mirror of https://github.com/MISP/MISP
Anonymising the e-mail addresses in discussions
- The email addresses were shown on the event view even if the post was made by a user of another org - fixedpull/224/head
parent
73159dd4e5
commit
09f2e5a0bc
|
@ -123,6 +123,8 @@ drop procedure AddColumnUnlessExists;
|
|||
UPDATE `regexp` SET `type` = 'ALL';
|
||||
|
||||
UPDATE `roles` SET `perm_site_admin` = 1 WHERE `id` = 1;
|
||||
UPDATE `roles` SET `perm_tagger` = 1 WHERE `id` = 1;
|
||||
UPDATE `roles` SET `perm_regexp_access` = 1 WHERE `id` = 1;
|
||||
|
||||
INSERT IGNORE INTO `threat_levels` (`id`, `name`, `description`, `form_description`)
|
||||
VALUES
|
||||
|
|
|
@ -323,6 +323,13 @@ class EventsController extends AppController {
|
|||
'contain' => 'User'
|
||||
);
|
||||
$posts = $this->paginate('Post');
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
foreach ($posts as &$post) {
|
||||
if ($post['User']['org'] != $this->Auth->user('org')) {
|
||||
$post['User']['email'] = 'User ' . $post['User']['id'] . ' (' . $post['User']['org'] . ')';
|
||||
}
|
||||
}
|
||||
}
|
||||
// Show the discussion
|
||||
$this->set('posts', $posts);
|
||||
$this->set('thread_id', $thread['Thread']['id']);
|
||||
|
|
Loading…
Reference in New Issue