013-02-04 17:55:35 +01:00			`echo $this->Form->input('nids_sid');`
Further work on the Sharing Groups 2015-08-03 14:12:20 +02:00			`?>`
			`<div id = "syncServers" class="hidden">`
			`<?php`
			`echo $this->Form->input('server_id', array('label' => 'Sync user for', 'div' => 'clear', 'options' => $servers));`
			`?>`
			`</div>`
			`<?php`
GUI changes for the user views 2013-05-31 15:42:53 +02:00			`echo $this->Form->input('gpgkey', array('label' => 'GPG key', 'div' => 'clear', 'class' => 'input-xxlarge'));`
PGP key lookup for lazy MISP instance admins, fixes #492 - Added a button for the add user / edit user views that fetches the entered e-mail addresses pgp key from pgp.mit.edu 2015-05-13 17:01:56 +02:00			`?>`
			`<div class="clear"><span onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;">Fetch GPG key</span></div>`
Add in form the field 'certif_public' 2016-04-04 19:24:58 +02:00			`<?php`
SMIME changes - tied into auto upgrade system - tied into server settings - some cleanup of overly verbose debug - Enforcing enable/disable everywhere - Changed temporary file structure 2016-04-26 16:40:12 +02:00			`if (Configure::read('SMIME.enabled')) echo $this->Form->input('certif_public', array('label' => 'Public certificate (Encryption -- PEM format)', 'div' => 'clear', 'class' => 'input-xxlarge'));`
GUI changes for the user views 2013-05-31 15:42:53 +02:00			`echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));`
			`echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));`
Disable users - users can now be disabled by an admin - disabled users cannot login (via the UI or the API) and will be informed - login attempts by disabled users are logged - also added the expiration field for later use 2015-12-09 23:47:19 +01:00			`?>`
			`<div class="clear"></div>`
			`<?php`
			`echo $this->Form->input('disabled', array('label' => 'Disable this user account'));`
GUI changes for the user views 2013-05-31 15:42:53 +02:00
Fixes to access rights, some sanitization, etc - Admins cannot manually change anyone's authkey, they need to generate a new one via the reset link - Some pages could be accessed by changing the url - fixed (though needs further testing) - Edited a change in the manual that may have been confusing - Some changes to the way ACL is set up - still needs more work 2013-02-04 17:55:35 +01:00			`?>`
			`</fieldset>`
GUI changes for the user views 2013-05-31 15:42:53 +02:00			`<?php echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));`
			`echo $this->Form->end();?>`
			`</div>`
Further work on the UI - reworked almost all of the side menues to be centralised - Some fixes for the IOC export not handling two new-ish types correctly - Some changes to the menues (including a few options that didn't exist before) - rework of the popovers in some forms 2013-10-24 16:41:42 +02:00			`<?php`
			`echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'addUser'));`
Merge branch 'feature/roleChanges' into feature/XML_and_UI Conflicts: app/Controller/UsersController.php app/View/Regexp/admin_add.ctp app/View/Regexp/admin_edit.ctp app/View/Regexp/admin_index.ctp app/View/Roles/admin_add.ctp app/View/Servers/add.ctp app/View/Servers/edit.ctp app/View/Servers/index.ctp app/View/Servers/pull.ctp app/View/Servers/push.ctp 2013-10-25 10:39:18 +02:00			`?>`
Further work on the Sharing Groups 2015-08-03 14:12:20 +02:00			`<script type="text/javascript">`
			`var syncRoles = <?php echo json_encode($syncRoles); ?>;`
			`$(document).ready(function() {`
			`syncUserSelected();`
			`$('#UserRoleId').change(function() {`
			`syncUserSelected();`
			`});`
First implementation of the new auth mechanism 2016-03-15 23:04:20 +01:00			`checkUserPasswordEnabled();`
			`checkUserExternalAuth();`
			`$('#UserEnablePassword').change(function() {`
			`checkUserPasswordEnabled();`
			`});`
			`$('#UserExternalAuthRequired').change(function() {`
			`checkUserExternalAuth();`
			`});`
Further work on the Sharing Groups 2015-08-03 14:12:20 +02:00			`});`
Add in form the field 'certif_public' 2016-04-04 19:24:58 +02:00			`</script>`