MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [UI] Allow to access delegations index just when delegations are enabled

pull/6719/head
Jakub Onderka 2020-12-09 17:29:08 +01:00
parent a290629fe0
commit 6f8da2c36b
4 changed files with 22 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/Controller/Component/ACLComponent.php
View File

@ -161,11 +161,11 @@ class ACLComponent extends Component
]
),
'eventDelegations' => array(
'acceptDelegation' => array('perm_add'),
'delegateEvent' => array('perm_delegate'),
'deleteDelegation' => array('perm_add'),
'index' => array('*'),
'view' => array('*'),
'acceptDelegation' => array('AND' => ['delegation_enabled', 'perm_add']),
'delegateEvent' => array('AND' => ['delegation_enabled', 'perm_delegate']),
'deleteDelegation' => array('AND' => ['delegation_enabled', 'perm_add']),
'index' => array('delegation_enabled'),
'view' => array('delegation_enabled'),
),
'eventReports' => array(
'add' => array('perm_add'),
@ -746,6 +746,9 @@ class ACLComponent extends Component
}
return true;
};
$this->dynamicChecks['delegation_enabled'] = function (array $user) {
return (bool)Configure::read('MISP.delegation');
};
}
private function __checkLoggedActions($user, $controller, $action)

17
app/Controller/EventsController.php
View File

@ -2531,19 +2531,12 @@ class EventsController extends AppController
public function publishSightings($id = null)
{
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
$event = $this->Event->fetchEvent(
$this->Auth->user(),
array(
'eventid' => $id,
'metadata' => 1
)
);
$event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id);
if (empty($event)) {
throw new NotFoundException(__('Invalid event'));
}
if ($this->request->is('post') || $this->request->is('put')) {
$result = $this->Event->publishRouter($id, null, $this->Auth->user(), 'sightings');
$result = $this->Event->publishRouter($event['Event']['id'], null, $this->Auth->user(), 'sightings');
if (!Configure::read('MISP.background_jobs')) {
if (!is_array($result)) {
// redirect to the view event page
@ -2568,12 +2561,12 @@ class EventsController extends AppController
if (!empty($errors)) {
$this->set('errors', $errors);
}
$this->set('url', $this->baseurl . '/events/publishSightings/' . $id);
$this->set('id', $id);
$this->set('url', $this->baseurl . '/events/publishSightings/' . $event['Event']['id']);
$this->set('id', $event['Event']['id']);
$this->set('_serialize', array('name', 'message', 'url', 'id', 'errors'));
} else {
$this->Flash->success($message);
$this->redirect(array('action' => 'view', $id));
$this->redirect(array('action' => 'view', $event['Event']['id']));
}
} else {
$this->set('id', $id);

12
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -374,11 +374,13 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
'url' => $baseurl . '/events/proposalEventIndex',
'text' => __('Events with proposals')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'viewDelegations',
'url' => $baseurl . '/event_delegations/index/context:pending',
'text' => __('View delegation requests')
));
if ($canAccess('eventDelegations', 'index')) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'viewDelegations',
'url' => $baseurl . '/event_delegations/index/context:pending',
'text' => __('View delegation requests')
));
}
echo $divider;
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => $baseurl . '/events/export',

3
app/View/Elements/global_menu.ctp
View File

@ -50,7 +50,8 @@
),
array(
'url' => $baseurl . '/event_delegations/index/context:pending',
'text' => __('View delegation requests')
'text' => __('View delegation requests'),
'requirement' => $canAccess('event_delegations', 'index'),
),
array(
'type' => 'separator'