mirror of https://github.com/MISP/MISP
Update to the terms and conditions
- use terms file as before if nothing else specified - specify a file in the app/files/terms directory via the server settings tool - specify whether to show it inline or create a download link for users instead - by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms filepull/306/merge
iglocska
parent
6ef27e41f4
commit
15fa296fdb
|
|
@ -22,6 +22,9 @@
|
||||||
!/app/files/scripts/tmp/empty
|
!/app/files/scripts/tmp/empty
|
||||||
/app/tmp/files/*
|
/app/tmp/files/*
|
||||||
!/app/files/empty
|
!/app/files/empty
|
||||||
|
!/app/files/terms
|
||||||
|
/app/files/terms/*
|
||||||
|
!/app/files/terms/empty
|
||||||
/app/webroot/img/logo.png
|
/app/webroot/img/logo.png
|
||||||
/app/Config/bootstrap.php
|
/app/Config/bootstrap.php
|
||||||
/app/Config/database.php
|
/app/Config/database.php
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
{"major":2, "minor":3, "hotfix":16}
|
{"major":2, "minor":3, "hotfix":17}
|
||||||
|
|
@ -701,6 +701,16 @@ class UsersController extends AppController {
|
||||||
$this->set('termsaccepted', $this->Auth->user('termsaccepted'));
|
$this->set('termsaccepted', $this->Auth->user('termsaccepted'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function downloadTerms() {
|
||||||
|
if (!Configure::read('MISP.terms_file')) {
|
||||||
|
$termsFile = APP ."View/Users/terms";
|
||||||
|
} else {
|
||||||
|
$termsFile = APP . 'files' . DS . 'terms' . DS . Configure::read('MISP.terms_file');
|
||||||
|
}
|
||||||
|
$this->response->file($termsFile, array('download' => true, 'name' => Configure::read('MISP.terms_file')));
|
||||||
|
return $this->response;
|
||||||
|
}
|
||||||
|
|
||||||
public function news() {
|
public function news() {
|
||||||
$this->User->id = $this->Auth->user('id');
|
$this->User->id = $this->Auth->user('id');
|
||||||
$this->User->saveField('newsread', date("Y-m-d"));
|
$this->User->saveField('newsread', date("Y-m-d"));
|
||||||
|
|
|
||||||
|
|
@ -357,6 +357,22 @@ class Server extends AppModel {
|
||||||
'test' => 'testBool',
|
'test' => 'testBool',
|
||||||
'type' => 'boolean',
|
'type' => 'boolean',
|
||||||
),
|
),
|
||||||
|
'terms_download' => array(
|
||||||
|
'level' => 2,
|
||||||
|
'description' => 'Choose whether the terms and conditions should be displayed inline (false) or offered as a download (true)',
|
||||||
|
'value' => '',
|
||||||
|
'errorMessage' => '',
|
||||||
|
'test' => 'testBool',
|
||||||
|
'type' => 'boolean'
|
||||||
|
),
|
||||||
|
'terms_file' => array(
|
||||||
|
'level' => 2,
|
||||||
|
'description' => 'The filename of the terms and conditions file. Make sure that the file is located in your MISP/app/files/terms directory',
|
||||||
|
'value' => '',
|
||||||
|
'errorMessage' => '',
|
||||||
|
'test' => 'testForTermsFile',
|
||||||
|
'type' => 'string'
|
||||||
|
),
|
||||||
),
|
),
|
||||||
'GnuPG' => array(
|
'GnuPG' => array(
|
||||||
'branch' => 1,
|
'branch' => 1,
|
||||||
|
|
@ -934,6 +950,21 @@ class Server extends AppModel {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testForTermsFile($value) {
|
||||||
|
return $this->__testForFile($value, APP . 'files' . DS . 'terms');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// never come here directly, always go through a secondary check like testForTermsFile in order to also pass along the expected file path
|
||||||
|
private function __testForFile($value, $path) {
|
||||||
|
if ($this->testForEmpty($value) !== true) return $this->testForEmpty($value);
|
||||||
|
if (!preg_match('/^[\w,\s-]+(\.)?[A-Za-z0-9]+$/', $value)) return 'Invalid filename. Valid filenames can only include characters between a-z, A-Z or 0-9. They can also include - and _ and can optionally have an extension.';
|
||||||
|
$file = $path . DS . $value;
|
||||||
|
if (!file_exists($file)) return 'Could not find the specified file. Make sure that it is uploaded into the following directory: ' . $path;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public function serverSettingsSaveValue($setting, $value) {
|
public function serverSettingsSaveValue($setting, $value) {
|
||||||
Configure::write($setting, $value);
|
Configure::write($setting, $value);
|
||||||
Configure::dump('config.php', 'default', array('MISP', 'GnuPG', 'SecureAuth', 'Security', 'debug'));
|
Configure::dump('config.php', 'default', array('MISP', 'GnuPG', 'SecureAuth', 'Security', 'debug'));
|
||||||
|
|
|
||||||
|
|
@ -1,23 +1,24 @@
|
||||||
<div class="users form">
|
<div class="users form">
|
||||||
<h2>MISP Terms and Conditions</h2>
|
<h2>MISP Terms and Conditions</h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
$embedableExtensions = array('pdf');
|
||||||
|
if (!Configure::read('MISP.terms_file')) {
|
||||||
$termsFile = APP ."View/Users/terms";
|
$termsFile = APP ."View/Users/terms";
|
||||||
|
|
||||||
if (!(file_exists($termsFile))) {
|
|
||||||
echo "<p>Please add your terms and conditions in file $termsFile.</p>";
|
|
||||||
} else {
|
} else {
|
||||||
|
$termsFile = APP . 'files' . DS . 'terms' . DS . Configure::read('MISP.terms_file');
|
||||||
|
}
|
||||||
|
if (!(file_exists($termsFile))) {
|
||||||
|
echo "<p>Terms and Conditions file not found.</p>";
|
||||||
|
} else {
|
||||||
|
if (!Configure::read('MISP.terms_download')) {
|
||||||
$terms = new File($termsFile, false);
|
$terms = new File($termsFile, false);
|
||||||
echo $terms->read(true,'r');
|
echo $terms->read(true,'r');
|
||||||
$terms->close();
|
$terms->close();
|
||||||
}
|
} else {
|
||||||
?>
|
?>
|
||||||
|
<a href="/users/downloadTerms" class="btn btn-primary">Download Terms and Conditions</a>
|
||||||
<?php
|
<?php
|
||||||
if (!$termsaccepted) {
|
}
|
||||||
echo $this->Form->create('User');
|
|
||||||
echo $this->Form->hidden('termsaccepted', array('default' => '1'));
|
|
||||||
echo $this->Form->end(__('Accept Terms', true));
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue