mirror of https://github.com/MISP/MISP
chg: [sharinggroup:index] Usage of newer UI and a bit of refactoring - WiP
parent
04833c56c5
commit
281a489e1c
|
@ -26,6 +26,26 @@ class SharingGroupsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public $quickFilterFields = [['name' => true], 'uuid', ['releasability' => true], ['description' => true], ['Organisations.name' => true],];
|
||||
public $filterFields = [
|
||||
'name', 'uuid', 'releasability', 'description', 'active', 'created', 'modified', 'SharingGroups.local', 'roaming', ['name' => 'Organisations.name', 'multiple' => true],
|
||||
];
|
||||
public $containFields = [
|
||||
'SharingGroupOrgs' => [
|
||||
'Organisations' => ['fields' => ['name', 'id', 'uuid']]
|
||||
],
|
||||
'Organisations' => [
|
||||
'fields' => ['id', 'name', 'uuid'],
|
||||
],
|
||||
'SharingGroupServers' => [
|
||||
'fields' => ['sharing_group_id', 'all_orgs'],
|
||||
'Servers' => [
|
||||
'fields' => ['name', 'id']
|
||||
]
|
||||
]
|
||||
];
|
||||
public $statisticsFields = ['active', 'roaming'];
|
||||
|
||||
public $paginate = [
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999,
|
||||
|
@ -286,7 +306,7 @@ class SharingGroupsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function index($passive = false)
|
||||
public function indexOld($passive = false)
|
||||
{
|
||||
$passive = $passive === 'true';
|
||||
$authorizedSgIds = $this->SharingGroups->authorizedIds($this->ACL->getUser()->toArray());
|
||||
|
@ -400,6 +420,67 @@ class SharingGroupsController extends AppController
|
|||
$this->set('title_for_layout', __('Sharing Groups'));
|
||||
}
|
||||
|
||||
public function index()
|
||||
{
|
||||
$customContextFilters = [
|
||||
[
|
||||
'label' => __('Active Sharing Groups'),
|
||||
'filterCondition' => ['active' => 0]
|
||||
],
|
||||
[
|
||||
'label' => __('Passive Sharing Groups'),
|
||||
'filterCondition' => ['active' => 1]
|
||||
]
|
||||
];
|
||||
|
||||
$containFields = $this->containFields;
|
||||
$validFilterFields = $this->CRUD->getFilterFieldsName($this->filterFields);
|
||||
if (!$this->__showOrgs()) {
|
||||
$validFilterFields = array_filter($validFilterFields, fn($filter) => $filter != 'Organisations.name' );
|
||||
unset($containFields['SharingGroupOrgs']);
|
||||
unset($containFields['SharingGroupServers']);
|
||||
}
|
||||
|
||||
$conditions = [];
|
||||
// Keep sharing group containing the requested orgs
|
||||
$params = $this->ParamHandler->harvestParams($validFilterFields);
|
||||
if ($this->__showOrgs() && !empty($params['Organisations.name'])) {
|
||||
$sgIDs = $this->SharingGroups->fetchSharingGroupIDsForOrganisations($params['Organisations.name']);
|
||||
if (empty($sgIDs)) {
|
||||
$sgIDs = -1;
|
||||
}
|
||||
$conditions['SharingGroups.id'] = $sgIDs;
|
||||
}
|
||||
|
||||
// Check if the current user can modify or delete the SG
|
||||
$user = $this->ACL->getUser();
|
||||
$afterFindHandler = function ($sg) use ($user) {
|
||||
$sg = $this->SharingGroups->attachSharingGroupEditabilityForUser($sg, $user);
|
||||
return $sg;
|
||||
};
|
||||
|
||||
$this->CRUD->index([
|
||||
'filters' => $this->filterFields,
|
||||
'quickFilters' => $this->quickFilterFields,
|
||||
'conditions' => $conditions,
|
||||
'contextFilters' => [
|
||||
'custom' => $customContextFilters,
|
||||
],
|
||||
'contain' => $containFields,
|
||||
'afterFind' => $afterFindHandler,
|
||||
'statisticsFields' => $this->statisticsFields,
|
||||
]);
|
||||
$responsePayload = $this->CRUD->getResponsePayload();
|
||||
if (!empty($responsePayload)) {
|
||||
return $responsePayload;
|
||||
}
|
||||
}
|
||||
|
||||
public function filtering()
|
||||
{
|
||||
$this->CRUD->filtering();
|
||||
}
|
||||
|
||||
public function view($id)
|
||||
{
|
||||
if ($this->request->is('head')) { // Just check if sharing group exists and user can access it
|
||||
|
@ -681,7 +762,7 @@ class SharingGroupsController extends AppController
|
|||
/**
|
||||
* @return bool
|
||||
*/
|
||||
private function __showOrgs()
|
||||
private function __showOrgs(): bool
|
||||
{
|
||||
return $this->ACL->getUser()->Role->perm_sharing_group || !Configure::read('Security.hide_organisations_in_sharing_groups');
|
||||
}
|
||||
|
|
|
@ -6,6 +6,7 @@ use App\Model\Entity\Log;
|
|||
use App\Model\Entity\SharingGroup;
|
||||
use App\Model\Entity\SharingGroupOrg;
|
||||
use App\Model\Entity\SharingGroupServer;
|
||||
use App\Model\Entity\User;
|
||||
use App\Model\Table\AppTable;
|
||||
use ArrayObject;
|
||||
use Cake\Core\Configure;
|
||||
|
@ -657,6 +658,37 @@ class SharingGroupsTable extends AppTable
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Add the `editable` and `deletable` properties on the passed entity based on the user
|
||||
*
|
||||
* @param SharingGroup $sg
|
||||
* @param User $user
|
||||
* @return SharingGroup
|
||||
*/
|
||||
public function attachSharingGroupEditabilityForUser(SharingGroup $sg, User $user): SharingGroup
|
||||
{
|
||||
$editable = false;
|
||||
$deletable = false;
|
||||
|
||||
$userOrganisationUuid = $user->Organisation->uuid;
|
||||
if ($user->Role->perm_site_admin || ($user->Role->perm_sharing_group && $sg->Organisation->uuid === $userOrganisationUuid)) {
|
||||
$editable = true;
|
||||
$deletable = true;
|
||||
} else if ($user->Role->perm_sharing_group) {
|
||||
if (!empty($sg->SharingGroupOrgs)) {
|
||||
foreach ($sg->SharingGroupOrgs as $sgo) {
|
||||
if ($sgo->extend && $sgo->org_id == $user->org_id) {
|
||||
$editable = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$sg->editable = $editable;
|
||||
$sg->deletable = $deletable;
|
||||
return $sg;
|
||||
}
|
||||
|
||||
/*
|
||||
* Capture a sharing group
|
||||
* Return false if something goes wrong
|
||||
|
@ -1144,4 +1176,37 @@ class SharingGroupsTable extends AppTable
|
|||
]
|
||||
)->toArray();
|
||||
}
|
||||
|
||||
/**
|
||||
* Collect all sharing group IDs having one of the passed organisation name included
|
||||
*
|
||||
* @param array $orgNames
|
||||
* @return array
|
||||
*/
|
||||
public function fetchSharingGroupIDsForOrganisations(array $orgNames): array
|
||||
{
|
||||
$matchingOrgconditions = [];
|
||||
foreach ($orgNames as $org) {
|
||||
$exclude = $org[0] === '!';
|
||||
if ($exclude) {
|
||||
$org = substr($org, 1);
|
||||
}
|
||||
$org = $this->Organisations->fetchOrg($org);
|
||||
if ($org) {
|
||||
if ($exclude) {
|
||||
$matchingOrgconditions['AND'][] = ['org_id !=' => $org['id']];
|
||||
} else {
|
||||
$matchingOrgconditions['OR'][] = ['org_id' => $org['id']];
|
||||
}
|
||||
}
|
||||
}
|
||||
$sgIds = $this->SharingGroupOrgs->find(
|
||||
'column',
|
||||
[
|
||||
'conditions' => $matchingOrgconditions,
|
||||
'fields' => ['SharingGroupOrgs.sharing_group_id'],
|
||||
]
|
||||
)->all()->toList();
|
||||
return $sgIds;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,48 +1,38 @@
|
|||
<div class="sharingGroups<?php if (!$ajax) echo ' index' ?>">
|
||||
<?= $this->element(
|
||||
'/genericElements/IndexTable/index_table',
|
||||
[
|
||||
'data' => [
|
||||
'title' => __('Sharing Groups'),
|
||||
'data' => $sharingGroups,
|
||||
'top_bar' => $ajax ? [] : [
|
||||
'data' => $data,
|
||||
'top_bar' => [
|
||||
'children' => [
|
||||
[
|
||||
'type' => 'simple',
|
||||
'children' => [
|
||||
[
|
||||
'text' => __('Add'),
|
||||
'fa-icon' => 'plus',
|
||||
'url' => '/sharing-groups/add',
|
||||
'requirement' => $this->Acl->checkAccess('sharingGroups', 'add'),
|
||||
'data' => [
|
||||
'type' => 'simple',
|
||||
'text' => __('Add sharing'),
|
||||
'popover_url' => '/sharing-groups/add',
|
||||
'button' => [
|
||||
'icon' => 'plus',
|
||||
]
|
||||
]
|
||||
]
|
||||
],
|
||||
[
|
||||
'type' => 'simple',
|
||||
'children' => [
|
||||
[
|
||||
'url' => '/sharing-groups/index',
|
||||
'text' => __('Active Sharing Groups'),
|
||||
'active' => !$passive,
|
||||
],
|
||||
[
|
||||
'url' => '/sharing-groups/index/true',
|
||||
'text' => __('Passive Sharing Groups'),
|
||||
'active' => $passive,
|
||||
]
|
||||
]
|
||||
'type' => 'context_filters',
|
||||
],
|
||||
[
|
||||
'type' => 'search',
|
||||
'button' => __('Filter'),
|
||||
'button' => __('Search'),
|
||||
'placeholder' => __('Enter value to search'),
|
||||
'data' => '',
|
||||
'searchKey' => 'value',
|
||||
'cancel' => [
|
||||
'fa-icon' => 'times',
|
||||
'title' => __('Remove filters'),
|
||||
'onClick' => 'cancelSearch',
|
||||
]
|
||||
'allowFilering' => true
|
||||
],
|
||||
[
|
||||
'type' => 'table_action',
|
||||
'table_setting_id' => 'sharinggroup_index',
|
||||
]
|
||||
]
|
||||
],
|
||||
|
@ -96,7 +86,7 @@
|
|||
if (!empty($sge['Organisation'])) {
|
||||
$combined .= "<br><a href='/organisation/view/" . h($sge['Organisation']['id']) . "'>" . h($sge['Organisation']['name']) . "</a>";
|
||||
if ($sge['extend']) {
|
||||
$combined .= ' (can extend)';
|
||||
$combined .= __(' (can extend)');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -109,12 +99,12 @@
|
|||
if ($sgs['server_id'] != 0) {
|
||||
$combined .= "<br><a href='/server/view/" . h($sgs['Server']['id']) . "'>" . h($sgs['Server']['name']) . "</a>";
|
||||
} else {
|
||||
$combined .= "<br>This instance";
|
||||
$combined .= "<br>" . __("This instance");
|
||||
}
|
||||
if ($sgs['all_orgs']) {
|
||||
$combined .= ' (all organisations)';
|
||||
$combined .= __(' (all organisations)');
|
||||
} else {
|
||||
$combined .= ' (as defined above)';
|
||||
$combined .= __(' (as defined above)');
|
||||
}
|
||||
}
|
||||
} ?>
|
||||
|
@ -163,12 +153,7 @@
|
|||
]
|
||||
);
|
||||
?>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
$(function(){
|
||||
popoverStartup();
|
||||
});
|
||||
</script>
|
||||
|
||||
<?php
|
||||
// TODO: [3.x-MIGRATION]
|
||||
// if (!$ajax) {
|
||||
|
|
Loading…
Reference in New Issue