mirror of https://github.com/MISP/MISP
new: [UI] Smarter events lock checking
parent
f74257670b
commit
213aac05a0
|
@ -5396,40 +5396,51 @@ class EventsController extends AppController
|
||||||
return $this->RestResponse->viewData(['deleted' => $deleted], $this->response->type());
|
return $this->RestResponse->viewData(['deleted' => $deleted], $this->response->type());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function checkLocks($id)
|
public function checkLocks($id, $timestamp)
|
||||||
{
|
{
|
||||||
$event = $this->Event->find('first', array(
|
$event = $this->Event->find('first', array(
|
||||||
'recursive' => -1,
|
'recursive' => -1,
|
||||||
'conditions' => array('Event.id' => $id),
|
'conditions' => ['Event.id' => $id],
|
||||||
'fields' => array('Event.orgc_id')
|
'fields' => ['Event.orgc_id', 'Event.timestamp'],
|
||||||
));
|
));
|
||||||
$locks = array();
|
// Return empty response if event not found or user org is not owner
|
||||||
if (!empty($event) && ($event['Event']['orgc_id'] == $this->Auth->user('org_id') || $this->_isSiteAdmin())) {
|
if (empty($event) || ($event['Event']['orgc_id'] != $this->Auth->user('org_id') && !$this->_isSiteAdmin())) {
|
||||||
$this->loadModel('EventLock');
|
return new CakeResponse(['status' => 204]);
|
||||||
$locks = $this->EventLock->checkLock($this->Auth->user(), $id);
|
}
|
||||||
}
|
|
||||||
if (!empty($locks)) {
|
$user = $this->Auth->user();
|
||||||
$temp = $locks;
|
$this->loadModel('EventLock');
|
||||||
$locks = array();
|
$locks = $this->EventLock->checkLock($user, $id);
|
||||||
foreach ($temp as $t) {
|
|
||||||
if ($t['type'] === 'user' && $t['User']['id'] !== $this->Auth->user('id')) {
|
$editors = [];
|
||||||
if (!$this->_isSiteAdmin() && $t['User']['org_id'] != $this->Auth->user('org_id')) {
|
foreach ($locks as $t) {
|
||||||
$locks[] = __('another user');
|
if ($t['type'] === 'user' && $t['User']['id'] !== $user['id']) {
|
||||||
} else {
|
if (!$this->_isSiteAdmin() && $t['User']['org_id'] != $user['org_id']) {
|
||||||
$locks[] = $t['User']['email'];
|
$editors[] = __('another user');
|
||||||
}
|
} else {
|
||||||
} else if ($t['type'] === 'job') {
|
$editors[] = $t['User']['email'];
|
||||||
$locks[] = __('background job');
|
}
|
||||||
} else if ($t['type'] === 'api') {
|
} else if ($t['type'] === 'job') {
|
||||||
$locks[] = __('external tool');
|
$editors[] = __('background job');
|
||||||
}
|
} else if ($t['type'] === 'api') {
|
||||||
}
|
$editors[] = __('external tool');
|
||||||
}
|
}
|
||||||
if (empty($locks)) {
|
}
|
||||||
return $this->RestResponse->viewData('', $this->response->type(), false, true);
|
$editors = array_unique($editors);
|
||||||
|
|
||||||
|
if ($event['Event']['timestamp'] > $timestamp && empty($editors)) {
|
||||||
|
$message = __('<b>Waning<b>: This event view is outdated. Please reload page to see latest changes.');
|
||||||
|
$this->set('class', 'alert');
|
||||||
|
} else if ($event['Event']['timestamp'] > $timestamp) {
|
||||||
|
$message = __('<b>Waning<b>: This event view is outdated, because is currently being edited by: %s. Please reload page to see latest changes.', h(implode(', ', $editors)));
|
||||||
|
$this->set('class', 'alert');
|
||||||
|
} else if (empty($editors)) {
|
||||||
|
return new CakeResponse(['status' => 204]);
|
||||||
|
} else {
|
||||||
|
$message = __('This event is currently being edited by: %s', h(implode(', ', $editors)));
|
||||||
|
$this->set('class', 'alert alert-info');
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = __('Warning: Your view on this event might not be up to date as it is currently being edited by: %s', implode(', ', $locks));
|
|
||||||
$this->set('message', $message);
|
$this->set('message', $message);
|
||||||
$this->layout = false;
|
$this->layout = false;
|
||||||
$this->render('/Events/ajax/event_lock');
|
$this->render('/Events/ajax/event_lock');
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<div id="event_lock_warning" class="alert alert-error">
|
<div id="event_lock_warning" class="<?= $class ?>>">
|
||||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||||
<?php echo h($message); ?>
|
<?= $message ?>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -559,7 +559,7 @@
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
var showContext = false;
|
var showContext = false;
|
||||||
$(function () {
|
$(function () {
|
||||||
queryEventLock('<?php echo h($event['Event']['id']); ?>');
|
queryEventLock('<?= h($event['Event']['id']); ?>', <?= (int)$event['Event']['timestamp'] ?>);
|
||||||
popoverStartup();
|
popoverStartup();
|
||||||
|
|
||||||
$("th, td, dt, div, span, li").tooltip({
|
$("th, td, dt, div, span, li").tooltip({
|
||||||
|
|
|
@ -4807,22 +4807,21 @@ $(document.body).on('click', 'a[data-paginator]', function (e) {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
function queryEventLock(event_id) {
|
function queryEventLock(event_id, timestamp) {
|
||||||
if (!document.hidden) {
|
if (!document.hidden) {
|
||||||
$.ajax({
|
$.ajax({
|
||||||
url: baseurl + "/events/checkLocks/" + event_id,
|
url: baseurl + "/events/checkLocks/" + event_id + "/" + timestamp,
|
||||||
type: "get",
|
|
||||||
success: function(data, statusText, xhr) {
|
success: function(data, statusText, xhr) {
|
||||||
if (xhr.status == 200) {
|
if (xhr.status == 200) {
|
||||||
$('#event_lock_warning').remove();
|
$('#event_lock_warning').remove();
|
||||||
if (data != '') {
|
$('#main-view-container').append(data);
|
||||||
$('#main-view-container').append(data);
|
} else if (xhr.status == 204) {
|
||||||
}
|
$('#event_lock_warning').remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
setTimeout(function() { queryEventLock(event_id); }, 5000);
|
setTimeout(function() { queryEventLock(event_id, timestamp); }, 5000);
|
||||||
}
|
}
|
||||||
|
|
||||||
function checkIfLoggedIn() {
|
function checkIfLoggedIn() {
|
||||||
|
|
Loading…
Reference in New Issue