mirror of https://github.com/MISP/MISP
chg: [decaying] Improved ACL integration for the UI
parent
3979c29b61
commit
0866077fc6
|
@ -172,7 +172,7 @@ class DecayingModelController extends AppController
|
|||
$this->set('mayModify', true);
|
||||
$restrictedEdition = $this->DecayingModel->isDefaultModel($decayingModel);
|
||||
if (!$this->_isSiteAdmin() && $decayingModel['DecayingModel']['org_id'] != $this->Auth->user('Organisation')['id']) {
|
||||
throw new MethodNotAllowedException(__("The model does not belong to your organisation"));
|
||||
throw new UnauthorizedException(__("The model does not belong to your organisation"));
|
||||
}
|
||||
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
|
|
|
@ -169,6 +169,11 @@ class DecayingModel extends AppModel
|
|||
return !is_null($decaying_model['DecayingModel']['uuid']);
|
||||
}
|
||||
|
||||
public function isEditableByCurrentUser($user, $decaying_model)
|
||||
{
|
||||
return !$this->isDefaultModel($decaying_model) && $decaying_model['DecayingModel']['org_id'] == $user['org_id'];
|
||||
}
|
||||
|
||||
public function fetchAllAllowedModels($user, $full=true, $filters=array())
|
||||
{
|
||||
$conditions = array();
|
||||
|
@ -194,6 +199,7 @@ class DecayingModel extends AppModel
|
|||
$decayingModels[$i]['DecayingModel']['attribute_types'] = $decayingModels[$i]['DecayingModel']['attribute_types'] + Hash::extract($decayingModels[$i]['DecayingModelMapping'], '{n}.attribute_type');
|
||||
unset($decayingModels[$i]['DecayingModelMapping']);
|
||||
}
|
||||
$decayingModels[$i]['DecayingModel']['isEditable'] = $this->isEditableByCurrentUser($user, $decayingModels[$i]);
|
||||
}
|
||||
|
||||
return $decayingModels;
|
||||
|
|
|
@ -171,6 +171,7 @@
|
|||
?>
|
||||
|
||||
<script>
|
||||
var logged_user_org_id = <?php echo h($me['org_id']); ?>;
|
||||
$(document).ready(function() {
|
||||
$('.json-transform').each(function(i) {
|
||||
var text = $(this).text().trim();
|
||||
|
|
|
@ -18,10 +18,25 @@
|
|||
</div>
|
||||
|
||||
<?php
|
||||
$temp = $passedArgsArray;
|
||||
unset($temp['sort']);
|
||||
unset($temp['direction']);
|
||||
$filter_active = count(array_keys($temp)) > 0;
|
||||
$data = array(
|
||||
'children' => array(
|
||||
array(
|
||||
'children' => array(
|
||||
array(
|
||||
'title' => __('All Models'),
|
||||
'text' => __('All Models'),
|
||||
'url' => sprintf('%s/%s%s',
|
||||
$baseurl . '/decayingModel/index',
|
||||
isset($passedArgsArray['sort']) ? 'sort:' . $passedArgsArray['sort'] . '/' : '',
|
||||
isset($passedArgsArray['direction']) ? 'direction:' . $passedArgsArray['direction'] . '/' : ''
|
||||
),
|
||||
'class' => 'searchFilterButton',
|
||||
'active' => !$filter_active
|
||||
),
|
||||
array(
|
||||
'title' => __('My models only'),
|
||||
'text' => __('My Models'),
|
||||
|
|
|
@ -123,6 +123,7 @@
|
|||
/* CANVAS */
|
||||
_init: function() {
|
||||
var that = this;
|
||||
this.user_org_id = logged_user_org_id;
|
||||
this.resetMultiplier();
|
||||
this.width = $(this.container).width() - this.options.margin.left - this.options.margin.right;
|
||||
this.height = 380 - this.options.margin.top - this.options.margin.bottom;
|
||||
|
@ -653,7 +654,7 @@
|
|||
var btn_content_html;
|
||||
var selected_model = d3.select($checkbox.closest('tr')[0]).data()[0];
|
||||
if ($checkbox.length > 0) {
|
||||
if (selected_model.DecayingModel.isDefault) {
|
||||
if (!selected_model.DecayingModel.isEditable) {
|
||||
save_button.data('isedit', 0).data('modelid', 0);
|
||||
btn_content_html = '<i class="fa fa-plus"> ' + save_button.data('savetext');
|
||||
} else {
|
||||
|
@ -979,11 +980,13 @@ ModelTable.prototype = {
|
|||
_gen_td_buttons: function(model) {
|
||||
var html_button = '<div style="width: max-content">';
|
||||
html_button += '<button class="btn btn-info btn-small decayingLoadBtn" onclick="decayingTool.loadModel(this);"><span class="fa fa-line-chart"> Load model</span></button>';
|
||||
if (model.DecayingModel.isEditable) {
|
||||
if (model.DecayingModel.enabled) {
|
||||
html_button += '<button class="btn btn-danger btn-small" style="margin-left: 3px;" onclick="decayingTool.disableModel(this, ' + model.DecayingModel.id + ');" title="Disable model"><span class="fa fa-pause"></span></button>'
|
||||
} else {
|
||||
html_button += '<button class="btn btn-success btn-small" style="margin-left: 3px;" onclick="decayingTool.enableModel(this, ' + model.DecayingModel.id + ');" title="Enable model"><span class="fa fa-play"></span></button>'
|
||||
}
|
||||
}
|
||||
html_button += '</div>';
|
||||
return html_button;
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue