mirror of https://github.com/MISP/MISP
chg: [acl] Move tags ACL check to one place
Jakub Onderka
parent
9c156e0d7c
commit
3b3eb39e55
|
|
@ -2641,11 +2641,8 @@ class AttributesController extends AppController
|
|||
$tag_id_list = array($tag_id);
|
||||
}
|
||||
|
||||
$conditions = ['Tag.id' => $tag_id_list];
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions['Tag.org_id'] = array(0, $this->Auth->user('org_id'));
|
||||
$conditions['Tag.user_id'] = array(0, $this->Auth->user('id'));
|
||||
}
|
||||
$conditions = $this->Attribute->AttributeTag->Tag->createConditions($this->Auth->user());
|
||||
$conditions['Tag.id'] = $tag_id_list;
|
||||
$tags = $this->Attribute->AttributeTag->Tag->find('list', array(
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['Tag.id', 'Tag.name'],
|
||||
|
|
|
|||
|
|
@ -3754,11 +3754,8 @@ class EventsController extends AppController
|
|||
|
||||
$this->loadModel('Taxonomy');
|
||||
foreach ($tag_id_list as $tag_id) {
|
||||
$conditions = ['Tag.id' => $tag_id];
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions['Tag.org_id'] = array('0', $this->Auth->user('org_id'));
|
||||
$conditions['Tag.user_id'] = array('0', $this->Auth->user('id'));
|
||||
}
|
||||
$conditions = $this->Event->EventTag->Tag->createConditions($this->Auth->user());
|
||||
$conditions['Tag.id'] = $tag_id;
|
||||
$tag = $this->Event->EventTag->Tag->find('first', array(
|
||||
'conditions' => $conditions,
|
||||
'recursive' => -1,
|
||||
|
|
|
|||
|
|
@ -247,11 +247,7 @@ class TagCollectionsController extends AppController
|
|||
}
|
||||
$tag_id = $this->request->data['tag'];
|
||||
}
|
||||
$tagConditions = array();
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$tagConditions['Tag.org_id'] = array('0', $this->Auth->user('org_id'));
|
||||
$tagConditions['Tag.user_id'] = array('0', $this->Auth->user('id'));
|
||||
}
|
||||
$tagConditions = $this->TagCollection->TagCollectionTag->Tag->createConditions($this->Auth->user());
|
||||
if (!is_numeric($tag_id)) {
|
||||
$tag_ids = json_decode($tag_id);
|
||||
$tag_lookups = array();
|
||||
|
|
@ -306,11 +302,8 @@ class TagCollectionsController extends AppController
|
|||
}
|
||||
|
||||
foreach ($tag_id_list as $tag_id) {
|
||||
$tagConditions = ['Tag.id' => $tag_id];
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$tagConditions['Tag.org_id'] = array('0', $this->Auth->user('org_id'));
|
||||
$tagConditions['Tag.user_id'] = array('0', $this->Auth->user('id'));
|
||||
}
|
||||
$tagConditions = $this->TagCollection->TagCollectionTag->Tag->createConditions($this->Auth->user());
|
||||
$tagConditions['Tag.id'] = $tag_id;
|
||||
$tag = $this->TagCollection->TagCollectionTag->Tag->find('first', array(
|
||||
'conditions' => $tagConditions,
|
||||
'recursive' => -1,
|
||||
|
|
|
|||
|
|
@ -507,12 +507,9 @@ class TagsController extends AppController
|
|||
$expanded = $tags;
|
||||
} elseif ($taxonomy_id === 'favourites') {
|
||||
$tags = array();
|
||||
$conditions = array(
|
||||
'FavouriteTag.user_id' => $user['id'],
|
||||
'Tag.org_id' => array(0, $user['org_id']),
|
||||
'Tag.user_id' => array(0, $user['id']),
|
||||
'Tag.hide_tag' => 0,
|
||||
);
|
||||
$conditions = $this->Tag->createConditions($user);
|
||||
$conditions['FavouriteTag.user_id'] = $user['id'];
|
||||
$conditions['Tag.hide_tag'] = 0;
|
||||
if (!$local_tag) {
|
||||
$conditions['Tag.local_only'] = 0;
|
||||
}
|
||||
|
|
@ -527,14 +524,9 @@ class TagsController extends AppController
|
|||
$expanded = $tags;
|
||||
}
|
||||
} elseif ($taxonomy_id === 'all') { // all tags
|
||||
$conditions = [
|
||||
'Tag.is_galaxy' => 0,
|
||||
'Tag.hide_tag' => 0,
|
||||
];
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions['Tag.org_id'] = array(0, $user['org_id']);
|
||||
$conditions['Tag.user_id'] = array(0, $user['id']);
|
||||
}
|
||||
$conditions = $this->Tag->createConditions($user);
|
||||
$conditions['Tag.is_galaxy'] = 0;
|
||||
$conditions['Tag.hide_tag'] = 0;
|
||||
if (!$local_tag) {
|
||||
$conditions['Tag.local_only'] = 0;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -173,11 +173,9 @@ class Tag extends AppModel
|
|||
*/
|
||||
public function lookupTagIdForUser(array $user, $tagName)
|
||||
{
|
||||
$conditions = ['LOWER(Tag.name)' => mb_strtolower($tagName)];
|
||||
if (!$user['Role']['perm_site_admin']) {
|
||||
$conditions['Tag.org_id'] = [0, $user['org_id']];
|
||||
$conditions['Tag.user_id'] = [0, $user['id']];
|
||||
}
|
||||
$conditions = $this->createConditions($user);
|
||||
$conditions['LOWER(Tag.name)'] = mb_strtolower($tagName);
|
||||
|
||||
$tagId = $this->find('first', array(
|
||||
'conditions' => $conditions,
|
||||
'recursive' => -1,
|
||||
|
|
@ -849,4 +847,18 @@ class Tag extends AppModel
|
|||
|
||||
return $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $user
|
||||
* @return array
|
||||
*/
|
||||
public function createConditions(array $user)
|
||||
{
|
||||
$conditions = [];
|
||||
if (!$user['Role']['perm_site_admin']) {
|
||||
$conditions['Tag.org_id'] = [0, $user['org_id']];
|
||||
$conditions['Tag.user_id'] = [0, $user['id']];
|
||||
}
|
||||
return $conditions;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,9 @@
|
|||
|
||||
App::uses('AppModel', 'Model');
|
||||
|
||||
/**
|
||||
* @property TagCollectionTag $TagCollectionTag
|
||||
*/
|
||||
class TagCollection extends AppModel
|
||||
{
|
||||
public $useTable = 'tag_collections';
|
||||
|
|
|
|||
|
|
@ -2,6 +2,9 @@
|
|||
|
||||
App::uses('AppModel', 'Model');
|
||||
|
||||
/**
|
||||
* @property Tag $Tag
|
||||
*/
|
||||
class TagCollectionTag extends AppModel
|
||||
{
|
||||
public $useTable = 'tag_collection_tags';
|
||||
|
|
@ -25,8 +28,4 @@ class TagCollectionTag extends AppModel
|
|||
'className' => 'Tag',
|
||||
)
|
||||
);
|
||||
|
||||
public $validate = array(
|
||||
|
||||
);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue