MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Org admin privileges 

Added restrictions for org admins and regular users to be able to see
regexp/whitelist/blacklist information without being able to edit them.
Org admins can also see the roles but not edit them.
pull/63/head
Andras Iklody 2013-01-28 11:44:09 +01:00
parent 729e1e2206
commit 504599fbcc
9 changed files with 287 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/Controller/BlacklistsController.php
View File

@ -46,6 +46,7 @@ class BlacklistsController extends AppController {
* @return void
*/
public function admin_add() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blacklists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminAdd();
}
@ -55,6 +56,7 @@ class BlacklistsController extends AppController {
* @return void
*/
public function admin_index() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blacklists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminIndex();
}
@ -66,6 +68,7 @@ class BlacklistsController extends AppController {
* @throws NotFoundException
*/
public function admin_edit($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blacklists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminEdit($id);
}
@ -78,6 +81,17 @@ class BlacklistsController extends AppController {
* @throws NotFoundException
*/
public function admin_delete($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blacklists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminDelete($id);
}
/**
* index method
*
* @return void
*/
public function index() {
$this->recursive = 0;
$this->set('list', Sanitize::clean($this->paginate()));
}
}

18
app/Controller/RegexpController.php
View File

@ -46,7 +46,9 @@ class RegexpController extends AppController {
* @return void
*/
public function admin_index() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminIndex();
//}
}
/**
@ -57,6 +59,7 @@ class RegexpController extends AppController {
* @throws NotFoundException
*/
public function admin_edit($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminEdit($id);
}
@ -69,13 +72,26 @@ class RegexpController extends AppController {
* @throws NotFoundException
*/
public function admin_delete($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminDelete($id);
}
/**
* index method
*
* @return void
*/
public function index() {
$this->recursive = 0;
$this->set('list', Sanitize::clean($this->paginate()));
}
/**
*
*/
public function admin_clean() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$this->regexpAll('Attribute', 'value');
$this->regexpAll('Event', 'info');
@ -83,6 +99,7 @@ class RegexpController extends AppController {
}
public function regexpAll($Model, $Field) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$deletable = array();
$this->loadModel($Model);
$all = $this->{$Model}->find('all', array('recursive' => -1));
@ -102,6 +119,7 @@ class RegexpController extends AppController {
}
public function replaceSpecific($origString) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
$returnValue = true;
$allRegexp = $this->Regexp->find('all'); // TODO REGEXP INIT LOAD ARRAY
foreach ($allRegexp as $regexp) {

16
app/Controller/RolesController.php
View File

@ -55,6 +55,7 @@ class RolesController extends AppController {
* @return void
*/
public function admin_add() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminAdd();
$this->set('options', $this->options);
}
@ -65,6 +66,7 @@ class RolesController extends AppController {
* @return void
*/
public function admin_index() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminIndex();
$this->set('options', $this->options);
}
@ -77,6 +79,7 @@ class RolesController extends AppController {
* @throws NotFoundException
*/
public function admin_edit($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminEdit($id);
$this->set('options', $this->options);
}
@ -84,7 +87,7 @@ class RolesController extends AppController {
/**
* admin_delete method
*
* @param string $id
* @param string $id
*
* @throws MethodNotAllowedException
* @throws NotFoundException
@ -94,4 +97,15 @@ class RolesController extends AppController {
public function admin_delete($id = null) {
$this->AdminCrud->adminDelete($id);
}
/**
* index method
*
* @return void
*/
public function index() {
$this->recursive = 0;
$this->set('list', Sanitize::clean($this->paginate()));
$this->set('options', $this->options);
}
}

12
app/Controller/WhitelistsController.php
View File

@ -56,6 +56,7 @@ class WhitelistsController extends AppController {
* @return void
*/
public function admin_index() {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'whitelists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminIndex();
}
@ -67,6 +68,7 @@ class WhitelistsController extends AppController {
* @throws NotFoundException
*/
public function admin_edit($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blaclists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminEdit($id);
}
@ -79,6 +81,16 @@ class WhitelistsController extends AppController {
* @throws NotFoundException
*/
public function admin_delete($id = null) {
if($this->Auth->User['User']['org'] != 'ADMIN') $this->redirect(array('controller' => 'blaclists', 'action' => 'index', 'admin' => false));
$this->AdminCrud->adminDelete($id);
}
/**
* index method
*
* @return void
*/
public function index() {
$this->recursive = 0;
$this->set('list', Sanitize::clean($this->paginate()));
}
}

35
app/View/Blacklists/index.ctp Normal file
View File

@ -0,0 +1,35 @@
<div class="whitelist index">
<h2><?php echo __('Import Blacklist');?></h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
</tr><?php
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Blacklist']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Blacklist']['name']);?>&nbsp;</td>
</tr><?php
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>

120
app/View/Elements/actions_menu.ctp
View File

@ -1,46 +1,76 @@
<li><?php
if ($isAclAdd) echo $this->Html->link(__('New Event', true), array('controller' => 'events', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Events', true), array('controller' => 'events', 'action' => 'index')); ?></li>
<li><?php echo $this->Html->link(__('List Attributes', true), array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Search Attributes', true), array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><?php echo $this->Html->link(__('Export', true), array('controller' => 'events', 'action' => 'export')); ?></li>
<li>&nbsp;</li>
<h3><?php echo __('Global Actions'); ?></h3>
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout')); ?> </li>
<?php
if (('true' == Configure::read('CyDefSIG.sync')) && ($isAclSync || $isAdmin)): ?>
<li>&nbsp;</li>
<h3><?php echo __('Sync Actions'); ?></h3>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<?php
endif;?>
<?php
if($isAdmin || $isAclAdmin): ?>
<li>&nbsp;</li>
<h3><?php echo __('Administration'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('New Role', true), array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<?php
endif;?>
<?php
if($isAdmin || $isAclAudit): ?>
<h3><?php echo __('Audit'); ?></h3>
<li><?php echo $this->Html->link(__('List Logs', true), array('controller' => 'logs', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Search Logs', true), array('controller' => 'logs', 'action' => 'admin_search', 'admin' => true)); ?> </li>
<?php
<li><?php
if ($isAclAdd) echo $this->Html->link(__('New Event', true), array('controller' => 'events', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Events', true), array('controller' => 'events', 'action' => 'index')); ?></li>
<li><?php echo $this->Html->link(__('List Attributes', true), array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Search Attributes', true), array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><?php echo $this->Html->link(__('Export', true), array('controller' => 'events', 'action' => 'export')); ?></li>
<li>&nbsp;</li>
<h3><?php echo __('Global Actions'); ?></h3>
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout')); ?> </li>
<?php
if (('true' == Configure::read('CyDefSIG.sync')) && ($isAclSync || $isAdmin)): ?>
<li>&nbsp;</li>
<h3><?php echo __('Sync Actions'); ?></h3>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<?php
endif;?>
<?php
//Site admin
if($isAdmin && $isAclAdmin && $me['org'] == 'ADMIN'): ?>
<li>&nbsp;</li>
<h3><?php echo __('Administration'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('New Role', true), array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<?php
endif;?>
<?php
//org admin
if($isAdmin && $isAclAdmin && $me['org'] != 'ADMIN'): ?>
<li>&nbsp;</li>
<h3><?php echo __('Administration'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
<li>&nbsp;</li>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index')); ?> </li>
<li>&nbsp;</li>
<?php
endif;?>
<?php
//normal user
if(!$isAdmin && !$isAclAdmin): ?>
<li>&nbsp;</li>
<h3><?php echo __('Lists'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
<?php
endif;?>
<?php
if($isAdmin || $isAclAudit): ?>
<h3><?php echo __('Audit'); ?></h3>
<li><?php echo $this->Html->link(__('List Logs', true), array('controller' => 'logs', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Search Logs', true), array('controller' => 'logs', 'action' => 'admin_search', 'admin' => true)); ?> </li>
<?php
endif;

41
app/View/Regexp/index.ctp Normal file
View File

@ -0,0 +1,41 @@
<div class="regexp index">
<h2><?php echo __('Import Regexp');?></h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('regexp');?></th>
<th><?php echo $this->Paginator->sort('replacement');?></th>
</tr><?php
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Regexp']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['regexp']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['replacement']);?>&nbsp;</td>
<td class="actions">
<?php //echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $item['Regexp']['id']));?>
<?php //echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $item['Regexp']['id']), null, __('Are you sure you want to delete %s?', $item['Regexp']['regexp']));?>
</td>
</tr><?php
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>

42
app/View/Roles/index.ctp Normal file
View File

@ -0,0 +1,42 @@
<div class="roles index">
<h2><?php echo __('Roles');?></h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
<th><?php echo $this->Paginator->sort('permission', 'Permission');?></th>
<th><?php echo $this->Paginator->sort('perm_sync', 'Sync Actions');?></th>
<th><?php echo $this->Paginator->sort('perm_admin', 'Administration Actions');?></th>
<th><?php echo $this->Paginator->sort('perm_audit', 'Audit Actions');?></th>
</tr><?php
foreach ($list as $item): ?>
<tr>
<td class="short"><?php echo h($item['Role']['id']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['name']); ?>&nbsp;</td>
<td class="short"><?php echo h($options[$item['Role']['permission']]); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_sync']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_admin']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_audit']); ?>&nbsp;</td>
</tr><?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

35
app/View/Whitelists/index.ctp Normal file
View File

@ -0,0 +1,35 @@
<div class="whitelist index">
<h2><?php echo __('Signature Whitelist');?></h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
</tr><?php
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Whitelist']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Whitelist']['name']);?>&nbsp;</td>
</tr><?php
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>