mirror of https://github.com/MISP/MISP
new: Added a way to disable certain tags from the UI, fixes #1733
- also added a new setting to set the default posture when an event containing a tag is pushed (via the API/sync/etc) - new setting allows to automatically set new tags to hidden - the hidden setting only hides the tags from the tag selection when tagging an eventpull/1774/head
iglocska
parent
3ce7715f17
commit
6778d0dad5
|
|
@ -1 +1 @@
|
|||
{"major":2, "minor":4, "hotfix":56}
|
||||
{"major":2, "minor":4, "hotfix":57}
|
||||
|
|
|
|||
|
|
@ -143,7 +143,7 @@ class TagsController extends AppController {
|
|||
}
|
||||
$this->redirect($this->referer());
|
||||
}
|
||||
|
||||
|
||||
public function edit($id) {
|
||||
if (!$this->_isSiteAdmin() && !$this->userRole['perm_tag_editor']) {
|
||||
throw new NotFoundException('You don\'t have permission to do that.');
|
||||
|
|
@ -312,8 +312,9 @@ class TagsController extends AppController {
|
|||
$options = $this->Taxonomy->getAllTaxonomyTags(true);
|
||||
$expanded = $options;
|
||||
} else if ($taxonomy_id === 'favourites') {
|
||||
$conditions = array('FavouriteTag.user_id' => $this->Auth->user('id'));
|
||||
$tags = $this->Tag->FavouriteTag->find('all', array(
|
||||
'conditions' => array('FavouriteTag.user_id' => $this->Auth->user('id')),
|
||||
'conditions' => $conditions,
|
||||
'recursive' => -1,
|
||||
'contain' => array('Tag.name')
|
||||
));
|
||||
|
|
@ -322,7 +323,11 @@ class TagsController extends AppController {
|
|||
$expanded = $options;
|
||||
}
|
||||
} else if ($taxonomy_id === 'all') {
|
||||
$options = $this->Tag->find('list', array('fields' => array('Tag.name'), 'conditions' => array('Tag.org_id' => array(0, $this->Auth->user('org_id')))));
|
||||
$conditions = array('Tag.org_id' => array(0, $this->Auth->user('org_id')));
|
||||
if (Configure::read('MISP.incoming_tags_disabled_by_default')) {
|
||||
$conditions['Tag.hide_tag'] = 0;
|
||||
}
|
||||
$options = $this->Tag->find('list', array('fields' => array('Tag.name'), 'conditions' => $conditions));
|
||||
$expanded = $options;
|
||||
} else {
|
||||
$taxonomies = $this->Taxonomy->getTaxonomy($taxonomy_id);
|
||||
|
|
|
|||
|
|
@ -36,7 +36,12 @@ class AppModel extends Model {
|
|||
// major -> minor -> hotfix -> requires_logout
|
||||
public $db_changes = array(
|
||||
2 => array(
|
||||
4 => array(18 => false, 19 => false, 20 => false, 25 => false, 27 => false, 32 => false, 33 => true, 38 => true, 39 => true, 40 => false, 42 => false, 44 => false, 45 => false, 49 => true, 50 => false, 51 => false, 52 => false, 55 => true, 56 => true)
|
||||
4 => array(
|
||||
18 => false, 19 => false, 20 => false, 25 => false, 27 => false,
|
||||
32 => false, 33 => true, 38 => true, 39 => true, 40 => false,
|
||||
42 => false, 44 => false, 45 => false, 49 => true, 50 => false,
|
||||
51 => false, 52 => false, 55 => true, 56 => true, 57 => true
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
|
|
@ -446,7 +451,7 @@ class AppModel extends Model {
|
|||
$sqlArray[] = "ALTER TABLE feeds ADD settings text NOT NULL DEFAULT '';";
|
||||
break;
|
||||
case '2.4.56':
|
||||
$sqlArray[] =
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxies (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
|
|
@ -456,12 +461,12 @@ class AppModel extends Model {
|
|||
`version` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
|
||||
$this->__addIndex('galaxies', 'name');
|
||||
$this->__addIndex('galaxies', 'uuid');
|
||||
$this->__addIndex('galaxies', 'type');
|
||||
|
||||
$sqlArray[] =
|
||||
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxy_clusters (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
|
|
@ -474,13 +479,13 @@ class AppModel extends Model {
|
|||
`authors` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
|
||||
$this->__addIndex('galaxy_clusters', 'value', 255);
|
||||
$this->__addIndex('galaxy_clusters', 'tag_name');
|
||||
$this->__addIndex('galaxy_clusters', 'uuid');
|
||||
$this->__addIndex('galaxy_clusters', 'type');
|
||||
|
||||
$sqlArray[] =
|
||||
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxy_elements (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`galaxy_cluster_id` int(11) NOT NULL,
|
||||
|
|
@ -488,7 +493,7 @@ class AppModel extends Model {
|
|||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
|
||||
$this->__addIndex('galaxy_elements', 'key');
|
||||
$this->__addIndex('galaxy_elements', 'value', 255);
|
||||
|
||||
|
|
@ -502,12 +507,19 @@ class AppModel extends Model {
|
|||
`referenced_galaxy_cluster_value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
|
||||
$this->__addIndex('galaxy_reference', 'galaxy_cluster_id');
|
||||
$this->__addIndex('galaxy_reference', 'referenced_galaxy_cluster_id');
|
||||
$this->__addIndex('galaxy_reference', 'referenced_galaxy_cluster_value', 255);
|
||||
$this->__addIndex('galaxy_reference', 'referenced_galaxy_cluster_type', 255);
|
||||
|
||||
|
||||
break;
|
||||
case '2.4.57':
|
||||
$sqlArray[] = 'ALTER TABLE tags ADD hide_tag tinyint(1) NOT NULL DEFAULT 0;';
|
||||
// new indeces to match the changes in #1766
|
||||
$this->__dropIndex('correlations', '1_event_id');
|
||||
$this->__addIndex('correlations', '1_event_id');
|
||||
$this->__addIndex('warninglist_entries', 'warninglist_id');
|
||||
break;
|
||||
case 'fixNonEmptySharingGroupID':
|
||||
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
||||
|
|
@ -599,7 +611,7 @@ class AppModel extends Model {
|
|||
));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private function __addIndex($table, $field, $length = false) {
|
||||
$dataSourceConfig = ConnectionManager::getDataSource('default')->config;
|
||||
$dataSource = $dataSourceConfig['datasource'];
|
||||
|
|
|
|||
|
|
@ -680,6 +680,15 @@ class Server extends AppModel {
|
|||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => false,
|
||||
),
|
||||
'incoming_tags_disabled_by_default' => array(
|
||||
'level' => 1,
|
||||
'description' => 'Enable this settings if new tags synced / added via incoming events from any source should not be selectable by users by default.',
|
||||
'value' => false,
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => false
|
||||
)
|
||||
),
|
||||
'GnuPG' => array(
|
||||
|
|
@ -2478,10 +2487,10 @@ class Server extends AppModel {
|
|||
}
|
||||
return array('success' => $success, 'response' => $response, 'canPush' => $canPush, 'version' => $remoteVersion);
|
||||
}
|
||||
|
||||
|
||||
/* This is a fallback for legacy remote instances that don't report back the current user's sync permission.
|
||||
*
|
||||
* The idea is simple: If we have no way of determining the perm_sync flag from the remote instance, request
|
||||
*
|
||||
* The idea is simple: If we have no way of determining the perm_sync flag from the remote instance, request
|
||||
* /servers/testConnection from the remote. This API is used to check the remote connectivity and expects an ID to be passed
|
||||
* In this case however we are not passing an ID so ideally it will return 404, meaning that the instance is invalid.
|
||||
* We are abusing the fact that only sync users can use this functionality, if we don't have sync permission we'll get a 403
|
||||
|
|
@ -2581,7 +2590,7 @@ class Server extends AppModel {
|
|||
}
|
||||
return $writeableFiles;
|
||||
}
|
||||
|
||||
|
||||
public function readableFilesDiagnostics(&$diagnostic_errors) {
|
||||
$readableFiles = array(
|
||||
APP . 'files' . DS . 'scripts' . DS . 'stixtest.py' => 0
|
||||
|
|
@ -3139,12 +3148,12 @@ class Server extends AppModel {
|
|||
}
|
||||
return $validServers;
|
||||
}
|
||||
|
||||
|
||||
public function extensionDiagnostics() {
|
||||
$results = array();
|
||||
$extensions = array('redis');
|
||||
foreach ($extensions as $extension) {
|
||||
$results['web']['extensions'][$extension] = extension_loaded($extension);
|
||||
$results['web']['extensions'][$extension] = extension_loaded($extension);
|
||||
}
|
||||
if (!is_readable(APP . '/files/scripts/selftest.php')) {
|
||||
$results['cli'] = false;
|
||||
|
|
|
|||
|
|
@ -54,12 +54,15 @@ class Tag extends AppModel {
|
|||
'foreignKey' => 'org_id',
|
||||
)
|
||||
);
|
||||
|
||||
|
||||
public function beforeValidate($options = array()) {
|
||||
parent::beforeValidate();
|
||||
if (!isset($this->data['Tag']['org_id'])) {
|
||||
$this->data['Tag']['org_id'] = 0;
|
||||
}
|
||||
if (!isset($this->data['Tag']['hide_tag'])) {
|
||||
$this->data['Tag']['hide_tag'] = Configure::read('MISP.incoming_tags_disabled_by_default') ? 1 : 0;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
@ -114,7 +117,8 @@ class Tag extends AppModel {
|
|||
'name' => $tag['name'],
|
||||
'colour' => $tag['colour'],
|
||||
'exportable' => isset($tag['exportable']) ? $tag['exportable'] : 0,
|
||||
'org_id' => 0
|
||||
'org_id' => 0,
|
||||
'hide_tag' => Configure::read('MISP.incoming_tags_disabled_by_default') ? 1 : 0
|
||||
);
|
||||
$this->save($tag);
|
||||
return $this->id;
|
||||
|
|
|
|||
|
|
@ -147,6 +147,9 @@ class Taxonomy extends AppModel {
|
|||
$conditions = array('Tag.org_id' => array(0, $user['org_id']));
|
||||
}
|
||||
}
|
||||
if (Configure::read('MISP.incoming_tags_disabled_by_default')) {
|
||||
$conditions['Tag.hide_tag'] = 0;
|
||||
}
|
||||
$allTags = $this->Tag->find(
|
||||
'list', array(
|
||||
'fields' => array('name'),
|
||||
|
|
|
|||
|
|
@ -17,6 +17,12 @@
|
|||
echo $this->Form->input('exportable', array(
|
||||
'type' => 'checkbox', 'checked' => true
|
||||
));
|
||||
?>
|
||||
<div class="clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('hide_tag', array(
|
||||
'type' => 'checkbox', 'checked' => false
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<?php
|
||||
|
|
|
|||
|
|
@ -18,6 +18,12 @@
|
|||
'type' => 'checkbox'
|
||||
));
|
||||
?>
|
||||
<div class="clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('hide_tag', array(
|
||||
'type' => 'checkbox',
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<?php
|
||||
echo $this->Form->button('Edit', array('class' => 'btn btn-primary'));
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@
|
|||
<tr>
|
||||
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||
<th><?php echo $this->Paginator->sort('exportable');?></th>
|
||||
<th><?php echo $this->Paginator->sort('hide_tag', 'Hidden');?></th>
|
||||
<th><?php echo $this->Paginator->sort('name');?></th>
|
||||
<th>Restricted to</th>
|
||||
<th>Taxonomy</th>
|
||||
|
|
@ -40,6 +41,7 @@ foreach ($list as $item): ?>
|
|||
<tr>
|
||||
<td class="short"><?php echo h($item['Tag']['id']); ?> </td>
|
||||
<td class="short"><span class="<?php echo ($item['Tag']['exportable'] ? 'icon-ok' : 'icon-remove'); ?>"></span></td>
|
||||
<td class="short"><span class="icon-<?php echo $item['Tag']['hide_tag'] ? 'ok' : 'remove'; ?>"></span></td>
|
||||
<td><a href="<?php echo $baseurl . "/events/index/searchtag:" . $item['Tag']['id']; ?>" class="tag" style="background-color: <?php echo h($item['Tag']['colour']); ?>;color:<?php echo $this->TextColour->getTextColour($item['Tag']['colour']); ?>" title="<?php echo isset($item['Tag']['Taxonomy']['expanded']) ? h($item['Tag']['Taxonomy']['expanded']) : h($item['Tag']['name']); ?>"><?php echo h($item['Tag']['name']); ?></a></td>
|
||||
<td class="short">
|
||||
<?php if ($item['Tag']['org_id']): ?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue