mirror of https://github.com/MISP/MISP
Update to the terms and conditions
- use terms file as before if nothing else specified - specify a file in the app/files/terms directory via the server settings tool - specify whether to show it inline or create a download link for users instead - by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms filepull/306/merge
iglocska
parent
6ef27e41f4
commit
15fa296fdb
|
|
@ -22,6 +22,9 @@
|
|||
!/app/files/scripts/tmp/empty
|
||||
/app/tmp/files/*
|
||||
!/app/files/empty
|
||||
!/app/files/terms
|
||||
/app/files/terms/*
|
||||
!/app/files/terms/empty
|
||||
/app/webroot/img/logo.png
|
||||
/app/Config/bootstrap.php
|
||||
/app/Config/database.php
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
{"major":2, "minor":3, "hotfix":16}
|
||||
{"major":2, "minor":3, "hotfix":17}
|
||||
|
|
@ -700,6 +700,16 @@ class UsersController extends AppController {
|
|||
}
|
||||
$this->set('termsaccepted', $this->Auth->user('termsaccepted'));
|
||||
}
|
||||
|
||||
public function downloadTerms() {
|
||||
if (!Configure::read('MISP.terms_file')) {
|
||||
$termsFile = APP ."View/Users/terms";
|
||||
} else {
|
||||
$termsFile = APP . 'files' . DS . 'terms' . DS . Configure::read('MISP.terms_file');
|
||||
}
|
||||
$this->response->file($termsFile, array('download' => true, 'name' => Configure::read('MISP.terms_file')));
|
||||
return $this->response;
|
||||
}
|
||||
|
||||
public function news() {
|
||||
$this->User->id = $this->Auth->user('id');
|
||||
|
|
|
|||
|
|
@ -357,6 +357,22 @@ class Server extends AppModel {
|
|||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
),
|
||||
'terms_download' => array(
|
||||
'level' => 2,
|
||||
'description' => 'Choose whether the terms and conditions should be displayed inline (false) or offered as a download (true)',
|
||||
'value' => '',
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean'
|
||||
),
|
||||
'terms_file' => array(
|
||||
'level' => 2,
|
||||
'description' => 'The filename of the terms and conditions file. Make sure that the file is located in your MISP/app/files/terms directory',
|
||||
'value' => '',
|
||||
'errorMessage' => '',
|
||||
'test' => 'testForTermsFile',
|
||||
'type' => 'string'
|
||||
),
|
||||
),
|
||||
'GnuPG' => array(
|
||||
'branch' => 1,
|
||||
|
|
@ -934,6 +950,21 @@ class Server extends AppModel {
|
|||
return true;
|
||||
}
|
||||
|
||||
public function testForTermsFile($value) {
|
||||
return $this->__testForFile($value, APP . 'files' . DS . 'terms');
|
||||
}
|
||||
|
||||
|
||||
// never come here directly, always go through a secondary check like testForTermsFile in order to also pass along the expected file path
|
||||
private function __testForFile($value, $path) {
|
||||
if ($this->testForEmpty($value) !== true) return $this->testForEmpty($value);
|
||||
if (!preg_match('/^[\w,\s-]+(\.)?[A-Za-z0-9]+$/', $value)) return 'Invalid filename. Valid filenames can only include characters between a-z, A-Z or 0-9. They can also include - and _ and can optionally have an extension.';
|
||||
$file = $path . DS . $value;
|
||||
if (!file_exists($file)) return 'Could not find the specified file. Make sure that it is uploaded into the following directory: ' . $path;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
public function serverSettingsSaveValue($setting, $value) {
|
||||
Configure::write($setting, $value);
|
||||
Configure::dump('config.php', 'default', array('MISP', 'GnuPG', 'SecureAuth', 'Security', 'debug'));
|
||||
|
|
|
|||
|
|
@ -1,24 +1,25 @@
|
|||
<div class="users form">
|
||||
<h2>MISP Terms and Conditions</h2>
|
||||
|
||||
<?php
|
||||
$termsFile = APP ."View/Users/terms";
|
||||
|
||||
if (!(file_exists($termsFile))) {
|
||||
echo "<p>Please add your terms and conditions in file $termsFile.</p>";
|
||||
}else {
|
||||
$terms = new File($termsFile, false);
|
||||
echo $terms->read(true,'r');
|
||||
$terms->close();
|
||||
}
|
||||
?>
|
||||
|
||||
<?php
|
||||
if (!$termsaccepted) {
|
||||
echo $this->Form->create('User');
|
||||
echo $this->Form->hidden('termsaccepted', array('default' => '1'));
|
||||
echo $this->Form->end(__('Accept Terms', true));
|
||||
}
|
||||
$embedableExtensions = array('pdf');
|
||||
if (!Configure::read('MISP.terms_file')) {
|
||||
$termsFile = APP ."View/Users/terms";
|
||||
} else {
|
||||
$termsFile = APP . 'files' . DS . 'terms' . DS . Configure::read('MISP.terms_file');
|
||||
}
|
||||
if (!(file_exists($termsFile))) {
|
||||
echo "<p>Terms and Conditions file not found.</p>";
|
||||
} else {
|
||||
if (!Configure::read('MISP.terms_download')) {
|
||||
$terms = new File($termsFile, false);
|
||||
echo $terms->read(true,'r');
|
||||
$terms->close();
|
||||
} else {
|
||||
?>
|
||||
<a href="/users/downloadTerms" class="btn btn-primary">Download Terms and Conditions</a>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
|
|
|
|||
Loading…
Reference in New Issue