mirror of https://github.com/MISP/MISP
chg: [decaying] Improved ACL integration for the UI
parent
3979c29b61
commit
0866077fc6
|
@ -172,7 +172,7 @@ class DecayingModelController extends AppController
|
||||||
$this->set('mayModify', true);
|
$this->set('mayModify', true);
|
||||||
$restrictedEdition = $this->DecayingModel->isDefaultModel($decayingModel);
|
$restrictedEdition = $this->DecayingModel->isDefaultModel($decayingModel);
|
||||||
if (!$this->_isSiteAdmin() && $decayingModel['DecayingModel']['org_id'] != $this->Auth->user('Organisation')['id']) {
|
if (!$this->_isSiteAdmin() && $decayingModel['DecayingModel']['org_id'] != $this->Auth->user('Organisation')['id']) {
|
||||||
throw new MethodNotAllowedException(__("The model does not belong to your organisation"));
|
throw new UnauthorizedException(__("The model does not belong to your organisation"));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->is('post') || $this->request->is('put')) {
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
|
|
@ -169,6 +169,11 @@ class DecayingModel extends AppModel
|
||||||
return !is_null($decaying_model['DecayingModel']['uuid']);
|
return !is_null($decaying_model['DecayingModel']['uuid']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function isEditableByCurrentUser($user, $decaying_model)
|
||||||
|
{
|
||||||
|
return !$this->isDefaultModel($decaying_model) && $decaying_model['DecayingModel']['org_id'] == $user['org_id'];
|
||||||
|
}
|
||||||
|
|
||||||
public function fetchAllAllowedModels($user, $full=true, $filters=array())
|
public function fetchAllAllowedModels($user, $full=true, $filters=array())
|
||||||
{
|
{
|
||||||
$conditions = array();
|
$conditions = array();
|
||||||
|
@ -194,6 +199,7 @@ class DecayingModel extends AppModel
|
||||||
$decayingModels[$i]['DecayingModel']['attribute_types'] = $decayingModels[$i]['DecayingModel']['attribute_types'] + Hash::extract($decayingModels[$i]['DecayingModelMapping'], '{n}.attribute_type');
|
$decayingModels[$i]['DecayingModel']['attribute_types'] = $decayingModels[$i]['DecayingModel']['attribute_types'] + Hash::extract($decayingModels[$i]['DecayingModelMapping'], '{n}.attribute_type');
|
||||||
unset($decayingModels[$i]['DecayingModelMapping']);
|
unset($decayingModels[$i]['DecayingModelMapping']);
|
||||||
}
|
}
|
||||||
|
$decayingModels[$i]['DecayingModel']['isEditable'] = $this->isEditableByCurrentUser($user, $decayingModels[$i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $decayingModels;
|
return $decayingModels;
|
||||||
|
|
|
@ -171,6 +171,7 @@
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
|
var logged_user_org_id = <?php echo h($me['org_id']); ?>;
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
$('.json-transform').each(function(i) {
|
$('.json-transform').each(function(i) {
|
||||||
var text = $(this).text().trim();
|
var text = $(this).text().trim();
|
||||||
|
|
|
@ -18,10 +18,25 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
$temp = $passedArgsArray;
|
||||||
|
unset($temp['sort']);
|
||||||
|
unset($temp['direction']);
|
||||||
|
$filter_active = count(array_keys($temp)) > 0;
|
||||||
$data = array(
|
$data = array(
|
||||||
'children' => array(
|
'children' => array(
|
||||||
array(
|
array(
|
||||||
'children' => array(
|
'children' => array(
|
||||||
|
array(
|
||||||
|
'title' => __('All Models'),
|
||||||
|
'text' => __('All Models'),
|
||||||
|
'url' => sprintf('%s/%s%s',
|
||||||
|
$baseurl . '/decayingModel/index',
|
||||||
|
isset($passedArgsArray['sort']) ? 'sort:' . $passedArgsArray['sort'] . '/' : '',
|
||||||
|
isset($passedArgsArray['direction']) ? 'direction:' . $passedArgsArray['direction'] . '/' : ''
|
||||||
|
),
|
||||||
|
'class' => 'searchFilterButton',
|
||||||
|
'active' => !$filter_active
|
||||||
|
),
|
||||||
array(
|
array(
|
||||||
'title' => __('My models only'),
|
'title' => __('My models only'),
|
||||||
'text' => __('My Models'),
|
'text' => __('My Models'),
|
||||||
|
|
|
@ -123,6 +123,7 @@
|
||||||
/* CANVAS */
|
/* CANVAS */
|
||||||
_init: function() {
|
_init: function() {
|
||||||
var that = this;
|
var that = this;
|
||||||
|
this.user_org_id = logged_user_org_id;
|
||||||
this.resetMultiplier();
|
this.resetMultiplier();
|
||||||
this.width = $(this.container).width() - this.options.margin.left - this.options.margin.right;
|
this.width = $(this.container).width() - this.options.margin.left - this.options.margin.right;
|
||||||
this.height = 380 - this.options.margin.top - this.options.margin.bottom;
|
this.height = 380 - this.options.margin.top - this.options.margin.bottom;
|
||||||
|
@ -653,7 +654,7 @@
|
||||||
var btn_content_html;
|
var btn_content_html;
|
||||||
var selected_model = d3.select($checkbox.closest('tr')[0]).data()[0];
|
var selected_model = d3.select($checkbox.closest('tr')[0]).data()[0];
|
||||||
if ($checkbox.length > 0) {
|
if ($checkbox.length > 0) {
|
||||||
if (selected_model.DecayingModel.isDefault) {
|
if (!selected_model.DecayingModel.isEditable) {
|
||||||
save_button.data('isedit', 0).data('modelid', 0);
|
save_button.data('isedit', 0).data('modelid', 0);
|
||||||
btn_content_html = '<i class="fa fa-plus"> ' + save_button.data('savetext');
|
btn_content_html = '<i class="fa fa-plus"> ' + save_button.data('savetext');
|
||||||
} else {
|
} else {
|
||||||
|
@ -979,10 +980,12 @@ ModelTable.prototype = {
|
||||||
_gen_td_buttons: function(model) {
|
_gen_td_buttons: function(model) {
|
||||||
var html_button = '<div style="width: max-content">';
|
var html_button = '<div style="width: max-content">';
|
||||||
html_button += '<button class="btn btn-info btn-small decayingLoadBtn" onclick="decayingTool.loadModel(this);"><span class="fa fa-line-chart"> Load model</span></button>';
|
html_button += '<button class="btn btn-info btn-small decayingLoadBtn" onclick="decayingTool.loadModel(this);"><span class="fa fa-line-chart"> Load model</span></button>';
|
||||||
if (model.DecayingModel.enabled) {
|
if (model.DecayingModel.isEditable) {
|
||||||
html_button += '<button class="btn btn-danger btn-small" style="margin-left: 3px;" onclick="decayingTool.disableModel(this, ' + model.DecayingModel.id + ');" title="Disable model"><span class="fa fa-pause"></span></button>'
|
if (model.DecayingModel.enabled) {
|
||||||
} else {
|
html_button += '<button class="btn btn-danger btn-small" style="margin-left: 3px;" onclick="decayingTool.disableModel(this, ' + model.DecayingModel.id + ');" title="Disable model"><span class="fa fa-pause"></span></button>'
|
||||||
html_button += '<button class="btn btn-success btn-small" style="margin-left: 3px;" onclick="decayingTool.enableModel(this, ' + model.DecayingModel.id + ');" title="Enable model"><span class="fa fa-play"></span></button>'
|
} else {
|
||||||
|
html_button += '<button class="btn btn-success btn-small" style="margin-left: 3px;" onclick="decayingTool.enableModel(this, ' + model.DecayingModel.id + ');" title="Enable model"><span class="fa fa-play"></span></button>'
|
||||||
|
}
|
||||||
}
|
}
|
||||||
html_button += '</div>';
|
html_button += '</div>';
|
||||||
return html_button;
|
return html_button;
|
||||||
|
|
Loading…
Reference in New Issue