MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [users:index] Batch toggleable fields

pull/7378/head
mokaddem 2021-05-03 16:11:18 +02:00
parent bacf072c59
commit 748bc65daa
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
7 changed files with 251 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Controller/Component/ACLComponent.php
View File

@ -677,6 +677,7 @@ class ACLComponent extends Component
'admin_email' => array('perm_admin'),
'admin_filterUserIndex' => array('perm_admin'),
'admin_index' => array('perm_admin'),
'admin_massToggleField' => array('perm_admin'),
'admin_monitor' => array('perm_site_admin'),
'admin_quickEmail' => array('perm_admin'),
'admin_view' => array('perm_admin'),

50
app/Controller/UsersController.php
View File

@ -28,6 +28,8 @@ class UsersController extends AppController
public $helpers = array('Js' => array('Jquery'));
public $toggleableFields = ['disabled', 'autoalert'];
public function beforeFilter()
{
parent::beforeFilter();
@ -1090,6 +1092,54 @@ class UsersController extends AppController
$this->redirect(array('action' => 'index'));
}
public function admin_massToggleField($fieldName, $enabled)
{
if (!in_array($fieldName, $this->toggleableFields)) {
throw new MethodNotAllowedException(__('The field `%s` cannot be toggled', $fieldName));
}
if (!$this->_isAdmin()) {
throw new UnauthorizedException(__('Administrators only'));
}
if ($this->request->is('post') || $this->request->is('put')) {
$jsonIds = $this->request->data['User']['user_ids'];
$ids = $this->User->jsonDecode($jsonIds);
$conditions = ['User.id' => $ids];
if (!$this->_isSiteAdmin()) {
$conditions['User.org_id'] = $this->Auth->user('org_id');
}
$users = $this->User->find('all', [
'conditions' => $conditions,
'recursive' => -1
]);
if (empty($users)) {
throw new NotFoundException(__('Invalid users'));
}
$count = 0;
foreach ($users as $user) {
if ($user['User'][$fieldName] != $enabled) {
$this->User->id = $user['User']['id'];
$this->User->saveField($fieldName, $enabled);
$count++;
}
}
if ($count > 0) {
$message = __('%s users got their field `%s` %s', $count, $fieldName, $enabled ? __('enabled') : __('disabled'));
} else {
$message = __('All users have already their field `%s` %s', $fieldName, $enabled ? __('enabled') : __('disabled'));
}
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('User', 'admin_massToggleField', 'selected', $this->response->type(), $message);
} else {
if ($count > 0) {
$this->Flash->success($message);
} else {
$this->Flash->info($message);
}
$this->redirect('/admin/users/index');
}
}
}
public function updateLoginTime()
{
if (!$this->request->is('post')) {

9
app/Model/Server.php
View File

@ -5515,6 +5515,15 @@ class Server extends AppModel
'type' => 'numeric',
'null' => true,
],
'warning_for_all' => [
'level' => 1,
'description' => __('Enable warning list notification regardless of the IDS flag value'),
'value' => false,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean',
'null' => true
]
),
'GnuPG' => array(
'branch' => 1,

2
app/View/Elements/genericElements/IndexTable/Fields/selector.ctp
View File

@ -13,7 +13,7 @@
}
}
echo sprintf(
'<input class="select_attribute select" type="checkbox" data-rowid="%s" %s>',
'<input class="select_attribute select" ondblclick="event.stopPropagation();" type="checkbox" data-rowid="%s" %s>',
h($k),
empty($data) ? '' : implode(' ', $data)
);

269
app/View/Users/admin_index.ctp
View File

@ -1,4 +1,5 @@
<?php
$multiSelectField = array();
if (!$this->request->is('ajax')) {
// Allow reset Keys, filtering and searching if viewing the /users/index page
echo '<div class="index">';
@ -17,6 +18,34 @@
);
$topBar = array(
'children' => array(
array(
'children' => array(
array(
'class' => 'hidden mass-select',
'text' => __('Disable selected users'),
'onClick' => "multiSelectToggleField",
'onClickParams' => array('admin/users', 'massToggleField', 'disabled', '1')
),
array(
'class' => 'hidden mass-select',
'text' => __('Enable selected users'),
'onClick' => "multiSelectToggleField",
'onClickParams' => array('admin/users', 'massToggleField', 'disabled', '0')
),
array(
'class' => 'hidden mass-select',
'text' => __('Disable publish emailing'),
'onClick' => "multiSelectToggleField",
'onClickParams' => array('admin/users', 'massToggleField', 'autoalert', '0')
),
array(
'class' => 'hidden mass-select',
'text' => __('Enable publish emailing'),
'onClick' => "multiSelectToggleField",
'onClickParams' => array('admin/users', 'massToggleField', 'autoalert', '1')
),
)
),
array(
'type' => 'simple',
'children' => array(
@ -57,6 +86,15 @@
)
)
);
$multiSelectField = array(array(
'element' => 'selector',
'class' => 'short',
'data' => array(
'id' => array(
'value_path' => 'User.id'
)
)
));
} else {
$description = '';
$topBar = [];
@ -65,122 +103,125 @@
'data' => array(
'data' => $users,
'top_bar' => $topBar,
'fields' => array(
'fields' => array_merge(
$multiSelectField,
array(
'name' => __('ID'),
'sort' => 'id',
'class' => 'short',
'data_path' => 'User.id'
),
array(
'name' => __('Org'),
'sort' => 'User.org_id',
'element' => 'org',
'data_path' => 'Organisation'
),
array(
'name' => __('Role'),
'sort' => 'User.role_id',
'class' => 'short',
'element' => 'role',
'data_path' => 'Role'
),
array(
'name' => __('Email'),
'sort' => 'User.email',
'data_path' => 'User.email'
),
array(
'name' => __('Authkey'),
'sort' => 'User.authkey',
'class' => 'bold quickSelect',
'data_path' => 'User.authkey',
'privacy' => 1,
'requirement' => empty(Configure::read('Security.advanced_authkeys'))
),
array(
'name' => __('Event alert'),
'element' => 'boolean',
'sort' => 'User.autoalert',
'class' => 'short',
'data_path' => 'User.autoalert'
),
array(
'name' => __('Contact alert'),
'element' => 'boolean',
'sort' => 'User.contactalert',
'class' => 'short',
'data_path' => 'User.contactalert'
),
array(
'name' => __('PGP Key'),
'element' => 'boolean',
'sort' => 'User.gpgkey',
'class' => 'short',
'data_path' => 'User.gpgkey'
),
array(
'name' => __('S/MIME'),
'element' => 'boolean',
'sort' => 'User.certif_public',
'class' => 'short',
'data_path' => 'User.certif_public',
'requirement' => Configure::read('SMIME.enabled')
),
array(
'name' => __('NIDS SID'),
'sort' => 'User.nids_sid',
'class' => 'short',
'data_path' => 'User.nids_sid'
),
array(
'name' => __('Terms Accepted'),
'element' => 'boolean',
'sort' => 'User.termsaccepted',
'class' => 'short',
'data_path' => 'User.termsaccepted'
),
array(
'name' => __('Last Login'),
'sort' => 'User.current_login',
'element' => 'datetime',
'empty' => __('Never'),
'class' => 'short',
'data_path' => 'User.current_login'
),
array(
'name' => __('Created'),
'sort' => 'User.date_created',
'element' => 'datetime',
'class' => 'short',
'data_path' => 'User.date_created'
),
array(
'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')),
'sort' => 'User.external_auth_required',
'element' => 'boolean',
'class' => 'short',
'data_path' => 'User.external_auth_required',
'requirement' => (Configure::read('Plugin.CustomAuth_enable') && empty(Configure::read('Plugin.CustomAuth_required')))
),
array(
'name' => __('Monitored'),
'element' => 'toggle',
'url' => $baseurl . '/admin/users/monitor',
'url_params_data_paths' => array(
'User.id'
array(
'name' => __('ID'),
'sort' => 'id',
'class' => 'short',
'data_path' => 'User.id'
),
'sort' => 'User.disabled',
'class' => 'short',
'data_path' => 'User.monitored',
'requirement' => $isSiteAdmin && Configure::read('Security.user_monitoring_enabled')
),
array(
'name' => __('Disabled'),
'element' => 'boolean',
'sort' => 'User.disabled',
'class' => 'short',
'data_path' => 'User.disabled'
array(
'name' => __('Org'),
'sort' => 'User.org_id',
'element' => 'org',
'data_path' => 'Organisation'
),
array(
'name' => __('Role'),
'sort' => 'User.role_id',
'class' => 'short',
'element' => 'role',
'data_path' => 'Role'
),
array(
'name' => __('Email'),
'sort' => 'User.email',
'data_path' => 'User.email'
),
array(
'name' => __('Authkey'),
'sort' => 'User.authkey',
'class' => 'bold quickSelect',
'data_path' => 'User.authkey',
'privacy' => 1,
'requirement' => empty(Configure::read('Security.advanced_authkeys'))
),
array(
'name' => __('Event alert'),
'element' => 'boolean',
'sort' => 'User.autoalert',
'class' => 'short',
'data_path' => 'User.autoalert'
),
array(
'name' => __('Contact alert'),
'element' => 'boolean',
'sort' => 'User.contactalert',
'class' => 'short',
'data_path' => 'User.contactalert'
),
array(
'name' => __('PGP Key'),
'element' => 'boolean',
'sort' => 'User.gpgkey',
'class' => 'short',
'data_path' => 'User.gpgkey'
),
array(
'name' => __('S/MIME'),
'element' => 'boolean',
'sort' => 'User.certif_public',
'class' => 'short',
'data_path' => 'User.certif_public',
'requirement' => Configure::read('SMIME.enabled')
),
array(
'name' => __('NIDS SID'),
'sort' => 'User.nids_sid',
'class' => 'short',
'data_path' => 'User.nids_sid'
),
array(
'name' => __('Terms Accepted'),
'element' => 'boolean',
'sort' => 'User.termsaccepted',
'class' => 'short',
'data_path' => 'User.termsaccepted'
),
array(
'name' => __('Last Login'),
'sort' => 'User.current_login',
'element' => 'datetime',
'empty' => __('Never'),
'class' => 'short',
'data_path' => 'User.current_login'
),
array(
'name' => __('Created'),
'sort' => 'User.date_created',
'element' => 'datetime',
'class' => 'short',
'data_path' => 'User.date_created'
),
array(
'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')),
'sort' => 'User.external_auth_required',
'element' => 'boolean',
'class' => 'short',
'data_path' => 'User.external_auth_required',
'requirement' => (Configure::read('Plugin.CustomAuth_enable') && empty(Configure::read('Plugin.CustomAuth_required')))
),
array(
'name' => __('Monitored'),
'element' => 'toggle',
'url' => $baseurl . '/admin/users/monitor',
'url_params_data_paths' => array(
'User.id'
),
'sort' => 'User.disabled',
'class' => 'short',
'data_path' => 'User.monitored',
'requirement' => $isSiteAdmin && Configure::read('Security.user_monitoring_enabled')
),
array(
'name' => __('Disabled'),
'element' => 'boolean',
'sort' => 'User.disabled',
'class' => 'short',
'data_path' => 'User.disabled'
)
)
),
'title' => __('Users index'),

18
app/View/Users/admin_mass_toggle_field.ctp Normal file
View File

@ -0,0 +1,18 @@
<?php
echo $this->element('genericElements/Form/genericForm', [
'form' => $this->Form,
'data' => [
'title' => __('Mass toggle fields'),
'model' => 'User',
'skip_side_menu' => 1,
'fields' => [
[
'field' => 'user_ids',
'required' => 1
],
],
'submit' => [
'action' => $this->request->params['action']
]
]
]);

17
app/webroot/js/misp.js
View File

@ -914,6 +914,23 @@ function multiSelectToggleFeeds(on, cache) {
}).fail(xhrFailCallback);
}
function multiSelectToggleField(scope, action, fieldName, enabled) {
var selected = [];
$(".select").each(function() {
if ($(this).is(":checked")) {
var temp = $(this).data("id");
if (temp != null) {
selected.push(temp);
}
}
});
$.get(baseurl + "/" + scope + "/" + action + "/" + fieldName + "/" + enabled, function(data) {
$('body').append($('<div id="temp"/>').html(data));
$('#temp form #UserUserIds').val(JSON.stringify(selected));
$('#temp form')[0].submit();
}).fail(xhrFailCallback);
}
function multiSelectDeleteEventBlocklist(on, cache) {
var selected = [];
$(".select").each(function() {