mirror of https://github.com/MISP/MISP
new: [requestAccess] Made the requestAccess endpoint more API friendly and some UI improvements
- better handling of empty parameters - added the mock functionality to both API and UI, this will generate the e-mail to be sent and return it with no actual sending happening - defaulting to mock if emailing is disabled - fixed some minor bugspull/5084/head
parent
1305d4cb7b
commit
181bda4698
|
@ -76,6 +76,9 @@ class CommunitiesController extends AppController
|
|||
'recursive' => -1,
|
||||
'fields' => array('User.gpgkey')
|
||||
));
|
||||
if (!empty($gpgkey['User']['gpgkey'])) {
|
||||
$gpgkey = $gpgkey['User']['gpgkey'];
|
||||
}
|
||||
if (!$this->request->is('post')) {
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->describe('Communities', 'requestAccess', false, $this->response->type());
|
||||
|
@ -83,7 +86,7 @@ class CommunitiesController extends AppController
|
|||
$this->request->data['Server']['email'] = $this->Auth->user('email');
|
||||
$this->request->data['Server']['org_name'] = $this->Auth->user('Organisation')['name'];
|
||||
$this->request->data['Server']['org_uuid'] = $this->Auth->user('Organisation')['uuid'];
|
||||
$this->request->data['Server']['gpgkey'] = $gpgkey['User']['gpgkey'];
|
||||
$this->request->data['Server']['gpgkey'] = $gpgkey;
|
||||
} else {
|
||||
if (empty($this->request->data['Server'])) {
|
||||
$this->request->data = array('Server' => $this->request->data);
|
||||
|
@ -149,26 +152,36 @@ Thank you in advance!',
|
|||
}
|
||||
$params = array();
|
||||
$params['to'] = $community['email'];
|
||||
$params['reply-to'] = $this->request->data['Server']['email'];
|
||||
$params['requestor_gpgkey'] = $this->request->data['Server']['gpgkey'];
|
||||
$params['reply-to'] = empty($this->request->data['Server']['email']) ? $this->Auth->user('email') : $this->request->data['Server']['email'];
|
||||
$params['requestor_gpgkey'] = empty($this->request->data['Server']['gpgkey']) ? $gpgkey : $this->request->data['Server']['gpgkey'];
|
||||
$params['gpgkey'] = $community['pgp_key'];
|
||||
$params['body'] = $body;
|
||||
$params['subject'] = '[' . $community['name'] . '] Requesting MISP access';
|
||||
$params['mock'] = !empty($this->request->data['Server']['mock']);
|
||||
$result = $this->User->sendEmailExternal($this->Auth->user(), $params);
|
||||
$message = $result ? __('Request sent.') : __('Something went wrong and the request could not be sent.');
|
||||
if ($this->_isRest()) {
|
||||
if ($result) {
|
||||
if ($result === true) {
|
||||
return $this->RestResponse->saveSuccessResponse('Communities', 'requestAccess', $id, false, $message);
|
||||
} elseif ($result) {
|
||||
return $this->RestResponse->viewData($result);
|
||||
} else {
|
||||
return $this->RestResponse->saveFailResponse('Communities', 'requestAccess', false, $message);
|
||||
}
|
||||
} else {
|
||||
if ($result) {
|
||||
if ($result === true) {
|
||||
$this->Flash->success($message);
|
||||
$this->redirect(array('controller' => 'communities', 'action' => 'view', $id));
|
||||
} elseif ($result) {
|
||||
$this->set('result', $result);
|
||||
$this->render('request_access_email');
|
||||
} else {
|
||||
$this->Flash->error($message);
|
||||
$this->redirect(array('controller' => 'communities', 'action' => 'view', $id));
|
||||
}
|
||||
$this->redirect(array('controller' => 'communities', 'action' => 'view', $id));
|
||||
}
|
||||
if (!empty($this->request->data['Server']['mock'])) {
|
||||
$this->set('mock', $this->request->data['Server']['mock']);
|
||||
}
|
||||
}
|
||||
$this->set('community', $community);
|
||||
|
|
|
@ -55,7 +55,7 @@ class RestResponseComponent extends Component
|
|||
'requestAccess' => array(
|
||||
'description' => "POST a request object describing yourself and your organisation to request access to the desired community.",
|
||||
'mandatory' => array(),
|
||||
'optional' => array('org_name', 'org_uuid', 'sync', 'org_description', 'email', 'message', 'anonymise', 'gpgkey'),
|
||||
'optional' => array('org_name', 'org_uuid', 'sync', 'org_description', 'email', 'message', 'anonymise', 'gpgkey', 'mock'),
|
||||
'params' => array('uuid')
|
||||
)
|
||||
),
|
||||
|
@ -996,6 +996,13 @@ class RestResponseComponent extends Component
|
|||
'values' => array(1 => 'True', 0 => 'False' ),
|
||||
'help' => __('Will only return id, timestamp, published and uuid')
|
||||
),
|
||||
'mock' => array(
|
||||
'input' => 'radio',
|
||||
'type' => 'integer',
|
||||
'values' => array(1 => 'True', 0 => 'False' ),
|
||||
'operators' => array('equal'),
|
||||
'help' => __('Mock the query')
|
||||
),
|
||||
'model' => array(
|
||||
'input' => 'select',
|
||||
'type' => 'string',
|
||||
|
|
|
@ -742,19 +742,6 @@ class User extends AppModel
|
|||
public function sendEmailExternal($user, $params)
|
||||
{
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
if (Configure::read('MISP.disable_emailing')) {
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'User',
|
||||
'model_id' => $user['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'email',
|
||||
'title' => 'Email to ' . $user['email'] . ', titled "' . $params['subject'] . '" failed. Reason: Emailing is currently disabled on this instance.',
|
||||
'change' => null,
|
||||
));
|
||||
return true;
|
||||
}
|
||||
$params['body'] = str_replace('\n', PHP_EOL, $params['body']);
|
||||
$Email = new CakeEmail();
|
||||
$recipient = array('User' => array('email' => $params['to']));
|
||||
|
@ -790,6 +777,9 @@ class User extends AppModel
|
|||
}
|
||||
}
|
||||
$Email->attachments($attachments);
|
||||
if (Configure::read('MISP.disable_emailing') || !empty($params['mock'])) {
|
||||
$Email->transport('Debug');
|
||||
}
|
||||
$result = $Email->send($params['body']);
|
||||
$Email->reset();
|
||||
return $result;
|
||||
|
|
|
@ -48,6 +48,11 @@
|
|||
$this->Form->input('anonymise', array(
|
||||
'label' => __('Anonymise information on the server used to issue the request'),
|
||||
'type' => 'checkbox'
|
||||
)) .
|
||||
$this->element('/genericElements/Forms/clear') .
|
||||
$this->Form->input('mock', array(
|
||||
'label' => __('Generate e-mail for later use, but do not send it'),
|
||||
'type' => 'checkbox'
|
||||
))
|
||||
),
|
||||
$this->Form->button('Submit', array(
|
||||
|
|
|
@ -605,6 +605,12 @@
|
|||
|
||||
));
|
||||
}
|
||||
if ($menuItem === 'view_email') {
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'text' => __('Request E-mail'),
|
||||
'element_id' => 'view_email'
|
||||
));
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
|
|
Loading…
Reference in New Issue