mirror of https://github.com/MISP/MISP
UI changes to event add/edit and change to events controller
- updated the UI for the event add and edit views - change to the privileges when editing events - siteadmins could not edit events of other orgs.pull/217/head
Andras
parent
b68994d11f
commit
3d7355cf14
|
|
@ -436,18 +436,12 @@ class EventsController extends AppController {
|
|||
}
|
||||
$this->Event->read(null, $id);
|
||||
// check for if private and user not authorised to edit, go away
|
||||
if (!$this->_isSiteAdmin() && !$this->checkAction('perm_sync') && $this->Event->data['Event']['distribution'] == 'Your organization only') {
|
||||
if (!$this->_isSiteAdmin() && !$this->checkAction('perm_sync')) {
|
||||
if (($this->Event->data['Event']['org'] != $this->_checkOrg()) || !($this->checkAction('perm_modify'))) {
|
||||
$this->Session->setFlash(__('You are not authorised to do that.'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
}
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
if ($this->Event->data['Event']['org'] != $this->_checkOrg()) {
|
||||
$this->Session->setFlash(__('Invalid event.'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
}
|
||||
}
|
||||
|
||||
// check if the user is of the creating org, if not, don't let him/her change the distribution.
|
||||
$canEditDist = false;
|
||||
|
|
|
|||
|
|
@ -11,16 +11,16 @@
|
|||
echo $this->Form->input('distribution', array(
|
||||
'label' => 'Distribution',
|
||||
'selected' => 'All communities',
|
||||
'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv'))
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
|
||||
));
|
||||
}
|
||||
echo $this->Form->input('risk', array(
|
||||
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
|
||||
'div' => 'input clear'
|
||||
));
|
||||
echo $this->Form->input('analysis', array(
|
||||
'options' => array($analysisLevels),
|
||||
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
|
||||
));
|
||||
echo $this->Form->input('info', array(
|
||||
'div' => 'clear',
|
||||
|
|
@ -29,14 +29,9 @@
|
|||
echo $this->Form->input('Event.submittedgfi', array(
|
||||
'label' => '<b>GFI sandbox</b>',
|
||||
'type' => 'file',
|
||||
'before' => $this->Html->div('forminfo', isset($eventDescriptions['submittedgfi']['formdesc']) ? $eventDescriptions['submittedgfi']['formdesc'] : $eventDescriptions['submittedgfi']['desc']),
|
||||
// 'between' => $this->Html->div('forminfo', isset($eventDescriptions['submittedgfi']['formdesc']) ? $eventDescriptions['submittedgfi']['formdesc'] : $eventDescriptions['submittedgfi']['desc']),
|
||||
'div' => 'clear'
|
||||
));
|
||||
echo $this->Form->input('Event.submittedioc', array(
|
||||
'label' => '<b>OpenIOC</b>',
|
||||
'type' => 'file',
|
||||
'before' => $this->Html->div('forminfo', isset($eventDescriptions['submittedioc']['formdesc']) ? $eventDescriptions['submittedioc']['formdesc'] : $eventDescriptions['submittedioc']['desc']),
|
||||
));
|
||||
// link an onchange event to the form elements
|
||||
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
|
||||
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
|
||||
|
|
|
|||
|
|
@ -3,22 +3,32 @@
|
|||
<fieldset>
|
||||
<legend><?php echo __('Edit Event'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('date');
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('date', array(
|
||||
'type' => 'text',
|
||||
'class' => 'datepicker'
|
||||
));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
if ('true' == $canEditDist) {
|
||||
echo $this->Form->input('distribution', array('label' => 'Distribution',
|
||||
'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv'))
|
||||
));
|
||||
echo $this->Form->input('distribution', array(
|
||||
'label' => 'Distribution',
|
||||
'selected' => 'All communities',
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
|
||||
));
|
||||
}
|
||||
}
|
||||
echo $this->Form->input('risk', array(
|
||||
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv'))));
|
||||
echo $this->Form->input('analysis', array(
|
||||
'options' => array($analysisLevels),
|
||||
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
|
||||
));
|
||||
echo $this->Form->input('info');
|
||||
echo $this->Form->input('risk', array(
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
|
||||
'div' => 'input clear'
|
||||
));
|
||||
echo $this->Form->input('analysis', array(
|
||||
'options' => array($analysisLevels),
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
|
||||
));
|
||||
echo $this->Form->input('info', array(
|
||||
'div' => 'clear',
|
||||
'class' => 'input-xxlarge'
|
||||
));
|
||||
|
||||
// link an onchange event to the form elements
|
||||
if ('true' == $canEditDist) {
|
||||
|
|
@ -28,11 +38,27 @@ $this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
|
|||
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
|
||||
?>
|
||||
</fieldset>
|
||||
<?php echo $this->Form->end(__('Submit', true));?>
|
||||
<?php
|
||||
echo $this->Form->button('Edit', array('class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
<div class="actions">
|
||||
<ul>
|
||||
<ul class="nav nav-list">
|
||||
<li><?php echo $this->Html->link(__('View Event', true), array('controller' => 'events' ,'action' => 'view', $this->request->data['Event']['id'])); ?> </li>
|
||||
<li class="divider"></li>
|
||||
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
|
||||
<?php if ($isAclAdd): ?>
|
||||
<li class="active"><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
|
||||
<?php endif; ?>
|
||||
<li class="divider"></li>
|
||||
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
|
||||
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
|
||||
<li class="divider"></li>
|
||||
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
|
||||
<?php if ($isAclAuth): ?>
|
||||
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
|
||||
<?php endif;?>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue