mirror of https://github.com/MISP/MISP
Merge branch 'develop' of github.com:MISP/MISP into develop
iglocska
commit
544a450fea
|
|
@ -616,9 +616,9 @@ class AdminShell extends AppShell
|
|||
try {
|
||||
$redis = RedisTool::init();
|
||||
for ($i = 0; $i < 10; $i++) {
|
||||
$persistence = $redis->info('persistence');
|
||||
if (isset($persistence['loading']) && $persistence['loading']) {
|
||||
$this->out('Redis is still loading...');
|
||||
$pong = $redis->ping();
|
||||
if ($pong !== true) {
|
||||
$this->out('Redis is still loading... ' . $pong);
|
||||
sleep(1);
|
||||
} else {
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -37,14 +37,17 @@ class CompressedRequestHandlerComponent extends Component
|
|||
private function decodeGzipEncodedContent(Controller $controller)
|
||||
{
|
||||
if (function_exists('gzdecode')) {
|
||||
$decoded = gzdecode($controller->request->input());
|
||||
$input = $controller->request->input();
|
||||
if (empty($input)) {
|
||||
throw new BadRequestException('Request data should be gzip encoded, but request is empty.');
|
||||
}
|
||||
$decoded = gzdecode($input);
|
||||
if ($decoded === false) {
|
||||
throw new BadRequestException('Invalid compressed data.');
|
||||
}
|
||||
return $decoded;
|
||||
} else {
|
||||
throw new BadRequestException("This server doesn't support GZIP compressed requests.");
|
||||
}
|
||||
throw new BadRequestException("This server doesn't support GZIP compressed requests.");
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -182,10 +182,10 @@ class EcsLog implements CakeLogInterface
|
|||
}
|
||||
|
||||
/**
|
||||
* @param Exception $exception
|
||||
* @param Throwable $exception
|
||||
* @return void
|
||||
*/
|
||||
public static function handleException(Exception $exception)
|
||||
public static function handleException(Throwable $exception)
|
||||
{
|
||||
$code = $exception->getCode();
|
||||
$code = ($code && is_int($code)) ? $code : 1;
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ App::uses('Oidc', 'OidcAuth.Lib');
|
|||
* - OidcAuth.organisation_property (default: `organization`)
|
||||
* - OidcAuth.organisation_uuid_property (default: `organization_uuid`)
|
||||
* - OidcAuth.roles_property (default: `roles`)
|
||||
* - OidcAuth.default_org
|
||||
* - OidcAuth.default_org - organisation ID, UUID or name if organsation is not provided by OIDC
|
||||
* - OidcAuth.unblock (boolean, default: false)
|
||||
* - OidcAuth.offline_access (boolean, default: false)
|
||||
* - OidcAuth.check_user_validity (integer, default `0`)
|
||||
|
|
|
|||
|
|
@ -49,17 +49,22 @@ class Oidc
|
|||
}
|
||||
|
||||
$organisationProperty = $this->getConfig('organisation_property', 'organization');
|
||||
$organisationName = $claims->{$organisationProperty} ?? $this->getConfig('default_org');
|
||||
$organisationName = $claims->{$organisationProperty} ?? null;
|
||||
|
||||
$organisationUuidProperty = $this->getConfig('organisation_uuid_property', 'organization_uuid');
|
||||
$organisationUuid = $claims->{$organisationUuidProperty} ?? null;
|
||||
|
||||
$organisationId = $this->checkOrganization($organisationName, $organisationUuid, $mispUsername);
|
||||
if (!$organisationId) {
|
||||
if ($user) {
|
||||
$this->block($user);
|
||||
$defaultOrganisationId = $this->defaultOrganisationId();
|
||||
if ($defaultOrganisationId) {
|
||||
$organisationId = $defaultOrganisationId;
|
||||
} else {
|
||||
if ($user) {
|
||||
$this->block($user);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
$roleProperty = $this->getConfig('roles_property', 'roles');
|
||||
|
|
@ -123,7 +128,7 @@ class Oidc
|
|||
return $user;
|
||||
}
|
||||
|
||||
$this->log($mispUsername, 'User not found in database.');
|
||||
$this->log($mispUsername, 'User not found in database, creating new one.');
|
||||
|
||||
$time = time();
|
||||
$userData = [
|
||||
|
|
@ -320,6 +325,8 @@ class Oidc
|
|||
}
|
||||
|
||||
/**
|
||||
* Fetch organisation ID from database by provided name and UUID. If organisation is not found, it is created. If
|
||||
* organisation with given UUID has different name, then is renamed.
|
||||
* @param string $orgName Organisation name or UUID
|
||||
* @param string|null $orgUuid Organisation UUID
|
||||
* @param string $mispUsername
|
||||
|
|
@ -376,6 +383,41 @@ class Oidc
|
|||
return $orgId;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return false|int Organisation ID or false if org not found
|
||||
*/
|
||||
private function defaultOrganisationId()
|
||||
{
|
||||
$defaultOrgName = $this->getConfig('default_org');
|
||||
if (empty($defaultOrgName)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (is_numeric($defaultOrgName)) {
|
||||
$conditions = ['id' => $defaultOrgName];
|
||||
} else if (Validation::uuid($defaultOrgName)) {
|
||||
$conditions = ['uuid' => strtolower($defaultOrgName)];
|
||||
} else {
|
||||
$conditions = ['name' => $defaultOrgName];
|
||||
}
|
||||
$orgAux = $this->User->Organisation->find('first', [
|
||||
'fields' => ['Organisation.id'],
|
||||
'conditions' => $conditions,
|
||||
]);
|
||||
if (empty($orgAux)) {
|
||||
if (is_numeric($defaultOrgName)) {
|
||||
$this->log(null, "Could not find default organisation with ID `$defaultOrgName`.");
|
||||
} else if (Validation::uuid($defaultOrgName)) {
|
||||
$this->log(null, "Could not find default organisation with UUID `$defaultOrgName`.");
|
||||
} else {
|
||||
$this->log(null, "Could not find default organisation with name `$defaultOrgName`.");
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
return $orgAux['Organisation']['id'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $orgId
|
||||
* @param string $newName
|
||||
|
|
|
|||
|
|
@ -2,4 +2,5 @@
|
|||
# Whenever the regex matches, the Logs job will fail and report the error.
|
||||
class="cake-error"
|
||||
Error: [ParseError]
|
||||
Error: [PDOException]
|
||||
Error: [PDOException]
|
||||
Error: [BadRequestException]
|
||||
Loading…
Reference in New Issue