mirror of https://github.com/MISP/MISP
new: [advanced authkey] system
parent
cd1217b36e
commit
5b256405c0
|
@ -42,16 +42,17 @@ class AuthKeysController extends AppController
|
|||
if ($this->IndexFilter->isRest()) {
|
||||
return $this->restResponsePayload;
|
||||
}
|
||||
$this->set('metaGroup', 'admin');
|
||||
$this->set('metaGroup', $this->_isAdmin ? 'admin' : 'globalActions');
|
||||
$this->set('metaAction', 'authkeys_index');
|
||||
}
|
||||
|
||||
public function delete($id)
|
||||
{
|
||||
$params = [];
|
||||
if (!$isAdmin()) {
|
||||
$params['conditions'] = ['user_id' => $this->Auth->user('id')];
|
||||
}
|
||||
$this->CRUD->delete($id);
|
||||
$this->CRUD->delete($id, $params);
|
||||
if ($this->IndexFilter->isRest()) {
|
||||
return $this->restResponsePayload;
|
||||
}
|
||||
|
|
|
@ -72,6 +72,13 @@ class ACLComponent extends Component
|
|||
'view' => array('*'),
|
||||
'viewPicture' => array('*'),
|
||||
),
|
||||
'authKeys' => [
|
||||
'add' => ['perm_auth'],
|
||||
'delete' => ['perm_auth'],
|
||||
'edit' => ['perm_auth'],
|
||||
'index' => ['perm_auth'],
|
||||
'view' => ['perm_auth']
|
||||
],
|
||||
'dashboards' => array(
|
||||
'getForm' => array('*'),
|
||||
'index' => array('*'),
|
||||
|
@ -631,6 +638,7 @@ class ACLComponent extends Component
|
|||
'tagStatisticsGraph' => array('*'),
|
||||
'terms' => array('*'),
|
||||
'updateLoginTime' => array('*'),
|
||||
'updateToAdvancedAuthKeys' => array(),
|
||||
'verifyCertificate' => array(),
|
||||
'verifyGPG' => array(),
|
||||
'view' => array('*'),
|
||||
|
|
|
@ -87,6 +87,7 @@ class UsersController extends AppController
|
|||
return $this->RestResponse->viewData($this->__massageUserObject($user), $this->response->type());
|
||||
} else {
|
||||
$this->set('user', $user);
|
||||
$this->set('admin_view', false);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -616,6 +617,8 @@ class UsersController extends AppController
|
|||
$user2 = $this->User->find('first', array('conditions' => array('User.id' => $user['User']['invited_by']), 'recursive' => -1));
|
||||
$this->set('id', $id);
|
||||
$this->set('user2', $user2);
|
||||
$this->set('admin_view', true);
|
||||
$this->render('view');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,36 +1,83 @@
|
|||
<?php
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('ID'), 'value' => $user['User']['id']);
|
||||
$table_data[] = array('key' => __('Email'), 'value' => $user['User']['email']);
|
||||
$table_data[] = array('key' => __('Organisation'), 'value' => $user['Organisation']['name']);
|
||||
$table_data[] = array(
|
||||
'key' => __('Email'),
|
||||
'html' => sprintf(
|
||||
'%s <a class="fas fa-envelope" style="color: #333" href="%s/admin/users/quickEmail/%s" title="%s"></a>',
|
||||
h($user['User']['email']),
|
||||
$baseurl,
|
||||
h($user['User']['id']),
|
||||
__('Send email to user')
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Organisation'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($user['Organisation']['id']),
|
||||
h($user['Organisation']['name'])
|
||||
)
|
||||
);
|
||||
$table_data[] = array('key' => __('Role'), 'html' => $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])));
|
||||
$table_data[] = array('key' => __('Autoalert'), 'boolean' => $user['User']['autoalert']);
|
||||
$table_data[] = array('key' => __('Contactalert'), 'boolean' => $user['User']['contactalert']);
|
||||
$authkey_data = sprintf(
|
||||
'<a onclick="requestAPIAccess();" style="cursor:pointer;">%s</a>',
|
||||
'<a onclick="requestAPIAccess();" style="cursor:pointer;"></a>',
|
||||
__('Request API access')
|
||||
);
|
||||
if ($user['Role']['perm_auth']) {
|
||||
if (empty(Configure::read('Security.advanced_authkeys'))) {
|
||||
$authkey_data = sprintf(
|
||||
'<span class="privacy-value quickSelect authkey" data-hidden-value="%s">****************************************</span> <i class="privacy-toggle fas fa-eye useCursorPointer" title="%s"></i>%s',
|
||||
h($user['User']['authkey']),
|
||||
__('Reveal hidden value'),
|
||||
(Configure::read('MISP.disableUserSelfManagement') && !$isAdmin) ? '' :
|
||||
sprintf(
|
||||
' (%s)',
|
||||
$this->Form->postLink(__('reset'), array('action' => 'resetauthkey', $user['User']['id']))
|
||||
sprintf(
|
||||
' (%s)',
|
||||
$this->Form->postLink(__('reset'), array('action' => 'resetauthkey', $user['User']['id']))
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Authkey'),
|
||||
'html' => $authkey_data
|
||||
);
|
||||
}
|
||||
|
||||
)
|
||||
if (Configure::read('Plugin.CustomAuth_enable') && !empty($user['User']['external_auth_key'])) {
|
||||
$header = Configure::read('Plugin.CustomAuth_header') ?: 'Authorization';
|
||||
$table_data[] = array(
|
||||
'key' => __('Customauth header'),
|
||||
'html' => sprintf(
|
||||
'%s: <span class="green bold">%s</span>',
|
||||
h($header),
|
||||
h($user['User']['external_auth_key'])
|
||||
)
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Authkey'),
|
||||
'html' => $authkey_data
|
||||
'key' => __('Invited By'),
|
||||
'html' => empty($user2['User']['email']) ? 'N/A' : sprintf('<a href="%s/admin/users/view/%s">%s</a>', $baseurl, h($user2['User']['id']), h($user2['User']['email'])),
|
||||
);
|
||||
$org_admin_data = array();
|
||||
if ($admin_view) {
|
||||
foreach ($user['User']['orgAdmins'] as $orgAdminId => $orgAdminEmail) {
|
||||
$org_admin_data[] = sprintf(
|
||||
'<a href="%s/admin/users/view/%s">%s</a> <a class="fas fa-envelope" style="color: #333" href="%s/admin/users/quickEmail/%s" title="%s"></a>',
|
||||
$baseurl,
|
||||
h($orgAdminId),
|
||||
h($orgAdminEmail),
|
||||
$baseurl,
|
||||
h($orgAdminId),
|
||||
__('Send email to user')
|
||||
);
|
||||
}
|
||||
$table_data[] = array('key' => __('Org admin'), 'html' => implode('<br>', $org_admin_data));
|
||||
}
|
||||
$table_data[] = array('key' => __('NIDS Start SID'), 'value' => $user['User']['nids_sid']);
|
||||
$table_data[] = array('key' => __('Terms accepted'), 'boolean' => $user['User']['termsaccepted']);
|
||||
$table_data[] = array('key' => __('Must change password'), 'boolean' => $user['User']['change_pw']);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG key'),
|
||||
'key' => __('PGP key'),
|
||||
'element' => 'genericElements/key',
|
||||
'element_params' => array('key' => $user['User']['gpgkey']),
|
||||
);
|
||||
|
@ -38,12 +85,12 @@
|
|||
$table_data[] = array(
|
||||
'key' => __('GnuPG fingerprint'),
|
||||
'class_value' => "quickSelect bold " . $user['User']['gpgkey'] ? 'green' : 'bold red',
|
||||
'html' => $user['User']['fingerprint'] ? chunk_split(h($user['User']['fingerprint']), 4, ' ') : 'N/A'
|
||||
'value' => $user['User']['fingerprint'] ? chunk_split($user['User']['fingerprint'], 4, ' ') : 'N/A'
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG status'),
|
||||
'class_value' => "bold" . (empty($user['User']['pgp_status']) || $user['User']['pgp_status'] != 'OK') ? 'red': 'green',
|
||||
'html' => !empty($user['User']['pgp_status']) ? h($user['User']['pgp_status']) : 'N/A'
|
||||
'value' => !empty($user['User']['pgp_status']) ? $user['User']['pgp_status'] : 'N/A'
|
||||
);
|
||||
}
|
||||
if (Configure::read('SMIME.enabled')) {
|
||||
|
@ -53,18 +100,61 @@
|
|||
'element_params' => array('key' => $user['User']['certif_public']),
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('News read at'),
|
||||
'value' => $user['User']['newsread'] ? date('Y-m-d H:i:s', $user['User']['newsread']) : __('N/A')
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Disabled'),
|
||||
'class' => empty($user['User']['disabled']) ? '' : 'background-red',
|
||||
'boolean' => $user['User']['disabled']
|
||||
);
|
||||
echo $this->element('genericElements/assetLoader', array(
|
||||
'css' => array('vis', 'distribution-graph'),
|
||||
'js' => array('vis', 'network-distribution-graph')
|
||||
));
|
||||
$current_menu = [
|
||||
'admin_view' => ['menuList' => 'admin', 'menuItem' => 'viewUser'],
|
||||
'view' => ['menuList' => 'globalActions', 'menuItem' => 'view']
|
||||
];
|
||||
echo sprintf(
|
||||
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s</div>%s',
|
||||
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s<div style="margin-top:20px;">%s%s</div></div>%s',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('User %s', h($user['User']['email'])),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
sprintf(
|
||||
'<a href="%s" class="btn btn-inverse" download>%s</a>',
|
||||
$baseurl . '/users/view/me.json',
|
||||
'<br><a href="%s" class="btn btn-inverse" download>%s</a>',
|
||||
sprintf(
|
||||
'%s/users/view/%s.json',
|
||||
$baseurl,
|
||||
h($user['User']['id'])
|
||||
),
|
||||
__('Download user profile for data portability')
|
||||
),
|
||||
$this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'globalActions', 'menuItem' => 'view'))
|
||||
$me['Role']['perm_auth'] ? $this->element('/genericElements/accordion', array('title' => 'Authkeys', 'url' => '/auth_keys/index/' . h($user['User']['id']))) : '',
|
||||
$this->element('/genericElements/accordion', array('title' => 'Events', 'url' => '/events/index/searchemail:' . urlencode(h($user['User']['email'])))),
|
||||
$this->element('/genericElements/SideMenu/side_menu', $current_menu[$admin_view ? 'admin_view' : 'view'])
|
||||
);
|
||||
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
$(function () {
|
||||
$.ajax({
|
||||
url: '<?php echo $baseurl . "/events/index/searchemail:" . urlencode(h($user['User']['email'])); ?>',
|
||||
type:'GET',
|
||||
beforeSend: function () {
|
||||
$(".loading").show();
|
||||
},
|
||||
error: function(){
|
||||
$('#userEvents').html('An error has occurred, please reload the page.');
|
||||
},
|
||||
success: function(response){
|
||||
$('#userEvents').html(response);
|
||||
},
|
||||
complete: function() {
|
||||
$(".loading").hide();
|
||||
}
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
|
Loading…
Reference in New Issue